Closed
Description
Prerequisites
- [ Y ] I have written a descriptive issue title
- [ Y ] I have verified that I am using the latest version of ImageMagick
- [ Y ] I have searched open and closed issues to ensure it has not already been reported
Description
There a use-of-uninitialized-value vulnerability in function ReadPANGOImage in coders/pango.c.
assert(image_info != (const ImageInfo *) NULL);
assert(image_info->signature == MagickCoreSignature);
if (image_info->debug != MagickFalse)
(void) LogMagickEvent(TraceEvent,GetMagickModule(),"%s",
image_info->filename);
assert(exception != (ExceptionInfo *) NULL);
assert(exception->signature == MagickCoreSignature);
image=AcquireImage(image_info,exception);
(void) ResetImagePage(image,"0x0+0+0");
https://github.com/ImageMagick/ImageMagick/blob/master/coders/pango.c#L179
We should call SetImageBackgroundColor when condition image->columns !=0 && image->rows !=0 satisfies. Otherwise, there will be a use-of-unintialized-value vulnerablity.
See https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11930, https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=6616, 18df577 and f1fb781 for more details.