| 1 | = GDAL/OGR 2.2.1 Release Notes = |
| 2 | |
| 3 | The 2.2.1 release is a bug fix release. |
| 4 | |
| 5 | == Build == |
| 6 | * fix compilation without BIGTIFF_SUPPORT (#6890) |
| 7 | * configure: detect if std::isnan() is available. Helps compilation on some MacOSX setups, combined together --without-cpp11. Refs https://github.com/macports/macports-ports/pull/480 |
| 8 | * fix compilation against ancient Linux kernel headers (#6909) |
| 9 | * fix detection of 64bit file API with clang 5 (#6912) |
| 10 | * configure: use .exe extension when building with mingw64* toolchains (fixes #6919) |
| 11 | * mongoDB: compilation fix on Windows |
| 12 | |
| 13 | == Port == |
| 14 | |
| 15 | * /vsicurl/: fix occasional inappropriate failures in Read() with some combinations of initial offset, file size and read request size (#6901) |
| 16 | * Add a VSICurlClearCache() function (bound to SWIG as gdal.VSICurlClearCache()) to be able to clear /vsicurl/ related caches (#6937) |
| 17 | |
| 18 | == Algorithms == |
| 19 | |
| 20 | * GDALRasterize(): avoid hang in some cases with all_touched option (#5580) |
| 21 | * gdal_rasterize: fix segfault when rasterizing onto a raster with RPC (#6922) |
| 22 | |
| 23 | == GDAL utilities == |
| 24 | |
| 25 | * ogr_merge.py: fix '-single -o out.shp in.shp' case (#6888) |
| 26 | |
| 27 | == GDAL drivers == |
| 28 | |
| 29 | AIGRID driver: |
| 30 | * fix handling on raw 32-bit AIG blocks |
| 31 | |
| 32 | ENVISAT driver: |
| 33 | * fix 2.2 regression in initialization of members of MerisL2FlagBand. (#6929) |
| 34 | |
| 35 | GeoRaster driver: |
| 36 | * Fix memory allocation failure (#6884) |
| 37 | * add support for JP2-F in BLOB compression (corrections on geo-reference) (#6861) |
| 38 | |
| 39 | GPKG driver: |
| 40 | * avoid corruption of gpkg_tile_matrix when building overviews, down to a level where they are smaller than the tile size (#6932) |
| 41 | |
| 42 | GTIFF driver: |
| 43 | * Internal libtiff: fix libtiff 4.0.8 regression regarding creating of single strip uncompressed TIFF files (#6924) |
| 44 | |
| 45 | netCDF driver: |
| 46 | * add support for radian and microradian units for geostationnary projection (https://github.com/OSGeo/gdal/pull/220) |
| 47 | |
| 48 | NWT_GRC driver: |
| 49 | * Fix handling of alpha values in GRC color table (#6905) |
| 50 | * Handle case of 0-len GRC class names (#6907) |
| 51 | |
| 52 | VRT driver: |
| 53 | * speed-up SerializeToXML() in case of big number of bands |
| 54 | |
| 55 | XYZ driver: |
| 56 | * fix 2.2 regression where the driver hangs on some dataset with missing samples (#6934) |
| 57 | |
| 58 | == OGR utilities == |
| 59 | |
| 60 | * ogr2ogr/GDALVectorTranslate(): fix crash when using -f PDF -a_srs (#6920) |
| 61 | |
| 62 | == OGR drivers == |
| 63 | |
| 64 | GeoJSON driver: |
| 65 | * ESRIJson: avoid endless looping on servers that don't support resultOffset (#6895) |
| 66 | * ESRIJson: use 'latestWkid' in priority over 'wkid' when reading 'spatialReference' (https://github.com/OSGeo/gdal/pull/218) |
| 67 | * GeoJSON writer: accept writing ZM or M geometry by dropping the M component (#6935) |
| 68 | |
| 69 | GPKG driver: |
| 70 | * make driver robust to difference of cases between table_name in gpkg_contents/gpkg_geometry_columns and name in sqlite_master (#6916) |
| 71 | |
| 72 | MITAB driver: |
| 73 | * recognize Reseau_National_Belge_1972 / EPSG:31370 on writing (#6903) |
| 74 | |
| 75 | MySQL driver: |
| 76 | * fix compilation issue with Arch Linux and mariadb 10.1.23 (fixes #6899) |
| 77 | |
| 78 | PG driver: |
| 79 | * do not be confused by a 'geometry' table in a non-PostGIS enabled detabase (#6896) |
| 80 | |
| 81 | PLScenes: |
| 82 | * remove support for V0. Deprecate V1 API. Only Data V1 is supported ( #6933) |
| 83 | |
| 84 | == Perl bindings == |
| 85 | |
| 86 | * Backport the fix to #6142 Install man page according to GDALmake.opt if INSTALL_BASE is set. |
| 87 | * always return something from non-void functions (#6898) |
| 88 | |
| 89 | == Python bindings == |
| 90 | |
| 91 | * Accept callback = 0 since SWIG generates it as the default argument of BandRasterIONumPy(). Fixes https://github.com/OSGeo/gdal/pull/219 |
| 92 | * Fix 2.2 regression preventing use of callback function in Band.ComputeStatistics() (#6927) |
| 93 | |
| 94 | == Security oriented fixes == |
| 95 | |
| 96 | Note: this is only a very partial backport of more extensive fixes done in GDAL trunk. Credit to OSS-Fuzz for all of them (some have been found locally, so no related ticket) |
| 97 | |
| 98 | * Fix CPLErrorSetState to ensure it does not write beyond DEFAULT_LAST_ERR_MSG_SIZE and correctly null-terminates last message. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1529. |
| 99 | * Open() and Stat() methods of a number of virtual file systems: check that the filename starts with the full prefix. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1543. |
| 100 | * VRT pixel functions: fix crash with 'complex' when source count is < 2. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1549 |
| 101 | * OpenAIR: fix potential out-of-buffer read if we need to ingest 30000 bytes |
| 102 | * Several fixes in importFromWkb() and importFromWkt() |
| 103 | * GDALDataset and GDALRasterBand::ReportError(): fix crash if dataset name has a % character |
| 104 | * NASAKeywordHandler::SkipWhite(): fix out of bounds read |
| 105 | * MITAB: ParseTABFileFields(): fix out of bounds read. |
| 106 | * MITAB: ParseMIFHeader(): fix memory leak and out-of-bounds read on corrupted file |
| 107 | * MITAB: ParseMIFHeader(): fix memory leaks on corrupted files |
| 108 | * MITAB: avoid potentially veryyyy long loop when stroking arcs. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1644 |
| 109 | * MITAB: avoid heap-buffer-overflow in MITABCoordSys2TABProjInfo(). Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1653 |
| 110 | * OSARDataset::Open(): fix crash if pOpenInfo->fpL == NULL. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1565 |
| 111 | * OGRESRIJSONReadPolygon(): fix crash in error code path |
| 112 | * DXF: prevent null ptr deref and out-of-bounds read on corrupted file |
| 113 | * DXF: TranslateSPLINE(): sanitize integer values read to avoid int overflow. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1843 |
| 114 | * KML::unregisterLayerIfMatchingThisNode(): use memmove() instead of memcpy(). Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1580 |
| 115 | * KML: fix crash on weird structure with recursively empty folders. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1591 |
| 116 | * KML: fix null ptr dereference on corrupted file. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1634 |
| 117 | * OGRCurveCollection::importBodyFromWkb(): fix potential crash if the curve in the collection has not the same dimension has the collection dimension. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1584 |
| 118 | * OGRCompoundCurve::importFromWkb(): avoid potential stack overflow. Fixes https://oss-fuzz.com/v2/testcase-detail/5192348843638784 |
| 119 | * TIGER: fix potential stack buffer overflows. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1586 and 2020 |
| 120 | * TIGER: avoid potential infinite looping. Fixes https://oss-fuzz.com/v2/testcase-detail/4724815883665408 |
| 121 | * VFK: avoid out-of-bounds read. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1596 and 2074 |
| 122 | * CPLHexToBinary(): avoid reading outside of hex2char array on on-ASCII input. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1606 |
| 123 | * OGR PDS: avoid int32 overflow. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=160 |
| 124 | * GeoRSS: fix null pointer dereference on corrupted files. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1611. |
| 125 | * VSIArchiveFilesystemHandler::SplitFilename(): improve performance. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1597 |
| 126 | * OGRGeometryFactory::organizePolygons(): fix crash on empty polygons. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1620 |
| 127 | * JML: fix null pointer dereference on invalid files. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1622 |
| 128 | * Shape: prevent null ptr deref on truncated MultiPointM geometry. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1638 |
| 129 | * /vsisubfile/: avoid Tell() to return negative values. And make VSIIngestFile() more robust to unsigned overflow. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1642 |
| 130 | * GTM: avoid useless recursive opening of files when provided with a gzip-compressed input. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1650 |
| 131 | * GTiff: fix heap-buffer-overflow. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1677 |
| 132 | * GTiff: avoid heap-buffer-overfow on corrupted State Plane citation. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2050 |
| 133 | * GTiff: avoid potential stack buffer overflow on corrupted Imagine citation. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2105 |
| 134 | * GTiff: prevent heap overflow and fix reading of multi-band band-interleaved 16/24-bit float datasets. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2264 |
| 135 | * GTiff: fix potential infinite loop when parsing some 24-bit float denormalized numbers. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2315 |
| 136 | * Internal libjson-c: fix stack buffer overflow. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1682 |
| 137 | * ILI1/ILI2: fix null pointer dereference when opening filename ','. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1689 |
| 138 | * ILI1: fix various crashes on corrupted files (including, but not limited to, https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1760, 1784, 1926) |
| 139 | * ILI2: use proper cast operator. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1813 |
| 140 | * ILI2: fix null pointer dereference on corrupted files. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1993 |
| 141 | * ILI2: fix crash due to unhandled exception. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2191 |
| 142 | * morphFromESRI(): fix heap-use-after-free issue. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1690 |
| 143 | * morphFromESRI(): prevent potential null pointer dereference. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1783 and 1867 |
| 144 | * SEGUKOOA: fix inversion of leap year that caused index-out-of-bound reading on day 366 of leap years (2.2 regression). Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1698 |
| 145 | * CPLParseXMLString(): make it error out on invalid XML file even under CPLTurnErrorIntoWarning() mode. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1703. |
| 146 | * GML / NAS: fix memory leak in error code path, and potential heap-buffer-read-overflow |
| 147 | * NTF: fix various issues: heap & stack buffer-overflow, null ptr derefs, memory leaks. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1819 , 1820 , 1823, 1833, 1854, 1862, 1910, 1931, 1961, 1990, 1995, 1996, 2003, 2033, 2052, 2077, 2084, 2103, 2130, 2135, 2146, 2166, 2185, 2187, https://oss-fuzz.com/v2/testcase-detail/4696417694121984 |
| 148 | * OGRCreateFromMultiPatch(): avoid assertion on NaN coordinates. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1930 |
| 149 | * GXF: validate nGType to avoid later out-of-bound read in GXFReadRawScanlineFrom(). Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1975 |
| 150 | * GXF: fix int overflow and avoid excessive memory allocation. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2207 |
| 151 | * DGN: prevent heap-buffer-overflow read. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1988 |
| 152 | * COSAR: fix leak of file descriptor. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2019 |
| 153 | * ISO8211: prevent stack buffer oveflow. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2022 |
| 154 | * WEBP: prevent int32 overflow and too large memory allocation. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2059 |
| 155 | * IRIS: fix heap-buffer-overflow in some cases of nDataTypeCode. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2069 |
| 156 | * E00GRID: avoid heap and stack buffer overflows. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2090 , 2182, 2237, 2327 |
| 157 | * VICAR: fix null pointer dereference. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2116 |
| 158 | * VICAR: avoid use-after-free and heap-buffer-overflow. Fixes https://oss-fuzz.com/v2/testcase-detail/4825577427042304 |
| 159 | * VICAR: fix potential endless loop on broken files. Fixes https://oss-fuzz.com/v2/testcase-detail/6261508172414976 |
| 160 | * REC: fix nullptr deref |
| 161 | * REC: fix potential stack buffer overflow. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2165 |
| 162 | * GDALGetJPEG2000Structure() / DumpGeoTIFFBox(): fix memory leak. |
| 163 | * DumpGeoTIFFBox(): reject GeoJP2 boxes with a TIFF with band_count > 1 |
| 164 | * DumpJPK2CodeStream(): avoid potentially very long loop |
| 165 | * GDALGetJPEG2000Structure(): avoid bad performance on corrupted JP2 boxes. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2214 |
| 166 | * GPKG: fix potential heap-buffer overflow in GPkgHeaderFromWKB(). Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2150 |
| 167 | * GPKG: fix potential null ptr deref. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2240 |
| 168 | * GPKG: avoid potential division by zero. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2253 |
| 169 | * SEGUKOOA: prevent read beyond end of buffer. (#6921) |
| 170 | * SRP: avoid potential stack buffer overflow and excessive memory allocation/processing time |
| 171 | * CPLUnixTimeToYMDHMS(): avoid potential infinite loop. Fixes https://oss-fuzz.com/v2/testcase-detail/4949567697059840 |
| 172 | * Selafin: fix double frees. Fixes https://oss-fuzz.com/v2/testcase-detail/6429713822121984 |
| 173 | * CEOS: fix heap buffer overflow. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2259 |
| 174 | * CEOS: fix memleak in error code path. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2279 |
| 175 | * FAST: avoid null pointer dereference. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2290 |
| 176 | * netCDF: avoid stack buffer overflow. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2302 |