2004.10.23 19:21 "[Tiff] TIFFTAG_PHOTOSHOP", by Chris Losinger

2004.10.29 17:54 "Re: [Tiff] TIFFTAG_PHOTOSHOP", by Andrey Kiselev

i'm trying to set some data into the Photoshop tag:

        TIFFSetField(tiff, TIFFTAG_PHOTOSHOP, (unsigned long)dataSize, (void *)dataPointer);

that call works fine. but when i go to close the file (TIFFClose(tiff)), LibTiff crashes in _TIFFVGetField. the bug seems to happen here:

...snip
        case TIFFTAG_PHOTOSHOP:
             *va_arg(ap, uint32*) = td->td_photoshopLength;
             *va_arg(ap, void**) = td->td_photoshopData;
             break;
...snip

the values of td_photoshopLength is right and td_photoshopData points to a copy of my data.

call stack:
_TIFFVGetField(tiff * 0x00f6fd58, unsigned long 34377, char * 0x0012eb48) line 884
TIFFVGetField(tiff * 0x00f6fd58, unsigned long 34377, char * 0x0012eb48) line 1004 + 88 bytes
TIFFGetField(tiff * 0x00f6fd58, unsigned long 34377) line 988 + 17 bytes
TIFFWriteNormalTag(tiff * 0x00f6fd58, TIFFDirEntry * 0x0116150c, const
TIFFFieldInfo * 0x009f6a34) line 590 + 23 bytes
_TIFFWriteDirectory(tiff * 0x00f6fd58, int 1) line 346 + 17 bytes
TIFFWriteDirectory(tiff * 0x00f6fd58) line 415 + 11 bytes
TIFFFlush(tiff * 0x00f6fd58) line 40 + 22 bytes
TIFFClose(tiff * 0x00f6fd58) line 39 + 9 bytes

but it looks like the va_arg stuff totally hoses the stack. after the first va_arg line, i lose half the stack. after the other, i lose another 1/4. and, this problem on happens in debug mode. it seems to run fine in release mode. (VC6, sp6). BoundsChecker doesn't tell me anything.

but, if i change the TIFFTAG_PHOTOSHOP definition to a TIFF_UNDEFINED instead of TIFF_BYTE, it runs fine.

so, i'm not sure if this is a bug in LibTiff or a bug in my code. i've tried it with both LibTiff 3.6.1 and 3.7.0.

I have checked in the possible fix for that problem. The following code should work correctly now:

TIFFSetField(tiff, TIFFTAG_PHOTOSHOP, (uint32)dataSize, (void *)dataPointer);

Chris, Bob, could you test this in your environments, where the crash occurs?

Andrey

Andrey V. Kiselev
Home phone: +7 812 5274898 ICQ# 26871517