2011.04.18 17:42 "[Tiff] WhiteLevel with 3.9.5", by Ashish Uthama
Hi folks,
I am trying to use the 3.9.5 library to handle a DNG file with a subIFD. The subIFD has a WhiteLevel tag http://www.awaresystems.be/imaging/tiff/tifftags/whitelevel.html which appears to cause a segfault with 3.9.5 (Used to work fine with 3.7.1).
Debugging 3.9.5, I noticed that TIFFSetField at 1739 was called for this tag:
tif_dirread.c:
1737 ok = (fip->field_passcount ?
1738 TIFFSetField(tif, dp->tdir_tag, 1,
&v32)
1739 : TIFFSetField(tif, dp->tdir_tag, v32));
which cases the memcpy in 506 to fail:
tif_dir.c:
497 if ((fip->field_passcount
498 || fip->field_writecount == TIFF_VARIABLE
499 || fip->field_writecount == TIFF_VARIABLE2
500 || fip->field_writecount == TIFF_SPP
501 || tv->count > 1)
502 && fip->field_tag != TIFFTAG_PAGENUMBER
503 && fip->field_tag != TIFFTAG_HALFTONEHINTS
504 && fip->field_tag != TIFFTAG_YCBCRSUBSAMPLING
505 && fip->field_tag != TIFFTAG_DOTRANGE) {
506 _TIFFmemcpy(tv->value, va_arg(ap, void *),
507 tv->count * tv_size);
508 } else {
509 /*
510 * XXX: The following loop required to handle
511 * TIFFTAG_PAGENUMBER, TIFFTAG_HALFTONEHINTS,
512 * TIFFTAG_YCBCRSUBSAMPLING and
TIFFTAG_DOTRANGE tags.
513 * These tags are actually arrays and should
be passed as
514 * array pointers to TIFFSetField()
function, but actually
515 * passed as a list of separate values. This
behaviour
516 * must be changed in the future!
517 */
Based on the comment (510-517), and the description for the tag, I added TIFFTAG_WHITELEVEL after line 505 to skip the memcpy and use the else block to process it.
Would this be the right way to handle this tag?
Ashish