AWARE SYSTEMS
TIFF and LibTiff Mail List Archive

Thread

2019.06.18 22:04 "[Tiff] Any status update on InkNames bug (see thread from 1/22/2019)?", by Ellen Johnson
2019.07.26 20:23 "[Tiff] Undefined Behavior in some part of the code", by nohg nsyi

2019.07.26 20:23 "[Tiff] Undefined Behavior in some part of the code", by nohg nsyi

Hi all,

I encountered a couple Undefined Behavior cases in the source code. However, I could not come up with a malicious inputs. I'm not sure if they affect the functionality of the program though. A list of these UBs is attached.

In "report.txt" you can see the details of error messages. You can also find the name of input to trigger the issue. I compile with this configuration.

CC=clang-6.0 CFLAGS="-fsanitize=integer,bounds,shift -O3 -g" ./configure --enable-shared=no --enable-static=yes

How to reproduce:
./tiff2ps $POC

I also tested by these two versions https://gitlab.com/libtiff/libtiff https://download.osgeo.org/libtiff/tiff-4.0.10.tar.gz

I appreciate if you share your thoughts on this.

Thanks