Opened 4 years ago

Closed 4 years ago

#4772 closed defect (fixed)

Calling functions with '\x'::BYTEA crashes server

Reported by: robins Owned by: Algunenano
Priority: medium Milestone: PostGIS 3.0.3
Component: postgis Version: 3.0.x
Keywords: st_mpointfromwkb geometry st_geomcollfromwkb st_geomfromewkb st_wkbtosql Cc:

Description

Brief

Calling these functions with '\x'::BYTEA crashes the server.

(Note that these functions are in addition to the recent bug reports with similar '\x'::BYTEA issues)

Repro

SELECT st_mpointfromwkb('\x'::BYTEA);
SELECT geometry('\x'::bytea);
SELECT st_geomcollfromwkb('\x'::bytea);
select st_geomfromewkb('\x'::bytea);
SELECT st_wkbtosql('\x');

SQL Output

db=> SELECT version();
-[ RECORD 1 ]---------------------------------------------------------------------------------------------------
version | PostgreSQL 13.0 on x86_64-pc-linux-gnu, compiled by gcc (GCC) 7.3.1 20180712 (Red Hat 7.3.1-6), 64-bit

db=> SELECT postgis_full_version();
-[ RECORD 1 ]--------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
postgis_full_version | POSTGIS="3.0.2 2fb2a18" [EXTENSION] PGSQL="130" GEOS="3.8.0-CAPI-1.13.1 " PROJ="Rel. 5.2.0, September 15th, 2018" GDAL="GDAL 2.4.4, released 2020/01/08" LIBXML="2.9.1" LIBJSON="0.13.1" LIBPROTOBUF="1.3.2" WAGYU="0.4.3 (Internal)" TOPOLOGY RASTER

db=> SELECT st_mpointfromwkb('\x'::BYTEA);
server closed the connection unexpectedly
        This probably means the server terminated abnormally
        before or while processing the request.
The connection to the server was lost. Attempting reset: Failed.
!?>

Change History (4)

comment:1 by Algunenano, 4 years ago

Milestone: PostGIS 3.1.0PostGIS 2.4.10
Owner: changed from pramsey to Algunenano
Version: 3.0.x2.4.x

Grouping all the WKB issues in this fix: https://github.com/postgis/postgis/pull/584

I'm expecting this to affect all stable releases

comment:2 by Raúl Marín <git@…>, 4 years ago

In a7851bb/git:

Fix segfault when parsing invalid WKB

References #4767 #4768 #4771 #4772
Closes https://github.com/postgis/postgis/pull/584

comment:3 by Raúl Marín <git@…>, 4 years ago

In c74c522/git:

Fix segfault when parsing invalid WKB

References #4767 #4768 #4771 #4772

comment:4 by Algunenano, 4 years ago

Milestone: PostGIS 2.4.10PostGIS 3.0.3
Resolution: fixed
Status: newclosed
Version: 2.4.x3.0.x

Only 3.0 and 3.1 are affected. Previous releases used to throw ERROR: WKB structure does not match expected size! in this case.

Note: See TracTickets for help on using tickets.