summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorEven Rouault <even.rouault@spatialys.com>2017-07-04 13:27:45 +0000
committerEven Rouault <even.rouault@spatialys.com>2017-07-04 13:27:45 +0000
commitc2be1447d92307b29b6c800b9bdf3a495dfa349a (patch)
tree6c2c882c40e94e2ded58a7b3cce3d0f41d213ed6
parent733109e5100a701d472e1ad67b35f185b2d1d617 (diff)
downloadlibtiff-git-c2be1447d92307b29b6c800b9bdf3a495dfa349a.tar.gz
* libtiff/tif_read.c, tiffiop.h: add a _TIFFReadEncodedTileAndAllocBuffer()
and _TIFFReadTileAndAllocBuffer() variants of TIFFReadEncodedTile() and TIFFReadTile() that allocates the decoded buffer only after a first successful TIFFFillTile(). This avoids excessive memory allocation on corrupted files. * libtiff/tif_getimage.c: use _TIFFReadTileAndAllocBuffer(). Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2470 Credit to OSS Fuzz.
-rw-r--r--ChangeLog11
1 files changed, 11 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog
index e1e19e3a..2729e730 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,16 @@
2017-07-04 Even Rouault <even.rouault at spatialys.com>
+ * libtiff/tif_read.c, tiffiop.h: add a _TIFFReadEncodedTileAndAllocBuffer()
+ and _TIFFReadTileAndAllocBuffer() variants of TIFFReadEncodedTile() and
+ TIFFReadTile() that allocates the decoded buffer only after a first
+ successful TIFFFillTile(). This avoids excessive memory allocation
+ on corrupted files.
+ * libtiff/tif_getimage.c: use _TIFFReadTileAndAllocBuffer().
+ Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2470
+ Credit to OSS Fuzz.
+
+2017-07-04 Even Rouault <even.rouault at spatialys.com>
+
* libtiff/tif_error.c, tif_warning.c: correctly use va_list when both
an old-style and new-style warning/error handlers are installed.
Patch by Paavo Helde (sent on the mailing list)