This is an automated email from the git hooks/post-receive script.
git pushed a commit to branch master
in repository legacy-imlib2.
View the commit online.
commit 70bd7e34886b918ede6a139cd15b2ec54b89a67a
Author: Kim Woelders <k...@woelders.dk>
AuthorDate: Sun Jul 2 07:07:21 2023 +0200
TIFF loader: Slightly more strict signature check
Avoid starting libtiff on various raw image types.
---
src/modules/loaders/loader_tiff.c | 28 +++++++++++++++++-----------
1 file changed, 17 insertions(+), 11 deletions(-)
diff --git a/src/modules/loaders/loader_tiff.c b/src/modules/loaders/loader_tiff.c
index b2b10bd..4548a6a 100644
--- a/src/modules/loaders/loader_tiff.c
+++ b/src/modules/loaders/loader_tiff.c
@@ -332,12 +332,25 @@ put_separate_and_raster(TIFFRGBAImage * img, uint32_t * rast,
raster((TIFFRGBAImage_Extra *) img, rast, x, y, w, h);
}
+static int
+_sig_check(const uint8_t * data, unsigned int size)
+{
+ if (size < 8)
+ return 1;
+
+ if (data[0] == 'I' && data[1] == 'I')
+ return !(data[2] == 42 && data[3] == 0);
+ if (data[0] == 'M' && data[1] == 'M')
+ return !(data[2] == 0 && data[3] == 42);
+
+ return 1;
+}
+
static int
_load(ImlibImage * im, int load_data)
{
int rc;
TIFF *tif = NULL;
- uint16_t magic_number;
TIFFRGBAImage_Extra rgba_image;
uint32_t *rast = NULL;
char txt[1024];
@@ -345,16 +358,9 @@ _load(ImlibImage * im, int load_data)
rc = LOAD_FAIL;
rgba_image.image = NULL;
- /* Do initial signature check */
-#define TIFF_BYTES_TO_CHECK sizeof(magic_number)
-
- if (im->fi->fsize < (int)TIFF_BYTES_TO_CHECK)
- return rc;
-
- magic_number = *(const uint16_t *)im->fi->fdata;
-
- if (magic_number != TIFF_BIGENDIAN && magic_number != TIFF_LITTLEENDIAN)
- return rc;
+ /* Signature check */
+ if (_sig_check(im->fi->fdata, im->fi->fsize))
+ goto quit;
mm_init(im->fi->fdata, im->fi->fsize);
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
