Skip to content

coders/dcm.c Memory Leak #964

Closed
Closed
@ksyang

Description

@ksyang

System Configuration

  • ImageMagick version: ImageMagick 7.0.7-23
  • Environment (Operating system, version and so on): Ubuntu 14.04 64bit
  • Additional information: compilation with asan

Description

redmap=(int *) AcquireQuantumMemory((size_t) colors,

greenmap=(int *) AcquireQuantumMemory((size_t) colors,

bluemap=(int *) AcquireQuantumMemory((size_t) colors,

Each redmap, greenmap, and bluemap can be overwritten by a new pointer, so it loses previous pointer, which leads to memory leak. I guess we should check if the each XXXmap variable is already allocated or not.

$ ./magick convert ~/leak1.dcm ./out.png
convert: UnableToOpenConfigureFile `magic.xml' @ warning/configure.c/GetConfigureOptions/714.
convert: InsufficientImageDataInFile `/home/skid/leak1.dcm' @ error/dcm.c/ReadDCMImage/3280.
convert: NoImagesDefined `./out.png' @ error/convert.c/ConvertImageCommand/3275.

=================================================================
==62826==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 20 byte(s) in 1 object(s) allocated from:
    #0 0x4bd753 in __interceptor_malloc /home/brian/final/llvm.src/projects/compiler-rt/lib/asan/asan_malloc_linux.cc:67:3
    #1 0x537d1d in AcquireMagickMemory (/imagemagick.latest/utilities/magick+0x537d1d)
    #2 0x537dcd in AcquireQuantumMemory (/imagemagick.latest/utilities/magick+0x537dcd)
    #3 0x6c91c2 in ReadDCMImage (/imagemagick.latest/utilities/magick+0x6c91c2)
    #4 0xaf0948 in ReadImage (/imagemagick.latest/utilities/magick+0xaf0948)
    #5 0xaf4ff4 in ReadImages (/imagemagick.latest/utilities/magick+0xaf4ff4)
    #6 0xe61486 in ConvertImageCommand (/imagemagick.latest/utilities/magick+0xe61486)
    #7 0xf41f40 in MagickCommandGenesis (/imagemagick.latest/utilities/magick+0xf41f40)
    #8 0x4e8af9 in MagickMain (/imagemagick.latest/utilities/magick+0x4e8af9)
    #9 0x4e8401 in main (/imagemagick.latest/utilities/magick+0x4e8401)
    #10 0x7f09662ab82f in __libc_start_main /build/glibc-Cl5G7W/glibc-2.23/csu/../csu/libc-start.c:291
$ ./magick convert ~/leak2.dcm ./a.png
convert: UnableToOpenConfigureFile `magic.xml' @ warning/configure.c/GetConfigureOptions/714.
convert: ImproperImageHeader `/home/skid/leak2.dcm' @ error/dcm.c/ReadDCMImage/3151.
convert: NoImagesDefined `./a.png' @ error/convert.c/ConvertImageCommand/3275.

=================================================================
==63144==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 52 byte(s) in 1 object(s) allocated from:
    #0 0x4bd753 in __interceptor_malloc /home/brian/final/llvm.src/projects/compiler-rt/lib/asan/asan_malloc_linux.cc:67:3
    #1 0x537d1d in AcquireMagickMemory (/imagemagick.latest/utilities/magick+0x537d1d)
    #2 0x537dcd in AcquireQuantumMemory (/imagemagick.latest/utilities/magick+0x537dcd)
    #3 0x6c8a80 in ReadDCMImage (/imagemagick.latest/utilities/magick+0x6c8a80)
    #4 0xaf0948 in ReadImage (/imagemagick.latest/utilities/magick+0xaf0948)
    #5 0xaf4ff4 in ReadImages (/imagemagick.latest/utilities/magick+0xaf4ff4)
    #6 0xe61486 in ConvertImageCommand /imagemagick.latest/utilities/magick+0xe61486)
    #7 0xf41f40 in MagickCommandGenesis (/imagemagick.latest/utilities/magick+0xf41f40)
    #8 0x4e8af9 in MagickMain (/imagemagick.latest/utilities/magick+0x4e8af9)
    #9 0x4e8401 in main (/imagemagick.latest/utilities/magick+0x4e8401)
    #10 0x7f8ea250982f in __libc_start_main /build/glibc-Cl5G7W/glibc-2.23/csu/../csu/libc-start.c:291

SUMMARY: AddressSanitizer: 52 byte(s) leaked in 1 allocation(s).
$ ./magick convert ~/leak3.dcm ./a.png
convert: UnableToOpenConfigureFile `magic.xml' @ warning/configure.c/GetConfigureOptions/714.
convert: InsufficientImageDataInFile `/home/skid/leak3.dcm' @ error/dcm.c/ReadDCMImage/3280.
convert: NoImagesDefined `./a.png' @ error/convert.c/ConvertImageCommand/3275.

=================================================================
==63151==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 196 byte(s) in 1 object(s) allocated from:
    #0 0x4bd753 in __interceptor_malloc /home/brian/final/llvm.src/projects/compiler-rt/lib/asan/asan_malloc_linux.cc:67:3
    #1 0x537d1d in AcquireMagickMemory (/imagemagick.latest/utilities/magick+0x537d1d)
    #2 0x537dcd in AcquireQuantumMemory (/imagemagick.latest/utilities/magick+0x537dcd)
    #3 0x6c9904 in ReadDCMImage (/imagemagick.latest/utilities/magick+0x6c9904)
    #4 0xaf0948 in ReadImage (/imagemagick.latest/utilities/magick+0xaf0948)
    #5 0xaf4ff4 in ReadImages (/imagemagick.latest/utilities/magick+0xaf4ff4)
    #6 0xe61486 in ConvertImageCommand (/imagemagick.latest/utilities/magick+0xe61486)
    #7 0xf41f40 in MagickCommandGenesis (/imagemagick.latest/utilities/magick+0xf41f40)
    #8 0x4e8af9 in MagickMain (/imagemagick.latest/utilities/magick+0x4e8af9)
    #9 0x4e8401 in main (/imagemagick.latest/utilities/magick+0x4e8401)
    #10 0x7fb320bdc82f in __libc_start_main /build/glibc-Cl5G7W/glibc-2.23/csu/../csu/libc-start.c:291

SUMMARY: AddressSanitizer: 196 byte(s) leaked in 1 allocation(s).

Crash File : crashes.zip

Credit : Kyeongseok Yang & Choongwoo Han, Naver Security Team

Metadata

Metadata

Assignees

No one assigned

    Labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions