[postgis-tickets] [SCM] PostGIS branch master updated. 3.1.0alpha2-63-g82d31f3

git at osgeo.org git at osgeo.org
Mon Aug 31 20:57:05 PDT 2020 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "PostGIS".

The branch, master has been updated
       via  82d31f324dd8fa53446114684b465de43d5653fa (commit)
      from  3d049c8ef29297fb3473b5df4f24f7edb5fc34f9 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 82d31f324dd8fa53446114684b465de43d5653fa
Author: Paul Ramsey <pramsey at cleverelephant.ca>
Date:   Mon Aug 31 20:56:55 2020 -0700

    Throw error when fed WKB with malformed Oracle type numbers
    Update unit tests for malformed WKB to actually test the WKB
    Remove some small memory leaks in the case of malformed inputs
    Add news entry

diff --git a/NEWS b/NEWS
index 895a11a..e5cf409 100644
--- a/NEWS
+++ b/NEWS
@@ -33,6 +33,8 @@ Only tickets not included in 3.1.0alpha2
 
 * Bug fixes *
   - #4691, Fix segfault during gist index creation with empty geometries (Raúl Marín)
+  - Fix handling of bad WKB inputs (Oracle types) and unit tests for
+    malformed WKB. Remove memory leaks in malformed WKB cases. (Paul Ramsey)
 
 
 PostGIS 3.1.0alpha2
diff --git a/liblwgeom/cunit/cu_in_wkb.c b/liblwgeom/cunit/cu_in_wkb.c
index 4003925..56cb1f0 100644
--- a/liblwgeom/cunit/cu_in_wkb.c
+++ b/liblwgeom/cunit/cu_in_wkb.c
@@ -49,14 +49,14 @@ static int clean_wkb_in_suite(void)
 
 static void cu_wkb_malformed_in(char *hex)
 {
-	LWGEOM_PARSER_RESULT p;
-	int rv = 0;
-
-	rv = lwgeom_parse_wkt(&p, hex, 0);
-	CU_ASSERT( LW_FAILURE == rv );
-	CU_ASSERT( p.errcode );
-	CU_ASSERT( ! p.geom );
-	lwgeom_parser_result_free(&p);
+	LWGEOM *g = lwgeom_from_hexwkb(hex, LW_PARSER_CHECK_ALL);
+	if (g) {
+		char *outhex = lwgeom_to_hexwkb_buffer(g, 0);
+		printf("cu_wkb_malformed_in input: %s\n", hex);
+		printf("cu_wkb_malformed_in output: %s\n", outhex);
+		lwfree(outhex);
+	}
+	CU_ASSERT( g == NULL );
 }
 
 static void cu_wkb_in(char *wkt)
@@ -212,7 +212,6 @@ static void test_wkb_in_multisurface(void) {}
 
 static void test_wkb_in_malformed(void)
 {
-
 	/* OSSFUXX */
 	cu_wkb_malformed_in("0000000008200000002020202020202020");
 
@@ -224,6 +223,10 @@ static void test_wkb_in_malformed(void)
 
 	/* See http://trac.osgeo.org/postgis/ticket/168 */
 	cu_wkb_malformed_in("01060000C00100000001030000C00100000003000000E3D9107E234F5041A3DB66BC97A30F4122ACEF440DAF9440FFFFFFFFFFFFEFFFE3D9107E234F5041A3DB66BC97A30F4122ACEF440DAF9440FFFFFFFFFFFFEFFFE3D9107E234F5041A3DB66BC97A30F4122ACEF440DAF9440FFFFFFFFFFFFEFFF");
+
+	/* Oracle "WKB" */
+	cu_wkb_malformed_in("00000f424200000007000000020000000240b92ab16861e92940d6c3e0f5be5d9e40ba1a50623d0bfa40d6ef6f2b020c4a000f42410000000340ba1a50623d0bfa40d6ef6f2b020c4a40ba1ebb14cce52440d6f048fed27bec40ba22f374aba38740d6f1323d6c7219000000020000000240ba22f374aba38740d6f1323d6c721940ba5725e34330d740d6fd1dc28f5c29000f42410000002740ba5725e34330d740d6fd1dc28f5c2940ba5b26dbc90e1940d6fe04a63c03cf40ba5f1ced80a17b40d6feee8726d04e40ba64fab16b244a40d700545391e30840ba6aba5e24788540d701c1db1e9f2740ba705be892932540d703384e2d19da40ba75d91676640a40d704b74bc6a7f040ba7b3120b0397b40d7063fe6e24e3d40ba805df3a57eaa40d707d1a9fbe76d40ba80dc43d054f140d707f92b656dd940ba815a1c9b413a40d70820c497742540ba86048c041b5440d7098df370651840ba8a8666559f6f40d70b03332f017540ba929a863f35bf40d70ddd2c513fcd40ba9a0c08205ff240d710d24dd2f1aa40ba9e1c9f51a16040d7129a3226dd1140baa1f53f6c269a40d71469cabc515540baa59752e7123040d7163fbd0bd2f440baa905e34330d740d7181bd70a3d7140baac425b1082b440d719fcc009c75240baaf50623d0bfa40d71be27ef9d
 b2340bab157404ac14d40d71d3785fe998c40bab34a3d5fdcdf40d71e8e666234a840bab66a43c834e340d721170a535ffd40bab94e977c88e840d723a4188f42ff40babb5fc577e64340d7259a5666c23440babd53f7be121f40d727926e978d5040babf2cd708467540d7298a75344b5340bac0ef1a8ef77f40d72b83c6a7ef9e40bac29c6faca73a40d72d7c9a4a17e740bac4399988d2a240d72f76459d990340bac5c8b018b9dc40d7316efed2743140bac74e146a1a5040d733683126e97940bac8cbda53946e40d735601daf2bd440baca4666559f6f40d737583126e97940bacab55b9b068340d737ec8d0113b440bacb249b951c5c40d73880e55c0fcb40bacdc490bfe33240d73ac7bdc376b240bad210623d0bfa40d73ce46a7ac81d000000020000000240bad210623d0bfa40d73ce46a7ac81d40badf86a7ded6bb40d742325e353f7d000f42410000000540badf86a7ded6bb40d742325e353f7d40bae9151fb3633540d74738abbc084240bae8f89363f57340d74cc8f5be5d9e40bae7c450ce91b940d74ec51a03a44340bae7d374aba38740d750c70a3d70a4000000020000000340bae7d374aba38740d750c70a3d70a440bafb1c28e4fb9840d75bedb228dc9840bb24d3b634dad340d76c4126e54717");
+
 }
 
 static void
diff --git a/liblwgeom/lwin_wkb.c b/liblwgeom/lwin_wkb.c
index 02b6eec..f1b0a56 100644
--- a/liblwgeom/lwin_wkb.c
+++ b/liblwgeom/lwin_wkb.c
@@ -163,6 +163,13 @@ static void lwtype_from_wkb_state(wkb_parse_state *s, uint32_t wkb_type)
 
 	/* Mask off the flags */
 	wkb_type = wkb_type & 0x0FFFFFFF;
+
+	/* Catch strange Oracle WKB type numbers */
+	if ( wkb_type >= 4000 ) {
+		lwerror("Unknown WKB type (%d)!", wkb_type);
+		return;
+	}
+
 	/* Strip out just the type number (1-12) from the ISO number (eg 3001-3012) */
 	wkb_simple_type = wkb_type % 1000;
 
@@ -349,9 +356,11 @@ static POINTARRAY* ptarray_from_wkb_state(wkb_parse_state *s)
 	npoints = integer_from_wkb_state(s);
 	if (s->error)
 		return NULL;
+
 	if (npoints > maxpoints)
 	{
-		lwerror("Pointarray length (%d) is too large");
+		s->error = LW_TRUE;
+		lwerror("Pointarray length (%d) is too large", npoints);
 		return NULL;
 	}
 
@@ -553,6 +562,7 @@ static LWPOLY* lwpoly_from_wkb_state(wkb_parse_state *s)
 		if (s->check & LW_PARSER_CHECK_MINPOINTS && pa->npoints < 4)
 		{
 			lwpoly_free(poly);
+			ptarray_free(pa);
 			LWDEBUGF(2, "%s must have at least four points in each ring", lwtype_name(s->lwtype));
 			lwerror("%s must have at least four points in each ring", lwtype_name(s->lwtype));
 			return NULL;
@@ -562,6 +572,7 @@ static LWPOLY* lwpoly_from_wkb_state(wkb_parse_state *s)
 		if( s->check & LW_PARSER_CHECK_CLOSURE && ! ptarray_is_closed_2d(pa) )
 		{
 			lwpoly_free(poly);
+			ptarray_free(pa);
 			LWDEBUGF(2, "%s must have closed rings", lwtype_name(s->lwtype));
 			lwerror("%s must have closed rings", lwtype_name(s->lwtype));
 			return NULL;
@@ -571,6 +582,7 @@ static LWPOLY* lwpoly_from_wkb_state(wkb_parse_state *s)
 		if ( lwpoly_add_ring(poly, pa) == LW_FAILURE )
 		{
 			lwpoly_free(poly);
+			ptarray_free(pa);
 			LWDEBUG(2, "Unable to add ring to polygon");
 			lwerror("Unable to add ring to polygon");
 			return NULL;

-----------------------------------------------------------------------

Summary of changes:
 NEWS                        |  2 ++
 liblwgeom/cunit/cu_in_wkb.c | 21 ++++++++++++---------
 liblwgeom/lwin_wkb.c        | 14 +++++++++++++-
 3 files changed, 27 insertions(+), 10 deletions(-)


hooks/post-receive
-- 
PostGIS

More information about the postgis-tickets mailing list