Bug#735847: freeimage: builds wrong tiff, broken 32 bit

To: Julian Taylor <jtaylor.debian@googlemail.com>
Cc: 735847@bugs.debian.org
Subject: Bug#735847: freeimage: builds wrong tiff, broken 32 bit
From: Scott Howard <showard314@gmail.com>
Date: Sun, 19 Jan 2014 21:11:15 -0500
Message-id: <[🔎] CANg8-dBmEOsZPg5XkUmDxWwzc2gi1KpUzX6w4rhB4Dj3T_dN0A@mail.gmail.com>
Reply-to: Scott Howard <showard314@gmail.com>, 735847@bugs.debian.org
In-reply-to: <[🔎] 52DC7973.4070800@googlemail.com>
References: <CANg8-dC1bKDm1_JDE8F_fnk7dMnZiYLa4oNgWmN6iQ8kbSc22A@mail.gmail.com> <[🔎] 52DC7973.4070800@googlemail.com>

On Sun, Jan 19, 2014 at 8:18 PM, Julian Taylor
<jtaylor.debian@googlemail.com> wrote:
> I disagree, all three issues found do seem like independent issues with
> little relation (on amd64 at least).

Ok, so there are three bugs:

1)
> the exif tag truncation is very unlikely cause the complete data
> structure corruption.

Ah, Sources/LibTIFF4 instead of LibTIFF on the lines that updated the
sources. Thanks for finding that (gensrclist.sh, genfipsrclist.sh)

2) [patch is available]
> tag truncation

3)
> The wrong type sizes can not be related because I tested that and it
> only affects 32 bit (which I was not using for debugging).

On bug #3, it looks like Source/LibTIFF/ is configured at build time,
but Source/LibTIFF4/ has already been configured and shipped by
upstream.

This is extra confusing, because upstream's tiffconf.h in SVN doesn't
match what they are distributing in their source tarballs:
http://freeimage.cvs.sourceforge.net/viewvc/freeimage/FreeImage/Source/LibTIFF4/tiffconf.h?view=markup
At no point in the history did tiffconf.h match what they are distributing.

Also, this has been reported before:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601762

And fixed with these two patches
http://anonscm.debian.org/gitweb/?p=collab-maint/freeimage.git;a=commitdiff;h=5657e6b0bbc7def9e5598e6872a91a202b7b4113
http://anonscm.debian.org/gitweb/?p=collab-maint/freeimage.git;a=commitdiff;h=cddd3e04b65efb1291ed6b28ac8310f33eec4466

namely
+/* Signed 64-bit type formatter */
+#define TIFF_INT64_FORMAT "%" PRId64
+
+/* Signed 64-bit type */
+#if SIZEOF_LONG == 8
+#define TIFF_INT64_T signed long
+#else
+#define TIFF_INT64_T signed long long
+#endif
+
+/* Unsigned 64-bit type formatter */
+#define TIFF_UINT64_FORMAT "%" PRIu64
+
+/* Unsigned 64-bit type */
+#if SIZEOF_LONG == 8
+#define TIFF_UINT64_T unsigned long
+#else
+#define TIFF_UINT64_T unsigned long long
+#endif

I'll go ahead and ask upstream if they could reconsider allowing their
packages to build using system libraries, these are all things best
handled by (and probably already solved by) libtiff maintainers.

Thanks again,
Scott

Reply to:

References:
- Bug#735847: freeimage: builds wrong tiff, broken 32 bit
  - From: Julian Taylor <jtaylor.debian@googlemail.com>

Prev by Date: Bug#735847: freeimage: builds wrong tiff, broken 32 bit
Next by Date: Re: Proposed new requirements for emacsen add-on packages
Previous by thread: Bug#735847: freeimage: builds wrong tiff, broken 32 bit
Next by thread: Bug#735847: freeimage: builds wrong tiff, broken 32 bit
Index(es):
- Date
- Thread