summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorfaxguy <faxguy>2010-12-14 02:40:31 +0000
committerfaxguy <faxguy>2010-12-14 02:40:31 +0000
commitc005d9aa77398cd16084f1ad7de9a593734a374a (patch)
tree25a58c7b11e270dfb8d87920dbe2a62986d045c6
parentf300792ba5ca71db6879464b2b5b127d9ed2fb08 (diff)
downloadlibtiff-c005d9aa77398cd16084f1ad7de9a593734a374a.tar.gz
* libtiff/tif_dirread.c: fix needless tag ordering warning
http://bugzilla.maptools.org/show_bug.cgi?id=2210
Diffstat
-rw-r--r--ChangeLog5
-rw-r--r--libtiff/tif_dirread.c12
2 files changed, 12 insertions, 5 deletions
diff --git a/ChangeLog b/ChangeLog
index cc1b9790..84d4d64a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,10 @@
2010-12-13 Lee Howard <faxguy@howardsilvan.com>
+ * libtiff/tif_dirread.c: fix needless tag ordering warning
+ http://bugzilla.maptools.org/show_bug.cgi?id=2210
+
+2010-12-13 Lee Howard <faxguy@howardsilvan.com>
+
* libtiff/tif_color.c: prevent crash in handling bad TIFFs
resolves CVE-2010-2595
http://bugzilla.maptools.org/show_bug.cgi?id=2208
diff --git a/libtiff/tif_dirread.c b/libtiff/tif_dirread.c
index 5f974da1..32976dce 100644
--- a/libtiff/tif_dirread.c
+++ b/libtiff/tif_dirread.c
@@ -1,4 +1,4 @@
-/* $Id: tif_dirread.c,v 1.92.2.12 2010-12-11 22:32:32 faxguy Exp $ */
+/* $Id: tif_dirread.c,v 1.92.2.13 2010-12-14 02:40:31 faxguy Exp $ */
/*
* Copyright (c) 1988-1997 Sam Leffler
@@ -83,6 +83,7 @@ TIFFReadDirectory(TIFF* tif)
const TIFFFieldInfo* fip;
size_t fix;
uint16 dircount;
+ uint16 previous_tag = 0;
int diroutoforderwarning = 0, compressionknown = 0;
int haveunknowntags = 0;
@@ -176,23 +177,24 @@ TIFFReadDirectory(TIFF* tif)
if (dp->tdir_tag == IGNORE)
continue;
- if (fix >= tif->tif_nfields)
- fix = 0;
/*
* Silicon Beach (at least) writes unordered
* directory tags (violating the spec). Handle
* it here, but be obnoxious (maybe they'll fix it?).
*/
- if (dp->tdir_tag < tif->tif_fieldinfo[fix]->field_tag) {
+ if (dp->tdir_tag < previous_tag) {
if (!diroutoforderwarning) {
TIFFWarningExt(tif->tif_clientdata, module,
"%s: invalid TIFF directory; tags are not sorted in ascending order",
tif->tif_name);
diroutoforderwarning = 1;
}
- fix = 0; /* O(n^2) */
}
+ previous_tag = dp->tdir_tag;
+ if (fix >= tif->tif_nfields ||
+ dp->tdir_tag < tif->tif_fieldinfo[fix]->field_tag)
+ fix = 0; /* O(n^2) */
while (fix < tif->tif_nfields &&
tif->tif_fieldinfo[fix]->field_tag < dp->tdir_tag)
fix++;
View Lorry Controller Status