[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: CVE-2017-9935 / tiff

On Fri, Nov 17, 2017 at 03:45:07PM +1100, Brian May wrote:
> Brian May <bam@debian.org> writes:
> 
> > --- tiff-4.0.8.orig/libtiff/tif_dir.c
> > +++ tiff-4.0.8/libtiff/tif_dir.c
> > @@ -1065,6 +1065,9 @@
> >  			if (td->td_samplesperpixel - td->td_extrasamples > 1) {
> >  				*va_arg(ap, uint16**) = td->td_transferfunction[1];
> >  				*va_arg(ap, uint16**) = td->td_transferfunction[2];
> > +			} else {
> > +				*va_arg(ap, uint16**) = NULL;
> > +				*va_arg(ap, uint16**) = NULL;
> >  			}
> >  			break;
> >  		case TIFFTAG_REFERENCEBLACKWHITE:
> >
> 
> Not sure if this counts as an API change that requires a SONAME
> update. I tend to think that if anything is depending on the 2nd and 3rd
> parameter being left uninitialized for certain cases, it is seriously
> broken.

Hi Brian,

I think that a SONAME change here would only make sense in the strictest
possible sense of what requires a SONAME change.  Your assessment that
anything that depends on the uninitialized state of some parameters is
broken sounds like a strong argument against requiring a SONAME change
here and I am in full agreement with your assessment.

Regards,

-Roberto

-- 
Roberto C. Sánchez
Reply to: