| | 1 | = GDAL/OGR 2.4.3 Release Notes = |
| | 2 | |
| | 3 | The 2.4.3 release is a bug fix release. |
| | 4 | |
| | 5 | == Misc == |
| | 6 | |
| | 7 | * Replace a few catch of bad_alloc by exception to handle the case of 32 bit trying to allocate more than 4GB of memory and thus throwing a length_error exception. Found by OSS Fuzz |
| | 8 | * Fix issues with thread_local and C++ objects that don't work well with DLL on Windows |
| | 9 | |
| | 10 | == Port == |
| | 11 | |
| | 12 | * /vsicrypt/: fix memleak in error code path |
| | 13 | * /vsitar/: support >100 character file names (#1559) |
| | 14 | * /vsitar/: accept space as end of field terminator |
| | 15 | |
| | 16 | == GDAL core == |
| | 17 | |
| | 18 | * fix non-neareset resampling over nodata blocks (#1941) |
| | 19 | |
| | 20 | == GDAL utilities == |
| | 21 | |
| | 22 | * gdalwarp: adjust nodata values, passed with -srcnodata/-dstnodata, and close to FLT_MAX to exactly it (#1724) |
| | 23 | * Python scripts: GetOutputDriverFor(): fixes error when multiple drivers found ( #1719) |
| | 24 | |
| | 25 | == GDAL drivers == |
| | 26 | |
| | 27 | BAG driver: |
| | 28 | * calculate the northeast pixel corner rather than scaling the resolution, due to an incorrectly shifted northeast corner in some CARIS surveys (#1728) |
| | 29 | |
| | 30 | CTable2Dataset driver: |
| | 31 | * SetGeoTransform(): fix read buffer overflow from stack |
| | 32 | |
| | 33 | ENVI driver: |
| | 34 | * preserve 'byte order' on update (#1796) |
| | 35 | |
| | 36 | GTiff driver: |
| | 37 | * make sure that GetMetadataDomainList() doesn't return EXIF when there's no EXIF metadata (https://github.com/mapbox/rasterio/pull/1740#issuecomment-526660946) |
| | 38 | * Internal libtiff: backport security related fixes |
| | 39 | |
| | 40 | HDF5 and netCDF drivers: |
| | 41 | * fix crash when reading attributes of type string of variable length with NULL values |
| | 42 | |
| | 43 | JP2KAK driver: |
| | 44 | * fix issue with multi-threaded reads |
| | 45 | |
| | 46 | JP2OpenJPEG driver: |
| | 47 | * fix error logic in multi-threaded code causing memory corruption |
| | 48 | * fix reading overviews, when tiled API is used, and the dimensions of the full resolution image are not a multiple of 2^numresolutions (#1860) |
| | 49 | * fix to return the proper number of bytes read when we read more than 2 GB at once (https://github.com/uclouvain/openjpeg/issues/1151) |
| | 50 | |
| | 51 | JPEG driver: |
| | 52 | * fix further calls to RasterIO after reading full image at full resolution (#1947) |
| | 53 | |
| | 54 | PDF driver: |
| | 55 | * fix nullptr dereferences on corrupted files (OSS Fuzz #16438, #16558, #16759) |
| | 56 | * fix potential heap buffer overflow (OSS Fuzz #16546) |
| | 57 | * avoid potential integer division by zero (OSS Fuzz #17129) |
| | 58 | |
| | 59 | SAFE driver: |
| | 60 | * avoid potential use-after-free (Coverity 1404037 and 1404140) |
| | 61 | |
| | 62 | Terragen driver: |
| | 63 | * avoid potential use-after-free on error code path in write_header() (Coverity 1404060) |
| | 64 | |
| | 65 | USGSDEM driver: |
| | 66 | * avoid int overflow. Fixes OSS Fuzz #15715 |
| | 67 | * fix reading FEMA generated Lidar datasets whose header is 918 bytes large |
| | 68 | |
| | 69 | VRT driver: |
| | 70 | * avoid erroneous pixel request do be done with KernelFilteredSource |
| | 71 | |
| | 72 | == OGR core == |
| | 73 | |
| | 74 | * OGRExpatRealloc(): fix double-free when size to allocate is above the default 10MB threshold. OSS Fuzz #16178 / CVE-2019-17545 |
| | 75 | * OGR SQLite: do not propagate 'IS / IS NOT value' constructs to OGR SQL |
| | 76 | * OGRSimpleCurve::getPoints() with XYZM: fix wrong stride used for M array |
| | 77 | * OGRSimpleCurve: fix reversePoints() and addSubLineString() to take into account M dimension |
| | 78 | |
| | 79 | == OGR drivers == |
| | 80 | |
| | 81 | CAD driver: |
| | 82 | * libopencad: CADBuffer: replace m_guard by m_nSize to avoid pointer wrap around on 32 bit platforms on corrupted files. OSS Fuzz #16388 |
| | 83 | |
| | 84 | DGN driver: |
| | 85 | * avoid size_t overflow / illegal memory access. OSS Fuzz #16393 |
| | 86 | |
| | 87 | GeoJSON driver: |
| | 88 | * fix update of file on Windows (https://github.com/qgis/QGIS/issues/28580) |
| | 89 | |
| | 90 | GPX driver: |
| | 91 | * fix memory leak when streaming to /vsistdout/ |
| | 92 | |
| | 93 | LIBKML driver: |
| | 94 | * fix potential memory leak. (Coverity 1404148) |
| | 95 | |
| | 96 | MITAB driver: |
| | 97 | * fix potential double-free (Coverity 1404224) |
| | 98 | * avoid potential nullptr deref (Coverity 1404174) |
| | 99 | |
| | 100 | PDF driver: |
| | 101 | * fix reading polygon with holes and Bezier curves (#1932) |
| | 102 | * fix reading strings with escape sequences |
| | 103 | |
| | 104 | PostgreSQL driver: |
| | 105 | * add support for PostgreSQL 12 (#1692) |
| | 106 | * be more restrictive when deducing non-nullability of columns in SQL result layers (#1734) |
| | 107 | |
| | 108 | S57 driver: |
| | 109 | * s57objectclasses.csv: add missing TXTDSC attribute for DRYDOC class (#1723) |
| | 110 | |
| | 111 | XLSX driver: |
| | 112 | * add support for .xlsm extension |
| | 113 | |
| | 114 | WFS3 driver: |
| | 115 | * correctly handle user query string parameters in connection URL (#1710) |
