Skip to content

Commit e52a436

Browse files
committed
security fix (patch by EvenR)
1 parent 1c059c3 commit e52a436

File tree

2 files changed

+4
-0
lines changed

2 files changed

+4
-0
lines changed

Diff for: mapogcfilter.c

+2
Original file line numberDiff line numberDiff line change
@@ -3004,6 +3004,8 @@ char *FLTGetIsLikeComparisonExpression(FilterEncodingNode *psFilterNode)
30043004

30053005
pszValue = psFilterNode->psRightNode->pszValue;
30063006
nLength = strlen(pszValue);
3007+
if( 1 + 2 * nLength + 1 + 1 >= sizeof(szTmp) )
3008+
return NULL;
30073009

30083010
iTmp =0;
30093011
if (nLength > 0 && pszValue[0] != pszWild[0] &&

Diff for: mapogcfiltercommon.c

+2
Original file line numberDiff line numberDiff line change
@@ -88,6 +88,8 @@ char *FLTGetIsLikeComparisonCommonExpression(FilterEncodingNode *psFilterNode)
8888

8989
pszValue = psFilterNode->psRightNode->pszValue;
9090
nLength = strlen(pszValue);
91+
if( 1 + 2 * nLength + 1 + 1 >= sizeof(szTmp) )
92+
return NULL;
9193

9294
iTmp =0;
9395
if (nLength > 0 && pszValue[0] != pszWild[0] && pszValue[0] != pszSingle[0] && pszValue[0] != pszEscape[0]) {

0 commit comments

Comments
 (0)