File cups-filters-1.25.0-CVE-2025-57812.patch of Package cups-filters.41636

--- cupsfilters/image-tiff.c.orig	2019-06-06 15:17:11.000000000 +0200
+++ cupsfilters/image-tiff.c	2025-11-13 12:55:05.481023058 +0100
@@ -43,6 +43,7 @@ _cupsImageReadTIFF(
   TIFF		*tif;			/* TIFF file */
   uint32	width, height;		/* Size of image */
   uint16	photometric,		/* Colorspace */
+		planar,			/* Color components in separate planes */
 		compression,		/* Type of compression */
 		orientation,		/* Orientation */
 		resunit,		/* Units for resolution */
@@ -115,6 +116,15 @@ _cupsImageReadTIFF(
     return (-1);
   }
 
+  if (TIFFGetField(tif, TIFFTAG_PLANARCONFIG, &planar) &&
+      planar == PLANARCONFIG_SEPARATE)
+  {
+    fputs("DEBUG: Images with planar color configuration are not supported!\n", stderr);
+    TIFFClose(tif);
+    fclose(fp);
+    return (1);
+  }
+
   if (!TIFFGetField(tif, TIFFTAG_COMPRESSION, &compression))
   {
     fputs("DEBUG: No compression tag in the file!\n", stderr);
@@ -129,6 +139,15 @@ _cupsImageReadTIFF(
   if (!TIFFGetField(tif, TIFFTAG_BITSPERSAMPLE, &bits))
     bits = 1;
 
+  if (bits == 1 && samples > 1)
+  {
+    fprintf(stderr, "ERROR: Color images with 1 bit per sample not supported! "
+                    "Samples per pixel: %d; Bits per sample: %d\n", samples, bits);
+    TIFFClose(tif);
+    fclose(fp);
+    return (-1);
+  }
+
  /*
   * Get the image orientation...
   */
@@ -182,6 +201,22 @@ _cupsImageReadTIFF(
     alpha = 0;
 
  /*
+  * Check whether number of samples per pixel corresponds with color space
+  */
+  if ((photometric == PHOTOMETRIC_RGB && (samples < 3 || samples > 4)) ||
+      (photometric == PHOTOMETRIC_SEPARATED && samples != 4))
+  {
+    fprintf(stderr, "DEBUG: Number of samples per pixel does not correspond to color space! "
+                    "Color space: %s; Samples per pixel: %d\n",
+                    (photometric == PHOTOMETRIC_RGB ? "RGB" :
+                     (photometric == PHOTOMETRIC_SEPARATED ? "CMYK" : "Unknown")),
+                    samples);
+    TIFFClose(tif);
+    fclose(fp);
+    return (1);
+  }
+
+ /*
   * Check the size of the image...
   */
 
@@ -253,6 +288,14 @@ _cupsImageReadTIFF(
         break;
   }
 
+  if (orientation >= ORIENTATION_LEFTTOP)
+  {
+    fputs("ERROR: TIFF files with vertical scanlines are not supported!\n", stderr);
+    TIFFClose(tif);
+    fclose(fp);
+    return (-1);
+  }
+
   switch (orientation)
   {
     case ORIENTATION_TOPRIGHT :
@@ -1455,7 +1498,7 @@ _cupsImageReadTIFF(
 	      }
 
 	      if (lut)
-	        cupsImageLut(out, img->xsize * 3, lut);
+	        cupsImageLut(out, img->xsize * bpp, lut);
 
               _cupsImagePutRow(img, 0, y, img->xsize, out);
             }