Prevent some out-of-memory attacks (!545) · Merge requests · libtiff / libtiff

Su Laus requested to merge Su_Laus/libtiff:fix_614_check_mem_allocation_vs_filelength into master Oct 29, 2023

Some small fuzzer files fake large amounts of data and provoke out-of-memory situations. For non-compressed data content / tags, out-of-memory can be prevented by comparing with the file size.

At image reading, data size of some tags / data structures (StripByteCounts, StripOffsets, StripArray, TIFF directory) is compared with file size to prevent provoked out-of-memory attacks.

See issue #614 (comment 1602683857)

Prevent some out-of-memory attacks

Merge request reports