OSV-2021-1319

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/geos/OSV-2021-1319.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2021-1319

Published

2021-09-19T00:00:07.077782Z

Modified

2022-04-13T03:04:36.757432Z

Summary

Heap-buffer-overflow in geos::operation::valid::PolygonNode::isInteriorSegment

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=38922

Crash type: Heap-buffer-overflow READ 8
Crash state:
geos::operation::valid::PolygonNode::isInteriorSegment
geos::operation::valid::PolygonTopologyAnalyzer::isSegmentInRing
geos::operation::valid::IsValidOp::checkHolesOutsideShell

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=38922

Affected packages

OSS-Fuzz / geos

Package

Name: geos
Purl: pkg:generic/geos

Affected ranges

Type: GIT
Repo: https://git.osgeo.org/gitea/geos/geos.git
Events: Introduced

f593230f5907260096202ef0302abe99b81c0bf7

Fixed

f593230f5907260096202ef0302abe99b81c0bf7

Introduced

0d3e09cc31101a7bd58051add7db0ce0aef6b6f5

Fixed

0d3e09cc31101a7bd58051add7db0ce0aef6b6f5

Fixed

128f6d9ffeb961b5b8c9baa6651521a88cfdfe35

Ecosystem specific

{
    "severity": "MEDIUM"
}

Database specific

{
    "fixed_range": "7315c299aaace9fdf9ae55042bc7ae1f32856009:128f6d9ffeb961b5b8c9baa6651521a88cfdfe35"
}