Ticket #2314 (closed defect: fixed)

Opened 4 years ago

Last modified 4 years ago

CPLEscapeString for CPLES_URL Badly Broken

Reported by: warmerdam Owned by: warmerdam
Priority: normal Milestone: 1.5.2
Component: GDAL_Raster Version: unspecified
Severity: normal Keywords: CPLEscapeString
Cc:

Description

CPLEscapeString() will corrupt the result for scheme CPLES_URL any time there are characters that need special encoding. The problem is that this code: 

            if( (pszInput[iIn] >= 'a' && pszInput[iIn] <= 'z')
                || (pszInput[iIn] >= 'A' && pszInput[iIn] <= 'Z')
                || (pszInput[iIn] >= '0' && pszInput[iIn] <= '9')
                || pszInput[iIn] == '_' )
            {
                pszOutput[iOut++] = pszInput[iIn];
            }
            else
            {
                sprintf( pszOutput, "%%%02X", pszInput[iIn] );
                iOut += 3;
            }

is sprintf()ing at the beginning of pszOutput, instead of appending.

The problem seems to occur back as far as the GDAL 1.4 branch though it isn't clear that this functionality is widely used. It does affect the dev branch of the wcs driver.

Change History

Changed 4 years ago by warmerdam

  • status changed from new to closed
  • resolution set to fixed

Fixed in trunk (r14207) and 1.5 branch (r14208).

Note: See TracTickets for help on using tickets.