https://blog.qife122.com/tags/libgeotiff/ Recent content in Libgeotiff on 办公AI智能小助手 Hugo zh-cn qife Sat, 11 Oct 2025 16:08:13 +0800 https://blog.qife122.com/p/libgeotiff-1.7.4%E5%A0%86%E7%BC%93%E5%86%B2%E5%8C%BA%E6%BA%A2%E5%87%BA%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%908%E4%BD%8D%E8%BD%AC4%E4%BD%8D%E9%99%8D%E9%87%87%E6%A0%B7%E6%97%B6%E7%9A%84%E5%A5%87%E6%95%B0%E5%AE%BD%E5%BA%A6%E5%9B%BE%E5%83%8F%E5%A4%84%E7%90%86%E7%BC%BA%E9%99%B7/ Sat, 11 Oct 2025 16:08:13 +0800 https://blog.qife122.com/p/libgeotiff-1.7.4%E5%A0%86%E7%BC%93%E5%86%B2%E5%8C%BA%E6%BA%A2%E5%87%BA%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%908%E4%BD%8D%E8%BD%AC4%E4%BD%8D%E9%99%8D%E9%87%87%E6%A0%B7%E6%97%B6%E7%9A%84%E5%A5%87%E6%95%B0%E5%AE%BD%E5%BA%A6%E5%9B%BE%E5%83%8F%E5%A4%84%E7%90%86%E7%BC%BA%E9%99%B7/ <h1 id="libgeotiff-174堆缓冲区溢出漏洞分析">libgeotiff 1.7.4堆缓冲区溢出漏洞分析</h1> <h2 id="漏洞概述">漏洞概述</h2> <p>libgeotiff 1.7.4中的geotifcp工具存在堆缓冲区溢出漏洞。该漏洞在函数<code>cpContig2ContigByRow_8_to_4</code>中触发，当处理具有奇数ImageWidth的TIFF图像并使用<code>-d</code>选项（从8位降采样到4位）时会发生。</p>