|
|
6456d8 |
Teach "tiffinfo -D" to not try to print image data inside an EXIF subdirectory,
|
|
|
6456d8 |
because there isn't any. Back-patched from an upstream 4.0.2 fix.
|
|
|
6456d8 |
|
|
|
6456d8 |
This is not a security issue in itself (it crashes, but with a simple NULL
|
|
|
6456d8 |
pointer dereference). However, our test case for CVE-2012-5581 tickles this
|
|
|
6456d8 |
bug, so it seems easier to fix this than make a new test case.
|
|
|
6456d8 |
|
|
|
6456d8 |
|
|
|
6456d8 |
diff -Naur tiff-3.9.4.orig/tools/tiffinfo.c tiff-3.9.4/tools/tiffinfo.c
|
|
|
6456d8 |
--- tiff-3.9.4.orig/tools/tiffinfo.c 2010-06-08 14:50:44.000000000 -0400
|
|
|
6456d8 |
+++ tiff-3.9.4/tools/tiffinfo.c 2012-12-11 16:33:17.062228558 -0500
|
|
|
6456d8 |
@@ -49,7 +49,7 @@
|
|
|
6456d8 |
int stoponerr = 1; /* stop on first read error */
|
|
|
6456d8 |
|
|
|
6456d8 |
static void usage(void);
|
|
|
6456d8 |
-static void tiffinfo(TIFF*, uint16, long);
|
|
|
6456d8 |
+static void tiffinfo(TIFF*, uint16, long, int);
|
|
|
6456d8 |
|
|
|
6456d8 |
int
|
|
|
6456d8 |
main(int argc, char* argv[])
|
|
|
6456d8 |
@@ -124,19 +124,20 @@
|
|
|
6456d8 |
if (tif != NULL) {
|
|
|
6456d8 |
if (dirnum != -1) {
|
|
|
6456d8 |
if (TIFFSetDirectory(tif, (tdir_t) dirnum))
|
|
|
6456d8 |
- tiffinfo(tif, order, flags);
|
|
|
6456d8 |
+ tiffinfo(tif, order, flags, 1);
|
|
|
6456d8 |
} else if (diroff != 0) {
|
|
|
6456d8 |
if (TIFFSetSubDirectory(tif, diroff))
|
|
|
6456d8 |
- tiffinfo(tif, order, flags);
|
|
|
6456d8 |
+ tiffinfo(tif, order, flags, 1);
|
|
|
6456d8 |
} else {
|
|
|
6456d8 |
do {
|
|
|
6456d8 |
uint32 offset;
|
|
|
6456d8 |
|
|
|
6456d8 |
- tiffinfo(tif, order, flags);
|
|
|
6456d8 |
+ tiffinfo(tif, order, flags, 1);
|
|
|
6456d8 |
if (TIFFGetField(tif, TIFFTAG_EXIFIFD,
|
|
|
6456d8 |
&offset)) {
|
|
|
6456d8 |
- if (TIFFReadEXIFDirectory(tif, offset))
|
|
|
6456d8 |
- tiffinfo(tif, order, flags);
|
|
|
6456d8 |
+ if (TIFFReadEXIFDirectory(tif, offset)) {
|
|
|
6456d8 |
+ tiffinfo(tif, order, flags, 0);
|
|
|
6456d8 |
+ }
|
|
|
6456d8 |
}
|
|
|
6456d8 |
} while (TIFFReadDirectory(tif));
|
|
|
6456d8 |
}
|
|
|
6456d8 |
@@ -426,10 +427,10 @@
|
|
|
6456d8 |
}
|
|
|
6456d8 |
|
|
|
6456d8 |
static void
|
|
|
6456d8 |
-tiffinfo(TIFF* tif, uint16 order, long flags)
|
|
|
6456d8 |
+tiffinfo(TIFF* tif, uint16 order, long flags, int is_image)
|
|
|
6456d8 |
{
|
|
|
6456d8 |
TIFFPrintDirectory(tif, stdout, flags);
|
|
|
6456d8 |
- if (!readdata)
|
|
|
6456d8 |
+ if (!readdata || !is_image)
|
|
|
6456d8 |
return;
|
|
|
6456d8 |
if (rawdata) {
|
|
|
6456d8 |
if (order) {
|