box2d_in() + bogus string crashes server

[Robins]

box2d_in() + bogus string crashes the server.

When box2d_in() is fed with a string that has a comma (,) and spaces, it just crashes the server. It does catch empty strings / nulls / "a,b" but a regular user could cause DoS by running something like this.

$ psql
psql (13beta2, server 13.3)
Type "help" for help.

regression=> \dx postgis
List of installed extensions
-[ RECORD 1 ]--------------------------------------------------------------------
Name        | postgis
Version     | 3.0.3
Schema      | public
Description | PostGIS geometry, geography, and raster spatial types and functions

regression=> SELECT plvdate.version();
                    version
-----------------------------------------------
 PostgreSQL PLVdate, version 3.7, October 2018
(1 row)

regression=> SELECT public.box2d_in(plvdate.version()::cstring);
server closed the connection unexpectedly
        This probably means the server terminated abnormally
        before or while processing the request.
The connection to the server was lost. Attempting reset: Failed.
!?> \q

[pramsey]

Milestone renamed

[robe]

In prep for 3.1.3 release

[robe]

Where does this plvdate.version() function come from.

I tried to replicate with:

CREATE SCHEMA IF NOT EXISTS plvdate;
CREATE OR REPLACE FUNCTION plvdate.version() returns text AS 
$$ SELECT 'PostgreSQL PLVdate, version 3.7, October 2018'$$
language sql ;

SELECT box2d_in(plvdate.version()::cstring);

But it doesn't crash, just gives:

ERROR:  box2d parser - couldn't parse.  It should look like: BOX(xmin ymin,xmax ymax)

[pramsey]

I also cannot replicate, in PostGIS 3.1, 3.0 or master.

SELECT public.box2d_in('PostgreSQL PLVdate, version 3.7, October 2018'::cstring);