[postgis-tickets] r16862 - Fix undefined behaviour in SADFWrite

[Raul]

Author: algunenano
Date: 2018-10-02 02:37:05 -0700 (Tue, 02 Oct 2018)
New Revision: 16862

Modified:
   branches/2.5/NEWS
   branches/2.5/liblwgeom/lwutil.c
   branches/2.5/loader/pgsql2shp-core.c
   branches/2.5/loader/safileio.c
Log:
Fix undefined behaviour in SADFWrite

Also addresses several gcc warnings
References #4189


Modified: branches/2.5/NEWS
===================================================================
--- branches/2.5/NEWS	2018-10-02 07:23:06 UTC (rev 16861)
+++ branches/2.5/NEWS	2018-10-02 09:37:05 UTC (rev 16862)
@@ -4,6 +4,7 @@
  * Bug fixes *
   - #4183, St_AsMVTGeom: Drop invalid geometries after simplification (Raúl Marín)
   - #4188, Avoid division by zero in kmeans (Raúl Marín)
+  - #4189, Fix undefined behaviour in SADFWrite (Raúl Marín)
 
 PostGIS 2.5.0
 2018/09/23

Modified: branches/2.5/liblwgeom/lwutil.c
===================================================================
--- branches/2.5/liblwgeom/lwutil.c	2018-10-02 07:23:06 UTC (rev 16861)
+++ branches/2.5/liblwgeom/lwutil.c	2018-10-02 09:37:05 UTC (rev 16862)
@@ -282,13 +282,13 @@
 			{
 				/* Add "..." prefix */
 				outstart = str + endpos + 1 - maxlength + 3;
-				strncat(output, "...", 3);
+				strncat(output, "...", 4);
 				strncat(output, outstart, maxlength - 3);
 			}
 			else
 			{
 				/* maxlength is too small; just output "..." */
-				strncat(output, "...", 3);
+				strncat(output, "...", 4);
 			}
 		}
 	}
@@ -309,12 +309,12 @@
 				/* Add "..." suffix */
 				outstart = str + startpos;
 				strncat(output, outstart, maxlength - 3);
-				strncat(output, "...", 3);
+				strncat(output, "...", 4);
 			}
 			else
 			{
 				/* maxlength is too small; just output "..." */
-				strncat(output, "...", 3);
+				strncat(output, "...", 4);
 			}
 		}
 	}

Modified: branches/2.5/loader/pgsql2shp-core.c
===================================================================
--- branches/2.5/loader/pgsql2shp-core.c	2018-10-02 07:23:06 UTC (rev 16861)
+++ branches/2.5/loader/pgsql2shp-core.c	2018-10-02 09:37:05 UTC (rev 16862)
@@ -1549,7 +1549,7 @@
 		{
 			if (!strncasecmp(dbffieldname, state->dbffieldnames[j], 10))
 			{
-				sprintf(dbffieldname, "%.7s_%.2d", ptr, tmpint % 100);
+				sprintf(dbffieldname, "%.7s_%.2d", ptr, abs(tmpint) % 100);
 				tmpint++;
 				continue;
 			}

Modified: branches/2.5/loader/safileio.c
===================================================================
--- branches/2.5/loader/safileio.c	2018-10-02 07:23:06 UTC (rev 16861)
+++ branches/2.5/loader/safileio.c	2018-10-02 09:37:05 UTC (rev 16862)
@@ -115,8 +115,9 @@
 SAOffset SADFWrite( void *p, SAOffset size, SAOffset nmemb, SAFile file )
 
 {
-    return (SAOffset) fwrite( p, (size_t) size, (size_t) nmemb,
-                              (FILE *) file );
+	if (!nmemb || !p) return 0;
+	return (SAOffset) fwrite( p, (size_t) size, (size_t) nmemb,
+				(FILE *) file );
 }
 
 /************************************************************************/