[mapserver-commits] r8854 - branches/branch-5-4/mapserver
svn at osgeo.org
svn at osgeo.org
Tue Mar 31 23:13:28 EDT 2009
Author: sdlime
Date: 2009-03-31 23:13:28 -0400 (Tue, 31 Mar 2009)
New Revision: 8854
Modified:
branches/branch-5-4/mapserver/mapfile.c
branches/branch-5-4/mapserver/mapsymbol.c
Log:
Make sure map and symbol files are well-formed to minimize chance of leaking sensitive data. (#2941)
Modified: branches/branch-5-4/mapserver/mapfile.c
===================================================================
--- branches/branch-5-4/mapserver/mapfile.c 2009-04-01 03:03:55 UTC (rev 8853)
+++ branches/branch-5-4/mapserver/mapfile.c 2009-04-01 03:13:28 UTC (rev 8854)
@@ -4708,11 +4708,20 @@
static int loadMapInternal(mapObj *map)
{
int i,j,k;
+ int foundMapToken=MS_FALSE;
+ int token;
for(;;) {
- switch(msyylex()) {
+ token = msyylex();
+ if(!foundMapToken && token != MAP) {
+ msSetError(MS_IDENTERR, "First token must be MAP, this doesn't look like a mapfile.", "msLoadMap()");
+ return(MS_FAILURE);
+ }
+
+ switch(token) {
+
case(CONFIG):
{
char *key=NULL, *value=NULL;
@@ -4838,6 +4847,7 @@
if(loadLegend(&(map->legend), map) == -1) return MS_FAILURE;
break;
case(MAP):
+ foundMapToken = MS_TRUE;
break;
case(MAXSIZE):
if(getInteger(&(map->maxsize)) == -1) return MS_FAILURE;
@@ -4895,8 +4905,7 @@
if(loadWeb(&(map->web), map) == -1) return MS_FAILURE;
break;
default:
- msSetError(MS_IDENTERR, "Parsing error near (%s):(line %d)", "msLoadMap()",
- msyytext, msyylineno);
+ msSetError(MS_IDENTERR, "Parsing error near (%s):(line %d)", "msLoadMap()", msyytext, msyylineno);
return MS_FAILURE;
}
} /* next token */
Modified: branches/branch-5-4/mapserver/mapsymbol.c
===================================================================
--- branches/branch-5-4/mapserver/mapsymbol.c 2009-04-01 03:03:55 UTC (rev 8853)
+++ branches/branch-5-4/mapserver/mapsymbol.c 2009-04-01 03:13:28 UTC (rev 8854)
@@ -631,11 +631,12 @@
int loadSymbolSet(symbolSetObj *symbolset, mapObj *map)
{
-/* char old_path[MS_PATH_LENGTH]; */
-/* char *symbol_path; */
int status=1;
char szPath[MS_MAXPATHLEN], *pszSymbolPath=NULL;
+ int foundSymbolSetToken=MS_FALSE;
+ int token;
+
if(!symbolset) {
msSetError(MS_SYMERR, "Symbol structure unallocated.", "loadSymbolSet()");
return(-1);
@@ -662,7 +663,14 @@
** Read the symbol file
*/
for(;;) {
- switch(msyylex()) {
+ token = msyylex();
+
+ if(!foundSymbolSetToken && token != SYMBOLSET) {
+ msSetError(MS_IDENTERR, "First token must be SYMBOLSET, this doesn't look like a symbol file.", "msLoadSymbolSet()");
+ return(-1);
+ }
+
+ switch(token) {
case(END):
case(EOF):
status = 0;
@@ -678,6 +686,7 @@
symbolset->numsymbols++;
break;
case(SYMBOLSET):
+ foundSymbolSetToken = MS_TRUE;
break;
default:
msSetError(MS_IDENTERR, "Parsing error near (%s):(line %d)", "loadSymbolSet()", msyytext, msyylineno);
More information about the mapserver-commits
mailing list