Context Navigation

← Previous Ticket
Next Ticket →

#551 closed defect (fixed)

libnetcdf 4.4.1.1 crashes on netcdf v4 files with attributes of type string

Reported by:	rouault	Owned by:	osgeo4w-dev@…
Priority:	major	Component:	Package
Version:		Keywords:
Cc:

Description

From https://trac.osgeo.org/gdal/ticket/7172

There is a crash specific to the latest netcdf version in OSGeo4W (4.4.1.1), but cannot be reproduced with the previous one (4.3.0). It is also specific of netcdf v4 files that have at least one attribute of type "string"

Given test.c

#include <netcdf.h>

int main(int argc, char* argv[])
{
    int cdfid = -1;
    nc_open(argv[1], NC_NOWRITE, &cdfid);
    nc_close(cdfid);
    return 0;
}

compiled with "cl minimal.c /Ie:\osgeo4W64\include e:\OSGeo4W64\lib\netcdf.lib" (with VS 2015 64bit) and minimal.nc (attached) being a netcdf 4 file with just a variable of type string

$ ncdump /tmp/minimum.nc
netcdf minimum {

// global attributes:
		string :Conventions = "CF-1.6" ;
}

"minimum.exe minimal.nc" crashes. DrMemory output is

Error #1: INVALID HEAP ARGUMENT to free 0x00000000029c2830
# 0 replace_free                              [d:\drmemory_package\common\alloc_replace.c:2706]
# 1 hdf5.dll!H5Aexists                       +0xf8     (0x000007fef3219b59 <hdf5.dll+0x9b59>)
# 2 hdf5.dll!H5I_dec_ref                     +0xaf     (0x000007fef339f600 <hdf5.dll+0x18f600>)
# 3 netcdf.dll!nc_set_var_chunk_cache_ints   +0x9695   (0x000007feee823f86 <netcdf.dll+0x43f86>)
# 4 netcdf.dll!NC4_sync                      +0xb9d    (0x000007feee814a2e <netcdf.dll+0x34a2e>)
# 5 netcdf.dll!nc_set_var_chunk_cache_ints   +0x215    (0x000007feee81ab06 <netcdf.dll+0x3ab06>)
# 6 netcdf.dll!cdRel2Iso                     +0x41d    (0x000007feee7f073e <netcdf.dll+0x1073e>)
# 7 netcdf.dll!nc_set_var_chunk_cache_ints   +0x146b   (0x000007feee81bd5c <netcdf.dll+0x3bd5c>)
# 8 netcdf.dll!nc_set_var_chunk_cache_ints   +0xe99    (0x000007feee81b78a <netcdf.dll+0x3b78a>)
# 9 netcdf.dll!NC4_sync                      +0xab     (0x000007feee813f3c <netcdf.dll+0x33f3c>)
#10 netcdf.dll!NC4_close                     +0x3c     (0x000007feee813aed <netcdf.dll+0x33aed>)
#11 netcdf.dll!nc_close                      +0x23     (0x000007feee7e2994 <netcdf.dll+0x2994>)
#12 minimal.exe!?                            +0x0      (0x000000013f32103c <minimal.exe+0x103c>)
#13 minimal.exe!?                            +0x0      (0x000000013f321255 <minimal.exe+0x1255>)
#14 KERNEL32.dll!BaseThreadInitThunk         +0xc      (0x0000000077a3652d <KERNEL32.dll+0x1652d>)
Note: @0:00:00.491 in thread 3780
Note: refers to -7 byte(s) beyond last valid byte in prior malloc
Note: prev lower malloc:  0x00000000029c2830-0x00000000029c2837

Attachments (1)

minimum.nc (6.0 KB ) - added by rouault 7 years ago.

Download all attachments as: .zip

Change History (3)

by rouault, 7 years ago

Attachment:	minimum.nc added

comment:1 by sabb, 6 years ago

See also: https://issues.qgis.org/issues/21162

comment:2 by jef, 6 years ago

Resolution:	→ fixed
Status:	new → closed

Fixed by updating szip, hdf4, hdf5 and netcdf using VC14.

Note: See TracTickets for help on using tickets.

Download in other formats: