Skip to content

memory leak in ReadPICTImage #454

Closed
Closed
@bestshow

Description

@bestshow

on ImageMagick 7.0.5-5

The ReadPICTImage function in pict.c:1120 allows attackers to cause a denial of service (memory leak) via a crafted file.

#identify $FILE

Direct leak of 13488 byte(s) in 1 object(s) allocated from:
#0 0x7f4c5aa42b58 in __interceptor_malloc ../../../../libsanitizer/asan/asan_malloc_linux.cc:62
#1 0x43ecdb in AcquireMagickMemory MagickCore/memory.c:463
#2 0x417d3b in CloneImage MagickCore/image.c:829
#3 0x637739 in ReadPICTImage coders/pict.c:1120
#4 0x7f27a7 in ReadImage MagickCore/constitute.c:497
#5 0x9e41a7 in ReadStream MagickCore/stream.c:1045
#6 0x7f1855 in PingImage MagickCore/constitute.c:226
#7 0x7f1e08 in PingImages MagickCore/constitute.c:327
#8 0xbb97b4 in IdentifyImageCommand MagickWand/identify.c:319
#9 0xc10308 in MagickCommandGenesis MagickWand/mogrify.c:183
#10 0x40f839 in MagickMain utilities/magick.c:149
#11 0x40fa06 in main utilities/magick.c:180
#12 0x7f4c55d51b34 in __libc_start_main (/lib64/libc.so.6+0x21b34)

Indirect leak of 22616 byte(s) in 1 object(s) allocated from:
#0 0x7f4c5aa42b58 in __interceptor_malloc ../../../../libsanitizer/asan/asan_malloc_linux.cc:62
#1 0x43ecdb in AcquireMagickMemory MagickCore/memory.c:463
#2 0x43ed2f in AcquireQuantumMemory MagickCore/memory.c:536
#3 0x7c829f in AcquireImageColormap MagickCore/colormap.c:119
#4 0x637cdb in ReadPICTImage coders/pict.c:1149
#5 0x7f27a7 in ReadImage MagickCore/constitute.c:497
#6 0x9e41a7 in ReadStream MagickCore/stream.c:1045
#7 0x7f1855 in PingImage MagickCore/constitute.c:226
#8 0x7f1e08 in PingImages MagickCore/constitute.c:327
#9 0xbb97b4 in IdentifyImageCommand MagickWand/identify.c:319
#10 0xc10308 in MagickCommandGenesis MagickWand/mogrify.c:183
#11 0x40f839 in MagickMain utilities/magick.c:149
#12 0x40fa06 in main utilities/magick.c:180
#13 0x7f4c55d51b34 in __libc_start_main (/lib64/libc.so.6+0x21b34)

Indirect leak of 13024 byte(s) in 1 object(s) allocated from:
#0 0x7f4c5aa42b58 in __interceptor_malloc ../../../../libsanitizer/asan/asan_malloc_linux.cc:62
#1 0x43ecdb in AcquireMagickMemory MagickCore/memory.c:463
#2 0x416459 in AcquireImageInfo MagickCore/image.c:347
#3 0x4193aa in CloneImageInfo MagickCore/image.c:952
#4 0x4184dc in CloneImage MagickCore/image.c:862
#5 0x637739 in ReadPICTImage coders/pict.c:1120
#6 0x7f27a7 in ReadImage MagickCore/constitute.c:497
#7 0x9e41a7 in ReadStream MagickCore/stream.c:1045
#8 0x7f1855 in PingImage MagickCore/constitute.c:226
#9 0x7f1e08 in PingImages MagickCore/constitute.c:327
#10 0xbb97b4 in IdentifyImageCommand MagickWand/identify.c:319
#11 0xc10308 in MagickCommandGenesis MagickWand/mogrify.c:183
#12 0x40f839 in MagickMain utilities/magick.c:149
#13 0x40fa06 in main utilities/magick.c:180
#14 0x7f4c55d51b34 in __libc_start_main (/lib64/libc.so.6+0x21b34)

Indirect leak of 9096 byte(s) in 1 object(s) allocated from:
#0 0x7f4c5aa42b58 in __interceptor_malloc ../../../../libsanitizer/asan/asan_malloc_linux.cc:62
#1 0x43ecdb in AcquireMagickMemory MagickCore/memory.c:463
#2 0x43ed2f in AcquireQuantumMemory MagickCore/memory.c:536
#3 0x79a80c in AcquirePixelCache MagickCore/cache.c:195
#4 0x9e4069 in ReadStream MagickCore/stream.c:1027
#5 0x7f1855 in PingImage MagickCore/constitute.c:226
#6 0x7f1e08 in PingImages MagickCore/constitute.c:327
#7 0xbb97b4 in IdentifyImageCommand MagickWand/identify.c:319
#8 0xc10308 in MagickCommandGenesis MagickWand/mogrify.c:183
#9 0x40f839 in MagickMain utilities/magick.c:149
#10 0x40fa06 in main utilities/magick.c:180
#11 0x7f4c55d51b34 in __libc_start_main (/lib64/libc.so.6+0x21b34)

Indirect leak of 9096 byte(s) in 1 object(s) allocated from:
#0 0x7f4c5aa42b58 in __interceptor_malloc ../../../../libsanitizer/asan/asan_malloc_linux.cc:62
#1 0x43ecdb in AcquireMagickMemory MagickCore/memory.c:463
#2 0x43ed2f in AcquireQuantumMemory MagickCore/memory.c:536
#3 0x79a80c in AcquirePixelCache MagickCore/cache.c:195
#4 0x79b749 in ClonePixelCache MagickCore/cache.c:418
#5 0x419332 in CloneImage MagickCore/image.c:917
#6 0x637739 in ReadPICTImage coders/pict.c:1120
#7 0x7f27a7 in ReadImage MagickCore/constitute.c:497
#8 0x9e41a7 in ReadStream MagickCore/stream.c:1045
#9 0x7f1855 in PingImage MagickCore/constitute.c:226
#10 0x7f1e08 in PingImages MagickCore/constitute.c:327
#11 0xbb97b4 in IdentifyImageCommand MagickWand/identify.c:319
#12 0xc10308 in MagickCommandGenesis MagickWand/mogrify.c:183
#13 0x40f839 in MagickMain utilities/magick.c:149
#14 0x40fa06 in main utilities/magick.c:180
#15 0x7f4c55d51b34 in __libc_start_main (/lib64/libc.so.6+0x21b34)

Indirect leak of 512 byte(s) in 1 object(s) allocated from:
#0 0x7f4c5aa42b58 in __interceptor_malloc ../../../../libsanitizer/asan/asan_malloc_linux.cc:62
#1 0x43ecdb in AcquireMagickMemory MagickCore/memory.c:463
#2 0x43ed2f in AcquireQuantumMemory MagickCore/memory.c:536
#3 0x4490c6 in AcquirePixelChannelMap MagickCore/pixel.c:101
#4 0x449249 in ClonePixelChannelMap MagickCore/pixel.c:139
#5 0x41879f in CloneImage MagickCore/image.c:873
#6 0x637739 in ReadPICTImage coders/pict.c:1120
#7 0x7f27a7 in ReadImage MagickCore/constitute.c:497
#8 0x9e41a7 in ReadStream MagickCore/stream.c:1045
#9 0x7f1855 in PingImage MagickCore/constitute.c:226
#10 0x7f1e08 in PingImages MagickCore/constitute.c:327
#11 0xbb97b4 in IdentifyImageCommand MagickWand/identify.c:319
#12 0xc10308 in MagickCommandGenesis MagickWand/mogrify.c:183
#13 0x40f839 in MagickMain utilities/magick.c:149
#14 0x40fa06 in main utilities/magick.c:180
#15 0x7f4c55d51b34 in __libc_start_main (/lib64/libc.so.6+0x21b34)

Indirect leak of 352 byte(s) in 1 object(s) allocated from:
#0 0x7f4c5aa42b58 in __interceptor_malloc ../../../../libsanitizer/asan/asan_malloc_linux.cc:62
#1 0x43ecdb in AcquireMagickMemory MagickCore/memory.c:463
#2 0x43ed2f in AcquireQuantumMemory MagickCore/memory.c:536
#3 0x79b032 in AcquirePixelCacheNexus MagickCore/cache.c:268
#4 0x79abfd in AcquirePixelCache MagickCore/cache.c:211
#5 0x79b749 in ClonePixelCache MagickCore/cache.c:418
#6 0x419332 in CloneImage MagickCore/image.c:917
#7 0x637739 in ReadPICTImage coders/pict.c:1120
#8 0x7f27a7 in ReadImage MagickCore/constitute.c:497
#9 0x9e41a7 in ReadStream MagickCore/stream.c:1045
#10 0x7f1855 in PingImage MagickCore/constitute.c:226
#11 0x7f1e08 in PingImages MagickCore/constitute.c:327
#12 0xbb97b4 in IdentifyImageCommand MagickWand/identify.c:319
#13 0xc10308 in MagickCommandGenesis MagickWand/mogrify.c:183
#14 0x40f839 in MagickMain utilities/magick.c:149
#15 0x40fa06 in main utilities/magick.c:180
#16 0x7f4c55d51b34 in __libc_start_main (/lib64/libc.so.6+0x21b34)

Indirect leak of 352 byte(s) in 1 object(s) allocated from:
#0 0x7f4c5aa42b58 in __interceptor_malloc ../../../../libsanitizer/asan/asan_malloc_linux.cc:62
#1 0x43ecdb in AcquireMagickMemory MagickCore/memory.c:463
#2 0x43ed2f in AcquireQuantumMemory MagickCore/memory.c:536
#3 0x79b032 in AcquirePixelCacheNexus MagickCore/cache.c:268
#4 0x79abfd in AcquirePixelCache MagickCore/cache.c:211
#5 0x9e4069 in ReadStream MagickCore/stream.c:1027
#6 0x7f1855 in PingImage MagickCore/constitute.c:226
#7 0x7f1e08 in PingImages MagickCore/constitute.c:327
#8 0xbb97b4 in IdentifyImageCommand MagickWand/identify.c:319
#9 0xc10308 in MagickCommandGenesis MagickWand/mogrify.c:183
#10 0x40f839 in MagickMain utilities/magick.c:149
#11 0x40fa06 in main utilities/magick.c:180
#12 0x7f4c55d51b34 in __libc_start_main (/lib64/libc.so.6+0x21b34)

Indirect leak of 280 byte(s) in 1 object(s) allocated from:
#0 0x7f4c5aa42b58 in __interceptor_malloc ../../../../libsanitizer/asan/asan_malloc_linux.cc:62
#1 0x43ecdb in AcquireMagickMemory MagickCore/memory.c:463
#2 0x7839d4 in CloneBlobInfo MagickCore/blob.c:503
#3 0x418b3b in CloneImage MagickCore/image.c:891
#4 0x637739 in ReadPICTImage coders/pict.c:1120
#5 0x7f27a7 in ReadImage MagickCore/constitute.c:497
#6 0x9e41a7 in ReadStream MagickCore/stream.c:1045
#7 0x7f1855 in PingImage MagickCore/constitute.c:226
#8 0x7f1e08 in PingImages MagickCore/constitute.c:327
#9 0xbb97b4 in IdentifyImageCommand MagickWand/identify.c:319
#10 0xc10308 in MagickCommandGenesis MagickWand/mogrify.c:183
#11 0x40f839 in MagickMain utilities/magick.c:149
#12 0x40fa06 in main utilities/magick.c:180
#13 0x7f4c55d51b34 in __libc_start_main (/lib64/libc.so.6+0x21b34)

Indirect leak of 88 byte(s) in 1 object(s) allocated from:
#0 0x7f4c5aa42b58 in __interceptor_malloc ../../../../libsanitizer/asan/asan_malloc_linux.cc:62
#1 0x43ecdb in AcquireMagickMemory MagickCore/memory.c:463
#2 0x49379f in NewSplayTree MagickCore/splay-tree.c:1106
#3 0x490b9b in CloneSplayTree MagickCore/splay-tree.c:359
#4 0x4439fa in CloneImageOptions MagickCore/option.c:1868
#5 0x41a99d in CloneImageInfo MagickCore/image.c:1007
#6 0x4184dc in CloneImage MagickCore/image.c:862
#7 0x637739 in ReadPICTImage coders/pict.c:1120
#8 0x7f27a7 in ReadImage MagickCore/constitute.c:497
#9 0x9e41a7 in ReadStream MagickCore/stream.c:1045
#10 0x7f1855 in PingImage MagickCore/constitute.c:226
#11 0x7f1e08 in PingImages MagickCore/constitute.c:327
#12 0xbb97b4 in IdentifyImageCommand MagickWand/identify.c:319
#13 0xc10308 in MagickCommandGenesis MagickWand/mogrify.c:183
#14 0x40f839 in MagickMain utilities/magick.c:149
#15 0x40fa06 in main utilities/magick.c:180
#16 0x7f4c55d51b34 in __libc_start_main (/lib64/libc.so.6+0x21b34)

Indirect leak of 64 byte(s) in 1 object(s) allocated from:
#0 0x7f4c5aa43590 in __interceptor_posix_memalign ../../../../libsanitizer/asan/asan_malloc_linux.cc:128
#1 0x43ec4c in AcquireAlignedMemory MagickCore/memory.c:261
#2 0x79af49 in AcquirePixelCacheNexus MagickCore/cache.c:264
#3 0x79abfd in AcquirePixelCache MagickCore/cache.c:211
#4 0x9e4069 in ReadStream MagickCore/stream.c:1027
#5 0x7f1855 in PingImage MagickCore/constitute.c:226
#6 0x7f1e08 in PingImages MagickCore/constitute.c:327
#7 0xbb97b4 in IdentifyImageCommand MagickWand/identify.c:319
#8 0xc10308 in MagickCommandGenesis MagickWand/mogrify.c:183
#9 0x40f839 in MagickMain utilities/magick.c:149
#10 0x40fa06 in main utilities/magick.c:180
#11 0x7f4c55d51b34 in __libc_start_main (/lib64/libc.so.6+0x21b34)

Indirect leak of 64 byte(s) in 1 object(s) allocated from:
#0 0x7f4c5aa43590 in __interceptor_posix_memalign ../../../../libsanitizer/asan/asan_malloc_linux.cc:128
#1 0x48bef5 in AcquireSemaphoreMemory MagickCore/semaphore.c:154
#2 0x48bf9d in AcquireSemaphoreInfo MagickCore/semaphore.c:200
#3 0x788380 in GetBlobInfo MagickCore/blob.c:1413
#4 0x783ab8 in CloneBlobInfo MagickCore/blob.c:506
#5 0x418b3b in CloneImage MagickCore/image.c:891
#6 0x637739 in ReadPICTImage coders/pict.c:1120
#7 0x7f27a7 in ReadImage MagickCore/constitute.c:497
#8 0x9e41a7 in ReadStream MagickCore/stream.c:1045
#9 0x7f1855 in PingImage MagickCore/constitute.c:226
#10 0x7f1e08 in PingImages MagickCore/constitute.c:327
#11 0xbb97b4 in IdentifyImageCommand MagickWand/identify.c:319
#12 0xc10308 in MagickCommandGenesis MagickWand/mogrify.c:183
#13 0x40f839 in MagickMain utilities/magick.c:149
#14 0x40fa06 in main utilities/magick.c:180
#15 0x7f4c55d51b34 in __libc_start_main (/lib64/libc.so.6+0x21b34)

Indirect leak of 64 byte(s) in 1 object(s) allocated from:
#0 0x7f4c5aa43590 in __interceptor_posix_memalign ../../../../libsanitizer/asan/asan_malloc_linux.cc:128
#1 0x48bef5 in AcquireSemaphoreMemory MagickCore/semaphore.c:154
#2 0x48bf9d in AcquireSemaphoreInfo MagickCore/semaphore.c:200
#3 0x418c3b in CloneImage MagickCore/image.c:895
#4 0x637739 in ReadPICTImage coders/pict.c:1120
#5 0x7f27a7 in ReadImage MagickCore/constitute.c:497
#6 0x9e41a7 in ReadStream MagickCore/stream.c:1045
#7 0x7f1855 in PingImage MagickCore/constitute.c:226
#8 0x7f1e08 in PingImages MagickCore/constitute.c:327
#9 0xbb97b4 in IdentifyImageCommand MagickWand/identify.c:319
#10 0xc10308 in MagickCommandGenesis MagickWand/mogrify.c:183
#11 0x40f839 in MagickMain utilities/magick.c:149
#12 0x40fa06 in main utilities/magick.c:180
#13 0x7f4c55d51b34 in __libc_start_main (/lib64/libc.so.6+0x21b34)

Indirect leak of 64 byte(s) in 1 object(s) allocated from:
#0 0x7f4c5aa43590 in __interceptor_posix_memalign ../../../../libsanitizer/asan/asan_malloc_linux.cc:128
#1 0x48bef5 in AcquireSemaphoreMemory MagickCore/semaphore.c:154
#2 0x48bf9d in AcquireSemaphoreInfo MagickCore/semaphore.c:200
#3 0x79adfa in AcquirePixelCache MagickCore/cache.c:226
#4 0x9e4069 in ReadStream MagickCore/stream.c:1027
#5 0x7f1855 in PingImage MagickCore/constitute.c:226
#6 0x7f1e08 in PingImages MagickCore/constitute.c:327
#7 0xbb97b4 in IdentifyImageCommand MagickWand/identify.c:319
#8 0xc10308 in MagickCommandGenesis MagickWand/mogrify.c:183
#9 0x40f839 in MagickMain utilities/magick.c:149
#10 0x40fa06 in main utilities/magick.c:180
#11 0x7f4c55d51b34 in __libc_start_main (/lib64/libc.so.6+0x21b34)

Indirect leak of 64 byte(s) in 1 object(s) allocated from:
#0 0x7f4c5aa43590 in __interceptor_posix_memalign ../../../../libsanitizer/asan/asan_malloc_linux.cc:128
#1 0x43ec4c in AcquireAlignedMemory MagickCore/memory.c:261
#2 0x79af49 in AcquirePixelCacheNexus MagickCore/cache.c:264
#3 0x79abfd in AcquirePixelCache MagickCore/cache.c:211
#4 0x79b749 in ClonePixelCache MagickCore/cache.c:418
#5 0x419332 in CloneImage MagickCore/image.c:917
#6 0x637739 in ReadPICTImage coders/pict.c:1120
#7 0x7f27a7 in ReadImage MagickCore/constitute.c:497
#8 0x9e41a7 in ReadStream MagickCore/stream.c:1045
#9 0x7f1855 in PingImage MagickCore/constitute.c:226
#10 0x7f1e08 in PingImages MagickCore/constitute.c:327
#11 0xbb97b4 in IdentifyImageCommand MagickWand/identify.c:319
#12 0xc10308 in MagickCommandGenesis MagickWand/mogrify.c:183
#13 0x40f839 in MagickMain utilities/magick.c:149
#14 0x40fa06 in main utilities/magick.c:180
#15 0x7f4c55d51b34 in __libc_start_main (/lib64/libc.so.6+0x21b34)

Indirect leak of 64 byte(s) in 1 object(s) allocated from:
#0 0x7f4c5aa43590 in __interceptor_posix_memalign ../../../../libsanitizer/asan/asan_malloc_linux.cc:128
#1 0x48bef5 in AcquireSemaphoreMemory MagickCore/semaphore.c:154
#2 0x48bf9d in AcquireSemaphoreInfo MagickCore/semaphore.c:200
#3 0x79adfa in AcquirePixelCache MagickCore/cache.c:226
#4 0x79b749 in ClonePixelCache MagickCore/cache.c:418
#5 0x419332 in CloneImage MagickCore/image.c:917
#6 0x637739 in ReadPICTImage coders/pict.c:1120
#7 0x7f27a7 in ReadImage MagickCore/constitute.c:497
#8 0x9e41a7 in ReadStream MagickCore/stream.c:1045
#9 0x7f1855 in PingImage MagickCore/constitute.c:226
#10 0x7f1e08 in PingImages MagickCore/constitute.c:327
#11 0xbb97b4 in IdentifyImageCommand MagickWand/identify.c:319
#12 0xc10308 in MagickCommandGenesis MagickWand/mogrify.c:183
#13 0x40f839 in MagickMain utilities/magick.c:149
#14 0x40fa06 in main utilities/magick.c:180
#15 0x7f4c55d51b34 in __libc_start_main (/lib64/libc.so.6+0x21b34)

Indirect leak of 64 byte(s) in 1 object(s) allocated from:
#0 0x7f4c5aa43590 in __interceptor_posix_memalign ../../../../libsanitizer/asan/asan_malloc_linux.cc:128
#1 0x48bef5 in AcquireSemaphoreMemory MagickCore/semaphore.c:154
#2 0x48bf9d in AcquireSemaphoreInfo MagickCore/semaphore.c:200
#3 0x79ae6a in AcquirePixelCache MagickCore/cache.c:228
#4 0x9e4069 in ReadStream MagickCore/stream.c:1027
#5 0x7f1855 in PingImage MagickCore/constitute.c:226
#6 0x7f1e08 in PingImages MagickCore/constitute.c:327
#7 0xbb97b4 in IdentifyImageCommand MagickWand/identify.c:319
#8 0xc10308 in MagickCommandGenesis MagickWand/mogrify.c:183
#9 0x40f839 in MagickMain utilities/magick.c:149
#10 0x40fa06 in main utilities/magick.c:180
#11 0x7f4c55d51b34 in __libc_start_main (/lib64/libc.so.6+0x21b34)

Indirect leak of 64 byte(s) in 1 object(s) allocated from:
#0 0x7f4c5aa43590 in __interceptor_posix_memalign ../../../../libsanitizer/asan/asan_malloc_linux.cc:128
#1 0x48bef5 in AcquireSemaphoreMemory MagickCore/semaphore.c:154
#2 0x48bf9d in AcquireSemaphoreInfo MagickCore/semaphore.c:200
#3 0x79ae6a in AcquirePixelCache MagickCore/cache.c:228
#4 0x79b749 in ClonePixelCache MagickCore/cache.c:418
#5 0x419332 in CloneImage MagickCore/image.c:917
#6 0x637739 in ReadPICTImage coders/pict.c:1120
#7 0x7f27a7 in ReadImage MagickCore/constitute.c:497
#8 0x9e41a7 in ReadStream MagickCore/stream.c:1045
#9 0x7f1855 in PingImage MagickCore/constitute.c:226
#10 0x7f1e08 in PingImages MagickCore/constitute.c:327
#11 0xbb97b4 in IdentifyImageCommand MagickWand/identify.c:319
#12 0xc10308 in MagickCommandGenesis MagickWand/mogrify.c:183
#13 0x40f839 in MagickMain utilities/magick.c:149
#14 0x40fa06 in main utilities/magick.c:180
#15 0x7f4c55d51b34 in __libc_start_main (/lib64/libc.so.6+0x21b34)

Indirect leak of 64 byte(s) in 1 object(s) allocated from:
#0 0x7f4c5aa43590 in __interceptor_posix_memalign ../../../../libsanitizer/asan/asan_malloc_linux.cc:128
#1 0x48bef5 in AcquireSemaphoreMemory MagickCore/semaphore.c:154
#2 0x48bf9d in AcquireSemaphoreInfo MagickCore/semaphore.c:200
#3 0x493a64 in NewSplayTree MagickCore/splay-tree.c:1119
#4 0x490b9b in CloneSplayTree MagickCore/splay-tree.c:359
#5 0x4439fa in CloneImageOptions MagickCore/option.c:1868
#6 0x41a99d in CloneImageInfo MagickCore/image.c:1007
#7 0x4184dc in CloneImage MagickCore/image.c:862
#8 0x637739 in ReadPICTImage coders/pict.c:1120
#9 0x7f27a7 in ReadImage MagickCore/constitute.c:497
#10 0x9e41a7 in ReadStream MagickCore/stream.c:1045
#11 0x7f1855 in PingImage MagickCore/constitute.c:226
#12 0x7f1e08 in PingImages MagickCore/constitute.c:327
#13 0xbb97b4 in IdentifyImageCommand MagickWand/identify.c:319
#14 0xc10308 in MagickCommandGenesis MagickWand/mogrify.c:183
#15 0x40f839 in MagickMain utilities/magick.c:149
#16 0x40fa06 in main utilities/magick.c:180
#17 0x7f4c55d51b34 in __libc_start_main (/lib64/libc.so.6+0x21b34)

Indirect leak of 32 byte(s) in 1 object(s) allocated from:
#0 0x7f4c5aa42b58 in __interceptor_malloc ../../../../libsanitizer/asan/asan_malloc_linux.cc:62
#1 0x43ecdb in AcquireMagickMemory MagickCore/memory.c:463
#2 0x490066 in AddValueToSplayTree MagickCore/splay-tree.c:188
#3 0x490d24 in CloneSplayTree MagickCore/splay-tree.c:371
#4 0x4439fa in CloneImageOptions MagickCore/option.c:1868
#5 0x41a99d in CloneImageInfo MagickCore/image.c:1007
#6 0x4184dc in CloneImage MagickCore/image.c:862
#7 0x637739 in ReadPICTImage coders/pict.c:1120
#8 0x7f27a7 in ReadImage MagickCore/constitute.c:497
#9 0x9e41a7 in ReadStream MagickCore/stream.c:1045
#10 0x7f1855 in PingImage MagickCore/constitute.c:226
#11 0x7f1e08 in PingImages MagickCore/constitute.c:327
#12 0xbb97b4 in IdentifyImageCommand MagickWand/identify.c:319
#13 0xc10308 in MagickCommandGenesis MagickWand/mogrify.c:183
#14 0x40f839 in MagickMain utilities/magick.c:149
#15 0x40fa06 in main utilities/magick.c:180
#16 0x7f4c55d51b34 in __libc_start_main (/lib64/libc.so.6+0x21b34)

Indirect leak of 30 byte(s) in 1 object(s) allocated from:
#0 0x7f4c5aa42b58 in __interceptor_malloc ../../../../libsanitizer/asan/asan_malloc_linux.cc:62
#1 0x43ecdb in AcquireMagickMemory MagickCore/memory.c:463
#2 0x43ed2f in AcquireQuantumMemory MagickCore/memory.c:536
#3 0x4aa745 in ConstantString MagickCore/string.c:701
#4 0x490cb8 in CloneSplayTree MagickCore/splay-tree.c:372
#5 0x4439fa in CloneImageOptions MagickCore/option.c:1868
#6 0x41a99d in CloneImageInfo MagickCore/image.c:1007
#7 0x4184dc in CloneImage MagickCore/image.c:862
#8 0x637739 in ReadPICTImage coders/pict.c:1120
#9 0x7f27a7 in ReadImage MagickCore/constitute.c:497
#10 0x9e41a7 in ReadStream MagickCore/stream.c:1045
#11 0x7f1855 in PingImage MagickCore/constitute.c:226
#12 0x7f1e08 in PingImages MagickCore/constitute.c:327
#13 0xbb97b4 in IdentifyImageCommand MagickWand/identify.c:319
#14 0xc10308 in MagickCommandGenesis MagickWand/mogrify.c:183
#15 0x40f839 in MagickMain utilities/magick.c:149
#16 0x40fa06 in main utilities/magick.c:180
#17 0x7f4c55d51b34 in __libc_start_main (/lib64/libc.so.6+0x21b34)

Indirect leak of 9 byte(s) in 1 object(s) allocated from:
#0 0x7f4c5aa42b58 in __interceptor_malloc ../../../../libsanitizer/asan/asan_malloc_linux.cc:62
#1 0x43ecdb in AcquireMagickMemory MagickCore/memory.c:463
#2 0x43ed2f in AcquireQuantumMemory MagickCore/memory.c:536
#3 0x4aa745 in ConstantString MagickCore/string.c:701
#4 0x490d0f in CloneSplayTree MagickCore/splay-tree.c:371
#5 0x4439fa in CloneImageOptions MagickCore/option.c:1868
#6 0x41a99d in CloneImageInfo MagickCore/image.c:1007
#7 0x4184dc in CloneImage MagickCore/image.c:862
#8 0x637739 in ReadPICTImage coders/pict.c:1120
#9 0x7f27a7 in ReadImage MagickCore/constitute.c:497
#10 0x9e41a7 in ReadStream MagickCore/stream.c:1045
#11 0x7f1855 in PingImage MagickCore/constitute.c:226
#12 0x7f1e08 in PingImages MagickCore/constitute.c:327
#13 0xbb97b4 in IdentifyImageCommand MagickWand/identify.c:319
#14 0xc10308 in MagickCommandGenesis MagickWand/mogrify.c:183
#15 0x40f839 in MagickMain utilities/magick.c:149
#16 0x40fa06 in main utilities/magick.c:180
#17 0x7f4c55d51b34 in __libc_start_main (/lib64/libc.so.6+0x21b34)

69551 byte(s) leaked in 22 allocation(s).
testcase:https://github.com/bestshow/p0cs/blob/master/memory-leak-in-ReadPICTImage-16.pict
Author: ADLab of Venustech

Metadata

Metadata

Assignees

No one assigned

    Labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions