2007.07.13 18:14 "[Tiff] Read warnings in TIFFReadEncodedStrip lead to crash on TIFFClose", by Steve Bougerolle
We've run into an obscure bug/feature: when reading some specific TIFF files
Fax4Decode (called from TIFFReadEncodedStrip) will toss out a few warnings about "line length mismatch" and continue reading. However, farther down the
line the program segfaults while doing TIFFClose().
The program seems to be doing everything right that I can see - reading the fields
in the right order, checking error return values. The problem is libtiff only DISPLAYS
this warning but doesn't return any error code. If this can cause a segfault, surely it
needs to be classed as an error?
Adding "return -1" to the CLEANUP_RUNS macro in libtiff/tif_fax3.h seems to fix the
problem.