New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Heap-Overflow in GetPixelLuma() MagickCore/pixel-accessor.h #588
Comments
|
Thanks for the problem report. We can reproduce it and will have a patch to fix it in GIT master branch @ https://github.com/ImageMagick/ImageMagick later today. The patch will be available in the beta releases of ImageMagick @ http://www.imagemagick.org/download/beta/ by sometime tomorrow. |
|
Hello @mikayla-grace @dlemstra ,this heap-overflow fix incomplete , plaese reproduct my sample file : https://raw.githubusercontent.com/lcatro/Fuzzing-ImageMagick/master/ImageMagick_crash/heap-buffer-overflow-READ-0x7f78da4c320e_output_cip_1501014029.08 |
|
Thanks for the problem report. We can reproduce it and will have a patch to fix it in GIT master branch @ https://github.com/ImageMagick/ImageMagick later today. The patch will be available in the beta releases of ImageMagick @ http://www.imagemagick.org/download/beta/ by sometime tomorrow. |
|
This CVE-2017-11639 |
Crash Link : https://raw.githubusercontent.com/lcatro/My_PoC/master/ImageMagick/heap-overflow_output_cip_READ_GetPixelLuma
Trigger Command : ./magick convert heap-overflow_output_cip_READ_GetPixelLuma output.cip
Crash Detail :
The text was updated successfully, but these errors were encountered: