Description of problem: libtiff in RHEL-3 on ppc64 architecture is broken, see additional info. Version-Release number of selected component (if applicable): libtiff-3.5.7-33.el3 How reproducible: always Steps to Reproduce: 1. # tiff2rgba -c jpeg malformed.tif malformed.jpg 2. # echo $? Actual results: 1. malformed.tif: Seek error accessing TIFF directory. 2. 0 Expected results: 1. malformed.tif: Can't allocate buffer for raster of size 65536x65536. 2. 1 Additional info: Comment #76 from Tom Lane (tgl) on Tue Jul 14 12:24:51 -0400 2009 prev | top Hmmm ... (gdb) p sizeof(uint32) $10 = 8 So in other words, RHEL-3's ppc64 libtiff is completely, utterly broken, and always has been. I think this is probably not too hard to fix.
After investigation, the difficulty appears to be that libtiff-v3.5.5-64bit.patch covers only s390x and ia64, not powerpc64. I haven't tested, but I suspect RHEL-4 may have the same problem. Its version of this patch doesn't mention PPC either. RHEL-5 and up should be okay, since the upstream code changed to drive the datatype size off a configure test instead of hardwiring a lot of architecture symbols. Also, there is a wordsize test in tif_fax3.c that needs to be identical to that in tiff.h; both versions missed fixing that.
RHEL-4 on ppc64 doesn't seem to have this issue: [root@ppcp-4as-v1 CVE-2009-2347]# ldd /usr/bin/tiff2rgba libtiff.so.3 => /usr/lib64/libtiff.so.3 (0x00000080eb870000) libjpeg.so.62 => /usr/lib64/libjpeg.so.62 (0x0000008051110000) libz.so.1 => /usr/lib64/libz.so.1 (0x00000080510b0000) libm.so.6 => /lib64/tls/libm.so.6 (0x0000008050ff0000) libc.so.6 => /lib64/tls/libc.so.6 (0x0000008050e40000) /lib64/ld64.so.1 (0x0000008050e00000) [root@ppcp-4as-v1 CVE-2009-2347]# tiff2rgba -c jpeg malformed.tif malformed. malformed.tif: Can't allocate buffer for raster of size 65536x65536. [root@ppcp-4as-v1 CVE-2009-2347]# echo $? 1
Thank you for submitting this issue for consideration in Red Hat Enterprise Linux. The release for which you requested us to review is now End of Life. Please See https://access.redhat.com/support/policy/updates/errata/ If you would like Red Hat to re-consider your feature request for an active release, please re-open the request via appropriate support channels and provide additional supporting details about the importance of this issue.