- 2016.10.28 19:24 "Re: [Tiff] New release ? + remaining CVE tickets", by Bob Friesenhahn
-
2016.12.13 04:56 "[Tiff] one little ill-advised change in v4.0.7 broke functionality for HylaFAX", by Lee Howard
- 2016.12.13 08:54 "Re: [Tiff] one little ill-advised change in v4.0.7 broke functionality for HylaFAX", by Even Rouault
2016.12.13 04:56 "[Tiff] one little ill-advised change in v4.0.7 broke functionality for HylaFAX", by Lee Howard
See:
http://bugzilla.maptools.org/show_bug.cgi?id=2636
---------------------------------------------------------
So, for a few weeks now a couple of folks on the HylaFAX mailing lists have complained that HylaFAX does not work for them after they upgrade to libtiff v4.0.7. After looking into it I have found the culprit...
*******************************************************************
Index: ChangeLog
===================================================================
RCS file: /cvs/maptools/cvsroot/libtiff/ChangeLog,v
retrieving revision 1.1109
retrieving revision 1.1110
diff -u -r1.1109 -r1.1110
--- ChangeLog 3 Jan 2016 10:01:25 -0000 1.1109
+++ ChangeLog 9 Jan 2016 22:19:21 -0000 1.1110
@@ -1,3 +1,8 @@
+2016-01-09 Even Rouault <even.rouault at spatialys.com>
+
+ * libtiff/tif_fax3.h: make Param member of TIFFFaxTabEnt structure
+ a uint16 to reduce size of the binary.
+
2016-01-03 Even Rouault <even.rouault at spatialys.com>
* libtiff/tif_read.c, tif_dirread.c: fix indentation issues raised
Index: libtiff/tif_fax3.h
=================================================================== RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_fax3.h,v retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- libtiff/tif_fax3.h 10 Mar 2011 20:23:07 -0000 1.9
+++ libtiff/tif_fax3.h 9 Jan 2016 22:19:21 -0000 1.10
@@ -1,4 +1,4 @@
-/* $Id: tif_fax3.h,v 1.9 2011-03-10 20:23:07 fwarmerdam Exp $ */ +/* $Id: tif_fax3.h,v 1.10 2016-01-09 22:19:21 erouault Exp $ */
/*
* Copyright (c) 1990-1997 Sam Leffler
@@ -84,7 +84,7 @@
typedef struct { /* state table entry */
unsigned char State; /* see above */
unsigned char Width; /* width of code in bits */
- uint32 Param; /* unsigned 32-bit run length in bits */
+ uint16 Param; /* unsigned 16-bit run length in bits */
} TIFFFaxTabEnt;
extern const TIFFFaxTabEnt TIFFFaxMainTable[];
*******************************************************************
I cannot see this change to reduce the size of the binary being discussed at all on the libtiff mailing list... and unfortunately I did not test libtiff CVS code in HylaFAX this year until now.
Anyway, the "Param" field here in TIFFFaxTabEnt corresponds to TIFFTAG_FAXRECVPARAMS which elsewhere in libtiff (like libtiff/tif_dirinfo.c) is known to be 32-bits long.
The consequence of this change is that any software that utilizes TIFFTAG_FAXRECVPARAMS (and HylaFAX does so quite heavily) will likely see their "params" data corrupted/lost... leading to all sorts of problems with image data operations.
Please reverse the attached patch.
--- libtiff/tif_fax3.h 10 Mar 2011 20:23:07 -0000 1.9
+++ libtiff/tif_fax3.h 9 Jan 2016 22:19:21 -0000 1.10
@@ -84,7 +84,7 @@
typedef struct { /* state table entry */
unsigned char State; /* see above */
unsigned char Width; /* width of code in bits */
- uint32 Param; /* unsigned 32-bit run length in bits */
+ uint16 Param; /* unsigned 16-bit run length in bits */
} TIFFFaxTabEnt;
extern const TIFFFaxTabEnt TIFFFaxMainTable[];