Closed
Description
Prerequisites
- I have written a descriptive issue title
- I have verified that I am using the latest version of ImageMagick
- I have searched open and closed issues to ensure it has not already been reported
Description
Version: ImageMagick 7.0.7-25 Q16 i686 2018-03-08 http://www.imagemagick.org
Copyright: © 1999-2018 ImageMagick Studio LLC
License: http://www.imagemagick.org/script/license.php
Features: Cipher DPC HDRI Modules OpenMP
Delegates (built-in): bzlib djvu fftw flif fontconfig fpx freetype jbig jng jp2 jpeg lcms ltdl openexr pangocairo png raw tiff webp x xml zlib
ASAN OUTPUT
root@v22017125319057172:/opt/lib_fuzz/test# convert not_kitty.jpg not_kitty.EPT2
=================================================================
==13524==ERROR: AddressSanitizer: attempting double-free on 0xadd00800 in thread T0:
#0 0xb72ab144 in __interceptor_realloc (/usr/lib/i386-linux-gnu/libasan.so.2+0x97144)
#1 0xb666c14e in ResizeMagickMemory MagickCore/memory.c:1260
#2 0xb666c217 in ResizeQuantumMemory MagickCore/memory.c:1324
#3 0xb6215460 in WriteBlob MagickCore/blob.c:5443
#4 0xb2220123 in TerminateDestination coders/jpeg.c:1948
#5 0xb20a3d3e in jpeg_finish_compress (/usr/lib/i386-linux-gnu/libjpeg.so.8+0x2d3e)
#6 0xb223a6d4 in WriteJPEGImage coders/jpeg.c:2928
#7 0xb630ce64 in WriteImage MagickCore/constitute.c:1118
#8 0xb6216e5f in InjectImageBlob MagickCore/blob.c:2605
#9 0xb209000c in WritePS2Image coders/ps2.c:865
#10 0xb630ce64 in WriteImage MagickCore/constitute.c:1118
#11 0xb621186c in ImageToBlob MagickCore/blob.c:1912
#12 0xb220ea44 in WriteEPTImage coders/ept.c:424
#13 0xb630ce64 in WriteImage MagickCore/constitute.c:1118
#14 0xb630ed51 in WriteImages MagickCore/constitute.c:1337
#15 0xb5b5708d in ConvertImageCommand MagickWand/convert.c:3280
#16 0xb5d77825 in MagickCommandGenesis MagickWand/mogrify.c:183
#17 0x80498ce in MagickMain utilities/magick.c:149
#18 0x804907a in main utilities/magick.c:180
#19 0xb588a636 in __libc_start_main (/lib/i386-linux-gnu/libc.so.6+0x18636)
#20 0x80490fb (/usr/bin/magick+0x80490fb)
0xadd00800 is located 0 bytes inside of 65536-byte region [0xadd00800,0xadd10800)
freed by thread T0 here:
#0 0xb72ab144 in __interceptor_realloc (/usr/lib/i386-linux-gnu/libasan.so.2+0x97144)
#1 0xb666c14e in ResizeMagickMemory MagickCore/memory.c:1260
previously allocated by thread T0 here:
#0 0xb72aadee in malloc (/usr/lib/i386-linux-gnu/libasan.so.2+0x96dee)
#1 0xb6669ab2 in AcquireMagickMemory MagickCore/memory.c:468
SUMMARY: AddressSanitizer: double-free ??:0 __interceptor_realloc
==13524==ABORTING
POC
System Configuration
System Configuration
ImageMagick version: 7.0.7-25
Environment (Operating system, version and so on): ubuntu-16.04.3-server-i386
Additional information:
Found by: Wang Yan
Metadata
Metadata
Assignees
Labels
No labels