Skip to content

Double free memory corruption #354

Closed
@Miladbr

Description

@Miladbr

Valgrind output:

$ valgrind convert /home/milad/testing/52 /dev/null
==14011== Memcheck, a memory error detector
==14011== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
==14011== Using Valgrind-3.10.1 and LibVEX; rerun with -h for copyright info
==14011== Command: convert /home/milad/testing/52 /dev/null
==14011== 
==14011== Invalid write of size 1
==14011==    at 0x4F58F81: CopyMagickMemory (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x4F82592: SyncImageProfiles (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x4EB7032: WriteImage (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x4EB7981: WriteImages (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x5315D8A: ConvertImageCommand (in /usr/lib/x86_64-linux-gnu/libMagickWand.so.5.0.0)
==14011==    by 0x537D6CE: MagickCommandGenesis (in /usr/lib/x86_64-linux-gnu/libMagickWand.so.5.0.0)
==14011==    by 0x400886: ??? (in /usr/bin/convert.im6)
==14011==    by 0x5828F44: (below main) (libc-start.c:287)
==14011==  Address 0x8bdf875 is 11 bytes before a block of size 4,185 alloc'd
==14011==    at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==14011==    by 0x4FD27A0: AcquireStringInfo (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x4FD284D: CloneStringInfo (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x4F80F20: SetImageProfile (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x4F811A8: SetImageProfile (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x97BA3FC: ??? (in /usr/lib/x86_64-linux-gnu/ImageMagick-6.7.7/modules-Q16/coders/meta.so)
==14011==    by 0x4EB5B3A: ReadImage (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x4EB6BEA: ReadImages (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x5313F8D: ConvertImageCommand (in /usr/lib/x86_64-linux-gnu/libMagickWand.so.5.0.0)
==14011==    by 0x537D6CE: MagickCommandGenesis (in /usr/lib/x86_64-linux-gnu/libMagickWand.so.5.0.0)
==14011==    by 0x400886: ??? (in /usr/bin/convert.im6)
==14011==    by 0x5828F44: (below main) (libc-start.c:287)
==14011== 
==14011== Invalid write of size 1
==14011==    at 0x4F58F63: CopyMagickMemory (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x4F82592: SyncImageProfiles (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x4EB7032: WriteImage (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x4EB7981: WriteImages (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x5315D8A: ConvertImageCommand (in /usr/lib/x86_64-linux-gnu/libMagickWand.so.5.0.0)
==14011==    by 0x537D6CE: MagickCommandGenesis (in /usr/lib/x86_64-linux-gnu/libMagickWand.so.5.0.0)
==14011==    by 0x400886: ??? (in /usr/bin/convert.im6)
==14011==    by 0x5828F44: (below main) (libc-start.c:287)
==14011==  Address 0x8bdf876 is 10 bytes before a block of size 4,185 alloc'd
==14011==    at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==14011==    by 0x4FD27A0: AcquireStringInfo (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x4FD284D: CloneStringInfo (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x4F80F20: SetImageProfile (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x4F811A8: SetImageProfile (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x97BA3FC: ??? (in /usr/lib/x86_64-linux-gnu/ImageMagick-6.7.7/modules-Q16/coders/meta.so)
==14011==    by 0x4EB5B3A: ReadImage (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x4EB6BEA: ReadImages (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x5313F8D: ConvertImageCommand (in /usr/lib/x86_64-linux-gnu/libMagickWand.so.5.0.0)
==14011==    by 0x537D6CE: MagickCommandGenesis (in /usr/lib/x86_64-linux-gnu/libMagickWand.so.5.0.0)
==14011==    by 0x400886: ??? (in /usr/bin/convert.im6)
==14011==    by 0x5828F44: (below main) (libc-start.c:287)
==14011== 
==14011== Invalid write of size 1
==14011==    at 0x4F58F4B: CopyMagickMemory (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x4F82592: SyncImageProfiles (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x4EB7032: WriteImage (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x4EB7981: WriteImages (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x5315D8A: ConvertImageCommand (in /usr/lib/x86_64-linux-gnu/libMagickWand.so.5.0.0)
==14011==    by 0x537D6CE: MagickCommandGenesis (in /usr/lib/x86_64-linux-gnu/libMagickWand.so.5.0.0)
==14011==    by 0x400886: ??? (in /usr/bin/convert.im6)
==14011==    by 0x5828F44: (below main) (libc-start.c:287)
==14011==  Address 0x8bdf877 is 9 bytes before a block of size 4,185 alloc'd
==14011==    at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==14011==    by 0x4FD27A0: AcquireStringInfo (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x4FD284D: CloneStringInfo (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x4F80F20: SetImageProfile (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x4F811A8: SetImageProfile (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x97BA3FC: ??? (in /usr/lib/x86_64-linux-gnu/ImageMagick-6.7.7/modules-Q16/coders/meta.so)
==14011==    by 0x4EB5B3A: ReadImage (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x4EB6BEA: ReadImages (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x5313F8D: ConvertImageCommand (in /usr/lib/x86_64-linux-gnu/libMagickWand.so.5.0.0)
==14011==    by 0x537D6CE: MagickCommandGenesis (in /usr/lib/x86_64-linux-gnu/libMagickWand.so.5.0.0)
==14011==    by 0x400886: ??? (in /usr/bin/convert.im6)
==14011==    by 0x5828F44: (below main) (libc-start.c:287)
==14011== 
==14011== Invalid write of size 1
==14011==    at 0x4F58F1B: CopyMagickMemory (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x4F82592: SyncImageProfiles (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x4EB7032: WriteImage (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x4EB7981: WriteImages (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x5315D8A: ConvertImageCommand (in /usr/lib/x86_64-linux-gnu/libMagickWand.so.5.0.0)
==14011==    by 0x537D6CE: MagickCommandGenesis (in /usr/lib/x86_64-linux-gnu/libMagickWand.so.5.0.0)
==14011==    by 0x400886: ??? (in /usr/bin/convert.im6)
==14011==    by 0x5828F44: (below main) (libc-start.c:287)
==14011==  Address 0x8bdf878 is 8 bytes before a block of size 4,185 alloc'd
==14011==    at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==14011==    by 0x4FD27A0: AcquireStringInfo (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x4FD284D: CloneStringInfo (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x4F80F20: SetImageProfile (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x4F811A8: SetImageProfile (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x97BA3FC: ??? (in /usr/lib/x86_64-linux-gnu/ImageMagick-6.7.7/modules-Q16/coders/meta.so)
==14011==    by 0x4EB5B3A: ReadImage (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x4EB6BEA: ReadImages (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x5313F8D: ConvertImageCommand (in /usr/lib/x86_64-linux-gnu/libMagickWand.so.5.0.0)
==14011==    by 0x537D6CE: MagickCommandGenesis (in /usr/lib/x86_64-linux-gnu/libMagickWand.so.5.0.0)
==14011==    by 0x400886: ??? (in /usr/bin/convert.im6)
==14011==    by 0x5828F44: (below main) (libc-start.c:287)
==14011== 
==14011== Invalid write of size 1
==14011==    at 0x4F58F81: CopyMagickMemory (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x4F82741: SyncImageProfiles (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x4EB7032: WriteImage (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x4EB7981: WriteImages (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x5315D8A: ConvertImageCommand (in /usr/lib/x86_64-linux-gnu/libMagickWand.so.5.0.0)
==14011==    by 0x537D6CE: MagickCommandGenesis (in /usr/lib/x86_64-linux-gnu/libMagickWand.so.5.0.0)
==14011==    by 0x400886: ??? (in /usr/bin/convert.im6)
==14011==    by 0x5828F44: (below main) (libc-start.c:287)
==14011==  Address 0x8bdf879 is 7 bytes before a block of size 4,185 alloc'd
==14011==    at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==14011==    by 0x4FD27A0: AcquireStringInfo (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x4FD284D: CloneStringInfo (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x4F80F20: SetImageProfile (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x4F811A8: SetImageProfile (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x97BA3FC: ??? (in /usr/lib/x86_64-linux-gnu/ImageMagick-6.7.7/modules-Q16/coders/meta.so)
==14011==    by 0x4EB5B3A: ReadImage (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x4EB6BEA: ReadImages (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x5313F8D: ConvertImageCommand (in /usr/lib/x86_64-linux-gnu/libMagickWand.so.5.0.0)
==14011==    by 0x537D6CE: MagickCommandGenesis (in /usr/lib/x86_64-linux-gnu/libMagickWand.so.5.0.0)
==14011==    by 0x400886: ??? (in /usr/bin/convert.im6)
==14011==    by 0x5828F44: (below main) (libc-start.c:287)
==14011== 
==14011== Invalid write of size 1
==14011==    at 0x4F58F63: CopyMagickMemory (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x4F82741: SyncImageProfiles (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x4EB7032: WriteImage (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x4EB7981: WriteImages (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x5315D8A: ConvertImageCommand (in /usr/lib/x86_64-linux-gnu/libMagickWand.so.5.0.0)
==14011==    by 0x537D6CE: MagickCommandGenesis (in /usr/lib/x86_64-linux-gnu/libMagickWand.so.5.0.0)
==14011==    by 0x400886: ??? (in /usr/bin/convert.im6)
==14011==    by 0x5828F44: (below main) (libc-start.c:287)
==14011==  Address 0x8bdf87a is 6 bytes before a block of size 4,185 alloc'd
==14011==    at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==14011==    by 0x4FD27A0: AcquireStringInfo (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x4FD284D: CloneStringInfo (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x4F80F20: SetImageProfile (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x4F811A8: SetImageProfile (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x97BA3FC: ??? (in /usr/lib/x86_64-linux-gnu/ImageMagick-6.7.7/modules-Q16/coders/meta.so)
==14011==    by 0x4EB5B3A: ReadImage (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x4EB6BEA: ReadImages (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x5313F8D: ConvertImageCommand (in /usr/lib/x86_64-linux-gnu/libMagickWand.so.5.0.0)
==14011==    by 0x537D6CE: MagickCommandGenesis (in /usr/lib/x86_64-linux-gnu/libMagickWand.so.5.0.0)
==14011==    by 0x400886: ??? (in /usr/bin/convert.im6)
==14011==    by 0x5828F44: (below main) (libc-start.c:287)
==14011== 
==14011== Invalid write of size 1
==14011==    at 0x4F58F4B: CopyMagickMemory (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x4F82741: SyncImageProfiles (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x4EB7032: WriteImage (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x4EB7981: WriteImages (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x5315D8A: ConvertImageCommand (in /usr/lib/x86_64-linux-gnu/libMagickWand.so.5.0.0)
==14011==    by 0x537D6CE: MagickCommandGenesis (in /usr/lib/x86_64-linux-gnu/libMagickWand.so.5.0.0)
==14011==    by 0x400886: ??? (in /usr/bin/convert.im6)
==14011==    by 0x5828F44: (below main) (libc-start.c:287)
==14011==  Address 0x8bdf87b is 5 bytes before a block of size 4,185 alloc'd
==14011==    at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==14011==    by 0x4FD27A0: AcquireStringInfo (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x4FD284D: CloneStringInfo (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x4F80F20: SetImageProfile (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x4F811A8: SetImageProfile (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x97BA3FC: ??? (in /usr/lib/x86_64-linux-gnu/ImageMagick-6.7.7/modules-Q16/coders/meta.so)
==14011==    by 0x4EB5B3A: ReadImage (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x4EB6BEA: ReadImages (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x5313F8D: ConvertImageCommand (in /usr/lib/x86_64-linux-gnu/libMagickWand.so.5.0.0)
==14011==    by 0x537D6CE: MagickCommandGenesis (in /usr/lib/x86_64-linux-gnu/libMagickWand.so.5.0.0)
==14011==    by 0x400886: ??? (in /usr/bin/convert.im6)
==14011==    by 0x5828F44: (below main) (libc-start.c:287)
==14011== 
==14011== Invalid write of size 1
==14011==    at 0x4F58F1B: CopyMagickMemory (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x4F82741: SyncImageProfiles (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x4EB7032: WriteImage (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x4EB7981: WriteImages (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x5315D8A: ConvertImageCommand (in /usr/lib/x86_64-linux-gnu/libMagickWand.so.5.0.0)
==14011==    by 0x537D6CE: MagickCommandGenesis (in /usr/lib/x86_64-linux-gnu/libMagickWand.so.5.0.0)
==14011==    by 0x400886: ??? (in /usr/bin/convert.im6)
==14011==    by 0x5828F44: (below main) (libc-start.c:287)
==14011==  Address 0x8bdf87c is 4 bytes before a block of size 4,185 alloc'd
==14011==    at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==14011==    by 0x4FD27A0: AcquireStringInfo (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x4FD284D: CloneStringInfo (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x4F80F20: SetImageProfile (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x4F811A8: SetImageProfile (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x97BA3FC: ??? (in /usr/lib/x86_64-linux-gnu/ImageMagick-6.7.7/modules-Q16/coders/meta.so)
==14011==    by 0x4EB5B3A: ReadImage (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x4EB6BEA: ReadImages (in /usr/lib/x86_64-linux-gnu/libMagickCore.so.5.0.0)
==14011==    by 0x5313F8D: ConvertImageCommand (in /usr/lib/x86_64-linux-gnu/libMagickWand.so.5.0.0)
==14011==    by 0x537D6CE: MagickCommandGenesis (in /usr/lib/x86_64-linux-gnu/libMagickWand.so.5.0.0)
==14011==    by 0x400886: ??? (in /usr/bin/convert.im6)
==14011==    by 0x5828F44: (below main) (libc-start.c:287)
==14011== 
==14011== 
==14011== HEAP SUMMARY:
==14011==     in use at exit: 328 bytes in 9 blocks
==14011==   total heap usage: 1,289 allocs, 1,280 frees, 522,998 bytes allocated
==14011== 
==14011== LEAK SUMMARY:
==14011==    definitely lost: 0 bytes in 0 blocks
==14011==    indirectly lost: 0 bytes in 0 blocks
==14011==      possibly lost: 0 bytes in 0 blocks
==14011==    still reachable: 328 bytes in 9 blocks
==14011==         suppressed: 0 bytes in 0 blocks
==14011== Rerun with --leak-check=full to see details of leaked memory
==14011== 
==14011== For counts of detected and suppressed errors, rerun with: -v
==14011== ERROR SUMMARY: 8 errors from 8 contexts (suppressed: 0 from 0)

Backtrace:

(gdb) bt
#0  0x00007ffff707bc37 in __GI_raise (sig=sig@entry=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:56
#1  0x00007ffff707f028 in __GI_abort () at abort.c:89
#2  0x00007ffff70b82a4 in __libc_message (do_abort=do_abort@entry=1, fmt=fmt@entry=0x7ffff71c66b0 "*** Error in `%s': %s: 0x%s ***\n")
    at ../sysdeps/posix/libc_fatal.c:175
#3  0x00007ffff70c455e in malloc_printerr (ptr=<optimized out>, str=0x7ffff71c2819 "free(): invalid size", action=1) at malloc.c:4996
#4  _int_free (av=<optimized out>, p=<optimized out>, have_lock=0) at malloc.c:3840
#5  0x00007ffff7a5e1af in RelinquishMagickMemory () from /usr/lib/x86_64-linux-gnu/libMagickCore.so.5
#6  0x00007ffff7ad7f5e in DestroyStringInfo () from /usr/lib/x86_64-linux-gnu/libMagickCore.so.5
#7  0x00007ffff7aca9af in DestroySplayTree () from /usr/lib/x86_64-linux-gnu/libMagickCore.so.5
#8  0x00007ffff7a85ac5 in DestroyImageProfiles () from /usr/lib/x86_64-linux-gnu/libMagickCore.so.5
#9  0x00007ffff7a47aa1 in DestroyImage () from /usr/lib/x86_64-linux-gnu/libMagickCore.so.5
#10 0x00007ffff7a561e8 in DestroyImageList () from /usr/lib/x86_64-linux-gnu/libMagickCore.so.5
#11 0x00007ffff7668ddf in ConvertImageCommand () from /usr/lib/x86_64-linux-gnu/libMagickWand.so.5
#12 0x00007ffff76d06cf in MagickCommandGenesis () from /usr/lib/x86_64-linux-gnu/libMagickWand.so.5
#13 0x0000000000400887 in ?? ()
#14 0x00007ffff7066f45 in __libc_start_main (main=0x400840, argc=3, argv=0x7fffffffdd18, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, 
    stack_end=0x7fffffffdd08) at libc-start.c:287
#15 0x00000000004008d6 in ?? ()

PoC:
https://github.com/Miladbr/public-poc/blob/master/imagemagick/52

Metadata

Metadata

Assignees

No one assigned

    Labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions