[mapserver-commits] r8880 - trunk/mapserver

svn at osgeo.org svn at osgeo.org
Sat Apr 4 15:56:00 EDT 2009 

Author: warmerdam
Date: 2009-04-04 15:55:59 -0400 (Sat, 04 Apr 2009)
New Revision: 8880

Modified:
   trunk/mapserver/HISTORY.TXT
   trunk/mapserver/maprasterquery.c
   trunk/mapserver/mapwcs.c
Log:
do not alter filename if path prefixing does not point to real file (#2901)

Modified: trunk/mapserver/HISTORY.TXT
===================================================================
--- trunk/mapserver/HISTORY.TXT	2009-04-03 22:23:41 UTC (rev 8879)
+++ trunk/mapserver/HISTORY.TXT	2009-04-04 19:55:59 UTC (rev 8880)
@@ -12,6 +12,9 @@
 Current Version (SVN trunk):
 ----------------------------
 
+- Fix filename path processing for raster queries and WCS get coverage so 
+  that non-filesystem filenames are not altered (#2901) 
+
 - Improved security relative to untrusted directories and mapfiles (RFC 56)
 
 - Fixed several security issues found in an audit of the CGI application (#2939, #2941, #2942, #2943, #2944)

Modified: trunk/mapserver/maprasterquery.c
===================================================================
--- trunk/mapserver/maprasterquery.c	2009-04-03 22:23:41 UTC (rev 8879)
+++ trunk/mapserver/maprasterquery.c	2009-04-04 19:55:59 UTC (rev 8880)
@@ -782,7 +782,7 @@
             msBuildPath(szPath, tiAbsDirPath, filename); 
             free(tiAbsDirPath);
         } else {
-            msBuildPath3(szPath, map->mappath, map->shapepath, filename);
+            msTryBuildPath3(szPath, map->mappath, map->shapepath, filename);
         }
 
         msAcquireLock( TLOCK_GDAL );
@@ -1328,7 +1328,7 @@
   if( map == NULL )
     return MS_FAILURE;
 
-  msBuildPath3(szPath, map->mappath, map->shapepath, layer->data);
+  msTryBuildPath3(szPath, map->mappath, map->shapepath, layer->data);
 
   msAcquireLock( TLOCK_GDAL );
   hDS = GDALOpen(szPath, GA_ReadOnly );

Modified: trunk/mapserver/mapwcs.c
===================================================================
--- trunk/mapserver/mapwcs.c	2009-04-03 22:23:41 UTC (rev 8879)
+++ trunk/mapserver/mapwcs.c	2009-04-04 19:55:59 UTC (rev 8880)
@@ -2042,7 +2042,7 @@
     msGDALInitialize();
 
     msAcquireLock( TLOCK_GDAL );
-    hDS = GDALOpen(msBuildPath3(szPath,  layer->map->mappath, layer->map->shapepath, layer->data) , GA_ReadOnly );
+    hDS = GDALOpen(msTryBuildPath3(szPath,  layer->map->mappath, layer->map->shapepath, layer->data) , GA_ReadOnly );
     if( hDS == NULL ) {
       msReleaseLock( TLOCK_GDAL );
       msSetError( MS_IOERR, "%s", "msWCSGetCoverageMetadata()", CPLGetLastErrorMsg() );

More information about the mapserver-commits mailing list