SEGV /home/lin/libtiff/tools/tiffcrop.c:3539 in extractContigSamplesShifted32bits
Summary SUMMARY: AddressSanitizer: SEGV /home/lin/libtiff/tools/tiffcrop.c:3539 in extractContigSamplesShifted32bits
Version
➜ tiffcrop_test git:(master) ✗ ./tiffcrop -v
Library Release: LIBTIFF, Version 4.3.0
Copyright (c) 1988-1996 Sam Leffler
Copyright (c) 1991-1996 Silicon Graphics, Inc.
Tiffcrop version: 2.4, last updated: 12-13-2010
Tiffcp code: Copyright (c) 1988-1997 Sam Leffler
: Copyright (c) 1991-1997 Silicon Graphics, Inc
Tiffcrop additions: Copyright (c) 2007-2010 Richard NoldeAt branch 27f399af (libtiff version)
Steps to reproduce
git clone git@gitlab.com:libtiff/libtiff.git
cd libtiff/
./autogen.sh
./configure CC=gcc CXX=g++ CFLAGS="-g -fsanitize=address" --disable-shared & make
./tools/tiffcrop -i -E b -Z 0:0,1:1 ./poc ./out2(How one can reproduce the issue - this is very important)
Platform
➜ libtiff git:(master) ✗ gcc --version
gcc (Ubuntu 7.5.0-3ubuntu1~18.04) 7.5.0
Copyright (C) 2017 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
➜ libtiff git:(master) ✗ uname -r
5.4.0-91-generic
➜ libtiff git:(master) ✗ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 18.04.5 LTS
Release: 18.04
Codename: bionic
(Operating system, architecture, compiler details)
- ASAN
TIFFReadDirectoryCheckOrder: Warning, Invalid TIFF directory; tags are not sorted in ascending order.
TIFFReadDirectory: Warning, Unknown field with tag 0 (0x0) encountered.
TIFFReadDirectory: Warning, Unknown field with tag 3 (0x3) encountered.
/home/lin/id:000539,sig:06,src:003571,op:arg1,rep:4: Warning, Nonstandard tile width 769, convert file.
_TIFFVSetField: /home/lin/id:000539,sig:06,src:003571,op:arg1,rep:4: Null count for "Tag 3" (type 1, writecount -3, passcount 1).
TIFFFetchNormalTag: Warning, Incorrect count for "YResolution"; tag ignored.
TIFFFetchStripThing: Warning, Incorrect count for "StripOffsets"; tag ignored.
TIFFFetchStripThing: Warning, Incorrect count for "StripByteCounts"; tag ignored.
TIFFAdvanceDirectory: Error fetching directory link.
/home/lin/id:000539,sig:06,src:003571,op:arg1,rep:4: Compression scheme 64 tile decoding is not implemented.
TIFFFillTile: 0: Invalid tile byte count, tile 4.
TIFFFillTile: 0: Invalid tile byte count, tile 8.
TIFFFillTile: 0: Invalid tile byte count, tile 1.
TIFFFillTile: 0: Invalid tile byte count, tile 5.
TIFFFillTile: 0: Invalid tile byte count, tile 9.
TIFFFillTile: 0: Invalid tile byte count, tile 2.
TIFFFillTile: 0: Invalid tile byte count, tile 6.
TIFFFillTile: 0: Invalid tile byte count, tile 10.
TIFFFillTile: 0: Invalid tile byte count, tile 3.
TIFFFillTile: 0: Invalid tile byte count, tile 7.
TIFFFillTile: 0: Invalid tile byte count, tile 11.
ASAN:DEADLYSIGNAL
=================================================================
==25527==ERROR: AddressSanitizer: SEGV on unknown address 0x6160ffffdc74 (pc 0x55b9f6a45d42 bp 0x7fff6fd97940 sp 0x7fff6fd978b0 T0)
==25527==The signal is caused by a WRITE memory access.
#0 0x55b9f6a45d41 in extractContigSamplesShifted32bits /home/lin/libtiff/tools/tiffcrop.c:3539
#1 0x55b9f6a59405 in extractCompositeRegions /home/lin/libtiff/tools/tiffcrop.c:6455
#2 0x55b9f6a5d368 in processCropSelections /home/lin/libtiff/tools/tiffcrop.c:7458
#3 0x55b9f6a41681 in main /home/lin/libtiff/tools/tiffcrop.c:2396
#4 0x7ff2911fabf6 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21bf6)
#5 0x55b9f6a38629 in _start (/home/lin/libtiff/tools/tiffcrop+0x28629)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /home/lin/libtiff/tools/tiffcrop.c:3539 in extractContigSamplesShifted32bits
==25527==ABORTINGpoc: poc.zip
Thanks !!