[mapserver-commits] [MapServer/MapServer] 66d3a1: mapserver.h: check _WIN32 instead of WIN32
Even Rouault
noreply at github.com
Thu Oct 7 05:41:07 PDT 2021
Branch: refs/heads/main
Home: https://github.com/MapServer/MapServer
Commit: 66d3a17659d2fd79c37c772bb9bdb11f6203eb96
https://github.com/MapServer/MapServer/commit/66d3a17659d2fd79c37c772bb9bdb11f6203eb96
Author: Max Kellermann <max.kellermann at gmail.com>
Date: 2021-10-05 (Tue, 05 Oct 2021)
Changed paths:
M mapregex.h
M mapscript/mapscript.i
M mapserv.c
M mapserver.h
M mapwms.cpp
Log Message:
-----------
mapserver.h: check _WIN32 instead of WIN32
The canonical macro is _WIN32. WIN32 usually exists as well, but is a
non-standard macro.
See https://docs.microsoft.com/en-us/cpp/preprocessor/predefined-macros?view=msvc-160
Commit: 4173810df136023a148f09271593edab13e4444d
https://github.com/MapServer/MapServer/commit/4173810df136023a148f09271593edab13e4444d
Author: Max Kellermann <max.kellermann at gmail.com>
Date: 2021-10-05 (Tue, 05 Oct 2021)
Changed paths:
M mapogcfilter.cpp
M mapogcfiltercommon.cpp
M textlayout.c
Log Message:
-----------
textlayout: declare variables when they are used
Fixes various -Wunused warnings.
Commit: aad9a04bb5d0f86b1c3a4204d486d07a5a3dd4a2
https://github.com/MapServer/MapServer/commit/aad9a04bb5d0f86b1c3a4204d486d07a5a3dd4a2
Author: Max Kellermann <max.kellermann at gmail.com>
Date: 2021-10-05 (Tue, 05 Oct 2021)
Changed paths:
M mapdraw.c
M maplabel.c
M mappostgis.cpp
M mapprimitive.c
M mapproject.c
M mapsmoothing.c
M maptemplate.c
Log Message:
-----------
mapdraw, ...: simplify pointObj initializers
With some compile-time options, pointObj has less than 4 fields, so
this patch also fixes the build with those options.
Commit: e110cf48e84d55c185d53a59bd7c83e70873ada7
https://github.com/MapServer/MapServer/commit/e110cf48e84d55c185d53a59bd7c83e70873ada7
Author: Max Kellermann <max.kellermann at gmail.com>
Date: 2021-10-05 (Tue, 05 Oct 2021)
Changed paths:
M mapmetadata.c
Log Message:
-----------
mapmetadata: disable if compile-time features are missing
Fixes build breakage.
Commit: 930cdf0ee3fb9ea4c3ca28a551d8f2388a1040de
https://github.com/MapServer/MapServer/commit/930cdf0ee3fb9ea4c3ca28a551d8f2388a1040de
Author: Max Kellermann <max.kellermann at gmail.com>
Date: 2021-10-05 (Tue, 05 Oct 2021)
Changed paths:
M mapshape.c
Log Message:
-----------
mapshape: fix buffer overflow in msSHPReadShape()
The data in panParts is never checked. There are checks for
"numpoints<=0" and "numpoints>nPoints" (the latter added by commit
fcf13d849cb), but that is not enough.
It is still possible to overflow the "pabyRec" buffer by repeatedly
reading "nPoints". The code allows each single iteration to read
"nPoints".
Vulnerability found with libFuzzer.
Commit: 0faf217055639d318bb614ce39ae95ac55120fc5
https://github.com/MapServer/MapServer/commit/0faf217055639d318bb614ce39ae95ac55120fc5
Author: Max Kellermann <max.kellermann at gmail.com>
Date: 2021-10-05 (Tue, 05 Oct 2021)
Changed paths:
M mapshape.c
Log Message:
-----------
mapshape: fix double free bug after error in msSHPReadShape()
After freeing the "line" field, we need to clear it, or else it will
be freed again in msFreeShape().
In two code paths, the "numlines" field was not cleared, which could
lead to a use-after-free bug in msFreeShape(), which in turn could
either crash or lead to another double-free bug in msFreeShape().
Vulnerability found with libFuzzer.
Commit: 67fb0e85d614df4ebad510cda6fd27d9d7ac9675
https://github.com/MapServer/MapServer/commit/67fb0e85d614df4ebad510cda6fd27d9d7ac9675
Author: Max Kellermann <max.kellermann at gmail.com>
Date: 2021-10-05 (Tue, 05 Oct 2021)
Changed paths:
M mapshape.c
Log Message:
-----------
mapshape: check msSHPReadBounds() return value, fix endless loop
With a crafted shapefile, it was possible to put
msShapefileWhichShapes() into an extremely long loop, calling
msSHPReadBounds() over and over, even if all of those calls fail.
This patch adds error checking, and if an error occurs,
msShapefileWhichShapes() gives up, because after an I/O error, there
is no reasonable chance that anything will ever work properly.
Vulnerability found by libFuzzer.
Commit: 556a7283fc3be342d2268cab30f295dae78ae308
https://github.com/MapServer/MapServer/commit/556a7283fc3be342d2268cab30f295dae78ae308
Author: Max Kellermann <max.kellermann at gmail.com>
Date: 2021-10-05 (Tue, 05 Oct 2021)
Changed paths:
M mapshape.c
Log Message:
-----------
mapshape: check for negative sizes in msSHPReadAllocateBuffer()
Yet another buffer overflow found by libFuzzer.
Commit: af4b696067666849eb735896dd91d6fa1a273f03
https://github.com/MapServer/MapServer/commit/af4b696067666849eb735896dd91d6fa1a273f03
Author: Even Rouault <even.rouault at spatialys.com>
Date: 2021-10-07 (Thu, 07 Oct 2021)
Changed paths:
M mapdraw.c
M maplabel.c
M mapmetadata.c
M mapogcfilter.cpp
M mapogcfiltercommon.cpp
M mappostgis.cpp
M mapprimitive.c
M mapproject.c
M mapregex.h
M mapscript/mapscript.i
M mapserv.c
M mapserver.h
M mapshape.c
M mapsmoothing.c
M maptemplate.c
M mapwms.cpp
M textlayout.c
Log Message:
-----------
Merge pull request #6419 from MaxKellermann/fuzzer2_main
Fix various security vulnerabilites found by libFuzzer, part 2b
Compare: https://github.com/MapServer/MapServer/compare/fb79b1503367...af4b69606766
More information about the mapserver-commits
mailing list