[postgis-tickets] [PostGIS] #3895: oss fuzz WKB input bugs
PostGIS
trac at osgeo.org
Tue Oct 10 15:41:17 PDT 2017
#3895: oss fuzz WKB input bugs
----------------------+---------------------------
Reporter: pramsey | Owner: pramsey
Type: defect | Status: new
Priority: critical | Milestone: PostGIS 2.2.6
Component: postgis | Version: trunk
Keywords: |
----------------------+---------------------------
There is a collection of oss-fuzz issues that are associated with WKB
input and overly large point array sizes.
* https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2589
* https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2590
* https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2591
* https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2592
A large enough point count will confuse the wkb validity checker and allow
an out-of-bounds read in the WKB reader.
--
Ticket URL: <https://trac.osgeo.org/postgis/ticket/3895>
PostGIS <http://trac.osgeo.org/postgis/>
The PostGIS Trac is used for bug, enhancement & task tracking, a user and developer wiki, and a view into the subversion code repository of PostGIS project.
More information about the postgis-tickets
mailing list