[PostGIS] #5905: Server crashes when input geometries with excessive nesting are passed to ST_DumpPoints or ST_DumpSegments
PostGIS
trac at osgeo.org
Thu Jun 5 17:05:52 PDT 2025
#5905: Server crashes when input geometries with excessive nesting are passed to
ST_DumpPoints or ST_DumpSegments
----------------------+-------------------------------------------------
Reporter: dmyzl | Owner: pramsey
Type: defect | Status: new
Priority: blocker | Milestone: PostGIS 3.5.4
Component: postgis | Version: 3.5.x
Resolution: | Keywords: ST_DumpPoints ST_DumpSegments crash
----------------------+-------------------------------------------------
Comment (by pramsey):
Writes out of bounds in `ST_Dump` also, looks like all the SRF dumpers are
susceptible.
{{{
select * from
ST_Dump(ST_GeomFromText('geometrycollection(geometrycollection(
geometrycollection(geometrycollection(geometrycollection(geometrycollection(geometrycollection(geometrycollection(geometrycollection(geometrycollection(geometrycollection(geometrycollection(
geometrycollection(geometrycollection(geometrycollection(geometrycollection(geometrycollection(geometrycollection(geometrycollection(geometrycollection(geometrycollection(geometrycollection(
geometrycollection(geometrycollection(geometrycollection(geometrycollection(geometrycollection(geometrycollection(geometrycollection(geometrycollection(geometrycollection(geometrycollection(
geometrycollection(multipoint empty,point(0 0), multilinestring empty,
multilinestring((0 0, 1 1 ),(1 1, 2
2)))))))))))))))))))))))))))))))))))',4269)) as geom_dump;
}}}
--
Ticket URL: <https://trac.osgeo.org/postgis/ticket/5905#comment:4>
PostGIS <http://trac.osgeo.org/postgis/>
The PostGIS Trac is used for bug, enhancement & task tracking, a user and developer wiki, and a view into the subversion code repository of PostGIS project.
More information about the postgis-tickets
mailing list