Description
Prerequisites
- [Y] I have written a descriptive issue title
- [Y] I have verified that I am using the latest version of ImageMagick
- [Y] I have searched open and closed issues to ensure it has not already been reported
Description
There is a memory leak vulnerability in function SVGKeyValuePairs of coders/svg.c.
Steps to Reproduce
poc
magick convert $poc /dev/null
=================================================================
==8783==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 144 byte(s) in 1 object(s) allocated from:
#0 0x7f1f6d7c1961 in realloc (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x98961)
#1 0x441b30 in ResizeMagickMemory MagickCore/memory.c:1302
#2 0x441bb4 in ResizeQuantumMemory MagickCore/memory.c:1366
#3 0x6d3c1c in SVGKeyValuePairs coders/svg.c:752
#4 0x6df888 in SVGEndElement coders/svg.c:2811
#5 0x7f1f6a0ae91c (/usr/lib/x86_64-linux-gnu/libxml2.so.2+0x4c91c)
Direct leak of 80 byte(s) in 1 object(s) allocated from:
#0 0x7f1f6d7c1602 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x98602)
#1 0x440828 in AcquireMagickMemory MagickCore/memory.c:478
#2 0x44087c in AcquireQuantumMemory MagickCore/memory.c:551
#3 0x6d3b13 in SVGKeyValuePairs coders/svg.c:733
#4 0x6df888 in SVGEndElement coders/svg.c:2811
#5 0x7f1f6a0ae91c (/usr/lib/x86_64-linux-gnu/libxml2.so.2+0x4c91c)
Indirect leak of 71185 byte(s) in 17 object(s) allocated from:
#0 0x7f1f6d7c1602 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x98602)
#1 0x440828 in AcquireMagickMemory MagickCore/memory.c:478
#2 0x44087c in AcquireQuantumMemory MagickCore/memory.c:551
#3 0x4c22c5 in AcquireString MagickCore/string.c:142
#4 0x6d3cad in SVGKeyValuePairs coders/svg.c:760
#5 0x6df888 in SVGEndElement coders/svg.c:2811
#6 0x7f1f6a0ae91c (/usr/lib/x86_64-linux-gnu/libxml2.so.2+0x4c91c)
Indirect leak of 8194 byte(s) in 2 object(s) allocated from:
#0 0x7f1f6d7c1602 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x98602)
#1 0x440828 in AcquireMagickMemory MagickCore/memory.c:478
#2 0x44087c in AcquireQuantumMemory MagickCore/memory.c:551
#3 0x4c22c5 in AcquireString MagickCore/string.c:142
#4 0x6d3dd3 in SVGKeyValuePairs coders/svg.c:766
#5 0x6df888 in SVGEndElement coders/svg.c:2811
#6 0x7f1f6a0ae91c (/usr/lib/x86_64-linux-gnu/libxml2.so.2+0x4c91c)
SUMMARY: AddressSanitizer: 79603 byte(s) leaked in 21 allocation(s).
System Configuration
- ImageMagick version:
Version: ImageMagick 7.0.8-36 Q16 x86_64 2019-03-28 https://imagemagick.org
Copyright: ? 1999-2019 ImageMagick Studio LLC
License: https://imagemagick.org/script/license.php
Features: Cipher DPC HDRI OpenMP
Delegates (built-in): bzlib djvu fftw fontconfig freetype jbig jng jpeg lcms lqr lzma openexr pangocairo png tiff wmf x xml zlib - Environment (Operating system, version and so on):
Distributor ID: Ubuntu
Description: Ubuntu 16.04.2 LTS
Release: 16.04
Codename: xenial - Additional information: