New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Segfault when setting a "utfitem" into a layer #4904

Closed
fblackburn opened this Issue Apr 4, 2014 · 2 comments

Comments

Projects
None yet
3 participants
@fblackburn
Contributor

fblackburn commented Apr 4, 2014

Setting the "utfitem" parameter to an attribute that isn't present in any other parameter of the layer cause a segfault.

@fblackburn

This comment has been minimized.

Show comment
Hide comment
@fblackburn

fblackburn Apr 4, 2014

Contributor

After looking into the code we found out that the variable used to set the size of the item array ("nt") isn't properly increased when the layer contains a "utfitem" parameter in the function "msTokenizeExpression" of "maplayer.c". This problem can cause a buffer overflow if all the used attribute in a layer are different.

Contributor

fblackburn commented Apr 4, 2014

After looking into the code we found out that the variable used to set the size of the item array ("nt") isn't properly increased when the layer contains a "utfitem" parameter in the function "msTokenizeExpression" of "maplayer.c". This problem can cause a buffer overflow if all the used attribute in a layer are different.

@tbonfort

This comment has been minimized.

Show comment
Hide comment
@tbonfort

tbonfort Apr 4, 2014

Member

@rouault the failing test is a side effect of the currently flakey osgeo servers. +1 to merge

Member

tbonfort commented Apr 4, 2014

@rouault the failing test is a side effect of the currently flakey osgeo servers. +1 to merge

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment