Opened 9 years ago

Closed 9 years ago

#2366 closed defect (fixed)

NITFDataset::InitializeTextMetadata doesn't allocate space for the NULL-terminated character

Reported by: Even Rouault Owned by: Even Rouault
Priority: normal Milestone: 1.5.2
Component: GDAL_Raster Version: 1.5.0
Severity: normal Keywords: nitf TEXT
Cc: warmerdam

Description

nitf_21 test fails on Windows buildbots. This is due to the fact that when reading the TEXT data, the buffer doesn't allocate one extra byte for the NULL-terminating character.

See Valgrind trace below:

==8758== Invalid read of size 1 ==8758== at 0x474DE0A: CSLAddNameValue (cpl_string.cpp:1231) ==8758== by 0x474E2C4: CSLSetNameValue (cpl_string.cpp:1319) ==8758== by 0x46FAB87: GDALMultiDomainMetadata::SetMetadataItem?(char const*, char const*, char const*) (gdalmultidomainmetadata.cpp:171) ==8758== by 0x44FD70F: NITFDataset::InitializeTextMetadata?() (nitfdataset.cpp:2191) ==8758== by 0x44FEA29: NITFDataset::GetMetadata?(char const*) (nitfdataset.cpp:2284) ==8758== by 0x46F940C: GDALGetMetadata (gdalmajorobject.cpp:177) ==8758== by 0x804B409: main (gdalinfo.c:259) ==8758== Address 0x6F9DC59 is 0 bytes after a block of size 1 alloc'd ==8758== at 0x4021AA4: calloc (vg_replace_malloc.c:279) ==8758== by 0x475E483: VSICalloc (cpl_vsisimple.cpp:290) ==8758== by 0x472DE44: CPLCalloc (cpl_conv.cpp:80) ==8758== by 0x44FD4D8: NITFDataset::InitializeTextMetadata?() (nitfdataset.cpp:2177) ==8758== by 0x44FEA29: NITFDataset::GetMetadata?(char const*) (nitfdataset.cpp:2284) ==8758== by 0x46F940C: GDALGetMetadata (gdalmajorobject.cpp:177) ==8758== by 0x804B409: main (gdalinfo.c:259) ==8758== ==8758== Invalid read of size 1 ==8758== at 0x4023513: strlen (mc_replace_strmem.c:246) ==8758== by 0x5E4FDDF: vfprintf (in /lib/tls/i686/cmov/libc-2.6.1.so) ==8758== by 0x5E6A33B: vsprintf (in /lib/tls/i686/cmov/libc-2.6.1.so) ==8758== by 0x5E559BD: sprintf (in /lib/tls/i686/cmov/libc-2.6.1.so) ==8758== by 0x474DE84: CSLAddNameValue (cpl_string.cpp:1232) ==8758== by 0x474E2C4: CSLSetNameValue (cpl_string.cpp:1319) ==8758== by 0x46FAB87: GDALMultiDomainMetadata::SetMetadataItem?(char const*, char const*, char const*) (gdalmultidomainmetadata.cpp:171) ==8758== by 0x44FD70F: NITFDataset::InitializeTextMetadata?() (nitfdataset.cpp:2191) ==8758== by 0x44FEA29: NITFDataset::GetMetadata?(char const*) (nitfdataset.cpp:2284) ==8758== by 0x46F940C: GDALGetMetadata (gdalmajorobject.cpp:177) ==8758== by 0x804B409: main (gdalinfo.c:259) ==8758== Address 0x6F9DC59 is 0 bytes after a block of size 1 alloc'd ==8758== at 0x4021AA4: calloc (vg_replace_malloc.c:279) ==8758== by 0x475E483: VSICalloc (cpl_vsisimple.cpp:290) ==8758== by 0x472DE44: CPLCalloc (cpl_conv.cpp:80) ==8758== by 0x44FD4D8: NITFDataset::InitializeTextMetadata?() (nitfdataset.cpp:2177) ==8758== by 0x44FEA29: NITFDataset::GetMetadata?(char const*) (nitfdataset.cpp:2284) ==8758== by 0x46F940C: GDALGetMetadata (gdalmajorobject.cpp:177) ==8758== by 0x804B409: main (gdalinfo.c:259)

Change History (2)

comment:1 Changed 9 years ago by Even Rouault

Cc: warmerdam added
Owner: changed from warmerdam to Even Rouault
Status: newassigned

comment:2 Changed 9 years ago by Even Rouault

Resolution: fixed
Status: assignedclosed

Fixed in trunk in r14454 and in branches/1.5 in r14455

Note: See TracTickets for help on using tickets.