[postgis-tickets] r16868 - Fix undefined behaviour in ptarray_clone_deep
Raul
raul at rmr.ninja
Tue Oct 2 04:40:08 PDT 2018
Author: algunenano
Date: 2018-10-02 04:40:07 -0700 (Tue, 02 Oct 2018)
New Revision: 16868
Modified:
branches/2.3/NEWS
branches/2.3/liblwgeom/ptarray.c
Log:
Fix undefined behaviour in ptarray_clone_deep
References #4191
Modified: branches/2.3/NEWS
===================================================================
--- branches/2.3/NEWS 2018-10-02 11:39:19 UTC (rev 16867)
+++ branches/2.3/NEWS 2018-10-02 11:40:07 UTC (rev 16868)
@@ -9,6 +9,7 @@
- #4093, Inconsistent results from qsort callback (yugr)
- #4160, Use qualified names in topology extension install (Raúl Marín)
- #4189, Fix undefined behaviour in SADFWrite (Raúl Marín)
+ - #4191, Fix undefined behaviour in ptarray_clone_deep (Raúl Marín)
PostGIS 2.3.7
Modified: branches/2.3/liblwgeom/ptarray.c
===================================================================
--- branches/2.3/liblwgeom/ptarray.c 2018-10-02 11:39:19 UTC (rev 16867)
+++ branches/2.3/liblwgeom/ptarray.c 2018-10-02 11:40:07 UTC (rev 16868)
@@ -634,7 +634,6 @@
ptarray_clone_deep(const POINTARRAY *in)
{
POINTARRAY *out = lwalloc(sizeof(POINTARRAY));
- size_t size;
LWDEBUG(3, "ptarray_clone_deep called.");
@@ -644,9 +643,17 @@
FLAGS_SET_READONLY(out->flags, 0);
- size = in->npoints * ptarray_point_size(in);
- out->serialized_pointlist = lwalloc(size);
- memcpy(out->serialized_pointlist, in->serialized_pointlist, size);
+ if (!in->npoints)
+ {
+ // Avoid calling lwalloc of 0 bytes
+ out->serialized_pointlist = NULL;
+ }
+ else
+ {
+ size_t size = in->npoints * ptarray_point_size(in);
+ out->serialized_pointlist = lwalloc(size);
+ memcpy(out->serialized_pointlist, in->serialized_pointlist, size);
+ }
return out;
}
More information about the postgis-tickets
mailing list