New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Division by Zero at MagickCore/layer.c:1616 #1629
Comments
|
Thanks for the problem report. We can reproduce it and will have a patch to fix it in GIT master branch @ https://github.com/ImageMagick/ImageMagick later today. The patch will be available in the beta releases of ImageMagick @ http://www.imagemagick.org/download/beta/ by sometime tomorrow. |
|
This was assigned CVE-2019-13454. |
This update contains a number of security fixes.
2019-07-16 7.0.8-54 Cristy <quetzlzacatenango@image...>
* Release ImageMagick version 7.0.8-54, GIT revision 15916:e868e22:20190716.
2019-07-08 7.0.8-54 Cristy <quetzlzacatenango@image...>
* resolve division by zero (reference
ImageMagick/ImageMagick#1629).
* introducing MagickLevelImageColors() MagickWand method.
* Transient problem with text placement with gravity (reference
ImageMagick/ImageMagick#1633).
* Support TIM2 image format (reference
ImageMagick/ImageMagick#1571).
* For -magnify option, specify an alternative scaling method with -define
magnify:method=method, choose from these methods: eagle2X, eagle3X,
eagle3XB, epb2X, fish2X, hq2X, scale2X (default), scale3X, xbr2X.
2019-07-05 7.0.8-53 Cristy <quetzlzacatenango@image...>
* Release ImageMagick version 7.0.8-53, GIT revision 15828:f5d59c0:20190705.
2019-07-05 7.0.8-53 Cristy <quetzlzacatenango@image...>
* Fix -fx parsing issue (reference
https://imagemagick.org/discourse-server/viewtopic.php?f=3&t=36314).
2019-07-05 7.0.8-52 Cristy <quetzlzacatenango@image...>
* Release ImageMagick version 7.0.8-52, GIT revision 15825:ea47310:20190705.
2019-07-01 7.0.8-52 Cristy <quetzlzacatenango@image...>
* Eliminate buffer overflow in TranslateEvent() (reference
ImageMagick/ImageMagick#1621).
2019-06-30 7.0.8-51 Cristy <quetzlzacatenango@image...>
* Release ImageMagick version 7.0.8-51, GIT revision 15812:51f11c4:20190630.
2019-06-24 7.0.8-51 Cristy <quetzlzacatenango@image...>
* Clone rather than copy X window name/icon.
* Optimize PDF reader.
2019-06-23 7.0.8-50 Cristy <quetzlzacatenango@image...>
* Release ImageMagick version 7.0.8-50, GIT revision 15778:4a60519:20190623
2019-06-14 7.0.8-50 Dirk Lemstra <dirk@lem.....org>
* Added support for reading all images from a HEIC image (reference
ImageMagick/ImageMagick#1391).
* Heap-buffer-overflow in MagickCore/fourier.c (reference
ImageMagick/ImageMagick#1588).
* Fixed a number of issues (reference
https://imagemagick.org/discourse-server/viewforum.php?f=3).
* Fixed a number of issues (reference
https://github.com/ImageMagick/ImageMagick/issues).
graphics/ImageMagick: security fix
Revisions pulled up:
- graphics/ImageMagick/Makefile.common 1.191
- graphics/ImageMagick/distinfo 1.208
---
Module Name: pkgsrc
Committed By: nia
Date: Fri Jul 19 09:12:13 UTC 2019
Modified Files:
pkgsrc/graphics/ImageMagick: Makefile.common distinfo
Log Message:
ImageMagick: Update to 7.0.8-54
This update contains a number of security fixes.
2019-07-16 7.0.8-54 Cristy <quetzlzacatenango@image...>
* Release ImageMagick version 7.0.8-54, GIT revision 15916:e868e22:20190716.
2019-07-08 7.0.8-54 Cristy <quetzlzacatenango@image...>
* resolve division by zero (reference
ImageMagick/ImageMagick#1629).
* introducing MagickLevelImageColors() MagickWand method.
* Transient problem with text placement with gravity (reference
ImageMagick/ImageMagick#1633).
* Support TIM2 image format (reference
ImageMagick/ImageMagick#1571).
* For -magnify option, specify an alternative scaling method with -define
magnify:method=method, choose from these methods: eagle2X, eagle3X,
eagle3XB, epb2X, fish2X, hq2X, scale2X (default), scale3X, xbr2X.
2019-07-05 7.0.8-53 Cristy <quetzlzacatenango@image...>
* Release ImageMagick version 7.0.8-53, GIT revision 15828:f5d59c0:20190705.
2019-07-05 7.0.8-53 Cristy <quetzlzacatenango@image...>
* Fix -fx parsing issue (reference
https://imagemagick.org/discourse-server/viewtopic.php?f=3&t=36314).
2019-07-05 7.0.8-52 Cristy <quetzlzacatenango@image...>
* Release ImageMagick version 7.0.8-52, GIT revision 15825:ea47310:20190705.
2019-07-01 7.0.8-52 Cristy <quetzlzacatenango@image...>
* Eliminate buffer overflow in TranslateEvent() (reference
ImageMagick/ImageMagick#1621).
2019-06-30 7.0.8-51 Cristy <quetzlzacatenango@image...>
* Release ImageMagick version 7.0.8-51, GIT revision 15812:51f11c4:20190630.
2019-06-24 7.0.8-51 Cristy <quetzlzacatenango@image...>
* Clone rather than copy X window name/icon.
* Optimize PDF reader.
2019-06-23 7.0.8-50 Cristy <quetzlzacatenango@image...>
* Release ImageMagick version 7.0.8-50, GIT revision 15778:4a60519:20190623
2019-06-14 7.0.8-50 Dirk Lemstra <dirk@lem.....org>
* Added support for reading all images from a HEIC image (reference
ImageMagick/ImageMagick#1391).
* Heap-buffer-overflow in MagickCore/fourier.c (reference
ImageMagick/ImageMagick#1588).
* Fixed a number of issues (reference
https://imagemagick.org/discourse-server/viewforum.php?f=3).
* Fixed a number of issues (reference
https://github.com/ImageMagick/ImageMagick/issues).
hello, nohmask. I have requested two CVE IDs about the ImageMagick vulnerabilities(#1552 and ImageMagick/ImageMagick6#43) on https://cveform.mitre.org/. But I don't receive any reply yet. Do you know what happen? Thanks |
I’m sorry I don’t know. |
graphics/ImageMagick: security fix
Revisions pulled up:
- graphics/ImageMagick/Makefile.common 1.191
- graphics/ImageMagick/distinfo 1.208
---
Module Name: pkgsrc
Committed By: nia
Date: Fri Jul 19 09:12:13 UTC 2019
Modified Files:
pkgsrc/graphics/ImageMagick: Makefile.common distinfo
Log Message:
ImageMagick: Update to 7.0.8-54
This update contains a number of security fixes.
2019-07-16 7.0.8-54 Cristy <quetzlzacatenango@image...>
* Release ImageMagick version 7.0.8-54, GIT revision 15916:e868e22:20190716.
2019-07-08 7.0.8-54 Cristy <quetzlzacatenango@image...>
* resolve division by zero (reference
ImageMagick/ImageMagick#1629).
* introducing MagickLevelImageColors() MagickWand method.
* Transient problem with text placement with gravity (reference
ImageMagick/ImageMagick#1633).
* Support TIM2 image format (reference
ImageMagick/ImageMagick#1571).
* For -magnify option, specify an alternative scaling method with -define
magnify:method=method, choose from these methods: eagle2X, eagle3X,
eagle3XB, epb2X, fish2X, hq2X, scale2X (default), scale3X, xbr2X.
2019-07-05 7.0.8-53 Cristy <quetzlzacatenango@image...>
* Release ImageMagick version 7.0.8-53, GIT revision 15828:f5d59c0:20190705.
2019-07-05 7.0.8-53 Cristy <quetzlzacatenango@image...>
* Fix -fx parsing issue (reference
https://imagemagick.org/discourse-server/viewtopic.php?f=3&t=36314).
2019-07-05 7.0.8-52 Cristy <quetzlzacatenango@image...>
* Release ImageMagick version 7.0.8-52, GIT revision 15825:ea47310:20190705.
2019-07-01 7.0.8-52 Cristy <quetzlzacatenango@image...>
* Eliminate buffer overflow in TranslateEvent() (reference
ImageMagick/ImageMagick#1621).
2019-06-30 7.0.8-51 Cristy <quetzlzacatenango@image...>
* Release ImageMagick version 7.0.8-51, GIT revision 15812:51f11c4:20190630.
2019-06-24 7.0.8-51 Cristy <quetzlzacatenango@image...>
* Clone rather than copy X window name/icon.
* Optimize PDF reader.
2019-06-23 7.0.8-50 Cristy <quetzlzacatenango@image...>
* Release ImageMagick version 7.0.8-50, GIT revision 15778:4a60519:20190623
2019-06-14 7.0.8-50 Dirk Lemstra <dirk@lem.....org>
* Added support for reading all images from a HEIC image (reference
ImageMagick/ImageMagick#1391).
* Heap-buffer-overflow in MagickCore/fourier.c (reference
ImageMagick/ImageMagick#1588).
* Fixed a number of issues (reference
https://imagemagick.org/discourse-server/viewforum.php?f=3).
* Fixed a number of issues (reference
https://github.com/ImageMagick/ImageMagick/issues).
graphics/ImageMagick: security fix
Revisions pulled up:
- graphics/ImageMagick/Makefile.common 1.191
- graphics/ImageMagick/distinfo 1.208
---
Module Name: pkgsrc
Committed By: nia
Date: Fri Jul 19 09:12:13 UTC 2019
Modified Files:
pkgsrc/graphics/ImageMagick: Makefile.common distinfo
Log Message:
ImageMagick: Update to 7.0.8-54
This update contains a number of security fixes.
2019-07-16 7.0.8-54 Cristy <quetzlzacatenango@image...>
* Release ImageMagick version 7.0.8-54, GIT revision 15916:e868e22:20190716.
2019-07-08 7.0.8-54 Cristy <quetzlzacatenango@image...>
* resolve division by zero (reference
ImageMagick/ImageMagick#1629).
* introducing MagickLevelImageColors() MagickWand method.
* Transient problem with text placement with gravity (reference
ImageMagick/ImageMagick#1633).
* Support TIM2 image format (reference
ImageMagick/ImageMagick#1571).
* For -magnify option, specify an alternative scaling method with -define
magnify:method=method, choose from these methods: eagle2X, eagle3X,
eagle3XB, epb2X, fish2X, hq2X, scale2X (default), scale3X, xbr2X.
2019-07-05 7.0.8-53 Cristy <quetzlzacatenango@image...>
* Release ImageMagick version 7.0.8-53, GIT revision 15828:f5d59c0:20190705.
2019-07-05 7.0.8-53 Cristy <quetzlzacatenango@image...>
* Fix -fx parsing issue (reference
https://imagemagick.org/discourse-server/viewtopic.php?f=3&t=36314).
2019-07-05 7.0.8-52 Cristy <quetzlzacatenango@image...>
* Release ImageMagick version 7.0.8-52, GIT revision 15825:ea47310:20190705.
2019-07-01 7.0.8-52 Cristy <quetzlzacatenango@image...>
* Eliminate buffer overflow in TranslateEvent() (reference
ImageMagick/ImageMagick#1621).
2019-06-30 7.0.8-51 Cristy <quetzlzacatenango@image...>
* Release ImageMagick version 7.0.8-51, GIT revision 15812:51f11c4:20190630.
2019-06-24 7.0.8-51 Cristy <quetzlzacatenango@image...>
* Clone rather than copy X window name/icon.
* Optimize PDF reader.
2019-06-23 7.0.8-50 Cristy <quetzlzacatenango@image...>
* Release ImageMagick version 7.0.8-50, GIT revision 15778:4a60519:20190623
2019-06-14 7.0.8-50 Dirk Lemstra <dirk@lem.....org>
* Added support for reading all images from a HEIC image (reference
ImageMagick/ImageMagick#1391).
* Heap-buffer-overflow in MagickCore/fourier.c (reference
ImageMagick/ImageMagick#1588).
* Fixed a number of issues (reference
https://imagemagick.org/discourse-server/viewforum.php?f=3).
* Fixed a number of issues (reference
https://github.com/ImageMagick/ImageMagick/issues).
graphics/ImageMagick: security fix
Revisions pulled up:
- graphics/ImageMagick/Makefile.common 1.191
- graphics/ImageMagick/distinfo 1.208
---
Module Name: pkgsrc
Committed By: nia
Date: Fri Jul 19 09:12:13 UTC 2019
Modified Files:
pkgsrc/graphics/ImageMagick: Makefile.common distinfo
Log Message:
ImageMagick: Update to 7.0.8-54
This update contains a number of security fixes.
2019-07-16 7.0.8-54 Cristy <quetzlzacatenango@image...>
* Release ImageMagick version 7.0.8-54, GIT revision 15916:e868e22:20190716.
2019-07-08 7.0.8-54 Cristy <quetzlzacatenango@image...>
* resolve division by zero (reference
ImageMagick/ImageMagick#1629).
* introducing MagickLevelImageColors() MagickWand method.
* Transient problem with text placement with gravity (reference
ImageMagick/ImageMagick#1633).
* Support TIM2 image format (reference
ImageMagick/ImageMagick#1571).
* For -magnify option, specify an alternative scaling method with -define
magnify:method=method, choose from these methods: eagle2X, eagle3X,
eagle3XB, epb2X, fish2X, hq2X, scale2X (default), scale3X, xbr2X.
2019-07-05 7.0.8-53 Cristy <quetzlzacatenango@image...>
* Release ImageMagick version 7.0.8-53, GIT revision 15828:f5d59c0:20190705.
2019-07-05 7.0.8-53 Cristy <quetzlzacatenango@image...>
* Fix -fx parsing issue (reference
https://imagemagick.org/discourse-server/viewtopic.php?f=3&t=36314).
2019-07-05 7.0.8-52 Cristy <quetzlzacatenango@image...>
* Release ImageMagick version 7.0.8-52, GIT revision 15825:ea47310:20190705.
2019-07-01 7.0.8-52 Cristy <quetzlzacatenango@image...>
* Eliminate buffer overflow in TranslateEvent() (reference
ImageMagick/ImageMagick#1621).
2019-06-30 7.0.8-51 Cristy <quetzlzacatenango@image...>
* Release ImageMagick version 7.0.8-51, GIT revision 15812:51f11c4:20190630.
2019-06-24 7.0.8-51 Cristy <quetzlzacatenango@image...>
* Clone rather than copy X window name/icon.
* Optimize PDF reader.
2019-06-23 7.0.8-50 Cristy <quetzlzacatenango@image...>
* Release ImageMagick version 7.0.8-50, GIT revision 15778:4a60519:20190623
2019-06-14 7.0.8-50 Dirk Lemstra <dirk@lem.....org>
* Added support for reading all images from a HEIC image (reference
ImageMagick/ImageMagick#1391).
* Heap-buffer-overflow in MagickCore/fourier.c (reference
ImageMagick/ImageMagick#1588).
* Fixed a number of issues (reference
https://imagemagick.org/discourse-server/viewforum.php?f=3).
* Fixed a number of issues (reference
https://github.com/ImageMagick/ImageMagick/issues).
graphics/ImageMagick: security fix
Revisions pulled up:
- graphics/ImageMagick/Makefile.common 1.191
- graphics/ImageMagick/distinfo 1.208
---
Module Name: pkgsrc
Committed By: nia
Date: Fri Jul 19 09:12:13 UTC 2019
Modified Files:
pkgsrc/graphics/ImageMagick: Makefile.common distinfo
Log Message:
ImageMagick: Update to 7.0.8-54
This update contains a number of security fixes.
2019-07-16 7.0.8-54 Cristy <quetzlzacatenango@image...>
* Release ImageMagick version 7.0.8-54, GIT revision 15916:e868e22:20190716.
2019-07-08 7.0.8-54 Cristy <quetzlzacatenango@image...>
* resolve division by zero (reference
ImageMagick/ImageMagick#1629).
* introducing MagickLevelImageColors() MagickWand method.
* Transient problem with text placement with gravity (reference
ImageMagick/ImageMagick#1633).
* Support TIM2 image format (reference
ImageMagick/ImageMagick#1571).
* For -magnify option, specify an alternative scaling method with -define
magnify:method=method, choose from these methods: eagle2X, eagle3X,
eagle3XB, epb2X, fish2X, hq2X, scale2X (default), scale3X, xbr2X.
2019-07-05 7.0.8-53 Cristy <quetzlzacatenango@image...>
* Release ImageMagick version 7.0.8-53, GIT revision 15828:f5d59c0:20190705.
2019-07-05 7.0.8-53 Cristy <quetzlzacatenango@image...>
* Fix -fx parsing issue (reference
https://imagemagick.org/discourse-server/viewtopic.php?f=3&t=36314).
2019-07-05 7.0.8-52 Cristy <quetzlzacatenango@image...>
* Release ImageMagick version 7.0.8-52, GIT revision 15825:ea47310:20190705.
2019-07-01 7.0.8-52 Cristy <quetzlzacatenango@image...>
* Eliminate buffer overflow in TranslateEvent() (reference
ImageMagick/ImageMagick#1621).
2019-06-30 7.0.8-51 Cristy <quetzlzacatenango@image...>
* Release ImageMagick version 7.0.8-51, GIT revision 15812:51f11c4:20190630.
2019-06-24 7.0.8-51 Cristy <quetzlzacatenango@image...>
* Clone rather than copy X window name/icon.
* Optimize PDF reader.
2019-06-23 7.0.8-50 Cristy <quetzlzacatenango@image...>
* Release ImageMagick version 7.0.8-50, GIT revision 15778:4a60519:20190623
2019-06-14 7.0.8-50 Dirk Lemstra <dirk@lem.....org>
* Added support for reading all images from a HEIC image (reference
ImageMagick/ImageMagick#1391).
* Heap-buffer-overflow in MagickCore/fourier.c (reference
ImageMagick/ImageMagick#1588).
* Fixed a number of issues (reference
https://imagemagick.org/discourse-server/viewforum.php?f=3).
* Fixed a number of issues (reference
https://github.com/ImageMagick/ImageMagick/issues).
Prerequisites
Description
There's a division by zero at MagickCore/layer.c:1616:30
Steps to Reproduce
run following cmd:
magick "-seed" "0" "-delay" "34<" "(" "magick:rose" "+repage" ")" "(" "magick:rose" "+repage" ")" "-encoding" "Symbol" "-layers" "remove-dups" "-quiet" "tmp"This is triggered at
time = curr->delay*1000/curr->ticks_per_second;due to curr->ticks_per_second.Here's USAN log.
System Configuration
ImageMagick version:
Version: ImageMagick 7.0.8-54 Q16 x86_64 2019-07-07 https://imagemagick.org
Environment (Operating system, version and so on):
Description: Ubuntu 18.04.1 LTS
Release: 18.04
Codename: bionic
Additional information:
CC=clang-7 CXX=clang++-7 CFLAGS="-fsanitize=address,undefined -g" CXXFLAGS="-fsanitize=address,undefined -g" ./configure --disable-openmp --without-png
The text was updated successfully, but these errors were encountered: