Opened 8 years ago

Closed 8 years ago

#6288 closed defect (fixed)

GTiff: 32 bit integer overflow when reading files with huge xsize/ysize/band count

Reported by: Even Rouault Owned by: Even Rouault
Priority: normal Milestone: 1.11.4
Component: GDAL_Raster Version: unspecified
Severity: normal Keywords: gtiff


libtiff v4 allows strips/tiles/scanlines to be bigger than 2 GB, but the GTiff driver doesn't. It could potentially be extended to support that (on 64 bit builds), but the need for that isn't obvious for now, so better reject those files for now. Issue found by AFL

Change History (1)

comment:1 by Even Rouault, 8 years ago

Milestone: 1.11.4
Resolution: fixed
Status: newclosed

trunk r32508, branches/2.0 r32509, branches/1.11 r32510 "GTiff: reject fixes with strips/tiles/scanlines bigger than 2 GB to avoid 32 bit integer overflow (found byAFL). Also in case of files with Contig PlanarConfiguration do not make reading one block for band 2 OK when reading for band 1 issued an error (#6288)"

Note: See TracTickets for help on using tickets.