From cbe03074900adb654bdb44c601bc619e3ba26df7 Mon Sep 17 00:00:00 2001
From: Even Rouault <even.rouault@spatialys.com>
Date: Wed, 17 May 2017 21:54:04 +0000
Subject: [PATCH] * libtiff/tif_read.c: _TIFFVSetField(): fix outside range
 cast of double to float. Credit to Google Autofuzz project

---
 ChangeLog         | 6 ++++++
 libtiff/tif_dir.c | 4 ++--
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 6e642bb0..ccafcfa9 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2017-05-17 Even Rouault <even.rouault at spatialys.com>
+
+	* libtiff/tif_read.c: _TIFFVSetField(): fix outside range cast of double to
+	float.
+	Credit to Google Autofuzz project
+
 2017-05-17 Even Rouault <even.rouault at spatialys.com>
 
 	* libtiff/tif_getimage.c: initYCbCrConversion(): add basic validation of
diff --git a/libtiff/tif_dir.c b/libtiff/tif_dir.c
index 36c7ae57..a8839491 100644
--- a/libtiff/tif_dir.c
+++ b/libtiff/tif_dir.c
@@ -1,4 +1,4 @@
-/* $Id: tif_dir.c,v 1.129 2017-01-11 16:09:02 erouault Exp $ */
+/* $Id: tif_dir.c,v 1.130 2017-05-17 21:54:05 erouault Exp $ */
 
 /*
  * Copyright (c) 1988-1997 Sam Leffler
@@ -686,7 +686,7 @@ _TIFFVSetField(TIFF* tif, uint32 tag, va_list ap)
 				case TIFF_SRATIONAL:
 				case TIFF_FLOAT:
 					{
-						float v2 = (float)va_arg(ap, double);
+						float v2 = TIFFClampDoubleToFloat(va_arg(ap, double));
 						_TIFFmemcpy(val, &v2, tv_size);
 					}
 					break;