[postgis-tickets] r16863 - Fix undefined behaviour in SADFWrite

Tue Oct 2 02:38:48 PDT 2018

Author: algunenano
Date: 2018-10-02 02:38:48 -0700 (Tue, 02 Oct 2018)
New Revision: 16863

Modified:
   trunk/NEWS
   trunk/liblwgeom/lwutil.c
   trunk/loader/pgsql2shp-core.c
   trunk/loader/safileio.c
Log:
Fix undefined behaviour in SADFWrite

Also addresses several GCC warnings.

Closes #4189
Closes https://github.com/postgis/postgis/pull/310


Modified: trunk/NEWS
===================================================================

--- trunk/NEWS	2018-10-02 09:37:05 UTC (rev 16862)
+++ trunk/NEWS	2018-10-02 09:38:48 UTC (rev 16863)
@@ -21,6 +21,7 @@
   - #4181, St_AsMVTGeom: Avoid type changes due to validation (Raúl Marín)
   - #4183, St_AsMVTGeom: Drop invalid geometries after simplification (Raúl Marín)
   - #4188, Avoid division by zero in kmeans (Raúl Marín)
+  - #4189, Fix undefined behaviour in SADFWrite (Raúl Marín)
 
 PostGIS 2.5.0
 2018/09/23

Modified: trunk/liblwgeom/lwutil.c
===================================================================
--- trunk/liblwgeom/lwutil.c	2018-10-02 09:37:05 UTC (rev 16862)
+++ trunk/liblwgeom/lwutil.c	2018-10-02 09:38:48 UTC (rev 16863)
@@ -280,13 +280,13 @@
 			{
 				/* Add "..." prefix */
 				outstart = str + endpos + 1 - maxlength + 3;
-				strncat(output, "...", 3);
+				strncat(output, "...", 4);
 				strncat(output, outstart, maxlength - 3);
 			}
 			else
 			{
 				/* maxlength is too small; just output "..." */
-				strncat(output, "...", 3);
+				strncat(output, "...", 4);
 			}
 		}
 	}
@@ -307,12 +307,12 @@
 				/* Add "..." suffix */
 				outstart = str + startpos;
 				strncat(output, outstart, maxlength - 3);
-				strncat(output, "...", 3);
+				strncat(output, "...", 4);
 			}
 			else
 			{
 				/* maxlength is too small; just output "..." */
-				strncat(output, "...", 3);
+				strncat(output, "...", 4);
 			}
 		}
 	}

Modified: trunk/loader/pgsql2shp-core.c
===================================================================
--- trunk/loader/pgsql2shp-core.c	2018-10-02 09:37:05 UTC (rev 16862)
+++ trunk/loader/pgsql2shp-core.c	2018-10-02 09:38:48 UTC (rev 16863)
@@ -1549,7 +1549,7 @@
 		{
 			if (!strncasecmp(dbffieldname, state->dbffieldnames[j], 10))
 			{
-				sprintf(dbffieldname, "%.7s_%.2d", ptr, tmpint % 100);
+				sprintf(dbffieldname, "%.7s_%.2d", ptr, abs(tmpint) % 100);
 				tmpint++;
 				continue;
 			}

Modified: trunk/loader/safileio.c
===================================================================
--- trunk/loader/safileio.c	2018-10-02 09:37:05 UTC (rev 16862)
+++ trunk/loader/safileio.c	2018-10-02 09:38:48 UTC (rev 16863)
@@ -115,8 +115,9 @@
 SAOffset SADFWrite( void *p, SAOffset size, SAOffset nmemb, SAFile file )
 
 {
-    return (SAOffset) fwrite( p, (size_t) size, (size_t) nmemb,
-                              (FILE *) file );
+	if (!nmemb || !p) return 0;
+	return (SAOffset) fwrite( p, (size_t) size, (size_t) nmemb,
+				(FILE *) file );
 }
 
 /************************************************************************/

