New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
memory leak in ReadPCDImage #448
Comments
Thanks for the problem report. We can reproduce it and will have a patch to fix it in GIT master branch @ https://github.com/ImageMagick/ImageMagick later today. The patch will be available in the beta releases of ImageMagick @ http://www.imagemagick.org/download/beta/ by sometime tomorrow. |
This has been assigned CVE-2017-8351 |
Hmm, it seems to me that this fix was only applied to the ImageMagick-6 branch and not the master branch, hence is also not part of 7.0.5-6. Correct? |
This it the related IM7 commit: 3af5d73. And that is included in the current release (7.0.5-6). |
on ImageMagick 7.0.5-5
The ReadPCDImage function in pcd.c:536 allows attackers to cause a denial of service (memory leak) via a crafted file.
#identify $FILE
Direct leak of 6144 byte(s) in 1 object(s) allocated from:
#0 0x7fe28ee0ab58 in __interceptor_malloc ../../../../libsanitizer/asan/asan_malloc_linux.cc:62
#1 0x43ecdb in AcquireMagickMemory MagickCore/memory.c:463
#2 0x43ed2f in AcquireQuantumMemory MagickCore/memory.c:536
#3 0x60ef62 in ReadPCDImage coders/pcd.c:536
#4 0x7f27a7 in ReadImage MagickCore/constitute.c:497
#5 0x9e41a7 in ReadStream MagickCore/stream.c:1045
#6 0x7f1855 in PingImage MagickCore/constitute.c:226
#7 0x7f1e08 in PingImages MagickCore/constitute.c:327
#8 0xbb97b4 in IdentifyImageCommand MagickWand/identify.c:319
#9 0xc10308 in MagickCommandGenesis MagickWand/mogrify.c:183
#10 0x40f839 in MagickMain utilities/magick.c:149
#11 0x40fa06 in main utilities/magick.c:180
#12 0x7fe28a119b34 in __libc_start_main (/lib64/libc.so.6+0x21b34)
6144 byte(s) leaked in 1 allocation(s).
testcase:https://github.com/bestshow/p0cs/blob/master/memory-leak-in-ReadPCDImage-9.pcd
Author: ADLab of Venustech
The text was updated successfully, but these errors were encountered: