Closed
Description
Prerequisites
- I have written a descriptive issue title
- I have verified that I am using the latest version of ImageMagick
- I have searched open and closed issues to ensure it has not already been reported
Description
There is a heap buffer overflow vulnerability in MagickCore/statistic.c:654:41 in .omp_outlined.debug_.10
Steps to Reproduce
run cmd:
magick "-black-point-compensation" "-interlace" "none" "(" "magick:rose" "-density" "302x531" ")" "(" "magick:granite" "+repage" ")" "-antialias" "-evaluate-sequence" "Log" ""
This is about heap-buffer-overflow log using ASAN.
==27479==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x629000018800 at pc 0x0000006205ab bp 0x7ffd7a503310 sp 0x7ffd7a503308
WRITE of size 8 at 0x629000018800 thread T0
#0 0x6205aa in .omp_outlined._debug__.10 MagickCore/statistic.c:654:41
#1 0x621c5e in .omp_outlined..11 MagickCore/statistic.c:618:7
#2 0x7f79836bd452 in __kmp_invoke_microtask (/usr/lib/x86_64-linux-gnu/libomp.so.5+0x7c452)
#3 0x7f79836771b6 (/usr/lib/x86_64-linux-gnu/libomp.so.5+0x361b6)
#4 0x7f79836782b5 in __kmp_fork_call (/usr/lib/x86_64-linux-gnu/libomp.so.5+0x372b5)
#5 0x7f798366b7be in __kmpc_fork_call (/usr/lib/x86_64-linux-gnu/libomp.so.5+0x2a7be)
#6 0x61c9ca in EvaluateImages MagickCore/statistic.c:615:15
#7 0x13fcdb9 in CLIListOperatorImages MagickWand/operation.c:4081:22
#8 0x1406ec5 in CLIOption MagickWand/operation.c:5276:14
#9 0x128a9db in ProcessCommandOptions MagickWand/magick-cli.c:477:7
#10 0x128bcf2 in MagickImageCommand MagickWand/magick-cli.c:796:5
#11 0x128e457 in MagickCommandGenesis MagickWand/mogrify.c:185:14
#12 0x531745 in MagickMain utilities/magick.c:149:10
#13 0x531091 in main utilities/magick.c:180:10
#14 0x7f7983059b96 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21b96)
#15 0x425819 in _start (install/bin/magick+0x425819)
0x629000018800 is located 0 bytes to the right of 17920-byte region [0x629000014200,0x629000018800)
allocated by thread T0 here:
#0 0x4efb47 in __interceptor_malloc (install/bin/magick+0x4efb47)
#1 0x5824e7 in AcquireMagickMemory MagickCore/memory.c:478:10
#2 0x58254f in AcquireQuantumMemory MagickCore/memory.c:551:10
#3 0x61cfee in AcquirePixelThreadSet MagickCore/statistic.c:175:33
#4 0x61ba43 in EvaluateImages MagickCore/statistic.c:493:19
#5 0x13fcdb9 in CLIListOperatorImages MagickWand/operation.c:4081:22
#6 0x1406ec5 in CLIOption MagickWand/operation.c:5276:14
#7 0x128a9db in ProcessCommandOptions MagickWand/magick-cli.c:477:7
#8 0x128bcf2 in MagickImageCommand MagickWand/magick-cli.c:796:5
#9 0x128e457 in MagickCommandGenesis MagickWand/mogrify.c:185:14
#10 0x531745 in MagickMain utilities/magick.c:149:10
#11 0x531091 in main utilities/magick.c:180:10
#12 0x7f7983059b96 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21b96)
SUMMARY: AddressSanitizer: heap-buffer-overflow MagickCore/statistic.c:654:41 in .omp_outlined._debug__.10
System Configuration
-
ImageMagick version:
Version: ImageMagick 7.0.8-50 Q16 x86_64 2019-06-10 -
Environment (Operating system, version and so on):
Description: Ubuntu 18.04.1 LTS
Release: 18.04
Codename: bionic -
Additional information: CC=clang-7 CXX=clang++-7