It is possible to craft a TIFF document where the IFD list is circular,
leading to an infinite loop while traversing the chain. The libtiff
directory reader has a failsafe that will break out of this loop after
reading 65535 directory entries, but it will continue processing,
consuming time and resources to process what is essentially a bogus TIFF
document.
This change fixes the above behavior by breaking out of processing when
a TIFF document has >= 65535 directories and terminating with an error.
Roger Leigh (via tiff mailing list on 2015-09-01) to fix issue
with BSD make and to make use of cmake in 'distcheck' target
conditional on if cmake is available.
libtiff mailing list on Mon, 22 Jun 2015 21:21:01 +0100. Several
corrections to ensure that the autotools build still works were
added by me. I have not yet tested the build using 'cmake' or
MSVC with 'nmake'.
definitions that configure produces, including for WIN64. Still
needs to be tested.
'lld' is not assured by the run-time DLLs and so GCC warns.
Add TIFF_SIZE_T and TIFF_SIZE_FORMAT to provide a type definition
and printf format specifier to deal with printing values of
'size_t' type. In particular, this was necessary for WIN64.
Added a configure test for if the system headers provide 'optarg'
(normal case) and block out the many explicit 'extern' statements
in the utilities. This was found to be necessary under Windows
when getopt is in a DLL and the symbols are already imported with
dllimport via standard header files.
some TIFF/FX support in libtiff. Add the tag definitions to
tiff.h. Add the related TIFF field definitions to tif_dirinfo.c,
and also fixes an error in a comment. Adds the photometric values
to tif_print.c, and fixes a bug. These changes are by Steve
Underwood.
* libtiff/tif_write.c: Fix bug rewriting image tiles in a
the run-time target whereas target is used to specify the final
output target if the package is a build tool (like a compiler),
which libtiff is not. Resolves libtiff bug 2307 "Use
AC_CANONICAL_HOST macro".
* libtiff/tif_fax3.c (Fax3SetupState): Avoid under-allocation of
buffer due to integer overflow in TIFFroundup() and several other
potential overflows. In conjunction with the fix to TIFFhowmany(),
fixes CVE-2010-1411.
* libtiff/tiffiop.h (TIFFhowmany): Return zero if parameters would
result in an integer overflow. This causes TIFFroundup() to also
return zero if there would be an integer overflow.
libtool 2.2.6. Enabled support for silent build rules
(--enable-silent-rules or 'make V=0') and colorized tests.
* html/{index.html, v3.9.0.html}: Update for 3.9.0 release.
tiff2ps-PS3.sh tiffcp-g3-1d-fill.sh tiffcp-g3-1d.sh
tiffcp-g3-2d-fill.sh tiffcp-g3-2d.sh tiffcp-g3.sh tiffcp-g4.sh
tiffcp-split-join.sh tiffcp-split.sh tiffcp-thumbnail.sh
tiffdump.sh tiffinfo.sh}: Added more test scripts based on
suggestions from Lee Howard posted to the tiff list on 13 Sep
2007.