Origin: https://src.fedoraproject.org/rpms/freeimage/blob/f39/f/CVE-2021-40263.patch
diff -rupN --no-dereference freeimage-svn-r1909-FreeImage-trunk/Source/FreeImage/PluginTIFF.cpp freeimage-svn-r1909-FreeImage-trunk-new/Source/FreeImage/PluginTIFF.cpp
--- freeimage-svn-r1909-FreeImage-trunk/Source/FreeImage/PluginTIFF.cpp	2023-09-28 19:34:47.713009853 +0200
+++ freeimage-svn-r1909-FreeImage-trunk-new/Source/FreeImage/PluginTIFF.cpp	2023-09-28 19:34:48.043006563 +0200
@@ -2081,6 +2081,11 @@ Load(FreeImageIO *io, fi_handle handle,
 				uint32 tileRowSize = (uint32)TIFFTileRowSize(tif);
 				uint32 imageRowSize = (uint32)TIFFScanlineSize(tif);
 
+				if (width / tileWidth * tileRowSize * 8 > bitspersample * samplesperpixel * width) {
+				  free(tileBuffer);
+				  throw "Corrupted tiled TIFF file";
+				}
+
 
 				// In the tiff file the lines are saved from up to down 
 				// In a DIB the lines must be saved from down to up