Opened 15 years ago

Closed 15 years ago

Last modified 11 years ago

#3093 closed defect (fixed)

[PATCH] DBFOpenLL can crash on corrupted DBF

Reported by: Even Rouault Owned by: warmerdam
Priority: normal Milestone:
Component: OGR_SF Version: unspecified
Severity: normal Keywords: shapelib
Cc:

Description

If the nHeaderLength field of the DBF header is < 32, in particular if it's equal to 0, a crash can occur at the line (if( psDBF->sHooks.FRead( pabyBuf, nHeadLen-32, 1, psDBF->fp ) != 1 ).

Attachments (1)

ticket_3093.patch (675 bytes ) - added by Even Rouault 15 years ago.

Download all attachments as: .zip

Change History (5)

by Even Rouault, 15 years ago

Attachment: ticket_3093.patch added

comment:1 by Even Rouault, 15 years ago

Note : this issue was discovered when running ogr_shape_28 with OG python bindings because of a reopening of a still opened datasource. Test fixed in r17499.

comment:2 by warmerdam, 15 years ago

Milestone: 1.7.0
Resolution: fixed
Status: newclosed

Patch applied upstream in shapelib, and brought into GDAL trunk (r17917).

comment:3 by Even Rouault, 14 years ago

Milestone: 1.7.01.6.4

backported in branches/1.6 in r18663 (for #3351)

comment:4 by Even Rouault, 11 years ago

Milestone: 1.6.4

Milestone 1.6.4 deleted

Note: See TracTickets for help on using tickets.