- 2014.12.27 22:30 "[Tiff] [PATCH] tiff2pdf fixes for grayscale (min-is-white/black) and alpha", by Yuriy M. Kaminskiy
- 2014.12.29 22:29 "[Tiff] [PATCH] Signal error on unsupported sample/bit-depth in jbig codec instead of silently producing garbage", by Yuriy M. Kaminskiy
-
2014.12.30 20:41 "[Tiff] [PATCH] tif_luv, tif_pixarlog, ppm2tiff: get rid of duplicates of TIFFSafeMultiply", by Yuriy M. Kaminskiy
-
2014.12.30 20:55 "Re: [Tiff] [PATCH] tif_luv, tif_pixarlog, ppm2tiff: get rid of duplicates of TIFFSafeMultiply", by Jürgen_Buchmüller
- 2014.12.30 21:45 "Re: [Tiff] [PATCH] tif_luv, tif_pixarlog, ppm2tiff: get rid of duplicates of TIFFSafeMultiply", by Yuriy M. Kaminskiy
- 2014.12.31 14:33 "Re: [Tiff] [PATCH] tif_luv, tif_pixarlog, ppm2tiff: get rid of duplicates of TIFFSafeMultiply", by Olivier Paquet
- 2015.01.04 23:02 "Re: [Tiff] [PATCH] tif_luv, tif_pixarlog, ppm2tiff: get rid of duplicates of TIFFSafeMultiply", by Yuriy M. Kaminskiy
- 2014.12.31 09:36 "Re: [Tiff] [PATCH] tif_luv, tif_pixarlog, ppm2tiff: get rid of duplicates of TIFFSafeMultiply", by Jürgen_Buchmüller
-
2014.12.30 20:55 "Re: [Tiff] [PATCH] tif_luv, tif_pixarlog, ppm2tiff: get rid of duplicates of TIFFSafeMultiply", by Jürgen_Buchmüller
- 2015.01.25 16:56 "[Tiff] [security][PATCH] tiff2pdf: fix snprintf return value misuse", by Yuriy M. Kaminskiy
2015.01.04 23:02 "Re: [Tiff] [PATCH] tif_luv, tif_pixarlog, ppm2tiff: get rid of duplicates of TIFFSafeMultiply", by Yuriy M. Kaminskiy
Jürgen Buchmüller wrote:
> Am Dienstag, den 30.12.2014, 23:41 +0300 schrieb Yuriy M. Kaminskiy:
>> While fixing that, I noticed some very WTF code: add_ms in
>> libtiff/tif_pixarlog.c and checkAdd64 in tools/tiff2pdf.c
>> I'm not sure what are they trying to do, but I'm pretty sure they are doing it
>> WRONG and both cannot possibly work, due to different reasons. Please take a
>> look or two.
>
> I don't see add_ms in my copy (4.0.3) of the source. multiply_ms looks
like it could work, though.
At first, I've thought so too. However, now I'm not so sure: as signed overflow is not defined, when type is signed (and tmsize_t is signed), compiler is free to believe "(a*b)/b == a" is always true, and get rid of this check. Obviously, this affects TIFFSafeMultiply too (it uses exactly same code).
For checkAdd64 I also don't see how it could work as intended.
Perhaps this line would work
if ((summand1/2 + summand2/2 + 1) & (1ull << 63)) {