[Rspatial-devel] buffer overflow in sp fixed
Uwe Ligges
ligges at statistik.tu-dortmund.de
Sat Jun 11 11:52:34 CEST 2011
Thanks you, Roger, for the quick fix!
Uwe
On 11.06.2011 10:17, Roger Bivand wrote:
> Hi,
>
> sp_0.9-83.tar.gz, rgeos_0.1-8.tar.gz, maptools_0.8-9.tar.gz (superceeds
> maptools_0.8-8.tar.gz) on incoming. The problem was in two unprotected
> BUFSIZ buffers in C code exported by sp and causing rgeos/maptools to
> crash when handling over-BUFSIZ comment strings; the temporary fixes
> were because I wasn't aware that code in rgeos was flattening polygons
> to suit GEOS 3.2.2, and so generating very long strings. These depend on
> each other, maptools on rgeos on sp. With these versions, BARD checks
> cleanly.
>
> Best wishes,
>
> Roger
>
> PS: my ftp upload of rgeos_0.1-8.tar.gz got dropped on the client side
> (poor hotel connection in Italy), but the byte sizes agree. If it is
> corrupted:
>
> $ openssl dgst -md5 rgeos_0.1-8.tar.gz
> MD5(rgeos_0.1-8.tar.gz)= e907982c2183aa1223f8584b1cafae43
>
> please let me know.
>
More information about the Rspatial-devel
mailing list