[REGRESSION] Predictor tag fails to be written correctly

Bug #1439186 reported by Éric Piel (Delmic) on 2015-04-01
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
tiff (Ubuntu)
Undecided
Marc Deslauriers
Lucid
Undecided
Marc Deslauriers
Precise
Undecided
Marc Deslauriers
Trusty
Undecided
Marc Deslauriers
Utopic
Undecided
Marc Deslauriers
Vivid
Undecided
Marc Deslauriers

Bug Description

The patch debian/patches/CVE-2014-8128-5.patch appears to break saving TIFF files with compression predictor.
It seems the data is correctly saved, but the "predictor" tag is not, which prevents reading the data correctly again.

This happens both on precise (release 3.9.5-2ubuntu1.7) and on trusty (release 4.0.3-7ubuntu0.2).

I'm attaching an example TIFF file "small.tiff" for showing the behaviour. It is compressed in LZW without predictor, so it is written/read correctly.

However, if you recompress it with this command, the error happens:
$ tiffcp -c lzw:2 small.tiff small-c2.tiff

Then displaying it in eog shows a completely different image. Tiffinfo indicates a problem with the tags:
$ tiffinfo small-c2-bad.tiff | grep Predictor
TIFFReadDirectory: Warning, small-c2-bad.tiff: unknown field with tag 8224 (0x2020) encountered.

Comparing it with a good version of the file (generated with a previous version of libtiff):
$ tiffinfo small-c2-good.tiff | grep Predictor
  Predictor: horizontal differencing 2 (0x2)

$ tiffcmp small-c2.tiff small-c2-good.tiff
TIFFReadDirectory: Warning, small-c2-bad.tiff: unknown field with tag 8224 (0x2020) encountered.
Predictor tag appears only in small-c2-good.tiff

Éric Piel (Delmic) (piel) wrote :
Éric Piel (Delmic) (piel) wrote :

After a few trial and error session, I think the attached patch to replace debian/patches/CVE-2014-8128-5.patch should fix this reported problem.

The attachment "Fixed version of the patch causing problem" seems to be a patch. If it isn't, please remove the "patch" flag from the attachment, remove the "patch" tag, and if you are a member of the ~ubuntu-reviewers, unsubscribe the team.

[This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issues please contact him.]

tags: added: patch
Marc Deslauriers (mdeslaur) wrote :

Thanks for reporting this issue. I will release tiff updates shortly that disable the patch until upstream decides on a final fix.

Changed in tiff (Ubuntu Lucid):
assignee: nobody → Marc Deslauriers (mdeslaur)
Changed in tiff (Ubuntu Precise):
assignee: nobody → Marc Deslauriers (mdeslaur)
Changed in tiff (Ubuntu Trusty):
assignee: nobody → Marc Deslauriers (mdeslaur)
Changed in tiff (Ubuntu Utopic):
assignee: nobody → Marc Deslauriers (mdeslaur)
Changed in tiff (Ubuntu Vivid):
assignee: nobody → Marc Deslauriers (mdeslaur)
Changed in tiff (Ubuntu Lucid):
status: New → Confirmed
Changed in tiff (Ubuntu Precise):
status: New → Confirmed
Changed in tiff (Ubuntu Trusty):
status: New → Confirmed
Changed in tiff (Ubuntu Utopic):
status: New → Confirmed
Changed in tiff (Ubuntu Vivid):
status: New → Confirmed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package tiff - 3.9.2-2ubuntu0.16

---------------
tiff (3.9.2-2ubuntu0.16) lucid-security; urgency=medium

  * SECURITY REGRESSION: regression when saving TIFF files with compression
    predictor (LP: #1439186)
    - debian/patches/CVE-2014-8128-5.patch: disable until proper upstream
      fix is available.
 -- Marc Deslauriers <email address hidden> Wed, 01 Apr 2015 14:09:19 -0400

Changed in tiff (Ubuntu Lucid):
status: Confirmed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package tiff - 4.0.3-7ubuntu0.3

---------------
tiff (4.0.3-7ubuntu0.3) trusty-security; urgency=medium

  * SECURITY REGRESSION: regression when saving TIFF files with compression
    predictor (LP: #1439186)
    - debian/patches/CVE-2014-8128-5.patch: disable until proper upstream
      fix is available.
 -- Marc Deslauriers <email address hidden> Wed, 01 Apr 2015 14:07:34 -0400

Changed in tiff (Ubuntu Trusty):
status: Confirmed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package tiff - 4.0.3-10ubuntu0.2

---------------
tiff (4.0.3-10ubuntu0.2) utopic-security; urgency=medium

  * SECURITY REGRESSION: regression when saving TIFF files with compression
    predictor (LP: #1439186)
    - debian/patches/CVE-2014-8128-5.patch: disable until proper upstream
      fix is available.
 -- Marc Deslauriers <email address hidden> Wed, 01 Apr 2015 14:05:44 -0400

Changed in tiff (Ubuntu Utopic):
status: Confirmed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package tiff - 3.9.5-2ubuntu1.8

---------------
tiff (3.9.5-2ubuntu1.8) precise-security; urgency=medium

  * SECURITY REGRESSION: regression when saving TIFF files with compression
    predictor (LP: #1439186)
    - debian/patches/CVE-2014-8128-5.patch: disable until proper upstream
      fix is available.
 -- Marc Deslauriers <email address hidden> Wed, 01 Apr 2015 14:08:49 -0400

Changed in tiff (Ubuntu Precise):
status: Confirmed → Fix Released
Mathew Hodson (mhodson) on 2015-04-01
tags: added: regression-update
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package tiff - 4.0.3-12.3ubuntu2

---------------
tiff (4.0.3-12.3ubuntu2) vivid; urgency=medium

  * SECURITY REGRESSION: regression when saving TIFF files with compression
    predictor (LP: #1439186)
    - debian/patches/CVE-2014-8128-5.patch: disable until proper upstream
      fix is available.
 -- Marc Deslauriers <email address hidden> Wed, 01 Apr 2015 14:02:39 -0400

Changed in tiff (Ubuntu Vivid):
status: Confirmed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers