gipit / gippy

Geospatial Image Processing for Python
Apache License 2.0
83 stars 23 forks source link

Potential heap corruption #153

Open akater320 opened 6 years ago

akater320 commented 6 years ago

GeoRaster::warp_into(...) allocates an OGRSpatialReference object in one library and deletes it in another. This can be a problem when the libraries are dynamically linked.

https://github.com/gipit/gippy/blob/c9407c177f4e1157549a1fac0d416780e4a44e96/GIP/GeoRaster.cpp#L267 https://github.com/gipit/gippy/blob/c9407c177f4e1157549a1fac0d416780e4a44e96/GIP/GeoRaster.cpp#L270

matthewhanson commented 6 years ago

Thanks for reporting this @akater320

I've been using dynamic libraries - have you run into an error being generated in this case? I'll try and set up some tests to see if I can create an error.

ircwaves commented 6 years ago

The docs say that is equivalent to doing a delete. Interested in if there is a case where it is problematic.

akater320 commented 6 years ago

I've only encountered it on Windows. No problems on Ubuntu. But that seems consistent with the GDAL docs. https://github.com/OSGeo/gdal/blob/0a12dce446d39869b66fb02be091e2f5f28bf054/gdal/ogr/ogrspatialreference.cpp#L216

Edit: I've only encountered it in debug builds. Release builds seem to work fine.

I tried a couple of tweaks that worked in all cases:

  1. Allocate srs on the stack.
  2. OGRSpatialReference srs = static_cast<OGRSpatialReference>(OSRNewSpatialReference(nullptr));