2015.11.14 13:19 "[Tiff] ColorMap and high bit depth", by Even Rouault

2015.11.16 14:49 "Re: [Tiff] ColorMap and high bit depth", by Bob Friesenhahn

The colormap is not compressed so the best defense against DOS is to check that the file has provided the backing data for the colormap before making the memory allocation. It is easy to declare a 1.6 GB colormap, but much more difficult to supply it.

The code currently would error out after some time if the file isn't 1.6 GB large, but 1.6 GB TIFF files are not uncommon at all in my area of interest (GIS) for example. But ingesting it in a single gulp for a fake colormap isn't really expected :-)

So is there any opposition to me committing the following?

My own preference is that 'large' allocations should be validated against the underlying file. Denial of service is then not possible unless rogue software constructs or modifies files on the target machine.

That said, it does not seem like the added restriction is going to cause harm for existing usages.

Bob
--
Bob Friesenhahn
bfriesen@simple.dallas.tx.us, http://www.simplesystems.org/users/bfriesen/
GraphicsMagick Maintainer, http://www.GraphicsMagick.org/