Opened 3 years ago

Closed 3 years ago

#4771 closed defect (fixed)

Calling st_mlinefromwkb() crashes the server

Reported by: Robins Owned by: pramsey
Priority: medium Milestone: PostGIS 3.0.3
Component: postgis Version: 3.0.x
Keywords: st_mlinefromwkb Cc:

Description

Brief

Calling st_mlinefromwkb() crashes the server.

Repro

SELECT st_mlinefromwkb('\x'::bytea);
SELECT st_mlinefromwkb('\x'::bytea,1);

SQL Output

db=> SELECT version();
-[ RECORD 1 ]---------------------------------------------------------------------------------------------------
version | PostgreSQL 13.0 on x86_64-pc-linux-gnu, compiled by gcc (GCC) 7.3.1 20180712 (Red Hat 7.3.1-6), 64-bit

db=> SELECT postgis_full_version();
-[ RECORD 1 ]--------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
postgis_full_version | POSTGIS="3.0.2 2fb2a18" [EXTENSION] PGSQL="130" GEOS="3.8.0-CAPI-1.13.1 " PROJ="Rel. 5.2.0, September 15th, 2018" GDAL="GDAL 2.4.4, released 2020/01/08" LIBXML="2.9.1" LIBJSON="0.13.1" LIBPROTOBUF="1.3.2" WAGYU="0.4.3 (Internal)" TOPOLOGY RASTER

db=> SELECT st_mlinefromwkb('\x'::bytea);
server closed the connection unexpectedly
        This probably means the server terminated abnormally
        before or while processing the request.
The connection to the server was lost. Attempting reset: Failed.
!?>

Change History (3)

comment:1 by Raúl Marín <git@…>, 3 years ago

In a7851bb/git:

Fix segfault when parsing invalid WKB

References #4767 #4768 #4771 #4772
Closes https://github.com/postgis/postgis/pull/584

comment:2 by Raúl Marín <git@…>, 3 years ago

In c74c522/git:

Fix segfault when parsing invalid WKB

References #4767 #4768 #4771 #4772

comment:3 by Algunenano, 3 years ago

Milestone: PostGIS 3.1.0PostGIS 3.0.3
Resolution: fixed
Status: newclosed

Only 3.0 and 3.1 are affected. Previous releases used to throw ERROR: WKB structure does not match expected size! in this case.

Note: See TracTickets for help on using tickets.