The ReadDIBImage function in dib.c allows attackers to cause a denial of service (memory leak) via a small crafted dib file.
#identify $FILE
==16890==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 8 byte(s) in 1 object(s) allocated from:
#0 0x4deea6 in __interceptor_malloc asan_malloc_linux.cc:66
#1 0x7f431c55efd6 in AcquireMagickMemory memory.c:463:10
#2 0x7f431c55f038 in AcquireQuantumMemory memory.c:536:10
#3 0x7f431c8cafd8 in ReadDIBImage dib.c:615:38
#4 0x7f431c339788 in ReadImage constitute.c:497:13
#5 0x7f431c6d24b9 in ReadStream stream.c:1045:9
#6 0x7f431c33832f in PingImage constitute.c:226:9
#7 0x7f431c338ad3 in PingImages constitute.c:327:10
#8 0x7f431ba7e006 in IdentifyImageCommand identify.c:319:18
#9 0x7f431bb3bcdf in MagickCommandGenesis mogrify.c:183:14
#10 0x514a27 in MagickMain magick.c:149:10
#11 0x514481 in main magick.c:180:10
#12 0x7f431637af44 in __libc_start_main libc-start.c:287
Version: ImageMagick 7.0.6-1 Q16 x86_64
The ReadDIBImage function in dib.c allows attackers to cause a denial of service (memory leak) via a small crafted dib file.
testcase:
https://github.com/jgj212/poc/blob/master/memory-leak-ReadDIBImage
Credit: ADLab of Venustech
The text was updated successfully, but these errors were encountered: