From: Cristy <mikayla-grace@urban-warrior.org>
Date: Sun, 30 May 2021 20:57:18 -0400
Subject: [2/2] CVE-2021-3610 eliminate heap buffer overflow vulnerability in
 TIFF coder

Thanks to ZhangJiaxing (@r0fm1a) from Codesafe Team of Legendsec at Qi'anxin Group

bug: https://github.com/ImageMagick/ImageMagick6/issues/244
origin: https://github.com/ImageMagick/ImageMagick6/commit/b307bcadcdf6ea6819951ac1786b7904f27b25c6.patch
bug-debian-security: https://security-tracker.debian.org/tracker/CVE-2021-3610
(cherry picked from commit c75ae771a00c38b757c5ef4b424b51e761b02552)
---
 coders/tiff.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/coders/tiff.c b/coders/tiff.c
index 3927224..1c84442 100644
--- a/coders/tiff.c
+++ b/coders/tiff.c
@@ -1872,7 +1872,7 @@ static Image *ReadTIFFImage(const ImageInfo *image_info,
         /*
           Convert stripped TIFF image.
         */
-        extent=4*TIFFStripSize(tiff);
+        extent=(samples_per_pixel+1)*TIFFStripSize(tiff);
 #if defined(TIFF_VERSION_BIG)
         extent+=image->columns*sizeof(uint64);
 #else