diff -rupN --no-dereference Pillow-7.2.0/src/libImaging/TiffDecode.c Pillow-7.2.0-new/src/libImaging/TiffDecode.c
--- Pillow-7.2.0/src/libImaging/TiffDecode.c	2021-03-06 11:40:18.426803572 +0100
+++ Pillow-7.2.0-new/src/libImaging/TiffDecode.c	2021-03-06 11:40:18.429803572 +0100
@@ -36,10 +36,6 @@ tsize_t _tiffReadProc(thandle_t hdata, t
     TRACE(("_tiffReadProc: %d \n", (int)size));
     dump_state(state);
 
-    if (state->loc > state->eof) {
-        TIFFError("_tiffReadProc", "Invalid Read at loc %d, eof: %d", state->loc, state->eof);
-        return 0;
-    }
     to_read = min(size, min(state->size, (tsize_t)state->eof) - (tsize_t)state->loc);
     TRACE(("to_read: %d\n", (int)to_read));
 
@@ -192,6 +188,15 @@ int ReadTile(TIFF* tiff, UINT32 col, UIN
             return -1;
         }
 
+        /* Sanity Check. Apparently in some cases, the TiffReadRGBA* functions
+           have a different view of the size of the tiff than we're getting from
+           other functions. So, we need to check here.
+        */
+        if (!TIFFCheckTile(tiff, col, row, 0, 0)) {
+            TRACE(("Check Tile Error, Tile at %dx%d\n", x, y));
+            return -1;;
+        }
+
         /* Read the tile into an RGBA array */
         if (!TIFFReadRGBATile(tiff, col, row, buffer)) {
             return -1;
diff -rupN --no-dereference Pillow-7.2.0/Tests/test_tiff_crashes.py Pillow-7.2.0-new/Tests/test_tiff_crashes.py
--- Pillow-7.2.0/Tests/test_tiff_crashes.py	2021-03-06 11:40:18.427803572 +0100
+++ Pillow-7.2.0-new/Tests/test_tiff_crashes.py	2021-03-06 11:40:18.429803572 +0100
@@ -29,6 +29,7 @@ from .helper import on_ci
         "Tests/images/crash-4f085cc12ece8cde18758d42608bed6a2a2cfb1c.tif",
         "Tests/images/crash-86214e58da443d2b80820cff9677a38a33dcbbca.tif",
         "Tests/images/crash-f46f5b2f43c370fe65706c11449f567ecc345e74.tif",
+        "Tests/images/crash-63b1dffefc8c075ddc606c0a2f5fdc15ece78863.tif",
     ],
 )
 @pytest.mark.filterwarnings("ignore:Possibly corrupt EXIF data")