[postgis-devel] Issue 119 in postgis: ST_AsSVG crashed DB backend with large geometries.

codesite-noreply at google.com codesite-noreply at google.com
Sat Mar 21 07:30:57 PDT 2009 

Comment #17 on issue 119 by mark.cav... at siriusit.co.uk: ST_AsSVG crashed DB  
backend with large geometries.
http://code.google.com/p/postgis/issues/detail?id=119

Regina very kindly allowed me access to her machine to obtain a backtrace,  
included
below:

Program received signal SIGABRT, Aborted.
0xffffe430 in __kernel_vsyscall ()
(gdb) bt
#0  0xffffe430 in __kernel_vsyscall ()
#1  0xb7aa0900 in raise () from /lib/libc.so.6
#2  0xb7aa2238 in abort () from /lib/libc.so.6
#3  0xb7adc10d in ?? () from /lib/libc.so.6
#4  0xb7b594c8 in __fortify_fail () from /lib/libc.so.6
#5  0xb7b57500 in __chk_fail () from /lib/libc.so.6
#6  0xb7b56b88 in ?? () from /lib/libc.so.6
#7  0xb7ae0f23 in __overflow () from /lib/libc.so.6
#8  0xb7aba3f6 in __printf_fp () from /lib/libc.so.6
#9  0xb7ab42bc in vfprintf () from /lib/libc.so.6
#10 0xb7b56c37 in __vsprintf_chk () from /lib/libc.so.6
#11 0xb7b56b7d in __sprintf_chk () from /lib/libc.so.6
#12 0xb5300da0 in pointArray_svg_abs (pa=0x84ccab0,
     output=0x84ccaca "50 -60 L 48.847116824193833 -48.294580679032315
45.432771950677221 -37.038994058094637 39.888176738152737  
-26.665786018823894
32.426406871192889 -17.573593128807186 23.334213981176184  
-10.111823261847"...,
close_ring=0 '\0', precision=15)
     at /usr/include/bits/stdio2.h:34
#13 0xb5300f69 in assvg_polygon_buf (poly=0x84cca60,
     output=0x84ccac8 "M 50 -60 L 48.847116824193833 -48.294580679032315
45.432771950677221 -37.038994058094637 39.888176738152737  
-26.665786018823894
32.426406871192889 -17.573593128807186 23.334213981176184  
-10.1118232618"...,
relative=0 '\0', precision=15)
     at lwgeom_svg.c:253
#14 0xb5301673 in geometry_to_svg (geom=0x84cc65c "�", relative=<value  
optimized
out>, precision=15) at lwgeom_svg.c:269
#15 0xb5301a48 in assvg_geometry (fcinfo=0xbf8c8414) at lwgeom_svg.c:74
#16 0x081760b7 in ?? ()
#17 0x08175cc5 in ExecProject ()
#18 0x081869ff in ExecNestLoop ()
#19 0x081750f0 in ExecProcNode ()
#20 0x081888b0 in ExecLimit ()
#21 0x08174fd0 in ExecProcNode ()
#22 0x0817335b in ExecutorRun ()
#23 0x08213253 in ?? ()
#24 0x08214619 in PortalRun ()
#25 0x0820f4df in ?? ()
#26 0x08210ccf in PostgresMain ()
#27 0x081e371d in ?? ()
#28 0x081e473f in PostmasterMain ()
#29 0x081992a6 in main ()


So it looks as if it's being triggered by the FORTIFY_SOURCE option which is
explained here:
http://fedoraproject.org/wiki/Security/Features#Compile_Time_Buffer_Checks_.28FORTIFY_SOURCE.29.

Interestingly enough, if I re-build PostGIS with -O0 rather than -O2 then  
the problem
goes away.

So I'm wondering if the way in which the output buffer pointers are being  
used in
pointArray_svg_abs is confusing the object size checking? Then again, it  
could be a
genuine bug. Olivier, can you check the buffer size calculation for  
polygons again?


ATB,

Mark.


--
You received this message because you are listed in the owner
or CC fields of this issue, or because you starred this issue.
You may adjust your issue notification preferences at:
http://code.google.com/hosting/settings

More information about the postgis-devel mailing list