[Pkg-gmagick-im-team] Bug#870482: memory leak in WriteINLINEImage
Bastien ROUCARIES
roucaries.bastien at gmail.com
Wed Aug 2 13:45:14 UTC 2017
Source: imagemagick
Version: 8:6.9.7.4+dfsg-15
Severity: important
Tags: security upstream
X-Debbugs-CC: team at security.debian.org
control: found -1 8:6.8.9.9-5+deb8u8
control: found -1 8:6.8.9.9-5+deb8u9
control: found -1 8:6.7.7.10-5+deb7u14
control: found -1 8:6.7.7.10-5+deb9u1
forwarded: https://github.com/ImageMagick/ImageMagick/issues/572
Version: ImageMagick 7.0.6-2 Q16 x86_64
./magick convert $FILE out.inline
=================================================================
==2302==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 13024 byte(s) in 1 object(s) allocated from:
#0 0x4deeb6 in __interceptor_malloc asan_malloc_linux.cc:66
#1 0x7fe8406e0186 in AcquireMagickMemory memory.c:464:10
#2 0x7fe8406907c3 in AcquireImageInfo image.c:347:28
#3 0x7fe840699933 in CloneImageInfo image.c:952:14
#4 0x7fe840aa7aa3 in WriteINLINEImage inline.c:312:14
#5 0x7fe8404bfced in WriteImage constitute.c:1183:22
#6 0x7fe8404c05fd in WriteImages constitute.c:1333:13
#7 0x7fe83fb6b900 in ConvertImageCommand convert.c:3280:11
#8 0x7fe83fcba0cf in MagickCommandGenesis mogrify.c:183:14
#9 0x514a37 in MagickMain magick.c:149:10
#10 0x514491 in main magick.c:180:10
#11 0x7fe83a4f7f44 in __libc_start_main libc-start.c:287
POC: https://github.com/jgj212/poc/blob/master/leak-WriteINLINEImage
Credit : ADLab of Venustech
More information about the Pkg-gmagick-im-team
mailing list