[Pkg-gmagick-im-team] Bug#870108: memory leak in ReadOneJNGImage #550
Bastien ROUCARIES
roucaries.bastien at gmail.com
Sat Jul 29 20:39:40 UTC 2017
Source: imagemagick
Version: 8:6.9.7.4+dfsg-13
Severity: important
Tags: security upstream
X-Debbugs-CC: team at security.debian.org
control: found -1 8:6.8.9.9-5+deb8u8
control: found -1 8:6.8.9.9-5+deb8u9
control: found -1 8:6.7.7.10-5+deb7u14
control: found -1 8:6.7.7.10-5+deb9u1
forwarded:https://github.com/ImageMagick/ImageMagick/issues/550
Version: ImageMagick 7.0.6-1 Q16 x86_64
#./magick identify $FILE
=================================================================
==32637==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 13488 byte(s) in 1 object(s) allocated from:
#0 0x4def96 in __interceptor_malloc asan_malloc_linux.cc:66
#1 0x7fbe8d60af76 in AcquireMagickMemory memory.c:463:10
#2 0x7fbe8d5b9db9 in AcquireImage image.c:169:19
#3 0x7fbe8dc47483 in ReadOneJNGImage png.c:4483:21
#4 0x7fbe8dc1bb1d in ReadJNGImage png.c:5053:9
#5 0x7fbe8d3faf98 in ReadImage constitute.c:497:13
#6 0x7fbe8d771bd9 in ReadStream stream.c:1045:9
#7 0x7fbe8d3f9b3f in PingImage constitute.c:226:9
#8 0x7fbe8d3fa2e3 in PingImages constitute.c:327:10
#9 0x7fbe8cb5b126 in IdentifyImageCommand identify.c:319:18
#10 0x7fbe8cc18dff in MagickCommandGenesis mogrify.c:183:14
#11 0x514f77 in MagickMain magick.c:151:10
#12 0x5149d1 in main magick.c:263:10
#13 0x7fbe87456f44 in __libc_start_main libc-start.c:287
Direct leak of 13024 byte(s) in 1 object(s) allocated from:
#0 0x4def96 in __interceptor_malloc asan_malloc_linux.cc:66
#1 0x7fbe8d60af76 in AcquireMagickMemory memory.c:463:10
#2 0x7fbe8dc4739f in ReadOneJNGImage png.c:4477:39
#3 0x7fbe8dc1bb1d in ReadJNGImage png.c:5053:9
#4 0x7fbe8d3faf98 in ReadImage constitute.c:497:13
#5 0x7fbe8d771bd9 in ReadStream stream.c:1045:9
#6 0x7fbe8d3f9b3f in PingImage constitute.c:226:9
#7 0x7fbe8d3fa2e3 in PingImages constitute.c:327:10
#8 0x7fbe8cb5b126 in IdentifyImageCommand identify.c:319:18
#9 0x7fbe8cc18dff in MagickCommandGenesis mogrify.c:183:14
#10 0x514f77 in MagickMain magick.c:151:10
#11 0x5149d1 in main magick.c:263:10
#12 0x7fbe87456f44 in __libc_start_main libc-start.c:287
Indirect leak of 13024 byte(s) in 1 object(s) allocated from:
#0 0x4def96 in __interceptor_malloc asan_malloc_linux.cc:66
#1 0x7fbe8d60af76 in AcquireMagickMemory memory.c:463:10
#2 0x7fbe8d5be753 in AcquireImageInfo image.c:347:28
#3 0x7fbe8d5c78c3 in CloneImageInfo image.c:952:14
#4 0x7fbe8d5be688 in SyncImageSettings image.c:4051:21
#5 0x7fbe8d5bbe88 in AcquireImage image.c:290:10
#6 0x7fbe8dc47483 in ReadOneJNGImage png.c:4483:21
#7 0x7fbe8dc1bb1d in ReadJNGImage png.c:5053:9
#8 0x7fbe8d3faf98 in ReadImage constitute.c:497:13
#9 0x7fbe8d771bd9 in ReadStream stream.c:1045:9
#10 0x7fbe8d3f9b3f in PingImage constitute.c:226:9
#11 0x7fbe8d3fa2e3 in PingImages constitute.c:327:10
#12 0x7fbe8cb5b126 in IdentifyImageCommand identify.c:319:18
#13 0x7fbe8cc18dff in MagickCommandGenesis mogrify.c:183:14
#14 0x514f77 in MagickMain magick.c:151:10
#15 0x5149d1 in main magick.c:263:10
#16 0x7fbe87456f44 in __libc_start_main libc-start.c:287
Indirect leak of 9096 byte(s) in 1 object(s) allocated from:
#0 0x4def96 in __interceptor_malloc asan_malloc_linux.cc:66
#1 0x7fbe8d60af76 in AcquireMagickMemory memory.c:463:10
#2 0x7fbe8d60afd8 in AcquireQuantumMemory memory.c:536:10
#3 0x7fbe8d3891e4 in AcquirePixelCache cache.c:195:28
#4 0x7fbe8d5ba6bd in AcquireImage image.c:206:16
#5 0x7fbe8dc47483 in ReadOneJNGImage png.c:4483:21
#6 0x7fbe8dc1bb1d in ReadJNGImage png.c:5053:9
#7 0x7fbe8d3faf98 in ReadImage constitute.c:497:13
#8 0x7fbe8d771bd9 in ReadStream stream.c:1045:9
#9 0x7fbe8d3f9b3f in PingImage constitute.c:226:9
#10 0x7fbe8d3fa2e3 in PingImages constitute.c:327:10
#11 0x7fbe8cb5b126 in IdentifyImageCommand identify.c:319:18
#12 0x7fbe8cc18dff in MagickCommandGenesis mogrify.c:183:14
#13 0x514f77 in MagickMain magick.c:151:10
#14 0x5149d1 in main magick.c:263:10
#15 0x7fbe87456f44 in __libc_start_main libc-start.c:287
Indirect leak of 512 byte(s) in 1 object(s) allocated from:
#0 0x4def96 in __interceptor_malloc asan_malloc_linux.cc:66
#1 0x7fbe8d60af76 in AcquireMagickMemory memory.c:463:10
#2 0x7fbe8d60afd8 in AcquireQuantumMemory memory.c:536:10
#3 0x7fbe8d64a44a in AcquirePixelChannelMap pixel.c:101:35
#4 0x7fbe8d5ba77b in AcquireImage image.c:208:22
#5 0x7fbe8dc47483 in ReadOneJNGImage png.c:4483:21
#6 0x7fbe8dc1bb1d in ReadJNGImage png.c:5053:9
#7 0x7fbe8d3faf98 in ReadImage constitute.c:497:13
#8 0x7fbe8d771bd9 in ReadStream stream.c:1045:9
#9 0x7fbe8d3f9b3f in PingImage constitute.c:226:9
#10 0x7fbe8d3fa2e3 in PingImages constitute.c:327:10
#11 0x7fbe8cb5b126 in IdentifyImageCommand identify.c:319:18
#12 0x7fbe8cc18dff in MagickCommandGenesis mogrify.c:183:14
#13 0x514f77 in MagickMain magick.c:151:10
#14 0x5149d1 in main magick.c:263:10
#15 0x7fbe87456f44 in __libc_start_main libc-start.c:287
Indirect leak of 280 byte(s) in 1 object(s) allocated from:
#0 0x4def96 in __interceptor_malloc asan_malloc_linux.cc:66
#1 0x7fbe8d60af76 in AcquireMagickMemory memory.c:463:10
#2 0x7fbe8d367dfd in CloneBlobInfo blob.c:504:27
#3 0x7fbe8d5ba7d1 in AcquireImage image.c:209:15
#4 0x7fbe8dc47483 in ReadOneJNGImage png.c:4483:21
#5 0x7fbe8dc1bb1d in ReadJNGImage png.c:5053:9
#6 0x7fbe8d3faf98 in ReadImage constitute.c:497:13
#7 0x7fbe8d771bd9 in ReadStream stream.c:1045:9
#8 0x7fbe8d3f9b3f in PingImage constitute.c:226:9
#9 0x7fbe8d3fa2e3 in PingImages constitute.c:327:10
#10 0x7fbe8cb5b126 in IdentifyImageCommand identify.c:319:18
#11 0x7fbe8cc18dff in MagickCommandGenesis mogrify.c:183:14
#12 0x514f77 in MagickMain magick.c:151:10
#13 0x5149d1 in main magick.c:263:10
#14 0x7fbe87456f44 in __libc_start_main libc-start.c:287
Indirect leak of 88 byte(s) in 1 object(s) allocated from:
#0 0x4def96 in __interceptor_malloc asan_malloc_linux.cc:66
#1 0x7fbe8d60af76 in AcquireMagickMemory memory.c:463:10
#2 0x7fbe8d60afd8 in AcquireQuantumMemory memory.c:536:10
#3 0x7fbe8d389ca4 in AcquirePixelCacheNexus cache.c:268:31
#4 0x7fbe8d389704 in AcquirePixelCache cache.c:211:26
#5 0x7fbe8d5ba6bd in AcquireImage image.c:206:16
#6 0x7fbe8dc47483 in ReadOneJNGImage png.c:4483:21
#7 0x7fbe8dc1bb1d in ReadJNGImage png.c:5053:9
#8 0x7fbe8d3faf98 in ReadImage constitute.c:497:13
#9 0x7fbe8d771bd9 in ReadStream stream.c:1045:9
#10 0x7fbe8d3f9b3f in PingImage constitute.c:226:9
#11 0x7fbe8d3fa2e3 in PingImages constitute.c:327:10
#12 0x7fbe8cb5b126 in IdentifyImageCommand identify.c:319:18
#13 0x7fbe8cc18dff in MagickCommandGenesis mogrify.c:183:14
#14 0x514f77 in MagickMain magick.c:151:10
#15 0x5149d1 in main magick.c:263:10
#16 0x7fbe87456f44 in __libc_start_main libc-start.c:287
Indirect leak of 64 byte(s) in 1 object(s) allocated from:
#0 0x4dfaf5 in posix_memalign asan_malloc_linux.cc:142
#1 0x7fbe8d747788 in AcquireSemaphoreMemory semaphore.c:154:7
#2 0x7fbe8d746ffc in AcquireSemaphoreInfo semaphore.c:200:36
#3 0x7fbe8d5ba935 in AcquireImage image.c:213:20
#4 0x7fbe8dc47483 in ReadOneJNGImage png.c:4483:21
#5 0x7fbe8dc1bb1d in ReadJNGImage png.c:5053:9
#6 0x7fbe8d3faf98 in ReadImage constitute.c:497:13
#7 0x7fbe8d771bd9 in ReadStream stream.c:1045:9
#8 0x7fbe8d3f9b3f in PingImage constitute.c:226:9
#9 0x7fbe8d3fa2e3 in PingImages constitute.c:327:10
#10 0x7fbe8cb5b126 in IdentifyImageCommand identify.c:319:18
#11 0x7fbe8cc18dff in MagickCommandGenesis mogrify.c:183:14
#12 0x514f77 in MagickMain magick.c:151:10
#13 0x5149d1 in main magick.c:263:10
#14 0x7fbe87456f44 in __libc_start_main libc-start.c:287
Indirect leak of 64 byte(s) in 1 object(s) allocated from:
#0 0x4dfaf5 in posix_memalign asan_malloc_linux.cc:142
#1 0x7fbe8d747788 in AcquireSemaphoreMemory semaphore.c:154:7
#2 0x7fbe8d746ffc in AcquireSemaphoreInfo semaphore.c:200:36
#3 0x7fbe8d3899c3 in AcquirePixelCache cache.c:226:25
#4 0x7fbe8d5ba6bd in AcquireImage image.c:206:16
#5 0x7fbe8dc47483 in ReadOneJNGImage png.c:4483:21
#6 0x7fbe8dc1bb1d in ReadJNGImage png.c:5053:9
#7 0x7fbe8d3faf98 in ReadImage constitute.c:497:13
#8 0x7fbe8d771bd9 in ReadStream stream.c:1045:9
#9 0x7fbe8d3f9b3f in PingImage constitute.c:226:9
#10 0x7fbe8d3fa2e3 in PingImages constitute.c:327:10
#11 0x7fbe8cb5b126 in IdentifyImageCommand identify.c:319:18
#12 0x7fbe8cc18dff in MagickCommandGenesis mogrify.c:183:14
#13 0x514f77 in MagickMain magick.c:151:10
#14 0x5149d1 in main magick.c:263:10
#15 0x7fbe87456f44 in __libc_start_main libc-start.c:287
Indirect leak of 64 byte(s) in 1 object(s) allocated from:
#0 0x4dfaf5 in posix_memalign asan_malloc_linux.cc:142
#1 0x7fbe8d747788 in AcquireSemaphoreMemory semaphore.c:154:7
#2 0x7fbe8d746ffc in AcquireSemaphoreInfo semaphore.c:200:36
#3 0x7fbe8d368bf7 in GetBlobInfo blob.c:1414:24
#4 0x7fbe8d367eec in CloneBlobInfo blob.c:507:3
#5 0x7fbe8d5ba7d1 in AcquireImage image.c:209:15
#6 0x7fbe8dc47483 in ReadOneJNGImage png.c:4483:21
#7 0x7fbe8dc1bb1d in ReadJNGImage png.c:5053:9
#8 0x7fbe8d3faf98 in ReadImage constitute.c:497:13
#9 0x7fbe8d771bd9 in ReadStream stream.c:1045:9
#10 0x7fbe8d3f9b3f in PingImage constitute.c:226:9
#11 0x7fbe8d3fa2e3 in PingImages constitute.c:327:10
#12 0x7fbe8cb5b126 in IdentifyImageCommand identify.c:319:18
#13 0x7fbe8cc18dff in MagickCommandGenesis mogrify.c:183:14
#14 0x514f77 in MagickMain magick.c:151:10
#15 0x5149d1 in main magick.c:263:10
#16 0x7fbe87456f44 in __libc_start_main libc-start.c:287
Indirect leak of 64 byte(s) in 1 object(s) allocated from:
#0 0x4dfaf5 in posix_memalign asan_malloc_linux.cc:142
#1 0x7fbe8d747788 in AcquireSemaphoreMemory semaphore.c:154:7
#2 0x7fbe8d746ffc in AcquireSemaphoreInfo semaphore.c:200:36
#3 0x7fbe8d389a52 in AcquirePixelCache cache.c:228:30
#4 0x7fbe8d5ba6bd in AcquireImage image.c:206:16
#5 0x7fbe8dc47483 in ReadOneJNGImage png.c:4483:21
#6 0x7fbe8dc1bb1d in ReadJNGImage png.c:5053:9
#7 0x7fbe8d3faf98 in ReadImage constitute.c:497:13
#8 0x7fbe8d771bd9 in ReadStream stream.c:1045:9
#9 0x7fbe8d3f9b3f in PingImage constitute.c:226:9
#10 0x7fbe8d3fa2e3 in PingImages constitute.c:327:10
#11 0x7fbe8cb5b126 in IdentifyImageCommand identify.c:319:18
#12 0x7fbe8cc18dff in MagickCommandGenesis mogrify.c:183:14
#13 0x514f77 in MagickMain magick.c:151:10
#14 0x5149d1 in main magick.c:263:10
#15 0x7fbe87456f44 in __libc_start_main libc-start.c:287
Indirect leak of 64 byte(s) in 1 object(s) allocated from:
#0 0x4dfaf5 in posix_memalign asan_malloc_linux.cc:142
#1 0x7fbe8d60adb2 in AcquireAlignedMemory memory.c:261:7
#2 0x7fbe8d389bae in AcquirePixelCacheNexus cache.c:264:29
#3 0x7fbe8d389704 in AcquirePixelCache cache.c:211:26
#4 0x7fbe8d5ba6bd in AcquireImage image.c:206:16
#5 0x7fbe8dc47483 in ReadOneJNGImage png.c:4483:21
#6 0x7fbe8dc1bb1d in ReadJNGImage png.c:5053:9
#7 0x7fbe8d3faf98 in ReadImage constitute.c:497:13
#8 0x7fbe8d771bd9 in ReadStream stream.c:1045:9
#9 0x7fbe8d3f9b3f in PingImage constitute.c:226:9
#10 0x7fbe8d3fa2e3 in PingImages constitute.c:327:10
#11 0x7fbe8cb5b126 in IdentifyImageCommand identify.c:319:18
#12 0x7fbe8cc18dff in MagickCommandGenesis mogrify.c:183:14
#13 0x514f77 in MagickMain magick.c:151:10
#14 0x5149d1 in main magick.c:263:10
#15 0x7fbe87456f44 in __libc_start_main libc-start.c:287
SUMMARY: AddressSanitizer: 49832 byte(s) leaked in 12 allocation(s).
testcase: https://github.com/jgj212/poc/blob/master/leak-ReadOneJNGImage
Credit : ADLab of Venustech
More information about the Pkg-gmagick-im-team
mailing list