heap-buffer-overflow READ json
=================================================================
==13039==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x62a000016840 at pc 0x0000006869f0 bp 0x7ffda0c438c0 sp 0x7ffda0c438b0
READ of size 4 at 0x62a000016840 thread T0
#0 0x6869ef in GetImageDepth._omp_fn.2 MagickCore/attribute.c:491
#1 0x7f85027a8cbe in GOMP_parallel (/usr/lib/x86_64-linux-gnu/libgomp.so.1+0xbcbe)
#2 0x682db8 in GetImageDepth MagickCore/attribute.c:446
#3 0x5565bd in EncodeImageAttributes coders/json.c:919
#4 0x55ab60 in WriteJSONImage coders/json.c:1616
#5 0x6fdf32 in WriteImage MagickCore/constitute.c:1114
#6 0x6feb74 in WriteImages MagickCore/constitute.c:1333
#7 0x9ef4a5 in ConvertImageCommand MagickWand/convert.c:3280
#8 0xa16fa0 in MagickCommandGenesis MagickWand/mogrify.c:183
#9 0x4049c1 in MagickMain utilities/magick.c:149
#10 0x404ba2 in main utilities/magick.c:180
#11 0x7f8501cb882f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
#12 0x4044d8 in _start (/ImageMagick/utilities/magick+0x4044d8)
The text was updated successfully, but these errors were encountered:
zhouat
changed the title
Heap-buffer-overflow in GetImageDepth._omp_fn.2 MagickCore/attribute.c:491
Heap-buffer-overflow READ in GetImageDepth._omp_fn.2 MagickCore/attribute.c:491
Jul 29, 2017
Fixes are 5095363 and ccc71c1. One of the fixes is for the issue reported and the other one is a similar issue at another place in the same method. This is an IM7 only issue.
Poc link: https://github.com/zhouat/poc_IM/blob/master/heap-buffer-overflow-READ-0x0000006869f0_output_json_1501326140.06.fits
Trigger Command:
AddressSanitizer output:
The text was updated successfully, but these errors were encountered: