Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
a potential memory leak bug locates in coders/miff.c
the bug locates in https://github.com/ImageMagick/ImageMagick/blob/master/coders/miff.c#L2420 the code frament is as follows: the code locates in a if block,and we allocate colormap memory in the if block, we freed it in normal branch,but forgot free it in exception branch
colormap_size=(size_t) (3*quantum_info->depth/8); colormap=(unsigned char *) AcquireQuantumMemory(image->colors, colormap_size*sizeof(*colormap)); // allocate memory of colormap if (colormap == (unsigned char *) NULL) ThrowWriterException(ResourceLimitError,"MemoryAllocationFailed"); /* Write colormap to file. */ q=colormap; for (i=0; i < (ssize_t) image->colors; i++) { switch (quantum_info->depth) { default: ThrowWriterException(CorruptImageError,"ImageDepthNotSupported"); // we forget free colormap memory here case 32:
credit: www.vackbot.com(墨云科技)
The text was updated successfully, but these errors were encountered:
https://github.com/ImageMagick/ImageMagick/issues/1191
ae3eeca
4b352c0
Thanks for the problem report. We can reproduce it and will have a patch to fix it in GIT master branch @ https://github.com/ImageMagick/ImageMagick later today. The patch will be available in the beta releases of ImageMagick @ http://www.imagemagick.org/download/beta/ by sometime tomorrow.
Sorry, something went wrong.
This was assigned CVE-2018-14436.
No branches or pull requests
Prerequisites
Description
a potential memory leak bug locates in coders/miff.c
Steps to Reproduce
the bug locates in
https://github.com/ImageMagick/ImageMagick/blob/master/coders/miff.c#L2420
the code frament is as follows: the code locates in a if block,and we allocate colormap memory in the if block, we freed it in normal branch,but forgot free it in exception branch
credit: www.vackbot.com(墨云科技)
System Configuration
The text was updated successfully, but these errors were encountered: