From: Sandro Santilli <strk@kbt.io>
Date: Mon, 10 Jul 2017 17:29:03 +0000 (+0000)
Subject: Fix buffer overflow and use of uninitialized value
X-Git-Tag: 2.4.0alpha~43
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=9ad5f80c3c207946f479f17a78f49efccb5d5cab;p=postgis

Fix buffer overflow and use of uninitialized value

See #3101 (for trunk)

git-svn-id: http://svn.osgeo.org/postgis/trunk@15480 b70326c6-7e19-0410-871a-916f4a2858ee
---

diff --git a/loader/pgsql2shp-core.c b/loader/pgsql2shp-core.c
index 8952c10e1..3e904ea30 100644
--- a/loader/pgsql2shp-core.c
+++ b/loader/pgsql2shp-core.c
@@ -1167,6 +1167,7 @@ ShpDumperCreate(SHPDUMPERCONFIG *config)
 	state->dbffieldtypes = NULL;
 	state->pgfieldnames = NULL;
 	state->big_endian = is_bigendian();
+	state->message[0] = '\0';
 	colmap_init(&state->column_map);
 
 	return state;
@@ -1557,9 +1558,9 @@ ShpDumperOpenTable(SHPDUMPERSTATE *state)
 		/* Issue warning if column has been renamed */
 		if (strcasecmp(dbffieldname, pgfieldname))
 		{
-			/* Note: we concatenate all warnings from the main loop as this is useful information */
 			snprintf(buf, 256, _("Warning, field %s renamed to %s\n"), pgfieldname, dbffieldname);
-			strncat(state->message, buf, SHPDUMPERMSGLEN - strlen(state->message));
+			/* Note: we concatenate all warnings from the main loop as this is useful information */
+			strncat(state->message, buf, SHPDUMPERMSGLEN - strlen(state->message) - 1);
 
 			ret = SHPDUMPERWARN;
 		}