From e4ee274439d6bf538da00009d15b553fa2324bb8 Mon Sep 17 00:00:00 2001
From: Cristy <urban-warrior@imagemagick.org>
Date: Wed, 11 Jan 2017 10:10:16 -0500
Subject: [PATCH] Detect write error in ReadGROUP4Image

Fix CVE-2016-10062

bug: https://github.com/ImageMagick/ImageMagick/issues/352
bug-debian: https://bugs.debian.org/849439
origin: https://github.com/ImageMagick/ImageMagick/commit/41e955984b034777903cfa61e500a0b922eb9cbd
---
 coders/tiff.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/coders/tiff.c b/coders/tiff.c
index 678eb6ae5..e4ac793c6 100644
--- a/coders/tiff.c
+++ b/coders/tiff.c
@@ -378,6 +378,8 @@ static Image *ReadGROUP4Image(const ImageInfo *image_info,
       status=MagickFalse;
   offset=(ssize_t) fseek(file,(ssize_t) offset,SEEK_SET);
   length=WriteLSBLong(file,(unsigned int) length);
+  if (ferror(file) != 0)
+    ThrowImageException(FileOpenError,"UnableToCreateTemporaryFile");
   (void) fclose(file);
   (void) CloseBlob(image);
   image=DestroyImage(image);