-
-
Notifications
You must be signed in to change notification settings - Fork 1.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
assertion failed in ResetImageProfileIterator #500
Comments
Thanks for the problem report. We can reproduce it and will have a patch to fix it in GIT master branch @ https://github.com/ImageMagick/ImageMagick later today. The patch will be available in the beta releases of ImageMagick @ http://www.imagemagick.org/download/beta/ by sometime tomorrow. |
2017-05-28 7.0.5-9 Cristy <quetzlzacatenango@image...> * Release ImageMagick version 7.0.5-9, GIT revision 20113:8b67333:20170528. 2017-05-28 7.0.5-9 Cristy <quetzlzacatenango@image...> * Transient error validating the JPEG-2000 image format (reference ImageMagick/ImageMagick#501). * Properly allocate DCM image colormap (reference https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=32063). 2017-05-26 7.0.5-8 Cristy <quetzlzacatenango@image...> * Release ImageMagick version 7.0.5-8, GIT revision 20099:870a016:20170526. 2017-05-23 7.0.5-8 Cristy <quetzlzacatenango@image...> * Improper allocation of memory for IM instances without threads (reference ImageMagick/ImageMagick#497). * Delete corrupt image from list (reference ImageMagick/ImageMagick#500). 2017-05-19 7.0.5-7 Cristy <quetzlzacatenango@image...> * Release ImageMagick version 7.0.5-7, GIT revision 20078:7ce2d38:20170519. 2017-05-15 7.0.5-7 Cristy <quetzlzacatenango@image...> * Support various image operators for the compare utility (reference https://www.imagemagick.org/discourse-server/viewtopic.php?f=2&t=31938).
This was assigned CVE-2017-9500 |
Upstream changes: 2017-06-10 6.9.8-10 Cristy <quetzlzacatenango@image...> * Release ImageMagick version 6.9.8-10, GIT revision 11637:eb6f363:20170610. 2017-06-10 6.9.8-10 Cristy <quetzlzacatenango@image...> * Introduce SetMagickSecurityPolicy() (MagickCore) and MagickSetSecurityPolicy() (MagickWand) to set the ImageMagick security policy (reference ImageMagick/ImageMagick#407). 2017-06-02 6.9.8-9 Cristy <quetzlzacatenango@image...> * Release ImageMagick version 6.9.8-9, GIT revision 11625:91bb35e:20170602. 2017-06-02 6.9.8-9 Cristy <quetzlzacatenango@image...> * Fix choppy bitmap font rendering (reference https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=32071). * Add support for 'hex:' property. 2017-05-28 6.9.8-8 Cristy <quetzlzacatenango@image...> * Release ImageMagick version 6.9.8-8, GIT revision 11606:8b67333:20170528. 2017-05-28 6.9.8-8 Cristy <quetzlzacatenango@image...> * Transient error validating the JPEG-2000 image format (reference ImageMagick/ImageMagick#501). * Properly allocate DCM image colormap (reference https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=32063). 2017-05-26 6.9.8-7 Cristy <quetzlzacatenango@image...> * Release ImageMagick version 6.9.8-7, GIT revision 11598:07d1dee:20170526. 2017-05-23 6.9.8-7 Cristy <quetzlzacatenango@image...> * Improper allocation of memory for IM instances without threads (reference ImageMagick/ImageMagick#497). * Delete corrupt image from list (reference ImageMagick/ImageMagick#500). 2017-05-19 6.9.8-6 Cristy <quetzlzacatenango@image...> * Release ImageMagick version 6.9.8-6, GIT revision 11590:7ce2d38:20170519. 2017-05-15 6.9.8-6 Cristy <quetzlzacatenango@image...> * Support various image operators for the compare utility (reference https://www.imagemagick.org/discourse-server/viewtopic.php?f=2&t=31938).
Upstream changes: 2017-06-10 6.9.8-10 Cristy <quetzlzacatenango@image...> * Release ImageMagick version 6.9.8-10, GIT revision 11637:eb6f363:20170610. 2017-06-10 6.9.8-10 Cristy <quetzlzacatenango@image...> * Introduce SetMagickSecurityPolicy() (MagickCore) and MagickSetSecurityPolicy() (MagickWand) to set the ImageMagick security policy (reference ImageMagick/ImageMagick#407). 2017-06-02 6.9.8-9 Cristy <quetzlzacatenango@image...> * Release ImageMagick version 6.9.8-9, GIT revision 11625:91bb35e:20170602. 2017-06-02 6.9.8-9 Cristy <quetzlzacatenango@image...> * Fix choppy bitmap font rendering (reference https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=32071). * Add support for 'hex:' property. 2017-05-28 6.9.8-8 Cristy <quetzlzacatenango@image...> * Release ImageMagick version 6.9.8-8, GIT revision 11606:8b67333:20170528. 2017-05-28 6.9.8-8 Cristy <quetzlzacatenango@image...> * Transient error validating the JPEG-2000 image format (reference ImageMagick/ImageMagick#501). * Properly allocate DCM image colormap (reference https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=32063). 2017-05-26 6.9.8-7 Cristy <quetzlzacatenango@image...> * Release ImageMagick version 6.9.8-7, GIT revision 11598:07d1dee:20170526. 2017-05-23 6.9.8-7 Cristy <quetzlzacatenango@image...> * Improper allocation of memory for IM instances without threads (reference ImageMagick/ImageMagick#497). * Delete corrupt image from list (reference ImageMagick/ImageMagick#500). 2017-05-19 6.9.8-6 Cristy <quetzlzacatenango@image...> * Release ImageMagick version 6.9.8-6, GIT revision 11590:7ce2d38:20170519. 2017-05-15 6.9.8-6 Cristy <quetzlzacatenango@image...> * Support various image operators for the compare utility (reference https://www.imagemagick.org/discourse-server/viewtopic.php?f=2&t=31938).
Does it affect imagemagick 6? |
Yes. All patches as a result of IMv7 bug are also applied to IMv6. Recall we intend to maintain IMv6 for a minimum of 10 years. However, any new enhancements are pushed to IMv7 only (e.g. the new -auto-threshold option). |
So this only v7 bug.
Le 9 juillet 2017 00:23:38 GMT+02:00, mikayla-grace <notifications@github.com> a écrit :
…Yes. All patches as a result of IMv7 bug are also applied to IMv6.
Recall we intend to maintain IMv6 for a minimum of 10 years. However,
any new enhancements are pushed to IMv7 only (e.g. the new
-auto-threshold option).
--
You are receiving this because you commented.
Reply to this email directly or view it on GitHub:
#500 (comment)
--
Envoyé de mon appareil Android avec K-9 Mail. Veuillez excuser ma brièveté.
|
Hi bastien,
On Sun, Jul 09, 2017 at 07:55:11AM +0000, bastien-roucaries wrote:
So this only v7 bug.
hmm, now I'm a bit confused, is this sure? Imagemagick 6, contains
```
2017-05-23 6.9.8-7 Cristy <quetzlzacatenango@image...>
* Improper allocation of memory for IM instances without threads (reference
ImageMagick/ImageMagick#497).
* Delete corrupt image from list (reference
ImageMagick/ImageMagick#500).
```
which references this bug.
Regards,
Salvatore
|
@bastien-roucaries and @carnil This not an IM7 only bug. Here is the IM6 commit: 837085e |
Summary: * Improper allocation of memory for IM instances without threads [reference](ImageMagick/ImageMagick#497) * Delete corrupt image from list [reference](ImageMagick/ImageMagick#500) Signed-off-by: Pierre-Yves <pyu@riseup.net> Test Plan: checked `compare`, `convert` and `mogrify` Reviewers: #triage_team, JoshStrobl Reviewed By: #triage_team, JoshStrobl Subscribers: kyrios123 Differential Revision: https://dev.solus-project.com/D240
on Version: ImageMagick 7.0.5-8 Q16
A crafted file revealed an assertion failure in profile.c.
testcase : https://github.com/bestshow/p0cs/blob/master/assertion-failed-in-ResetImageProfileIterator-profile1303_7.0.5-8_Q16
Credit : ADLab of Venustech
The text was updated successfully, but these errors were encountered: