1993.10.19 13:15 "Bug in gif2tiff", by Darren Sillett

1993.10.19 13:15 "Bug in gif2tiff", by Darren Sillett

There is a bug in the gif2tiff.c source which came to light when I was porting the TIFF library to RISC OS.

I can't remember the exact details but the problem was that the area of memory used for the initial gif raster image (called raster I think) was assigned from a call to malloc and there was a corresponding call to free to give back the memory.

Unfortunately inbetween the two calls the pointer is incremented so it doesn't point to the start of the allocated memory any more. The fix was to copy the value of raster into another variable, say original_raster, after allocation and change the call to free to free(original_raster).

I can probably post the correct changes if anyone needs them but I hope the explanation above is sufficient. The bug doesn't cause problems on most machines as the free call is one of the last things to be actioned, however under RISC OS it corrupted the heap which caused the program to die rather than exit gracefully.

Darren

P.S. If anybody is interested in a RISC OS port of the TIFF library then please contact me as it is freely available to anyone who wants it.