Opened 8 years ago

Closed 8 years ago

#1227 closed defect (invalid)

server crash on invalid gml in st_geomfromgml

Reported by: wbloos Owned by: colivier
Priority: critical Milestone: PostGIS 1.5.4
Component: postgis Version: 1.5.X
Keywords: gml, invalid, crash Cc: wbloos

Description

PostgreSQL crashes when i send it an 'invalid' gml in st_geomfromgml((). In fact the gml is not invalid AFAIK, but it might be considered a GML-document instead of a GML-fragment. The server is supposed to throw an error when that happens, but it crashes.

query: select st_geomfromgml('<OriginalGeometry? gml:id="1" srsDimension="2" srsName="EPSG:28992" xsi:type="gml:PointType" xmlns:ns="http://willy-bas.nl/yes/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:gml="http://www.opengis.net/gml/3.2">

<gml:Point>

<gml:posList>600000 300000</gml:posList>

</gml:Point>

</OriginalGeometry?>')

Response: server closed the connection unexpectedly

This probably means the server terminated abnormally before or while processing the request.

The connection to the server was lost. Attempting reset: Failed.

Log: 2011-10-04 09:48:37 CEST pid=995 LOG: server process (PID 5181) was terminated by signal 11: Segmentation fault 2011-10-04 09:48:37 CEST pid=995 LOG: terminating any other active server processes 2011-10-04 09:48:37 CEST pid=5180 WARNING: terminating connection because of crash of another server process 2011-10-04 09:48:37 CEST pid=5180 DETAIL: The postmaster has commanded this server process to roll back the current transaction and exit, because another server process exited abnormally and possibly corrupted shared memory. 2011-10-04 09:48:37 CEST pid=5180 HINT: In a moment you should be able to reconnect to the database and repeat your command. 2011-10-04 09:48:37 CEST pid=5175 WARNING: terminating connection because of crash of another server process 2011-10-04 09:48:37 CEST pid=5175 DETAIL: The postmaster has commanded this server process to roll back the current transaction and exit, because another server process exited abnormally and possibly corrupted shared memory. 2011-10-04 09:48:37 CEST pid=5175 HINT: In a moment you should be able to reconnect to the database and repeat your command. 2011-10-04 09:48:37 CEST pid=995 LOG: all server processes terminated; reinitializing 2011-10-04 09:48:38 CEST pid=5438 LOG: database system was interrupted; last known up at 2011-10-04 09:32:41 CEST 2011-10-04 09:48:38 CEST pid=5438 LOG: database system was not properly shut down; automatic recovery in progress 2011-10-04 09:48:38 CEST pid=5438 LOG: record with zero length at 0/201D9A8 2011-10-04 09:48:38 CEST pid=5438 LOG: redo is not required 2011-10-04 09:48:38 CEST pid=5441 LOG: autovacuum launcher started 2011-10-04 09:48:38 CEST pid=995 LOG: database system is ready to accept connections

Change History (9)

comment:1 Changed 8 years ago by wbloos

Cc: wbloos added

comment:2 Changed 8 years ago by strk

Owner: changed from pramsey to colivier
Priority: mediumcritical

Olivier, this seems for you, right ?

comment:3 Changed 8 years ago by colivier

@Sandro: Yeap these one is for me,

@wbloos: Could you provide additional information in order to be able to reproduce it:

  • Platform
  • 64 or 32 bits
  • LibXML version

Tks in advance,

comment:4 Changed 8 years ago by colivier

For the record, check on my own with 1.5 SVN branch :

  • Linux 64 Bits - LibXML 2.7.8
  • Mac OS X 64 bits - LibXML 2.7.6

And on both it just works as expected: ERROR: invalid GML representation

Regress test xml_* should also (already) handle this use case, so curious, Willy, to know on which platform it could failed...

Without more precision, can't go further for now.

comment:5 Changed 8 years ago by wbloos

Hi,

I'm on ubuntu 11.04, 64 bits POSTGIS="1.5.1" GEOS="3.2.0-CAPI-1.6.0" PROJ="Rel. 4.7.1, 23 September 2009" LIBXML="2.7.6" USE_STATS

just reproduced it agin, but you must make sure that you remove the question mark that is behind "<OriginalGeometry?". The ticket system put a question mark there for some reason, but it should not be there.

I can also reproduce it in Debian lenny 64 bit, with postgres 8.4 from the backports: POSTGIS="1.5.1" GEOS="3.2.0-CAPI-1.6.0" PROJ="Rel. 4.6.1, 21 August 2008" LIBXML="2.6.32" USE_STATS

comment:6 Changed 8 years ago by wbloos

and also on windows XP 32 bits POSTGIS="1.5.2" GEOS="3.2.2-CAPI-1.6.2" PROJ="Rel. 4.6.1, 21 August 2008" LIBXML="2.7.6" USE_STATS

comment:7 Changed 8 years ago by wbloos

btw on windows xp 32 bits the whole postgresql service crashes and needs to be restarted manually

comment:8 Changed 8 years ago by colivier

I am able to reproduce it with 1.5.1 but not with 1.5.3 or trunk (both 1.5 and 2.0 branches)

Looks like something already fixed months ago, upgrading your PostGIS version seems the best answer.

Will add the exact query in ticket regress tests for the record, before closing the ticket as invalid (except other information provided in the meantime)

comment:9 Changed 8 years ago by pramsey

Resolution: invalid
Status: newclosed

No longer exists on 1.5 and 2.0

Note: See TracTickets for help on using tickets.