[fdo-trac] #564: SHP provider crashed when reallocing memory in
ReadRawDataBlock.
FDO
trac_fdo at osgeo.org
Sat Oct 10 01:23:38 EDT 2009
#564: SHP provider crashed when reallocing memory in ReadRawDataBlock.
----------------------+-----------------------------------------------------
Reporter: StevenXu | Owner: StevenXu
Type: defect | Status: assigned
Priority: major | Milestone: 3.5.0
Component: FDO API | Version: 3.4.0
Severity: 2 | Resolution:
Keywords: | External_id: 1242062
----------------------+-----------------------------------------------------
Comment (by StevenXu):
It is obviously that SHP provider got the wrong size of memory in runtime.
Why it would happen?
In some cases, the user's SHP files violated the SHP file specification so
that
our SHP provider can't understand them and read an incredible size of the
data
block from them.
Another possible reason, there is a defect in the function
{{{
ShpFileSet::MakeSpace
}}}
which could corrupt SHP file in some extreme cases. As a result, this
corrupted SHP file leads to this crash.
The attachment "Ticket_564.patch" is the fix against:
http://svn.osgeo.org/fdo/trunk/Providers/SHP/Src/Provider/ShpFileSet.cpp
It includes two fixes.
1. While reading the shape from the file, if SHP provider run into some
unknown
exceptions, eat these exceptions and return a Null Shape.
2. Correct the problem in function
{{{
ShpFileSet::MakeSpace
}}}
which would miss the last chunk in some extreme cases.
{{{
\Providers\SHP\Src\Provider\ShpFileSet.cpp
}}}
{{{
ShpFileSet::MakeSpace
{
......
Line 655: while (shp->ReadFile (buffer + plus, size, &read) && (size ==
read))
Line 665: if (0 != read)
......
}
}}}
The if statement isn't right and which would result in the last "excess"
bytes
of the file were missing , when the "while" statement success in reading
the all
bytes of the file once.
--
Ticket URL: <http://trac.osgeo.org/fdo/ticket/564#comment:2>
FDO <http://fdo.osgeo.org/>
Feature Data Objects
More information about the fdo-trac
mailing list