[GRASS-dev] [GRASS GIS] #402: v.in.ogr buffer overflow

GDAL · December 15, 2008, 8:58pm

#402: v.in.ogr buffer overflow
--------------------------------------------------------+-------------------
Reporter: epatton | Owner: grass-dev@lists.osgeo.org
Type: defect | Status: new
Priority: major | Milestone: 6.4.0
Component: Vector | Version: svn-develbranch6
Keywords: buffer overflow, vector, shapefile, import | Platform: Linux
Cpu: x86-64 |
--------------------------------------------------------+-------------------
I'm trying to import a shapefile into Grass (one polygon). Here's the
ogrinfo:

{{{
ogrinfo -al -so ntl_polygon_utm.shp
INFO: Open of `ntl_polygon_utm.shp'
using driver `ESRI Shapefile' successful.

Layer name: ntl_polygon_utm
Geometry: Polygon
Feature Count: 1
Extent: (169847.156250, 4875588.500000) - (229881.546875, 4907886.500000)
Layer SRS WKT:
PROJCS["WGS_1984_UTM_Zone_20N",
     GEOGCS["GCS_WGS_1984",
         DATUM["WGS_1984",
             SPHEROID["WGS_1984",6378137.0,298.257223563]],
         PRIMEM["Greenwich",0.0],
         UNIT["Degree",0.0174532925199433]],
     PROJECTION["Transverse_Mercator"],
     PARAMETER["False_Easting",500000.0],
     PARAMETER["False_Northing",0.0],
     PARAMETER["Central_Meridian",-63.0],
     PARAMETER["Scale_Factor",0.9996],
     PARAMETER["Latitude_Of_Origin",0.0],
     UNIT["Meter",1.0]]
AREA: Real (13.11)
PERIMETER: Real (13.11)
NTL_: Integer (9.0)
NTL_ID: Integer (9.0)
NTL_SYM: Integer (4.0)
}}}

v.in.ogr chokes on it, however:

{{{
v.in.ogr dsn=. layer=ntl_polygon_utm output=A_Series_Mapsheet_1_Carto --o
--v
Projection of input dataset and current location appear to match
Layer: ntl_polygon_utm
Importing map 1 features...
*** buffer overflow detected ***: v.in.ogr terminated
======= Backtrace: =========
/lib/libc.so.6(__fortify_fail+0x37)[0x7f1098f3f887]
/lib/libc.so.6[0x7f1098f3d750]
/lib/libc.so.6[0x7f1098f3cd8b]
/lib/libc.so.6(__snprintf_chk+0x7b)[0x7f1098f3cc5b]
/usr/local/lib/libgdal.so.1(_ZN10OGRFeature16GetFieldAsStringEi+0x346)[0x7f1099c99ab6]
v.in.ogr(main+0x10f9)[0x4055d9]
/lib/libc.so.6(__libc_start_main+0xe6)[0x7f1098e5e466]
v.in.ogr[0x403949]
======= Memory map: ========
00400000-00409000 r-xp 00000000 08:03 981639
/usr/local/grass-6.4.svn/bin/v.in.ogr
00608000-00609000 r--p 00008000 08:03 981639
/usr/local/grass-6.4.svn/bin/v.in.ogr
00609000-0060a000 rw-p 00009000 08:03 981639
/usr/local/grass-6.4.svn/bin/v.in.ogr
01017000-01059000 rw-p 01017000 00:00 0
[heap]
7f1092b6f000-7f1092b7a000 r-xp 00000000 08:03 449765
/lib/libnss_files-2.8.90.so
7f1092b7a000-7f1092d79000 ---p 0000b000 08:03 449765
/lib/libnss_files-2.8.90.so
7f1092d79000-7f1092d7a000 r--p 0000a000 08:03 449765
/lib/libnss_files-2.8.90.so
7f1092d7a000-7f1092d7b000 rw-p 0000b000 08:03 449765
/lib/libnss_files-2.8.90.so
7f1092d7b000-7f1092d85000 r-xp 00000000 08:03 449775
/lib/libnss_nis-2.8.90.so
7f1092d85000-7f1092f84000 ---p 0000a000 08:03 449775
/lib/libnss_nis-2.8.90.so
7f1092f84000-7f1092f85000 r--p 00009000 08:03 449775
/lib/libnss_nis-2.8.90.so
7f1092f85000-7f1092f86000 rw-p 0000a000 08:03 449775
/lib/libnss_nis-2.8.90.so
7f1092f86000-7f1092f9c000 r-xp 00000000 08:03 449759
/lib/libnsl-2.8.90.so
7f1092f9c000-7f109319b000 ---p 00016000 08:03 449759
/lib/libnsl-2.8.90.so
7f109319b000-7f109319c000 r--p 00015000 08:03 449759
/lib/libnsl-2.8.90.so
7f109319c000-7f109319d000 rw-p 00016000 08:03 449759
/lib/libnsl-2.8.90.so
7f109319d000-7f109319f000 rw-p 7f109319d000 00:00 0
7f109319f000-7f10931a7000 r-xp 00000000 08:03 449761
/lib/libnss_compat-2.8.90.so
7f10931a7000-7f10933a6000 ---p 00008000 08:03 449761
/lib/libnss_compat-2.8.90.so
7f10933a6000-7f10933a7000 r--p 00007000 08:03 449761
/lib/libnss_compat-2.8.90.so
7f10933a7000-7f10933a8000 rw-p 00008000 08:03 449761
/lib/libnss_compat-2.8.90.so
7f10933a8000-7f109345e000 r-xp 00000000 08:03 934123
/usr/lib/libfftw3.so.3.1.2
7f109345e000-7f109365d000 ---p 000b6000 08:03 934123
/usr/lib/libfftw3.so.3.1.2
7f109365d000-7f1093663000 r--p 000b5000 08:03 934123
/usr/lib/libfftw3.so.3.1.2
7f1093663000-7f1093664000 rw-p 000bb000 08:03 934123
/usr/lib/libfftw3.so.3.1.2
7f1093664000-7f109369b000 r-xp 00000000 08:03 449756
/lib/libncurses.so.5.6
7f109369b000-7f109389a000 ---p 00037000 08:03 449756
/lib/libncurses.so.5.6
7f109389a000-7f109389f000 rw-p 00036000 08:03 449756
/lib/libncurses.so.5.6
7f109389f000-7f10938a5000 r-xp 00000000 08:03 426462
/usr/local/grass-6.4.svn/lib/libgrass_gmath.6.4.svn.so
7f10938a5000-7f1093aa4000 ---p 00006000 08:03 426462
/usr/local/grass-6.4.svn/lib/libgrass_gmath.6.4.svn.so
7f1093aa4000-7f1093aa5000 r--p 00005000 08:03 426462
/usr/local/grass-6.4.svn/lib/libgrass_gmath.6.4.svn.so
7f1093aa5000-7f1093aa6000 rw-p 00006000 08:03 426462
/usr/local/grass-6.4.svn/lib/libgrass_gmath.6.4.svn.so
7f1093aa6000-7f1093aaa000 r-xp 00000000 08:03 426504
/usr/local/grass-6.4.svn/lib/libgrass_vask.6.4.svn.so
7f1093aaa000-7f1093ca9000 ---p 00004000 08:03 426504
/usr/local/grass-6.4.svn/lib/libgrass_vask.6.4.svn.so
7f1093ca9000-7f1093caa000 r--p 00003000 08:03 426504
/usr/local/grass-6.4.svn/lib/libgrass_vask.6.4.svn.soAborted
}}}

Running gdb explicity on this import produces the same backtrace info,
with this extra bit at the very end:

{{{
Program received signal SIGABRT, Aborted.
[Switching to Thread 0x7f006cf91710 (LWP 13683)]
0x00007f006a68afd5 in raise () from /lib/libc.so.6
}}}

Any ideas?

~ E.

--
Ticket URL: <http://trac.osgeo.org/grass/ticket/402>
GRASS GIS <http://grass.osgeo.org>

GDAL · December 15, 2008, 9:43pm

#402: v.in.ogr buffer overflow
----------------------+-----------------------------------------------------
  Reporter: epatton | Owner: grass-dev@lists.osgeo.org
      Type: defect | Status: new
  Priority: major | Milestone: 6.4.0
Component: Vector | Version: svn-develbranch6
Resolution: | Keywords: buffer overflow, vector, shapefile, import
  Platform: Linux | Cpu: x86-64
----------------------+-----------------------------------------------------
Comment (by martinl):

Can you send me sample data? Martin

--
Ticket URL: <http://trac.osgeo.org/grass/ticket/402#comment:1>
GRASS GIS <http://grass.osgeo.org>

GDAL · December 16, 2008, 1:51pm

#402: v.in.ogr buffer overflow
----------------------+-----------------------------------------------------
  Reporter: epatton | Owner: grass-dev@lists.osgeo.org
      Type: defect | Status: new
  Priority: major | Milestone: 6.4.0
Component: Vector | Version: svn-develbranch6
Resolution: | Keywords: buffer overflow, vector, shapefile, import
  Platform: Linux | Cpu: x86-64
----------------------+-----------------------------------------------------
Comment (by epatton):

Hi Martin, I've uploaded the polygon shapefile which is causing the
errors.

~ Eric.

--
Ticket URL: <http://trac.osgeo.org/grass/ticket/402#comment:2>
GRASS GIS <http://grass.osgeo.org>

GDAL · December 16, 2008, 2:00pm

#402: v.in.ogr buffer overflow
----------------------+-----------------------------------------------------
  Reporter: epatton | Owner: grass-dev@lists.osgeo.org
      Type: defect | Status: new
  Priority: major | Milestone: 6.4.0
Component: Vector | Version: svn-develbranch6
Resolution: | Keywords: buffer overflow, vector, shapefile, import
  Platform: Linux | Cpu: x86-64
----------------------+-----------------------------------------------------
Comment (by martinl):

Replying to [comment:2 epatton]:
> Hi Martin, I've uploaded the polygon shapefile which is causing the
errors.

Hm, it seems to be platform-specific. I have imported the shapefile
without problems (GNU/Linux, 32bit, gcc 4.1.3).

Martin

--
Ticket URL: <http://trac.osgeo.org/grass/ticket/402#comment:3>
GRASS GIS <http://grass.osgeo.org>

GDAL · December 16, 2008, 2:10pm

#402: v.in.ogr buffer overflow
----------------------+-----------------------------------------------------
  Reporter: epatton | Owner: grass-dev@lists.osgeo.org
      Type: defect | Status: new
  Priority: major | Milestone: 6.4.0
Component: Vector | Version: svn-develbranch6
Resolution: | Keywords: buffer overflow, vector, shapefile, import
  Platform: Linux | Cpu: x86-64
----------------------+-----------------------------------------------------
Comment (by epatton):

It seems the problem is larger than just importing this shapefile. I tried
exporting a different Grass vector from a different location to shapefile
using v.out.ogr, then importing that shapefile back into its parent
location. I get the same result, a buffer overflow.

Can anyone with a 64-bit system test importing shapefiles with v.in.ogr?

~ Eric.

--
Ticket URL: <http://trac.osgeo.org/grass/ticket/402#comment:4>
GRASS GIS <http://grass.osgeo.org>

GDAL · December 16, 2008, 4:52pm

#402: v.in.ogr buffer overflow
----------------------+-----------------------------------------------------
  Reporter: epatton | Owner: grass-dev@lists.osgeo.org
      Type: defect | Status: new
  Priority: major | Milestone: 6.4.0
Component: Vector | Version: svn-develbranch6
Resolution: | Keywords: buffer overflow, vector, shapefile, import
  Platform: Linux | Cpu: x86-64
----------------------+-----------------------------------------------------
Comment (by mmetz):

Replying to [comment:4 epatton]:

> Can anyone with a 64-bit system test importing shapefiles with v.in.ogr?
>
No problems on GNU/Linux 64 bit, gcc 4.1.2, gdal 1.5.2, grass64 and
grass70. Maybe this is specific to your particular platform? Compile and
install gdal anew?

Markus M

--
Ticket URL: <http://trac.osgeo.org/grass/ticket/402#comment:5>
GRASS GIS <http://grass.osgeo.org>

Jachym_Cepicky · December 17, 2008, 9:41am

(Hi,

(http://trac.osgeo.org/grass/ticket/402 returns 500 Internal Server
Error, so I'm replying via mailing list)

same problem here:

Ubuntu 8.10:

ii gdal-bin 1.5.2-4.1~intrepid
ii libgdal1-1.5.0 1.5.2-4.1~intrepid
ii libgdal1-1.5.0-grass 1.5.2-1
ii libgdal1-dev 1.5.2-4.1~intrepid

applyes for GRASS 6.3 (les-ejk ubuntu package) and 6.4 (fresh source
compilation)

the problem seems to be in ubuntu gdal package

$ ogrinfo /home/jachym/usr/src/thuban/thuban_trunk/Data/iceland/roads-line.shp
INFO: Open of `/home/jachym/usr/src/thuban/thuban_trunk/Data/iceland/roads-line.shp'
using driver `ESRI Shapefile' successful.
1: roads-line (Line String)

$ ogrinfo /home/jachym/usr/src/thuban/thuban_trunk/Data/iceland/roads-line.shp
roads-line

INFO: Open of `/home/jachym/usr/src/thuban/thuban_trunk/Data/iceland/roads-line.shp'
using driver `ESRI Shapefile' successful.

Layer name: roads-line
Geometry: Line String
Feature Count: 839
Extent: (-24.450359, 63.426830) - (-13.556688, 66.520111)
Layer SRS WKT:
(unknown)
FNODE_: Real (11.0)
TNODE_: Real (11.0)
LPOLY_: Real (11.0)
RPOLY_: Real (11.0)
LENGTH: Real (12.3)
RDLINE_: Real (11.0)
RDLINE_ID: Real (11.0)
RDLNTYPE: Integer (2.0)
RDLNSTAT: Integer (2.0)
OGRFeature(roads-line):0
*** buffer overflow detected ***: ogrinfo terminated
======= Backtrace: =========
/lib/tls/i686/cmov/libc.so.6(__fortify_fail+0x48)[0xb6979558]
/lib/tls/i686/cmov/libc.so.6[0xb6977680]
/lib/tls/i686/cmov/libc.so.6[0xb6976f87]
/lib/tls/i686/cmov/libc.so.6(__snprintf_chk+0x34)[0xb6976e74]
/usr/lib/libgdal1.5.0.so.1(_ZN10OGRFeature16GetFieldAsStringEi+0x36f)[0xb7d5641f]
/usr/lib/libgdal1.5.0.so.1(_ZN10OGRFeature12DumpReadableEP8_IO_FILE+0x92)[0xb7d57012]
ogrinfo[0x8049380]
ogrinfo[0x8049cd2]
/lib/tls/i686/cmov/libc.so.6(__libc_start_main+0xe5)[0xb6895685]
ogrinfo[0x80491e1]
======= Memory map: ========
08048000-0804b000 r-xp 00000000 08:01 241275 /usr/bin/ogrinfo
0804b000-0804c000 r--p 00002000 08:01 241275 /usr/bin/ogrinfo
0804c000-0804d000 rw-p 00003000 08:01 241275 /usr/bin/ogrinfo
097df000-09800000 rw-p 097df000 00:00 0 [heap]
[.....]

so, we have to dig in this direction

jachym

2008/12/16 GRASS GIS <trac@osgeo.org>:

#402: v.in.ogr buffer overflow
----------------------+-----------------------------------------------------
Reporter: epatton | Owner: grass-dev@lists.osgeo.org
Type: defect | Status: new
Priority: major | Milestone: 6.4.0
Component: Vector | Version: svn-develbranch6
Resolution: | Keywords: buffer overflow, vector, shapefile, import
Platform: Linux | Cpu: x86-64
----------------------+-----------------------------------------------------
Comment (by mmetz):

Replying to [comment:4 epatton]:

> Can anyone with a 64-bit system test importing shapefiles with v.in.ogr?
>
No problems on GNU/Linux 64 bit, gcc 4.1.2, gdal 1.5.2, grass64 and
grass70. Maybe this is specific to your particular platform? Compile and
install gdal anew?

Markus M

--
Ticket URL: <http://trac.osgeo.org/grass/ticket/402#comment:5>
GRASS GIS <http://grass.osgeo.org>

_______________________________________________
grass-dev mailing list
grass-dev@lists.osgeo.org
http://lists.osgeo.org/mailman/listinfo/grass-dev

--
Jachym Cepicky
e-mail: jachym.cepicky gmail com
URL: http://les-ejk.cz
GPG: http://les-ejk.cz/pgp/JachymCepicky.pgp

GDAL · December 17, 2008, 2:26pm

#402: v.in.ogr buffer overflow
----------------------+-----------------------------------------------------
  Reporter: epatton | Owner: grass-dev@lists.osgeo.org
      Type: defect | Status: new
  Priority: major | Milestone: 6.4.0
Component: Vector | Version: svn-develbranch6
Resolution: | Keywords: buffer overflow, vector, shapefile, import
  Platform: Linux | Cpu: x86-64
----------------------+-----------------------------------------------------
Comment (by martinl):

From grass-dev ML:

same problem here:

Ubuntu 8.10:

{{{
ii gdal-bin 1.5.2-4.1~intrepid
ii libgdal1-1.5.0 1.5.2-4.1~intrepid
ii libgdal1-1.5.0-grass 1.5.2-1
ii libgdal1-dev 1.5.2-4.1~intrepid
}}}
applyes for GRASS 6.3 (les-ejk ubuntu package) and 6.4 (fresh source
compilation)

the problem seems to be in ubuntu gdal package

{{{
$ ogrinfo /home/jachym/usr/src/thuban/thuban_trunk/Data/iceland/roads-
line.shp
INFO: Open of `/home/jachym/usr/src/thuban/thuban_trunk/Data/iceland/
roads-line.shp'
using driver `ESRI Shapefile' successful.
1: roads-line (Line String)
}}}

{{{
$ ogrinfo /home/jachym/usr/src/thuban/thuban_trunk/Data/iceland/roads-
line.shp
roads-line

INFO: Open of `/home/jachym/usr/src/thuban/thuban_trunk/Data/iceland/
roads-line.shp'
using driver `ESRI Shapefile' successful.

Layer name: roads-line
Geometry: Line String
Feature Count: 839
Extent: (-24.450359, 63.426830) - (-13.556688, 66.520111)
Layer SRS WKT:
(unknown)
FNODE_: Real (11.0)
TNODE_: Real (11.0)
LPOLY_: Real (11.0)
RPOLY_: Real (11.0)
LENGTH: Real (12.3)
RDLINE_: Real (11.0)
RDLINE_ID: Real (11.0)
RDLNTYPE: Integer (2.0)
RDLNSTAT: Integer (2.0)
OGRFeature(roads-line):0
*** buffer overflow detected ***: ogrinfo terminated
======= Backtrace: =========
/lib/tls/i686/cmov/libc.so.6(__fortify_fail+0x48)[0xb6979558]
/lib/tls/i686/cmov/libc.so.6[0xb6977680]
/lib/tls/i686/cmov/libc.so.6[0xb6976f87]
/lib/tls/i686/cmov/libc.so.6(__snprintf_chk+0x34)[0xb6976e74]
/usr/lib/libgdal1.5.0.so.1(_ZN10OGRFeature16GetFieldAsStringEi+0x36f)[0xb7d5641f]
/usr/lib/libgdal1.5.0.so.1(_ZN10OGRFeature12DumpReadableEP8_IO_FILE+0x92)[0xb7d57012]
ogrinfo[0x8049380]
ogrinfo[0x8049cd2]
/lib/tls/i686/cmov/libc.so.6(__libc_start_main+0xe5)[0xb6895685]
ogrinfo[0x80491e1]
======= Memory map: ========
08048000-0804b000 r-xp 00000000 08:01 241275 /usr/bin/ogrinfo
0804b000-0804c000 r--p 00002000 08:01 241275 /usr/bin/ogrinfo
0804c000-0804d000 rw-p 00003000 08:01 241275 /usr/bin/ogrinfo
097df000-09800000 rw-p 097df000 00:00 0 [heap]
[.....]
}}}

so, we have to dig in this direction

jachym

--
Ticket URL: <http://trac.osgeo.org/grass/ticket/402#comment:6>
GRASS GIS <http://grass.osgeo.org>

GDAL · December 18, 2008, 2:53pm

#402: v.in.ogr buffer overflow
----------------------+-----------------------------------------------------
  Reporter: epatton | Owner: grass-dev@lists.osgeo.org
      Type: defect | Status: new
  Priority: major | Milestone: 6.4.0
Component: Vector | Version: svn-develbranch6
Resolution: | Keywords: buffer overflow, vector, shapefile, import
  Platform: Linux | Cpu: x86-64
----------------------+-----------------------------------------------------
Comment (by epatton):

Jachym,

I'm using gdal-1.5.3, compiled from source; so Ubuntu packages can't be
the problem in my case. I'm recompiling Grass and gdal and will report the
results soon.

~ Eric.

--
Ticket URL: <http://trac.osgeo.org/grass/ticket/402#comment:7>
GRASS GIS <http://grass.osgeo.org>

GDAL · December 18, 2008, 3:43pm

#402: v.in.ogr buffer overflow
----------------------+-----------------------------------------------------
  Reporter: epatton | Owner: grass-dev@lists.osgeo.org
      Type: defect | Status: new
  Priority: major | Milestone: 6.4.0
Component: Vector | Version: svn-develbranch6
Resolution: | Keywords: buffer overflow, vector, shapefile, import
  Platform: Linux | Cpu: x86-64
----------------------+-----------------------------------------------------
Comment (by epatton):

I noticed the "OGRFeature16GetFieldAsString" error that we both had, and
thought there might be a problem with the dbf file that was causing this
error, so I tried opening it in Open Office, but that program chokes with
an error "Unable to open file for reading". I then renamed the dbf to
something else, and tried importing the shapefile via v.in.ogr and it
worked! I can view the vector fine; v.info doesn't show anything out of
the ordinary.

This is still disconcerting, as the attributes have not survived the
import. It's not a big problem for the polygons I'm using in this case, as
their only purpose is to be rasterized into masks later on, but
still...and I can't understand why ooffice won't open the dbf; gnumeric
doesn't have any problem opening it.

~ Eric.

--
Ticket URL: <http://trac.osgeo.org/grass/ticket/402#comment:8>
GRASS GIS <http://grass.osgeo.org>

GDAL · April 11, 2009, 7:43pm

#402: v.in.ogr buffer overflow
-------------------------+--------------------------------------------------
  Reporter: epatton | Owner: grass-dev@lists.osgeo.org
      Type: defect | Status: closed
  Priority: major | Milestone: 6.4.0
Component: Vector | Version: svn-develbranch6
Resolution: worksforme | Keywords: buffer overflow, vector, shapefile, import
  Platform: Linux | Cpu: x86-64
-------------------------+--------------------------------------------------
Changes (by epatton):

* status: new => closed
* resolution: => worksforme

Comment:

I've removed the gdal 1.5.2 version that shipped with Ubuntu 8.10 and
compiled gdal 1.6.0 in its place. v.in.ogr is working fine now, so I'm
closing this bug.

~ Eric.

--
Ticket URL: <http://trac.osgeo.org/grass/ticket/402#comment:9>
GRASS GIS <http://grass.osgeo.org>