Re: CVE-2017-9935 / tiff
On Fri, Nov 17, 2017 at 03:45:07PM +1100, Brian May wrote:
> Brian May <bam@debian.org> writes:
>
> > --- tiff-4.0.8.orig/libtiff/tif_dir.c
> > +++ tiff-4.0.8/libtiff/tif_dir.c
> > @@ -1065,6 +1065,9 @@
> > if (td->td_samplesperpixel - td->td_extrasamples > 1) {
> > *va_arg(ap, uint16**) = td->td_transferfunction[1];
> > *va_arg(ap, uint16**) = td->td_transferfunction[2];
> > + } else {
> > + *va_arg(ap, uint16**) = NULL;
> > + *va_arg(ap, uint16**) = NULL;
> > }
> > break;
> > case TIFFTAG_REFERENCEBLACKWHITE:
> >
>
> Not sure if this counts as an API change that requires a SONAME
> update. I tend to think that if anything is depending on the 2nd and 3rd
> parameter being left uninitialized for certain cases, it is seriously
> broken.
Hi Brian,
I think that a SONAME change here would only make sense in the strictest
possible sense of what requires a SONAME change. Your assessment that
anything that depends on the uninitialized state of some parameters is
broken sounds like a strong argument against requiring a SONAME change
here and I am in full agreement with your assessment.
Regards,
-Roberto
--
Roberto C. Sánchez
Reply to: