Crash in ImageMagick write palm format image #560
Labels
Comments
|
Can you add the output from the AddressSanitizer? Make sure you remove the # 1 parts because you will otherwise reference issues. |
|
@dlemstra I'm compiler this execute file with ASAN but it had not output any crash detail (and using valgrind too ) ,so I can't provide valuable information . |
|
Thanks for the problem report. We can reproduce it and will have a patch to fix it in GIT master branch @ https://github.com/ImageMagick/ImageMagick later today. The patch will be available in the beta releases of ImageMagick @ http://www.imagemagick.org/download/beta/ by sometime tomorrow. |
dlemstra
pushed a commit
that referenced
this issue
Jul 16, 2017
dlemstra
pushed a commit
that referenced
this issue
Jul 16, 2017
|
This is CVE-2017-11537 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Crash Link : https://raw.githubusercontent.com/lcatro/My_PoC/master/ImageMagick/FPE--0x7eff23c45e38_output_palm_1500208096.66
Trigger Command : ./magick convert FPE--0x7eff23c45e38_output_palm_1500208096.66 output.palm
Crash Detail :
fuzzing@ubuntu:~/fuzzing/ImageMagick/utilities$ ./magick convert all_fuzzing_format_2017_7_16_5_13_10/crash/FPE--0x7eff23c45e38_output_palm_1500208096.66 output.palm
Aborted (core dumped)
The text was updated successfully, but these errors were encountered: