diff options
author | Even Rouault <even.rouault@spatialys.com> | 2017-06-30 13:11:18 +0000 |
---|---|---|
committer | Even Rouault <even.rouault@spatialys.com> | 2017-06-30 13:11:18 +0000 |
commit | 5ba0b3116f786e161096485a586dc09897550fd5 (patch) | |
tree | 3f3137f2a4616e0c421ca32a170fab73fb09a48d /libtiff/tiffiop.h | |
parent | 12bb47638940b709e264d2bcf01a114d2abf522c (diff) | |
download | libtiff-git-5ba0b3116f786e161096485a586dc09897550fd5.tar.gz |
* libtiff/tif_read.c, tiffiop.h: add a _TIFFReadEncodedStripAndAllocBuffer()
function, variant of TIFFReadEncodedStrip() that allocates the
decoded buffer only after a first successful TIFFFillStrip(). This avoids
excessive memory allocation on corrupted files.
* libtiff/tif_getimage.c: use _TIFFReadEncodedStripAndAllocBuffer().
Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2708 and
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2433 .
Credit to OSS Fuzz
Diffstat (limited to 'libtiff/tiffiop.h')
-rw-r--r-- | libtiff/tiffiop.h | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/libtiff/tiffiop.h b/libtiff/tiffiop.h index 2f992ef5..14e8d0ee 100644 --- a/libtiff/tiffiop.h +++ b/libtiff/tiffiop.h @@ -1,4 +1,4 @@ -/* $Id: tiffiop.h,v 1.92 2017-06-29 07:37:12 erouault Exp $ */ +/* $Id: tiffiop.h,v 1.93 2017-06-30 13:11:18 erouault Exp $ */ /* * Copyright (c) 1988-1997 Sam Leffler @@ -372,6 +372,11 @@ extern void* _TIFFCheckRealloc(TIFF*, void*, tmsize_t, tmsize_t, const char*); extern double _TIFFUInt64ToDouble(uint64); extern float _TIFFUInt64ToFloat(uint64); +extern tmsize_t +_TIFFReadEncodedStripAndAllocBuffer(TIFF* tif, uint32 strip, + void **buf, tmsize_t bufsizetoalloc, + tmsize_t size_to_read); + extern int TIFFInitDumpMode(TIFF*, int); #ifdef PACKBITS_SUPPORT extern int TIFFInitPackBits(TIFF*, int); |