Skip to content

memory leaks in ReadPSDChannelZip #874

Closed
@henices

Description

@henices

$ magick -version
Version: ImageMagick 7.0.7-12 Q16 x86_64 2017-11-21 http://www.imagemagick.org
Copyright: © 1999-2017 ImageMagick Studio LLC
License: http://www.imagemagick.org/script/license.php
Features: Cipher DPC HDRI OpenMP
Delegates (built-in): bzlib fontconfig freetype jng jpeg lzma pangocairo png tiff x xml zlib

Trigger Command: magick ReadPSDChannelZip-memory-leaks /dev/null

magick: unexpected end-of-file `ReadPSDChannelZip-memory-leaks' @ error/psd.c/ReadPSDChannelZip/1247.                                                                                          
magick: unable to decompress image `ReadPSDChannelZip-memory-leaks' @ error/psd.c/ReadPSDChannel/1408.                                                                                         

=================================================================                              
==10717==ERROR: LeakSanitizer: detected memory leaks                                           

Direct leak of 27260 byte(s) in 1 object(s) allocated from:                                    
    #0 0x7f14e35e8850 in malloc (/lib64/libasan.so.4+0xde850)                                  
    #1 0x7f14e29fd38c in AcquireMagickMemory MagickCore/memory.c:464                           
    #2 0x7f14e29fd3e0 in AcquireQuantumMemory MagickCore/memory.c:537                          
    #3 0x7f14e2db6505 in ReadPSDChannelZip coders/psd.c:1236                                   
    #4 0x7f14e2db7364 in ReadPSDChannel coders/psd.c:1387                                      
    #5 0x7f14e2db7ea0 in ReadPSDLayer coders/psd.c:1470                                        
    #6 0x7f14e2dbaee7 in ReadPSDLayersInternal coders/psd.c:1834                               
    #7 0x7f14e2dbe4ed in ReadPSDImage coders/psd.c:2182                                        
    #8 0x7f14e283038f in ReadImage MagickCore/constitute.c:497                                 
    #9 0x7f14e2833258 in ReadImages MagickCore/constitute.c:866                                
    #10 0x7f14e228b86a in CLINoImageOperator MagickWand/operation.c:4763                       
    #11 0x7f14e228eb72 in CLIOption MagickWand/operation.c:5258                                
    #12 0x7f14e21375f8 in ProcessCommandOptions MagickWand/magick-cli.c:424                    
    #13 0x7f14e2138ea0 in MagickImageCommand MagickWand/magick-cli.c:794                       
    #14 0x7f14e21720e6 in MagickCommandGenesis MagickWand/mogrify.c:183                        
    #15 0x401a36 in MagickMain utilities/magick.c:149                                          
    #16 0x401ca0 in main utilities/magick.c:180                                                
    #17 0x7f14de307889 in __libc_start_main (/lib64/libc.so.6+0x20889)                         

SUMMARY: AddressSanitizer: 27260 byte(s) leaked in 1 allocation(s). 

testcase:
https://github.com/henices/pocs/raw/master/ReadPSDChannelZip-memory-leaks

Credit: NSFocus Security Team <security (at) nsfocus (dot) com>

Metadata

Metadata

Assignees

No one assigned

    Labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions