Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

memory leak in ResizeMagickMemory MagickCore/memory.c:1225 #770

Closed
jerryl3e opened this issue Sep 21, 2017 · 2 comments

Comments

Projects
None yet
4 participants
@jerryl3e
Copy link

commented Sep 21, 2017

version:
Version: ImageMagick 7.0.7-4 Q16 x86_64
gcc 7.1

crash link :
https://raw.githubusercontent.com/jerryl3e/poc/master/im_poc_1505984356.vips

trigger command :
./magick convert im_poc_1505984356.vips /dev/null

detail :


root@work:/home/work/fuzzing/ImageMagick/utilities# ./magick  convert im_poc_1505984356.vips /dev/null

=================================================================
==86680==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 1834159 byte(s) in 1 object(s) allocated from:
    #0 0x7f676d3ead10 in __interceptor_realloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded10)
    #1 0x7f676c7c7feb in ResizeMagickMemory MagickCore/memory.c:1225
    #2 0x7f676c7c806f in ResizeQuantumMemory MagickCore/memory.c:1289
    #3 0x7f676c8fe6bf in ConcatenateString MagickCore/string.c:501
    #4 0x7f676cc048c6 in ReadVIPSImage coders/vips.c:511
    #5 0x7f676c5f36dd in ReadImage MagickCore/constitute.c:497
    #6 0x7f676c5f65c4 in ReadImages MagickCore/constitute.c:866
    #7 0x7f676bdae8be in ConvertImageCommand MagickWand/convert.c:641
    #8 0x7f676bf29722 in MagickCommandGenesis MagickWand/mogrify.c:183
    #9 0x401a15 in MagickMain utilities/magick.c:149
    #10 0x401c8e in main utilities/magick.c:180
    #11 0x7f676b49182f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)

SUMMARY: AddressSanitizer: 1834159 byte(s) leaked in 1 allocation(s).

Credit:jerryl3e of Baidu Security Lab

@mikayla-grace

This comment has been minimized.

Copy link

commented Sep 21, 2017

Thanks for the problem report. We can reproduce it and will have a patch to fix it in GIT master branch @ https://github.com/ImageMagick/ImageMagick later today. The patch will be available in the beta releases of ImageMagick @ http://www.imagemagick.org/download/beta/ by sometime tomorrow.

urban-warrior pushed a commit that referenced this issue Sep 21, 2017

Cristy

urban-warrior pushed a commit that referenced this issue Sep 21, 2017

Cristy

@dlemstra dlemstra added the bug label Sep 21, 2017

@dlemstra dlemstra closed this Sep 21, 2017

@nohmask

This comment has been minimized.

Copy link

commented Sep 22, 2017

This was assigned CVE-2017-14684.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.