Skip to content

heap-buffer-overflow at MagickCore/threshold.c:323:33 in AdaptiveThresholdImage #1608

Closed
@SuhwanSong

Description

@SuhwanSong

Prerequisites

  • I have written a descriptive issue title
  • I have verified that I am using the latest version of ImageMagick
  • I have searched open and closed issues to ensure it has not already been reported

Description

There's a heap-buffer-overflow at MagickCore/threshold.c:323:33 in AdaptiveThresholdImage

Steps to Reproduce

run_cmd:
magick -seed 0 "(" magick:logo +repage ")" "(" magick:wizard -lat 0x564-42% ")" -quiet tmp

Here's ASAN log.

==10393==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x7f8ba61737f0 at pc 0x7f8bb5c0f9fa bp 0x7ffc04d5fad0 sp 0x7ffc04d5fac8
READ of size 4 at 0x7f8ba61737f0 thread T0
    #0 0x7f8bb5c0f9f9 in AdaptiveThresholdImage MagickCore/threshold.c:323:33
    #1 0x7f8bb51c1cb6 in CLISimpleOperatorImage MagickWand/operation.c:2571:21
    #2 0x7f8bb51b6c78 in CLISimpleOperatorImages MagickWand/operation.c:3685:12
    #3 0x7f8bb51dc315 in CLIOption MagickWand/operation.c:5273:16
    #4 0x7f8bb501da99 in ProcessCommandOptions MagickWand/magick-cli.c:477:7
    #5 0x7f8bb501ed0a in MagickImageCommand MagickWand/magick-cli.c:796:5
    #6 0x7f8bb5068ba1 in MagickCommandGenesis MagickWand/mogrify.c:185:14
    #7 0x526f95 in MagickMain utilities/magick.c:149:10
    #8 0x5268e1 in main utilities/magick.c:180:10
    #9 0x7f8bafadfb96 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21b96)
    #10 0x41b069 in _start (install/bin/magick+0x41b069)

0x7f8ba61737f0 is located 16 bytes to the left of 4331520-byte region [0x7f8ba6173800,0x7f8ba6595000)
allocated by thread T0 here:
    #0 0x4e6200 in __interceptor_posix_memalign (install/bin/magick+0x4e6200)
    #1 0x7f8bb5a57ed6 in AcquireAlignedMemory MagickCore/memory.c:265:7
    #2 0x7f8bb57aeccc in AcquireCacheNexusPixels MagickCore/cache.c:4968:37
    #3 0x7f8bb579c13b in SetPixelCacheNexusPixels MagickCore/cache.c:5070:12
    #4 0x7f8bb5793b05 in GetVirtualPixelCacheNexus MagickCore/cache.c:2751:10
    #5 0x7f8bb57b1ea6 in GetCacheViewVirtualPixels MagickCore/cache-view.c:664:10
    #6 0x7f8bb5c0ef20 in AdaptiveThresholdImage MagickCore/threshold.c:257:7
    #7 0x7f8bb51c1cb6 in CLISimpleOperatorImage MagickWand/operation.c:2571:21
    #8 0x7f8bb51b6c78 in CLISimpleOperatorImages MagickWand/operation.c:3685:12
    #9 0x7f8bb51dc315 in CLIOption MagickWand/operation.c:5273:16
    #10 0x7f8bb501da99 in ProcessCommandOptions MagickWand/magick-cli.c:477:7
    #11 0x7f8bb501ed0a in MagickImageCommand MagickWand/magick-cli.c:796:5
    #12 0x7f8bb5068ba1 in MagickCommandGenesis MagickWand/mogrify.c:185:14
    #13 0x526f95 in MagickMain utilities/magick.c:149:10
    #14 0x5268e1 in main utilities/magick.c:180:10
    #15 0x7f8bafadfb96 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21b96)

SUMMARY: AddressSanitizer: heap-buffer-overflow MagickCore/threshold.c:323:33 in AdaptiveThresholdImage

System Configuration

  • ImageMagick version:
    Version: ImageMagick 7.0.8-50 Q16 x86_64 2019-06-21 https://imagemagick.org

  • Environment (Operating system, version and so on):
    Description: Ubuntu 18.04.1 LTS
    Release: 18.04
    Codename: bionic

  • Additional information:
    CC=clang-7 CXX=clang++-7 ./configure --disable-openmp

Metadata

Metadata

Assignees

No one assigned

    Labels

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions