Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Memory-Leak in AcquireSemaphoreMemory MagickCore/semaphore.c:154 #634

Closed
zhouat opened this issue Jul 30, 2017 · 2 comments
Closed

Memory-Leak in AcquireSemaphoreMemory MagickCore/semaphore.c:154 #634

zhouat opened this issue Jul 30, 2017 · 2 comments
Labels
duplicate

Comments

@zhouat
Copy link

zhouat commented Jul 30, 2017

Poc link :
https://github.com/zhouat/poc_IM/blob/master/Memory-Leak-21_output_picon_1501391824.23

Trigger Command:magick convert Memory-Leak-21_output_picon_1501391824.23 out.picon

...
...

Indirect leak of 64 byte(s) in 1 object(s) allocated from:
    #0 0x7f89eef2d076 in __interceptor_posix_memalign (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x99076)
    #1 0x7f89ee751aa5 in AcquireSemaphoreMemory MagickCore/semaphore.c:154
    #2 0x7f89ee751b61 in AcquireSemaphoreInfo MagickCore/semaphore.c:200
    #3 0x7f89ee4a845a in AcquirePixelCache MagickCore/cache.c:226
    #4 0x7f89ee6324f6 in AcquireImage MagickCore/image.c:206
    #5 0x7f89ee84146a in ReadGIFImage coders/gif.c:996
    #6 0x7f89ee516ed4 in ReadImage MagickCore/constitute.c:497
    #7 0x7f89ee49118b in BlobToImage MagickCore/blob.c:428
    #8 0x7f89ee97cf40 in WritePICONImage coders/xpm.c:689
    #9 0x7f89ee51a032 in WriteImage MagickCore/constitute.c:1114
    #10 0x7f89ee51acae in WriteImages MagickCore/constitute.c:1333
    #11 0x7f89ede735cf in ConvertImageCommand MagickWand/convert.c:3280
    #12 0x7f89edef370b in MagickCommandGenesis MagickWand/mogrify.c:183
    #13 0x4017e1 in MagickMain utilities/magick.c:149
    #14 0x4019c2 in main utilities/magick.c:180
    #15 0x7f89ed71f82f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
@mikayla-grace
Copy link

Unfortunately, we cannot reproduce this problem. Its possible the fix for #631 also fixed this problem as well.

@bastien-roucaries
Copy link

CVE-2017-11755

@dlemstra dlemstra closed this as completed Aug 2, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
duplicate
Milestone
No milestone
Development

No branches or pull requests
4 participants
@bastien-roucaries @zhouat @dlemstra @mikayla-grace