Skip to content

memory leaks in ReadDCMImage #931

Closed
Closed
@henices

Description

@henices

INFO

Version: ImageMagick 7.0.7-20 Q16 x86_64 2018-01-04 http://www.imagemagick.org
Copyright: © 1999-2018 ImageMagick Studio LLC
License: http://www.imagemagick.org/script/license.php
Features: Cipher DPC HDRI
Delegates (built-in): bzlib djvu fftw fontconfig freetype gvc jbig jng jpeg lcms lqr lzma pangocairo png tiff webp wmf x xml zlib

Trigger Command: /usr/local/bin/magick ReadDCMImage-memory-leaks /dev/null

ASAN OUTPUT

magick: insufficient image data in file `ReadDCMImage-memory-leaks' @ error/dcm.c/ReadDCMImage/3268.

=================================================================
==12759==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 252 byte(s) in 1 object(s) allocated from:
    #0 0x4cf7f0 in __interceptor_malloc (/usr/local/bin/magick+0x4cf7f0)
    #1 0x7fd403bd9846 in AcquireMagickMemory /home/henices/tests/ImageMagick/MagickCore/memory.c:464:10
    #2 0x7fd403bd98a8 in AcquireQuantumMemory /home/henices/tests/ImageMagick/MagickCore/memory.c:537:10
    #3 0x7fd404344a99 in ReadDCMImage /home/henices/tests/ImageMagick/coders/dcm.c:3569:28
    #4 0x7fd4036c357a in ReadImage /home/henices/tests/ImageMagick/MagickCore/constitute.c:497:13
    #5 0x7fd4036cb3a7 in ReadImages /home/henices/tests/ImageMagick/MagickCore/constitute.c:866:9
    #6 0x7fd4022dd127 in CLINoImageOperator /home/henices/tests/ImageMagick/MagickWand/operation.c:4763:22
    #7 0x7fd4022e6f60 in CLIOption /home/henices/tests/ImageMagick/MagickWand/operation.c:5258:7
    #8 0x7fd401e344cb in ProcessCommandOptions /home/henices/tests/ImageMagick/MagickWand/magick-cli.c:424:13
    #9 0x7fd401e3779d in MagickImageCommand /home/henices/tests/ImageMagick/MagickWand/magick-cli.c:796:5
    #10 0x7fd401ee99a5 in MagickCommandGenesis /home/henices/tests/ImageMagick/MagickWand/mogrify.c:183:14
    #11 0x50a313 in MagickMain /home/henices/tests/ImageMagick/utilities/magick.c:149:10
    #12 0x5096b1 in main /home/henices/tests/ImageMagick/utilities/magick.c:180:10
    #13 0x7fd3fb27f009 in __libc_start_main (/lib64/libc.so.6+0x21009)

SUMMARY: AddressSanitizer: 252 byte(s) leaked in 1 allocation(s).

testcase: https://github.com/henices/pocs/raw/master/ReadDCMImage-memory-leaks

Credit: NSFocus Security Team <security (at) nsfocus (dot) com>

Metadata

Metadata

Assignees

No one assigned

    Labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions