Skip to content

memory leak in ReadEXRImage #441

Closed
Closed
@bestshow

Description

@bestshow

on ImageMagick 7.0.5-5

The ReadEXRImage function in exr.c:189 allows attackers to cause a denial of service (memory leak) via a crafted file.

#identify $FILE
=================================================================

Direct leak of 13488 byte(s) in 1 object(s) allocated from:
    #0 0x7f2bb3740b58 in __interceptor_malloc ../../../../libsanitizer/asan/asan_malloc_linux.cc:62
    #1 0x43ecdb in AcquireMagickMemory MagickCore/memory.c:463
    #2 0x41428a in AcquireImage MagickCore/image.c:169
    #3 0x6fac15 in ReadEXRImage coders/exr.c:189
    #4 0x7f27a7 in ReadImage MagickCore/constitute.c:497
    #5 0x9e41a7 in ReadStream MagickCore/stream.c:1045
    #6 0x7f1855 in PingImage MagickCore/constitute.c:226
    #7 0x7f1e08 in PingImages MagickCore/constitute.c:327
    #8 0xbb97b4 in IdentifyImageCommand MagickWand/identify.c:319
    #9 0xc10308 in MagickCommandGenesis MagickWand/mogrify.c:183
    #10 0x40f839 in MagickMain utilities/magick.c:149
    #11 0x40fa06 in main utilities/magick.c:180
    #12 0x7f2baea4fb34 in __libc_start_main (/lib64/libc.so.6+0x21b34)

Indirect leak of 13024 byte(s) in 1 object(s) allocated from:
    #0 0x7f2bb3740b58 in __interceptor_malloc ../../../../libsanitizer/asan/asan_malloc_linux.cc:62
    #1 0x43ecdb in AcquireMagickMemory MagickCore/memory.c:463
    #2 0x416459 in AcquireImageInfo MagickCore/image.c:347
    #3 0x4193aa in CloneImageInfo MagickCore/image.c:952
    #4 0x425570 in SyncImageSettings MagickCore/image.c:4051
    #5 0x416002 in AcquireImage MagickCore/image.c:290
    #6 0x6fac15 in ReadEXRImage coders/exr.c:189
    #7 0x7f27a7 in ReadImage MagickCore/constitute.c:497
    #8 0x9e41a7 in ReadStream MagickCore/stream.c:1045
    #9 0x7f1855 in PingImage MagickCore/constitute.c:226
    #10 0x7f1e08 in PingImages MagickCore/constitute.c:327
    #11 0xbb97b4 in IdentifyImageCommand MagickWand/identify.c:319
    #12 0xc10308 in MagickCommandGenesis MagickWand/mogrify.c:183
    #13 0x40f839 in MagickMain utilities/magick.c:149
    #14 0x40fa06 in main utilities/magick.c:180
    #15 0x7f2baea4fb34 in __libc_start_main (/lib64/libc.so.6+0x21b34)

Indirect leak of 9096 byte(s) in 1 object(s) allocated from:
    #0 0x7f2bb3740b58 in __interceptor_malloc ../../../../libsanitizer/asan/asan_malloc_linux.cc:62
    #1 0x43ecdb in AcquireMagickMemory MagickCore/memory.c:463
    #2 0x43ed2f in AcquireQuantumMemory MagickCore/memory.c:536
    #3 0x79a80c in AcquirePixelCache MagickCore/cache.c:195
    #4 0x4149a1 in AcquireImage MagickCore/image.c:206
    #5 0x6fac15 in ReadEXRImage coders/exr.c:189
    #6 0x7f27a7 in ReadImage MagickCore/constitute.c:497
    #7 0x9e41a7 in ReadStream MagickCore/stream.c:1045
    #8 0x7f1855 in PingImage MagickCore/constitute.c:226
    #9 0x7f1e08 in PingImages MagickCore/constitute.c:327
    #10 0xbb97b4 in IdentifyImageCommand MagickWand/identify.c:319
    #11 0xc10308 in MagickCommandGenesis MagickWand/mogrify.c:183
    #12 0x40f839 in MagickMain utilities/magick.c:149
    #13 0x40fa06 in main utilities/magick.c:180
    #14 0x7f2baea4fb34 in __libc_start_main (/lib64/libc.so.6+0x21b34)

Indirect leak of 9096 byte(s) in 1 object(s) allocated from:
    #0 0x7f2bb3740b58 in __interceptor_malloc ../../../../libsanitizer/asan/asan_malloc_linux.cc:62
    #1 0x43ecdb in AcquireMagickMemory MagickCore/memory.c:463
    #2 0x43ed2f in AcquireQuantumMemory MagickCore/memory.c:536
    #3 0x79a80c in AcquirePixelCache MagickCore/cache.c:195
    #4 0x9e4069 in ReadStream MagickCore/stream.c:1027
    #5 0x7f1855 in PingImage MagickCore/constitute.c:226
    #6 0x7f1e08 in PingImages MagickCore/constitute.c:327
    #7 0xbb97b4 in IdentifyImageCommand MagickWand/identify.c:319
    #8 0xc10308 in MagickCommandGenesis MagickWand/mogrify.c:183
    #9 0x40f839 in MagickMain utilities/magick.c:149
    #10 0x40fa06 in main utilities/magick.c:180
    #11 0x7f2baea4fb34 in __libc_start_main (/lib64/libc.so.6+0x21b34)

Indirect leak of 512 byte(s) in 1 object(s) allocated from:
    #0 0x7f2bb3740b58 in __interceptor_malloc ../../../../libsanitizer/asan/asan_malloc_linux.cc:62
    #1 0x43ecdb in AcquireMagickMemory MagickCore/memory.c:463
    #2 0x43ed2f in AcquireQuantumMemory MagickCore/memory.c:536
    #3 0x4490c6 in AcquirePixelChannelMap MagickCore/pixel.c:101
    #4 0x414a2a in AcquireImage MagickCore/image.c:208
    #5 0x6fac15 in ReadEXRImage coders/exr.c:189
    #6 0x7f27a7 in ReadImage MagickCore/constitute.c:497
    #7 0x9e41a7 in ReadStream MagickCore/stream.c:1045
    #8 0x7f1855 in PingImage MagickCore/constitute.c:226
    #9 0x7f1e08 in PingImages MagickCore/constitute.c:327
    #10 0xbb97b4 in IdentifyImageCommand MagickWand/identify.c:319
    #11 0xc10308 in MagickCommandGenesis MagickWand/mogrify.c:183
    #12 0x40f839 in MagickMain utilities/magick.c:149
    #13 0x40fa06 in main utilities/magick.c:180
    #14 0x7f2baea4fb34 in __libc_start_main (/lib64/libc.so.6+0x21b34)

Indirect leak of 352 byte(s) in 1 object(s) allocated from:
    #0 0x7f2bb3740b58 in __interceptor_malloc ../../../../libsanitizer/asan/asan_malloc_linux.cc:62
    #1 0x43ecdb in AcquireMagickMemory MagickCore/memory.c:463
    #2 0x43ed2f in AcquireQuantumMemory MagickCore/memory.c:536
    #3 0x79b032 in AcquirePixelCacheNexus MagickCore/cache.c:268
    #4 0x79abfd in AcquirePixelCache MagickCore/cache.c:211
    #5 0x9e4069 in ReadStream MagickCore/stream.c:1027
    #6 0x7f1855 in PingImage MagickCore/constitute.c:226
    #7 0x7f1e08 in PingImages MagickCore/constitute.c:327
    #8 0xbb97b4 in IdentifyImageCommand MagickWand/identify.c:319
    #9 0xc10308 in MagickCommandGenesis MagickWand/mogrify.c:183
    #10 0x40f839 in MagickMain utilities/magick.c:149
    #11 0x40fa06 in main utilities/magick.c:180
    #12 0x7f2baea4fb34 in __libc_start_main (/lib64/libc.so.6+0x21b34)

Indirect leak of 352 byte(s) in 1 object(s) allocated from:
    #0 0x7f2bb3740b58 in __interceptor_malloc ../../../../libsanitizer/asan/asan_malloc_linux.cc:62
    #1 0x43ecdb in AcquireMagickMemory MagickCore/memory.c:463
    #2 0x43ed2f in AcquireQuantumMemory MagickCore/memory.c:536
    #3 0x79b032 in AcquirePixelCacheNexus MagickCore/cache.c:268
    #4 0x79abfd in AcquirePixelCache MagickCore/cache.c:211
    #5 0x4149a1 in AcquireImage MagickCore/image.c:206
    #6 0x6fac15 in ReadEXRImage coders/exr.c:189
    #7 0x7f27a7 in ReadImage MagickCore/constitute.c:497
    #8 0x9e41a7 in ReadStream MagickCore/stream.c:1045
    #9 0x7f1855 in PingImage MagickCore/constitute.c:226
    #10 0x7f1e08 in PingImages MagickCore/constitute.c:327
    #11 0xbb97b4 in IdentifyImageCommand MagickWand/identify.c:319
    #12 0xc10308 in MagickCommandGenesis MagickWand/mogrify.c:183
    #13 0x40f839 in MagickMain utilities/magick.c:149
    #14 0x40fa06 in main utilities/magick.c:180
    #15 0x7f2baea4fb34 in __libc_start_main (/lib64/libc.so.6+0x21b34)

Indirect leak of 280 byte(s) in 1 object(s) allocated from:
    #0 0x7f2bb3740b58 in __interceptor_malloc ../../../../libsanitizer/asan/asan_malloc_linux.cc:62
    #1 0x43ecdb in AcquireMagickMemory MagickCore/memory.c:463
    #2 0x7839d4 in CloneBlobInfo MagickCore/blob.c:503
    #3 0x414a6f in AcquireImage MagickCore/image.c:209
    #4 0x6fac15 in ReadEXRImage coders/exr.c:189
    #5 0x7f27a7 in ReadImage MagickCore/constitute.c:497
    #6 0x9e41a7 in ReadStream MagickCore/stream.c:1045
    #7 0x7f1855 in PingImage MagickCore/constitute.c:226
    #8 0x7f1e08 in PingImages MagickCore/constitute.c:327
    #9 0xbb97b4 in IdentifyImageCommand MagickWand/identify.c:319
    #10 0xc10308 in MagickCommandGenesis MagickWand/mogrify.c:183
    #11 0x40f839 in MagickMain utilities/magick.c:149
    #12 0x40fa06 in main utilities/magick.c:180
    #13 0x7f2baea4fb34 in __libc_start_main (/lib64/libc.so.6+0x21b34)

Indirect leak of 88 byte(s) in 1 object(s) allocated from:
    #0 0x7f2bb3740b58 in __interceptor_malloc ../../../../libsanitizer/asan/asan_malloc_linux.cc:62
    #1 0x43ecdb in AcquireMagickMemory MagickCore/memory.c:463
    #2 0x49379f in NewSplayTree MagickCore/splay-tree.c:1106
    #3 0x490b9b in CloneSplayTree MagickCore/splay-tree.c:359
    #4 0x4439fa in CloneImageOptions MagickCore/option.c:1868
    #5 0x41a99d in CloneImageInfo MagickCore/image.c:1007
    #6 0x425570 in SyncImageSettings MagickCore/image.c:4051
    #7 0x416002 in AcquireImage MagickCore/image.c:290
    #8 0x6fac15 in ReadEXRImage coders/exr.c:189
    #9 0x7f27a7 in ReadImage MagickCore/constitute.c:497
    #10 0x9e41a7 in ReadStream MagickCore/stream.c:1045
    #11 0x7f1855 in PingImage MagickCore/constitute.c:226
    #12 0x7f1e08 in PingImages MagickCore/constitute.c:327
    #13 0xbb97b4 in IdentifyImageCommand MagickWand/identify.c:319
    #14 0xc10308 in MagickCommandGenesis MagickWand/mogrify.c:183
    #15 0x40f839 in MagickMain utilities/magick.c:149
    #16 0x40fa06 in main utilities/magick.c:180
    #17 0x7f2baea4fb34 in __libc_start_main (/lib64/libc.so.6+0x21b34)

Indirect leak of 64 byte(s) in 1 object(s) allocated from:
    #0 0x7f2bb3741590 in __interceptor_posix_memalign ../../../../libsanitizer/asan/asan_malloc_linux.cc:128
    #1 0x43ec4c in AcquireAlignedMemory MagickCore/memory.c:261
    #2 0x79af49 in AcquirePixelCacheNexus MagickCore/cache.c:264
    #3 0x79abfd in AcquirePixelCache MagickCore/cache.c:211
    #4 0x9e4069 in ReadStream MagickCore/stream.c:1027
    #5 0x7f1855 in PingImage MagickCore/constitute.c:226
    #6 0x7f1e08 in PingImages MagickCore/constitute.c:327
    #7 0xbb97b4 in IdentifyImageCommand MagickWand/identify.c:319
    #8 0xc10308 in MagickCommandGenesis MagickWand/mogrify.c:183
    #9 0x40f839 in MagickMain utilities/magick.c:149
    #10 0x40fa06 in main utilities/magick.c:180
    #11 0x7f2baea4fb34 in __libc_start_main (/lib64/libc.so.6+0x21b34)

Indirect leak of 64 byte(s) in 1 object(s) allocated from:
    #0 0x7f2bb3741590 in __interceptor_posix_memalign ../../../../libsanitizer/asan/asan_malloc_linux.cc:128
    #1 0x43ec4c in AcquireAlignedMemory MagickCore/memory.c:261
    #2 0x79af49 in AcquirePixelCacheNexus MagickCore/cache.c:264
    #3 0x79abfd in AcquirePixelCache MagickCore/cache.c:211
    #4 0x4149a1 in AcquireImage MagickCore/image.c:206
    #5 0x6fac15 in ReadEXRImage coders/exr.c:189
    #6 0x7f27a7 in ReadImage MagickCore/constitute.c:497
    #7 0x9e41a7 in ReadStream MagickCore/stream.c:1045
    #8 0x7f1855 in PingImage MagickCore/constitute.c:226
    #9 0x7f1e08 in PingImages MagickCore/constitute.c:327
    #10 0xbb97b4 in IdentifyImageCommand MagickWand/identify.c:319
    #11 0xc10308 in MagickCommandGenesis MagickWand/mogrify.c:183
    #12 0x40f839 in MagickMain utilities/magick.c:149
    #13 0x40fa06 in main utilities/magick.c:180
    #14 0x7f2baea4fb34 in __libc_start_main (/lib64/libc.so.6+0x21b34)

Indirect leak of 64 byte(s) in 1 object(s) allocated from:
    #0 0x7f2bb3741590 in __interceptor_posix_memalign ../../../../libsanitizer/asan/asan_malloc_linux.cc:128
    #1 0x48bef5 in AcquireSemaphoreMemory MagickCore/semaphore.c:154
    #2 0x48bf9d in AcquireSemaphoreInfo MagickCore/semaphore.c:200
    #3 0x79adfa in AcquirePixelCache MagickCore/cache.c:226
    #4 0x4149a1 in AcquireImage MagickCore/image.c:206
    #5 0x6fac15 in ReadEXRImage coders/exr.c:189
    #6 0x7f27a7 in ReadImage MagickCore/constitute.c:497
    #7 0x9e41a7 in ReadStream MagickCore/stream.c:1045
    #8 0x7f1855 in PingImage MagickCore/constitute.c:226
    #9 0x7f1e08 in PingImages MagickCore/constitute.c:327
    #10 0xbb97b4 in IdentifyImageCommand MagickWand/identify.c:319
    #11 0xc10308 in MagickCommandGenesis MagickWand/mogrify.c:183
    #12 0x40f839 in MagickMain utilities/magick.c:149
    #13 0x40fa06 in main utilities/magick.c:180
    #14 0x7f2baea4fb34 in __libc_start_main (/lib64/libc.so.6+0x21b34)

Indirect leak of 64 byte(s) in 1 object(s) allocated from:
    #0 0x7f2bb3741590 in __interceptor_posix_memalign ../../../../libsanitizer/asan/asan_malloc_linux.cc:128
    #1 0x48bef5 in AcquireSemaphoreMemory MagickCore/semaphore.c:154
    #2 0x48bf9d in AcquireSemaphoreInfo MagickCore/semaphore.c:200
    #3 0x79adfa in AcquirePixelCache MagickCore/cache.c:226
    #4 0x9e4069 in ReadStream MagickCore/stream.c:1027
    #5 0x7f1855 in PingImage MagickCore/constitute.c:226
    #6 0x7f1e08 in PingImages MagickCore/constitute.c:327
    #7 0xbb97b4 in IdentifyImageCommand MagickWand/identify.c:319
    #8 0xc10308 in MagickCommandGenesis MagickWand/mogrify.c:183
    #9 0x40f839 in MagickMain utilities/magick.c:149
    #10 0x40fa06 in main utilities/magick.c:180
    #11 0x7f2baea4fb34 in __libc_start_main (/lib64/libc.so.6+0x21b34)

Indirect leak of 64 byte(s) in 1 object(s) allocated from:
    #0 0x7f2bb3741590 in __interceptor_posix_memalign ../../../../libsanitizer/asan/asan_malloc_linux.cc:128
    #1 0x48bef5 in AcquireSemaphoreMemory MagickCore/semaphore.c:154
    #2 0x48bf9d in AcquireSemaphoreInfo MagickCore/semaphore.c:200
    #3 0x79ae6a in AcquirePixelCache MagickCore/cache.c:228
    #4 0x4149a1 in AcquireImage MagickCore/image.c:206
    #5 0x6fac15 in ReadEXRImage coders/exr.c:189
    #6 0x7f27a7 in ReadImage MagickCore/constitute.c:497
    #7 0x9e41a7 in ReadStream MagickCore/stream.c:1045
    #8 0x7f1855 in PingImage MagickCore/constitute.c:226
    #9 0x7f1e08 in PingImages MagickCore/constitute.c:327
    #10 0xbb97b4 in IdentifyImageCommand MagickWand/identify.c:319
    #11 0xc10308 in MagickCommandGenesis MagickWand/mogrify.c:183
    #12 0x40f839 in MagickMain utilities/magick.c:149
    #13 0x40fa06 in main utilities/magick.c:180
    #14 0x7f2baea4fb34 in __libc_start_main (/lib64/libc.so.6+0x21b34)

Indirect leak of 64 byte(s) in 1 object(s) allocated from:
    #0 0x7f2bb3741590 in __interceptor_posix_memalign ../../../../libsanitizer/asan/asan_malloc_linux.cc:128
    #1 0x48bef5 in AcquireSemaphoreMemory MagickCore/semaphore.c:154
    #2 0x48bf9d in AcquireSemaphoreInfo MagickCore/semaphore.c:200
    #3 0x788380 in GetBlobInfo MagickCore/blob.c:1413
    #4 0x783ab8 in CloneBlobInfo MagickCore/blob.c:506
    #5 0x414a6f in AcquireImage MagickCore/image.c:209
    #6 0x6fac15 in ReadEXRImage coders/exr.c:189
    #7 0x7f27a7 in ReadImage MagickCore/constitute.c:497
    #8 0x9e41a7 in ReadStream MagickCore/stream.c:1045
    #9 0x7f1855 in PingImage MagickCore/constitute.c:226
    #10 0x7f1e08 in PingImages MagickCore/constitute.c:327
    #11 0xbb97b4 in IdentifyImageCommand MagickWand/identify.c:319
    #12 0xc10308 in MagickCommandGenesis MagickWand/mogrify.c:183
    #13 0x40f839 in MagickMain utilities/magick.c:149
    #14 0x40fa06 in main utilities/magick.c:180
    #15 0x7f2baea4fb34 in __libc_start_main (/lib64/libc.so.6+0x21b34)

Indirect leak of 64 byte(s) in 1 object(s) allocated from:
    #0 0x7f2bb3741590 in __interceptor_posix_memalign ../../../../libsanitizer/asan/asan_malloc_linux.cc:128
    #1 0x48bef5 in AcquireSemaphoreMemory MagickCore/semaphore.c:154
    #2 0x48bf9d in AcquireSemaphoreInfo MagickCore/semaphore.c:200
    #3 0x79ae6a in AcquirePixelCache MagickCore/cache.c:228
    #4 0x9e4069 in ReadStream MagickCore/stream.c:1027
    #5 0x7f1855 in PingImage MagickCore/constitute.c:226
    #6 0x7f1e08 in PingImages MagickCore/constitute.c:327
    #7 0xbb97b4 in IdentifyImageCommand MagickWand/identify.c:319
    #8 0xc10308 in MagickCommandGenesis MagickWand/mogrify.c:183
    #9 0x40f839 in MagickMain utilities/magick.c:149
    #10 0x40fa06 in main utilities/magick.c:180
    #11 0x7f2baea4fb34 in __libc_start_main (/lib64/libc.so.6+0x21b34)

Indirect leak of 64 byte(s) in 1 object(s) allocated from:
    #0 0x7f2bb3741590 in __interceptor_posix_memalign ../../../../libsanitizer/asan/asan_malloc_linux.cc:128
    #1 0x48bef5 in AcquireSemaphoreMemory MagickCore/semaphore.c:154
    #2 0x48bf9d in AcquireSemaphoreInfo MagickCore/semaphore.c:200
    #3 0x414b7d in AcquireImage MagickCore/image.c:213
    #4 0x6fac15 in ReadEXRImage coders/exr.c:189
    #5 0x7f27a7 in ReadImage MagickCore/constitute.c:497
    #6 0x9e41a7 in ReadStream MagickCore/stream.c:1045
    #7 0x7f1855 in PingImage MagickCore/constitute.c:226
    #8 0x7f1e08 in PingImages MagickCore/constitute.c:327
    #9 0xbb97b4 in IdentifyImageCommand MagickWand/identify.c:319
    #10 0xc10308 in MagickCommandGenesis MagickWand/mogrify.c:183
    #11 0x40f839 in MagickMain utilities/magick.c:149
    #12 0x40fa06 in main utilities/magick.c:180
    #13 0x7f2baea4fb34 in __libc_start_main (/lib64/libc.so.6+0x21b34)

Indirect leak of 64 byte(s) in 1 object(s) allocated from:
    #0 0x7f2bb3741590 in __interceptor_posix_memalign ../../../../libsanitizer/asan/asan_malloc_linux.cc:128
    #1 0x48bef5 in AcquireSemaphoreMemory MagickCore/semaphore.c:154
    #2 0x48bf9d in AcquireSemaphoreInfo MagickCore/semaphore.c:200
    #3 0x493a64 in NewSplayTree MagickCore/splay-tree.c:1119
    #4 0x490b9b in CloneSplayTree MagickCore/splay-tree.c:359
    #5 0x4439fa in CloneImageOptions MagickCore/option.c:1868
    #6 0x41a99d in CloneImageInfo MagickCore/image.c:1007
    #7 0x425570 in SyncImageSettings MagickCore/image.c:4051
    #8 0x416002 in AcquireImage MagickCore/image.c:290
    #9 0x6fac15 in ReadEXRImage coders/exr.c:189
    #10 0x7f27a7 in ReadImage MagickCore/constitute.c:497
    #11 0x9e41a7 in ReadStream MagickCore/stream.c:1045
    #12 0x7f1855 in PingImage MagickCore/constitute.c:226
    #13 0x7f1e08 in PingImages MagickCore/constitute.c:327
    #14 0xbb97b4 in IdentifyImageCommand MagickWand/identify.c:319
    #15 0xc10308 in MagickCommandGenesis MagickWand/mogrify.c:183
    #16 0x40f839 in MagickMain utilities/magick.c:149
    #17 0x40fa06 in main utilities/magick.c:180
    #18 0x7f2baea4fb34 in __libc_start_main (/lib64/libc.so.6+0x21b34)

Indirect leak of 32 byte(s) in 1 object(s) allocated from:
    #0 0x7f2bb3740b58 in __interceptor_malloc ../../../../libsanitizer/asan/asan_malloc_linux.cc:62
    #1 0x43ecdb in AcquireMagickMemory MagickCore/memory.c:463
    #2 0x490066 in AddValueToSplayTree MagickCore/splay-tree.c:188
    #3 0x490d24 in CloneSplayTree MagickCore/splay-tree.c:371
    #4 0x4439fa in CloneImageOptions MagickCore/option.c:1868
    #5 0x41a99d in CloneImageInfo MagickCore/image.c:1007
    #6 0x425570 in SyncImageSettings MagickCore/image.c:4051
    #7 0x416002 in AcquireImage MagickCore/image.c:290
    #8 0x6fac15 in ReadEXRImage coders/exr.c:189
    #9 0x7f27a7 in ReadImage MagickCore/constitute.c:497
    #10 0x9e41a7 in ReadStream MagickCore/stream.c:1045
    #11 0x7f1855 in PingImage MagickCore/constitute.c:226
    #12 0x7f1e08 in PingImages MagickCore/constitute.c:327
    #13 0xbb97b4 in IdentifyImageCommand MagickWand/identify.c:319
    #14 0xc10308 in MagickCommandGenesis MagickWand/mogrify.c:183
    #15 0x40f839 in MagickMain utilities/magick.c:149
    #16 0x40fa06 in main utilities/magick.c:180
    #17 0x7f2baea4fb34 in __libc_start_main (/lib64/libc.so.6+0x21b34)

Indirect leak of 18 byte(s) in 1 object(s) allocated from:
    #0 0x7f2bb3740b58 in __interceptor_malloc ../../../../libsanitizer/asan/asan_malloc_linux.cc:62
    #1 0x43ecdb in AcquireMagickMemory MagickCore/memory.c:463
    #2 0x43ed2f in AcquireQuantumMemory MagickCore/memory.c:536
    #3 0x4aa745 in ConstantString MagickCore/string.c:701
    #4 0x490cb8 in CloneSplayTree MagickCore/splay-tree.c:372
    #5 0x4439fa in CloneImageOptions MagickCore/option.c:1868
    #6 0x41a99d in CloneImageInfo MagickCore/image.c:1007
    #7 0x425570 in SyncImageSettings MagickCore/image.c:4051
    #8 0x416002 in AcquireImage MagickCore/image.c:290
    #9 0x6fac15 in ReadEXRImage coders/exr.c:189
    #10 0x7f27a7 in ReadImage MagickCore/constitute.c:497
    #11 0x9e41a7 in ReadStream MagickCore/stream.c:1045
    #12 0x7f1855 in PingImage MagickCore/constitute.c:226
    #13 0x7f1e08 in PingImages MagickCore/constitute.c:327
    #14 0xbb97b4 in IdentifyImageCommand MagickWand/identify.c:319
    #15 0xc10308 in MagickCommandGenesis MagickWand/mogrify.c:183
    #16 0x40f839 in MagickMain utilities/magick.c:149
    #17 0x40fa06 in main utilities/magick.c:180
    #18 0x7f2baea4fb34 in __libc_start_main (/lib64/libc.so.6+0x21b34)

Indirect leak of 9 byte(s) in 1 object(s) allocated from:
    #0 0x7f2bb3740b58 in __interceptor_malloc ../../../../libsanitizer/asan/asan_malloc_linux.cc:62
    #1 0x43ecdb in AcquireMagickMemory MagickCore/memory.c:463
    #2 0x43ed2f in AcquireQuantumMemory MagickCore/memory.c:536
    #3 0x4aa745 in ConstantString MagickCore/string.c:701
    #4 0x490d0f in CloneSplayTree MagickCore/splay-tree.c:371
    #5 0x4439fa in CloneImageOptions MagickCore/option.c:1868
    #6 0x41a99d in CloneImageInfo MagickCore/image.c:1007
    #7 0x425570 in SyncImageSettings MagickCore/image.c:4051
    #8 0x416002 in AcquireImage MagickCore/image.c:290
    #9 0x6fac15 in ReadEXRImage coders/exr.c:189
    #10 0x7f27a7 in ReadImage MagickCore/constitute.c:497
    #11 0x9e41a7 in ReadStream MagickCore/stream.c:1045
    #12 0x7f1855 in PingImage MagickCore/constitute.c:226
    #13 0x7f1e08 in PingImages MagickCore/constitute.c:327
    #14 0xbb97b4 in IdentifyImageCommand MagickWand/identify.c:319
    #15 0xc10308 in MagickCommandGenesis MagickWand/mogrify.c:183
    #16 0x40f839 in MagickMain utilities/magick.c:149
    #17 0x40fa06 in main utilities/magick.c:180
    #18 0x7f2baea4fb34 in __libc_start_main (/lib64/libc.so.6+0x21b34)

46923 byte(s) leaked in 21 allocation(s).

testcase:https://github.com/bestshow/p0cs/blob/master/memory-leak-in-ReadEXRImage-3.exr
Author: ADLab of Venustech

Metadata

Metadata

Assignees

No one assigned

    Labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions