ST_AsGML geography crashable with monkey inputs

[robe]

ST_AsGML is not kiddie proof (at least not on windows anyway).

This is testing on:

POSTGIS="2.1.0SVN r11349" GEOS="3.4.0dev-CAPI-1.8.0 r0" PROJ="Rel. 4.8.0, 6 March 2012" GDAL="GDAL 1.10.0, released 2013/04/24" LIBXML="2.7.8" LIBJSON="UNKNOWN" RASTER PostgreSQL 9.2.4, compiled by Visual C++ build 1600, 32-bit

Garden monkey script can crash it with a geography point something like this:

SELECT ST_AsGML(2, geography(ST_Point(-1,20)),5,5
  , 'monkey', 'monkey' );

Though:

-- this doesn't crash --
SELECT ST_AsGML(2, ST_Point(-1,20),5,5, 'monkey', 'monkey' );

and outputs:
<monkey:Point><monkey:coordinates>-1,20</monkey:coordinates></monkey:Point>

nor does not specifying a schema

SELECT ST_AsGML(2, geography(ST_Point(-1,20)),5,5 );

[robe]

for the record, this appears to be a new bug in 2.1. I ran against 2.0 and 2.0.3 doesn't even have this signature.

-- this run on 2.0.3  --
SELECT ST_AsGML(2, geography(ST_Point(-1,20)),5,5, 'monkey', 'monkey' );

-- gives notice --
ERROR:  function st_asgml(integer, geography, integer, integer, unknown, unknown) does not exist
LINE 1: SELECT ST_AsGML(2, geography(ST_Point(-1,20)),5,5, 'monkey',...
               ^
HINT:  No function matches the given name and argument types. You might need to add explicit type casts.

[pramsey]

Takes down OSX too.

[pramsey]

Huh, shorter stacktrace than I expected

Reason: KERN_INVALID_ADDRESS at address: 0x0000000000000000
0x0000000100e8cd1e in geography_as_gml (fcinfo=0x101123d00) at geography_inout.c:271
271			if ( VARSIZE(id_text)-VARHDRSZ == 0 )
(gdb) bt
#0  0x0000000100e8cd1e in geography_as_gml (fcinfo=0x101123d00) at geography_inout.c:271
#1  0x00000001001d5349 in ExecMakeFunctionResult (fcache=0x101123c90, econtext=0x101123a68, isNull=0x1011248b8 "", isDone=0x1011249f8) at execQual.c:1927

[pramsey]

Fixed at r11384. Looked like a copy-n-paste error