segfault on null point coordinates in ogr geojson driver

[springmeyer]

Running into segfaults in Mapnik reading json from couchdb, traced back to ogr geojson driver which appears to crash at initial parsing of the geojson:

0   libgdal.1.dylib               	0x0000000103a5b404 json_object_get_type + 4
1   libgdal.1.dylib               	0x0000000103ae88f2 OGRGeoJSONReadRawPoint(json_object*, OGRPoint&) + 146
2   libgdal.1.dylib               	0x0000000103ae9540 OGRGeoJSONReadPoint(json_object*) + 176
3   libgdal.1.dylib               	0x0000000103ae9f9e OGRGeoJSONReadGeometry(json_object*) + 270
4   libgdal.1.dylib               	0x0000000103aea20b OGRGeoJSONReader::ReadGeometry(json_object*) + 27
5   libgdal.1.dylib               	0x0000000103aea42d OGRGeoJSONReader::ReadFeature(json_object*) + 429
6   libgdal.1.dylib               	0x0000000103aea6d0 OGRGeoJSONReader::ReadFeatureCollection(json_object*) + 224
7   libgdal.1.dylib               	0x0000000103aea7b3 OGRGeoJSONReader::ReadLayer(char const*, OGRGeoJSONDataSource*) + 179
8   libgdal.1.dylib               	0x0000000103ae6f85 OGRGeoJSONDataSource::LoadLayer() + 149
9   libgdal.1.dylib               	0x0000000103ae75ae OGRGeoJSONDataSource::Open(char const*) + 110
10  libgdal.1.dylib               	0x0000000103ae7a11 OGRGeoJSONDriver::Open(char const*, int, char**) + 161
11  libgdal.1.dylib               	0x0000000103b04c83 OGRSFDriverRegistrar::Open(char const*, int, OGRSFDriver**) + 195
12  ogr.input                     	0x000000010402164e ogr_datasource::bind() const + 94
13  ogr.input                     	0x0000000104023554 ogr_datasource::ogr_datasource(mapnik::parameters const&, bool) + 1940
14  ogr.input                     	0x00000001040239f3 create + 51
15  libmapnik2.dylib              	0x0000000101a68d63 mapnik::datasource_cache::create(mapnik::parameters const&, bool) + 1427

Looking through geojson I see:

{
    "type": "FeatureCollection", 
    "features": [
         {
            "geometry": {
                "type": "Point", 
                "coordinates": [
                    null, 
                    null
                ]
            }, 
            "type": "Feature", 
            "properties": {
                "foo": 1, 
             }
        }, 
    ]
}

Digging into ogr noticed the work in r19505, but it appears it did not test enough null cases.

After rebuilding trunk I still get segfaults trying to run ogrinfo on that 'ogr_geojson_14.geojson'.

But, the attached patch seems to fix things.

[springmeyer]

Patch to fix segfaulting ogr geojson driver on null point coordinates

[springmeyer]

Also, gdal autotest should ideally add these cases:

ogr_geojson_14.geojson

@@ -5 +5 @@
 ,
 { "type": "Feature", "properties": { }, "geometry": { "type": "Point", "coordinates": [null] } }
 ,
+{ "type": "Feature", "properties": { }, "geometry": { "type": "Point", "coordinates": [null,1] } }
+,
+{ "type": "Feature", "properties": { }, "geometry": { "type": "Point", "coordinates": [1,null] } }
+,
+{ "type": "Feature", "properties": { }, "geometry": { "type": "Point", "coordinates": [null,null] } }
+,
 { "type": "Feature", "properties": { }, "geometry": { "type": "LineString", "coordinates": null } }
 ,
 { "type": "Feature", "properties": { }, "geometry": { "type": "LineString", "coordinates": [ null ] } }

[rouault]

Thanks. Patch slightly modified to remove debugging trace and return false instead of NULL.

Fixed in r21107. Test enhanced in r21108