[postgis-tickets] [PostGIS] #5481: postgis_full_version() crashes backend due to invalid free from PROJ 6.3.1

Tue Aug 22 01:51:34 PDT 2023

#5481: postgis_full_version() crashes backend due to invalid free from PROJ 6.3.1
---------------------+---------------------------
 Reporter:  strk     |      Owner:  pramsey
     Type:  defect   |     Status:  new
 Priority:  high     |  Milestone:  PostGIS 3.4.1
Component:  postgis  |    Version:  3.4.x
 Keywords:           |
---------------------+---------------------------
 This query:
 {{{
 select postgis_full_version();
 }}}

 Returns:
 {{{
  POSTGIS="3.4.0 0874ea3" [EXTENSION] PGSQL="120" GEOS="3.10.1-CAPI-1.16.0"
 (compiled against GEOS 3.8.0) SFCGAL="1.3.7" PROJ="6.3.1" GDAL="GDAL
 3.0.4, released 2020/01/28 GDAL_DATA not found" LIBXML="2.9.10"
 LIBJSON="0.13.1" LIBPROTOBUF="1.3.3" WAGYU="0.5.0 (Internal)" TOPOLOGY
 RASTER
 }}}

 And after that crashes the backend, with logs containing:

 Before output:
 {{{
 ERROR 1: PROJ: proj_create_from_database: SQLite error on SELECT name,
 type, coordinate_system_auth_name, coordinate_system_code,
 datum_auth_name, datum_code, area_of_use_auth_name, area_of_use_code,
 text_definition, deprecated FROM geodetic_crs WHERE auth_name = ? AND code
 = ?: no such column: area_of_use_auth_name
 }}}

 After output:
 {{{
 free(): invalid pointer
 2023-08-22 10:49:08.188 CESTLOG:  server process (PID 2057895) was
 terminated by signal 6: Aborted
 }}}
-- 
Ticket URL: <https://trac.osgeo.org/postgis/ticket/5481>
PostGIS <http://trac.osgeo.org/postgis/>
The PostGIS Trac is used for bug, enhancement & task tracking, a user and developer wiki, and a view into the subversion code repository of PostGIS project.