File ImageMagick-CVE-2016-10061.patch of Package ImageMagick
diff --git a/coders/tiff.c b/coders/tiff.c
index ef7dfc8..8b4fd7d 100644
--- a/coders/tiff.c
+++ b/coders/tiff.c
@@ -387,8 +387,10 @@ static Image *ReadGROUP4Image(const ImageInfo *image_info,
length=fwrite("\000\000\000\000",1,4,file);
length=WriteLSBLong(file,(size_t) (image->x_resolution+0.5));
length=WriteLSBLong(file,1);
+ status=MagickTrue;
for (length=0; (c=ReadBlobByte(image)) != EOF; length++)
- (void) fputc(c,file);
+ if (fputc(c,file) != c)
+ status=MagickFalse;
offset=(ssize_t) fseek(file,(ssize_t) offset,SEEK_SET);
length=WriteLSBLong(file,(unsigned int) length);
(void) fclose(file);
@@ -410,6 +412,8 @@ static Image *ReadGROUP4Image(const ImageInfo *image_info,
(void) CopyMagickString(image->magick,"GROUP4",MaxTextExtent);
}
(void) RelinquishUniqueFileResource(filename);
+ if (status == MagickFalse)
+ image=DestroyImage(image);
return(image);
}
#endif