Closed
Description
Version: ImageMagick 7.0.6-6 Q16 x86_64
A memory leak vulnerability was found in function WriteJNGImage in coders/png.c,which allow attackers to cause a denial of service via a crafted file.
#./convert $FILE out.JNG
=================================================================
==57276==ERROR: detected memory leaks
Direct leak of 13024 byte(s) in 1 object(s) allocated from:
#0 0x4ec5a6 in __interceptor_malloc /home/test/Downloads/llvm-clang/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cc:66
#1 0x52cbb5 in AcquireImageInfo /home/test/Downloads/IM-afl/ImageMagick-master/MagickCore/image.c:347:28
#2 0xc0ad96 in WriteJNGImage /home/test/Downloads/IM-afl/ImageMagick-master/coders/png.c:13228:10
13024 byte(s) leaked in 1 allocation(s).
testcase:https://github.com/bestshow/p0cs/blob/master/memory_leak_in_WriteJNGImage
Credit:ADLab of Venustech