From af4ee2276bfb9cfdd1809326604ead5a405735be Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Matej=20Mu=C5=BEila?= <mmuzila@redhat.com>
Date: Thu, 8 Jun 2023 14:10:59 +0200
Subject: [PATCH] (CVE-2023-2731) LZWDecode(): avoid crash when trying to read
 again from a strip whith a missing end-of-information marker (fixes #548)

(cherry picked from commit 9be22b639ea69e102d3847dca4c53ef025e9527b)
---
 libtiff/tif_lzw.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/libtiff/tif_lzw.c b/libtiff/tif_lzw.c
index 096824d2..2ba6237e 100644
--- a/libtiff/tif_lzw.c
+++ b/libtiff/tif_lzw.c
@@ -404,7 +404,11 @@ LZWDecode(TIFF* tif, uint8_t* op0, tmsize_t occ0, uint16_t s)
 	assert(sp->dec_codetab != NULL);
 
 	if (sp->read_error) {
-		return 0;
+        TIFFErrorExt(tif->tif_clientdata, module,
+                      "LZWDecode: Scanline %" PRIu32 " cannot be read due to "
+                      "previous error",
+                      tif->tif_row);
+        return 0;
 	}
 
 	/*
@@ -705,6 +709,7 @@ after_loop:
 	return (1);
 
 no_eoi:
+    sp->read_error = 1;
     TIFFErrorExt(tif->tif_clientdata, module,
                     "LZWDecode: Strip %"PRIu32" not terminated with EOI code",
                     tif->tif_curstrip);