Newer
Older
2016-01-03 Even Rouault <even.rouault at spatialys.com>
* libtiff/tif_read.c, tif_dirread.c: fix indentation issues raised
by GCC 6 -Wmisleading-indentation
2015-12-27 Even Rouault <even.rouault at spatialys.com>
* libtiff/tif_pixarlog.c: avoid zlib error messages to pass a NULL
string to %s formatter, which is undefined behaviour in sprintf().
2015-12-27 Even Rouault <even.rouault at spatialys.com>
* libtiff/tif_next.c: fix potential out-of-bound write in NeXTDecode()
triggered by http://lcamtuf.coredump.cx/afl/vulns/libtiff5.tif
(bugzilla #2508)
2015-12-27 Even Rouault <even.rouault at spatialys.com>
* libtiff/tif_luv.c: fix potential out-of-bound writes in decode
functions in non debug builds by replacing assert()s by regular if
checks (bugzilla #2522).
Fix potential out-of-bound reads in case of short input data.
2015-12-26 Even Rouault <even.rouault at spatialys.com>
* libtiff/tif_getimage.c: fix out-of-bound reads in TIFFRGBAImage
interface in case of unsupported values of SamplesPerPixel/ExtraSamples
for LogLUV / CIELab. Add explicit call to TIFFRGBAImageOK() in
TIFFRGBAImageBegin(). Fix CVE-2015-8665 reported by limingxing and
CVE-2015-8683 reported by zzf of Alibaba.
2015-12-21 Even Rouault <even.rouault at spatialys.com>
* libtiff/tif_dirread.c: workaround false positive warning of Clang Static
Analyzer about null pointer dereference in TIFFCheckDirOffset().
2015-12-19 Even Rouault <even.rouault at spatialys.com>
* libtiff/tif_fax3.c: remove dead assignment in Fax3PutEOLgdal(). Found
by Clang Static Analyzer
2015-12-18 Even Rouault <even.rouault at spatialys.com>
* libtiff/tif_dirwrite.c: fix truncation to 32 bit of file offsets in
TIFFLinkDirectory() and TIFFWriteDirectorySec() when aligning directory
offsets on a even offset (affects BigTIFF). This was a regression of the
changeset of 2015-10-19.
2015-12-12 Even Rouault <even.rouault at spatialys.com>
* libtiff/tif_write.c: TIFFWriteEncodedStrip() and TIFFWriteEncodedTile()
should return -1 in case of failure of tif_encodestrip() as documented
* libtiff/tif_dumpmode.c: DumpModeEncode() should return 0 in case of
failure so that the above mentionned functions detect the error.
2015-12-06 Even Rouault <even.rouault at spatialys.com>
* libtiff/uvcode.h: const'ify uv_code array
2015-12-06 Even Rouault <even.rouault at spatialys.com>
* libtiff/tif_dirinfo.c: const'ify tiffFields, exifFields,
tiffFieldArray and exifFieldArray arrays
2015-12-06 Even Rouault <even.rouault at spatialys.com>
* libtiff/tif_print.c: constify photoNames and orientNames arrays
2015-12-06 Even Rouault <even.rouault at spatialys.com>
* libtiff/tif_close.c, libtiff/tif_extension.c : rename link
variable to avoid -Wshadow warnings
2015-11-22 Even Rouault <even.rouault at spatialys.com>
* libtiff/*.c: fix typos in comments (patch by Kurt Schwehr)
2015-11-22 Even Rouault <even.rouault at spatialys.com>
* libtiff/*.c: fix MSVC warnings related to cast shortening and
assignment within conditional expression
2015-11-18 Even Rouault <even.rouault at spatialys.com>
* libtiff/*.c: fix clang -Wshorten-64-to-32 warnings
2015-11-18 Even Rouault <even.rouault at spatialys.com>
* libtiff/tif_dirread.c: initialize double* data at line 3693 to NULL
to please MSVC 2013
2015-11-17 Even Rouault <even.rouault at spatialys.com>
* libtiff/tif_dirread.c: prevent reading ColorMap or TransferFunction
if BitsPerPixel > 24, so as to avoid huge memory allocation and file
read attempts
2015-11-02 Even Rouault <even.rouault at spatialys.com>
* libtiff/tif_dirread.c: remove duplicated assignment (reported by
Clang static analyzer)
2015-10-28 Even Rouault <even.rouault at spatialys.com>
* libtiff/tif_dir.c, libtiff/tif_dirinfo.c, libtiff/tif_compress.c,
libtiff/tif_jpeg_12.c: suppress warnings about 'no previous
declaration/prototype'
2015-10-19 Even Rouault <even.rouault at spatialys.com>
* libtiff/tiffiop.h, libtiff/tif_dirwrite.c: suffix constants by U to fix
'warning: negative integer implicitly converted to unsigned type' warning
(part of -Wconversion)
2015-10-17 Even Rouault <even.rouault at spatialys.com>
* libtiff/tif_dir.c, libtiff/tif_dirread.c, libtiff/tif_getimage.c,
libtiff/tif_print.c: fix -Wshadow warnings (only in libtiff/)
2015-09-12 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
* html/v4.0.6.html: Added release notes for 4.0.6.
2015-09-06 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
* tools/tiffgt.c: Silence glut API deprecation warnings on MacOS
X. Patch by Roger Leigh.
* Makefile.am: Added a 'coverity' rule to assist with Coverity
submissions.
* tools/tiff2pdf.c: Fix compiler warning about unused function
when JPEG is not available.
* tools/fax2ps.c (main): Detect failure to write to temporary
file.
2015-09-05 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
* libtiff/tif_dirread.c (TIFFReadDirEntryCheckRangeSlongSlong8):
Change implementation so that it does not sometimes overflow the
range of a 32-bit int and to avoid a signed vs unsigned compare
compiler warning.
(TIFF_INT64_MAX): Avoid use of platform-specific large constants.
(TIFF_UINT32_MAX): Avoid use of platform-specific large constants.
2015-09-01 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
* Makefile.am (distcheck-hook), configure.ac: Applied patches by
Roger Leigh (via tiff mailing list on 2015-09-01) to fix issue
with BSD make and to make use of cmake in 'distcheck' target
conditional on if cmake is available.
* CMakeLists.txt, Makefile.am, configure.ac: Applied patches by
Roger Leigh (via tiff mailing list on 2015-09-01).
CMake build is now included in 'distcheck' target.
Builds with CMake 2.8.9 and newer.
Tar is now resquested to use POSIX PAX format.
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
2015-08-31 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
* CMakeLists.txt, libtiff/test/Makefile.am: Applied patches by
Roger Leigh (via tiff mailing list on 2015-08-31.
CMake reads all version information directly from configure.ac to
avoid duplication of values. This basically greps over the file
for the LIBTIFF_* variables, then translates them to the form
needed for cmake. This includes the release version and libtool
shared library version information.
Make shared/static library building configurable. Currently it
always builds shared libraries, with static libs having a _static
suffix (copying zlib, but it means it's got a non-standard name).
CMake has a -DBUILD_SHARED_LIBS=ON|OFF option to select one or the
other, which is now used instead. There's now a single "tiff"
target to build either shared or static as required, and all the
tests and tools are linked with this. Note: the Windows tests fail
when linked with a static libtiff (says: libtiff.dll not found).
Not really a regression since this was not tested up to this
point, and it's likely the unit tests haven't (ever?) been run on
Windows with a static libtiff, so there's some additional
portability issue here to address. Works fine on UNIX systems,
and fine on Windows with the default to build a DLL.
Add a missing file which wasn't being distributed, causing unit
tests to fail. Note that "find . -name '*.cmake'" lists all the
CMake files which need distributing in addition to all the
CMakeLists.txt files (which now are distributed).
2015-08-31 Even Rouault <even.rouault at spatialys.com>
* libtiff/tif_predict.c: pedantic change to add explicit masking
with 0xff before casting to uchar in floating-point horizontal
differencing and accumulation routines.
2015-08-31 Even Rouault <even.rouault at spatialys.com>
* libtiff/tif_predict.c: fix generation of output with 16 bit
or 32 bit integer, when byte swapping is needed, in
horizontal predictor (#2521). Also fixes decoding when there is
a single pixel to code (unlikely case...) and byte swapping is
involved.
2015-08-30 Even Rouault <even.rouault at spatialys.com>
* libtiff/tif_lzw.c: make nextdata a unsigned type to avoid
undefined behaviour with shifts (gcc -fsanitize=shift)
2015-08-30 Even Rouault <even.rouault at spatialys.com>
* libtiff/tif_fax3.c, libtiff/tif_lzw.c, libtiff/tif_predict.c:
add explicit masking with 0xff before casting
to unsigned char (make icc -check=conversions happy)
* libtiff/tif_predict.c: operate on unsigned datatypes when
computing/applying differences to avoid undefined behaviour of
signed types (C standard compliance)
2015-08-30 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
* configure.ac: libtiff 4.0.5 released.
2015-08-29 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
* CMakeLists.txt: Applied patch by Roger Leigh (via tiff mailing
list on 2015-08-29) to add ld-version-script option to cmake build
to match autoconf. Note: defaults to 'on' to be ABI-compatible by
default with common Linux distribution builds. Note that the
autoconf configure script defaults to 'off'.
* html/build.html: Applied patch by Roger Leigh (via tiff mailing
list on 2015-08-29) to describe how to use CMake to build libtiff.
2015-08-28 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
* html/v4.0.5.html: Added HTML file describing the changes which
will appear in the 4.0.5 release.
2015-08-23 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
bfriesen
committed
* libtiff/tiffiop.h: For MinGW comiles, make sure that build
supports necessary __MSVCRT_VERSION__ (at least at least 0x800).
Otherwise large files can not be supported for POSIX-style I/O.
* tools/fax2tiff.c (main): Eliminate a compiler warning in 64-bit
builds about cast to thandle_t.
* test/rewrite_tag.c (main): Does not require any arguments.
2015-08-20 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
* tools/CMakeLists.txt, port/snprintf.c: Patch by Roger Leigh to
fix build issues when using Cmake due to Windows large file
changes.
2015-08-18 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
* libtiff/tiffiop.h: First cut at supporting large files under
Microsoft Windows using tif_unix.c and the libtiff tools. This
only works if the Windows CDK is new enough to support the APIs
used (Visual C++ 2005 or later). Support for large files is not
actually tested yet.
2015-08-15 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
* libtiff/tif_jpeg.c: Applied patch by Räisä Olli to assure that
client_data is initialized to a known value, and to report an
error on two memory allocation failures.
2015-08-13 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
* CMakeLists.txt: Applied patch by Roger Leigh to fix libtiffxx
symbol versioning. Patch was mailed to libtiff list on Thu, 13
Aug 2015.
2015-07-04 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
* cmake: Add d suffix to debug libraries with MSVC. Patch #3 of 3
by Roger Leigh posted to tiff list on Wed, 1 Jul 2015 15:58:20
+0100.
* cmake: Add extra warning flags. Patch #2 of 3 by Roger Leigh
posted to tiff list on Wed, 1 Jul 2015 15:58:20 +0100.
* cmake: Correct snprintf fallback for VS2015. Patch #1 of 3 by
Roger Leigh posted to tiff list on Wed, 1 Jul 2015 15:58:20 +0100.
2015-06-24 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
* CMakeLists.txt: Add CMake patchset by Roger Leigh as posted to
libtiff mailing list on Mon, 22 Jun 2015 21:21:01 +0100. Several
corrections to ensure that the autotools build still works were
added by me. I have not yet tested the build using 'cmake' or
MSVC with 'nmake'.
2015-06-21 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
* test/Makefile.am: tiff2rgba-quad-tile.jpg.sh depends on the JPEG
library so only execute if JPEG is available.
* configure.ac: Add a HAVE_FOO Automake conditional for each
add-on library.
* test/Makefile.am (JPEG_DEPENDENT_CHECK_PROG): raw_decode
requires JPEG support to compile. Use Automake conditional to
only include it when JPEG support is available.
* html/build.html: Try to improve the nmake-based VC++ build
description.
* libtiff/tiffconf.vc.h: Build fixes based on testing.
* libtiff/tif_config.vc.h: Build fixes based on testing.
* libtiff/libtiff.def: TIFFRasterScanline does not exist so remove
export for it.
2015-06-20 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
* libtiff/tif_config.vc.h: Make adjustments to match the new
definitions that configure produces, including for WIN64. Still
needs to be tested.
* configure.ac: For 64-bit MinGW, fix SSIZE_FORMAT formatting
specifier. 64-bit MinGW supports 'long long' but support for
'lld' is not assured by the run-time DLLs and so GCC warns.
Add TIFF_SIZE_T and TIFF_SIZE_FORMAT to provide a type definition
and printf format specifier to deal with printing values of
'size_t' type. In particular, this was necessary for WIN64.
Added a configure test for if the system headers provide 'optarg'
(normal case) and block out the many explicit 'extern' statements
in the utilities. This was found to be necessary under Windows
when getopt is in a DLL and the symbols are already imported with
dllimport via standard header files.
* test/raw_decode.c (XMD_H): Avoid conflicting typedefs for INT32
and boolean in MinGW build due to including jpeglib.h.
* test/rewrite_tag.c (main): Fix problem with location of variable
declaration.
* libtiff/libtiff.def: Added exports for TIFFGetConfiguredCODECs,
TIFFReadRGBAImageOriented, TIFFSetCompressionScheme,
TIFFSwabArrayOfTriples, TIFFVGetFieldDefaulted, _TIFFCheckRealloc,
TIFFRasterScanline, TIFFSetErrorHandlerExt,
TIFFSetWarningHandlerExt, TIFFNumberOfDirectories,
TIFFCreateCustomDirectory, TIFFCreateEXIFDirectory,
TIFFWriteCustomDirectory, _TIFFRewriteField as recommended by
Roger Leigh and justified by use in libtiff tests, documentation,
and changelog notes. Also sorted symbol list and removed
duplicate entries.
2015-06-16 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
* libtiff/tif_getimage.c: Fix four Coverity issues related to
unintended sign extension.
2015-06-16 Even Rouault <even.rouault at spatialys.com>
* libtiff/tif_unix.c: fix compilation with MSVC (fix by Jeff McKenna)
Bugzilla Bug #2510 fixes several harmless but still annoying
Bug #2498. Adds an option to select the file I/O style on
* libtiff/tif_getimage.c: contribution from Gary Cramblitt
* configure, configure.ac: contribution from Marcos H. Woehrmann
on Bugzilla Bug #2405. Correct shell equality operator.
* tools/tiffgt.c (raster_draw): contribution from Jay Berkenbilt
* tools/tiff2pdf.c: change ColorTransform from "0" to "1"
following Bugzilla Bug #2150.
2015-06-13 Lee Howard <faxguy@howardsilvan.com>
* libtiff/tif_lzw.c: contribution from Andy Cave - decode
files that contain consecutive CODE_CLEAR codes.
* tools/tiff2pdf.c: contribution from Antti S. Lankila on
Bugzilla Bug #2078. Suppress initial output of the header.
* tools/tiff2pdf.c: contribution from Yuriy M. Kaminskiy -
Take care in using the return value from snprintf().
* tools/tiffcrop.c: contribution from Eduardo Robles Elvira -
correctly copy the compression tag from the source TIFF.
* tools/tiff2ps.c: contribution from Eduardo Robles Elvira -
correct sizing and scaling problems with output document.
2015-06-10 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
* libtiff/tif_jpeg.c (JPEGDecode): Split JPEGDecode() into two
clean implementations in order to avoid pre-processor hell. Only
one of the implementations is used in a given build.
2015-06-08 Even Rouault <even.rouault at spatialys.com>
* libtiff/tif_jpeg.c: Fix compilation in BITS_IN_JSAMPLE == 12
case
2015-06-07 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
* libtiff/tif_write.c (TIFFWriteEncodedStrip): Fix Coverity 715975
"Division or modulo by zero".
(TIFFWriteEncodedTile): Fix Coverity 715976 and 715977 "Division
or modulo by zero".
(TIFFWriteRawStrip): Fix Coverity 715978 "Division or modulo by
zero".
(TIFFWriteScanline): Fix Coverity 715979 "Division or modulo by
zero".
* libtiff/tif_read.c (TIFFStartTile): Fix Coverity 715973 and
715974 "Division or modulo by zero".
2015-05-31 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
* libtiff/tif_dir.c (TIFFNumberOfDirectories): Quiet Coverity
1134470 "Logically dead code" by making the roll-over check
explicit.
* libtiff/tif_luv.c (LogLuvDecodeTile): Fix Coverity 991227
"Division or modulo by zero".
(LogLuvDecodeStrip): Fix Coverity 991239 "Division or modulo by
zero".
(LogLuvEncodeStrip): Fix Coverity 991240 "Division or modulo by
zero".
(LogLuvEncodeTile): Fix Coverity 991241 "Division or modulo by
zero".
* libtiff/tif_dirread.c (TIFFReadDirEntryDoubleArray): Fix
Coverity 298626 "Logically dead code".
(TIFFReadDirEntryFloatArray): Fix Coverity 298627 "Logically dead
code".
(TIFFReadDirEntryIfd8Array): Fix Coverity 298628 "Logically dead
code".
(TIFFReadDirEntrySlong8Array): Fix Coverity 298629 "Logically dead
code"
* libtiff/tif_dir.c (TIFFNumberOfDirectories): Don't depend on ++
operator precedenc in evaluation. Might quench Coverity 1134470
"Logically dead code".
* libtiff/tif_jpeg.c (JPEGDecode): Fix Coverity 602597 "Operands
don't affect result". This change uses ifdefs to include
applicable code based on properties of libjpeg. Still needs to be
re-tested with 12-bit "6b" and "MK1".
2015-05-30 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
* libtiff/tif_dirwrite.c (_TIFFRewriteField): Fix Coverity 1024310
"Resource leak".
* libtiff/tif_ojpeg.c (OJPEGReadHeaderInfoSecStreamDht): Fix
Coverity 601720 "Resource leak".
* libtiff/tif_jpeg.c (JPEGCleanup): Fix Coverity 298624
"Dereference before null check".
* libtiff/tif_ojpeg.c (OJPEGReadBufferFill): Fix Coverity 603400
"Missing break in switch".
* contrib/addtiffo/tif_overview.c (TIFF_DownSample): Check buffer
size calculation for overflow.
* contrib/addtiffo/addtiffo.c (main): Possibly address Coverity
1024226 "Untrusted value as argument".
* tools/gif2tiff.c (readgifimage): Fix Coverity 1024222 "Untrusted
value as argument".
(checksignature): Fix Coverity 1024894 "Ignoring number of bytes
read".
(readextension): Fix Coverity 1024893 "Ignoring number of bytes
read".
(readgifimage): Fix Coverity 1024890 "Ignoring number of bytes
read".
(readraster): Fix Coverity 1024891 "Ignoring number of bytes
read".
(readgifimage): Fix Coverity 1024892 "Ignoring number of bytes
read".
* tools/tiff2pdf.c (t2p_readwrite_pdf_image): Fix Coverity 1024181
"Structurally dead code".
* tools/raw2tiff.c (main): Fix Coverity 1024887 "Unchecked return
value from library".
(guessSize): Fix Coverity 1024888 "Unchecked return value from
library".
(guessSize): Fix Coverity 1214162 "Ignoring number of bytes read".
(guessSize): Fix Coverity 1024889 "Unchecked return value from
library".
* tools/tiff2pdf.c (t2p_readwrite_pdf_image): Fix Coverity 298621
"Resource leak".
(t2p_readwrite_pdf_image): Fix Coverity 1024181 "Structurally dead
code".
(t2p_write_pdf): Fix Coverity 1227690 "Unused value".
2015-05-29 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
* contrib/iptcutil/iptcutil.c (formatIPTC): Fix Coverity 1024468
"Infinite loop".
(formatIPTC): Fix Coverity 1024727 "Truncated stdio return value".
(formatIPTC): Fix Coverity 1214240 "Untrusted loop bound".
2015-05-28 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
* contrib/addtiffo/tif_ovrcache.c (TIFFCreateOvrCache): Fix
Coverity 298615 "Resource leak".
(TIFFGetOvrBlock): Fix Coverity 1024649 "Unintended sign
extension".
* tools/bmp2tiff.c (main): Fix Coverity 1024225 "Untrusted value
as argument".
(main): Fix Coverity 1024678 "Unchecked return value from
library".
(main): Fix Coverity 1024679 "Unchecked return value from
library".
(main): Fix Coverity 1214160 "Ignoring number of bytes read".
* contrib/addtiffo/tif_ovrcache.c (TIFFCreateOvrCache): Fix
Coverity 298615 "Resource leak".
* tools/tiffcp.c: Fix Coverity 1024306, 1024307, 1024308, 1024309
"Resource leak".
* tools/tiffsplit.c (cpTiles): Fix Coverity 1024304 "Resource
leak".
(cpStrips): Fix Coverity 1024305 "Resource leak".
2015-05-27 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
* tools/ras2tiff.c: Fix Sun Raster header definition to be safe
for 64-bit systems. Add some header validations. Should fix many
Coverity issues.
(main): Fix Coverity 1301206: "Integer handling issues (BAD_SHIFT)".
(main): Quiet Coverity 1024223 "Untrusted value as argument".
* tools/tiffmedian.c (GetInputLine): Fix Coverity 1024795 "Nesting
level does not match indentation".
(get_histogram): Quiet Coverity 1024386 "Out-of-bounds read".
This was a benign mis-diagnosis but added code to enforce against
buffer overflow.
* tools/tiffcrop.c (ROTATE_ANY): Fix Coverity 1294542 "Logical
vs. bitwise operator".
(readContigStripsIntoBuffer): Fix Coverity 1024545 "Division or
modulo by zero".
(readContigTilesIntoBuffer): Fix Coverity 1024586 "Logically dead
code".
(writeSingleSection): Fix Coverity 1024796 "Nesting level does not
match indentation".
(writeCroppedImage): Fix Coverity 1024797 "Nesting level does not
match indentation".
(loadImage): Fix Coverity 1299741 "Dereference before null check".
(loadImage): Fix Coverity 1299740 "Out-of-bounds write".
2015-03-02 Even Rouault <even.rouault@spatialys.com>
* tools/tiffdither.c: check memory allocations to avoid writing to
NULL pointer. Also check multiplication overflow. Fixes #2501,
CVE-2014-8128. Derived from patch by Petr Gajdos.
2015-01-26 Even Rouault <even.rouault@spatialys.com>
* add html/v4.0.4beta.html under version control
* HOWTO-RELEASE: write that cvs add html/vX.X.html must be used
2015-01-26 Even Rouault <even.rouault@spatialys.com>
* libtiff 4.0.4beta released
2015-01-26 Even Rouault <even.rouault@spatialys.com>
* automake: updated to 1.15
* libtool: updated to 2.4.5
2015-01-22 Even Rouault <even.rouault@spatialys.com>
* tools/tiff2pdf.c: Fix two crashes (oCERT-2014-013)
2015-01-05 Frank Warmerdam <warmerdam@pobox.com>
* html/bugs.html: remove note about needing to email the tiff mailing
list administrator about being approved for membership, this appears
not to be true.
2015-01-05 Olivier Paquet <olivier.paquet@gmail.com>
* tools/tiff2pdf.c: Fixed unsigned integer addition overflow detection.
2015-01-03 Even Rouault <even.rouault@spatialys.com>
* libtiff/tif_dirread.c: in TIFFCheckDirOffset(), avoid uint16 overflow
when reading more than 65535 directories, and effectively error out when
reaching that limit.
2014-12-29 Even Rouault <even.rouault@spatialys.com>
* libtiff/tif_jpeg.c: in JPEGFixupTags(), recognize SOF2, SOF9 and SOF10
markers to avoid emitting a warning (even if, according to the TechNote,
there are admitedly unusual/not recommended or even forbidden variants, but
they do work well with libjpeg for SOF2, and with libjpeg-turbo for SOF2,
SOF9 and SOF10).
Define in_color_space and input_components to the right values in
JPEGSetupEncode(), before calling jpeg_set_defaults(), as specified by
libjpeg API documentation, so as to be compatible with mozjpeg library.
Note: the default settings of mozjpeg will produce progressive scans, which
is forbidden by the TechNote.
2014-12-29 Even Rouault <even.rouault@spatialys.com>
* libtiff/tif_getimage.c: move test on vertical value of YCbCr subsampling.
to avoid buffer leak (fix previous fix, found by Coverity scan)
2014-12-29 Even Rouault <even.rouault@spatialys.com>
* libtiff/tif_next.c: add new tests to check that we don't read outside of
the compressed input stream buffer.
* libtiff/tif_getimage.c: in OJPEG case, fix checks on strile width/height
in the putcontig8bitYCbCr42tile, putcontig8bitYCbCr41tile and
putcontig8bitYCbCr21tile cases.
2014-12-27 Even Rouault <even.rouault@spatialys.com>
* libtiff/tif_dir.c: in TIFFDefaultDirectory(), reset any already existing
extented tags installed by user code through the extender mechaninm before
calling the extender callback (GDAL #5054)
2014-12-26 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
* tools/tiffcrop.c: Fix warnings about variables set but not used.
* contrib/iptcutil/iptcutil.c: Fix warnings about variables set
but not used.
* tools/tiffgt.c: Fix warnings about unused parameters.
* libtiff/tif_stream.cxx: Fix warnings about unused parameters.
2014-12-25 Even Rouault <even.rouault@spatialys.com>
* libtiff/tif_getimage.c, libtiff/tif_ojpeg.c, libtiff/tif_zip.c: fix
various typos found by Debian lintian tool (GDAL #5756)
2014-12-24 Even Rouault <even.rouault@spatialys.com>
* libtiff/tif_getimage.c: avoid divide by zero on invalid YCbCr subsampling.
http://bugzilla.maptools.org/show_bug.cgi?id=2235
2014-12-24 Even Rouault <even.rouault@spatialys.com>
* tools/tiff2pdf.c: fix buffer overflow on some YCbCr JPEG compressed images.
http://bugzilla.maptools.org/show_bug.cgi?id=2445
2014-12-24 Even Rouault <even.rouault@spatialys.com>
* tools/tiff2pdf.c: fix buffer overflow on YCbCr JPEG compressed image.
Derived from patch by Petr Gajdos,
http://bugzilla.maptools.org/show_bug.cgi?id=2443
2014-12-23 Even Rouault <even.rouault@spatialys.com>
* libtiff/tif_dirread.c: In EstimateStripByteCounts(), check return code
of _TIFFFillStriles(). This solves crashing bug on corrupted
images generated by afl.
2014-12-23 Even Rouault <even.rouault@spatialys.com>
* libtiff/tif_read.c: fix several invalid comparisons of a uint64 value with
<= 0 by casting it to int64 first. This solves crashing bug on corrupted
images generated by afl.
2014-12-21 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
* tools/tiffdump.c: Guard against arithmetic overflow when
calculating allocation buffer sizes.
2014-12-21 Even Rouault <even.rouault@spatialys.com>
* tools/tiff2bw.c: when Photometric=RGB, the utility only works if
SamplesPerPixel = 3. Enforce that
http://bugzilla.maptools.org/show_bug.cgi?id=2485 (CVE-2014-8127)
2014-12-21 Even Rouault <even.rouault@spatialys.com>
* tools/pal2rgb.c, tools/thumbnail.c: fix crash by disabling TIFFTAG_INKNAMES
copying. The right fix would be to properly copy it, but not worth the burden
for those esoteric utilities.
http://bugzilla.maptools.org/show_bug.cgi?id=2484 (CVE-2014-8127)
2014-12-21 Even Rouault <even.rouault@spatialys.com>
* tools/thumbnail.c: fix out-of-buffer write
http://bugzilla.maptools.org/show_bug.cgi?id=2489 (CVE-2014-8128)
2014-12-21 Even Rouault <even.rouault@spatialys.com>
* tools/thumbnail.c, tools/tiffcmp.c: only read/write TIFFTAG_GROUP3OPTIONS
or TIFFTAG_GROUP4OPTIONS if compression is COMPRESSION_CCITTFAX3 or
COMPRESSION_CCITTFAX4
http://bugzilla.maptools.org/show_bug.cgi?id=2493 (CVE-2014-8128)
2014-12-21 Even Rouault <even.rouault@spatialys.com>
* libtiff/tif_next.c: check that BitsPerSample = 2. Fixes
http://bugzilla.maptools.org/show_bug.cgi?id=2487 (CVE-2014-8129)
2014-12-21 Even Rouault <even.rouault@spatialys.com>
* tools/tiff2pdf.c: check return code of TIFFGetField() when reading
TIFFTAG_SAMPLESPERPIXEL
2014-12-21 Even Rouault <even.rouault@spatialys.com>
* tools/tiffcp.c: fix crash when converting YCbCr JPEG-compressed to none.
Based on patch by Tomasz Buchert (http://bugzilla.maptools.org/show_bug.cgi?id=2480)
Description: fix for Debian bug #741451
tiffcp crashes when converting JPEG-encoded TIFF to a different
encoding (like none or lzw). For example this will probably fail:
tiffcp -c none jpeg_encoded_file.tif output.tif
The reason is that when the input file contains JPEG data,
the tiffcp code forces conversion to RGB space. However,
the output normally inherits YCbCr subsampling parameters
from the input, which leads to a smaller working buffer
than necessary. The buffer is subsequently overrun inside
cpStripToTile() (called from writeBufferToContigTiles).
Note that the resulting TIFF file would be scrambled even
if tiffcp wouldn't crash, since the output file would contain
RGB data intepreted as subsampled YCbCr values.
This patch fixes the problem by forcing RGB space on the output
TIF if the input is JPEG-encoded and output is *not* JPEG-encoded.
Author: Tomasz Buchert <tomasz.buchert@inria.fr>
2014-12-21 Even Rouault <even.rouault@spatialys.com>
Fix various crasher bugs on fuzzed images.
* libtiff/tif_dir.c: TIFFSetField(): refuse to set negative values for
TIFFTAG_XRESOLUTION and TIFFTAG_YRESOLUTION that cause asserts when writing
the directory
* libtiff/tif_dirread.c: TIFFReadDirectory(): refuse to read ColorMap or
TransferFunction if BitsPerSample has not yet been read, otherwise reading
it later will cause user code to crash if BitsPerSample > 1
* libtiff/tif_getimage.c: TIFFRGBAImageOK(): return FALSE if LOGLUV with
SamplesPerPixel != 3, or if CIELAB with SamplesPerPixel != 3 or BitsPerSample != 8
* libtiff/tif_next.c: in the "run mode", use tilewidth for tiled images
instead of imagewidth to avoid crash
* tools/bmp2tiff.c: fix crash due to int overflow related to input BMP dimensions
* tools/tiff2pdf.c: fix crash due to invalid tile count (should likely be checked by
libtiff too). Detect invalid settings of BitsPerSample/SamplesPerPixel for CIELAB / ITULAB
* tools/tiffcrop.c: fix crash due to invalid TileWidth/TileHeight
* tools/tiffdump.c: fix crash due to overflow of entry count.
2014-12-15 Even Rouault <even.rouault@spatialys.com>
* libtiff/tif_jpeg.c: Fix regression introduced on 2010-05-07 that caused
all tiles/strips to include quantization tables even when the jpegtablesmode
had the JPEGTABLESMODE_QUANT bit set.
Also add explicit removal of Huffman tables when jpegtablesmode has the
JPEGTABLESMODE_HUFF bit set, which avoids Huffman tables to be emitted in the
first tile/strip (only useful in update scenarios. create-only was
fine)
2014-12-09 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
* tools/tiff2pdf.c: Assure that memory size calculations for
_TIFFmalloc() do not overflow the range of tmsize_t.
2014-12-07 Even Rouault <even.rouault@spatialys.com>
* tools/thumbnail.c, tools/tiffcrop.c: "fix" heap read over-run found with
Valgrind and Address Sanitizer on test suite
2014-12-07 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
* tools/tiff2pdf.c (t2p_read_tiff_init): TIFFTAG_TRANSFERFUNCTION
tag can return one channel, with the other two channels set to
NULL. The tiff2pdf code was expecting that other two channels
were duplicate pointers in the case where there is only one
channel. Detect this condition in order to avoid a crash, and
presumably perform correctly with just one channel.
2014-12-06 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
* tools/tiffdump.c: Fix double-free bug.
2014-11-27 Even Rouault <even.rouault@spatialys.com>
* libtiff/tif_config.vc.h: no longer use "#define snprintf _snprintf" with
Visual Studio 2015 aka VC 14 aka MSVC 1900
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
2014-11-20 Even Rouault <even.rouault@spatialys.com>
* libtiff/tif_lzw.c: prevent potential null dereference of
sp->dec_codetab in LZWPreDecode (bug #2459)
* libtiff/tif_read.c: in TIFFReadBufferSetup(), avoid passing -1 size
to TIFFmalloc() if passed user buffer size is 0 (bug #2459)
* libtiff/tif_ojpeg.c: make Coverity happier (not a bug, #2459)
* libtiff/tif_dir.c: in _TIFFVGetField() and _TIFFVSetField(), make
Coverity happier (not a bug, #2459)
* libtiff/tif_dirread.c: in TIFFFetchNormalTag(), make Coverity happier
(not a bug, #2459)
* tools/tiff2pdf.c: close PDF file (bug #2479)
* tools/fax2ps.c: check malloc()/realloc() result (bug #2470)
* tools/tiffdump.c: detect cycle in TIFF directory chaining (bug #2463)
and avoid passing a NULL pointer to read() if seek() failed before (bug #2459)
* tools/tiffcrop.c: fix segfault if bad value passed to -Z option
(bug #2459) and add missing va_end in dump_info (#2459)
* tools/gif2tif.c: apply patch for CVE-2013-4243 (#2451)
2014-11-20 Even Rouault <even.rouault@spatialys.com>
* libtiff/tif_jpeg.c: fix segfault in JPEGFixupTagsSubsampling() on
corrupted image where tif->tif_dir.td_stripoffset == NULL (bug #2471)
2014-11-20 Even Rouault <even.rouault@spatialys.com>
* automake: updated to 1.14.1
* libtool: updated to 2.4.3
* HOWTO-RELEASE: small update about autotools building order
2014-10-20 Olivier Paquet <olivier.paquet@gmail.com>
* tools/tiff2pdf.c: Preserve input file directory order when pages
are tagged with the same page number.
2014-08-31 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
* libtiff/tif_dirread.c (TIFFReadDirEntryOutputErr): Incorrect
count for tag should be a warning rather than an error since
errors terminate processing.
2014-06-07 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
* tools/tiff2rgba.c (]): Fixed tiff2rgba usage message in that zip
was wrongly described. Fix suggested by Miguel Medalha.
2014-05-06 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
* libtiff/tif_dirinfo.c (TIFFField) : Fix data type for
TIFFTAG_GLOBALPARAMETERSIFD tag. Patch by Steve Underwood.
Reviewed and forwarded by Lee Howard.
2013-11-30 Frank Warmerdam <warmerdam@pobox.com>
* libtiff/tif_dir.c: fix last fix for TIFFNumberOfDirectories()
2013-10-21 Frank Warmerdam <warmerdam@pobox.com>
* libtiff/tif_dir.c: generate error in case of directory count
overflow.
2013-10-01 Frank Warmerdam <warmerdam@pobox.com>
* libtiff/tiff.h, libtiff/tif_dirinfo.c: add definitions for
TIFF/EP CFARepeatPatternDim and CFAPattern tags (bug #2457)
2013-09-12 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
* libtiff/tif_dir.c (TIFFAdvanceDirectory): If nextdir is found to
be defective, then set it to zero before returning error in order
to terminate processing of truncated TIFF. Issue found and fix
suggested by Richard Nolde.
2013-08-14 Frank Warmerdam <warmerdam@pobox.com>
* tools/gif2tiff.c: fix possible OOB write (#2452, CVE-2013-4244)
2013-08-13 Frank Warmerdam <warmerdam@pobox.com>
* tools/gif2tiff.c: Be more careful about corrupt or
hostile input files (#2450, CVE-2013-4231)
* tools/tiff2pdf.c: terminate after failure of allocating
ycbcr buffer (bug #2449, CVE-2013-4232)
2013-07-09 Frank Warmerdam <warmerdam@google.com>
* tools/tiffinfo.c: Default various values fetched with
TIFFGetField() to avoid being uninitialized.
2013-05-02 Tom Lane <tgl@sss.pgh.pa.us>
* tools/tiff2pdf.c: Rewrite JPEG marker parsing in
t2p_process_jpeg_strip to be at least marginally competent. The
approach is still fundamentally flawed, but at least now it won't
stomp all over memory when given bogus input. Fixes CVE-2013-1960.
2013-05-02 Tom Lane <tgl@sss.pgh.pa.us>
* contrib/dbs/xtiff/xtiff.c, libtiff/tif_codec.c,
libtiff/tif_dirinfo.c, tools/rgb2ycbcr.c, tools/tiff2bw.c,
tools/tiff2pdf.c, tools/tiff2ps.c, tools/tiffcrop.c,
tools/tiffdither.c: Enlarge some fixed-size buffers that weren't
large enough, and eliminate substantially all uses of sprintf(buf,
...) in favor of using snprintf(buf, sizeof(buf), ...), so as to
protect against overflow of fixed-size buffers. This responds in
particular to CVE-2013-1961 concerning overflow in tiff2pdf.c's
t2p_write_pdf_page(), but in general it seems like a good idea to
deprecate use of sprintf().
2013-03-29 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
* configure.ac: Applied patch by Brad Smith to improve pkg-config
static linking by adding -lm to Libs.private when needed.
2013-03-05 Tom Lane <tgl@sss.pgh.pa.us>
* html/man/tiff2ps.1.html, html/man/tiffcp.1.html,
html/man/tiffdither.1.html, man/tiff2ps.1, man/tiffcp.1,
man/tiffdither.1, tools/tiff2ps.c, tools/tiffcp.c,
tools/tiffdither.c: Sync tool usage printouts and man pages with
reality (quite a few options had escaped being documented in one
or both places). Per an old report from Miroslav Vadkerti.
2013-01-25 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
* tools/tiff2ps.c:Fix bug in auto rotate option code. Once a
rotation angle was set by the auto rotate check, it was retained
for all pages that followed instead ofa being retested for each
page. Patch by Richard Nolde.
2013-01-18 Frank Warmerdam <warmerdam@google.com>
* libtiff/tif_write.c: tmsize_t related casting warning fixed for
* libtiff/tif_read.c: uint64/tmsize_t change for MSVC warnings.
http://bugzilla.maptools.org/show_bug.cgi?id=2427
2012-12-20 Tom Lane <tgl@sss.pgh.pa.us>
* test/raw_decode.c: Relax raw_decode's pixel-value checks so that
it will pass with more versions of libjpeg. (There are at least
three in active use now, and JPEG_LIB_VERSION doesn't tell us
enough to uniquely identify expected results.)
2012-12-12 Tom Lane <tgl@sss.pgh.pa.us>
* libtiff/tif_print.c: Fix TIFFPrintDirectory's handling of
field_passcount fields: it had the TIFF_VARIABLE and
TIFF_VARIABLE2 cases backwards.
2012-12-10 Tom Lane <tgl@sss.pgh.pa.us>
* tools/ppm2tiff.c: Improve previous patch for CVE-2012-4564:
check the linebytes calculation too, get the max() calculation
straight, avoid redundant error messages, check for malloc
failure.
2012-12-10 Tom Lane <tgl@sss.pgh.pa.us>
* libtiff/tif_pixarlog.c: Improve previous patch for CVE-2012-4447
(to enlarge tbuf for possible partial stride at end) so that
overflow in the integer addition is detected. Per gripe from
Huzaifa Sidhpurwala.
2012-12-03 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
* tools/tiffset.c: tiffset now supports a -u option to unset a
tag. Patch by Zach Baker. See
http://bugzilla.maptools.org/show_bug.cgi?id=2419
2012-11-18 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
* automake: Update Automake to 1.12.5 release.
* libtiff/tif_{unix,vms,win32}.c (_TIFFmalloc): ANSI C does not
require malloc() to return NULL pointer if requested allocation
size is zero. Assure that _TIFFmalloc does.
2012-11-01 Frank Warmerdam <warmerdam@pobox.com>
* tools/ppm2tiff.c: avoid zero size buffer vulnerability.
CVE-2012-4564 - Thanks to Huzaifa Sidhpurwala of the
Red Hat Security Response team for the fix.