1998.04.07 10:18 "Bug in V3.4 for WinNT", by Christof Krug

1998.04.07 10:18 "Bug in V3.4 for WinNT", by Christof Krug

I found a bug in libtiff V3.4 running on WindowsNT.

In tif_win32.c change:

tdata_t
_TIFFrealloc(tdata_t p, tsize_t s)
{
        void* pvTmp;
        if ((pvTmp = GlobalReAlloc(p, s, 0)) == NULL) {
                if ((pvTmp = GlobalAlloc(GMEM_FIXED, s)) != NULL) {
                        CopyMemory(pvTmp, p, s);
                        GlobalFree(p);
                }
        }
        return ((tdata_t)pvTmp);
}

to

tdata_t
_TIFFrealloc(tdata_t p, tsize_t s)
{
        void* pvTmp;
        if ((pvTmp = GlobalReAlloc(p, s, 0)) == NULL) {
                if ((pvTmp = GlobalAlloc(GMEM_FIXED, s)) != NULL) {
                        CopyMemory(pvTmp, p, GlobalSize(p));
                        GlobalFree(p);
                }
        }
        return ((tdata_t)pvTmp);
}

Otherwise this function must fail, if the new memory block is larger than the old one and we copy from the old block the size of the new block to the new block.

Christof Krug

EchoTech 3D Imaging Systems GmbH
Zeppelinstr. 4
D-85399 Hallbergmoos
Germany
Phone ++49 (0)811 5556 0
Fax ++49 (0)811 5556 20
eMail EchoTech@t-online.de
WWW http://home.t-online.de/home/EchoTech