oss-sec mailing list archives
CVE Request: libtiff: read outside buffer in _TIFFPrintField()
From: "Brian 'geeknik' Carpenter" <brian.carpenter () gmail com>
Date: Fri, 11 Nov 2016 22:13:40 -0600
Hi, could you assign a CVE to the following issue in libtiff? http://bugzilla.maptools.org/show_bug.cgi?id=2590 Fixed per
2016-11-11 Even Rouault <even.rouault at spatialys.com> * libtiff/tif_dirread.c: in TIFFFetchNormalTag(), make sure that values of tags with TIFF_SETGET_C16_ASCII / TIFF_SETGET_C32_ASCII access are null terminated, to avoid potential read outside buffer in _TIFFPrintField(). /cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog new revision: 1.1154; previous revision: 1.1153 /cvs/maptools/cvsroot/libtiff/libtiff/tif_dirread.c,v <-- libtiff/tif_dirread.c new revision: 1.203; previous revision: 1.202
Regards, Brian 'geeknik' Carpenter https://twitter.com/geeknik
Current thread:
- CVE Request: libtiff: read outside buffer in _TIFFPrintField() Brian 'geeknik' Carpenter (Nov 12)
- Re: CVE Request: libtiff: read outside buffer in _TIFFPrintField() cve-assign (Nov 14)