Legacy ImageMagick Discussions Archive

fumfel

After some fuzz testing I found a crashing test case. Git HEAD: a2d7a71ee37dca68f32bd2ed4e9c7299a6d78a77 OS & Compiler: Ubuntu 16.04 x64 + Clang 4.0 Faulting input: https://frankowicz.me/storage/crashes/im_negative_size_RemoveResolutionFromResourceBlock Command: convert im_negative_size ...

fumfel

After some fuzz testing I found a crashing test case. Git HEAD: f0d6dde21d77905c0c3769c2d3491365d518c844 OS & Compiler: Ubuntu 16.04 x64 + Clang 4.0 Crashing file: https://frankowicz.me/storage/crashes/im_uaf_GetPixelInfoPixel Command: convert im_uaf_GetPixelInfoPixel /dev/null ASAN: ==32276==ERROR ...

fumfel

After some fuzz testing I found a crashing test case. Git HEAD: 4e46ad9dd95d68c1c8c630e6d27338ae3f57d5c7 OS & Compiler: Ubuntu 16.04 x64 + Clang 4.0 Command: convert im_hbo_GetNextToken.svg /dev/null Faulting input: https://frankowicz.me/storage/crashes/im_hbo_GetNextToken.svg ASAN: ==6443==ERROR ...

fumfel

After some fuzz testing I found a crashing test case. Git HEAD: 4e46ad9dd95d68c1c8c630e6d27338ae3f57d5c7 OS & Compiler: Ubuntu 16.04 x64 + Clang 4.0 Command: convert im_nullptr_GetJPEGMethod /dev/null Faulting input: https://frankowicz.me/storage/crashes/im_nullptr_GetJPEGMethod ASAN: ==5167==ERROR ...

fumfel

Reply from LibTIFF developer: http://bugzilla.maptools.org/show_bug.cgi?id=2730#c3

fumfel

After some fuzz testing I found a crashing test case. Git HEAD: b0323e6509f4530a228c8788db11a49ff9255b69 OS & Compiler: Ubuntu 16.04 x64 + Clang 4.0 Command: convert im_hbo_TracePoint /dev/null Faulting input: https://frankowicz.me/storage/crashes/im_hbo_TracePoint.svg ASAN: ==21950==ERROR ...

fumfel

More details and faulting test case: http://bugzilla.maptools.org/show_bug.cgi?id=2730

fumfel

With '--disable-openmp' switch, problem doesn't exists.

fumfel

After some fuzz testing I found a crashing test case. Git HEAD: eb56534ac870d9a5b8a6e7db8d32c0e76ae65924 OS & Compiler: Ubuntu 16.04 x64 + Clang 4.0 Command: convert im_hoobr_omp_outlined.eps null Faulting input: https://frankowicz.me/storage/crashes/im_hoobr_omp_outlined.eps ASAN: ==13673==ERROR ...

fumfel

IM Version (compiled from source): Version: ImageMagick 7.0.3-0 Q16 x86_64 2016-09-14 http://www.imagemagick.org Source file To reproduce: convert crash.dib a.jpg LeakSanitizer output: ==535==ERROR: LeakSanitizer: detected memory leaks Direct leak of 4160 byte(s) in 1 object(s) allocated from: #0 ...

fumfel

IM Version (compiled from source): Version: ImageMagick 7.0.3-0 Q16 x86_64 2016-09-14 http://www.imagemagick.org Source file To reproduce: convert crash.gif a.jpg LeakSanitizer output: ==32663==ERROR: LeakSanitizer: detected memory leaks Direct leak of 13304 byte(s) in 1 object(s) allocated from: #0 ...

fumfel

When I try convert malformed WPG image, ImageMagick leaks memory in WPG parser. IM Version (compiled from source): Version: ImageMagick 7.0.3-0 Q16 x86_64 2016-09-14 http://www.imagemagick.org Source file To reproduce: convert crash.wpg a.jpg LeakSanitizer Output: ==19859==ERROR: LeakSanitizer ...

Legacy ImageMagick Discussions Archive

Search found 12 matches

Negative size parameter in RemoveResolutionFromResourceBlock()

Use after free in GetPixelInfoPixel()

Heap buffer overflow in GetNextToken()

Null pointer dereference in GetJPEGMethod()

Re: Use-after-free in TIFFSetField()

Heap buffer overflow in TracePoint()

Use-after-free in TIFFSetField()

Re: Heap out of bounds read in .omp_outlined..68()

Heap out of bounds read in .omp_outlined..68()

Memory leak in API

Memory leak in GIF parser

Memory leak in WPG parser