RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 1658235 - Wrong exit status from tiffinfo on error output
Summary: Wrong exit status from tiffinfo on error output
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Red Hat Enterprise Linux 8
Classification: Red Hat
Component: libtiff
Version: 8.0
Hardware: Unspecified
OS: Unspecified
medium
medium
Target Milestone: rc
: 8.0
Assignee: Nikola Forró
QA Contact: Miroslav Hradílek
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2018-12-11 15:04 UTC by Miroslav Hradílek
Modified: 2019-01-02 13:18 UTC (History)
0 users

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2019-01-02 13:18:41 UTC
Type: Bug
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)

Description Miroslav Hradílek 2018-12-11 15:04:16 UTC
Description of problem:
Previously (RHEL-7) tiffinfo failed on broken file from CVE-2010-2067 test with exit status 1. In RHEL-8 it has the same output but exits with 0.

Might be related to RHEL-6 bug 1310137

Version-Release number of selected component (if applicable):
libtiff-4.0.9-12.el8.x86_64
libtiff-tools-4.0.9-12.el8.x86_64

How reproducible:
100%

Steps to Reproduce:
tiffinfo exploit.tif ; echo $?

Actual results:
TIFFReadDirectoryCheckOrder: Warning, Invalid TIFF directory; tags are not sorted in ascending order.
TIFFReadDirectory: Warning, Unknown field with tag 2052 (0x804) encountered.
TIFFReadDirectory: Warning, Unknown field with tag 16705 (0x4141) encountered.
TIFFFetchNormalTag: Warning, Incorrect count for "YResolution"; tag ignored.
TIFF Directory at offset 0x8 (8)
. . .
         <photoshop:History/>
      </rdf:Description>
   </rdf:RDF>
</x:xmpmeta>
. . .               
<?xpacket end="w"?>
  RichTIFFIPTC Data: <present>, 28 bytes
  Photoshop Data: <present>, 5386 bytes
  EXIFIFDOffset: 0x5d5c
  ICC Profile: <present>, 3144 bytes
TIFFReadDirectoryCheckOrder: Warning, Invalid TIFF directory; tags are not sorted in ascending order.
exploit.tif: Warning, incorrect count for field "SubjectDistance" (5, expecting 1); tag trimmed.
TIFF Directory at offset 0x5d5c (23900)
  ColorSpace: 1
  PixelXDimension: 288
  SubjectDistance: 0.003521
0

Expected results:
Exit with status 1 as in
libtiff-4.0.3-27.el7_3.x86_64
libtiff-tools-4.0.3-27.el7_3.x86_64

TIFFReadDirectoryCheckOrder: Warning, Invalid TIFF directory; tags are not sorted in ascending order.
TIFFReadDirectory: Warning, Unknown field with tag 2052 (0x804) encountered.
TIFFReadDirectory: Warning, Unknown field with tag 16705 (0x4141) encountered.
TIFFFetchNormalTag: Incorrect count for "YResolution"; tag ignored.
TIFF Directory at offset 0x8 (8)
. . .
         <photoshop:History/>
      </rdf:Description>
   </rdf:RDF>
</x:xmpmeta>
. . .                            
<?xpacket end="w"?>
  RichTIFFIPTC Data: <present>, 28 bytes
  Photoshop Data: <present>, 5386 bytes
  EXIFIFDOffset: 0x5d5c
  ICC Profile: <present>, 3144 bytes
TIFFReadDirectoryCheckOrder: Warning, Invalid TIFF directory; tags are not sorted in ascending order.
exploit.tif: Warning, incorrect count for field "SubjectDistance" (5, expecting 1); tag trimmed.
TIFF Directory at offset 0x5d5c (23900)
  ColorSpace: 1
  PixelXDimension: 288
  SubjectDistance: 0.003521
1

Comment 2 Nikola Forró 2018-12-13 12:48:18 UTC
This is expected, as upstream decided to treat incorrect count for a tag as a warning instead of an error:

https://gitlab.com/libtiff/libtiff/commit/9885124f1e66cc0e5dad03bfd2cb521aabb43523

Comment 3 Nikola Forró 2018-12-13 12:56:56 UTC
Also, note that the output is not the same:

@@ -1,7 +1,7 @@
 TIFFReadDirectoryCheckOrder: Warning, Invalid TIFF directory; tags are not sorted in ascending order.
 TIFFReadDirectory: Warning, Unknown field with tag 2052 (0x804) encountered.
 TIFFReadDirectory: Warning, Unknown field with tag 16705 (0x4141) encountered.
-TIFFFetchNormalTag: Incorrect count for "YResolution"; tag ignored.
+TIFFFetchNormalTag: Warning, Incorrect count for "YResolution"; tag ignored.
 TIFF Directory at offset 0x8 (8)
   Subfile Type: (0 = 0x0)
   Image Width: 288 Image Length: 144


Note You need to log in before you can comment on or make changes to this bug.