Opened 5 years ago
Closed 3 years ago
#972 closed defect (fixed)
C API: Possible divide by zero and use of uninitialized variables
| Reported by: | macdrevx | Owned by: | strk |
|---|---|---|---|
| Priority: | major | Milestone: | 3.10.0 |
| Component: | C API | Version: | main |
| Severity: | Unassigned | Keywords: | |
| Cc: |
Description
Two of the functions in the C API may include the possibility of divide by zero or use of uninitialized variables:
double
GEOSProjectNormalized_r(GEOSContextHandle_t extHandle, const Geometry* g,
const Geometry* p)
{
double length;
GEOSLength_r(extHandle, g, &length);
return GEOSProject_r(extHandle, g, p) / length;
}
Geometry*
GEOSInterpolateNormalized_r(GEOSContextHandle_t extHandle, const Geometry* g,
double d)
{
double length;
GEOSLength_r(extHandle, g, &length);
return GEOSInterpolate_r(extHandle, g, d * length);
}
In the first function, length is not guaranteed to be initialized within GEOSLength_r. In the case where it's not, the function still proceeds to use it on the next line. Does the C++ compiler automatically initialize it to zero when it's declared?
Even if it is initialized, is there a possibility of a divide by zero?
Similarly, in the second function, length is still used even if it's not initialized.
Proposed solution:
1) Handle error responses from GEOSLength_r and return early, signaling that an error has occurred. 2) Additionally handle the possibility that length is 0 in the first function.
Change History (3)
comment:1 by , 5 years ago
comment:2 by , 3 years ago
| Milestone: | → 3.10.0 |
|---|
comment:3 by , 3 years ago
| Resolution: | → fixed |
|---|---|
| Status: | new → closed |
Fix seems to have been committed.
I don't think length is guaranteed to be initialized to zero, so this should be done explicitly, although I'm not sure if
GEOSLengthis capable of generating an error for non-null inputs in practice.