I had this issue too; it can be solved by patching the source code. Source file: pnm/pnmtojpeg.c Function: write_exif_header Line: 429 Old line: short length; New line: unsigned short length;
Explanation: For some cameras, the EXIF data is more than 32767 bytes long. When storing the length in a signed 16-bit integer, it becomes negative; this causes the malloc on line 442 to fail. By using an unsigned integer, the problem doesn't occur. To the maintainer: please apply this bug fix.