diff options
| author | Even Rouault <even.rouault@spatialys.com> | 2019-04-12 18:21:22 +0200 |
|---|---|---|
| committer | Even Rouault <even.rouault@spatialys.com> | 2019-04-12 18:21:22 +0200 |
| commit | 33f81359efd93ccd4bf59cc4f6b68c6363042f97 (patch) | |
| tree | 45821c19e95199e58a70f52a1b2bfe4699b3992f | |
| parent | 2117c151d62cd0267068075b9e7cf7cc0d404a63 (diff) | |
| download | PROJ-33f81359efd93ccd4bf59cc4f6b68c6363042f97.tar.gz PROJ-33f81359efd93ccd4bf59cc4f6b68c6363042f97.zip | |
Validate lat_0 range in general case, lat_1 and lat_2 for lcc and eqdc
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14211
Credit to OSS Fuzz
| -rw-r--r-- | src/init.cpp | 2 | ||||
| -rw-r--r-- | src/projections/eqdc.cpp | 10 | ||||
| -rw-r--r-- | src/projections/lcc.cpp | 2 | ||||
| -rw-r--r-- | test/gie/builtins.gie | 24 | ||||
| -rw-r--r-- | test/gie/more_builtins.gie | 4 |
5 files changed, 40 insertions, 2 deletions
diff --git a/src/init.cpp b/src/init.cpp index 0fd303f5..ba9cddd2 100644 --- a/src/init.cpp +++ b/src/init.cpp @@ -736,6 +736,8 @@ pj_init_ctx_with_allow_init_epsg(projCtx ctx, int argc, char **argv, int allow_i /* Central latitude */ PIN->phi0 = pj_param(ctx, start, "rlat_0").f; + if( fabs(PIN->phi0) > M_HALFPI ) + return pj_default_destructor (PIN, PJD_ERR_LAT_LARGER_THAN_90); /* False easting and northing */ PIN->x0 = pj_param(ctx, start, "dx_0").f; diff --git a/src/projections/eqdc.cpp b/src/projections/eqdc.cpp index d175d4a1..49cfc0ae 100644 --- a/src/projections/eqdc.cpp +++ b/src/projections/eqdc.cpp @@ -84,12 +84,14 @@ PJ *PROJECTION(eqdc) { Q->phi1 = pj_param(P->ctx, P->params, "rlat_1").f; Q->phi2 = pj_param(P->ctx, P->params, "rlat_2").f; + if (fabs(Q->phi1) > M_HALFPI || fabs(Q->phi2) > M_HALFPI) + return destructor(P, PJD_ERR_LAT_LARGER_THAN_90); if (fabs(Q->phi1 + Q->phi2) < EPS10) - return pj_default_destructor (P, PJD_ERR_CONIC_LAT_EQUAL); + return destructor (P, PJD_ERR_CONIC_LAT_EQUAL); if (!(Q->en = pj_enfn(P->es))) - return pj_default_destructor(P, ENOMEM); + return destructor(P, ENOMEM); Q->n = sinphi = sin(Q->phi1); cosphi = cos(Q->phi1); @@ -104,6 +106,10 @@ PJ *PROJECTION(eqdc) { cosphi = cos(Q->phi2); Q->n = (m1 - pj_msfn(sinphi, cosphi, P->es)) / (pj_mlfn(Q->phi2, sinphi, cosphi, Q->en) - ml1); + if (Q->n == 0) { + // Not quite, but es is very close to 1... + return destructor(P, PJD_ERR_INVALID_ECCENTRICITY); + } } Q->c = ml1 + m1 / Q->n; Q->rho0 = Q->c - pj_mlfn(P->phi0, sin(P->phi0), diff --git a/src/projections/lcc.cpp b/src/projections/lcc.cpp index 8cc743a9..aca025be 100644 --- a/src/projections/lcc.cpp +++ b/src/projections/lcc.cpp @@ -94,6 +94,8 @@ PJ *PROJECTION(lcc) { if (!pj_param(P->ctx, P->params, "tlat_0").i) P->phi0 = Q->phi1; } + if (fabs(Q->phi1) > M_HALFPI || fabs(Q->phi2) > M_HALFPI) + return pj_default_destructor(P, PJD_ERR_LAT_LARGER_THAN_90); if (fabs(Q->phi1 + Q->phi2) < EPS10) return pj_default_destructor(P, PJD_ERR_CONIC_LAT_EQUAL); diff --git a/test/gie/builtins.gie b/test/gie/builtins.gie index 63766e79..7de5fccc 100644 --- a/test/gie/builtins.gie +++ b/test/gie/builtins.gie @@ -69,6 +69,9 @@ expect failure errno lat_larger_than_90 operation +proj=aea +ellps=GRS80 +lat_2=900 expect failure errno lat_larger_than_90 +operation +proj=aea +R=6400000 +lat_1=1 +lat_2=-1 +expect failure errno conic_lat_equal + ------------------------------------------------------------------------------- operation +proj=aea +a=9999999 +b=.9 +lat_2=1 ------------------------------------------------------------------------- @@ -1301,6 +1304,17 @@ expect -0.001790221 0.000895246 accept -200 -100 expect -0.001790220 -0.000895247 +operation +proj=eqdc +a=9999999 +b=.9 +lat_2=1 +expect failure errno invalid_eccentricity + +operation +proj=eqdc +R=6400000 +lat_1=1 +lat_2=-1 +expect failure errno conic_lat_equal + +operation +proj=eqdc +R=6400000 +lat_1=91 +expect failure errno lat_larger_than_90 + +operation +proj=eqdc +R=6400000 +lat_2=91 +expect failure errno lat_larger_than_90 =============================================================================== Euler @@ -2754,6 +2768,16 @@ operation +proj=lcc +ellps=sphere +lat_1=90 +lat_2=0 ------------------------------------------------------------------------------- expect failure errno lat_1_or_2_zero_or_90 +------------------------------------------------------------------------------- +operation +proj=lcc +ellps=sphere +lat_1=91 +------------------------------------------------------------------------------- +expect failure errno lat_larger_than_90 + +------------------------------------------------------------------------------- +operation +proj=lcc +ellps=sphere +lat_2=91 +------------------------------------------------------------------------------- +expect failure errno lat_larger_than_90 + =============================================================================== Lambert Conformal Conic Alternative Conic, Sph&Ell diff --git a/test/gie/more_builtins.gie b/test/gie/more_builtins.gie index f6b52ea3..30ddc0d5 100644 --- a/test/gie/more_builtins.gie +++ b/test/gie/more_builtins.gie @@ -772,5 +772,9 @@ expect 25 25 25 25 ------------------------------------------------------------------------------- +# Test invalid lat_0 +operation +proj=aeqd +R=1 +lat_0=91 +expect failure errno lat_larger_than_90 + </gie> |