Opened 16 years ago

Closed 16 years ago

#2190 closed defect (fixed)

PNMDataset False Positive

Reported by: rsoconnor Owned by: warmerdam
Priority: normal Milestone: 1.4.5
Component: GDAL_Raster Version: 1.4.0
Severity: normal Keywords: pnm
Cc:

Description

GDAL tried to open up an ENVI file as a PNMDataset incorrectly and subsequently crashed in the GDALOpen function. It crashed in the "isspace" function because an assertion failed in pnmdataset.cpp

Admittedly this is a rare occurance and only happened once after opening up thousands of ENVI files.

The PNMDataset::Identify function may need to be more strict in its verification of files types.

My short term solution was just to deregister the PNM driver.

Attachments (2)

test.dat (4.0 KB ) - added by rsoconnor 16 years ago.
test.dat.hdr (472 bytes ) - added by rsoconnor 16 years ago.

Download all attachments as: .zip

Change History (6)

comment:1 by Even Rouault, 16 years ago

Could you possibly attach your ENVI file, or just the few first bytes ?

comment:2 by Even Rouault, 16 years ago

I've looked at the code and fixed a potential buffer overflow in case of bad PNM file, in r13655 in trunk and in r13656 in branches/1.5.

Hum, I'm just realizing it does not help for the PNMDataset::Identify function

by rsoconnor, 16 years ago

Attachment: test.dat added

by rsoconnor, 16 years ago

Attachment: test.dat.hdr added

in reply to:  1 comment:3 by rsoconnor, 16 years ago

Replying to rouault:

Could you possibly attach your ENVI file, or just the few first bytes ?

Attached is the first 4k of the image file and the original ENVI header file.

comment:4 by Even Rouault, 16 years ago

Keywords: pnm added
Milestone: 1.4.5
Resolution: fixed
Status: newclosed
Version: unspecified1.4.0

I've fixed inverted logical tests in PNM identify that also help fixing this bug. Commited in trunk in r13663, in branches/1.5 in r13664, and the two fixes in branches/1.4 in r13665

Note: See TracTickets for help on using tickets.