From ba1eba27610ce11a15365175269ddbb5093c16ee Mon Sep 17 00:00:00 2001
From: Paul Kehrer <paul.l.kehrer@gmail.com>
Date: Tue, 17 Apr 2018 22:38:41 +0800
Subject: [PATCH] remove a pointless multiplication and a variable that's not
 necessary

---
 contrib/oss-fuzz/tiff_read_rgba_fuzzer.cc | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/contrib/oss-fuzz/tiff_read_rgba_fuzzer.cc b/contrib/oss-fuzz/tiff_read_rgba_fuzzer.cc
index 919bbc6c..b1b189f8 100644
--- a/contrib/oss-fuzz/tiff_read_rgba_fuzzer.cc
+++ b/contrib/oss-fuzz/tiff_read_rgba_fuzzer.cc
@@ -46,7 +46,6 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
       return 0;
   }
   uint32 w, h;
-  size_t npixels;
   uint32* raster;
 
   TIFFGetField(tif, TIFFTAG_IMAGEWIDTH, &w);
@@ -56,7 +55,7 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
       TIFFClose(tif);
       return 0;
   }
-  uint64 bufsize = TIFFTileSize64(tif) * 4;
+  uint64 bufsize = TIFFTileSize64(tif);
   /* don't continue if the buffer size greater than the max allowed by the fuzzer */
   if (bufsize > MAX_SIZE || bufsize == 0) {
       TIFFClose(tif);
@@ -73,13 +72,12 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
       TIFFClose(tif);
       return 0;
   }
-  npixels = w * h;
   uint32 size = __TIFFSafeMultiply(uint32, w, h);
   if (size > MAX_SIZE || size == 0) {
       TIFFClose(tif);
       return 0;
   }
-  raster = (uint32*) _TIFFmalloc(npixels * sizeof (uint32));
+  raster = (uint32*) _TIFFmalloc(size * sizeof (uint32));
   if (raster != NULL) {
       TIFFReadRGBAImage(tif, w, h, raster, 0);
       _TIFFfree(raster);