Opened 14 years ago

Closed 14 years ago

#2830 closed defect (fixed)

[PATCH] Fix vulnerabilities in BLX driver

Reported by: Even Rouault Owned by: henjo
Priority: normal Milestone: 1.7.0
Component: default Version: unspecified
Severity: normal Keywords:
Cc: Even Rouault



would you mind reviewing and testing the attached patch ? It should correct many vulnerabilities when opening corrupted BLX datasets. The most important changes are in decode_celldata().

I've also changed datasize and compdatasize to be unsigned values, as I've encountered datasize slightly above 32768 when trying to compress files where some tiles had big dynamics in values. With signed short, it turned to be a negative value when reading back the dataset.

There's also a small improvement with the progress callback being used by CreateCopy() code.

Attachments (1)

blx.patch (14.9 KB ) - added by Even Rouault 14 years ago.

Download all attachments as: .zip

Change History (2)

by Even Rouault, 14 years ago

Attachment: blx.patch added

comment:1 by Even Rouault, 14 years ago

Milestone: 1.7.0
Resolution: fixed
Status: newclosed

Patch commited in r16627

Note: See TracTickets for help on using tickets.