The ReadSVGImage function in svg.c:3273 allows attackers to cause a denial of service (memory leak) via a crafted file.
#./convert $FILE OUT.png
=================================================================
==27773==ERROR: detected memory leaks
Direct leak of 1080 byte(s) in 1 object(s) allocated from:
#0 0x4eb9c6 in __interceptor_malloc /home/test/Downloads/llvm-clang/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cc:66
#1 0xf00642 in CloneDrawInfo /home/test/Downloads/IM-afl/ImageMagick-master/MagickCore/draw.c:252:27
#2 0xdeb41c in ReadImage /home/test/Downloads/IM-afl/ImageMagick-master/MagickCore/constitute.c:497:13
#3 0xae37fd in ReadSVGImage /home/test/Downloads/IM-afl/ImageMagick-master/coders/svg.c:3273:13
#4 0xdeb41c in ReadImage /home/test/Downloads/IM-afl/ImageMagick-master/MagickCore/constitute.c:497:13
#5 0xdef98d in ReadImages /home/test/Downloads/IM-afl/ImageMagick-master/MagickCore/constitute.c:866:9
#6 0x1563cf7 in ConvertImageCommand /home/test/Downloads/IM-afl/ImageMagick-master/MagickWand/convert.c:641:18
#7 0x173f78a in MagickCommandGenesis /home/test/Downloads/IM-afl/ImageMagick-master/MagickWand/mogrify.c:183:14
#8 0x521f3d in MagickMain /home/test/Downloads/IM-afl/ImageMagick-master/utilities/magick.c:149:10
#9 0x521f3d in main /home/test/Downloads/IM-afl/ImageMagick-master/utilities/magick.c:180
#10 0x7fd030ab1b34 in __libc_start_main /usr/src/debug/glibc-2.17-c758a686/csu/../csu/libc-start.c:274
SUMMARY: 1080 byte(s) leaked in 1 allocation(s).
Version: ImageMagick 7.0.6-2 Q16 x86_64
The ReadSVGImage function in svg.c:3273 allows attackers to cause a denial of service (memory leak) via a crafted file.
testcase : https://github.com/bestshow/p0cs/blob/master/memory_leak_in_ReadSVGImage.svg
Credit : ADLab of Venustech
The text was updated successfully, but these errors were encountered: