* libtiff/tif_fax3.c (Fax3SetupState): Avoid under-allocation of
buffer due to integer overflow in TIFFroundup() and several other
potential overflows. In conjunction with the fix to TIFFhowmany(),
fixes CVE-2010-1411.
* libtiff/tiffiop.h (TIFFhowmany): Return zero if parameters would
result in an integer overflow. This causes TIFFroundup() to also
return zero if there would be an integer overflow.
3adc33842b
