From: Cristy <mikayla-grace@urban-warrior.org>
Date: Thu, 27 May 2021 10:32:51 -0400
Subject: [1/2] CVE-2021-3610 eliminate heap buffer overflow vulnerability in
 TIFF coder

thanks to ZhangJiaxing (@r0fm1a) from Codesafe Team of Legendsec at Qi'anxin Group

bug: https://github.com/ImageMagick/ImageMagick6/issues/244
origin: https://github.com/ImageMagick/ImageMagick6/commit/b307bcadcdf6ea6819951ac1786b7904f27b25c6.patch
bug-debian-security: https://security-tracker.debian.org/tracker/CVE-2021-3610
---
 coders/tiff.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/coders/tiff.c b/coders/tiff.c
index 8e89ec1..3927224 100644
--- a/coders/tiff.c
+++ b/coders/tiff.c
@@ -1872,7 +1872,7 @@ static Image *ReadTIFFImage(const ImageInfo *image_info,
         /*
           Convert stripped TIFF image.
         */
-        extent=2*TIFFStripSize(tiff);
+        extent=4*TIFFStripSize(tiff);
 #if defined(TIFF_VERSION_BIG)
         extent+=image->columns*sizeof(uint64);
 #else