Null Pointer Dereference at DistortImage of MagickCore/distort.c #780
Labels
Comments
dlemstra
added a commit
that referenced
this issue
Sep 25, 2017
dlemstra
added a commit
that referenced
this issue
Sep 25, 2017
|
Thanks for the problem report. We can reproduce it and will have a patch to fix it in GIT master branch @ https://github.com/ImageMagick/ImageMagick later today. The patch will be available in the beta releases of ImageMagick @ http://www.imagemagick.org/download/beta/ by sometime tomorrow. |
|
This was assigned CVE-2017-14739. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi all,
Another potential NPD at
resample_filter=AcquireResampleFilterThreadSet(imageofDistortImage, there is no null check after this acquiring, it then dereference the pointer in after. It could lead to process crash in acquiring when there is not enough available memory .This seems a similar case of #775
status=MagickTrue; progress=0; GetPixelInfo(distort_image,&zero); resample_filter=AcquireResampleFilterThreadSet(image, // AcquireResampleFilterThreadSet is able to return NULL (when acquiring memory hitting oom) UndefinedVirtualPixelMethod,MagickFalse,exception); distort_view=AcquireAuthenticCacheView(distort_image,exception);Regards,
Alex, SourceBrella Inc.
The text was updated successfully, but these errors were encountered: