From 390ae71c95c6182dc4bc5a7f8beca28e8e118007 Mon Sep 17 00:00:00 2001
From: erouault <erouault>
Date: Tue, 4 Jul 2017 13:27:45 +0000
Subject: * libtiff/tif_read.c, tiffiop.h: add a
 _TIFFReadEncodedTileAndAllocBuffer() and _TIFFReadTileAndAllocBuffer()
 variants of TIFFReadEncodedTile() and TIFFReadTile() that allocates the
 decoded buffer only after a first successful TIFFFillTile(). This avoids
 excessive memory allocation on corrupted files. * libtiff/tif_getimage.c: use
 _TIFFReadTileAndAllocBuffer(). Fixes
 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2470 Credit to OSS
 Fuzz.

---
 ChangeLog | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/ChangeLog b/ChangeLog
index e1e19e3a..2729e730 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,14 @@
+2017-07-04  Even Rouault <even.rouault at spatialys.com>
+
+	* libtiff/tif_read.c, tiffiop.h: add a _TIFFReadEncodedTileAndAllocBuffer()
+	and _TIFFReadTileAndAllocBuffer() variants of TIFFReadEncodedTile() and
+	TIFFReadTile() that allocates the decoded buffer only after a first
+	successful TIFFFillTile(). This avoids excessive memory allocation
+	on corrupted files.
+	* libtiff/tif_getimage.c: use _TIFFReadTileAndAllocBuffer().
+	Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2470
+	Credit to OSS Fuzz.
+
 2017-07-04  Even Rouault <even.rouault at spatialys.com>
 
 	* libtiff/tif_error.c, tif_warning.c: correctly use va_list when both
-- 
cgit v1.2.1