LibTiff Mailing List
TIFF and LibTiff Mailing List Archive
March 2010
Previous Thread
Next Thread
Previous by Thread
Next by Thread
Previous by Date
Next by Date
Contact
The TIFF Mailing List Homepage
This list is run by Frank Warmerdam
Archive maintained by AWare Systems
Thread
2010.03.16 18:24 "Re: Heap corruption reading ICC profiles under windows", by Olivier Paquet
On Tue, Mar 16, 2010 at 1:38 PM, Dan Pidcock <dan.pidcock@googlemail.com> wrote:
> When I use tiff lib under windows to read a TIFF that has an embedded ICC
> profile (created by Adobe Photoshop CS3) I am seeing heap corruption
> in TIFFFreeDirectory when calling _TIFFfree for the custom tag. Is this a
> known issue or some problem with my configuration that I need to sort out? I
> have tried 3.8.2 and 4.0.0beta5 versions of tiff lib.
> I built tiff lib using nmake after modifying the nmake.opt file to comment
> out USE_WIN_CRT_LIB = 1.
> The code I am using to test is:
> TIFF* tif = TIFFOpen(argv[1], "r");
> if (tif) {
> unsigned long profileSize;
> unsigned char *rawIccProfile = NULL;
> if (TIFFGetField (tif, TIFFTAG_ICCPROFILE, &profileSize,
> &rawIccProfile))
> _TIFFfree(rawIccProfile);
> TIFFClose(tif);
> }
> which is fundamentally the same as that used
> at http://www.littlecms.com/tiffemb.c
> and http://www.freecolormanagement.com/download/tiff_icc.diff
> Any ideas gratefully received,
> Dan
I don't think you need to free the pointer returned by TIFFGetField.
That second reference you linked doesn't as far as I can see. The
first one is probably broken. The pointer you get points to libtiff's
internal copy of the directory. This is why libtiff fails when trying
to clean up and free the memory you've already released yourself.
This also means you must make your own copy of the data if you're
going to need it beyond TIFFClose (or any directory change for that
matter).
Olivier