You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The function ResizeMagickMemory in memory.c allows attackers to cause a denial of service (memory leak) via a crafted file.
#./magick identify $FILE
========================================
Direct leak of 4096 byte(s) in 1 object(s) allocated from:
#0 0x4e062d in realloc /home/haojun/Downloads/llvm-clang/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cc:79
#1 0x7f22361abc49 in ResizeMagickMemory /home/haojun/ImageMagick-master/MagickCore/memory.c:1221:9
#2 0x7f22361abc49 in ResizeQuantumMemory /home/haojun/ImageMagick-master/MagickCore/memory.c:1285
#3 0x7f2235e8d154 in ReadImage /home/haojun/ImageMagick-master/MagickCore/constitute.c:497:13
#4 0x7f223657879f in ReadStream /home/haojun/ImageMagick-master/MagickCore/stream.c:1045:9
#5 0x7f2235e8bd07 in PingImage /home/haojun/ImageMagick-master/MagickCore/constitute.c:226:9
#6 0x7f223553b898 in IdentifyImageCommand /home/haojun/ImageMagick-master/MagickWand/identify.c:319:18
#7 0x7f2235621f9b in MagickCommandGenesis /home/haojun/ImageMagick-master/MagickWand/mogrify.c:183:14
#8 0x516867 in MagickMain /home/haojun/ImageMagick-master/utilities/magick.c:149:10
#9 0x516867 in main /home/haojun/ImageMagick-master/utilities/magick.c:180
#10 0x7f222fc60b34 in __libc_start_main /usr/src/debug/glibc-2.17-c758a686/csu/../csu/libc-start.c:274
SUMMARY: 4096 byte(s) leaked in 1 allocation(s).
Version: ImageMagick 7.0.6-1 Q16 x86_64
The function ResizeMagickMemory in memory.c allows attackers to cause a denial of service (memory leak) via a crafted file.
testcase:https://github.com/bestshow/p0cs/blob/master/memory_leak_in_ResizeMagickMemory
Credit : ADLab of Venustech
The text was updated successfully, but these errors were encountered: