You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
and run this cmd: magick -seed 0 "(" magick:logo -region 306%-74-69 -lat 886 ")" "(" magick:netscape -level 64 ")" "(" magick:granite -opaque rgb"("12,57,57")" -modulate 94,59,3 -frame 4%-82+23 ")" -comment "B>%C%o" -style Any -layers compare-any tmp
Here's ASAN result.
==5479==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x626000008900 at pc 0x7f9c528f0e7d bp 0x7ffd8cc41710 sp 0x7ffd8cc41708
READ of size 4 at 0x626000008900 thread T0
#0 0x7f9c528f0e7c in CompositeImage MagickCore/composite.c:666:45
#1 0x7f9c52b23aa0 in CompareImagesLayers MagickCore/layer.c:792:10
#2 0x7f9c522d035c in CLIListOperatorImages MagickWand/operation.c:4199:26
#3 0x7f9c522d934e in CLIOption MagickWand/operation.c:5276:14
#4 0x7f9c5211aa99 in ProcessCommandOptions MagickWand/magick-cli.c:477:7
#5 0x7f9c5211bd0a in MagickImageCommand MagickWand/magick-cli.c:796:5
#6 0x7f9c52165ba1 in MagickCommandGenesis MagickWand/mogrify.c:185:14
#7 0x526f95 in MagickMain utilities/magick.c:149:10
#8 0x5268e1 in main utilities/magick.c:180:10
#9 0x7f9c4cbdcb96 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21b96)
#10 0x41b069 in _start (install/bin/magick+0x41b069)
0x626000008900 is located 0 bytes to the right of 10240-byte region [0x626000006100,0x626000008900)
allocated by thread T0 here:
#0 0x4e6200 in __interceptor_posix_memalign (install/bin/magick+0x4e6200)
#1 0x7f9c52b54f66 in AcquireAlignedMemory MagickCore/memory.c:265:7
#2 0x7f9c528abd5c in AcquireCacheNexusPixels MagickCore/cache.c:4968:37
#3 0x7f9c528991c4 in SetPixelCacheNexusPixels MagickCore/cache.c:5076:12
#4 0x7f9c52890b05 in GetVirtualPixelCacheNexus MagickCore/cache.c:2751:10
#5 0x7f9c528aef36 in GetCacheViewVirtualPixels MagickCore/cache-view.c:664:10
#6 0x7f9c528f0bae in CompositeImage MagickCore/composite.c:637:11
#7 0x7f9c52b23aa0 in CompareImagesLayers MagickCore/layer.c:792:10
#8 0x7f9c522d035c in CLIListOperatorImages MagickWand/operation.c:4199:26
#9 0x7f9c522d934e in CLIOption MagickWand/operation.c:5276:14
#10 0x7f9c5211aa99 in ProcessCommandOptions MagickWand/magick-cli.c:477:7
#11 0x7f9c5211bd0a in MagickImageCommand MagickWand/magick-cli.c:796:5
#12 0x7f9c52165ba1 in MagickCommandGenesis MagickWand/mogrify.c:185:14
#13 0x526f95 in MagickMain utilities/magick.c:149:10
#14 0x5268e1 in main utilities/magick.c:180:10
#15 0x7f9c4cbdcb96 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21b96)
SUMMARY: AddressSanitizer: heap-buffer-overflow MagickCore/composite.c:666:45 in CompositeImage
Prerequisites
Description
There's a heap-buffer-overflow in MagickCore/composite.c:666:45 in CompositeImage.
I compiled ImageMagick with --disable-openmp option.
Steps to Reproduce
run_cmd:
magick -seed 0 -sampling-factor 3.307x3.198 "(" magick:granite +repage ")" "(" magick:rose +repage ")" "(" magick:rose +repage ")" -encoding AdobeStandard -extract 285x52^-70-70 -region 75x310-64-51 -evaluate-sequence Min -layers compare-overlay tmp
and run this cmd:
magick -seed 0 "(" magick:logo -region 306%-74-69 -lat 886 ")" "(" magick:netscape -level 64 ")" "(" magick:granite -opaque rgb"("12,57,57")" -modulate 94,59,3 -frame 4%-82+23 ")" -comment "B>%C%o" -style Any -layers compare-any tmp
Here's ASAN result.
System Configuration
ImageMagick version:
Version: ImageMagick 7.0.8-50 Q16 x86_64 2019-06-18 https://imagemagick.org
Environment (Operating system, version and so on):
Description: Ubuntu 18.04.1 LTS
Release: 18.04
Codename: bionic
Additional information:
CC=clang-7 CXX=clang++-7 ./configure --disable-openmp
The text was updated successfully, but these errors were encountered: