New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Memory-Leak in libMagickCore-6.Q16.so.5 #624
Comments
|
Can you specify the version of ImageMagick that you used to produce this issue? And can you reproduce the issue with the latest version using our git repository? |
|
I install ImageMagick by command: git clone --depth=50 --branch=ImageMagick-6 https://github.com/ImageMagick/ImageMagick.git ImageMagick/ImageMagick |
|
Version: ImageMagick 6.9.9-4 Q16 x86_64 |
|
Thanks for the problem report. We can reproduce it and will have a patch to fix it in GIT master branch @ https://github.com/ImageMagick/ImageMagick later today. The patch will be available in the beta releases of ImageMagick @ http://www.imagemagick.org/download/beta/ by sometime tomorrow. |
|
Cold you open a CVE ? https://cveform.mitre.org/ |
|
Of course yes |
Fix for ImageMagick#624 introduced a race condition on the else branch, leading to a FTBFS: libtool: compile: gcc -DHAVE_CONFIG_H -I. -I../.. -I./config -I. -I../.. -Wdate-time -D_FORTIFY_SOURCE=2 -DMAGICKCORE_HDRI_ENABLE=0 -DMAGICKCORE_QUANTUM_DEPTH=16 -I/usr/include/X11 -I/usr/include/libxml2 -I/usr/include/libpng16 -I/usr/include/pango-1.0 -I/usr/include/harfbuzz -I/usr/include/pango-1.0 -I/usr/include/cairo -I/usr/include/glib-2.0 -I/usr/lib/x86_64-linux-gnu/glib-2.0/include -I/usr/include/pixman-1 -I/usr/include/freetype2 -I/usr/include/libpng16 -I/usr/include/OpenEXR -I/usr/include/lqr-1 -I/usr/include/glib-2.0 -I/usr/lib/x86_64-linux-gnu/glib-2.0/include -I/usr/include/freetype2 -I/usr/include/freetype2 -pthread -fopenmp -g -O2 -fdebug-prefix-map=/<<BUILDDIR>>/imagemagick-6.9.7.4+dfsg=. -fstack-protector-strong -Wformat -Werror=format-security -Wall -fexceptions -pthread -DMAGICKCORE_HDRI_ENABLE=0 -DMAGICKCORE_QUANTUM_DEPTH=16 -c ../../coders/mat.c -fPIC -DPIC -o coders/.libs/coders_mat_la-mat.o ../../coders/mat.c: In function ‘ReadMATImage’: ../../coders/mat.c:1372:3: error: ‘else’ without a previous ‘if’ else ^~~~ Makefile:7883: recipe for target 'coders/coders_mat_la-mat.lo' failed https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870047
Fix for ImageMagick#624 introduced a race condition on the else branch, leading to a FTBFS: libtool: compile: gcc -DHAVE_CONFIG_H -I. -I../.. -I./config -I. -I../.. -Wdate-time -D_FORTIFY_SOURCE=2 -DMAGICKCORE_HDRI_ENABLE=0 -DMAGICKCORE_QUANTUM_DEPTH=16 -I/usr/include/X11 -I/usr/include/libxml2 -I/usr/include/libpng16 -I/usr/include/pango-1.0 -I/usr/include/harfbuzz -I/usr/include/pango-1.0 -I/usr/include/cairo -I/usr/include/glib-2.0 -I/usr/lib/x86_64-linux-gnu/glib-2.0/include -I/usr/include/pixman-1 -I/usr/include/freetype2 -I/usr/include/libpng16 -I/usr/include/OpenEXR -I/usr/include/lqr-1 -I/usr/include/glib-2.0 -I/usr/lib/x86_64-linux-gnu/glib-2.0/include -I/usr/include/freetype2 -I/usr/include/freetype2 -pthread -fopenmp -g -O2 -fdebug-prefix-map=/<<BUILDDIR>>/imagemagick-6.9.7.4+dfsg=. -fstack-protector-strong -Wformat -Werror=format-security -Wall -fexceptions -pthread -DMAGICKCORE_HDRI_ENABLE=0 -DMAGICKCORE_QUANTUM_DEPTH=16 -c ../../coders/mat.c -fPIC -DPIC -o coders/.libs/coders_mat_la-mat.o ../../coders/mat.c: In function ‘ReadMATImage’: ../../coders/mat.c:1372:3: error: ‘else’ without a previous ‘if’ else ^~~~ Makefile:7883: recipe for target 'coders/coders_mat_la-mat.lo' failed https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870047
Memory Leak File Link : https://github.com/k0keoyo/im_poc/blob/master/Memory-Leak-27_output_braille_1501166004.7
Trigger Command : ./convert Memory-Leak-27_output_braille_1501166004.7 output.png
Leak Detail :
root@ubuntu:/home/sh1/ImageMagick/ImageMagick/utilities# ./convert Memory-Leak-27_output_braille_1501166004.7 output.png
=================================================================
==5550==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 50376 byte(s) in 3 object(s) allocated from:
#0 0x4bc322 (/home/sh1/ImageMagick/ImageMagick/utilities/.libs/lt-convert+0x4bc322)
#1 0x7f48c4349720 (/home/sh1/ImageMagick/ImageMagick/magick/.libs/libMagickCore-6.Q16.so.5+0x471720)
#2 0x7f48c4215ed0 (/home/sh1/ImageMagick/ImageMagick/magick/.libs/libMagickCore-6.Q16.so.5+0x33ded0)
#3 0x7f48c42180ac (/home/sh1/ImageMagick/ImageMagick/magick/.libs/libMagickCore-6.Q16.so.5+0x3400ac)
#4 0x7f48c3a4023d (/home/sh1/ImageMagick/ImageMagick/wand/.libs/libMagickWand-6.Q16.so.5+0x13123d)
#5 0x7f48c3b50a13 (/home/sh1/ImageMagick/ImageMagick/wand/.libs/libMagickWand-6.Q16.so.5+0x241a13)
Direct leak of 456 byte(s) in 3 object(s) allocated from:
#0 0x4bc322 (/home/sh1/ImageMagick/ImageMagick/utilities/.libs/lt-convert+0x4bc322)
#1 0x7f48c43e485a (/home/sh1/ImageMagick/ImageMagick/magick/.libs/libMagickCore-6.Q16.so.5+0x50c85a)
#2 0x7f48c4215ed0 (/home/sh1/ImageMagick/ImageMagick/magick/.libs/libMagickCore-6.Q16.so.5+0x33ded0)
#3 0x7f48c42180ac (/home/sh1/ImageMagick/ImageMagick/magick/.libs/libMagickCore-6.Q16.so.5+0x3400ac)
#4 0x7f48c3a4023d (/home/sh1/ImageMagick/ImageMagick/wand/.libs/libMagickWand-6.Q16.so.5+0x13123d)
#5 0x7f48c3b50a13 (/home/sh1/ImageMagick/ImageMagick/wand/.libs/libMagickWand-6.Q16.so.5+0x241a13)
The text was updated successfully, but these errors were encountered: