libtiff: * empty log message * (b18d4)

SDLPushPostBot · May 7, 2022, 7:18pm

https://github.com/libsdl-org/libtiff/commit/b18d4b47890e9dbd7bd685524ee4c4f0d43a3963

From b18d4b47890e9dbd7bd685524ee4c4f0d43a3963 Mon Sep 17 00:00:00 2001
From: Andrey Kiselev <[EMAIL REDACTED]>
Date: Fri, 25 Jun 2010 12:23:12 +0000
Subject: [PATCH] *** empty log message ***

---
 ChangeLog      |  6 +++++
 tools/tiffcp.c | 71 +++++++++++++++++++++++++++++++++++++++++---------
 2 files changed, 64 insertions(+), 13 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index c5510b7a..0db614f4 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2010-06-25  Andrey Kiselev  <dron@ak4719.spb.edu>
+
+	* tools/tiffcp.c: Initialize buffer arrays with zero to avoid
+	referencing to uninitialized memory in some cases (e.g. when tile size
+	set bigger than the image size).
+
 2010-06-15  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>
 
 	* tools/tiffcrop.c: Patch from Richard Nolde. Reject YCbCr
diff --git a/tools/tiffcp.c b/tools/tiffcp.c
index 48319fa1..471ce224 100644
--- a/tools/tiffcp.c
+++ b/tools/tiffcp.c
@@ -1,4 +1,4 @@
-/* $Id: tiffcp.c,v 1.37.2.8 2010-06-11 20:50:55 bfriesen Exp $ */
+/* $Id: tiffcp.c,v 1.37.2.9 2010-06-25 12:23:12 dron Exp $ */
 
 /*
  * Copyright (c) 1988-1997 Sam Leffler
@@ -782,9 +782,14 @@ typedef int (*writeFunc)(TIFF*, uint8*, uint32, uint32, tsample_t);
  */
 DECLAREcpFunc(cpContig2ContigByRow)
 {
-	tdata_t buf = _TIFFmalloc(TIFFScanlineSize(in));
+	tsize_t scanlinesize = TIFFScanlineSize(in);
+	tdata_t buf;
 	uint32 row;
 
+	buf = _TIFFmalloc(scanlinesize);
+	if (!buf)
+		return 0;
+	_TIFFmemset(buf, 0, scanlinesize);
 	(void) imagewidth; (void) spp;
 	for (row = 0; row < imagelength; row++) {
 		if (TIFFReadScanline(in, buf, row, 0) < 0 && !ignore) {
@@ -924,6 +929,7 @@ DECLAREcpFunc(cpDecodedStrips)
 	if (buf) {
 		tstrip_t s, ns = TIFFNumberOfStrips(in);
 		uint32 row = 0;
+		_TIFFmemset(buf, 0, stripsize);
 		for (s = 0; s < ns; s++) {
 			tsize_t cc = (row + rowsperstrip > imagelength) ?
 			    TIFFVStripSize(in, imagelength - row) : stripsize;
@@ -961,11 +967,16 @@ DECLAREcpFunc(cpDecodedStrips)
  */
 DECLAREcpFunc(cpSeparate2SeparateByRow)
 {
-	tdata_t buf = _TIFFmalloc(TIFFScanlineSize(in));
+	tsize_t scanlinesize = TIFFScanlineSize(in);
+	tdata_t buf;
 	uint32 row;
 	tsample_t s;
 
 	(void) imagewidth;
+	buf = _TIFFmalloc(scanlinesize);
+	if (!buf)
+		return 0;
+	_TIFFmemset(buf, 0, scanlinesize);
 	for (s = 0; s < spp; s++) {
 		for (row = 0; row < imagelength; row++) {
 			if (TIFFReadScanline(in, buf, row, s) < 0 && !ignore) {
@@ -994,13 +1005,21 @@ DECLAREcpFunc(cpSeparate2SeparateByRow)
  */
 DECLAREcpFunc(cpContig2SeparateByRow)
 {
-	tdata_t inbuf = _TIFFmalloc(TIFFScanlineSize(in));
-	tdata_t outbuf = _TIFFmalloc(TIFFScanlineSize(out));
+	tsize_t scanlinesizein = TIFFScanlineSize(in);
+	tsize_t scanlinesizeout = TIFFScanlineSize(out);
+	tdata_t inbuf;
+	tdata_t outbuf;
 	register uint8 *inp, *outp;
 	register uint32 n;
 	uint32 row;
 	tsample_t s;
 
+	inbuf = _TIFFmalloc(scanlinesizein);
+	outbuf = _TIFFmalloc(scanlinesizeout);
+	if (!inbuf || !outbuf)
+		return 0;
+	_TIFFmemset(inbuf, 0, scanlinesizein);
+	_TIFFmemset(outbuf, 0, scanlinesizeout);
 	/* unpack channels */
 	for (s = 0; s < spp; s++) {
 		for (row = 0; row < imagelength; row++) {
@@ -1039,13 +1058,21 @@ DECLAREcpFunc(cpContig2SeparateByRow)
  */
 DECLAREcpFunc(cpSeparate2ContigByRow)
 {
-	tdata_t inbuf = _TIFFmalloc(TIFFScanlineSize(in));
-	tdata_t outbuf = _TIFFmalloc(TIFFScanlineSize(out));
+	tsize_t scanlinesizein = TIFFScanlineSize(in);
+	tsize_t scanlinesizeout = TIFFScanlineSize(out);
+	tdata_t inbuf;
+	tdata_t outbuf;
 	register uint8 *inp, *outp;
 	register uint32 n;
 	uint32 row;
 	tsample_t s;
 
+	inbuf = _TIFFmalloc(scanlinesizein);
+	outbuf = _TIFFmalloc(scanlinesizeout);
+	if (!inbuf || !outbuf)
+		return 0;
+	_TIFFmemset(inbuf, 0, scanlinesizein);
+	_TIFFmemset(outbuf, 0, scanlinesizeout);
 	for (row = 0; row < imagelength; row++) {
 		/* merge channels */
 		for (s = 0; s < spp; s++) {
@@ -1194,7 +1221,9 @@ DECLAREreadFunc(readSeparateStripsIntoBuffer)
 	tdata_t scanline = _TIFFmalloc(scanlinesize);
 	if (!scanlinesize)
 		return 0;
-
+	if (!scanline)
+		return 0;
+	_TIFFmemset(scanline, 0, scanlinesize);
 	(void) imagewidth;
 	if (scanline) {
 		uint8* bufp = (uint8*) buf;
@@ -1230,7 +1259,8 @@ DECLAREreadFunc(readSeparateStripsIntoBuffer)
 DECLAREreadFunc(readContigTilesIntoBuffer)
 {
 	int status = 1;
-	tdata_t tilebuf = _TIFFmalloc(TIFFTileSize(in));
+	tsize_t tilesize = TIFFTileSize(in);
+	tdata_t tilebuf;
 	uint32 imagew = TIFFScanlineSize(in);
 	uint32 tilew  = TIFFTileRowSize(in);
 	int iskew = imagew - tilew;
@@ -1239,8 +1269,10 @@ DECLAREreadFunc(readContigTilesIntoBuffer)
 	uint32 row;
 
 	(void) spp;
+	tilebuf = _TIFFmalloc(tilesize);
 	if (tilebuf == 0)
 		return 0;
+	_TIFFmemset(tilebuf, 0, tilesize);
 	(void) TIFFGetField(in, TIFFTAG_TILEWIDTH, &tw);
 	(void) TIFFGetField(in, TIFFTAG_TILELENGTH, &tl);
         
@@ -1284,14 +1316,17 @@ DECLAREreadFunc(readSeparateTilesIntoBuffer)
 	uint32 imagew = TIFFRasterScanlineSize(in);
 	uint32 tilew = TIFFTileRowSize(in);
 	int iskew  = imagew - tilew*spp;
-	tdata_t tilebuf = _TIFFmalloc(TIFFTileSize(in));
+	tsize_t tilesize = TIFFTileSize(in);
+	tdata_t tilebuf;
 	uint8* bufp = (uint8*) buf;
 	uint32 tw, tl;
 	uint32 row;
         uint16 bps, bytes_per_sample;
 
+	tilebuf = _TIFFmalloc(tilesize);
 	if (tilebuf == 0)
 		return 0;
+	_TIFFmemset(tilebuf, 0, tilesize);
 	(void) TIFFGetField(in, TIFFTAG_TILEWIDTH, &tw);
 	(void) TIFFGetField(in, TIFFTAG_TILELENGTH, &tl);
 	(void) TIFFGetField(in, TIFFTAG_BITSPERSAMPLE, &bps);
@@ -1373,12 +1408,15 @@ DECLAREwriteFunc(writeBufferToSeparateStrips)
 {
 	uint32 rowsize = imagewidth * spp;
 	uint32 rowsperstrip;
-	tdata_t obuf = _TIFFmalloc(TIFFStripSize(out));
+	tsize_t stripsize = TIFFStripSize(out);
+	tdata_t obuf;
 	tstrip_t strip = 0;
 	tsample_t s;
 
+	obuf = _TIFFmalloc(stripsize);
 	if (obuf == NULL)
 		return (0);
+	_TIFFmemset(obuf, 0, stripsize);
 	(void) TIFFGetFieldDefaulted(out, TIFFTAG_ROWSPERSTRIP, &rowsperstrip);
 	for (s = 0; s < spp; s++) {
 		uint32 row;
@@ -1409,14 +1447,18 @@ DECLAREwriteFunc(writeBufferToContigTiles)
 	uint32 imagew = TIFFScanlineSize(out);
 	uint32 tilew  = TIFFTileRowSize(out);
 	int iskew = imagew - tilew;
-	tdata_t obuf = _TIFFmalloc(TIFFTileSize(out));
+	tsize_t tilesize = TIFFTileSize(out);
+	tdata_t obuf;
 	uint8* bufp = (uint8*) buf;
 	uint32 tl, tw;
 	uint32 row;
 
 	(void) spp;
+
+	obuf = _TIFFmalloc(TIFFTileSize(out));
 	if (obuf == NULL)
 		return 0;
+	_TIFFmemset(obuf, 0, tilesize);
 	(void) TIFFGetField(out, TIFFTAG_TILELENGTH, &tl);
 	(void) TIFFGetField(out, TIFFTAG_TILEWIDTH, &tw);
 	for (row = 0; row < imagelength; row += tilelength) {
@@ -1459,14 +1501,17 @@ DECLAREwriteFunc(writeBufferToSeparateTiles)
 	tsize_t tilew  = TIFFTileRowSize(out);
 	uint32 iimagew = TIFFRasterScanlineSize(out);
 	int iskew = iimagew - tilew*spp;
-	tdata_t obuf = _TIFFmalloc(TIFFTileSize(out));
+	tsize_t tilesize = TIFFTileSize(out);
+	tdata_t obuf;
 	uint8* bufp = (uint8*) buf;
 	uint32 tl, tw;
 	uint32 row;
         uint16 bps, bytes_per_sample;
 
+	obuf = _TIFFmalloc(TIFFTileSize(out));
 	if (obuf == NULL)
 		return 0;
+	_TIFFmemset(obuf, 0, tilesize);
 	(void) TIFFGetField(out, TIFFTAG_TILELENGTH, &tl);
 	(void) TIFFGetField(out, TIFFTAG_TILEWIDTH, &tw);
 	(void) TIFFGetField(out, TIFFTAG_BITSPERSAMPLE, &bps);

libtiff: *** empty log message *** (b18d4)

libtiff: * empty log message * (b18d4)