Commit Graph

66 Commits

Author SHA1 Message Date
Thomas Bernard
dff30c4d5d
tiff2ps: enforce memory allocation limit
fixes #153 / http://bugzilla.maptools.org/show_bug.cgi?id=2845
2020-03-21 15:50:38 +01:00
Thomas Bernard
ebf0864306
tiff2ps: fix heap buffer read overflow in PSDataColorContig()
fixes #161 / http://bugzilla.maptools.org/show_bug.cgi?id=2855

in 05029fb7f1 I missed that 1 extra byte is read
in this loop.
2020-02-08 12:10:56 +01:00
Even Rouault
b04da30e11
tiff2ps: fix use of wrong data type that caused issues (/Height being written as 0) on 64-bit big endian platforms 2019-08-18 10:52:45 +02:00
Even Rouault
3c0becb4aa Merge branch 'bug_2844' into 'master'
tiff2ps.c: PSDataColorContig(): avoid heap buffer overrun

See merge request libtiff/libtiff!69
2019-04-25 09:39:01 +00:00
Thomas Bernard
05029fb7f1
PSDataColorContig(): avoid heap buffer overrun
fixes http://bugzilla.maptools.org/show_bug.cgi?id=2844
each iteration of the loop read nc bytes
2019-02-24 00:50:12 +01:00
Thomas Bernard
a242136916
tiff2ps.c: fix warning caused by integer promotion
uint8 value is promoted to int in (value << 24) so -fsanitize
yield runtime errors :
tiff2ps.c:2969:33: runtime error: left shift of 246 by 24 places cannot be represented in type 'int'
2019-02-22 16:23:33 +01:00
Thomas Bernard
309bfd7f61
tiff2ps: fix heap-buffer-overflow
http://bugzilla.maptools.org/show_bug.cgi?id=2834

usually the test (i < byte_count) is OK because the byte_count is divisible by samplesperpixel.
But if that is not the case, (i + ncomps) < byte_count should be used, or
maybe (i + samplesperpixel) <= byte_count
2019-01-29 10:47:14 +01:00
Bob Friesenhahn
a0e273fdca Fix tiff2ps error regarding "Inconsistent value of es" by allowing es to be zero.
Problem was reported to the tiff mailing list by Julian H. Stacey on January 5, 2019.
2019-01-05 13:56:09 -06:00
Stefan Weil
642b8f998e Fix some typos
Most of them were found by codespell.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
2018-02-24 21:47:52 +01:00
Even Rouault
f0a54a4fa0 Remove all $Id and $Headers comments with CVS versions 2017-11-30 18:02:46 +01:00
Even Rouault
697bfd9f39 * libtiff/tif_dirread.c: fix memory leak in non DEFER_STRILE_LOAD
mode (ie default) when there is both a StripOffsets and
TileOffsets tag, or a StripByteCounts and TileByteCounts
Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2689
* tools/tiff2ps.c: call TIFFClose() in error code paths.
2017-04-27 15:46:22 +00:00
Even Rouault
0a85b00c8b * tools/tiff2ps.c: fix 2 heap-based buffer overflows (in PSDataBW
and PSDataColorContig). Reported by Agostino Sarubbo.
Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2633 and
http://bugzilla.maptools.org/show_bug.cgi?id=2634.
2016-12-17 19:45:28 +00:00
Bob Friesenhahn
d21d2b3057 * libtiff/tif_config.vc.h: Make adjustments to match the new
definitions that configure produces, including for WIN64.  Still
needs to be tested.

'lld' is not assured by the run-time DLLs and so GCC warns.
Add TIFF_SIZE_T and TIFF_SIZE_FORMAT to provide a type definition
and printf format specifier to deal with printing values of
'size_t' type.  In particular, this was necessary for WIN64.
Added a configure test for if the system headers provide 'optarg'
(normal case) and block out the many explicit 'extern' statements
in the utilities.  This was found to be necessary under Windows
when getopt is in a DLL and the symbols are already imported with
dllimport via standard header files.
2015-06-21 01:09:09 +00:00
Lee Howard
b8335269b6 From Eduardo Robles Elvira:
1. libtiffcrop-fix.patch fixes a small problem in tiffcrop, it seems it
was incorrectly using TIFFSetField instead of CopyField.

And in libtiff-correct-fax-scaling.patch we have some other changes:

2. I had to remove a check in main() that didn't allow maxPageWidth to
be bigger than pageWidth.

3. [ Omitted due to question on universality ]

4. the pagewidth variable was being set as the maxpagewidth instead,
which made all the calculations bad. This made sense when the check in
point 2 was in place, but not anymore. I've modified it so that
pagewidth is set with the specified pagewidth when maxpagewidth is
bigger.

5. The remaining lines of the patch  - in exportMaskedImage() -
basically fix the scaling.
2015-06-13 05:49:18 +00:00
Tom Lane
b6d66f9f30 Replace sprintf with snprintf, to fix CVE-2013-1961. 2013-05-02 14:44:29 +00:00
Tom Lane
feb6bd9f1d Sync tool usage printouts and man pages with reality. 2013-03-06 03:35:09 +00:00
Bob Friesenhahn
c204ef2a2f * tools/tiff2ps.c:Fix bug in auto rotate option code. Once a
rotation angle was set by the auto rotate check, it was retained
for all pages that followed instead of being retested for each
page.  Patch by Richard Nolde.
2013-01-26 02:24:05 +00:00
Bob Friesenhahn
c51502913d * libtiff/tif_dirread.c (TIFFFetchStripThing): Free "data" also
upon failure to allocate "resizeddata".
* tools/tiff2ps.c (PSDataBW): Zero buffer *after* checking for
allocation failure, not before.
2011-05-31 17:10:18 +00:00
Bob Friesenhahn
bd77483087 * libtiff/tif_jpeg.c, tools/tiff2pdf.c, tools/tiff2ps.c: mark
NULL-deref and possible overflow
2011-05-31 17:00:03 +00:00
Bob Friesenhahn
959042fdcf Fix spelling typo in tiff2ps. 2011-04-09 16:53:08 +00:00
Lee Howard
01ff8dfe99 More improvements from Richard Nolde. 2010-11-26 23:26:46 +00:00
Lee Howard
4536beaed1 See: http://bugzilla.maptools.org/show_bug.cgi?id=1983
* tools/tiff2ps.c: improvements and enhancements from Richard Nolde
        with additional command line options for Document Title,
        Document Creator, and Page Orientation
2010-09-26 05:39:31 +00:00
Bob Friesenhahn
4e0d97f83c * libtiff/tif_aux.c (_TIFFCheckRealloc): Improve error message so
that it is clearly a memory allocation error message, and also
includes the size of the allocation request.
2010-03-10 18:56:48 +00:00
Frank Warmerdam
46bac877c5 avoid 32/64bit casting warnings 2009-01-22 21:12:45 +00:00
Frank Warmerdam
3db9feb595 introduce libport.h prototypes to reduce warnings 2009-01-22 20:53:07 +00:00
Bob Friesenhahn
506c21992e * test/tiffcrop.sh: New test script for tiffcrop from Richard
Nolde.

* tools/tiff2ps.c: Remove spurious message to stderr.
2009-01-12 16:23:11 +00:00
Bob Friesenhahn
d99686ccb2 * tools/tiff2ps.c: Incorporated significant functionality update
from Richard Nolde.  In particular, support for rotating the image
by 90, 180, 270, and 'auto' has been added.  Still waiting for
documentation patch to man/tiff2ps.1.

* man/tiffcrop.1: Incorporated documentation updates from Richard
Nolde.

* tools/tiffcrop.c: Incorporated significant functionality update
from Richard Nolde.
2009-01-11 20:04:22 +00:00
Bob Friesenhahn
953d02c32d * libtiff/tiffio.h: GCC will now validate format specifications
for TIFFError(), TIFFErrorExt(), TIFFWarning(), and
TIFFWarningExt() in order to reveal bugs.
* Many fixes throughout to work better as a 64-bit build.
2008-12-31 23:48:01 +00:00
Bob Friesenhahn
968401fdf3 * tools/{tiff2pdf.c, tiff2ps.c, tiffinfo.c}: Offset and length
tags now require 64-bit parameter rather than 32-bit.
* libtiff/tif_dirread.c: Fixed issues with unaligned access to
64-bit values.
2008-12-31 03:06:27 +00:00
Frank Warmerdam
e9cb45c2ee fix 64bit type issues 2008-01-07 15:47:54 +00:00
Andrey Kiselev
bf903e0588 Added support 16-bit images as per bug
http://bugzilla.remotesensing.org/show_bug.cgi?id=1566
Patch from William Bader.
2007-07-03 16:00:53 +00:00
Andrey Kiselev
6923ef1e64 Properly scale all the pages when converting multipage TIFF with
/width/height/center options set. As per bug
http://bugzilla.remotesensing.org/show_bug.cgi?id=1080
2006-02-23 14:50:32 +00:00
Andrey Kiselev
ca3bdcae22 Fixed typo in page size handling code. 2005-03-17 14:41:59 +00:00
Andrey Kiselev
2348dccc56 Calculate margins taking in account resolution unit (Richard Nolde). 2005-02-06 17:58:01 +00:00
Andrey Kiselev
6860033832 Fixed problem with page sizes as per bug
http://bugzilla.remotesensing.org/show_bug.cgi?id=742
2005-02-03 17:02:19 +00:00
Andrey Kiselev
007d721820 Interpret the -w and -h options independently. As per bug
http://bugzilla.remotesensing.org/show_bug.cgi?id=689
2005-01-12 12:51:26 +00:00
Andrey Kiselev
167d8a7378 Fixed wrong variable data type when read Position tags (Tristan Hill). 2004-10-30 13:46:33 +00:00
Andrey Kiselev
6572c7ae4c Fixed wrong variable data type when read Resolution tags (Peter Fales). 2004-10-28 17:56:46 +00:00
Andrey Kiselev
fc2fea250f Readability fixes. 2004-10-10 11:58:16 +00:00
Frank Warmerdam
6be58fbab2 avoid warnings 2004-09-09 18:06:14 +00:00
Andrey Kiselev
3446c24799 Work out getopt problems. 2004-08-25 18:34:55 +00:00
Andrey Kiselev
0abad54ad0 Avoid zero division in setupPageState() function;
properly initialize array in PSDataBW().
2004-08-25 13:14:18 +00:00
Andrey Kiselev
176881c3a0 Fixed problem with uninitialized values. 2004-08-23 13:16:54 +00:00
Andrey Kiselev
19421d5e88 Avoid warnings. 2004-06-05 08:13:06 +00:00
Andrey Kiselev
73e787830f Avoid warnings. 2004-06-04 14:16:14 +00:00
Andrey Kiselev
578b287f87 Added support for alfa channel. Fixes
http://bugzilla.remotesensing.org/show_bug.cgi?id=428
2003-12-19 15:30:27 +00:00
Andrey Kiselev
21bbbcaa45 #include <strings.h> replaced with #include <string.h> 2003-10-17 21:25:51 +00:00
Andrey Kiselev
c6b36db6ee Added missing #include <strings.h>. 2003-08-12 07:51:03 +00:00
Andrey Kiselev
1cbcc49d2f Fixed PS comment emitted when FlateDecode is being used. Reported by Tom
Kacvinsky.
2003-08-08 19:46:20 +00:00
Andrey Kiselev
af72982dab Fixed bug in Ascii85EncodeBlock() function: array index was out of range. 2003-05-07 08:12:30 +00:00