Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
I found a problem that will cause the program hang, and the CPU and memory will be exhausted. If limit memory, it will crash.
magick convert POC1 /dev/null
<policy domain="resource" name="width" value="1KP"/> <policy domain="resource" name="height" value="1KP"/>
ulimit -Sv 200000
...... 0xf4e00000-0xf4f00000 0xf5000000-0xf5100000 0xf519b000-0xf51b3000 0xf51b3000-0xf51b4000 /usr/lib/locale/locale-archive 0xf51b4000-0xf6397000 0xf6397000-0xf6547000 /lib/i386-linux-gnu/libc-2.23.so 0xf6547000-0xf6549000 /lib/i386-linux-gnu/libc-2.23.so 0xf6549000-0xf654a000 /lib/i386-linux-gnu/libc-2.23.so 0xf654a000-0xf654e000 0xf654e000-0xf656a000 /lib/i386-linux-gnu/libgcc_s.so.1 0xf656a000-0xf656b000 /lib/i386-linux-gnu/libgcc_s.so.1 0xf656b000-0xf656e000 /lib/i386-linux-gnu/libdl-2.23.so 0xf656e000-0xf656f000 /lib/i386-linux-gnu/libdl-2.23.so 0xf656f000-0xf6570000 /lib/i386-linux-gnu/libdl-2.23.so 0xf6570000-0xf6577000 /lib/i386-linux-gnu/librt-2.23.so 0xf6577000-0xf6578000 /lib/i386-linux-gnu/librt-2.23.so 0xf6578000-0xf6579000 /lib/i386-linux-gnu/librt-2.23.so 0xf6579000-0xf6592000 /lib/i386-linux-gnu/libpthread-2.23.so 0xf6592000-0xf6593000 /lib/i386-linux-gnu/libpthread-2.23.so 0xf6593000-0xf6594000 /lib/i386-linux-gnu/libpthread-2.23.so 0xf6594000-0xf6596000 0xf6596000-0xf65e9000 /lib/i386-linux-gnu/libm-2.23.so 0xf65e9000-0xf65ea000 /lib/i386-linux-gnu/libm-2.23.so 0xf65ea000-0xf65eb000 /lib/i386-linux-gnu/libm-2.23.so 0xf65eb000-0xf65ec000 0xf65ec000-0xf660e000 /usr/lib/i386-linux-gnu/libgomp.so.1.0.0 0xf660e000-0xf660f000 /usr/lib/i386-linux-gnu/libgomp.so.1.0.0 0xf660f000-0xf6610000 /usr/lib/i386-linux-gnu/libgomp.so.1.0.0 0xf6610000-0xf6629000 /lib/i386-linux-gnu/libz.so.1.2.8 0xf6629000-0xf662a000 /lib/i386-linux-gnu/libz.so.1.2.8 0xf662a000-0xf662b000 /lib/i386-linux-gnu/libz.so.1.2.8 0xf662b000-0xf6646000 0xf6646000-0xf6c47000 /usr/local/lib/libMagickWand-7.Q16HDRI.so.6.0.0 0xf6c47000-0xf6c48000 /usr/local/lib/libMagickWand-7.Q16HDRI.so.6.0.0 0xf6c48000-0xf6c5c000 /usr/local/lib/libMagickWand-7.Q16HDRI.so.6.0.0 0xf6c5c000-0xf6c7e000 /usr/local/lib/libMagickWand-7.Q16HDRI.so.6.0.0 0xf6c7e000-0xf7d8a000 /usr/local/lib/libMagickCore-7.Q16HDRI.so.6.0.0 0xf7d8a000-0xf7e7a000 /usr/local/lib/libMagickCore-7.Q16HDRI.so.6.0.0 0xf7e7a000-0xf7ee9000 /usr/local/lib/libMagickCore-7.Q16HDRI.so.6.0.0 0xf7ee9000-0xf7eed000 0xf7eed000-0xf7ef0000 [vvar] 0xf7ef0000-0xf7ef2000 [vdso] 0xf7ef2000-0xf7f15000 /lib/i386-linux-gnu/ld-2.23.so 0xf7f15000-0xf7f16000 /lib/i386-linux-gnu/ld-2.23.so 0xf7f16000-0xf7f17000 /lib/i386-linux-gnu/ld-2.23.so 0xffd0c000-0xffd2d000 [stack] ==22437==End of process memory map. ==22437==AddressSanitizer CHECK failed: sanitizer_common.cc:183 "((0 && "unable to mmap")) != (0)" (0x0, 0x0) ERROR: Failed to mmap
The text was updated successfully, but these errors were encountered:
Thanks for the problem report. We can reproduce it and will have a patch to fix it in GIT master branch @ https://github.com/ImageMagick/ImageMagick later today. The patch will be available in the beta releases of ImageMagick @ https://www.imagemagick.org/download/beta/ by sometime tomorrow.
Sorry, something went wrong.
Thanks for your reply. @urban-warrior
CVE-2018-20467 has been assigned for this vulnerability.
Could we get the im6 commit ?
The IMv6 commit is ImageMagick/ImageMagick6@4dd53a3.
No branches or pull requests
Prerequisites
Description
I found a problem that will cause the program hang, and the CPU and memory will be exhausted.
If limit memory, it will crash.
Steps to Reproduce
magick convert POC1 /dev/nullulimit -Sv 200000, it crash quickly.Here is part of the information that ASan output:
System Configuration
The text was updated successfully, but these errors were encountered: