diff options
author | Even Rouault <even.rouault@spatialys.com> | 2021-12-13 12:14:56 +0100 |
---|---|---|
committer | Even Rouault <even.rouault@spatialys.com> | 2021-12-13 12:15:00 +0100 |
commit | 072cbbebbb6e5722423670b19ba45a144e14fcb1 (patch) | |
tree | bf81b70dcad1077c5c18f500a60ddbd949b646ac | |
parent | 693e150703ac8d2dfe43b134577f556cbd30df35 (diff) | |
download | libtiff-git-072cbbebbb6e5722423670b19ba45a144e14fcb1.tar.gz |
OJPEG: avoid assertion when using TIFFReadScanline() (fixes #337)
Note: my analyis of the issue would be that the use of the scanline API
is currently propably broken with OJPEG.
-rw-r--r-- | libtiff/tif_ojpeg.c | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/libtiff/tif_ojpeg.c b/libtiff/tif_ojpeg.c index 66cd275f..d6823959 100644 --- a/libtiff/tif_ojpeg.c +++ b/libtiff/tif_ojpeg.c @@ -795,6 +795,17 @@ OJPEGDecode(TIFF* tif, uint8_t* buf, tmsize_t cc, uint16_t s) TIFFErrorExt(tif->tif_clientdata,module,"Cannot decode: decoder not correctly initialized"); return 0; } + if( sp->libjpeg_session_active == 0 ) + { + /* This should normally not happen, except that it does when */ + /* using TIFFReadScanline() which calls OJPEGPostDecode() for */ + /* each scanline, which assumes that a whole strile was read */ + /* and may thus incorrectly consider it has read the whole image, causing */ + /* OJPEGLibjpegSessionAbort() to be called prematurely. */ + /* Triggered by https://gitlab.com/libtiff/libtiff/-/issues/337 */ + TIFFErrorExt(tif->tif_clientdata,module,"Cannot decode: libjpeg_session_active == 0"); + return 0; + } if( sp->error_in_raw_data_decoding ) { return 0; @@ -901,6 +912,13 @@ OJPEGPostDecode(TIFF* tif, uint8_t* buf, tmsize_t cc) OJPEGState* sp=(OJPEGState*)tif->tif_data; (void)buf; (void)cc; + /* This function somehow incorrectly assumes that a whole strile was read, */ + /* which is not true when TIFFReadScanline() is called, */ + /* and may thus incorrectly consider it has read the whole image, causing */ + /* OJPEGLibjpegSessionAbort() to be called prematurely. */ + /* So this logic should be fixed to take into account cc, or disable */ + /* the scan line reading interface. */ + /* Triggered by https://gitlab.com/libtiff/libtiff/-/issues/337 */ sp->write_curstrile++; if (sp->write_curstrile%tif->tif_dir.td_stripsperimage==0) { |