Opened 5 years ago

Closed 5 years ago

#4519 closed defect (fixed)

getSRIDbySRS crash

Reported by: Algunenano Owned by: pramsey
Priority: critical Milestone: PostGIS 2.3.11
Component: postgis Version: 2.3.x
Keywords: Cc:

Description

getSRIDbySRS can write more characters than the space that was allocated for the query

PR: https://github.com/postgis/postgis/pull/487

Change History (4)

comment:1 by algunenano, 5 years ago

In 17846:

getSRIDbySRS: Fix crash

  • Prevents stack overflow when the srs is long (query + srs > 256 chars).
  • Prevents sql injection.

References #4519
Closes https://github.com/postgis/postgis/pull/487

comment:2 by algunenano, 5 years ago

In 17847:

getSRIDbySRS: Fix crash

  • Prevents stack overflow when the srs is long (query + srs > 256 chars).
  • Prevents sql injection.

References #4519

comment:3 by algunenano, 5 years ago

In 17848:

getSRIDbySRS: Fix crash

  • Prevents stack overflow when the srs is long (query + srs > 256 chars).
  • Prevents sql injection.

References #4519

comment:4 by algunenano, 5 years ago

Resolution: fixed
Status: newclosed

In 17849:

getSRIDbySRS: Fix crash

  • Prevents stack overflow when the srs is long (query + srs > 256 chars).
  • Prevents sql injection.

Closes #4519

Note: See TracTickets for help on using tickets.