ImageMagick crash when drawing text with large font size
Posted: 2011-06-28T00:54:45-07:00
ImageMagick crash when drawing some text with large font point size like 700.
running on Windows. using DLL version of ImageMagick and Magick++ compiled myself on Visual Studio 2010.
Here's the modules loaded when crashed:
Here's the call stack:
I debugged this problem and just fount the free() function write more bytes over the end of what we allocated and cause an output of Heap Crruption:
the variables value in TraceBezier() are as follows:
Note that "points"==0x00dce7b0 and the memory allocated is control_points*sizeof(*points)==63*16=1008.But the address 00DCEBC0 is 1040 offset the base address of "points".
I need your help. Thanks.
running on Windows. using DLL version of ImageMagick and Magick++ compiled myself on Visual Studio 2010.
Here's the modules loaded when crashed:
Code: Select all
TestFont.exe D:\Projects\2011-06-18_PhotoBatch\src\Debug\TestFont.exe N/A N/A Symbols loaded. D:\Projects\2011-06-18_PhotoBatch\src\Debug\TestFont.pdb 1 28/06/2011 13:23 00400000-00420000 [9572] TestFont.exe: Native
ntdll.dll C:\WINDOWS\system32\ntdll.dll N/A N/A Cannot find or open the PDB file 2 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647) 09/12/2010 23:15 7C920000-7C9B6000 [9572] TestFont.exe: Native
kernel32.dll C:\WINDOWS\system32\kernel32.dll N/A N/A Cannot find or open the PDB file 3 5.1.2600.5781 (xpsp_sp3_gdr.090321-1317) 21/03/2009 22:06 7C800000-7C91E000 [9572] TestFont.exe: Native
user32.dll C:\WINDOWS\system32\user32.dll N/A N/A Cannot find or open the PDB file 4 5.1.2600.5512 (xpsp.080413-2105) 14/04/2008 10:13 77D10000-77DA0000 [9572] TestFont.exe: Native
gdi32.dll C:\WINDOWS\system32\gdi32.dll N/A N/A Cannot find or open the PDB file 5 5.1.2600.5698 (xpsp_sp3_gdr.081022-1932) 23/10/2008 20:38 77EF0000-77F39000 [9572] TestFont.exe: Native
Magick.dll D:\Projects\2011-06-18_PhotoBatch\src\Debug\Magick.dll N/A N/A Symbols loaded. D:\Projects\2011-06-18_PhotoBatch\src\Debug\Magick.pdb 6 28/06/2011 15:48 10000000-10968000 [9572] TestFont.exe: Native
zlib1d.dll D:\Projects\2011-06-18_PhotoBatch\src\Debug\zlib1d.dll N/A N/A Symbols loaded. D:\Projects\2011-06-18_PhotoBatch\lib\zlib-1.2.3-src\src\zlib\1.2.3\zlib-1.2.3\projects\visualc6\Win32_DLL_Debug\zlib.pdb 7 1.02.2.0 28/06/2011 13:14 003A0000-003D4000* [9572] TestFont.exe: Native
msvcr100d.dll C:\WINDOWS\system32\msvcr100d.dll N/A N/A Cannot find or open the PDB file 8 10.00.40219.1 19/02/2011 08:18 00420000-00593000* [9572] TestFont.exe: Native
advapi32.dll C:\WINDOWS\system32\advapi32.dll N/A N/A Cannot find or open the PDB file 9 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234) 09/02/2009 18:52 77DA0000-77E49000 [9572] TestFont.exe: Native
rpcrt4.dll C:\WINDOWS\system32\rpcrt4.dll N/A N/A Cannot find or open the PDB file 10 5.1.2600.6022 (xpsp_sp3_gdr.100813-1643) 16/08/2010 16:44 77E50000-77EE3000 [9572] TestFont.exe: Native
secur32.dll C:\WINDOWS\system32\secur32.dll N/A N/A Cannot find or open the PDB file 11 5.1.2600.5834 (xpsp_sp3_gdr.090624-1305) 25/06/2009 16:24 77FC0000-77FD1000 [9572] TestFont.exe: Native
libpng15.dll D:\Projects\2011-06-18_PhotoBatch\src\Debug\libpng15.dll N/A N/A Symbols loaded. D:\Projects\2011-06-18_PhotoBatch\src\Debug\libpng15.pdb 12 1.05.2.0 28/06/2011 13:23 005A0000-005D2000* [9572] TestFont.exe: Native
Magick++.dll D:\Projects\2011-06-18_PhotoBatch\src\Debug\Magick++.dll N/A N/A Symbols loaded. D:\Projects\2011-06-18_PhotoBatch\src\Debug\Magick++.pdb 13 28/06/2011 13:23 005E0000-006E6000* [9572] TestFont.exe: Native
msvcp100d.dll C:\WINDOWS\system32\msvcp100d.dll N/A N/A Cannot find or open the PDB file 14 10.00.40219.1 19/02/2011 08:18 00700000-007B7000* [9572] TestFont.exe: Native
imm32.dll C:\WINDOWS\system32\imm32.dll N/A N/A Cannot find or open the PDB file 15 5.1.2600.5512 (xpsp.080413-2105) 14/04/2008 10:13 76300000-7631D000 [9572] TestFont.exe: Native
lpk.dll C:\WINDOWS\system32\lpk.dll N/A N/A Cannot find or open the PDB file 16 5.1.2600.5512 (xpsp.080413-2105) 14/04/2008 10:12 62C20000-62C29000 [9572] TestFont.exe: Native
usp10.dll C:\WINDOWS\system32\usp10.dll N/A N/A Cannot find or open the PDB file 17 1.0420.2600.5969 (xpsp_sp3_gdr.100416-1716) 16/04/2010 23:37 73FA0000-7400B000 [9572] TestFont.exe: Native
Code: Select all
ntdll.dll!7c93a343()
[Frames below may be incorrect and/or missing, no symbols loaded for ntdll.dll]
ntdll.dll!7c990552()
ntdll.dll!7c96bafc()
ntdll.dll!7c93a1ba()
ntdll.dll!7c9830b4()
msvcr100d.dll!00527f59()
msvcr100d.dll!00537a4e()
msvcr100d.dll!00537560()
msvcr100d.dll!00539c80()
> Magick.dll!RelinquishMagickMemory(void * memory=0x00dce7b0) Line 754 + 0xc bytes C++
Magick.dll!TraceBezier(_PrimitiveInfo * primitive_info=0x00e1d088, const unsigned int number_coordinates=3) Line 5101 + 0x9 bytes C++
Magick.dll!TracePath(_PrimitiveInfo * primitive_info=0x00e1b228, const char * path=0x00dcb248) Line 5433 + 0xe bytes C++
Magick.dll!DrawImage(_Image * image=0x00d155f0, const _DrawInfo * draw_info=0x00df1768) Line 3033 + 0x1c bytes C++
Magick.dll!RenderFreetype(_Image * image=0x00d155f0, const _DrawInfo * draw_info=0x00cf44d8, const char * encoding=0x00000000, const _PointInfo * offset=0x00120284, _TypeMetric * metrics=0x001201d4) Line 1460 + 0xd bytes C++
Magick.dll!RenderType(_Image * image=0x00d155f0, const _DrawInfo * draw_info=0x00cdfce8, const _PointInfo * offset=0x00120284, _TypeMetric * metrics=0x001201d4) Line 905 + 0x1c bytes C++
Magick.dll!AnnotateImage(_Image * image=0x00d155f0, const _DrawInfo * draw_info=0x00d45db8) Line 481 + 0x1e bytes C++
Magick.dll!DrawPrimitive(_Image * image=0x00d155f0, const _DrawInfo * draw_info=0x00cf4008, const _PrimitiveInfo * primitive_info=0x00d31c50) Line 4416 + 0x10 bytes C++
Magick.dll!DrawImage(_Image * image=0x00d155f0, const _DrawInfo * draw_info=0x00cf3da0) Line 3121 + 0x20 bytes C++
Magick.dll!DrawRender(_DrawingWand * wand=0x00cf2610) Line 4321 + 0x25 bytes C++
Magick++.dll!Magick::Image::draw(const Magick::Drawable & drawable_={...}) Line 799 + 0xc bytes C++
TestFont.exe!main(int argc=1, char * * argv=0x00cd5e00) Line 33 + 0x90 bytes C++
TestFont.exe!__tmainCRTStartup() Line 555 + 0x19 bytes C
TestFont.exe!mainCRTStartup() Line 371 C
kernel32.dll!7c817077()
msvcp100d.dll!00770074()
msvcp100d.dll!00770074()
msvcp100d.dll!00770074()
msvcp100d.dll!00770074()
msvcp100d.dll!00770074()
msvcp100d.dll!00770074()
msvcp100d.dll!00770074()
msvcp100d.dll!00770074()
msvcp100d.dll!00770074()
msvcp100d.dll!00770074()
msvcp100d.dll!00770074()
msvcp100d.dll!00770074()
msvcp100d.dll!00780064()
msvcp100d.dll!00780064()
msvcp100d.dll!00780064()
msvcp100d.dll!00780064()
msvcp100d.dll!00780064()
msvcp100d.dll!00780064()
msvcp100d.dll!00780064()
msvcp100d.dll!00780064()
Code: Select all
'TestFont.exe': Loaded 'C:\WINDOWS\system32\usp10.dll', Cannot find or open the PDB file
Heap corruption detected at 00DCEBC0
First-chance exception at 0x7c93a343 in TestFont.exe: 0xC0000005: Access violation writing location 0xfeeefeee.Code: Select all
+ primitive_info 0x00e1d088 {point={...} coordinates=64 primitive=-842150451 ...} _PrimitiveInfo *
number_coordinates 3 const unsigned int
j 3 int
+ points 0x00dce7b0 {x=-2.6569842580370804e+303 y=-2.6569842580370804e+303 } _PointInfo *
control_points 63 unsigned int
+ end {x=1928.0000000000000 y=-126.07800000000000 } _PointInfo
weight 0.99999999999999822 double
i 64 int
quantum 21 unsigned int
alpha 60.047367094979315 double
+ coefficients 0x00cf3928 double *
+ point {x=1928.0026026706978 y=-127.40640841521808 } _PointInfo
+ p 0x00e1d088 {point={...} coordinates=64 primitive=-842150451 ...} _PrimitiveInfo *
I need your help. Thanks.