Opened 13 years ago

Closed 13 years ago

#2830 closed defect (fixed)

[PATCH] Fix vulnerabilities in BLX driver

Reported by: Even Rouault Owned by: henjo
Priority: normal Milestone: 1.7.0
Component: default Version: unspecified
Severity: normal Keywords:
Cc: Even Rouault



would you mind reviewing and testing the attached patch ? It should correct many vulnerabilities when opening corrupted BLX datasets. The most important changes are in decode_celldata().

I've also changed datasize and compdatasize to be unsigned values, as I've encountered datasize slightly above 32768 when trying to compress files where some tiles had big dynamics in values. With signed short, it turned to be a negative value when reading back the dataset.

There's also a small improvement with the progress callback being used by CreateCopy?() code.

Attachments (1)

blx.patch (14.9 KB) - added by Even Rouault 13 years ago.

Download all attachments as: .zip

Change History (2)

Changed 13 years ago by Even Rouault

Attachment: blx.patch added

comment:1 Changed 13 years ago by Even Rouault

Milestone: 1.7.0
Resolution: fixed
Status: newclosed

Patch commited in r16627

Note: See TracTickets for help on using tickets.