Skip to content

Null Pointer Dereference in ReadEnhMetaFile #725

Closed
@jgj212

Description

@jgj212

ImageMagick 7.0.7-0 Q16 x86_64

Here is the critical code:

  pBits=(LPBYTE) AcquireQuantumMemory(dwSize,sizeof(*pBits));  //line 410
  ReadFile(hFile,pBits,dwSize,&dwSize,NULL);
  CloseHandle(hFile);
  if (((PAPMHEADER) pBits)->dwKey != 0x9ac6cdd7l)
    {

AcquireQuantumMemory(...) may return NULL, so ((PAPMHEADER) pBits)->dwKey will Dereference Null pointer to cause memory error.

Credit: ADLab of Venustech

Metadata

Metadata

Assignees

No one assigned

    Labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions