Closed
Description
$ identify -version
Version: ImageMagick 7.0.5-6 Q16 x86_64 2017-05-02 http://www.imagemagick.org
The ReadBMPImage function in bmp.c:1379 allows attackers to cause a denial of service (memory leak) via a crafted file.
$ identify leak-fcd4138d423f1e98d5111d52c9eadeae4a02810e
Direct leak of 13488 byte(s) in 1 object(s) allocated from:
#0 0x4c1db3 in malloc (/usr/local/bin/magick+0x4c1db3)
#1 0x7f1b97bb0ccc in CloneImage MagickCore/image.c:829:25
#2 0x7f1b97df5571 in FlipImage MagickCore/transform.c:1210:14
#3 0x7f1b97eeec1c in ReadBMPImage coders/bmp.c:1379:23
#4 0x7f1b97a4988e in ReadImage MagickCore/constitute.c:497:13
#5 0x7f1b97dcde5c in ReadStream MagickCore/stream.c:1045:9
#6 0x7f1b97a488d6 in PingImage MagickCore/constitute.c:226:9
#7 0x7f1b97a48e98 in PingImages MagickCore/constitute.c:327:10
#8 0x7f1b9729587c in IdentifyImageCommand MagickWand/identify.c:319:18
#9 0x7f1b973175bd in MagickCommandGenesis MagickWand/mogrify.c:183:14
#10 0x4ef157 in MagickMain utilities/magick.c:149:10
#11 0x4ef157 in main utilities/magick.c:180
#12 0x7f1b94a7b82f in __libc_start_main /build/glibc-9tT8Do/glibc-2.23/csu/../csu/libc-start.c:291
Indirect leak of 13024 byte(s) in 1 object(s) allocated from:
#0 0x4c1db3 in malloc (/usr/local/bin/magick+0x4c1db3)
#1 0x7f1b97bae06c in AcquireImageInfo MagickCore/image.c:347:28
#2 0x7f1b97bb5384 in CloneImageInfo MagickCore/image.c:952:14
#3 0x7f1b97bb1105 in CloneImage MagickCore/image.c:862:27
#4 0x7f1b97df5571 in FlipImage MagickCore/transform.c:1210:14
#5 0x7f1b97eeec1c in ReadBMPImage coders/bmp.c:1379:23
#6 0x7f1b97a4988e in ReadImage MagickCore/constitute.c:497:13
#7 0x7f1b97dcde5c in ReadStream MagickCore/stream.c:1045:9
#8 0x7f1b97a488d6 in PingImage MagickCore/constitute.c:226:9
#9 0x7f1b97a48e98 in PingImages MagickCore/constitute.c:327:10
#10 0x7f1b9729587c in IdentifyImageCommand MagickWand/identify.c:319:18
#11 0x7f1b973175bd in MagickCommandGenesis MagickWand/mogrify.c:183:14
#12 0x4ef157 in MagickMain utilities/magick.c:149:10
#13 0x4ef157 in main utilities/magick.c:180
#14 0x7f1b94a7b82f in __libc_start_main /build/glibc-9tT8Do/glibc-2.23/csu/../csu/libc-start.c:291
Indirect leak of 9096 byte(s) in 1 object(s) allocated from:
#0 0x4c1db3 in malloc (/usr/local/bin/magick+0x4c1db3)
#1 0x7f1b979d2acb in AcquirePixelCache MagickCore/cache.c:195:28
#2 0x7f1b97dcdc56 in ReadStream MagickCore/stream.c:1027:20
#3 0x7f1b97a488d6 in PingImage MagickCore/constitute.c:226:9
#4 0x7f1b97a48e98 in PingImages MagickCore/constitute.c:327:10
#5 0x7f1b9729587c in IdentifyImageCommand MagickWand/identify.c:319:18
#6 0x7f1b973175bd in MagickCommandGenesis MagickWand/mogrify.c:183:14
#7 0x4ef157 in MagickMain utilities/magick.c:149:10
#8 0x4ef157 in main utilities/magick.c:180
#9 0x7f1b94a7b82f in __libc_start_main /build/glibc-9tT8Do/glibc-2.23/csu/../csu/libc-start.c:291
Indirect leak of 9096 byte(s) in 1 object(s) allocated from:
#0 0x4c1db3 in malloc (/usr/local/bin/magick+0x4c1db3)
#1 0x7f1b979d2acb in AcquirePixelCache MagickCore/cache.c:195:28
#2 0x7f1b979d3a70 in ClonePixelCache MagickCore/cache.c:418:28
#3 0x7f1b97bb1a4d in CloneImage MagickCore/image.c:917:22
#4 0x7f1b97df5571 in FlipImage MagickCore/transform.c:1210:14
#5 0x7f1b97eeec1c in ReadBMPImage coders/bmp.c:1379:23
#6 0x7f1b97a4988e in ReadImage MagickCore/constitute.c:497:13
#7 0x7f1b97dcde5c in ReadStream MagickCore/stream.c:1045:9
#8 0x7f1b97a488d6 in PingImage MagickCore/constitute.c:226:9
#9 0x7f1b97a48e98 in PingImages MagickCore/constitute.c:327:10
#10 0x7f1b9729587c in IdentifyImageCommand MagickWand/identify.c:319:18
#11 0x7f1b973175bd in MagickCommandGenesis MagickWand/mogrify.c:183:14
#12 0x4ef157 in MagickMain utilities/magick.c:149:10
#13 0x4ef157 in main utilities/magick.c:180
#14 0x7f1b94a7b82f in __libc_start_main /build/glibc-9tT8Do/glibc-2.23/csu/../csu/libc-start.c:291
Indirect leak of 512 byte(s) in 1 object(s) allocated from:
#0 0x4c1db3 in malloc (/usr/local/bin/magick+0x4c1db3)
#1 0x7f1b97c27251 in AcquirePixelChannelMap MagickCore/pixel.c:101:35
#2 0x7f1b97c27a9f in ClonePixelChannelMap MagickCore/pixel.c:139:13
#3 0x7f1b97bb1270 in CloneImage MagickCore/image.c:873:28
#4 0x7f1b97df5571 in FlipImage MagickCore/transform.c:1210:14
#5 0x7f1b97eeec1c in ReadBMPImage coders/bmp.c:1379:23
#6 0x7f1b97a4988e in ReadImage MagickCore/constitute.c:497:13
#7 0x7f1b97dcde5c in ReadStream MagickCore/stream.c:1045:9
#8 0x7f1b97a488d6 in PingImage MagickCore/constitute.c:226:9
#9 0x7f1b97a48e98 in PingImages MagickCore/constitute.c:327:10
#10 0x7f1b9729587c in IdentifyImageCommand MagickWand/identify.c:319:18
#11 0x7f1b973175bd in MagickCommandGenesis MagickWand/mogrify.c:183:14
#12 0x4ef157 in MagickMain utilities/magick.c:149:10
#13 0x4ef157 in main utilities/magick.c:180
#14 0x7f1b94a7b82f in __libc_start_main /build/glibc-9tT8Do/glibc-2.23/csu/../csu/libc-start.c:291
Indirect leak of 280 byte(s) in 1 object(s) allocated from:
#0 0x4c1db3 in malloc (/usr/local/bin/magick+0x4c1db3)
#1 0x7f1b979ba132 in CloneBlobInfo MagickCore/blob.c:503:27
#2 0x7f1b97bab952 in AcquireImage MagickCore/image.c:209:15
#3 0x7f1b97ee9c54 in ReadBMPImage coders/bmp.c:555:9
#4 0x7f1b97a4988e in ReadImage MagickCore/constitute.c:497:13
#5 0x7f1b97dcde5c in ReadStream MagickCore/stream.c:1045:9
#6 0x7f1b97a488d6 in PingImage MagickCore/constitute.c:226:9
#7 0x7f1b97a48e98 in PingImages MagickCore/constitute.c:327:10
#8 0x7f1b9729587c in IdentifyImageCommand MagickWand/identify.c:319:18
#9 0x7f1b973175bd in MagickCommandGenesis MagickWand/mogrify.c:183:14
#10 0x4ef157 in MagickMain utilities/magick.c:149:10
#11 0x4ef157 in main utilities/magick.c:180
#12 0x7f1b94a7b82f in __libc_start_main /build/glibc-9tT8Do/glibc-2.23/csu/../csu/libc-start.c:291
Indirect leak of 88 byte(s) in 1 object(s) allocated from:
#0 0x4c1db3 in malloc (/usr/local/bin/magick+0x4c1db3)
#1 0x7f1b979d3095 in AcquirePixelCacheNexus MagickCore/cache.c:268:31
#2 0x7f1b979d2c82 in AcquirePixelCache MagickCore/cache.c:211:26
#3 0x7f1b979d3a70 in ClonePixelCache MagickCore/cache.c:418:28
#4 0x7f1b97bb1a4d in CloneImage MagickCore/image.c:917:22
#5 0x7f1b97df5571 in FlipImage MagickCore/transform.c:1210:14
#6 0x7f1b97eeec1c in ReadBMPImage coders/bmp.c:1379:23
#7 0x7f1b97a4988e in ReadImage MagickCore/constitute.c:497:13
#8 0x7f1b97dcde5c in ReadStream MagickCore/stream.c:1045:9
#9 0x7f1b97a488d6 in PingImage MagickCore/constitute.c:226:9
#10 0x7f1b97a48e98 in PingImages MagickCore/constitute.c:327:10
#11 0x7f1b9729587c in IdentifyImageCommand MagickWand/identify.c:319:18
#12 0x7f1b973175bd in MagickCommandGenesis MagickWand/mogrify.c:183:14
#13 0x4ef157 in MagickMain utilities/magick.c:149:10
#14 0x4ef157 in main utilities/magick.c:180
#15 0x7f1b94a7b82f in __libc_start_main /build/glibc-9tT8Do/glibc-2.23/csu/../csu/libc-start.c:291
Indirect leak of 88 byte(s) in 1 object(s) allocated from:
#0 0x4c1db3 in malloc (/usr/local/bin/magick+0x4c1db3)
#1 0x7f1b97db47d9 in NewSplayTree MagickCore/splay-tree.c:1106:32
#2 0x7f1b97db44a8 in CloneSplayTree MagickCore/splay-tree.c:359:14
#3 0x7f1b97c18ee2 in CloneImageOptions MagickCore/option.c:1868:27
#4 0x7f1b97bb5d79 in CloneImageInfo MagickCore/image.c:1007:10
#5 0x7f1b97bb1105 in CloneImage MagickCore/image.c:862:27
#6 0x7f1b97df5571 in FlipImage MagickCore/transform.c:1210:14
#7 0x7f1b97eeec1c in ReadBMPImage coders/bmp.c:1379:23
#8 0x7f1b97a4988e in ReadImage MagickCore/constitute.c:497:13
#9 0x7f1b97dcde5c in ReadStream MagickCore/stream.c:1045:9
#10 0x7f1b97a488d6 in PingImage MagickCore/constitute.c:226:9
#11 0x7f1b97a48e98 in PingImages MagickCore/constitute.c:327:10
#12 0x7f1b9729587c in IdentifyImageCommand MagickWand/identify.c:319:18
#13 0x7f1b973175bd in MagickCommandGenesis MagickWand/mogrify.c:183:14
#14 0x4ef157 in MagickMain utilities/magick.c:149:10
#15 0x4ef157 in main utilities/magick.c:180
#16 0x7f1b94a7b82f in __libc_start_main /build/glibc-9tT8Do/glibc-2.23/csu/../csu/libc-start.c:291
Indirect leak of 88 byte(s) in 1 object(s) allocated from:
#0 0x4c1db3 in malloc (/usr/local/bin/magick+0x4c1db3)
#1 0x7f1b97bb0f96 in CloneImage MagickCore/image.c:852:43
#2 0x7f1b97df5571 in FlipImage MagickCore/transform.c:1210:14
#3 0x7f1b97eeec1c in ReadBMPImage coders/bmp.c:1379:23
#4 0x7f1b97a4988e in ReadImage MagickCore/constitute.c:497:13
#5 0x7f1b97dcde5c in ReadStream MagickCore/stream.c:1045:9
#6 0x7f1b97a488d6 in PingImage MagickCore/constitute.c:226:9
#7 0x7f1b97a48e98 in PingImages MagickCore/constitute.c:327:10
#8 0x7f1b9729587c in IdentifyImageCommand MagickWand/identify.c:319:18
#9 0x7f1b973175bd in MagickCommandGenesis MagickWand/mogrify.c:183:14
#10 0x4ef157 in MagickMain utilities/magick.c:149:10
#11 0x4ef157 in main utilities/magick.c:180
#12 0x7f1b94a7b82f in __libc_start_main /build/glibc-9tT8Do/glibc-2.23/csu/../csu/libc-start.c:291
Indirect leak of 88 byte(s) in 1 object(s) allocated from:
#0 0x4c1db3 in malloc (/usr/local/bin/magick+0x4c1db3)
#1 0x7f1b979d3095 in AcquirePixelCacheNexus MagickCore/cache.c:268:31
#2 0x7f1b979d2c82 in AcquirePixelCache MagickCore/cache.c:211:26
#3 0x7f1b97dcdc56 in ReadStream MagickCore/stream.c:1027:20
#4 0x7f1b97a488d6 in PingImage MagickCore/constitute.c:226:9
#5 0x7f1b97a48e98 in PingImages MagickCore/constitute.c:327:10
#6 0x7f1b9729587c in IdentifyImageCommand MagickWand/identify.c:319:18
#7 0x7f1b973175bd in MagickCommandGenesis MagickWand/mogrify.c:183:14
#8 0x4ef157 in MagickMain utilities/magick.c:149:10
#9 0x4ef157 in main utilities/magick.c:180
#10 0x7f1b94a7b82f in __libc_start_main /build/glibc-9tT8Do/glibc-2.23/csu/../csu/libc-start.c:291
Indirect leak of 64 byte(s) in 1 object(s) allocated from:
#0 0x4c286e in __interceptor_posix_memalign (/usr/local/bin/magick+0x4c286e)
#1 0x7f1b97bf4de2 in AcquireAlignedMemory MagickCore/memory.c:261:7
#2 0x7f1b979d307c in AcquirePixelCacheNexus MagickCore/cache.c:264:29
#3 0x7f1b979d2c82 in AcquirePixelCache MagickCore/cache.c:211:26
#4 0x7f1b979d3a70 in ClonePixelCache MagickCore/cache.c:418:28
#5 0x7f1b97bb1a4d in CloneImage MagickCore/image.c:917:22
#6 0x7f1b97df5571 in FlipImage MagickCore/transform.c:1210:14
#7 0x7f1b97eeec1c in ReadBMPImage coders/bmp.c:1379:23
#8 0x7f1b97a4988e in ReadImage MagickCore/constitute.c:497:13
#9 0x7f1b97dcde5c in ReadStream MagickCore/stream.c:1045:9
#10 0x7f1b97a488d6 in PingImage MagickCore/constitute.c:226:9
#11 0x7f1b97a48e98 in PingImages MagickCore/constitute.c:327:10
#12 0x7f1b9729587c in IdentifyImageCommand MagickWand/identify.c:319:18
#13 0x7f1b973175bd in MagickCommandGenesis MagickWand/mogrify.c:183:14
#14 0x4ef157 in MagickMain utilities/magick.c:149:10
#15 0x4ef157 in main utilities/magick.c:180
#16 0x7f1b94a7b82f in __libc_start_main /build/glibc-9tT8Do/glibc-2.23/csu/../csu/libc-start.c:291
Indirect leak of 64 byte(s) in 1 object(s) allocated from:
#0 0x4c286e in __interceptor_posix_memalign (/usr/local/bin/magick+0x4c286e)
#1 0x7f1b97d9bc44 in AcquireSemaphoreMemory MagickCore/semaphore.c:154:7
#2 0x7f1b97d9bc44 in AcquireSemaphoreInfo MagickCore/semaphore.c:200
#3 0x7f1b97bb14da in CloneImage MagickCore/image.c:895:26
#4 0x7f1b97df5571 in FlipImage MagickCore/transform.c:1210:14
#5 0x7f1b97eeec1c in ReadBMPImage coders/bmp.c:1379:23
#6 0x7f1b97a4988e in ReadImage MagickCore/constitute.c:497:13
#7 0x7f1b97dcde5c in ReadStream MagickCore/stream.c:1045:9
#8 0x7f1b97a488d6 in PingImage MagickCore/constitute.c:226:9
#9 0x7f1b97a48e98 in PingImages MagickCore/constitute.c:327:10
#10 0x7f1b9729587c in IdentifyImageCommand MagickWand/identify.c:319:18
#11 0x7f1b973175bd in MagickCommandGenesis MagickWand/mogrify.c:183:14
#12 0x4ef157 in MagickMain utilities/magick.c:149:10
#13 0x4ef157 in main utilities/magick.c:180
#14 0x7f1b94a7b82f in __libc_start_main /build/glibc-9tT8Do/glibc-2.23/csu/../csu/libc-start.c:291
Indirect leak of 64 byte(s) in 1 object(s) allocated from:
#0 0x4c286e in __interceptor_posix_memalign (/usr/local/bin/magick+0x4c286e)
#1 0x7f1b97d9bc44 in AcquireSemaphoreMemory MagickCore/semaphore.c:154:7
#2 0x7f1b97d9bc44 in AcquireSemaphoreInfo MagickCore/semaphore.c:200
#3 0x7f1b97db48c1 in NewSplayTree MagickCore/splay-tree.c:1119:25
#4 0x7f1b97db44a8 in CloneSplayTree MagickCore/splay-tree.c:359:14
#5 0x7f1b97c18ee2 in CloneImageOptions MagickCore/option.c:1868:27
#6 0x7f1b97bb5d79 in CloneImageInfo MagickCore/image.c:1007:10
#7 0x7f1b97bb1105 in CloneImage MagickCore/image.c:862:27
#8 0x7f1b97df5571 in FlipImage MagickCore/transform.c:1210:14
#9 0x7f1b97eeec1c in ReadBMPImage coders/bmp.c:1379:23
#10 0x7f1b97a4988e in ReadImage MagickCore/constitute.c:497:13
#11 0x7f1b97dcde5c in ReadStream MagickCore/stream.c:1045:9
#12 0x7f1b97a488d6 in PingImage MagickCore/constitute.c:226:9
#13 0x7f1b97a48e98 in PingImages MagickCore/constitute.c:327:10
#14 0x7f1b9729587c in IdentifyImageCommand MagickWand/identify.c:319:18
#15 0x7f1b973175bd in MagickCommandGenesis MagickWand/mogrify.c:183:14
#16 0x4ef157 in MagickMain utilities/magick.c:149:10
#17 0x4ef157 in main utilities/magick.c:180
#18 0x7f1b94a7b82f in __libc_start_main /build/glibc-9tT8Do/glibc-2.23/csu/../csu/libc-start.c:291
Indirect leak of 64 byte(s) in 1 object(s) allocated from:
#0 0x4c286e in __interceptor_posix_memalign (/usr/local/bin/magick+0x4c286e)
#1 0x7f1b97d9bc44 in AcquireSemaphoreMemory MagickCore/semaphore.c:154:7
#2 0x7f1b97d9bc44 in AcquireSemaphoreInfo MagickCore/semaphore.c:200
#3 0x7f1b979d2d9f in AcquirePixelCache MagickCore/cache.c:226:25
#4 0x7f1b979d3a70 in ClonePixelCache MagickCore/cache.c:418:28
#5 0x7f1b97bb1a4d in CloneImage MagickCore/image.c:917:22
#6 0x7f1b97df5571 in FlipImage MagickCore/transform.c:1210:14
#7 0x7f1b97eeec1c in ReadBMPImage coders/bmp.c:1379:23
#8 0x7f1b97a4988e in ReadImage MagickCore/constitute.c:497:13
#9 0x7f1b97dcde5c in ReadStream MagickCore/stream.c:1045:9
#10 0x7f1b97a488d6 in PingImage MagickCore/constitute.c:226:9
#11 0x7f1b97a48e98 in PingImages MagickCore/constitute.c:327:10
#12 0x7f1b9729587c in IdentifyImageCommand MagickWand/identify.c:319:18
#13 0x7f1b973175bd in MagickCommandGenesis MagickWand/mogrify.c:183:14
#14 0x4ef157 in MagickMain utilities/magick.c:149:10
#15 0x4ef157 in main utilities/magick.c:180
#16 0x7f1b94a7b82f in __libc_start_main /build/glibc-9tT8Do/glibc-2.23/csu/../csu/libc-start.c:291
Indirect leak of 64 byte(s) in 1 object(s) allocated from:
#0 0x4c286e in __interceptor_posix_memalign (/usr/local/bin/magick+0x4c286e)
#1 0x7f1b97d9bc44 in AcquireSemaphoreMemory MagickCore/semaphore.c:154:7
#2 0x7f1b97d9bc44 in AcquireSemaphoreInfo MagickCore/semaphore.c:200
#3 0x7f1b979ba6cc in GetBlobInfo MagickCore/blob.c:1413:24
#4 0x7f1b979ba149 in CloneBlobInfo MagickCore/blob.c:506:3
#5 0x7f1b97bab952 in AcquireImage MagickCore/image.c:209:15
#6 0x7f1b97ee9c54 in ReadBMPImage coders/bmp.c:555:9
#7 0x7f1b97a4988e in ReadImage MagickCore/constitute.c:497:13
#8 0x7f1b97dcde5c in ReadStream MagickCore/stream.c:1045:9
#9 0x7f1b97a488d6 in PingImage MagickCore/constitute.c:226:9
#10 0x7f1b97a48e98 in PingImages MagickCore/constitute.c:327:10
#11 0x7f1b9729587c in IdentifyImageCommand MagickWand/identify.c:319:18
#12 0x7f1b973175bd in MagickCommandGenesis MagickWand/mogrify.c:183:14
#13 0x4ef157 in MagickMain utilities/magick.c:149:10
#14 0x4ef157 in main utilities/magick.c:180
#15 0x7f1b94a7b82f in __libc_start_main /build/glibc-9tT8Do/glibc-2.23/csu/../csu/libc-start.c:291
Indirect leak of 64 byte(s) in 1 object(s) allocated from:
#0 0x4c286e in __interceptor_posix_memalign (/usr/local/bin/magick+0x4c286e)
#1 0x7f1b97d9bc44 in AcquireSemaphoreMemory MagickCore/semaphore.c:154:7
#2 0x7f1b97d9bc44 in AcquireSemaphoreInfo MagickCore/semaphore.c:200
#3 0x7f1b979d2dec in AcquirePixelCache MagickCore/cache.c:228:30
#4 0x7f1b97dcdc56 in ReadStream MagickCore/stream.c:1027:20
#5 0x7f1b97a488d6 in PingImage MagickCore/constitute.c:226:9
#6 0x7f1b97a48e98 in PingImages MagickCore/constitute.c:327:10
#7 0x7f1b9729587c in IdentifyImageCommand MagickWand/identify.c:319:18
#8 0x7f1b973175bd in MagickCommandGenesis MagickWand/mogrify.c:183:14
#9 0x4ef157 in MagickMain utilities/magick.c:149:10
#10 0x4ef157 in main utilities/magick.c:180
#11 0x7f1b94a7b82f in __libc_start_main /build/glibc-9tT8Do/glibc-2.23/csu/../csu/libc-start.c:291
Indirect leak of 64 byte(s) in 1 object(s) allocated from:
#0 0x4c286e in __interceptor_posix_memalign (/usr/local/bin/magick+0x4c286e)
#1 0x7f1b97d9bc44 in AcquireSemaphoreMemory MagickCore/semaphore.c:154:7
#2 0x7f1b97d9bc44 in AcquireSemaphoreInfo MagickCore/semaphore.c:200
#3 0x7f1b979d2d9f in AcquirePixelCache MagickCore/cache.c:226:25
#4 0x7f1b97dcdc56 in ReadStream MagickCore/stream.c:1027:20
#5 0x7f1b97a488d6 in PingImage MagickCore/constitute.c:226:9
#6 0x7f1b97a48e98 in PingImages MagickCore/constitute.c:327:10
#7 0x7f1b9729587c in IdentifyImageCommand MagickWand/identify.c:319:18
#8 0x7f1b973175bd in MagickCommandGenesis MagickWand/mogrify.c:183:14
#9 0x4ef157 in MagickMain utilities/magick.c:149:10
#10 0x4ef157 in main utilities/magick.c:180
#11 0x7f1b94a7b82f in __libc_start_main /build/glibc-9tT8Do/glibc-2.23/csu/../csu/libc-start.c:291
Indirect leak of 64 byte(s) in 1 object(s) allocated from:
#0 0x4c286e in __interceptor_posix_memalign (/usr/local/bin/magick+0x4c286e)
#1 0x7f1b97d9bc44 in AcquireSemaphoreMemory MagickCore/semaphore.c:154:7
#2 0x7f1b97d9bc44 in AcquireSemaphoreInfo MagickCore/semaphore.c:200
#3 0x7f1b979d2dec in AcquirePixelCache MagickCore/cache.c:228:30
#4 0x7f1b979d3a70 in ClonePixelCache MagickCore/cache.c:418:28
#5 0x7f1b97bb1a4d in CloneImage MagickCore/image.c:917:22
#6 0x7f1b97df5571 in FlipImage MagickCore/transform.c:1210:14
#7 0x7f1b97eeec1c in ReadBMPImage coders/bmp.c:1379:23
#8 0x7f1b97a4988e in ReadImage MagickCore/constitute.c:497:13
#9 0x7f1b97dcde5c in ReadStream MagickCore/stream.c:1045:9
#10 0x7f1b97a488d6 in PingImage MagickCore/constitute.c:226:9
#11 0x7f1b97a48e98 in PingImages MagickCore/constitute.c:327:10
#12 0x7f1b9729587c in IdentifyImageCommand MagickWand/identify.c:319:18
#13 0x7f1b973175bd in MagickCommandGenesis MagickWand/mogrify.c:183:14
#14 0x4ef157 in MagickMain utilities/magick.c:149:10
#15 0x4ef157 in main utilities/magick.c:180
#16 0x7f1b94a7b82f in __libc_start_main /build/glibc-9tT8Do/glibc-2.23/csu/../csu/libc-start.c:291
Indirect leak of 64 byte(s) in 1 object(s) allocated from:
#0 0x4c286e in __interceptor_posix_memalign (/usr/local/bin/magick+0x4c286e)
#1 0x7f1b97bf4de2 in AcquireAlignedMemory MagickCore/memory.c:261:7
#2 0x7f1b979d307c in AcquirePixelCacheNexus MagickCore/cache.c:264:29
#3 0x7f1b979d2c82 in AcquirePixelCache MagickCore/cache.c:211:26
#4 0x7f1b97dcdc56 in ReadStream MagickCore/stream.c:1027:20
#5 0x7f1b97a488d6 in PingImage MagickCore/constitute.c:226:9
#6 0x7f1b97a48e98 in PingImages MagickCore/constitute.c:327:10
#7 0x7f1b9729587c in IdentifyImageCommand MagickWand/identify.c:319:18
#8 0x7f1b973175bd in MagickCommandGenesis MagickWand/mogrify.c:183:14
#9 0x4ef157 in MagickMain utilities/magick.c:149:10
#10 0x4ef157 in main utilities/magick.c:180
#11 0x7f1b94a7b82f in __libc_start_main /build/glibc-9tT8Do/glibc-2.23/csu/../csu/libc-start.c:291
Indirect leak of 46 byte(s) in 1 object(s) allocated from:
#0 0x4c1db3 in malloc (/usr/local/bin/magick+0x4c1db3)
#1 0x7f1b97de587d in ConstantString MagickCore/string.c:701:26
#2 0x7f1b97db45d5 in CloneSplayTree MagickCore/splay-tree.c:372:7
#3 0x7f1b97c18ee2 in CloneImageOptions MagickCore/option.c:1868:27
#4 0x7f1b97bb5d79 in CloneImageInfo MagickCore/image.c:1007:10
#5 0x7f1b97bb1105 in CloneImage MagickCore/image.c:862:27
#6 0x7f1b97df5571 in FlipImage MagickCore/transform.c:1210:14
#7 0x7f1b97eeec1c in ReadBMPImage coders/bmp.c:1379:23
#8 0x7f1b97a4988e in ReadImage MagickCore/constitute.c:497:13
#9 0x7f1b97dcde5c in ReadStream MagickCore/stream.c:1045:9
#10 0x7f1b97a488d6 in PingImage MagickCore/constitute.c:226:9
#11 0x7f1b97a48e98 in PingImages MagickCore/constitute.c:327:10
#12 0x7f1b9729587c in IdentifyImageCommand MagickWand/identify.c:319:18
#13 0x7f1b973175bd in MagickCommandGenesis MagickWand/mogrify.c:183:14
#14 0x4ef157 in MagickMain utilities/magick.c:149:10
#15 0x4ef157 in main utilities/magick.c:180
#16 0x7f1b94a7b82f in __libc_start_main /build/glibc-9tT8Do/glibc-2.23/csu/../csu/libc-start.c:291
Indirect leak of 32 byte(s) in 1 object(s) allocated from:
#0 0x4c1db3 in malloc (/usr/local/bin/magick+0x4c1db3)
#1 0x7f1b97db359a in AddValueToSplayTree MagickCore/splay-tree.c:188:21
#2 0x7f1b97db45e3 in CloneSplayTree MagickCore/splay-tree.c:371:12
#3 0x7f1b97c18ee2 in CloneImageOptions MagickCore/option.c:1868:27
#4 0x7f1b97bb5d79 in CloneImageInfo MagickCore/image.c:1007:10
#5 0x7f1b97bb1105 in CloneImage MagickCore/image.c:862:27
#6 0x7f1b97df5571 in FlipImage MagickCore/transform.c:1210:14
#7 0x7f1b97eeec1c in ReadBMPImage coders/bmp.c:1379:23
#8 0x7f1b97a4988e in ReadImage MagickCore/constitute.c:497:13
#9 0x7f1b97dcde5c in ReadStream MagickCore/stream.c:1045:9
#10 0x7f1b97a488d6 in PingImage MagickCore/constitute.c:226:9
#11 0x7f1b97a48e98 in PingImages MagickCore/constitute.c:327:10
#12 0x7f1b9729587c in IdentifyImageCommand MagickWand/identify.c:319:18
#13 0x7f1b973175bd in MagickCommandGenesis MagickWand/mogrify.c:183:14
#14 0x4ef157 in MagickMain utilities/magick.c:149:10
#15 0x4ef157 in main utilities/magick.c:180
#16 0x7f1b94a7b82f in __libc_start_main /build/glibc-9tT8Do/glibc-2.23/csu/../csu/libc-start.c:291
Indirect leak of 9 byte(s) in 1 object(s) allocated from:
#0 0x4c1db3 in malloc (/usr/local/bin/magick+0x4c1db3)
#1 0x7f1b97de587d in ConstantString MagickCore/string.c:701:26
#2 0x7f1b97db45a2 in CloneSplayTree MagickCore/splay-tree.c:371:43
#3 0x7f1b97c18ee2 in CloneImageOptions MagickCore/option.c:1868:27
#4 0x7f1b97bb5d79 in CloneImageInfo MagickCore/image.c:1007:10
#5 0x7f1b97bb1105 in CloneImage MagickCore/image.c:862:27
#6 0x7f1b97df5571 in FlipImage MagickCore/transform.c:1210:14
#7 0x7f1b97eeec1c in ReadBMPImage coders/bmp.c:1379:23
#8 0x7f1b97a4988e in ReadImage MagickCore/constitute.c:497:13
#9 0x7f1b97dcde5c in ReadStream MagickCore/stream.c:1045:9
#10 0x7f1b97a488d6 in PingImage MagickCore/constitute.c:226:9
#11 0x7f1b97a48e98 in PingImages MagickCore/constitute.c:327:10
#12 0x7f1b9729587c in IdentifyImageCommand MagickWand/identify.c:319:18
#13 0x7f1b973175bd in MagickCommandGenesis MagickWand/mogrify.c:183:14
#14 0x4ef157 in MagickMain utilities/magick.c:149:10
#15 0x4ef157 in main utilities/magick.c:180
#16 0x7f1b94a7b82f in __libc_start_main /build/glibc-9tT8Do/glibc-2.23/csu/../csu/libc-start.c:291
46511 byte(s) leaked in 22 allocation(s).
testcase:https://github.com/birdg0/poc/blob/master/ImageMagicK/leak-fcd4138d423f1e98d5111d52c9eadeae4a02810e
Author: bird@TSRC