Closed
Description
Prerequisites
- [ Y ] I have written a descriptive issue title
- [ Y ] I have verified that I am using the latest version of ImageMagick
- [ Y ] I have searched open and closed issues to ensure it has not already been reported
Description
There is a null pointer deference vulnerablity in function ReadPANGOImage in coders/pango.c
option=GetImageOption(image_info,"filename");
if (option == (const char *) NULL)
property=InterpretImageProperties((ImageInfo *) image_info,image,
image_info->filename,exception);
else
if (LocaleNCompare(option,"pango:",6) == 0)
property=InterpretImageProperties((ImageInfo *) image_info,image,option+6,
exception);
else
property=InterpretImageProperties((ImageInfo *) image_info,image,option,
exception);
(void) SetImageProperty(image,"caption",property,exception);
(https://github.com/ImageMagick/ImageMagick/blob/master/coders/pango.c#L202)
The return value of InterpretImageProperties may be NULL, and then there is a null pointer deference.
See https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=6152 and 93a9ccc for details.