[postgis] 01/01: Add patch geojson-fix-3094.patch, prepare for upload to unstable

Johan Van de Wauw johanvdw-guest at moszumanska.debian.org
Wed Apr 1 20:15:42 UTC 2015 

This is an automated email from the git hooks/post-receive script.

johanvdw-guest pushed a commit to branch ubuntu/trusty
in repository postgis.

commit 26361d8080cab42761bc3653d7accf3ebf20c09b
Author: Markus Wanner <markus at bluegap.ch>
Date:   Mon Mar 30 20:04:19 2015 +0200

    Add patch geojson-fix-3094.patch, prepare for upload to unstable
    
    back-ported from the 2.1.7 release, to fix a crash of the database
    backend process when given invalid GeoJSON data.
    
    patch refreshed for version 2.1.4
    Conflicts:
    	debian/changelog
    	debian/patches/series
---
 debian/changelog                      |  9 ++++
 debian/patches/geojson-fix-3094.patch | 77 +++++++++++++++++++++++++++++++++++
 debian/patches/series                 |  1 +
 3 files changed, 87 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index b1064c3..ef0c185 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,12 @@
+postgis (2.1.2+dfsg-2ubuntu0.1) trusty; urgency=high
+
+  [ Markus Wanner ]
+  * Add patch geojson-fix-3094.patch, back-ported from the 2.1.7 release,
+    to fix a crash of the database backend process when given invalid
+    GeoJSON data. Based on debian patch by Markus Wanner.
+
+ -- Johan Van de Wauw <johan.vandewauw at gmail.com>  Wed, 01 Apr 2015 21:29:10 +0200
+
 postgis (2.1.2+dfsg-2) unstable; urgency=medium
 
   * Fix arch-only builds by moving the maven-repo-helper dependency from
diff --git a/debian/patches/geojson-fix-3094.patch b/debian/patches/geojson-fix-3094.patch
new file mode 100644
index 0000000..e51d004
--- /dev/null
+++ b/debian/patches/geojson-fix-3094.patch
@@ -0,0 +1,77 @@
+Description: Fix for GeoJSON ingestion
+ Malformed JSON data used to crash the database backend process and
+ especially web services use to pass on such JSON data unexamined.
+Forwarded: not-needed
+Bug: http://trac.osgeo.org/postgis/ticket/3094
+Origin: upstream, http://trac.osgeo.org/postgis/changeset/13400
+Author: Paul Ramsey <pramsey at cleverelephant.ca>
+
+--- a/liblwgeom/lwin_geojson.c
++++ b/liblwgeom/lwin_geojson.c
+@@ -47,7 +47,11 @@ findMemberByName(json_object* poObj, con
+ 
+ 	if( NULL != json_object_get_object(poTmp) )
+ 	{
+-		assert( NULL != json_object_get_object(poTmp)->head );
++		if( NULL == json_object_get_object(poTmp)->head )
++		{
++			geojson_lwerror("invalid GeoJSON representation", 2);
++			return NULL;
++		}
+ 
+ 		for( it.entry = json_object_get_object(poTmp)->head;
+ 		        ( it.entry ?
+@@ -79,7 +83,12 @@ parse_geojson_coord(json_object *poObj,
+ 		const int nSize = json_object_array_length( poObj );
+ 		LWDEBUGF(3, "parse_geojson_coord called for array size %d.", nSize );
+ 
+-
++		if ( nSize < 2 )
++		{
++			geojson_lwerror("Too few ordinates in GeoJSON", 4);
++			return LW_FAILURE;
++		}
++		
+ 		// Read X coordinate
+ 		poObjCoord = json_object_array_get_idx( poObj, 0 );
+ 		pt.x = json_object_get_double( poObjCoord );
+@@ -90,7 +99,7 @@ parse_geojson_coord(json_object *poObj,
+ 		pt.y = json_object_get_double( poObjCoord );
+ 		LWDEBUGF(3, "parse_geojson_coord pt.y = %f.", pt.y );
+ 
+-		if( nSize == 3 ) /* should this be >= 3 ? */
++		if( nSize < 2 ) /* should this be >= 3 ? */
+ 		{
+ 			// Read Z coordinate
+ 			poObjCoord = json_object_array_get_idx( poObj, 2 );
+@@ -98,19 +107,27 @@ parse_geojson_coord(json_object *poObj,
+ 			LWDEBUGF(3, "parse_geojson_coord pt.z = %f.", pt.z );
+ 			*hasz = LW_TRUE;
+ 		}
+-		else
++		else if ( nSize == 2 )
+ 		{
+ 			*hasz = LW_FALSE;
+ 			/* Initialize Z coordinate, if required */
+ 			if ( FLAGS_GET_Z(pa->flags) ) pt.z = 0.0;
+ 		}
+-
+-		/* TODO: should we account for nSize > 3 ? */
++		else 
++		{
++			/* TODO: should we account for nSize > 3 ? */
++			/* more than 3 coordinates, we're just dropping dimensions here... */
++		}
+ 
+ 		/* Initialize M coordinate, if required */
+ 		if ( FLAGS_GET_M(pa->flags) ) pt.m = 0.0;
+ 
+ 	}
++	else
++	{
++		/* If it's not an array, just don't handle it */
++		return LW_FAILURE;
++	}
+ 
+ 	return ptarray_append_point(pa, &pt, LW_FALSE);
+ }
diff --git a/debian/patches/series b/debian/patches/series
index 6209d3d..bf7d3fb 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -7,3 +7,4 @@ honor-build-flags
 fix-armel
 fix-manpage
 de-translation
+geojson-fix-3094.patch

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-grass/postgis.git

More information about the Pkg-grass-devel mailing list