Teach "tiffinfo -D" to not try to print image data inside an EXIF subdirectory,

because there isn't any.  Back-patched from an upstream 4.0.2 fix.

This is not a security issue in itself (it crashes, but with a simple NULL

pointer dereference).  However, our test case for CVE-2012-5581 tickles this

bug, so it seems easier to fix this than make a new test case.

diff -Naur tiff-3.9.4.orig/tools/tiffinfo.c tiff-3.9.4/tools/tiffinfo.c

--- tiff-3.9.4.orig/tools/tiffinfo.c	2010-06-08 14:50:44.000000000 -0400

+++ tiff-3.9.4/tools/tiffinfo.c	2012-12-11 16:33:17.062228558 -0500

@@ -49,7 +49,7 @@

 int	stoponerr = 1;			/* stop on first read error */

 static	void usage(void);

-static	void tiffinfo(TIFF*, uint16, long);

+static	void tiffinfo(TIFF*, uint16, long, int);

 int

 main(int argc, char* argv[])

@@ -124,19 +124,20 @@

 		if (tif != NULL) {

 			if (dirnum != -1) {

 				if (TIFFSetDirectory(tif, (tdir_t) dirnum))

-					tiffinfo(tif, order, flags);

+					tiffinfo(tif, order, flags, 1);

 			} else if (diroff != 0) {

 				if (TIFFSetSubDirectory(tif, diroff))

-					tiffinfo(tif, order, flags);

+					tiffinfo(tif, order, flags, 1);

 			} else {

 				do {

 					uint32 offset;

-					tiffinfo(tif, order, flags);

+					tiffinfo(tif, order, flags, 1);

 					if (TIFFGetField(tif, TIFFTAG_EXIFIFD,

 							 &offset)) {

-						if (TIFFReadEXIFDirectory(tif, offset))

-							tiffinfo(tif, order, flags);

+						if (TIFFReadEXIFDirectory(tif, offset)) {

+							tiffinfo(tif, order, flags, 0);

+						}

 					}

 				} while (TIFFReadDirectory(tif));

 			}

@@ -426,10 +427,10 @@

 }

 static void

-tiffinfo(TIFF* tif, uint16 order, long flags)

+tiffinfo(TIFF* tif, uint16 order, long flags, int is_image)

 {

 	TIFFPrintDirectory(tif, stdout, flags);

-	if (!readdata)

+	if (!readdata || !is_image)

 		return;

 	if (rawdata) {

 		if (order) {