Array bounds checking in FdoSpatialUtility::GetExtents

[gavincramer]

FdoSpatialUtility::GetExtents does not check for array bounds, and thus it is easy to pass it data that causes a crash, or that returns garbage results. E.g.:

double minX=0.0, minY=0.0, maxX=0.0, maxY=0.0, minZ=0.0, maxZ=0.0; GisByte bytes [] = { 2, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 50 }; GisPtr<GisByteArray> ba = GisByteArray::Create(bytes, sizeof(bytes)); GisSpatialUtility::GetExtents(ba, minX, minY, maxX, maxY);

... will crash, because it indicates the presence of a large array of positions.

This can happen inadvertently (say, internal defect or incomplete data retrieval) or due to malicious content creation.

[gavincramer]

This adds array bounds checking to FdoSpatialUtility::GetExtents, to guard against malformed FGF values.

An updated unit test now puts GetExtents through some challenging tests with bad input data.

Some defects in FdoGeometry's existing array bounds checking were also found and fixed.

Several tests using SDF and SHP were done to check that performance had negligible difference.

Reviewed by: Dan Stoica

Log:

Revision: 2752 Author: gavincramer Date: 2:11:46 PM, Wednesday, May 02, 2007 Message: Ticket #68 Array bounds checking in FdoSpatialUtility::GetExtents

---

Modified : /trunk/Fdo/UnitTest/SpatialUtilityTest.cpp Modified : /trunk/Fdo/UnitTest/SpatialUtilityTest.h Modified : /trunk/Fdo/Unmanaged/Src/Geometry/Fgf/GeometryFactory.cpp Modified : /trunk/Fdo/Unmanaged/Src/Geometry/Fgf/LinearRing.cpp Modified : /trunk/Fdo/Unmanaged/Src/Geometry/Fgf/Util.cpp Modified : /trunk/Fdo/Unmanaged/Src/Geometry/Fgf/Util.h Modified : /trunk/Fdo/Unmanaged/Src/Spatial/SpatialUtility.cpp Modified : /trunk/Fdo/Unmanaged/Src/Spatial/SpatialUtilityGeometryExtents.cpp