Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
root@vultr:/opt/poc# convert --version Version: ImageMagick 7.0.7-26 Q16 x86_64 2018-03-05 http://www.imagemagick.org Copyright: © 1999-2018 ImageMagick Studio LLC License: http://www.imagemagick.org/script/license.php Features: Cipher DPC HDRI OpenMP Delegates (built-in): bzlib djvu fftw fontconfig fpx freetype jbig jng jpeg lcms lqr lzma openexr pangocairo png tiff webp wmf x xml zlib
root@vultr:/opt/poc# convert tif_heap-buffer-overflow dev/null ================================================================= ==13394==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60c00000c97c at pc 0x7f856a3bc674 bp 0x7ffc3e5db890 sp 0x7ffc3e5db880 READ of size 4 at 0x60c00000c97c thread T0 #0 0x7f856a3bc673 in ReadTIFFImage coders/tiff.c:2018 #1 0x7f85697723e0 in ReadImage MagickCore/constitute.c:497 #2 0x7f856977542a in ReadImages MagickCore/constitute.c:867 #3 0x7f8568e3e49f in ConvertImageCommand MagickWand/convert.c:641 #4 0x7f856900897d in MagickCommandGenesis MagickWand/mogrify.c:183 #5 0x4020d9 in MagickMain utilities/magick.c:149 #6 0x7f856872082f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f) #7 0x401668 in _start (/usr/local/bin/magick+0x401668) 0x60c00000c97c is located 108 bytes inside of 4294967295-byte region [0x60c00000c910,0x60c10000c90f) ==13394==AddressSanitizer CHECK failed: ../../../../src/libsanitizer/asan/asan_report.cc:515 "((chunk.AllocTid() != kInvalidTid)) != (0)" (0x0, 0x0) #0 0x7f856aa6d631 (/usr/lib/x86_64-linux-gnu/libasan.so.2+0xa0631) #1 0x7f856aa725e3 in __sanitizer::CheckFailed(char const*, int, char const*, unsigned long long, unsigned long long) (/usr/lib/x86_64-linux-gnu/libasan.so.2+0xa55e3) #2 0x7f856aa6a60c (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x9d60c) #3 0x7f856aa6c624 in __asan_report_error (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x9f624) #4 0x7f856aa6dbb2 in __asan_report_load4 (/usr/lib/x86_64-linux-gnu/libasan.so.2+0xa0bb2) #5 0x7f856a3bc673 in ReadTIFFImage coders/tiff.c:2018 #6 0x7f85697723e0 in ReadImage MagickCore/constitute.c:497 #7 0x7f856977542a in ReadImages MagickCore/constitute.c:867 #8 0x7f8568e3e49f in ConvertImageCommand MagickWand/convert.c:641 #9 0x7f856900897d in MagickCommandGenesis MagickWand/mogrify.c:183 #10 0x4020d9 in MagickMain utilities/magick.c:149 #11 0x7f856872082f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f) #12 0x401668 in _start (/usr/local/bin/magick+0x401668) root@vultr:/opt/poc# No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu 16.04.3 LTS Release: 16.04 Codename: xenial https://github.com/ImageMagick/ImageMagick/files/1806047/tif_heap-buffer-overflow.zip
The text was updated successfully, but these errors were encountered:
https://github.com/ImageMagick/ImageMagick/issues/1020
23f6bee
7c0b29f
Thanks for the problem report. We can reproduce it and will have a patch to fix it in GIT master branch @ https://github.com/ImageMagick/ImageMagick later today. The patch will be available in the beta releases of ImageMagick @ https://www.imagemagick.org/download/beta/ by sometime tomorrow.
Sorry, something went wrong.
This was assigned CVE-2018-8960.
No branches or pull requests
root@vultr:/opt/poc# convert --version
Version: ImageMagick 7.0.7-26 Q16 x86_64 2018-03-05 http://www.imagemagick.org
Copyright: © 1999-2018 ImageMagick Studio LLC
License: http://www.imagemagick.org/script/license.php
Features: Cipher DPC HDRI OpenMP
Delegates (built-in): bzlib djvu fftw fontconfig fpx freetype jbig jng jpeg lcms lqr lzma openexr pangocairo png tiff webp wmf x xml zlib
The text was updated successfully, but these errors were encountered: