Closed
Description
root@ubuntu:/home/hjy/Desktop# convert oom-format8BIM /dev/null
==8638==ERROR: AddressSanitizer failed to allocate 0x72e8d000 (1927860224) bytes of LargeMmapAllocator: 12
==8638==Process memory map follows:
0x08048000-0x0971a000 /usr/local/bin/magick
0x0971a000-0x0971b000 /usr/local/bin/magick
0x0971b000-0x097a5000 /usr/local/bin/magick
0x097a5000-0x097a9000
0x1ffff000-0x24000000
0x24000000-0x28000000
0x28000000-0x40000000
0xb1f00000-0xb2000000
0xb2100000-0xb2200000
0xb2300000-0xb2400000
0xb2500000-0xb2600000
0xb2700000-0xb2800000
0xb2900000-0xb2a00000
0xb2b00000-0xb2c00000
0xb2d00000-0xb2e00000
0xb2f00000-0xb3000000
0xb3100000-0xb3200000
0xb3300000-0xb3400000
0xb3500000-0xb3600000
0xb3700000-0xb3800000
0xb3900000-0xb3a00000
0xb3b00000-0xb3c00000
0xb3d00000-0xb3e00000
0xb3f00000-0xb4100000 /usr/lib/locale/locale-archive
0xb4100000-0xb4200000
0xb4300000-0xb4400000
0xb4500000-0xb4600000
0xb4700000-0xb4800000
0xb4900000-0xb4a00000
0xb4b00000-0xb4c00000
0xb4d00000-0xb4e00000
0xb4f00000-0xb5000000
0xb5100000-0xb5200000
0xb5300000-0xb5400000
0xb5500000-0xb5600000
0xb5700000-0xb5800000
0xb5900000-0xb5a00000
0xb5abb000-0xb5c10000
0xb5c10000-0xb5c50000
0xb5c50000-0xb5c51000 /usr/lib/locale/locale-archive
0xb5c51000-0xb6e07000
0xb6e07000-0xb6e2b000 /lib/i386-linux-gnu/liblzma.so.5.0.0
0xb6e2b000-0xb6e2c000 /lib/i386-linux-gnu/liblzma.so.5.0.0
0xb6e2c000-0xb6e2d000 /lib/i386-linux-gnu/liblzma.so.5.0.0
0xb6e2d000-0xb6e30000 /lib/i386-linux-gnu/libdl-2.19.so
0xb6e30000-0xb6e31000 /lib/i386-linux-gnu/libdl-2.19.so
0xb6e31000-0xb6e32000 /lib/i386-linux-gnu/libdl-2.19.so
0xb6e32000-0xb6fdb000 /lib/i386-linux-gnu/libc-2.19.so
0xb6fdb000-0xb6fdd000 /lib/i386-linux-gnu/libc-2.19.so
0xb6fdd000-0xb6fde000 /lib/i386-linux-gnu/libc-2.19.so
0xb6fde000-0xb6fe1000
0xb6fe1000-0xb6ff9000 /lib/i386-linux-gnu/libpthread-2.19.so
0xb6ff9000-0xb6ffa000 /lib/i386-linux-gnu/libpthread-2.19.so
0xb6ffa000-0xb6ffb000 /lib/i386-linux-gnu/libpthread-2.19.so
0xb6ffb000-0xb6ffd000
0xb6ffd000-0xb7018000 /lib/i386-linux-gnu/libgcc_s.so.1
0xb7018000-0xb7019000 /lib/i386-linux-gnu/libgcc_s.so.1
0xb7019000-0xb701a000 /lib/i386-linux-gnu/libgcc_s.so.1
0xb701a000-0xb701b000
0xb701b000-0xb705f000 /lib/i386-linux-gnu/libm-2.19.so
0xb705f000-0xb7060000 /lib/i386-linux-gnu/libm-2.19.so
0xb7060000-0xb7061000 /lib/i386-linux-gnu/libm-2.19.so
0xb7061000-0xb708f000 /usr/lib/i386-linux-gnu/libgomp.so.1.0.0
0xb708f000-0xb7090000 /usr/lib/i386-linux-gnu/libgomp.so.1.0.0
0xb7090000-0xb7091000 /usr/lib/i386-linux-gnu/libgomp.so.1.0.0
0xb7091000-0xb70a9000 /lib/i386-linux-gnu/libz.so.1.2.8
0xb70a9000-0xb70aa000 /lib/i386-linux-gnu/libz.so.1.2.8
0xb70aa000-0xb70ab000 /lib/i386-linux-gnu/libz.so.1.2.8
0xb70ab000-0xb7200000 /usr/lib/i386-linux-gnu/libxml2.so.2.9.1
0xb7200000-0xb7201000 /usr/lib/i386-linux-gnu/libxml2.so.2.9.1
0xb7201000-0xb7205000 /usr/lib/i386-linux-gnu/libxml2.so.2.9.1
0xb7205000-0xb7206000 /usr/lib/i386-linux-gnu/libxml2.so.2.9.1
0xb7206000-0xb7207000
0xb7207000-0xb722d000 /lib/i386-linux-gnu/libpng12.so.0.50.0
0xb722d000-0xb722e000 /lib/i386-linux-gnu/libpng12.so.0.50.0
0xb722e000-0xb722f000 /lib/i386-linux-gnu/libpng12.so.0.50.0
0xb722f000-0xb7230000
0xb7230000-0xb7279000 /usr/lib/i386-linux-gnu/libjpeg.so.8.0.2
0xb7279000-0xb727a000 /usr/lib/i386-linux-gnu/libjpeg.so.8.0.2
0xb727a000-0xb727b000 /usr/lib/i386-linux-gnu/libjpeg.so.8.0.2
0xb727b000-0xb728b000
0xb728b000-0xb732a000 /usr/lib/i386-linux-gnu/libasan.so.1.0.0
0xb732a000-0xb732c000 /usr/lib/i386-linux-gnu/libasan.so.1.0.0
0xb732c000-0xb732d000 /usr/lib/i386-linux-gnu/libasan.so.1.0.0
0xb732d000-0xb7786000
0xb7786000-0xb779c000
0xb779c000-0xb779d000 [vdso]
0xb779d000-0xb77bd000 /lib/i386-linux-gnu/ld-2.19.so
0xb77bd000-0xb77be000 /lib/i386-linux-gnu/ld-2.19.so
0xb77be000-0xb77bf000 /lib/i386-linux-gnu/ld-2.19.so
0xbfa59000-0xbfa7a000 [stack]
==8638==End of process memory map.
==8638==AddressSanitizer CHECK failed: ../../../../src/libsanitizer/sanitizer_common/sanitizer_posix.cc:66 "(("unable to mmap" && 0)) != (0)" (0x0, 0x0)
#0 0xb72df4c1 (/usr/lib/i386-linux-gnu/libasan.so.1+0x544c1)
#1 0xb72e36a9 in __sanitizer::CheckFailed(char const*, int, char const*, unsigned long long, unsigned long long) (/usr/lib/i386-linux-gnu/libasan.so.1+0x586a9)
#2 0xb72e8e22 (/usr/lib/i386-linux-gnu/libasan.so.1+0x5de22)
#3 0xb72a399b (/usr/lib/i386-linux-gnu/libasan.so.1+0x1899b)
#4 0xb72a4488 (/usr/lib/i386-linux-gnu/libasan.so.1+0x19488)
#5 0xb72d984a in __interceptor_malloc (/usr/lib/i386-linux-gnu/libasan.so.1+0x4e84a)
#6 0x83de42c in format8BIM coders/meta.c:2184
#7 0x83e285c in WriteMETAImage coders/meta.c:2315
#8 0x88c579f in WriteImage MagickCore/constitute.c:1114
#9 0x88c733a in WriteImages MagickCore/constitute.c:1333
#10 0x8ed049c in ConvertImageCommand MagickWand/convert.c:3280
#11 0x8fd1411 in MagickCommandGenesis MagickWand/mogrify.c:183
#12 0x80775f2 in MagickMain utilities/magick.c:149
#13 0x805791a in main utilities/magick.c:180
#14 0xb6e4ba82 in __libc_start_main (/lib/i386-linux-gnu/libc.so.6+0x19a82)
#15 0x8076c5a (/usr/local/bin/magick+0x8076c5a)
```POC https://github.com/whiteHat001/FUZZ_POC/blob/master/oom-format8BIM