Bug 2216 - tif_getimage is missing a check for sane SamplesPerPixel
: tif_getimage is missing a check for sane SamplesPerPixel
Status: RESOLVED FIXED
: libtiff
default
: 3.9.0
: All All
: P2 normal
: ---
Assigned To:
: https://bugzilla.redhat.com/show_bug....
:
:
:
:
  Show dependency treegraph
 
Reported: 2010-06-16 17:29 by
Modified: 2010-07-02 05:04 (History)


Attachments


Note

You need to log in before you can comment on or make changes to this bug.


Description From 2010-06-16 17:29:43
https://bugzilla.redhat.com/show_bug.cgi?id=603081 exhibits a test case that
crashes various libtiff tools: it's a file that has SamplesPerPixel = 1 and
Photometric = YCbCr.  This is of course bogus, but there are code paths in
tif_getimage.c that assume YCbCr images always have SPP=3 without checking it.

The patch attached there fixes it by duplicating in PickContigCase() a safety
check that already existed in PickSeparateCase().
------- Comment #1 From 2010-07-02 05:04:13 -------
Tom,

Thank you for report, patch applied both in 3.9 and 4.0 branches.

Best regards,
Andrey