Closed
Description
root@vultr:/opt/poc# convert --version
Version: ImageMagick 7.0.7-26 Q16 x86_64 2018-03-05 http://www.imagemagick.org
Copyright: © 1999-2018 ImageMagick Studio LLC
License: http://www.imagemagick.org/script/license.php
Features: Cipher DPC HDRI OpenMP
Delegates (built-in): bzlib djvu fftw fontconfig fpx freetype jbig jng jpeg lcms lqr lzma openexr pangocairo png tiff webp wmf x xml zlib
root@vultr:/opt/poc# convert tif_heap-buffer-overflow dev/null
=================================================================
==13394==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60c00000c97c at pc 0x7f856a3bc674 bp 0x7ffc3e5db890 sp 0x7ffc3e5db880
READ of size 4 at 0x60c00000c97c thread T0
#0 0x7f856a3bc673 in ReadTIFFImage coders/tiff.c:2018
#1 0x7f85697723e0 in ReadImage MagickCore/constitute.c:497
#2 0x7f856977542a in ReadImages MagickCore/constitute.c:867
#3 0x7f8568e3e49f in ConvertImageCommand MagickWand/convert.c:641
#4 0x7f856900897d in MagickCommandGenesis MagickWand/mogrify.c:183
#5 0x4020d9 in MagickMain utilities/magick.c:149
#6 0x7f856872082f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
#7 0x401668 in _start (/usr/local/bin/magick+0x401668)
0x60c00000c97c is located 108 bytes inside of 4294967295-byte region [0x60c00000c910,0x60c10000c90f)
==13394==AddressSanitizer CHECK failed: ../../../../src/libsanitizer/asan/asan_report.cc:515 "((chunk.AllocTid() != kInvalidTid)) != (0)" (0x0, 0x0)
#0 0x7f856aa6d631 (/usr/lib/x86_64-linux-gnu/libasan.so.2+0xa0631)
#1 0x7f856aa725e3 in __sanitizer::CheckFailed(char const*, int, char const*, unsigned long long, unsigned long long) (/usr/lib/x86_64-linux-gnu/libasan.so.2+0xa55e3)
#2 0x7f856aa6a60c (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x9d60c)
#3 0x7f856aa6c624 in __asan_report_error (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x9f624)
#4 0x7f856aa6dbb2 in __asan_report_load4 (/usr/lib/x86_64-linux-gnu/libasan.so.2+0xa0bb2)
#5 0x7f856a3bc673 in ReadTIFFImage coders/tiff.c:2018
#6 0x7f85697723e0 in ReadImage MagickCore/constitute.c:497
#7 0x7f856977542a in ReadImages MagickCore/constitute.c:867
#8 0x7f8568e3e49f in ConvertImageCommand MagickWand/convert.c:641
#9 0x7f856900897d in MagickCommandGenesis MagickWand/mogrify.c:183
#10 0x4020d9 in MagickMain utilities/magick.c:149
#11 0x7f856872082f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
#12 0x401668 in _start (/usr/local/bin/magick+0x401668)
root@vultr:/opt/poc#
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 16.04.3 LTS
Release: 16.04
Codename: xenial
https://github.com/ImageMagick/ImageMagick/files/1806047/tif_heap-buffer-overflow.zip
Metadata
Metadata
Assignees
Labels
No labels