You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The ReadARTImage function in art.c:156 allows attackers to cause a denial of service (memory leak) via a crafted file.
#convert $FILE out.bmp
Direct leak of 152 byte(s) in 1 object(s) allocated from:
#0 0x7f5ffe586b58 in __interceptor_malloc ../../../../libsanitizer/asan/asan_malloc_linux.cc:62 #1 0x43ecdb in AcquireMagickMemory MagickCore/memory.c:463 #2 0x982520 in AcquireQuantumInfo MagickCore/quantum.c:118 #3 0x50c8d2 in ReadARTImage coders/art.c:156 #4 0x7f27a7 in ReadImage MagickCore/constitute.c:497 #5 0x7f48f5 in ReadImages MagickCore/constitute.c:866 #6 0xadc3e5 in ConvertImageCommand MagickWand/convert.c:639 #7 0xc10308 in MagickCommandGenesis MagickWand/mogrify.c:183 #8 0x40f839 in MagickMain utilities/magick.c:149 #9 0x40fa06 in main utilities/magick.c:180 #10 0x7f5ff9895b34 in __libc_start_main (/lib64/libc.so.6+0x21b34)
Indirect leak of 101380 byte(s) in 4 object(s) allocated from:
#0 0x7f5ffe586b58 in __interceptor_malloc ../../../../libsanitizer/asan/asan_malloc_linux.cc:62 #1 0x43ecdb in AcquireMagickMemory MagickCore/memory.c:463 #2 0x43ed2f in AcquireQuantumMemory MagickCore/memory.c:536 #3 0x982955 in AcquireQuantumPixels MagickCore/quantum.c:175 #4 0x984573 in SetQuantumDepth MagickCore/quantum.c:693 #5 0x982692 in AcquireQuantumInfo MagickCore/quantum.c:125 #6 0x50c8d2 in ReadARTImage coders/art.c:156 #7 0x7f27a7 in ReadImage MagickCore/constitute.c:497 #8 0x7f48f5 in ReadImages MagickCore/constitute.c:866 #9 0xadc3e5 in ConvertImageCommand MagickWand/convert.c:639 #10 0xc10308 in MagickCommandGenesis MagickWand/mogrify.c:183 #11 0x40f839 in MagickMain utilities/magick.c:149 #12 0x40fa06 in main utilities/magick.c:180 #13 0x7f5ff9895b34 in __libc_start_main (/lib64/libc.so.6+0x21b34)
Indirect leak of 64 byte(s) in 1 object(s) allocated from:
#0 0x7f5ffe587590 in __interceptor_posix_memalign ../../../../libsanitizer/asan/asan_malloc_linux.cc:128 #1 0x48bef5 in AcquireSemaphoreMemory MagickCore/semaphore.c:154 #2 0x48bf9d in AcquireSemaphoreInfo MagickCore/semaphore.c:200 #3 0x9835ac in GetQuantumInfo MagickCore/quantum.c:427 #4 0x982642 in AcquireQuantumInfo MagickCore/quantum.c:122 #5 0x50c8d2 in ReadARTImage coders/art.c:156 #6 0x7f27a7 in ReadImage MagickCore/constitute.c:497 #7 0x7f48f5 in ReadImages MagickCore/constitute.c:866 #8 0xadc3e5 in ConvertImageCommand MagickWand/convert.c:639 #9 0xc10308 in MagickCommandGenesis MagickWand/mogrify.c:183 #10 0x40f839 in MagickMain utilities/magick.c:149 #11 0x40fa06 in main utilities/magick.c:180 #12 0x7f5ff9895b34 in __libc_start_main (/lib64/libc.so.6+0x21b34)
Indirect leak of 32 byte(s) in 1 object(s) allocated from:
#0 0x7f5ffe586b58 in __interceptor_malloc ../../../../libsanitizer/asan/asan_malloc_linux.cc:62 #1 0x43ecdb in AcquireMagickMemory MagickCore/memory.c:463 #2 0x43ed2f in AcquireQuantumMemory MagickCore/memory.c:536 #3 0x982814 in AcquireQuantumPixels MagickCore/quantum.c:166 #4 0x984573 in SetQuantumDepth MagickCore/quantum.c:693 #5 0x982692 in AcquireQuantumInfo MagickCore/quantum.c:125 #6 0x50c8d2 in ReadARTImage coders/art.c:156 #7 0x7f27a7 in ReadImage MagickCore/constitute.c:497 #8 0x7f48f5 in ReadImages MagickCore/constitute.c:866 #9 0xadc3e5 in ConvertImageCommand MagickWand/convert.c:639 #10 0xc10308 in MagickCommandGenesis MagickWand/mogrify.c:183 #11 0x40f839 in MagickMain utilities/magick.c:149 #12 0x40fa06 in main utilities/magick.c:180 #13 0x7f5ff9895b34 in __libc_start_main (/lib64/libc.so.6+0x21b34)
on ImageMagick 7.0.5-5
The ReadARTImage function in art.c:156 allows attackers to cause a denial of service (memory leak) via a crafted file.
#convert $FILE out.bmp
Direct leak of 152 byte(s) in 1 object(s) allocated from:
#0 0x7f5ffe586b58 in __interceptor_malloc ../../../../libsanitizer/asan/asan_malloc_linux.cc:62
#1 0x43ecdb in AcquireMagickMemory MagickCore/memory.c:463
#2 0x982520 in AcquireQuantumInfo MagickCore/quantum.c:118
#3 0x50c8d2 in ReadARTImage coders/art.c:156
#4 0x7f27a7 in ReadImage MagickCore/constitute.c:497
#5 0x7f48f5 in ReadImages MagickCore/constitute.c:866
#6 0xadc3e5 in ConvertImageCommand MagickWand/convert.c:639
#7 0xc10308 in MagickCommandGenesis MagickWand/mogrify.c:183
#8 0x40f839 in MagickMain utilities/magick.c:149
#9 0x40fa06 in main utilities/magick.c:180
#10 0x7f5ff9895b34 in __libc_start_main (/lib64/libc.so.6+0x21b34)
Indirect leak of 101380 byte(s) in 4 object(s) allocated from:
#0 0x7f5ffe586b58 in __interceptor_malloc ../../../../libsanitizer/asan/asan_malloc_linux.cc:62
#1 0x43ecdb in AcquireMagickMemory MagickCore/memory.c:463
#2 0x43ed2f in AcquireQuantumMemory MagickCore/memory.c:536
#3 0x982955 in AcquireQuantumPixels MagickCore/quantum.c:175
#4 0x984573 in SetQuantumDepth MagickCore/quantum.c:693
#5 0x982692 in AcquireQuantumInfo MagickCore/quantum.c:125
#6 0x50c8d2 in ReadARTImage coders/art.c:156
#7 0x7f27a7 in ReadImage MagickCore/constitute.c:497
#8 0x7f48f5 in ReadImages MagickCore/constitute.c:866
#9 0xadc3e5 in ConvertImageCommand MagickWand/convert.c:639
#10 0xc10308 in MagickCommandGenesis MagickWand/mogrify.c:183
#11 0x40f839 in MagickMain utilities/magick.c:149
#12 0x40fa06 in main utilities/magick.c:180
#13 0x7f5ff9895b34 in __libc_start_main (/lib64/libc.so.6+0x21b34)
Indirect leak of 64 byte(s) in 1 object(s) allocated from:
#0 0x7f5ffe587590 in __interceptor_posix_memalign ../../../../libsanitizer/asan/asan_malloc_linux.cc:128
#1 0x48bef5 in AcquireSemaphoreMemory MagickCore/semaphore.c:154
#2 0x48bf9d in AcquireSemaphoreInfo MagickCore/semaphore.c:200
#3 0x9835ac in GetQuantumInfo MagickCore/quantum.c:427
#4 0x982642 in AcquireQuantumInfo MagickCore/quantum.c:122
#5 0x50c8d2 in ReadARTImage coders/art.c:156
#6 0x7f27a7 in ReadImage MagickCore/constitute.c:497
#7 0x7f48f5 in ReadImages MagickCore/constitute.c:866
#8 0xadc3e5 in ConvertImageCommand MagickWand/convert.c:639
#9 0xc10308 in MagickCommandGenesis MagickWand/mogrify.c:183
#10 0x40f839 in MagickMain utilities/magick.c:149
#11 0x40fa06 in main utilities/magick.c:180
#12 0x7f5ff9895b34 in __libc_start_main (/lib64/libc.so.6+0x21b34)
Indirect leak of 32 byte(s) in 1 object(s) allocated from:
#0 0x7f5ffe586b58 in __interceptor_malloc ../../../../libsanitizer/asan/asan_malloc_linux.cc:62
#1 0x43ecdb in AcquireMagickMemory MagickCore/memory.c:463
#2 0x43ed2f in AcquireQuantumMemory MagickCore/memory.c:536
#3 0x982814 in AcquireQuantumPixels MagickCore/quantum.c:166
#4 0x984573 in SetQuantumDepth MagickCore/quantum.c:693
#5 0x982692 in AcquireQuantumInfo MagickCore/quantum.c:125
#6 0x50c8d2 in ReadARTImage coders/art.c:156
#7 0x7f27a7 in ReadImage MagickCore/constitute.c:497
#8 0x7f48f5 in ReadImages MagickCore/constitute.c:866
#9 0xadc3e5 in ConvertImageCommand MagickWand/convert.c:639
#10 0xc10308 in MagickCommandGenesis MagickWand/mogrify.c:183
#11 0x40f839 in MagickMain utilities/magick.c:149
#12 0x40fa06 in main utilities/magick.c:180
#13 0x7f5ff9895b34 in __libc_start_main (/lib64/libc.so.6+0x21b34)
101628 byte(s) leaked in 7 allocation(s).
testcase:https://github.com/bestshow/p0cs/blob/master/memory-leak-in-ReadARTImage-17.art
Credit:ADLab of Venustech
The text was updated successfully, but these errors were encountered: