| 1 | = GDAL/OGR 2.4.3 Release Notes = |
| 2 | |
| 3 | The 2.4.3 release is a bug fix release. |
| 4 | |
| 5 | == Misc == |
| 6 | |
| 7 | * Replace a few catch of bad_alloc by exception to handle the case of 32 bit trying to allocate more than 4GB of memory and thus throwing a length_error exception. Found by OSS Fuzz |
| 8 | * Fix issues with thread_local and C++ objects that don't work well with DLL on Windows |
| 9 | |
| 10 | == Port == |
| 11 | |
| 12 | * /vsicrypt/: fix memleak in error code path |
| 13 | * /vsitar/: support >100 character file names (#1559) |
| 14 | * /vsitar/: accept space as end of field terminator |
| 15 | |
| 16 | == GDAL core == |
| 17 | |
| 18 | * fix non-neareset resampling over nodata blocks (#1941) |
| 19 | |
| 20 | == GDAL utilities == |
| 21 | |
| 22 | * gdalwarp: adjust nodata values, passed with -srcnodata/-dstnodata, and close to FLT_MAX to exactly it (#1724) |
| 23 | * Python scripts: GetOutputDriverFor(): fixes error when multiple drivers found ( #1719) |
| 24 | |
| 25 | == GDAL drivers == |
| 26 | |
| 27 | BAG driver: |
| 28 | * calculate the northeast pixel corner rather than scaling the resolution, due to an incorrectly shifted northeast corner in some CARIS surveys (#1728) |
| 29 | |
| 30 | CTable2Dataset driver: |
| 31 | * SetGeoTransform(): fix read buffer overflow from stack |
| 32 | |
| 33 | ENVI driver: |
| 34 | * preserve 'byte order' on update (#1796) |
| 35 | |
| 36 | GTiff driver: |
| 37 | * make sure that GetMetadataDomainList() doesn't return EXIF when there's no EXIF metadata (https://github.com/mapbox/rasterio/pull/1740#issuecomment-526660946) |
| 38 | * Internal libtiff: backport security related fixes |
| 39 | |
| 40 | HDF5 and netCDF drivers: |
| 41 | * fix crash when reading attributes of type string of variable length with NULL values |
| 42 | |
| 43 | JP2KAK driver: |
| 44 | * fix issue with multi-threaded reads |
| 45 | |
| 46 | JP2OpenJPEG driver: |
| 47 | * fix error logic in multi-threaded code causing memory corruption |
| 48 | * fix reading overviews, when tiled API is used, and the dimensions of the full resolution image are not a multiple of 2^numresolutions (#1860) |
| 49 | * fix to return the proper number of bytes read when we read more than 2 GB at once (https://github.com/uclouvain/openjpeg/issues/1151) |
| 50 | |
| 51 | JPEG driver: |
| 52 | * fix further calls to RasterIO after reading full image at full resolution (#1947) |
| 53 | |
| 54 | PDF driver: |
| 55 | * fix nullptr dereferences on corrupted files (OSS Fuzz #16438, #16558, #16759) |
| 56 | * fix potential heap buffer overflow (OSS Fuzz #16546) |
| 57 | * avoid potential integer division by zero (OSS Fuzz #17129) |
| 58 | |
| 59 | SAFE driver: |
| 60 | * avoid potential use-after-free (Coverity 1404037 and 1404140) |
| 61 | |
| 62 | Terragen driver: |
| 63 | * avoid potential use-after-free on error code path in write_header() (Coverity 1404060) |
| 64 | |
| 65 | USGSDEM driver: |
| 66 | * avoid int overflow. Fixes OSS Fuzz #15715 |
| 67 | * fix reading FEMA generated Lidar datasets whose header is 918 bytes large |
| 68 | |
| 69 | VRT driver: |
| 70 | * avoid erroneous pixel request do be done with KernelFilteredSource |
| 71 | |
| 72 | == OGR core == |
| 73 | |
| 74 | * OGRExpatRealloc(): fix double-free when size to allocate is above the default 10MB threshold. OSS Fuzz #16178 / CVE-2019-17545 |
| 75 | * OGR SQLite: do not propagate 'IS / IS NOT value' constructs to OGR SQL |
| 76 | * OGRSimpleCurve::getPoints() with XYZM: fix wrong stride used for M array |
| 77 | * OGRSimpleCurve: fix reversePoints() and addSubLineString() to take into account M dimension |
| 78 | |
| 79 | == OGR drivers == |
| 80 | |
| 81 | CAD driver: |
| 82 | * libopencad: CADBuffer: replace m_guard by m_nSize to avoid pointer wrap around on 32 bit platforms on corrupted files. OSS Fuzz #16388 |
| 83 | |
| 84 | DGN driver: |
| 85 | * avoid size_t overflow / illegal memory access. OSS Fuzz #16393 |
| 86 | |
| 87 | GeoJSON driver: |
| 88 | * fix update of file on Windows (https://github.com/qgis/QGIS/issues/28580) |
| 89 | |
| 90 | GPX driver: |
| 91 | * fix memory leak when streaming to /vsistdout/ |
| 92 | |
| 93 | LIBKML driver: |
| 94 | * fix potential memory leak. (Coverity 1404148) |
| 95 | |
| 96 | MITAB driver: |
| 97 | * fix potential double-free (Coverity 1404224) |
| 98 | * avoid potential nullptr deref (Coverity 1404174) |
| 99 | |
| 100 | PDF driver: |
| 101 | * fix reading polygon with holes and Bezier curves (#1932) |
| 102 | * fix reading strings with escape sequences |
| 103 | |
| 104 | PostgreSQL driver: |
| 105 | * add support for PostgreSQL 12 (#1692) |
| 106 | * be more restrictive when deducing non-nullability of columns in SQL result layers (#1734) |
| 107 | |
| 108 | S57 driver: |
| 109 | * s57objectclasses.csv: add missing TXTDSC attribute for DRYDOC class (#1723) |
| 110 | |
| 111 | XLSX driver: |
| 112 | * add support for .xlsm extension |
| 113 | |
| 114 | WFS3 driver: |
| 115 | * correctly handle user query string parameters in connection URL (#1710) |