Opened 4 years ago

Closed 3 years ago

#551 closed defect (fixed)

libnetcdf crashes on netcdf v4 files with attributes of type string

Reported by: rouault Owned by: osgeo4w-dev@…
Priority: major Component: Package
Version: Keywords:



There is a crash specific to the latest netcdf version in OSGeo4W (, but cannot be reproduced with the previous one (4.3.0). It is also specific of netcdf v4 files that have at least one attribute of type "string"

Given test.c

#include <netcdf.h>

int main(int argc, char* argv[])
    int cdfid = -1;
    nc_open(argv[1], NC_NOWRITE, &cdfid);
    return 0;

compiled with "cl minimal.c /Ie:\osgeo4W64\include e:\OSGeo4W64\lib\netcdf.lib" (with VS 2015 64bit) and (attached) being a netcdf 4 file with just a variable of type string

$ ncdump /tmp/
netcdf minimum {

// global attributes:
		string :Conventions = "CF-1.6" ;

"minimum.exe" crashes. DrMemory? output is

Error #1: INVALID HEAP ARGUMENT to free 0x00000000029c2830
# 0 replace_free                              [d:\drmemory_package\common\alloc_replace.c:2706]
# 1 hdf5.dll!H5Aexists                       +0xf8     (0x000007fef3219b59 <hdf5.dll+0x9b59>)
# 2 hdf5.dll!H5I_dec_ref                     +0xaf     (0x000007fef339f600 <hdf5.dll+0x18f600>)
# 3 netcdf.dll!nc_set_var_chunk_cache_ints   +0x9695   (0x000007feee823f86 <netcdf.dll+0x43f86>)
# 4 netcdf.dll!NC4_sync                      +0xb9d    (0x000007feee814a2e <netcdf.dll+0x34a2e>)
# 5 netcdf.dll!nc_set_var_chunk_cache_ints   +0x215    (0x000007feee81ab06 <netcdf.dll+0x3ab06>)
# 6 netcdf.dll!cdRel2Iso                     +0x41d    (0x000007feee7f073e <netcdf.dll+0x1073e>)
# 7 netcdf.dll!nc_set_var_chunk_cache_ints   +0x146b   (0x000007feee81bd5c <netcdf.dll+0x3bd5c>)
# 8 netcdf.dll!nc_set_var_chunk_cache_ints   +0xe99    (0x000007feee81b78a <netcdf.dll+0x3b78a>)
# 9 netcdf.dll!NC4_sync                      +0xab     (0x000007feee813f3c <netcdf.dll+0x33f3c>)
#10 netcdf.dll!NC4_close                     +0x3c     (0x000007feee813aed <netcdf.dll+0x33aed>)
#11 netcdf.dll!nc_close                      +0x23     (0x000007feee7e2994 <netcdf.dll+0x2994>)
#12 minimal.exe!?                            +0x0      (0x000000013f32103c <minimal.exe+0x103c>)
#13 minimal.exe!?                            +0x0      (0x000000013f321255 <minimal.exe+0x1255>)
#14 KERNEL32.dll!BaseThreadInitThunk         +0xc      (0x0000000077a3652d <KERNEL32.dll+0x1652d>)
Note: @0:00:00.491 in thread 3780
Note: refers to -7 byte(s) beyond last valid byte in prior malloc
Note: prev lower malloc:  0x00000000029c2830-0x00000000029c2837

Attachments (1) (6.0 KB) - added by rouault 4 years ago.

Download all attachments as: .zip

Change History (3)

Changed 4 years ago by rouault

Attachment: added

comment:2 Changed 3 years ago by jef

Resolution: fixed
Status: newclosed

Fixed by updating szip, hdf4, hdf5 and netcdf using VC14.

Note: See TracTickets for help on using tickets.