./graphics/tiff, Library and tools for reading and writing TIFF data files

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 4.0.7nb1, Package name: tiff-4.0.7nb1, Maintainer: pkgsrc-users

This is software provides support for the Tag Image Format (TIFF).
Included is a library, libtiff, for reading and writing TIFF, a
collection of tools for doing simple manipulations of TIFF images, and
documentation on the library and tools. A random assortment of
TIFF-related software contributed by others is also included.

The library, along with associated tool programs, should handle most of
your needs for reading and writing files that follow the 5.0 or 6.0
TIFF spec. There is also considerable support for some of the more
esoteric portions of the 6.0 TIFF spec.

Required to run:
[graphics/jpeg] [graphics/jbigkit]

Required to build:

Package options: lzw

Master sites:

SHA1: 2c1b64478e88f93522a42dd5271214a0e5eae648
RMD160: 582e19c31e7f29d9ed36995dcad7ad68802cbadb
Filesize: 2027.727 KB

Version history: (Expand)

CVS history: (Expand)

   2016-11-23 14:51:29 by Havard Eidnes | Files touched by this commit (5) | Package updated
Log message:
Add a couple patches to omit installing the documentation for
rgb2ycbcr and thumbnail, since these binaries are no longer being

   2016-11-22 16:19:54 by Thomas Klausner | Files touched by this commit (4) | Package updated
Log message:
Updated tiff to 4.0.7.


  • The libtiff tools bmp2tiff, gif2tiff, ras2tiff, sgi2tiff, sgisv, and ycbcr
    are completely removed from the distribution. These tools were written in
    the late 1980s and early 1990s for test and demonstration purposes. In some
    cases the tools were never updated to support updates to the file format,
    or the file formats are now rarely used. In all cases these tools increased
    the libtiff security and maintenance exposure beyond the value offered by
    the tool.


  • libtiff/tif_dirread.c: in TIFFFetchNormalTag(), do not dereference NULL
    pointer when values of tags with TIFF_SETGET_C16_ASCII /
    TIFF_SETGET_C32_ASCII access are 0-byte arrays. Fixes http://
    bugzilla.maptools.org/show_bug.cgi?id=2593 (regression introduced by
    previous fix done on 2016-11-11 for CVE-2016-9297). Reported by Henri Salo.
    Assigned as CVE-2016-9448
  • libtiff/tif_aux.c: fix crash in TIFFVGetFieldDefaulted() when requesting
    Predictor tag and that the zip/lzw codec is not configured. Fixes http://
  • libtiff/tif_dirread.c: in TIFFFetchNormalTag(), make sure that values of
    tags with TIFF_SETGET_C16_ASCII / TIFF_SETGET_C32_ASCII access are null
    terminated, to avoid potential read outside buffer in _TIFFPrintField().
    Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2590
  • libtiff/tif_dirread.c: reject images with OJPEG compression that have no
    TileOffsets/StripOffsets tag, when OJPEG compression is disabled. Prevent
    null pointer dereference in TIFFReadRawStrip1() and other functions that
    expect td_stripbytecount to be non NULL. Fixes http://bugzilla.maptools.org
  • libtiff/tif_strip.c: make TIFFNumberOfStrips() return the td->td_nstrips
    value when it is non-zero, instead of recomputing it. This is needed in
    TIFF_STRIPCHOP mode where td_nstrips is modified. Fixes a read outsize of
    array in tiffsplit (or other utilities using TIFFNumberOfStrips()). Fixes
    http://bugzilla.maptools.org/show_bug.cgi?id=2587 (CVE-2016-9273)
  • libtiff/tif_predict.h, libtiff/tif_predict.c: Replace assertions by runtime
    checks to avoid assertions in debug mode, or buffer overflows in release
    mode. Can happen when dealing with unusual tile size like YCbCr with
    subsampling. Reported as MSVR 35105 by Axel Souchet & Vishal Chauhan from
    the MSRC Vulnerabilities & Mitigations
  • libtiff/tif_dir.c: discard values of SMinSampleValue and SMaxSampleValue
    when they have been read and the value of SamplesPerPixel is changed
    afterwards (like when reading a OJPEG compressed image with a missing
    SamplesPerPixel tag, and whose photometric is RGB or YCbCr, forcing
    SamplesPerPixel being 3). Otherwise when rewriting the directory (for
    example with tiffset, we will expect 3 values whereas the array had been
    allocated with just one), thus causing a out of bound read access. Fixes
    http://bugzilla.maptools.org/show_bug.cgi?id=2500 (CVE-2014-8127,
    duplicate: CVE-2016-3658)
  • libtiff/tif_dirwrite.c: avoid null pointer dereference on td_stripoffset
    when writing directory, if FIELD_STRIPOFFSETS was artificially set for a
    hack case in OJPEG case. Fixes http://bugzilla.maptools.org/show_bug.cgi?id
    =2500 (CVE-2014-8127, duplicate: CVE-2016-3658)
  • libtiff/tif_getimage.c (TIFFRGBAImageOK): Reject attempts to read floating
    point images.
  • libtiff/tif_predict.c (PredictorSetup): Enforce bits-per-sample
    requirements of floating point predictor (3). Fixes CVE-2016-3622 "Divide
    By Zero in the tiff2rgba tool."
  • libtiff/tif_pixarlog.c: fix out-of-bounds write vulnerabilities in heap
    allocated buffers. Reported as MSVR 35094. Discovered by Axel Souchet and
    Vishal Chauhan from the MSRC Vulnerabilities & Mitigations team.
  • libtiff/tif_write.c: fix issue in error code path of TIFFFlushData1() that
    didn't reset the tif_rawcc and tif_rawcp members. I'm not completely sure
    if that could happen in practice outside of the odd behaviour of
    t2p_seekproc() of tiff2pdf). The report points that a better fix could be
    to check the return value of TIFFFlushData1() in places where it isn't done
    currently, but it seems this patch is enough. Reported as MSVR 35095.
    Discovered by Axel Souchet & Vishal Chauhan & Suha Can from the MSRC
    Vulnerabilities & Mitigations team.
  • libtiff/tif_pixarlog.c: Fix write buffer overflow in PixarLogEncode if more
    input samples are provided than expected by PixarLogSetupEncode. Idea based
    on libtiff-CVE-2016-3990.patch from libtiff-4.0.3-25.el7_2.src.rpm by
    Nikola Forro, but with different and simpler check. (bugzilla #2544)
  • libtiff/tif_read.c: Fix out-of-bounds read on memory-mapped files in
    TIFFReadRawStrip1() and TIFFReadRawTile1() when stripoffset is beyond
    tmsize_t max value (reported by Mathias Svensson)
  • libtiff/tif_read.c: make TIFFReadEncodedStrip() and TIFFReadEncodedTile()
    directly use user provided buffer when no compression (and other
    conditions) to save a memcpy()
  • libtiff/tif_write.c: make TIFFWriteEncodedStrip() and TIFFWriteEncodedTile
    () directly use user provided buffer when no compression to save a memcpy
  • libtiff/tif_luv.c: validate that for COMPRESSION_SGILOG and
    PHOTOMETRIC_LOGL, there is only one sample per pixel. Avoid potential
    invalid memory write on corrupted/unexpected images when using the
    TIFFRGBAImageBegin() interface (reported by Clay Wood)
  • libtiff/tif_pixarlog.c: fix potential buffer write overrun in
    PixarLogDecode() on corrupted/unexpected images (reported by Mathias
    Svensson) (CVE-2016-5875)
  • libtiff/libtiff.def: Added _TIFFMultiply32 and _TIFFMultiply64 to
  • libtiff/tif_config.vc.h (HAVE_SNPRINTF): Add a '1' to the HAVE_SNPRINTF
  • libtiff/tif_config.vc.h (HAVE_SNPRINTF): Applied patch by Edward Lam to
    define HAVE_SNPRINTF for Visual Studio 2015.
  • libtiff/tif_dirread.c: when compiled with DEFER_STRILE_LOAD, fix
    regression, introduced on 2014-12-23, when reading a one-strip file without
    a StripByteCounts tag. GDAL #6490
  • libtiff/*: upstream typo fixes (mostly contributed by Kurt Schwehr) coming
    from GDAL internal libtiff
  • libtiff/tif_fax3.h: make Param member of TIFFFaxTabEnt structure a uint16
    to reduce size of the binary.
  • libtiff/tif_read.c, tif_dirread.c: fix indentation issues raised by GCC 6
  • libtiff/tif_pixarlog.c: avoid zlib error messages to pass a NULL string to
    %s formatter, which is undefined behaviour in sprintf().
  • libtiff/tif_next.c: fix potential out-of-bound write in NeXTDecode()
    triggered by http://lcamtuf.coredump.cx/afl/vulns/libtiff5.tif (bugzilla #
  • libtiff/tif_luv.c: fix potential out-of-bound writes in decode functions in
    non debug builds by replacing assert()s by regular if checks (bugzilla #
    2522). Fix potential out-of-bound reads in case of short input data.
  • libtiff/tif_getimage.c: fix out-of-bound reads in TIFFRGBAImage interface
    in case of unsupported values of SamplesPerPixel/ExtraSamples for LogLUV /
    CIELab. Add explicit call to TIFFRGBAImageOK() in TIFFRGBAImageBegin(). Fix
    CVE-2015-8665 reported by limingxing and CVE-2015-8683 reported by zzf of
  • libtiff/tif_dirread.c: workaround false positive warning of Clang Static
    Analyzer about null pointer dereference in TIFFCheckDirOffset().
  • libtiff/tif_fax3.c: remove dead assignment in Fax3PutEOLgdal(). Found by
    Clang Static Analyzer
  • libtiff/tif_dirwrite.c: fix truncation to 32 bit of file offsets in
    TIFFLinkDirectory() and TIFFWriteDirectorySec() when aligning directory
    offsets on a even offset (affects BigTIFF). This was a regression of the
    changeset of 2015-10-19.
  • libtiff/tif_write.c: TIFFWriteEncodedStrip() and TIFFWriteEncodedTile()
    should return -1 in case of failure of tif_encodestrip() as documented
  • libtiff/tif_dumpmode.c: DumpModeEncode() should return 0 in case of failure
    so that the above mentionned functions detect the error.
  • libtiff/*.c: fix MSVC warnings related to cast shortening and assignment
    within conditional expression
  • libtiff/*.c: fix clang -Wshorten-64-to-32 warnings
  • libtiff/tif_dirread.c: prevent reading ColorMap or TransferFunction if
    BitsPerPixel > 24, so as to avoid huge memory allocation and file read
  • libtiff/tif_dirread.c: remove duplicated assignment (reported by Clang
    static analyzer)
  • libtiff/tif_dir.c, libtiff/tif_dirinfo.c, libtiff/tif_compress.c, libtiff/
    tif_jpeg_12.c: suppress warnings about 'no previous declaration/prototype'
  • libtiff/tiffiop.h, libtiff/tif_dirwrite.c: suffix constants by U to fix
    'warning: negative integer implicitly converted to unsigned type' warning
    (part of -Wconversion)
  • libtiff/tif_dir.c, libtiff/tif_dirread.c, libtiff/tif_getimage.c, libtiff/
    tif_print.c: fix -Wshadow warnings (only in libtiff/)


  • tools/Makefile.am: The libtiff tools bmp2tiff, gif2tiff, ras2tiff,
    sgi2tiff, sgisv, and ycbcr are completely removed from the distribution.
    The libtiff tools rgb2ycbcr and thumbnail are only built in the build tree
    for testing. Old files are put in new 'archive' subdirectory of the source
    repository, but not in distribution archives. These changes are made in
    order to lessen the maintenance burden.
  • tools/tiff2pdf.c: avoid undefined behaviour related to overlapping of
    source and destination buffer in memcpy() call in t2p_sample_rgbaa_to_rgb()
    Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2577
  • tools/tiff2pdf.c: fix potential integer overflows on 32 bit builds in
    t2p_read_tiff_size() Fixes http://bugzilla.maptools.org/show_bug.cgi?id=
  • tools/fax2tiff.c: fix segfault when specifying -r without argument. Patch
    by Yuriy M. Kaminskiy. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=
  • tools/tiffinfo.c: fix out-of-bound read on some tiled images. (http://
  • tools/tiffcrop.c: fix multiple uint32 overflows in
    writeBufferToSeparateStrips(), writeBufferToContigTiles() and
    writeBufferToSeparateTiles() that could cause heap buffer overflows.
    Reported by Henri Salo from Nixu Corporation. Fixes http://
  • tools/tiffcrop.c: fix out-of-bound read of up to 3 bytes in
    readContigTilesIntoBuffer(). Reported as MSVR 35092 by Axel Souchet &
    Vishal Chauhan from the MSRC Vulnerabilities & Mitigations team.
  • tools/tiff2pdf.c: fix write buffer overflow of 2 bytes on JPEG compressed
    images. Reported by Tyler Bohan of Cisco Talos as TALOS-CAN-0187 /
    CVE-2016-5652. Also prevents writing 2 extra uninitialized bytes to the
    file stream.
  • tools/tiffcp.c: fix out-of-bounds write on tiled images with odd tile width
    vs image width. Reported as MSVR 35103 by Axel Souchet and Vishal Chauhan
    from the MSRC Vulnerabilities & Mitigations team.
  • tools/tiff2pdf.c: fix read -largely- outsize of buffer in
    t2p_readwrite_pdf_image_tile(), causing crash, when reading a JPEG
    compressed image with TIFFTAG_JPEGTABLES length being one. Reported as MSVR
    35101 by Axel Souchet and Vishal Chauhan from the MSRC Vulnerabilities &
    Mitigations team.
  • tools/tiffcp.c: fix read of undefined variable in case of missing required
    tags. Found on test case of MSVR 35100.
  • tools/tiffcrop.c: fix read of undefined buffer in
    readContigStripsIntoBuffer() due to uint16 overflow. Probably not a
    security issue but I can be wrong. Reported as MSVR 35100 by Axel Souchet
    from the MSRC Vulnerabilities & Mitigations team.
  • tools/tiffcrop.c: fix various out-of-bounds write vulnerabilities in heap
    or stack allocated buffers. Reported as MSVR 35093, MSVR 35096 and MSVR
    35097. Discovered by Axel Souchet and Vishal Chauhan from the MSRC
    Vulnerabilities & Mitigations team.
  • tools/tiff2pdf.c: fix out-of-bounds write vulnerabilities in heap allocate
    buffer in t2p_process_jpeg_strip(). Reported as MSVR 35098. Discovered by
    Axel Souchet and Vishal Chauhan from the MSRC Vulnerabilities & Mitigations
  • tools/tiff2bw.c: fix weight computation that could result of color value
    overflow (no security implication). Fix bugzilla #2550. Patch by Frank
  • tools/rgb2ycbcr.c: validate values of -v and -h parameters to avoid
    potential divide by zero. Fixes CVE-2016-3623 (bugzilla #2569)
  • tools/tiffcrop.c: Fix out-of-bounds write in loadImage(). From patch
    libtiff-CVE-2016-3991.patch from libtiff-4.0.3-25.el7_2.src.rpm by Nikola
    Forro (bugzilla #2543)
  • tools/tiff2rgba.c: Fix integer overflow in size of allocated buffer, when
    -b mode is enabled, that could result in out-of-bounds write. Based
    initially on patch tiff-CVE-2016-3945.patch from
    libtiff-4.0.3-25.el7_2.src.rpm by Nikola Forro, with correction for invalid
    tests that rejected valid files. (bugzilla #2545)
  • tools/tiffcrop.c: Avoid access outside of stack allocated array on a tiled
    separate TIFF with more than 8 samples per pixel. Reported by Kaixiang
    Zhang of the Cloud Security Team, Qihoo 360 (CVE-2016-5321 / CVE-2016-5323
    , bugzilla #2558 / #2559)
  • tools/tiffdump.c: fix a few misaligned 64-bit reads warned by -fsanitize
  • tools/tiffdump.c (ReadDirectory): Remove uint32 cast to _TIFFmalloc()
    argument which resulted in Coverity report. Added more mutiplication
    overflow checks.
   2016-10-08 08:20:39 by Adam Ciarcinski | Files touched by this commit (1) | Package updated
Log message:
Updated MASTER_SITES and HOMEPAGE; the old ones seem to be dead.
   2016-03-22 22:50:13 by Tim Zingelman | Files touched by this commit (3)
Log message:
Fix for CVE-2015-8781, CVE-2015-8782, CVE-2015-8783 from:
 https://github.com/vadz/libtiff/commit/ … 9bc65.diff
   2015-11-03 22:34:36 by Alistair G. Crooks | Files touched by this commit (610)
Log message:
Add SHA512 digests for distfiles for graphics category

Problems found with existing digests:
	Package fotoxx distfile fotoxx-14.03.1.tar.gz
	ac2033f87de2c23941261f7c50160cddf872c110 [recorded]
	118e98a8cc0414676b3c4d37b8df407c28a1407c [calculated]
	Package ploticus-examples distfile ploticus-2.00/plnode200.tar.gz
	34274a03d0c41fae5690633663e3d4114b9d7a6d [recorded]
	da39a3ee5e6b4b0d3255bfef95601890afd80709 [calculated]

Problems found locating distfiles:
	Package AfterShotPro: missing distfile AfterShotPro-
	Package pgraf: missing distfile pgraf-20010131.tar.gz
	Package qvplay: missing distfile qvplay-0.95.tar.gz

Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden).  All existing
SHA1 digests retained for now as an audit trail.
   2015-09-13 11:27:09 by Thomas Klausner | Files touched by this commit (3) | Package updated
Log message:
Update to 4.0.6:


    Now builds with CMake 2.8.9 and newer (previously required


    CMakeLists.txt / CMake
	Supports CMake 2.8.9 and later.
	Add missing file which wasn't being distributed, causing
	unit tests to fail.
	Make shared/static library building configurable.
	CMake reads all version information directly from configure.ac
	to avoid duplication of values.
	CMake builds are now included in 'distcheck' target.
	Autotools 'make distcheck' now tests the CMake-based build
	if CMake is available.


    Fixes to avoid undefined behaviour of signed types (C standard
    Fixes to avoid possible isses when casting to unsigned char.
    Fixes to avoid undefined behaviour with shifts.
    Fix generation of output with 16 bit or 32 bit integer, when
    byte swapping is needed, in horizontal predictor (#2521).
    Fix decoding when there is a single pixel to decode (unlikely
    case...) and byte swapping is involved.
    Add add explicit masking with 0xff before casting to uchar in
    floating-point horizontal differencing and accumulation routines.
    Eliminate requirement for and use of 64-bit constant values.


	Silence glut API deprecation warnings on MacOS X.
	Detect failure to write to temporary file.
   2015-09-05 12:47:57 by Adam Ciarcinski | Files touched by this commit (3)
Log message:
Changes 4.0.5:
* Support for configure/build using CMake.
* Support for large (> 2GB) files under Microsoft Windows.
   2015-08-27 21:16:54 by Adam Ciarcinski | Files touched by this commit (2)
Log message:
Fix a conflict with Security.framework on OS X