| 12
 3
 4
 5
 6
 7
 8
 9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 
 | From: Cristy <mikayla-grace@urban-warrior.org>
Date: Thu, 27 May 2021 10:32:51 -0400
Subject: [1/2] CVE-2021-3610 eliminate heap buffer overflow vulnerability in
 TIFF coder
thanks to ZhangJiaxing (@r0fm1a) from Codesafe Team of Legendsec at Qi'anxin Group
bug: https://github.com/ImageMagick/ImageMagick6/issues/244
origin: https://github.com/ImageMagick/ImageMagick6/commit/b307bcadcdf6ea6819951ac1786b7904f27b25c6.patch
bug-debian-security: https://security-tracker.debian.org/tracker/CVE-2021-3610
---
 coders/tiff.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/coders/tiff.c b/coders/tiff.c
index 8e89ec1..3927224 100644
--- a/coders/tiff.c
+++ b/coders/tiff.c
@@ -1872,7 +1872,7 @@ static Image *ReadTIFFImage(const ImageInfo *image_info,
         /*
           Convert stripped TIFF image.
         */
-        extent=2*TIFFStripSize(tiff);
+        extent=4*TIFFStripSize(tiff);
 #if defined(TIFF_VERSION_BIG)
         extent+=image->columns*sizeof(uint64);
 #else
 |