[postgis-tickets] r16869 - Fix undefined behaviour in ptarray_clone_deep
Raul
raul at rmr.ninja
Tue Oct 2 04:40:51 PDT 2018
Author: algunenano
Date: 2018-10-02 04:40:51 -0700 (Tue, 02 Oct 2018)
New Revision: 16869
Modified:
branches/2.4/NEWS
branches/2.4/liblwgeom/ptarray.c
Log:
Fix undefined behaviour in ptarray_clone_deep
References #4191
Modified: branches/2.4/NEWS
===================================================================
--- branches/2.4/NEWS 2018-10-02 11:40:07 UTC (rev 16868)
+++ branches/2.4/NEWS 2018-10-02 11:40:51 UTC (rev 16869)
@@ -6,6 +6,7 @@
- #4181, St_AsMVTGeom: Avoid type changes due to validation (Raúl Marín)
- #4183, St_AsMVTGeom: Drop invalid geometries after simplification (Raúl Marín)
- #4189, Fix undefined behaviour in SADFWrite (Raúl Marín)
+ - #4191, Fix undefined behaviour in ptarray_clone_deep (Raúl Marín)
PostGIS 2.4.5
Modified: branches/2.4/liblwgeom/ptarray.c
===================================================================
--- branches/2.4/liblwgeom/ptarray.c 2018-10-02 11:40:07 UTC (rev 16868)
+++ branches/2.4/liblwgeom/ptarray.c 2018-10-02 11:40:51 UTC (rev 16869)
@@ -630,7 +630,6 @@
ptarray_clone_deep(const POINTARRAY *in)
{
POINTARRAY *out = lwalloc(sizeof(POINTARRAY));
- size_t size;
LWDEBUG(3, "ptarray_clone_deep called.");
@@ -640,9 +639,17 @@
FLAGS_SET_READONLY(out->flags, 0);
- size = in->npoints * ptarray_point_size(in);
- out->serialized_pointlist = lwalloc(size);
- memcpy(out->serialized_pointlist, in->serialized_pointlist, size);
+ if (!in->npoints)
+ {
+ // Avoid calling lwalloc of 0 bytes
+ out->serialized_pointlist = NULL;
+ }
+ else
+ {
+ size_t size = in->npoints * ptarray_point_size(in);
+ out->serialized_pointlist = lwalloc(size);
+ memcpy(out->serialized_pointlist, in->serialized_pointlist, size);
+ }
return out;
}
More information about the postgis-tickets
mailing list