From 6a41c7a28f91e64a118e0fe6b301bcde09026c0c Mon Sep 17 00:00:00 2001 From: Bob Friesenhahn Date: Thu, 28 May 2015 03:30:41 +0000 Subject: [PATCH] * tools/ras2tiff.c: Fix Sun Raster header definition to be safe for 64-bit systems. Add some header validations. Should fix many Coverity issues. --- ChangeLog | 4 ++++ tools/ras2tiff.c | 24 ++++++++++++++++++++++-- tools/rasterfile.h | 18 ++++++++++-------- 3 files changed, 36 insertions(+), 10 deletions(-) diff --git a/ChangeLog b/ChangeLog index 7834cc72..e6a140e7 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,9 @@ 2015-05-27 Bob Friesenhahn + * tools/ras2tiff.c: Fix Sun Raster header definition to be safe + for 64-bit systems. Add some header validations. Should fix many + Coverity issues. + * tools/tiffmedian.c (GetInputLine): Fix Coverity 1024795 "Nesting level does not match indentation". (get_histogram): Quiet Coverity 1024386 "Out-of-bounds read". diff --git a/tools/ras2tiff.c b/tools/ras2tiff.c index ec8a0712..5dd646c7 100644 --- a/tools/ras2tiff.c +++ b/tools/ras2tiff.c @@ -1,4 +1,4 @@ -/* $Id: ras2tiff.c,v 1.18 2010-03-10 18:56:49 bfriesen Exp $ */ +/* $Id: ras2tiff.c,v 1.19 2015-05-28 03:30:42 bfriesen Exp $ */ /* * Copyright (c) 1988-1997 Sam Leffler @@ -122,6 +122,26 @@ main(int argc, char* argv[]) fclose(in); return (-3); } + if ((h.ras_width <= 0) || + (h.ras_height <= 0) || + (h.ras_depth <= 0) || + (h.ras_length <= 0) || + (h.ras_type <= 0) || + (h.ras_maptype <= 0) || + (h.ras_maplength <= 0)) { + fprintf(stderr, "%s: Improper image header.\n", argv[optind]); + fclose(in); + return (-2); + } + if ((h.ras_depth != 1) && + (h.ras_depth != 8) && + (h.ras_depth != 24) && + (h.ras_depth != 32)) { + fprintf(stderr, "%s: Improper image depth (%d).\n", + argv[optind], h.ras_depth); + fclose(in); + return (-2); + } out = TIFFOpen(argv[optind+1], "w"); if (out == NULL) { @@ -153,7 +173,7 @@ main(int argc, char* argv[]) mapsize = 1< mapsize*3) { fprintf(stderr, - "%s: Huh, %ld colormap entries, should be %d?\n", + "%s: Huh, %d colormap entries, should be %d?\n", argv[optind], h.ras_maplength, mapsize*3); return (-7); } diff --git a/tools/rasterfile.h b/tools/rasterfile.h index f97dea66..dc70a143 100644 --- a/tools/rasterfile.h +++ b/tools/rasterfile.h @@ -1,17 +1,19 @@ -/* $Header: /cvs/maptools/cvsroot/libtiff/tools/Attic/rasterfile.h,v 1.3 2003-11-12 19:14:33 dron Exp $ */ +/* $Header: /cvs/maptools/cvsroot/libtiff/tools/Attic/rasterfile.h,v 1.4 2015-05-28 03:30:42 bfriesen Exp $ */ + +#include "tiff.h" /* * Description of header for files containing raster images */ struct rasterfile { char ras_magic[4]; /* magic number */ - long ras_width; /* width (pixels) of image */ - long ras_height; /* height (pixels) of image */ - long ras_depth; /* depth (1, 8, or 24 bits) of pixel */ - long ras_length; /* length (bytes) of image */ - long ras_type; /* type of file; see RT_* below */ - long ras_maptype; /* type of colormap; see RMT_* below */ - long ras_maplength; /* length (bytes) of following map */ + int32 ras_width; /* width (pixels) of image */ + int32 ras_height; /* height (pixels) of image */ + int32 ras_depth; /* depth (1, 8, or 24 bits) of pixel */ + int32 ras_length; /* length (bytes) of image */ + int32 ras_type; /* type of file; see RT_* below */ + int32 ras_maptype; /* type of colormap; see RMT_* below */ + int32 ras_maplength; /* length (bytes) of following map */ /* color map follows for ras_maplength bytes, followed by image */ }; #define RAS_MAGIC "\x59\xa6\x6a\x95"