id summary reporter owner description type status priority milestone component version resolution keywords cc 4646 Broken pointer arithmetic in gserialized_cmp leads crash/wrong results during ORDER BY dkvash pramsey "Broken pointer arithmetic in gserialized_cmp leads crash/wrong results during ORDER BY Introduced in https://trac.osgeo.org/postgis/ticket/3935 Author of https://trac.osgeo.org/postgis/changeset/16141 intended to write *(uint32_t*) ((char *)g1 + 8) but ended up writing an equivalent of *(uint32_t*) ((char *) g1 + 8 * sizeof(void *)) " defect closed critical PostGIS 2.5.4 postgis 2.4.x fixed