[Tile-serving] [osm2pgsql-dev/osm2pgsql] Catching overlarge bounding boxes to defend against bad edits (Discussion #2428)

[Jochen Topf]

In theory you could add a check in Lua code for every geometry using the get_bbox() function before you add it to a table to make sure it is "reasonable". But that would mean quite a lot of boiler-plate code. Another option would be to allow users to set a max bounding box on tables and do the check then behind the scenes in osm2pgsql. But that would still put the burden on the osm2pgsql user to configure this properly and chances are that not many people will do this. We could avoid large expire lists for, say, building layers this way, but other layers (like boundaries) will still need to allow huge areas, so I am not sure how useful this would be. The question is also whether we are defending against a mistake somewhere (like a mistagging or a moved node) or against an attacker.

-- 
Reply to this email directly or view it on GitHub:
https://github.com/osm2pgsql-dev/osm2pgsql/discussions/2428#discussioncomment-14824070
You are receiving this because you are subscribed to this thread.

Message ID: <osm2pgsql-dev/osm2pgsql/repo-discussions/2428/comments/14824070 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/tile-serving/attachments/20251030/bcd5aff3/attachment.htm>