rpms / spatialindex

Clone
Source Code
GIT

#1 Add patch to fix OOB crash.
Merged 6 years ago by volter. Opened 6 years ago by qulogic.
rpms/ qulogic/spatialindex master  into  master

file added
+27 
@@ -0,0 +1,27 @@ 
 

+ From d056d8e577b43740180f1a7d2295f77c9149d8a1 Mon Sep 17 00:00:00 2001
 

+ From: Elliott Sales de Andrade <quantum.analyst@gmail.com>
 

+ Date: Tue, 28 Nov 2017 05:03:40 -0500
 

+ Subject: [PATCH] Fix array allocation in Index_GetLeaves.
 

+ 

+ When filling the array, it iterates through `nDimension` elements, but
 

+ only allocates `nLeafSizes[k]` entries. This causes out-of-bounds access
 

+ when dimensions are greater than leafs.
 

+ ---
 

+  src/capi/sidx_api.cc | 4 ++--
 

+  1 file changed, 2 insertions(+), 2 deletions(-)
 

+ 

+ diff --git a/src/capi/sidx_api.cc b/src/capi/sidx_api.cc
 

+ index af3bc82..b33ba3f 100644
 

+ --- a/src/capi/sidx_api.cc
 

+ +++ b/src/capi/sidx_api.cc
 

+ @@ -1693,8 +1693,8 @@ SIDX_C_DLL RTError Index_GetLeaves(	IndexH index,
 

+  			(*nLeafSizes)[k] = (uint32_t)ids.size();
 

+  

+  			(*nLeafChildIDs)[k] = (int64_t*) malloc( (*nLeafSizes)[k] * sizeof(int64_t));
 

+ -			(*pppdMin)[k] = (double*) malloc ( (*nLeafSizes)[k] *  sizeof(double));
 

+ -			(*pppdMax)[k] = (double*) malloc ( (*nLeafSizes)[k] *  sizeof(double));
 

+ +			(*pppdMin)[k] = (double*) malloc (*nDimension * sizeof(double));
 

+ +			(*pppdMax)[k] = (double*) malloc (*nDimension * sizeof(double));
 

+  			for (uint32_t i=0; i< *nDimension; ++i) {
 

+  				(*pppdMin)[k][i] = b->getLow(i);
 

+  				(*pppdMax)[k][i] = b->getHigh(i);

file modified
+7 -2 
@@ -1,11 +1,13 @@ 
 

  Name:      spatialindex
 

  Version:   1.8.5
 

- Release:   7%{?dist}
 

+ Release:   8%{?dist}
 

  Summary:   Spatial index library 

  Group:     System Environment/Libraries
 

  License:   MIT
 

  URL:       http://libspatialindex.org
 

  Source0:   http://download.osgeo.org/lib%{name}/%{name}-src-%{version}.tar.bz2
 

+ # https://github.com/libspatialindex/libspatialindex/pull/108
 

+ Patch0001: fix-oob-crash.patch
 

  

  BuildRequires:    cmake
 

  
@@ -25,7 +27,7 @@ 
 

  

  

  %prep
 

- %setup -qn %{name}-src-%{version}
 

+ %autosetup -n %{name}-src-%{version} -p1
 

  

  

  %build
 
@@ -56,6 +58,9 @@ 
 

  

  

  %changelog
 

+ * Fri Dec 01 2017 Elliott Sales de Andrade <quantum.analyst@gmail.com> - 1.8.5-8
 

+ - Patch to fix out-of-bounds crash
 

+ 

  * Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.8.5-7
 

  - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild

This is breaking the geopandas test suite, currently under review https://bugzilla.redhat.com/show_bug.cgi?id=1468995.

Pull-Request has been merged by volter
6 years ago

Thanks!
Metadata
None
No Tags
Changes Summary 2
+27
file added
fix-oob-crash.patch
+7 -2
file changed
spatialindex.spec
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.