2014.12.27 23:06 "[Tiff] [PATCH] tiff2ps: fix grayscale with unassociated alpha (and other extrasamples != 0)", by Yuriy M. Kaminskiy

2014.12.31 16:04 "Re: [Tiff] [PATCH] tif_luv, tif_pixarlog, ppm2tiff: get rid of duplicates of TIFFSafeMultiply", by Bob Friesenhahn

I'm fairly certain it covers all possible overflows and nothing else. If no one objects, I will make both changes.

Whatever is done, it would be good if the approach is normalized rather than creating many one-of solutions in the code.

There is value gained from using pre-processor macros in that they do not influence the values type. Hard-coded functions may produce an unexpected result if the function prototype converts the input value to a different type. For example, if size_t is assumed, then there could be a problem if the computation is intentionally using types larger than size_t, or a signed type.

Current libtiff CVS is modified from previous releases in that _TIFFmalloc() returns NULL if a zero-byte allocation is requested.

Bob Friesenhahn
bfriesen@simple.dallas.tx.us, http://www.simplesystems.org/users/bfriesen/
GraphicsMagick Maintainer, http://www.GraphicsMagick.org/