You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The ReadSVGImage function in svg.c:3273 allows attackers to cause a denial of service (memory leak) via a crafted file.
#./convert $FILE OUT.png
=================================================================
==27773==ERROR: detected memory leaks
Direct leak of 1080 byte(s) in 1 object(s) allocated from:
#0 0x4eb9c6 in __interceptor_malloc /home/test/Downloads/llvm-clang/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cc:66
#1 0xf00642 in CloneDrawInfo /home/test/Downloads/IM-afl/ImageMagick-master/MagickCore/draw.c:252:27
#2 0xdeb41c in ReadImage /home/test/Downloads/IM-afl/ImageMagick-master/MagickCore/constitute.c:497:13
#3 0xae37fd in ReadSVGImage /home/test/Downloads/IM-afl/ImageMagick-master/coders/svg.c:3273:13
#4 0xdeb41c in ReadImage /home/test/Downloads/IM-afl/ImageMagick-master/MagickCore/constitute.c:497:13
#5 0xdef98d in ReadImages /home/test/Downloads/IM-afl/ImageMagick-master/MagickCore/constitute.c:866:9
#6 0x1563cf7 in ConvertImageCommand /home/test/Downloads/IM-afl/ImageMagick-master/MagickWand/convert.c:641:18
#7 0x173f78a in MagickCommandGenesis /home/test/Downloads/IM-afl/ImageMagick-master/MagickWand/mogrify.c:183:14
#8 0x521f3d in MagickMain /home/test/Downloads/IM-afl/ImageMagick-master/utilities/magick.c:149:10
#9 0x521f3d in main /home/test/Downloads/IM-afl/ImageMagick-master/utilities/magick.c:180
#10 0x7fd030ab1b34 in __libc_start_main /usr/src/debug/glibc-2.17-c758a686/csu/../csu/libc-start.c:274
SUMMARY: 1080 byte(s) leaked in 1 allocation(s).
Version: ImageMagick 7.0.6-2 Q16 x86_64
The ReadSVGImage function in svg.c:3273 allows attackers to cause a denial of service (memory leak) via a crafted file.
testcase : https://github.com/bestshow/p0cs/blob/master/memory_leak_in_ReadSVGImage.svg
Credit : ADLab of Venustech
The text was updated successfully, but these errors were encountered: