Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

FPE errors when reading XWD images #1546

Closed
3 tasks done
hongxuchen opened this issue Apr 14, 2019 · 2 comments
Closed
3 tasks done

FPE errors when reading XWD images #1546

hongxuchen opened this issue Apr 14, 2019 · 2 comments
Labels
Milestone

Comments

@hongxuchen
Copy link

Prerequisites

  • I have written a descriptive issue title
  • I have verified that I am using the latest version of ImageMagick
  • I have searched open and closed issues to ensure it has not already been reported

Description

When using identify -verbose $FILE on XWD files, it may emit FPE errors at multiple locations.

Steps to Reproduce

  • run identify -verbose $FILE
  • ASAN messages may be like:

fpe_xwd.c:490_1.xwd

ASAN:DEADLYSIGNAL
=================================================================
==19029==ERROR: AddressSanitizer: FPE on unknown address 0x7f0623a03210 (pc 0x7f0623a03210 bp 0x000000000000 sp 0x7ffc86dbd220 T0)
    #0 0x7f0623a0320f  (/usr/lib/x86_64-linux-gnu/libX11.so.6+0x2720f)
    #1 0x7f0627deb295 in ReadXWDImage coders/xwd.c:490
    #2 0x7f06276d4854 in ReadImage MagickCore/constitute.c:547
    #3 0x7f06276d778b in ReadImages MagickCore/constitute.c:917
    #4 0x7f0626f69817 in IdentifyImageCommand MagickWand/identify.c:321
    #5 0x7f0626ffdde0 in MagickCommandGenesis MagickWand/mogrify.c:184
    #6 0x55c1ef27bf00 in MagickMain utilities/magick.c:149
    #7 0x55c1ef27c186 in main utilities/magick.c:180
    #8 0x7f062675ab96 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21b96)
    #9 0x55c1ef27b979 in _start (/home/hongxu/work/imagemagick/ImageMagick-asan/install/bin/magick+0x1979)

fpe_xwd.c:520_1.xwd

ASAN:DEADLYSIGNAL
=================================================================
==28450==ERROR: AddressSanitizer: FPE on unknown address 0x7f20a562e210 (pc 0x7f20a562e210 bp 0x000000000000 sp 0x7ffd19f36b80 T0)
    #0 0x7f20a562e20f  (/usr/lib/x86_64-linux-gnu/libX11.so.6+0x2720f)
    #1 0x7f20a9a166c9 in ReadXWDImage coders/xwd.c:520
    #2 0x7f20a92ff854 in ReadImage MagickCore/constitute.c:547
    #3 0x7f20a930278b in ReadImages MagickCore/constitute.c:917
    #4 0x7f20a8b94817 in IdentifyImageCommand MagickWand/identify.c:321
    #5 0x7f20a8c28de0 in MagickCommandGenesis MagickWand/mogrify.c:184
    #6 0x55b4ed9adf00 in MagickMain utilities/magick.c:149
    #7 0x55b4ed9ae186 in main utilities/magick.c:180
    #8 0x7f20a8385b96 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21b96)
    #9 0x55b4ed9ad979 in _start (/home/hongxu/work/imagemagick/ImageMagick-asan/install/bin/magick+0x1979)

System Configuration

  • ImageMagick version:7.0.8-41 Q16 x86_64 2019-04-14
  • Environment (Operating system, version and so on): Ubuntu 18.04 LTS, x84_64
  • Additional information: This was firstly detected in GraphicsMagick, but I found this also happens in ImageMagick 6/7.

POCs:
im.zip

urban-warrior pushed a commit to ImageMagick/ImageMagick6 that referenced this issue Apr 14, 2019
@urban-warrior
Copy link
Contributor

Thanks for the problem report. We can reproduce it and will have a patch to fix it in GIT master branch @ https://github.com/ImageMagick/ImageMagick later today. The patch will be available in the beta releases of ImageMagick @ https://www.imagemagick.org/download/beta/ by sometime tomorrow.

@dlemstra dlemstra added the bug label Apr 14, 2019
@dlemstra dlemstra added this to the 7.0.8-41 milestone Apr 14, 2019
@nohmask
Copy link

nohmask commented Apr 24, 2019

This was assigned CVE-2019-11472.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Development

No branches or pull requests

4 participants