From c3e7c6db0efd50a9bf9113d081bde0c5e9c45a17 Mon Sep 17 00:00:00 2001 From: Cristy Date: Sat, 24 Mar 2018 15:14:45 -0400 Subject: [PATCH] https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=7106 --- coders/tiff.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/coders/tiff.c b/coders/tiff.c index b1508e7bf..a90680112 100644 --- a/coders/tiff.c +++ b/coders/tiff.c @@ -1729,6 +1729,8 @@ RestoreMSCWarning (unsigned int) rows_per_strip); (void) SetImageProperty(image,"tiff:rows-per-strip",value,exception); } + if (rows_per_strip > (image->columns*image->rows)) + ThrowTIFFException(CorruptImageError,"ImproperImageHeader"); if ((samples_per_pixel >= 3) && (interlace == PLANARCONFIG_CONTIG)) if ((image->alpha_trait == UndefinedPixelTrait) || (samples_per_pixel >= 4)) -- 2.40.0