From ce4c31567366574af2774a2356121413bc1c5a6d Mon Sep 17 00:00:00 2001
From: Ingo Weyrich <heckflosse67@gmx.de>
Date: Fri, 3 Sep 2021 14:03:50 +0200
Subject: [PATCH] fix OOB access, fixes #6279, fixes #6352

---
 rtengine/dcraw.cc | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/rtengine/dcraw.cc b/rtengine/dcraw.cc
index 13a6b054ac..07586bc3ea 100644
--- a/rtengine/dcraw.cc
+++ b/rtengine/dcraw.cc
@@ -4397,6 +4397,12 @@ void CLASS crop_masked_pixels()
       }
     }
   } else {
+    if (height + top_margin > raw_height) {
+      top_margin = raw_height - height;
+    }
+    if (width + left_margin > raw_width) {
+      left_margin = raw_width - width;
+    }
 #ifdef _OPENMP
 #pragma omp parallel for
 #endif