File tiff-CVE-2017-11613,CVE-2018-16335,15209.patch of Package tiff

Index: tiff-4.0.9/libtiff/tif_dirread.c
===================================================================
--- tiff-4.0.9.orig/libtiff/tif_dirread.c	2018-06-04 16:49:48.940452546 +0200
+++ tiff-4.0.9/libtiff/tif_dirread.c	2018-06-04 16:50:18.572859131 +0200
@@ -5760,6 +5760,16 @@ ChopUpSingleUncompressedStrip(TIFF* tif)
         if( nstrips == 0 )
             return;
 
+        /* If we are going to allocate a lot of memory, make sure that the */
+        /* file is as big as needed */
+        if( tif->tif_mode == O_RDONLY &&
+            nstrips > 1000000 &&
+            (offset >= TIFFGetFileSize(tif) ||
+             stripbytes > (TIFFGetFileSize(tif) - offset) / (nstrips - 1)) )
+        {
+            return;
+        }
+
 	newcounts = (uint64*) _TIFFCheckMalloc(tif, nstrips, sizeof (uint64),
 				"for chopped \"StripByteCounts\" array");
 	newoffsets = (uint64*) _TIFFCheckMalloc(tif, nstrips, sizeof (uint64),