From: Raúl Marín Rodríguez Date: Thu, 13 Jun 2019 11:56:02 +0000 (+0000) Subject: Throw on invalid characters when decoding geohash X-Git-Tag: 2.5.3~21 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=246b07d041decb433e83df59af7a7de1ddb63edc;p=postgis Throw on invalid characters when decoding geohash References #4406 git-svn-id: http://svn.osgeo.org/postgis/branches/2.5@17528 b70326c6-7e19-0410-871a-916f4a2858ee --- diff --git a/NEWS b/NEWS index 181ece7c2..5e9bcd2c8 100644 --- a/NEWS +++ b/NEWS @@ -9,6 +9,7 @@ PostGIS 2.5.3 - #4380, Simple TIN support to allow viz in QGIS (Paul Ramsey) - #4388, AddRasterConstraints: Ignore NULLs when generating constraints (Raúl Marín) - #4327, Avoid pfree'ing the result of getenv (Raúl Marín) + - #4406, Throw on invalid characters when decoding geohash (Raúl Marín) PostGIS 2.5.2 diff --git a/liblwgeom/cunit/cu_algorithm.c b/liblwgeom/cunit/cu_algorithm.c index 988533f77..9be12e873 100644 --- a/liblwgeom/cunit/cu_algorithm.c +++ b/liblwgeom/cunit/cu_algorithm.c @@ -1038,6 +1038,23 @@ static void test_lwgeom_remove_repeated_points(void) lwfree(ewkt); } +static void +test_geohash_bbox(void) +{ + double lat[2], lon[2]; + + /* SELECT ST_GeoHash(ST_SetSRID(ST_MakePoint(-126,48),4326)) */ + decode_geohash_bbox("c0w3hf1s70w3hf1s70w3", lat, lon, 100); + CU_ASSERT_DOUBLE_EQUAL(lat[0], 48, 1e-11); + CU_ASSERT_DOUBLE_EQUAL(lat[1], 48, 1e-11); + CU_ASSERT_DOUBLE_EQUAL(lon[0], -126, 1e-11); + CU_ASSERT_DOUBLE_EQUAL(lon[1], -126, 1e-11); + + cu_error_msg_reset(); + decode_geohash_bbox("@@@@@@", lat, lon, 100); + ASSERT_STRING_EQUAL(cu_error_msg, "decode_geohash_bbox: Invalid character '@'"); +} + static void test_lwgeom_simplify(void) { LWGEOM *l; @@ -1503,6 +1520,7 @@ void algorithms_suite_setup(void) PG_ADD_TEST(suite,test_geohash_precision); PG_ADD_TEST(suite,test_geohash); PG_ADD_TEST(suite,test_geohash_point_as_int); + PG_ADD_TEST(suite, test_geohash_bbox); PG_ADD_TEST(suite,test_isclosed); PG_ADD_TEST(suite,test_lwgeom_simplify); PG_ADD_TEST(suite,test_lw_arc_center); diff --git a/liblwgeom/lwalgorithm.c b/liblwgeom/lwalgorithm.c index 172014418..f81f49276 100644 --- a/liblwgeom/lwalgorithm.c +++ b/liblwgeom/lwalgorithm.c @@ -709,6 +709,7 @@ unsigned int geohash_point_as_int(POINT2D *pt) ** set in them will be the southwest and northeast coordinates of the bounding ** box accordingly. A precision less than 0 indicates that the entire length ** of the GeoHash should be used. +** It will call `lwerror` if an invalid character is found */ void decode_geohash_bbox(char *geohash, double *lat, double *lon, int precision) { @@ -731,6 +732,13 @@ void decode_geohash_bbox(char *geohash, double *lat, double *lon, int precision) for (i = 0; i < precision; i++) { c = tolower(geohash[i]); + /* Valid characters are all digits and letters except a, i, l and o */ + if (!(((c >= '0') && (c <= '9')) || + ((c >= 'b') && (c <= 'z') && (c != 'i') && (c != 'l') && (c != 'o')))) + { + lwerror("%s: Invalid character '%c'", __func__, geohash[i]); + return; + } cd = strchr(base32, c) - base32; for (j = 0; j < 5; j++)