[mapguide-commits] r6173 - trunk/MgDev/Common/CoordinateSystem

Fri Oct 14 04:59:16 EDT 2011

Author: baertelchen
Date: 2011-10-14 01:59:15 -0700 (Fri, 14 Oct 2011)
New Revision: 6173

Modified:
   trunk/MgDev/Common/CoordinateSystem/CoordSysGeodeticTransformDef.cpp
Log:
Fix ticket 1828 (http://trac.osgeo.org/mapguide/ticket/1828).

Calling CCoordinateSystemGeodeticTransformDef::SerializeFrom() did result in a heap corruption in case the de-serialized CSMAP struct was found to be invalid. In that case, the code free'd the [this->transformDefinition] pointer - what again was being tried to do in the Destructor later on. This resulted in a heap corruption.

Fixed the code so it does only free the temporarily allocated memory if an exception was thrown.
In case of success, the method does only free the previously [this->transformDefinition] pointer and keep the newly allocated block.

Modified: trunk/MgDev/Common/CoordinateSystem/CoordSysGeodeticTransformDef.cpp
===================================================================

--- trunk/MgDev/Common/CoordinateSystem/CoordSysGeodeticTransformDef.cpp	2011-10-13 09:37:48 UTC (rev 6172)
+++ trunk/MgDev/Common/CoordinateSystem/CoordSysGeodeticTransformDef.cpp	2011-10-14 08:59:15 UTC (rev 6173)
@@ -388,6 +388,8 @@
     INT32 previousType = this->transformationDefType;
     cs_GeodeticTransform_* previousTransformPtr = this->transformDefinition;
 
+    cs_GeodeticTransform_* allocatedBlock = NULL;
+
     MG_TRY()
 
     UINT8 nVersion=pStreamIn[0];
@@ -397,13 +399,12 @@
         pStreamIn++;
 
         //Read the def from the stream
-        this->transformDefinition = (cs_GeodeticTransform_*)CS_malc(sizeof(cs_GeodeticTransform_));
-        if (transformDefinition == NULL)
-        {
-            this->transformDefinition = previousTransformPtr;
-            previousTransformPtr = 0;
+        allocatedBlock = (cs_GeodeticTransform_*)CS_malc(sizeof(cs_GeodeticTransform_));
+        if (NULL == allocatedBlock)
             throw new MgOutOfMemoryException (L"MgCoordinateSystemGeodeticTransformDef.SerializeFrom", __LINE__, __WFILE__, NULL, L"", NULL);
-        }
+
+        this->transformDefinition = allocatedBlock;
+
         pBuf = reinterpret_cast<char *>(this->transformDefinition);
         memcpy(pBuf, pStreamIn, sizeof(cs_GeodeticTransform_));
         pStreamIn = pStreamIn + sizeof(cs_GeodeticTransform_);
@@ -422,9 +423,6 @@
             // Nope!  It's not valid, but not valid in such a way that would cause
             // an exception to be thrown.  transformationDefinition cannot be
             // NULL at this point.
-            CS_free (this->transformDefinition);
-            this->transformationDefType = previousType;
-            this->transformDefinition = previousTransformPtr;
             throw new MgInvalidArgumentException(L"MgCoordinateSystemGeodeticTransformDef.SerializeFrom", __LINE__, __WFILE__, NULL, L"", NULL);
         }
     }
@@ -432,12 +430,11 @@
     MG_CATCH (L"MgCoordinateSystemGeodeticTransformDef.SerializeFrom")
     if (mgException != NULL)
     {
-        // Here if an exception was thrown.
-        // transformationDefinition can indeed be NULL here.
-        if (this->transformDefinition != NULL)
-        {
-            CS_free (this->transformDefinition);
-        }
+        //in case an exception was thrown, we simply free the allocated block
+        //and reset what we had before; no matter whether this had been valid or not
+        CS_free (allocatedBlock);
+        allocatedBlock = NULL;
+
         this->transformationDefType = previousType;
         this->transformDefinition = previousTransformPtr;
     }

