Files
Jungfraujoch/preview
leonarski_fandClaude Opus 4.8 4b72a89249 harden untrusted-input size handling in TIFF read and raw-TCP frames
Two memory-safety/robustness fixes for input whose size is attacker- or
peer-controlled:

- ReadTIFF: a large IMAGELENGTH could overflow scanline_bytes * lines,
  undersizing the buffer that TIFFReadScanline then writes past. Guard the
  product against overflow before resize and reuse scanline_bytes in the loop.

- Raw-TCP image path: an uncapped header payload_size drove a huge resize()
  that took down the receive thread (wedging the writer-facing acceptor).
  Add JFJOCH_TCP_MAX_PAYLOAD_SIZE and reject oversized frames at the single
  receive-loop choke point on both the pusher and puller sides.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-07-11 11:34:11 +02:00
..
2026-06-23 20:29:49 +02:00
2025-05-28 18:49:27 +02:00
2026-04-16 11:59:59 +02:00
2026-06-23 20:29:49 +02:00
2026-04-16 11:59:59 +02:00
2026-06-08 08:30:35 +02:00
2026-07-11 07:19:11 +02:00
2026-07-11 07:19:11 +02:00
2025-03-02 13:15:28 +01:00
2025-05-28 18:49:27 +02:00
2026-06-08 08:30:35 +02:00
2025-07-08 20:19:59 +02:00
2026-06-08 08:30:35 +02:00