Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Version: ImageMagick 7.0.6-6 Q16 x86_64
A memory exhaustion vulnerability was found in function ReadWPGImage, which allow attackers to cause a denial of service via a crafted file.
#./identify $FILE ==14664==WARNING: AddressSanitizer failed to allocate 0xb000000000058 bytes #0 0x4e951f in __asan::AsanCheckFailed(char const*, int, char const*, unsigned long long, unsigned long long) asan_rtl.cc:69 #1 0x500dd5 in __sanitizer::CheckFailed(char const*, int, char const*, unsigned long long, unsigned long long) sanitizer_termination.cc:79 #2 0x4edac2 in __sanitizer::ReportAllocatorCannotReturnNull(bool) sanitizer_allocator.cc:221 #3 0x426a5f in __sanitizer::CombinedAllocator<__sanitizer::SizeClassAllocator64<__asan::AP64>, __sanitizer::SizeClassAllocatorLocalCache<__sanitizer::SizeClassAllocator64<__asan::AP64> >, __sanitizer::LargeMmapAllocator<__asan::AsanMapUnmapCallback> >::ReturnNullOrDieOnBadRequest() sanitizer_allocator_combined.h:88 #4 0x426a5f in __asan::Allocator::Allocate(unsigned long, unsigned long, __sanitizer::BufferedStackTrace*, __asan::AllocType, bool) asan_allocator.cc:398 #5 0x4def59 in __interceptor_malloc asan_malloc_linux.cc:67 #6 0x7fed78eb8566 in AcquireMagickMemory memory.c:464:10 #7 0x7fed78eb85c8 in AcquireQuantumMemory memory.c:537:10 #8 0x7fed78c57d9c in AcquireImageColormap colormap.c:119:35 #9 0x7fed7947cf78 in ReadWPGImage wpg.c:1131:24 #10 0x7fed78c92a68 in ReadImage constitute.c:497:13 #11 0x7fed7902bf59 in ReadStream stream.c:1045:9 #12 0x7fed78c9160f in PingImage constitute.c:226:9 #13 0x7fed78c91db3 in PingImages constitute.c:327:10 #14 0x7fed783cc596 in IdentifyImageCommand identify.c:319:18 #15 0x7fed7848a2af in MagickCommandGenesis mogrify.c:183:14 #16 0x514a47 in MagickMain magick.c:149:10 #17 0x5144a1 in main magick.c:180:10 #18 0x7fed723d3f44 in __libc_start_main (libc.so.6+0x21f44) #19 0x41b4fb in _start (lt-magick+0x41b4fb)
POC: https://github.com/jgj212/poc/blob/master/oom-ReadWPGImage Credit: ADLab of Venustech
The text was updated successfully, but these errors were encountered:
Thanks for the problem report. We can reproduce it and will have a patch to fix it in GIT master branch @ https://github.com/ImageMagick/ImageMagick later today. The patch will be available in the beta releases of ImageMagick @ http://www.imagemagick.org/download/beta/ by sometime tomorrow.
Sorry, something went wrong.
https://github.com/ImageMagick/ImageMagick/issues/650
6d5b22b
IM7 commit: 4e378ea
This was assigned CVE-2017-14342.
No branches or pull requests
Version: ImageMagick 7.0.6-6 Q16 x86_64
A memory exhaustion vulnerability was found in function ReadWPGImage, which allow attackers to cause a denial of service via a crafted file.
POC: https://github.com/jgj212/poc/blob/master/oom-ReadWPGImage
Credit: ADLab of Venustech
The text was updated successfully, but these errors were encountered: