[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: CVE-2017-9935 / tiff



Brian May <bam@debian.org> writes:

> I added a comment to the upstream bug report:
>
> http://bugzilla.maptools.org/show_bug.cgi?id=2704#c14

Anybody got a sample (good) tiff file with transfer function tables?

I am a bit puzzled, as per last comment in upstream bug report, because
the tiff2pdf seems to be reading uint16 (unsigned short values) into a
buffer for float values.

So either I have misunderstood something, or just found something else
in this code that is wrong (although perhaps not a security issue).
-- 
Brian May <bam@debian.org>


Reply to: