GDAL/OGR 2.4.3 Release Notes

The 2.4.3 release is a bug fix release.


  • Replace a few catch of bad_alloc by exception to handle the case of 32 bit trying to allocate more than 4GB of memory and thus throwing a length_error exception. Found by OSS Fuzz
  • Fix issues with thread_local and C++ objects that don't work well with DLL on Windows


  • /vsicrypt/: fix memleak in error code path
  • /vsitar/: support >100 character file names (#1559)
  • /vsitar/: accept space as end of field terminator

GDAL core

  • fix non-neareset resampling over nodata blocks (#1941)

GDAL utilities

  • gdalwarp: adjust nodata values, passed with -srcnodata/-dstnodata, and close to FLT_MAX to exactly it (#1724)
  • Python scripts: GetOutputDriverFor(): fixes error when multiple drivers found (#1719)

GDAL drivers

BAG driver:

  • calculate the northeast pixel corner rather than scaling the resolution, due to an incorrectly shifted northeast corner in some CARIS surveys (#1728)

CTable2Dataset driver:

ENVI driver:

  • preserve 'byte order' on update (#1796)

GTiff driver:

HDF5 and netCDF drivers:

  • fix crash when reading attributes of type string of variable length with NULL values

JP2KAK driver:

  • fix issue with multi-threaded reads

JP2OpenJPEG driver:

  • fix error logic in multi-threaded code causing memory corruption
  • fix reading overviews, when tiled API is used, and the dimensions of the full resolution image are not a multiple of 2numresolutions (#1860)
  • fix to return the proper number of bytes read when we read more than 2 GB at once (

JPEG driver:

  • fix further calls to RasterIO after reading full image at full resolution (#1947)

PDF driver:

  • fix nullptr dereferences on corrupted files (OSS Fuzz #16438, #16558, #16759)
  • fix potential heap buffer overflow (OSS Fuzz #16546)
  • avoid potential integer division by zero (OSS Fuzz #17129)

SAFE driver:

  • avoid potential use-after-free (Coverity 1404037 and 1404140)

Terragen driver:

  • avoid potential use-after-free on error code path in write_header() (Coverity 1404060)

USGSDEM driver:

  • avoid int overflow. Fixes OSS Fuzz #15715
  • fix reading FEMA generated Lidar datasets whose header is 918 bytes large

VRT driver:

OGR core

  • OGRExpatRealloc(): fix double-free when size to allocate is above the default 10MB threshold. OSS Fuzz #16178 / CVE-2019-17545
  • OGR SQLite: do not propagate 'IS / IS NOT value' constructs to OGR SQL
  • OGRSimpleCurve::getPoints() with XYZM: fix wrong stride used for M array
  • OGRSimpleCurve: fix reversePoints() and addSubLineString() to take into account M dimension

OGR drivers

CAD driver:

  • libopencad: CADBuffer: replace m_guard by m_nSize to avoid pointer wrap around on 32 bit platforms on corrupted files. OSS Fuzz #16388

DGN driver:

  • avoid size_t overflow / illegal memory access. OSS Fuzz #16393

GeoJSON driver:

GPX driver:

  • fix memory leak when streaming to /vsistdout/

LIBKML driver:

  • fix potential memory leak. (Coverity 1404148)

MITAB driver:

  • fix potential double-free (Coverity 1404224)
  • avoid potential nullptr deref (Coverity 1404174)

PDF driver:

  • fix reading polygon with holes and Bezier curves (#1932)
  • fix reading strings with escape sequences

PostgreSQL driver:

  • add support for PostgreSQL 12 (#1692)
  • be more restrictive when deducing non-nullability of columns in SQL result layers (#1734)

S57 driver:

  • s57objectclasses.csv: add missing TXTDSC attribute for DRYDOC class (#1723)

XLSX driver:

  • add support for .xlsm extension

WFS3 driver:

  • correctly handle user query string parameters in connection URL (#1710)
Last modified 3 years ago Last modified on Nov 4, 2019, 5:53:08 AM
Note: See TracWiki for help on using the wiki.