We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Memory leak in formatIPTCfromBuffer. ASAN Report:
================================================================= ==14089==ERROR: LeakSanitizer: detected memory leaks Direct leak of 14249 byte(s) in 1 object(s) allocated from: #0 0x4b9228 in __interceptor_malloc (/home/sergej/ImageMagick/.libs/lt-magick+0x4b9228) #1 0x7fb99ce84cdd in formatIPTCfromBuffer /home/sergej/ImageMagick/coders/meta.c:2081 #2 0x7fb99ce84cdd in format8BIM /home/sergej/ImageMagick/coders/meta.c:2242 SUMMARY: AddressSanitizer: 14249 byte(s) leaked in 1 allocation(s).
Found with a modified version of the kAFL fuzzer (https://github.com/RUB-SysSec/kAFL).
Credits: Sergej Schumilo, Cornelius Aschermann (Ruhr-Universität Bochum)
memleak_2.zip
# Using an ASAN build of ImageMagick ASAN_OPTIONS=allow_addr2line=true ./magick_asan memleak_2 /dev/null
The text was updated successfully, but these errors were encountered:
https://github.com/ImageMagick/ImageMagick/issues/1118
33d1b95
Thanks for the problem report. We can reproduce it and will have a patch to fix it in GIT master branch @ https://github.com/ImageMagick/ImageMagick later today. The patch will be available in the beta releases of ImageMagick @ https://www.imagemagick.org/download/beta/ by sometime tomorrow.
Sorry, something went wrong.
359331c
This was assigned CVE-2018-16750.
No branches or pull requests
Prerequisites
Description
Memory leak in formatIPTCfromBuffer.
ASAN Report:
Found with a modified version of the kAFL fuzzer (https://github.com/RUB-SysSec/kAFL).
Credits: Sergej Schumilo, Cornelius Aschermann (Ruhr-Universität Bochum)
Steps to Reproduce
memleak_2.zip
System Configuration
The text was updated successfully, but these errors were encountered: