Opened 12 years ago
Last modified 12 years ago
#4254 assigned defect
crash from msTiledSHPOpenFile due to incorrect handling of error condition
| Reported by: | nbrachet | Owned by: | sdlime |
|---|---|---|---|
| Priority: | normal | Milestone: | 6.0.2 release |
| Component: | MapServer C Library | Version: | 6.0 |
| Severity: | normal | Keywords: | |
| Cc: |
Description
msTiledSHPOpenFile() doesn't fully initialize the shpfile object until it tries to open the SHP file. If opening the tileshpfile fails msTiledSHPOpenFile() returns (with an error) with an undefined shpfile object. When msTiledSHPClose() is closed it will close the shpfile which may cause a crash.
A simple fix is to initialize isopen of shpfile to FALSE. This is the option implemented in the attached patch. Another option is to use calloc instead of malloc to allocate the shpfile object. Yet another option would be to follow the same error handling as when n OOM condition is found and delete the shpfile object right then and there.
Attachments (1)
Note:
See TracTickets
for help on using tickets.
proposed patch