Re: [Vxl-maintainers] stack corrupted when reading a tif image

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Gamze,

Your fix is a better solution. I think it shall work and I am going to test
it later. 

Gary

-----Original Message-----
From: Gamze Tunali [mailto:gdt...@ya...] 
Sent: Thursday, December 04, 2008 10:13 PM
To: 'Gehua Yang'; Joseph Mundy
Subject: RE: [Vxl-maintainers] stack corrupted when reading a tif image

Gary,

I think the fix you proposed would apply to all short valued tags, which we
do not want. As you also figured out the tag TIFFTAG_EXTRASAMPLES was the
problem due to two values read in tif_dir.c. I replaced the line:
read_short_tag(tif_,TIFFTAG_EXTRASAMPLES, extra_samples);

with:
  vxl_uint_16* sample_info=0;
  TIFFGetField(tif_, TIFFTAG_EXTRASAMPLES, &extra_samples.val,
&sample_info);
  if (extra_samples.val > 0)
    extra_samples.valid = true;

Now it reads two values instead of reading a short value. The problem was
actaully in vil_tiff_header not in v3p/tiff.

The change is in CVS, please let me know if any further problems.

Gamze Tunali
LEMS
Brown University

--- On Wed, 12/3/08, Joseph Mundy <mu...@le...> wrote:

> From: Joseph Mundy <mu...@le...>
> Subject: RE: [Vxl-maintainers] stack corrupted when reading a tif image
> To: "'Gehua Yang'" <yan...@gm...>, "'Vxl-maintainers'"
<vxl...@li...>, gdt...@ya...
> Date: Wednesday, December 3, 2008, 8:24 AM
> Gary,
> 
> We will take a look. The TIFF library was recently upgraded
> to the latest
> version, so there could be a difference in behavior.
> 
> Joe
> 
>  
> 
> From: Gehua Yang [mailto:yan...@gm...] 
> Sent: Tuesday, December 02, 2008 5:24 PM
> To: Vxl-maintainers
> Subject: [Vxl-maintainers] stack corrupted when reading a
> tif image
> 
>  
> 
> Hi folks,
> 
> I noticed a problem with vil when reading a TIFF image. I
> compiled VXL from
> the source code checked out 2 days ago using cvs. The
> compiler is MSVC 2005
> SP1. It is using the TIFF library included in v3p/TIFF. 
> Here are the
> details of how the problem occurs:
> 
> The stack got corrupted in Visual Studio after Line 132 of
> vil_tiff_header.cxx: 
>   read_short_tag(tif_,TIFFTAG_EXTRASAMPLES, extra_samples);
> 
> So I used the debugger to follow into the function call.
> Here is the
> function of read_short_tag:
> static void read_short_tag(TIFF* tif, ttag_t tag,
> ushort_tag& utag,
> vxl_uint_16 deflt =0)
> {
>   utag.valid = TIFFGetField(tif, tag,
> &(utag.val))>0;
>   if (!utag.valid)
>     utag.val = deflt;
> }
> 
> Pay special attention to the number of arguments used in
> the function call
> to TIFFGetField, which takes a variable number of arguments
> after the first
> two arguments. In this case, the only variable argument
> presented is
> "&(utag.val)".
> 
> Here is the definition of TIFFGetField (defined in
> tif_dir.c)
> int
> TIFFGetField(TIFF* tif, ttag_t tag, ...)
> {
>     int status;
>     va_list ap;
> 
>     va_start(ap, tag);
>     status = TIFFVGetField(tif, tag, ap);
>     va_end(ap);
>     return (status);
> }
> 
> 
> Later on, it reaches line 745 of tif_dir.c:
>     case TIFFTAG_EXTRASAMPLES:
>             *va_arg(ap, uint16*) = td->td_extrasamples;
>             *va_arg(ap, uint16**) = td->td_sampleinfo;
>             break;
> 
> 
> Notice in the snippet right above, it assigns values to TWO
> arguments while
> the function call only supply ONE!! I believe this is how
> the stack came to
> be corrupted. 
> 
> Trying to follow the logic of these functions, I came up
> with the following
> fix:
> yang@quadvision ~/vxl/vxlsrc/core/vil/file_formats
> $ cvs diff -l -u
> cvs diff: Diffing .
> Index: vil_tiff_header.cxx
> ===================================================================
> RCS file:
> /cvsroot/vxl/vxl/core/vil/file_formats/vil_tiff_header.cxx,v
> retrieving revision 1.25
> diff -u -r1.25 vil_tiff_header.cxx
> --- vil_tiff_header.cxx 13 Aug 2008 20:06:47 -0000     
> 1.25
> +++ vil_tiff_header.cxx 2 Dec 2008 22:17:46 -0000
> @@ -33,7 +33,8 @@
> 
>  static void read_short_tag(TIFF* tif, ttag_t tag,
> ushort_tag& utag,
> vxl_uint_16 deflt =0)
>  {
> -  utag.valid = TIFFGetField(tif, tag,
> &(utag.val))>0;
> +  vxl_uint_16 * dummy;
> +  utag.valid = TIFFGetField(tif, tag, &(utag.val),
> &dummy)>0;
>    if (!utag.valid)
>      utag.val = deflt;
>  }
> 
> However, as I have no experience with TIFF internal
> structure, I am not sure
> if it is the correct fix.  Therefore, I would like to ask
> the community for
> comments on this fix. 
> 
> Thanks!
> Gary Yang
> DualAlign LLC