In source/fitz/load-tiff.c Line:272
272 *dst++ = a << (8 - tiff->bitspersample);
if tiff->bitspersample = 16, 8 - tiff->bitspersample will revert to a very large value 4294967288, which is not our expectation.
I think it is an integer overflow issue.
Do you have a file that can be used to reproduce the issue?
Sorry, I just reviewed the source code. No POC now.
Author: Sebastian Rasmussen <firstname.lastname@example.org>
Date: Mon Jun 10 13:58:28 2019 +0200
Bug 701176: Handle TIFFs with alpha that have more than 8 bits per sample.