diff options
| author | Even Rouault <even.rouault@spatialys.com> | 2021-11-24 12:12:27 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-11-24 12:12:27 +0100 |
| commit | e93e86ce405fb642ba74c150d5a4661f68214c22 (patch) | |
| tree | 3c920d0389a46f6a79931288f4bf95b53becf9e4 | |
| parent | 4920c22637d05cd7aa0aecc6de69736dd4c6845b (diff) | |
| parent | a1dd3facaefd85e25a8202b7b9ea19b31278e36c (diff) | |
| download | PROJ-e93e86ce405fb642ba74c150d5a4661f68214c22.tar.gz PROJ-e93e86ce405fb642ba74c150d5a4661f68214c22.zip | |
Merge pull request #2957 from rouault/fix_ossfuzz_41290
Pipeline parsing: reject proj=/o_proj= before first step, to avoid bad performance pattern on hostile pipelines
| -rw-r--r-- | src/pipeline.cpp | 12 | ||||
| -rw-r--r-- | test/gie/4D-API_cs2cs-style.gie | 15 |
2 files changed, 27 insertions, 0 deletions
diff --git a/src/pipeline.cpp b/src/pipeline.cpp index c001ba27..2f50162f 100644 --- a/src/pipeline.cpp +++ b/src/pipeline.cpp @@ -452,7 +452,19 @@ PJ *OPERATION(pipeline,0) { return destructor (P, PROJ_ERR_INVALID_OP_WRONG_SYNTAX); /* ERROR: nested pipelines */ } i_pipeline = i; + } else if (0==nsteps && 0==strncmp(argv[i], "proj=", 5) ) { + // Non-sensical to have proj= in the general pipeline parameters. + // Would not be a big issue in itself, but this makes bad performance + // in parsing hostile pipelines more likely, such as the one of + // https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=41290 + proj_log_error (P, _("Pipeline: proj= operator before first step not allowed")); + return destructor (P, PROJ_ERR_INVALID_OP_WRONG_SYNTAX); + } else if (0==nsteps && 0==strncmp(argv[i], "o_proj=", 7) ) { + // Same as above. + proj_log_error (P, _("Pipeline: o_proj= operator before first step not allowed")); + return destructor (P, PROJ_ERR_INVALID_OP_WRONG_SYNTAX); } + } nsteps--; /* Last instance of +step is just a sentinel */ diff --git a/test/gie/4D-API_cs2cs-style.gie b/test/gie/4D-API_cs2cs-style.gie index 123bf638..9189b328 100644 --- a/test/gie/4D-API_cs2cs-style.gie +++ b/test/gie/4D-API_cs2cs-style.gie @@ -290,6 +290,21 @@ expect 1335.8339 7522.963 ------------------------------------------------------------------------------- ------------------------------------------------------------------------------- +# Test invalid pipelines +------------------------------------------------------------------------------- +# proj= before first step +operation +proj=pipeline +proj=merc +step +inv +proj=merc +expect failure pjd_err_malformed_pipeline + +# o_proj= before first step +operation +proj=pipeline +o_proj=merc +step +proj=ob_tran +expect failure pjd_err_malformed_pipeline + +# nested pipeline +operation +proj=pipeline +step +proj=pipeline +step +proj=merc +expect failure pjd_err_malformed_pipeline + +------------------------------------------------------------------------------- # Test Pipeline Coordinate Stack ------------------------------------------------------------------------------- operation +proj=pipeline \ |