Re: CVE-2017-9935 / tiff
Brian May <bam@debian.org> writes:
> I added a comment to the upstream bug report:
>
> http://bugzilla.maptools.org/show_bug.cgi?id=2704#c14
Anybody got a sample (good) tiff file with transfer function tables?
I am a bit puzzled, as per last comment in upstream bug report, because
the tiff2pdf seems to be reading uint16 (unsigned short values) into a
buffer for float values.
So either I have misunderstood something, or just found something else
in this code that is wrong (although perhaps not a security issue).
--
Brian May <bam@debian.org>
Reply to: