[Tile-serving] [openstreetmap/osm2pgsql] Avoid crashing on out-of-range inputs for int4 columns (#956)
mmd
notifications at github.com
Wed Oct 2 09:59:51 UTC 2019
mmd-osm commented on this pull request.
> @@ -457,12 +457,21 @@ void table_t::escape_type(const string &value, ColumnType flags)
switch (flags) {
case COLUMN_TYPE_INT: {
// For integers we take the first number, or the average if it's a-b
- long from, to;
- int items = sscanf(value.c_str(), "%ld-%ld", &from, &to);
- if (items == 1) {
+ int64_t from, to;
+ // limit number of digits parsed to avoid undefined behaviour in sscanf
+ int items = sscanf(value.c_str(), "%18ld-%18ld", &from, &to);
Unfortunately, that's not supported in C++11: `table.cpp:462:43: error: ISO C++11 does not support the ‘%Ld’ gnu_scanf format`
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/osm2pgsql/pull/956#discussion_r330466153
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/tile-serving/attachments/20191002/b4bbd9aa/attachment-0001.html>
More information about the Tile-serving
mailing list