2014.12.21 15:35 "[Tiff] For review", by Even Rouault

2014.12.22 02:58 "Re: [Tiff] For review", by Bob Friesenhahn

In case someone wants to double-check, after painful investigations, I've committed the following changes to avoid crashes/Valgrind errors on a set of fuzzed images that Bob provided to me. I'm not too sure about the stuff related to LOGLUV/CIELAB/ITULAB (changes in libtiff/tif_getimage.c and tools/tiff2pdf.c), so review would be appreciated.

With your libtiff changes, and after fixing issues in GraphicsMagick also related to LOGLUV or CIELAB with one sample per pixel (which is legal), GraphicsMagick is not misbehaving under ASAN with a 64-bit build with the fuzzed images. I have not tested a 32-bit build with ASAN or valgrind on the fuzzed images.

Most libtiff utility calculations for allocation buffer sizes are not checking the calculations for arithmetic overflow. This is likely a particular problem with 32-bit builds or with BigTIFF.

I just checked in buffer allocation size checking for 'tiffdump'.

You were talking earlier about whether it was ok just to make a ordinary release or if a beta is required. The sort of changes made require some time (a 'beta', or just more time) to make sure that they don't break something in active use.

Bob Friesenhahn
bfriesen@simple.dallas.tx.us, http://www.simplesystems.org/users/bfriesen/
GraphicsMagick Maintainer, http://www.GraphicsMagick.org/