You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The ReadMNGImage function in png.c:5402 allows attackers to cause a denial of service (memory leak) via a crafted file.
#identify $FILE
Direct leak of 20664 byte(s) in 1 object(s) allocated from:
#0 0x7f06b7672b58 in __interceptor_malloc ../../../../libsanitizer/asan/asan_malloc_linux.cc:62 #1 0x43ecdb in AcquireMagickMemory MagickCore/memory.c:463 #2 0x720ada in ReadMNGImage coders/png.c:5402 #3 0x7f27a7 in ReadImage MagickCore/constitute.c:497 #4 0x9e41a7 in ReadStream MagickCore/stream.c:1045 #5 0x7f1855 in PingImage MagickCore/constitute.c:226 #6 0x7f1e08 in PingImages MagickCore/constitute.c:327 #7 0xbb97b4 in IdentifyImageCommand MagickWand/identify.c:319 #8 0xc10308 in MagickCommandGenesis MagickWand/mogrify.c:183 #9 0x40f839 in MagickMain utilities/magick.c:149 #10 0x40fa06 in main utilities/magick.c:180 #11 0x7f06b2981b34 in __libc_start_main (/lib64/libc.so.6+0x21b34)
on ImageMagick 7.0.5-5
The ReadMNGImage function in png.c:5402 allows attackers to cause a denial of service (memory leak) via a crafted file.
#identify $FILE
Direct leak of 20664 byte(s) in 1 object(s) allocated from:
#0 0x7f06b7672b58 in __interceptor_malloc ../../../../libsanitizer/asan/asan_malloc_linux.cc:62
#1 0x43ecdb in AcquireMagickMemory MagickCore/memory.c:463
#2 0x720ada in ReadMNGImage coders/png.c:5402
#3 0x7f27a7 in ReadImage MagickCore/constitute.c:497
#4 0x9e41a7 in ReadStream MagickCore/stream.c:1045
#5 0x7f1855 in PingImage MagickCore/constitute.c:226
#6 0x7f1e08 in PingImages MagickCore/constitute.c:327
#7 0xbb97b4 in IdentifyImageCommand MagickWand/identify.c:319
#8 0xc10308 in MagickCommandGenesis MagickWand/mogrify.c:183
#9 0x40f839 in MagickMain utilities/magick.c:149
#10 0x40fa06 in main utilities/magick.c:180
#11 0x7f06b2981b34 in __libc_start_main (/lib64/libc.so.6+0x21b34)
20664 byte(s) leaked in 1 allocation(s).
testcase:https://github.com/bestshow/p0cs/blob/master/memory-leak-in-ReadMNGImage-4.mng
Author: ADLab of Venustech
The text was updated successfully, but these errors were encountered: