#1521 closed defect (fixed)
maps created with msCopyMap may cause nullreference exception
| Reported by: | szekerest | Owned by: | sdlime |
|---|---|---|---|
| Priority: | high | Milestone: | |
| Component: | MapServer C Library | Version: | 4.6 |
| Severity: | critical | Keywords: | |
| Cc: |
Description
Maps created with msCopyMap may cause nullreference exception if the original map has symbolset imagecache items. The reason of this proplem is that msCopySymbolSet in mapsymbol.c copies the number of the imagecache items in the symbolset, but does not copy the cache. This may cause null reference in addImageCache (mapgd.c line 201) when drawing the map. The problem could be solved by commenting out the following line MS_COPYSTELEM(imagecachesize); Tamas Szekeres
Change History (6)
comment:2 by , 18 years ago
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
I changed the code in msCopySymbolSet to initialize the destination cache to NULL and its size to 0. Change is only in 4.8 at the moment. Please confirm the fix works and I will backport. Steve
comment:3 by , 18 years ago
Steve,
It would be desirable to also hotfix the bug in mapsymbol.c according to
http://mapserver.gis.umn.edu/bugs/show_bug.cgi?id=1513
due to the severity of the problem.
Only the following modifications should be made (in mapsymbol.c)
line 471
char bytes[8], szPath[MS_MAXPATHLEN];
> gdIOCtx *ctx;
line 510
#ifdef USE_GD_GIF
< symbolset->symbol[i].img = gdImageCreateFromGif(stream);
>ctx = msNewGDFileCtx(stream);
> symbolset->symbol[i].img = gdImageCreateFromGifCtx(ctx);
> ctx->gd_free(ctx);
line 521
#ifdef USE_GD_PNG
< symbolset->symbol[i].img = gdImageCreateFromPng(stream);
>ctx = msNewGDFileCtx(stream);
> symbolset->symbol[i].img = gdImageCreateFromPngCtx(ctx);
> ctx->gd_free(ctx);
comment:4 by , 18 years ago
Add those comments to bug 1513 please. Can I assume my fix for this bug was sufficient then? Steve
Note:
See TracTickets
for help on using tickets.
