diff options
| author | Even Rouault <even.rouault@spatialys.com> | 2019-10-19 22:59:55 +0200 |
|---|---|---|
| committer | Even Rouault <even.rouault@spatialys.com> | 2019-10-19 22:59:55 +0200 |
| commit | caa512b5b135fcf00a01695a5860009671316eb2 (patch) | |
| tree | 09888568324d6a9db6e1707e8eeb6cd15309c073 | |
| parent | 20b8604f3fef503015010a1c4fe37771d679e42c (diff) | |
| download | PROJ-caa512b5b135fcf00a01695a5860009671316eb2.tar.gz PROJ-caa512b5b135fcf00a01695a5860009671316eb2.zip | |
createFromPROJString(): do not loop forever on malformed string. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=17923. master only
| -rw-r--r-- | src/iso19111/io.cpp | 2 | ||||
| -rw-r--r-- | test/unit/test_io.cpp | 4 |
2 files changed, 6 insertions, 0 deletions
diff --git a/src/iso19111/io.cpp b/src/iso19111/io.cpp index b442f993..0c5b2f1a 100644 --- a/src/iso19111/io.cpp +++ b/src/iso19111/io.cpp @@ -8236,6 +8236,8 @@ static double getAngularValue(const std::string ¶mValue, // --------------------------------------------------------------------------- static bool is_in_stringlist(const std::string &str, const char *stringlist) { + if (str.empty()) + return false; const char *haystack = stringlist; while (true) { const char *res = strstr(haystack, str.c_str()); diff --git a/test/unit/test_io.cpp b/test/unit/test_io.cpp index 52608a4a..3484d3c2 100644 --- a/test/unit/test_io.cpp +++ b/test/unit/test_io.cpp @@ -8805,6 +8805,10 @@ TEST(io, projparse_longlat_errors) { "+proj=pipeline +step +proj=longlat +ellps=GRS80 +step " "+proj=axisswap +order=0,0"), ParsingException); + + // We just want to check that we don't loop forever + PROJStringParser().createFromPROJString( + "+=x;proj=pipeline step proj=push +type=crs"); } // --------------------------------------------------------------------------- |