It was found in libtiff 4.4.0rc1 that there is an invalid pointer free operation in TIFFClose at tif_close.c:131 called by tiffcrop.c:2522 that can cause a program crash and denial of service while processing crafted input