From 4e09ee1f2f2e870dabac265bc68ca6e17abaa02a Mon Sep 17 00:00:00 2001
From: Lucas CHOLLET <lucas.chollet@free.fr>
Date: Sat, 30 Dec 2023 00:19:30 -0500
Subject: [PATCH] LibGfx/TIFF: Reject images that declare a sample with
 abnormal bit depth

Anything with a bit depth of zero or greater than 32 is outside our
working range, so let's reject them.
---
 Userland/Libraries/LibGfx/ImageFormats/TIFFLoader.cpp | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/Userland/Libraries/LibGfx/ImageFormats/TIFFLoader.cpp b/Userland/Libraries/LibGfx/ImageFormats/TIFFLoader.cpp
index a32a9a88a2..acdd3029d7 100644
--- a/Userland/Libraries/LibGfx/ImageFormats/TIFFLoader.cpp
+++ b/Userland/Libraries/LibGfx/ImageFormats/TIFFLoader.cpp
@@ -47,6 +47,9 @@ public:
         if (m_metadata.strip_offsets()->size() != m_metadata.strip_byte_counts()->size())
             return Error::from_string_literal("TIFFImageDecoderPlugin: StripsOffset and StripByteCount have different sizes");
 
+        if (any_of(*m_metadata.bits_per_sample(), [](auto bit_depth) { return bit_depth == 0 || bit_depth > 32; }))
+            return Error::from_string_literal("TIFFImageDecoderPlugin: Invalid value in BitsPerSample");
+
         return {};
     }