diff --git a/third_party/libtiff/tif_getimage.c b/third_party/libtiff/tif_getimage.c
index 41f7dfd77..8603ff026 100644
--- a/third_party/libtiff/tif_getimage.c
+++ b/third_party/libtiff/tif_getimage.c
@@ -723,6 +723,7 @@ static int gtTileContig(TIFFRGBAImage *img, uint32_t *raster, uint32_t w,
     uint32_t this_tw, tocol;
     int32_t this_toskew, leftmost_toskew;
     int32_t leftmost_fromskew;
+    int64_t safeskew;
     uint32_t leftmost_tw;
     tmsize_t bufsize;
 
@@ -792,9 +793,28 @@ static int gtTileContig(TIFFRGBAImage *img, uint32_t *raster, uint32_t w,
                 /*
                  * Rightmost tile is clipped on right side.
                  */
-                fromskew = tw - (w - tocol);
+                safeskew = tw;
+                safeskew -= w;
+                safeskew += tocol;
+                if (safeskew > INT_MAX || safeskew < INT_MIN)
+                {
+                    _TIFFfree(buf);
+                    TIFFErrorExt(tif->tif_clientdata, TIFFFileName(tif), "%s",
+                                 "Invalid skew");
+                    return (0);
+                }
+                fromskew = safeskew;
                 this_tw = tw - fromskew;
-                this_toskew = toskew + fromskew;
+                safeskew = toskew;
+                safeskew += fromskew;
+                if (safeskew > INT_MAX || safeskew < INT_MIN)
+                {
+                    _TIFFfree(buf);
+                    TIFFErrorExt(tif->tif_clientdata, TIFFFileName(tif), "%s",
+                                 "Invalid skew");
+                    return (0);
+                }
+                this_toskew = safeskew;
             }
             tmsize_t roffset = (tmsize_t)y * w + tocol;
             (*put)(img, raster + roffset, tocol, y, this_tw, nrow, fromskew,