From 9a0ec729ad38af873eac5d896cb38219cb50d49c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Matej=20Mu=C5=BEila?= <mmuzila@redhat.com>
Date: Tue, 1 Aug 2023 16:04:17 +0200
Subject: [PATCH] (CVE-2023-3316) TIFFClose() avoid NULL pointer dereferencing.
 fix#515

Closes #515

(cherry picked from commit f171d7a2cd50e34975036748a395c156d32d9235)
---
 libtiff/tif_close.c | 6 ++++--
 tools/tiffcrop.c    | 7 +++++--
 2 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/libtiff/tif_close.c b/libtiff/tif_close.c
index 04977bc7..6c9f7349 100644
--- a/libtiff/tif_close.c
+++ b/libtiff/tif_close.c
@@ -125,13 +125,15 @@ TIFFCleanup(TIFF* tif)
 void
 TIFFClose(TIFF* tif)
 {
-	TIFFCloseProc closeproc = tif->tif_closeproc;
+    if (tif != NULL)
+    {
+        TIFFCloseProc closeproc = tif->tif_closeproc;
 	thandle_t fd = tif->tif_clientdata;
 
 	TIFFCleanup(tif);
 	(void) (*closeproc)(fd);
 }
-
+}
 /* vim: set ts=8 sts=8 sw=8 noet: */
 
 /*
diff --git a/tools/tiffcrop.c b/tools/tiffcrop.c
index d9b91e4e..07fc7ea3 100644
--- a/tools/tiffcrop.c
+++ b/tools/tiffcrop.c
@@ -2553,9 +2553,12 @@ main(int argc, char* argv[])
       }
     }
 
-  TIFFClose(out);
+    if (out != NULL)
+    {
+        TIFFClose(out);
+    }
 
-  return (0);
+    return (0);
   } /* end main */