Lines Matching refs:buffer
49 of source and destination buffer in memcpy() call in
70 access are null terminated, to avoid potential read outside buffer
86 writeBufferToSeparateTiles() that could cause heap buffer overflows.
107 or buffer overflows in release mode. Can happen when dealing with
154 * tools/tiff2pdf.c: fix write buffer overflow of 2 bytes on JPEG
168 * tools/tiff2pdf.c: fix read -largely- outsize of buffer in
178 * tools/tiffcrop.c: fix read of undefined buffer in
204 heap allocate buffer in t2p_process_jpeg_strip(). Reported as MSVR
261 * libtiff/tif_pixarlog.c: Fix write buffer overflow in PixarLogEncode
270 buffer, when -b mode is enabled, that could result in out-of-bounds
297 TIFFReadEncodedTile() directly use user provided buffer when
301 TIFFWriteEncodedTile() directly use user provided buffer when
314 * libtiff/tif_pixarlog.c: fix potential buffer write overrun in
843 * contrib/addtiffo/tif_overview.c (TIFF_DownSample): Check buffer
923 buffer overflow.
994 to avoid buffer leak (fix previous fix, found by Coverity scan)
999 the compressed input stream buffer.
1034 * tools/tiff2pdf.c: fix buffer overflow on some YCbCr JPEG compressed images.
1039 * tools/tiff2pdf.c: fix buffer overflow on YCbCr JPEG compressed image.
1058 calculating allocation buffer sizes.
1075 * tools/thumbnail.c: fix out-of-buffer write
1106 from the input, which leads to a smaller working buffer
1107 than necessary. The buffer is subsequently overrun inside
1179 to TIFFmalloc() if passed user buffer size is 0 (bug #2459)
1262 ycbcr buffer (bug #2449, CVE-2013-4232)
1361 * tools/ppm2tiff.c: avoid zero size buffer vulnerability.
1449 * libtiff/tif_packbits.c: fix read past end of data buffer.
1461 calculating required buffer sizes (CVE-2012-2113).
1496 in JPEGFixupTagsSubsampling() or else buffer sized may be wrong.
1517 * libtiff/tif_jpeg.c: avoid overrunning the end of the output buffer in
1538 * libtiff/tif_pixarlog.c: Allocate working buffer one word larger since we "forward
1640 * tools/tiff2ps.c (PSDataBW): Zero buffer *after* checking for
1713 * libtiff/tif_thunder.c: Correct potential buffer overflow with
1730 margin, thus overrunning our buffer of run lengths. Per CVE-2011-0192.
1734 buffer overrun.
1771 * libtiff/tif_win32.c: avoid error/warning buffer overrun problem
1854 * tools/gif2tiff.c: fix buffer overrun
1930 * libtiff/tif_ojpeg.c: fix buffer overflow on problem data
1976 potentially unterminated buffer due to using an exceptionally long
1981 * tools/tiff2pdf.c: Fixed ID buffer filling in
2024 * tools/tiffgt.c: Properly check the raster buffer allocations for
2040 * tools/tiff2pdf.c: Fixed computation of the tile buffer size when
2049 * tools/tiffcp.c: Initialize buffer arrays with zero to avoid
2067 memset() a malloc'd buffer before checking for malloc failure, which
2115 buffer due to integer overflow in TIFFroundup() and several other
2242 * libtiff/tif_jpeg.c: Made JPEGDecodeRaw() check for buffer overruns.
2429 * libtiff/tif_lzw.c: Fix buffer underflow bug.
2466 buffer for large tags. (#1998) Related to (#1993)
2725 * tools/rgb2ycbcr.c: fix memory leak of raster buffer.
2847 rawcp/rawcc buffer are for writing and thus may require flushing.
2876 * tif_predict.c: use working buffer in PredictorEncodeTile to avoid
2877 modifying callers buffer.
2900 * tif_jpeg.c: Resolved buffer incrementation bug that lead to faulty images
3301 * tif_dirwrite.c: take care not to flush out buffer of strip/tile
3355 * tools/tiff2pdf.c: Fixed buffer overflow condition in
3424 buffer for alpha strile and filled it, only to never read it back.
4328 * tools/tiffcmp.c: Use properly sized buffer in short arrays comparison
4410 * libtiff/tif_getimage.c: Always fill the error message buffer in
4891 * libtiff/{tif_luv.c, tif_next.c, tif_thunder.c}: Several buffer
5279 * libtiff/tif_write.c: Fixed reporting size of the buffer in case of
5637 swapping (swab) to the application passed data buffer if the same
5640 order. One side effect of this change is the applications buffer
5915 the scanline buffer long enough when writing rgb triplets.
6810 output buffer, and to issue a warning if data needs to be
6843 be a proper fix to the buffer sizing problem. See
7009 * Set tif_rawdatasize to zero when freeing raw data buffer in