From 803bc34ebe023f209f745baf8a112610ff77cc8c Mon Sep 17 00:00:00 2001
From: Cristy <urban-warrior@imagemagick.org>
Date: Thu, 14 Jul 2016 06:28:00 -0400
Subject: [PATCH] Prevent possible buffer overflow when reading TIFF images
 (bug report from Shi Pu of MS509 Team)

---
 ChangeLog     | 2 ++
 coders/tiff.c | 3 ++-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/ChangeLog b/ChangeLog
index 640e37f49..cd0e834b4 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,6 +1,8 @@
 2016-07-13  7.0.2-5 Cristy  <quetzlzacatenango@image...>
   * Fix MVG stroke-opacity (reference
     https://github.com/ImageMagick/ImageMagick/issues/229).
+  * Prevent possible buffer overflow when reading TIFF images (bug report from
+    Shi Pu of MS509 Team).
 
 2016-07-11  7.0.2-4 Cristy  <quetzlzacatenango@image...>
   * Release ImageMagick version 7.0.2-4, GIT revision 18591:50debe5:20160710.
diff --git a/coders/tiff.c b/coders/tiff.c
index 969de7093..fd171099d 100644
--- a/coders/tiff.c
+++ b/coders/tiff.c
@@ -1629,7 +1629,8 @@ RestoreMSCWarning
               quantum_type=GrayQuantum;
               pad=(size_t) MagickMax((size_t) samples_per_pixel-1,0);
             }
-        status=SetQuantumPad(image,quantum_info,pad*((bits_per_sample+7) >> 3));
+        status=SetQuantumPad(image,quantum_info,pad*pow(2,ceil(log(
+          bits_per_sample)/log(2))));
         if (status == MagickFalse)
           {
             TIFFClose(tiff);
-- 
2.40.0