#2903 closed defect (fixed)
Segmentation fault with png-inimage exceptions and quantize_force=on
| Reported by: | mko | Owned by: | sdlime |
|---|---|---|---|
| Priority: | high | Milestone: | 5.6.7 release |
| Component: | MapServer C Library | Version: | 5.4 |
| Severity: | major | Keywords: | exception segfault inimage truecolor |
| Cc: | mko, dmorissette |
Description
MapServer crashes when exception format is set to vnd.ogc.se_inimage and format is png with quantize_force=on. Applies to version 5.4.0-b1 and 5.2.1. No error if gif or jpeg are used as output format or quantize_force=off.
OUTPUTFORMAT
NAME png
DRIVER "GD/PNG"
MIMETYPE "image/png"
IMAGEMODE RGBA
EXTENSION "png"
FORMATOPTION "INTERLACE=OFF"
FORMATOPTION "QUANTIZE_FORCE=ON"
FORMATOPTION "QUANTIZE_COLORS=256"
TRANSPARENT ON
END
$ gdb ./mapserv
...
Starting program: mapserv "QUERY_STRING=...&REQUEST=GetMap&SERVICE=WMS&FORMAT=image/png&EXCEPTIONS=application/vnd.ogc.se_inimage"
[Thread debugging using libthread_db enabled]
[New Thread -1229445456 (LWP 18936)]
Content-type: image/png
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread -1229445456 (LWP 18936)]
0x0812ed28 in msSaveImageRGBAQuantized (img=0x81be070, ctx=0x81bdc08, format=0x81ad6e0) at maprgbapng.c:380
380 maprgbapng.c: No such file or directory.
in maprgbapng.c
(gdb) bt
#0 0x0812ed28 in msSaveImageRGBAQuantized (img=0x81be070, ctx=0x81bdc08, format=0x81ad6e0) at maprgbapng.c:380
#1 0x080a0c91 in msSaveImageGDCtx (img=0x81be070, ctx=0x81bdc08, format=0x81ad6e0) at mapgd.c:3615
#2 0x080a10dd in msSaveImageGD (img=0x81be070, filename=0x0, format=0x81ad6e0) at mapgd.c:3556
#3 0x0808308b in msWriteErrorImage (map=0x81a6bb0, filename=0x0, blank=0) at maperror.c:472
#4 0x08147591 in msWMSException (map=0x81a6bb0, nVersion=65793, exception_code=0x8189143 "LayerNotDefined") at mapwms.c:106
#5 0x0814cdaa in msWMSLoadGetMapParams (map=0x81a6bb0, nVersion=65793, names=0x81a5de0, values=0x81a5f78, numentries=13) at mapwms.c:1117
#6 0x0814f6d9 in msWMSDispatch (map=0x81a6bb0, req=0x81a5dc0) at mapwms.c:3571
#7 0x080e8c0f in msOWSDispatch (map=0x81a6bb0, request=0x81a5dc0, force_ows_mode=0) at mapows.c:67
#8 0x08055b5f in main (argc=2, argv=0xbff07234) at mapserv.c:1253
(gdb) quit
$ ./mapserv -v
MapServer version 5.4.0-beta1 OUTPUT=GIF OUTPUT=PNG OUTPUT=JPEG OUTPUT=WBMP OUTPUT=PDF OUTPUT=SVG SUPPORTS=PROJ SUPPORTS=AGG SUPPORTS=FREETYPE
SUPPORTS=ICONV SUPPORTS=WMS_SERVER SUPPORTS=WMS_CLIENT SUPPORTS=WFS_SERVER SUPPORTS=WFS_CLIENT SUPPORTS=WCS_SERVER SUPPORTS=GEOS SUPPORTS=RGBA_PNG
INPUT=POSTGIS INPUT=OGR INPUT=GDAL INPUT=SHAPEFILE
Attachments (2)
Change History (9)
comment:1 by , 15 years ago
comment:2 by , 14 years ago
| Keywords: | exception segfault inimage truecolor added |
|---|---|
| Version: | svn-trunk (development) → 5.4 |
Actually, this error is based upon the image creation in maperror.c. msWriteErrorImage() does not distinguish between PC256 and RGB. Patch enclosed. Not sure if transparency works for the truecolor part.
by , 14 years ago
| Attachment: | #2903-ms542.patch added |
|---|
distinguish between pc256 and rgb in msWriteErrorImage
comment:4 by , 13 years ago
| Milestone: | 5.6 release → 5.6.7 release |
|---|
comment:5 by , 13 years ago
| Cc: | added |
|---|
comment:6 by , 13 years ago
| Resolution: | → fixed |
|---|---|
| Status: | new → closed |
Applied in r11755. Could someone test please? I guessing this does not affect 6.0+ so I'm marking as fixed.
Steve
Note:
See TracTickets
for help on using tickets.
In msSaveImageRGBAQuantized() gdImageTrueColorPixel() will fail if no layer was rendered (e.g. wrong layer in url). However, gdImagePalettePixel() works: