New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Insufficient validation of WMS source responses #149

Merged
merged 1 commit into from Aug 27, 2016

Conversation

Projects
None yet
2 participants
@tbonfort
Member

tbonfort commented Aug 11, 2016

MapCache currently does not validate WMS GetMap responses sufficiently, leading to corrupted caches and/or segfaults in some cases:

  • HTTP response code is not checked
  • Returned image size is not checked against requested image size
@tbonfort

This comment has been minimized.

Show comment
Hide comment
@tbonfort
Member

tbonfort commented Aug 11, 2016

Do more validation on returned WMS GetMap results (#149)
- fail on non 2XX HTTP status codes
- fail if returned image is not of the requested size
@dmorissette

This comment has been minimized.

Show comment
Hide comment
@dmorissette

dmorissette Aug 18, 2016

FYI this pull request fails to build if PIXMAN is disabled. The following patch which is already in master fixes it:

diff --git a/lib/image.c b/lib/image.c
index b48ef42..cf15fbe 100644
--- a/lib/image.c
+++ b/lib/image.c
@@ -85,10 +85,11 @@ int mapcache_image_has_alpha(mapcache_image *img)
 void mapcache_image_merge(mapcache_context *ctx, mapcache_image *base, mapcache_image *overlay)
 {
   int starti,startj;
+#ifdef USE_PIXMAN
   pixman_image_t *si;
   pixman_image_t *bi;
   pixman_transform_t transform;
-#ifndef USE_PIXMAN
+#else
   int i,j;
   unsigned char *browptr, *orowptr, *bptr, *optr;
 #endif

dmorissette commented Aug 18, 2016

FYI this pull request fails to build if PIXMAN is disabled. The following patch which is already in master fixes it:

diff --git a/lib/image.c b/lib/image.c
index b48ef42..cf15fbe 100644
--- a/lib/image.c
+++ b/lib/image.c
@@ -85,10 +85,11 @@ int mapcache_image_has_alpha(mapcache_image *img)
 void mapcache_image_merge(mapcache_context *ctx, mapcache_image *base, mapcache_image *overlay)
 {
   int starti,startj;
+#ifdef USE_PIXMAN
   pixman_image_t *si;
   pixman_image_t *bi;
   pixman_transform_t transform;
-#ifndef USE_PIXMAN
+#else
   int i,j;
   unsigned char *browptr, *orowptr, *bptr, *optr;
 #endif
@dmorissette

This comment has been minimized.

Show comment
Hide comment
@dmorissette

dmorissette Aug 18, 2016

BTW, this pull request fixes the error handling issue for us once we apply the PIXMAN fix above.

dmorissette commented Aug 18, 2016

BTW, this pull request fixes the error handling issue for us once we apply the PIXMAN fix above.

@tbonfort tbonfort merged commit 91c7d9a into mapserver:branch-1-4 Aug 27, 2016

@tbonfort tbonfort deleted the tbonfort:chaeck-wms-server-errors branch Aug 27, 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment