Opened 7 years ago

Closed 7 years ago

Last modified 7 years ago

#5700 closed defect (fixed)

GDAL seg faults reading large .TIL images

Reported by: patnichols Owned by: warmerdam
Priority: high Milestone: 1.11.2
Component: GDAL_Raster Version: 1.11.0
Severity: normal Keywords: .TIL file, Integer overflow


When I try to read a Earthwatch/Digitalglobe? .TIL file of size 12434 by 91287 pixels (cols x rows) I get a seg fault. Using GBD to track down the bug I found that in vrtsources.cpp:line 906, GDAL issues the following function call: 900 poRasterBand->RasterIO( GF_Read, 901 nReqXOff, nReqYOff, nReqXSize, nReqYSize, 902 ((unsigned char *) pData) 903 + nOutXOff * nPixelSpace 904 + nOutYOff * nLineSpace, 905 nOutXSize, nOutYSize, (gdb) 906 eBufType, nPixelSpace, nLineSpace ); All the parameters in the call are correct for the image but the variables nOutXOff,nOutYOff, nPixelSpace and nLineSpace are declared to be integers. For my particular case, nOutYOff= 90112 and nLineSpace=24868. The multiplication results in a number greater than the max value an integer can store. This leads to a negative offset and consequently a seg fault. Thank you, Patrick Nichols

Change History (2)

comment:1 Changed 7 years ago by Even Rouault

Milestone: 1.11.2
Resolution: fixed
Status: newclosed

I assume you're using a 64bit build to be able to allocate a buffer larger than 2GB ?

trunk r27867, branches/1.11 r27868 "VRTSources: fix RasterIO() to be able to fill buffers larger than 2GB (#5700)"

comment:2 Changed 7 years ago by patnichols


We are using a 64 bit build on Linux. I will try the new branch.


Note: See TracTickets for help on using tickets.