Opened 16 years ago
Closed 16 years ago
#2372 closed defect (fixed)
Buffer overflow when calling GTIFDirectoryInfo in GTIFGetOGISDefn
Reported by: | copycd | Owned by: | Even Rouault |
---|---|---|---|
Priority: | normal | Milestone: | 1.5.2 |
Component: | GDAL_Raster | Version: | 1.5.1 |
Severity: | normal | Keywords: | gtiff |
Cc: | warmerdam |
Description
Please, look at line 230 of gt_wkt_srs.cpp file.
source code ------------
int nVersion; if( hGTIF != NULL )
GTIFDirectoryInfo( hGTIF, &nVersion, &nKeyCount );
--------------------------------
but, GTIFDirectoryInfo function parameter receive "int nVersion[]". and, use nVersion[0], nVersion[1], nVersion[3].
Why?
Change History (2)
comment:1 by , 16 years ago
Owner: | changed from | to
---|---|
Status: | new → assigned |
comment:2 by , 16 years ago
Cc: | added |
---|---|
Component: | default → GDAL_Raster |
Keywords: | gtiff added |
Milestone: | → 1.5.2 |
Resolution: | → fixed |
Status: | assigned → closed |
Summary: | I surmise bug in gdal library with version 1.5.1 → Buffer overflow when calling GTIFDirectoryInfo in GTIFGetOGISDefn |
Note:
See TracTickets
for help on using tickets.
Thanks for the reporting ! Yes, it was definitely a buffer overflow.
Fixed in trunk in r14471 and in branches/1.5 in r14472