cheng/libtiff
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

EstimateStripByteCounts(): avoid harmless unsigned integer overflow

Browse Source
This commit is contained in:
Even Rouault 2019-08-20 18:09:46 +02:00
parent dd50fedc2f
commit 324aa65c0d
No known key found for this signature in database
GPG Key ID: 33EBBFC47B3DD87D
1 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
libtiff/tif_dirread.c
View File

@ -4578,8 +4578,14 @@ EstimateStripByteCounts(TIFF* tif, TIFFDirEntry* dir, uint16 dircount)
* of data in the strip and trim this number back accordingly.
*/
strip--;
if (td->td_stripoffset_p[strip]+td->td_stripbytecount_p[strip] > filesize)
if (td->td_stripoffset_p[strip]+td->td_stripbytecount_p[strip] > filesize) {
if( td->td_stripoffset_p[strip] >= filesize ) {
/* Not sure what we should in that case... */
td->td_stripbytecount_p[strip] = 0;
} else {
td->td_stripbytecount_p[strip] = filesize - td->td_stripoffset_p[strip];
}
}
} else if (isTiled(tif)) {
uint64 bytespertile = TIFFTileSize64(tif);