[postgis-tickets] [PostGIS] #3786: OSS FUZZ fixes

PostGIS trac at osgeo.org
Sun Jul 16 22:40:00 PDT 2017 

#3786: OSS FUZZ fixes
----------------------+---------------------------
  Reporter:  robe     |      Owner:  robe
      Type:  defect   |     Status:  new
  Priority:  medium   |  Milestone:  PostGIS 2.2.6
 Component:  postgis  |    Version:  trunk
Resolution:           |   Keywords:
----------------------+---------------------------
Description changed by robe:

Old description:

> I've started an attempt to resolve OSS FUZZ complaints.
>
> Pull request here, for your input.
>
> https://git.osgeo.org/gogs/postgis/postgis/pulls/15
>

> strk doesn't think my change should have made a difference but I tested
> two times.  without the change segmentation fault with change no
> segmentation fault.
>
> My assumption is because the *_cp functions do more checking and internal
> does pretty much none.
>

> In hind-sight I probably could have achieved the same affect by swapping
> out calls to getPoint2d_internal with getPoint2d_cp without having to
> resort to declaring POINT2D variables.
>
> I still need to get the extra CPP flags enabled to confirm I got all the
> issues in this bug ticket.
>
> https://oss-fuzz.com/v2/testcase-detail/4733660446064640?noredirect=1
>
> Since it complained about others

New description:

 I've started an attempt to resolve OSS FUZZ complaints.

 Pull request here, for your input.

 https://git.osgeo.org/gogs/postgis/postgis/pulls/15


 strk doesn't think my change should have made a difference but I tested
 two times.  without the change segmentation fault with change no
 segmentation fault.

 My assumption is because the *_cp functions do more checking and internal
 does pretty much none.


 In hind-sight I probably could have achieved the same affect by swapping
 out calls to getPoint2d_internal with getPoint2d_cp without having to
 resort to declaring POINT2D variables.

 I still need to get the extra CPP flags enabled to confirm I got all the
 issues in this bug ticket.

 https://oss-fuzz.com/v2/testcase-detail/4733660446064640?noredirect=1

 Since it complained about others

 note based on strk's urging, I switched back to using the earlier
 functions, but doing a pointer and npoints check.

--

--
Ticket URL: <https://trac.osgeo.org/postgis/ticket/3786#comment:7>
PostGIS <http://trac.osgeo.org/postgis/>
The PostGIS Trac is used for bug, enhancement & task tracking, a user and developer wiki, and a view into the subversion code repository of PostGIS project.

More information about the postgis-tickets mailing list