Fix the global-buffer-overflow in tiffset

fixing the global-buffer-overflow bug in tiffset, which is described in #355 (closed).

changed title from fixing global-buffer-overflow in tiffset to Fix the global-buffer-overflow in tiffset

New line 151 seems to be buggy: len = (uint32_t)(strlen(argv[arg_index] + 1));
This schould be: len = (uint32_t)(strlen(argv[arg_index]) + 1);
Otherwise, the last character of the string is not written to file.

Thanks, it was fixed in 0a827a98.

The call TIFFSetField(tiff, TIFFFieldTag(fip),(uint16_t)len, argv[arg_index]) expects as len a uint32_t parameter for ASCII tags with passcount=true. This works for TIFFSetField() because of va_arg variable promotion, but would not work for TIFFGetField(). Hence, the cast of the uint32_t len to (uint16_t)len is superfluous.

By the way, for handling of unknown (anonymous) tags see the discussion at #353 (closed).
In this case, the read/write interface for TIFFSetField() and TIFFGetField() for an unknown TIFF_ASCII tag is defined by the _TIFFCreateAnonField() function as TIFF_SETGET_C32_ASCII.
Actually, simple ASCII tags with variable character length are defined with the interface as TIFF_SETGET_ASCII.
TIFF_SETGET_C16_ASCII or TIFF_SETGET_C32_ASCII is used for string arrays, such as at the TIFFTAG_INKNAMES tag.

added 1 commit

• 0cf67888 - Apply 4 suggestion(s) to 1 file(s)

Compare with previous version

added 1 commit

• 0a827a98 - fix a small typo in strlen

Compare with previous version

mentioned in commit 49396659

merged