From 728dc6a600cf4cbdac846964c85cc04339db8ac1 Mon Sep 17 00:00:00 2001
From: Cristy <urban-warrior@imagemagick.org>
Date: Wed, 24 Aug 2016 09:45:35 -0400
Subject: [PATCH] Fix TIFF divide by zero (bug report from Donghai Zhu)

---
 ChangeLog     | 4 ++--
 coders/tiff.c | 4 +++-
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 12c8c95f0..56e92f92e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,8 +1,8 @@
 2016-08-15  7.0.2-10 Cristy  <quetzlzacatenango@image...>
   * Prevent buffer overflow in BMP & SGI coders (bug report from
     pwchen&rayzhong of tencent).
-  * Prevent buffer overflow in SIXEL, PDB, MAP, and CALS coders (bug report
-    from Donghai Zhu).
+  * Prevent buffer overflow and other problems in SIXEL, PDB, MAP, TIFF and
+    CALS coders (bug report from Donghai Zhu).
 
 2016-08-14  7.0.2-9 Cristy  <quetzlzacatenango@image...>
   * Release ImageMagick version 7.0.2-9, GIT revision 18707:2c02f09:20160814.
diff --git a/coders/tiff.c b/coders/tiff.c
index 32ed20427..4d0334b62 100644
--- a/coders/tiff.c
+++ b/coders/tiff.c
@@ -3479,7 +3479,9 @@ static MagickBooleanType WriteTIFFImage(const ImageInfo *image_info,
       if ((image_info->interlace == PlaneInterlace) ||
           (image_info->interlace == PartitionInterlace))
         (void) TIFFSetField(tiff,TIFFTAG_PLANARCONFIG,PLANARCONFIG_SEPARATE);
-     rows_per_strip=TIFFDefaultStripSize(tiff,0);
+    rows_per_strip=1;
+    if (TIFFScanlineSize(tiff) != 0)
+      rows_per_strip=TIFFDefaultStripSize(tiff,0);
     option=GetImageOption(image_info,"tiff:rows-per-strip");
     if (option != (const char *) NULL)
       rows_per_strip=(size_t) strtol(option,(char **) NULL,10);
-- 
2.40.0