* tools/pal2rgb.c, tools/thumbnail.c: fix crash by disabling TIFFTAG_INKNAMES

copying. The right fix would be to properly copy it, but not worth the burden for those esoteric utilities. http://bugzilla.maptools.org/show_bug.cgi?id=2484 (CVE-2014-8127)
author: erouault <erouault> 2014-12-21 20:04:31 +0000
committer: erouault <erouault> 2014-12-21 20:04:31 +0000
commit: 13e3f88355b4bab50fc9860af10733d398f93779 (patch)
tree: f2762245ecd1e7bde233690a0b059f11570f37dd
parent: c6b5562118d9e3cd6672318ea8c17a411b8b1962 (diff)
download: libtiff-13e3f88355b4bab50fc9860af10733d398f93779.tar.gz
3 files changed, 11 insertions, 4 deletions
diff --git a/ChangeLog b/ChangeLog
index 2dc5f4b5..0f070dd9 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,12 @@
 2014-12-21  Even Rouault  <even.rouault@spatialys.com>
 
+	* tools/pal2rgb.c, tools/thumbnail.c: fix crash by disabling TIFFTAG_INKNAMES
+	copying. The right fix would be to properly copy it, but not worth the burden
+	for those esoteric utilities.
+	http://bugzilla.maptools.org/show_bug.cgi?id=2484 (CVE-2014-8127)
+
+2014-12-21  Even Rouault  <even.rouault@spatialys.com>
+
 	* tools/thumbnail.c: fix out-of-buffer write
 	http://bugzilla.maptools.org/show_bug.cgi?id=2489 (CVE-2014-8128)
 
diff --git a/tools/pal2rgb.c b/tools/pal2rgb.c
index 8608aad1..c7247174 100644
--- a/tools/pal2rgb.c
+++ b/tools/pal2rgb.c
@@ -1,4 +1,4 @@
-/* $Id: pal2rgb.c,v 1.13 2010-07-02 12:02:56 dron Exp $ */
+/* $Id: pal2rgb.c,v 1.14 2014-12-21 20:04:31 erouault Exp $ */
 
 /*
  * Copyright (c) 1988-1997 Sam Leffler
@@ -372,7 +372,7 @@ static struct cpTag {
     { TIFFTAG_CLEANFAXDATA,		1, TIFF_SHORT },
     { TIFFTAG_CONSECUTIVEBADFAXLINES,	1, TIFF_LONG },
     { TIFFTAG_INKSET,			1, TIFF_SHORT },
-    { TIFFTAG_INKNAMES,			1, TIFF_ASCII },
+    /*{ TIFFTAG_INKNAMES,			1, TIFF_ASCII },*/ /* Needs much more complicated logic. See tiffcp */
     { TIFFTAG_DOTRANGE,			2, TIFF_SHORT },
     { TIFFTAG_TARGETPRINTER,		1, TIFF_ASCII },
     { TIFFTAG_SAMPLEFORMAT,		1, TIFF_SHORT },
diff --git a/tools/thumbnail.c b/tools/thumbnail.c
index 98bd4491..2699324d 100644
--- a/tools/thumbnail.c
+++ b/tools/thumbnail.c
@@ -1,4 +1,4 @@
-/* $Id: thumbnail.c,v 1.19 2014-12-21 19:53:59 erouault Exp $ */
+/* $Id: thumbnail.c,v 1.20 2014-12-21 20:04:31 erouault Exp $ */
 
 /*
  * Copyright (c) 1994-1997 Sam Leffler
@@ -257,7 +257,7 @@ static struct cpTag {
     { TIFFTAG_CLEANFAXDATA,		1, TIFF_SHORT },
     { TIFFTAG_CONSECUTIVEBADFAXLINES,	1, TIFF_LONG },
     { TIFFTAG_INKSET,			1, TIFF_SHORT },
-    { TIFFTAG_INKNAMES,			1, TIFF_ASCII },
+    /*{ TIFFTAG_INKNAMES,			1, TIFF_ASCII },*/ /* Needs much more complicated logic. See tiffcp */
     { TIFFTAG_DOTRANGE,			2, TIFF_SHORT },
     { TIFFTAG_TARGETPRINTER,		1, TIFF_ASCII },
     { TIFFTAG_SAMPLEFORMAT,		1, TIFF_SHORT },
author	erouault <erouault>	2014-12-21 20:04:31 +0000
committer	erouault <erouault>	2014-12-21 20:04:31 +0000
commit	13e3f88355b4bab50fc9860af10733d398f93779 (patch)
tree	f2762245ecd1e7bde233690a0b059f11570f37dd
parent	c6b5562118d9e3cd6672318ea8c17a411b8b1962 (diff)
download	libtiff-13e3f88355b4bab50fc9860af10733d398f93779.tar.gz