AWARE SYSTEMS
TIFF and LibTiff Mail List Archive

Thread

2008.12.17 20:54 "[Tiff] Deleting tags from a directory", by Frank Warmerdam
[...]
2009.01.22 16:23 "Re: [Tiff] libtiff 4.0.0beta3", by Edward Lam
2009.01.22 16:31 "Re: [Tiff] libtiff 4.0.0beta3", by Bob Friesenhahn
2009.01.22 17:00 "Re: [Tiff] libtiff 4.0.0beta3", by Bob Friesenhahn
2009.01.22 19:38 "Re: [Tiff] libtiff 4.0.0beta3", by Frank Warmerdam
[...]

2009.01.22 17:00 "Re: [Tiff] libtiff 4.0.0beta3", by Bob Friesenhahn

I did a pass using the canonical build instructions for MSVC and got some additional warnings similar to:

tif_lzw.c(389): warning C4244: '+=': conversion from 'tmsize_t' to 'long', possible loss of data tif_lzw.c(606): warning C4244: '+=': conversion from 'tmsize_t' to 'long', possible loss of data tif_lzw.c(715): warning C4244: '=': conversion from 'tmsize_t' to 'long', possible loss of data

This type of warning is quite worrysome. For Windows builds, the 'long' type is always 32-bit whereas it is usually 64-bit on Unix systems. Undetected overflow will result in wrong processing, and may represent an available security exploit.

Can you post the full list of such warnings?

Bob
======================================
Bob Friesenhahn
bfriesen@simple.dallas.tx.us, http://www.simplesystems.org/users/bfriesen/
GraphicsMagick Maintainer, http://www.GraphicsMagick.org/