Skip to content

Tiff.rs bug with pillow tiffs #1613

New issue
New issue
Open
Open
Tiff.rs bug with pillow tiffs#1613
@didi8517

Description

@didi8517
didi8517
opened on Oct 21, 2025

Describe the bug

I use ClamAV on Termux, which I know is not supported. I doubt it's a Termux issue, which is why I post it first here. When scanning all files on the system some tiff files cause a problem in ClamAV's tiff.rs file, and the debug says it's it bug. See results of one of those files (the others state more or less the same):

LibClamAV debug: Recognized TIFF Little Endian file
LibClamAV debug: clean_cache_check: 4eb900531613990ef17365630be53562 is negative

thread '\<unnamed\>' panicked at /home/builder/.termux-build/clamav/src/.cargo/vendor/image/src/codecs/tiff.rs:272:21:
copy_from_slice: source slice length (8000) does not match destination slice length (24000)
stack backtrace:
   0:       0x754210e264 - \<unknown\>
   1:       0x754215aa68 - \<unknown\>
   2:       0x75421021d0 - \<unknown\>
   3:       0x754210e118 - \<unknown\>
   4:       0x7542110610 - \<unknown\>
   5:       0x7542110430 - \<unknown\>
   6:       0x754211153c - \<unknown\>
   7:       0x75421111fc - \<unknown\>
   8:       0x754210e74c - \<unknown\>
   9:       0x7542110eac - \<unknown\>
  10:       0x7542156ff4 - \<unknown\>
  11:       0x754216a8c8 - \<unknown\>
  12:       0x754215ddd0 - \<unknown\>
  13:       0x754202b010 - \<unknown\>
  14:       0x7541fd66d0 - \<unknown\>
  15:       0x7541eff0e0 - \<unknown\>
  16:       0x7541fd1c74 - \<unknown\>
  17:       0x7541f026a0 - \<unknown\>
  18:       0x7541db5e58 - fuzzy_hash_calculate_image
  19:       0x7541cffaf4 - \<unknown\>
  20:       0x7541cfbe30 - \<unknown\>
  21:       0x7541d010fc - \<unknown\>
  22:       0x7541d00550 - cl_scandesc_callback
  23:       0x5f7b5e5ad8 - \<unknown\>
  24:       0x5f7b5e4f40 - \<unknown\>
  25:       0x5f7b5e3fd8 - \<unknown\>
  26:       0x5f7b5e216c - \<unknown\>
  27:       0x753e2c92a4 - __libc_init
LibClamAV debug: Failed to calculate image fuzzy hash for CL_TYPE_TIFF: Failed to load image due to bug in image decoder
LibClamAV debug: Descriptor[3]: Continuing after file scan resulted with: No viruses detected
LibClamAV debug: matcher_run: performing regex matching on full map: 0+31576(31576) >= 31576
LibClamAV debug: hashtab: Freeing hashset, elements: 0, capacity: 0
LibClamAV debug: Descriptor[3]: Continuing after file scan resulted with: No viruses detected
LibClamAV debug: Descriptor[3]: Continuing after file scan resulted with: No viruses detected
LibClamAV debug: cli_magic_scan: returning 0  at line 5040
LibClamAV debug: clean_cache_add: 4eb900531613990ef17365630be53562 (level 0)
LibClamAV debug: Descriptor[3]: Continuing after file scan resulted with: No viruses detected
LibClamAV debug: Cleaning up phishcheck
LibClamAV debug: Freeing phishcheck struct
LibClamAV debug: Phishcheck cleaned up

Scanning RGB.tiff
RGB.tiff: OK

How to reproduce the problem

Just run clamascan -r (this including the directory with the pillow files)

Attachments

One of the tiff files. Though I had to rename it to be able to upload, original name as in the output above. If you need the other 8 that produced same output, I can also send those.

< Edit by @val-ms: I've removed the sample file because it can cause a crash >

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions