CSLMerge core dumps when running on nitf image that does have RPC data

[rubinj]

CSLMerge core dumps when running on nitf image that does have RPC data. When I run this through valgrind on linux, I get an invalid free / delete in vg_replace_malloc.c : 325

#include "gdal.h" #include "gdal_priv.h" #include<map> #include<string> #include<iostream> using namespace std; int main(int argc, char argv) {

char rpcMD = NULL; char allMD = NULL;

GDALAllRegister(); string inputFile = argv[1]; GDALDataset *gdalDS = (GDALDataset *)GDALOpenShared( inputFile.c_str(), GA_ReadOnly ); if(gdalDS == NULL)

{

cerr << "Could not open with GDAL:" << inputFile << endl; return 1;

} GDALDriver* driver = gdalDS->GetDriver(); string format = GDALGetDriverShortName(driver); cout << "format=" << format << endl; allMD = ((GDALDataset*)gdalDS)->GetMetadata(); rpcMD = ((GDALDataset*)gdalDS)->GetMetadata("RPC"); This call causes crash allMD = CSLMerge(allMD,rpcMD);

return 0;

}

[Even Rouault]

This is a misuse of the API of CSLMerge()

/

• \brief Merge two lists. *
• The two lists are merged, ensuring that if any keys appear in both
• that the value from the second (papszOverride) list take precidence. *
• @param papszOrig the original list, being modified.
• @param papszOverride the list of items being merged in. This list
• is unaltered and remains owned by the caller. *
• @return updated list. */

The important thing is "papszOrig the original list, being modified.", but the return of GDALDataset::GetMetadata() should not be altered by the user application, hence the crash.

The fix is :

allMD = CSLMerge(CSLDuplicate(allMD),rpcMD);
// do something usefull
CSLDestroy(allMD);