You need to log in before you can comment on or make changes to this bug.
Created an attachment (id=707) [details] stacktrace On 4.0.7: tiffcp -i $FILE /tmp/foo AddressSanitizer: heap-buffer-overflow /tmp/portage/media-libs/tiff-4.0.7/work/tiff-4.0.7/tools/tiffcp.c:1209:14 in cpSeparateBufToContigBuf Testcase: https://github.com/asarubbo/poc/blob/master/00079-libtiff-heapoverflow-cpSeparateBufToContigBuf
I cannot reproduce, apart from a big memalloc that ASAN doesn't like. Issue probably fixed by other fixes.
Hi. I verified that it is reproducible on master right now.
Bugzilla is no longer used for tracking libtiff issues. Remaining open tickets, such as this one, have been migrated to the libtiff GitLab instance at https://gitlab.com/libtiff/libtiff/issues . The migrated tickets have their summary prefixed with [BZ#XXXX] where XXXX is the initial Bugzilla issue number.