- 2000.03.15 18:00 "Re: Some CCITT Group 3 TIFFs crash libtiff", by Frank Warmerdam
- 2000.03.15 18:36 "Re: Some CCITT Group 3 TIFFs crash libtiff", by Helge Blischke
2000.03.15 18:00 "Re: Some CCITT Group 3 TIFFs crash libtiff", by Frank Warmerdam
I've encountered several CCITT Group 3-compressed TIFF images that cause programs compiled with libtiff 3.5.4 to crash with an IPF/segmentation fault. The crash occurs both in my Windows program and in utilities like tiffcp on Linux.
The crash occurs in tif_fax3.c, at either line 397:
*lp++ = 0L;
or line 436:
*lp++ = -1L;
The crash does not occur when using libtiff 3.4beta37, even though the tif_fax3.c file is effectively identical.
I haven't investigated this too deeply, in the hopes that someone may already know a simple fix. I placed several files that exhibit the problem at: http://home.mieweb.com/jason/testbed/tif/
I don't know (or really care) if those files are perfectly valid TIFFs, I just want to prevent a crash. Any help would be appreciated.
Jason,
I think this is the same problem reported by a couple of other people. I have placed a modified tif_fax3.c at:
http://gdal.velocet.ca/~warmerda/tif_fax3.c
This contains a patch to increase the size of the "runs" array by eight bytes, and this seems to avoid the problem. However, I was unable to establish a more appropriate patch. You can search for the word "Problem" to see my notes on the problem.
This patch is checked in CVS and will appear in the next libtiff release.
Best regards,
---------------------------------------+--------------------------------------
I set the clouds in motion - turn up | Frank Warmerdam, warmerda@home.com
light and sound - activate the windows | http://members.home.com/warmerda
and watch the world go round - Rush | Geospatial Programmer for Rent