Page 1 of 1

/usr/bin/convert: free(): invalid pointer

Posted: 2012-12-19T10:16:50-07:00
by aaronh
Im getting this on my website when a user clicks on an image in our catalog. I have imagick module 2.3.0 and ImageMagick-6.4.3.6-5.3 and ImageMagick-devel-6.4.3.6-5.3 installed on my server.
Also, I'm using Drupal 6 as my CMS.

From what I'm seeing, there must be an invalid use of free() in convert.

The full error is:

Code: Select all

ImageMagick reported an error: *** glibc detected *** /usr/bin/convert: free(): invalid pointer: 0x0000000000a2dbb3 *** 
This is the backtrace:

Code: Select all

======= Backtrace: ========= 
/lib64/libc.so.6[0x7f77dda96118] 
/lib64/libc.so.6(cfree+0x76)[0x7f77dda97c76] 
/usr/lib64/libMagickCore.so.1(RelinquishMagickMemory+0x1f)[0x7f77e0d6320f] 
/usr/lib64/libMagickCore.so.1[0x7f77e0ddaead] 
/usr/lib64/libMagickCore.so.1(NewXMLTree+0xa00)[0x7f77e0ddbcd0] 
/usr/lib64/libMagickCore.so.1(GetImageProperty+0x1ea)[0x7f77e0d76faa] 
/usr/lib64/libMagickCore.so.1(SetImageProfile+0xdc)[0x7f77e0d7a67c] 
/usr/lib64/ImageMagick-6.4.3
/modules-Q16/coders/jpeg.so[0x7f77dd1b5bcf] 
/usr/lib64/libjpeg.so.62[0x7f77e003c9ea] 
/usr/lib64/libjpeg.so.62[0x7f77e003aaca] 
/usr/lib64/libjpeg.so.62(jpeg_consume_input+0x8f)[0x7f77e0038e5f] 
/usr/lib64/libjpeg.so.62(jpeg_read_header+0x43)[0x7f77e0039273] 
/usr/lib64/ImageMagick-6.4.3
/modules-Q16/coders/jpeg.so[0x7f77dd1b672d] 
/usr/lib64/libMagickCore.so.1(ReadImage+0x178)[0x7f77e0cd9f18] 
/usr/lib64/libMagickWand.so.1(ConvertImageCommand+0x4c3)[0x7f77e09a9b33] 
/usr/bin/convert[0x400f64] 
/lib64/libc.so.6(__libc_start_main+0xe6)[0x7f77dda40586] 
/usr/bin/convert[0x400d69] 
This is the memory map:

Code: Select all

======= Memory map: ======== 
00400000-00402000 r-xp 00000000 fd:04 206798 /usr/bin/convert 
00601000-00602000 r--p 00001000 fd:04 206798 /usr/bin/convert 
00602000-00603000 rw-p 00002000 fd:04 206798 /usr/bin/convert 
00603000-00aa2000 rw-p 00603000 00:00 0 [heap] 
7f77d8000000-7f77d8021000 rw-p 7f77d8000000 00:00 0 
7f77d8021000-7f77dc000000 ---p 7f77d8021000 00:00 0 
7f77dcf9b000-7f77dcfb1000 r-xp 00000000 fd:01 245878 /lib64/libgcc_s.so.1 
7f77dcfb1000-7f77dd1b1000 ---p 00016000 fd:01 245878 /lib64/libgcc_s.so.1 
7f77dd1b1000-7f77dd1b2000 r--p 00016000 fd:01 245878 /lib64/libgcc_s.so.1 
7f77dd1b2000-7f77dd1b3000 rw-p 00017000 fd:01 245878 /lib64/libgcc_s.so.1 
7f77dd1b3000-7f77dd1bb000 r-xp 00000000 fd:04 114768 /usr/lib64/ImageMagick-6.4.3/modules-Q16/coders/jpeg.so 
7f77dd1bb000-7f77dd3bb000 ---p 00008000 fd:04 114768 /usr/lib64/ImageMagick-6.4.3/modules-Q16/coders/jpeg.so 
7f77dd3bb000-7f77dd3bc000 r--p 00008000 fd:04 114768 /usr/lib64/ImageMagick-6.4.3/modules-Q16/coders/jpeg.so 
7f77dd3bc000-7f77dd3bd000 rw-p 00009000 fd:04 114768 /usr/lib64/ImageMagick-6.4.3/modules-Q16/coders/jpeg.so 
7f77dd3bd000-7f77dd3e4000 r-xp 00000000 fd:01 245882 /lib64/libexpat.so.1.5.2 
7f77dd3e4000-7f77dd5e4000 ---p 00027000 fd:01 245882 /lib64/libexpat.so.1.5.2 
7f77dd5e4000-7f77dd5e6000 r--p 00027000 fd:01 245882 /lib64/libexpat.so.1.5.2 
7f77dd5e6000-7f77dd5e7000 rw-p 00029000 fd:01 245882 /lib64/libexpat.so.1.5.2 
7f77dd5e7000-7f77dd5ef000 r-xp 00000000 fd:01 245799 /lib64/librt-2.9.so 
7f77dd5ef000-7f77dd7ee000 ---p 00008000 fd:01 245799 /lib64/librt-2.9.so 
7f77dd7ee000-7f77dd7ef000 r--p 00007000 fd:01 245799 /lib64/librt-2.9.so 
7f77dd7ef000-7f77dd7f0000 rw-p 00008000 fd:01 245799 /lib64/librt-2.9.so 
7f77dd7f0000-7f77dd820000 r-xp 00000000 fd:04 100165 /usr/lib64/libfontconfig.so.1.3.0 
7f77dd820000-7f77dda20000 ---p 00030000 fd:04 100165 /usr/lib64/libfontconfig.so.1.3.0 
7f77dda20000-7f77dda21000 r--p 00030000 fd:04 100165 /usr/lib64/libfontconfig.so.1.3.0 
7f77dda21000-7f77dda22000 rw-p 00031000 fd:04 100165 /usr/lib64/libfontconfig.so.1.3.0 
7f77dda22000-7f77ddb71000 r-xp 00000000 fd:01 245769 /lib64/libc-2.9.so 
7f77ddb71000-7f77ddd71000 ---p 0014f000 fd:01 245769 /lib64/libc-2.9.so 
7f77ddd71000-7f77ddd75000 r--p 0014f000 fd:01 245769 /lib64/libc-2.9.so 
7f77ddd75000-7f77ddd76000 rw-p 00153000 fd:01 245769 /lib64/libc-2.9.so 
7f77ddd76000-7f77ddd7b000 rw-p 7f77ddd76000 00:00 0 
7f77ddd7b000-7f77dddd0000 r-xp 00000000 fd:01 245777 /lib64/libm-2.9.so 
7f77dddd0000-7f77ddfcf000 ---p 00055000 fd:01 245777 /lib64/libm-2.9.so 
7f77ddfcf000-7f77ddfd0000 r--p 00054000 fd:01 245777 /lib64/libm-2.9.so 
7f77ddfd0000-7f77ddfd1000 rw-p 00055000 fd:01 245777 /lib64/libm-2.9.so 
7f77ddfd1000-7f77ddfd3000 r-xp 00000000 fd:01 245775 /lib64/libdl-2.9.so 
7f77ddfd3000-7f77de1d3000 ---p 00002000 fd:01 245775 /lib64/libdl-2.9.so 
7f77de1d3000-7f77de1d4000 r--p 00002000 fd:01 245775 /lib64/libdl-2.9.so 
7f77de1d4000-7f77de1d5000 rw-p 00003000 fd:01 245775 /lib64/libdl-2.9.so 
7f77de1d5000-7f77de1d7000 r-xp 00000000 fd:04 98314 /usr/lib64/libXau.so.6.0.0 
7f77de1d7000-7f77de3d7000 ---p 00002000 fd:04 98314 /usr/lib64/libXau.so.6.0.0 
7f77de3d7000-7f77de3d8000 r--p 00002000 fd:04 98314 /usr/lib64/libXau.so.6.0.0 
7f77de3d8000-7f77de3d9000 rw-p 00003000 fd:04 98314 /usr/lib64/libXau.so.6.0.0 
7f77de3d9000-7f77de3f4000 r-xp 00000000 fd:04 98890 /usr/lib64/libxcb.so.1.0.0 
7f77de3f4000-7f77de5f3000 ---p 0001b000 fd:04 98890 /usr/lib64/libxcb.so.1.0.0 
7f77de5f3000-7f77de5f4000 r--p 0001a000 fd:04 98890 /usr/lib64/libxcb.so.1.0.0 
7f77de5f4000-7f77de5f5000 rw-p 0001b000 fd:04 98890 /usr/lib64/libxcb.so.1.0.0 
7f77de5f5000-7f77de5f6000 r-xp 00000000 fd:04 98880 /usr/lib64/libxcb-xlib.so.0.0.0 
7f77de5f6000-7f77de7f5000 ---p 00001000 fd:04 98880 /usr/lib64/libxcb-xlib.so.0.0.0 
7f77de7f5000-7f77de7f6000 r--p 00000000 fd:04 98880 /usr/lib64/libxcb-xlib.so.0.0.0 
7f77de7f6000-7f77de7f7000 rw-p 00001000 fd:04 98880 /usr/lib64/libxcb-xlib.so.0.0.0 
7f77de7f7000-7f77de92e000 r-xp 00000000 fd:04 100268 /usr/lib64/libX11.so.6.2.0 
7f77de92e000-7f77deb2e000 ---p 00137000 fd:04 100268 /usr/lib64/libX11.so.6.2.0 
7f77deb2e000-7f77deb2f000 r--p 00137000 fd:04 100268 /usr/lib64/libX11.so.6.2.0 
7f77deb2f000-7f77deb34000 rw-p 00138000 fd:04 100268 /usr/lib64/libX11.so.6.2.0 
7f77deb34000-7f77deb4b000 r-xp 00000000 fd:04 98316 /usr/lib64/libICE.so.6.3.0 
7f77deb4b000-7f77ded4b000 ---p 00017000 fd:04 98316 /usr/lib64/libICE.so.6.3.0 
7f77ded4b000-7f77ded4c000 r--p 00017000 fd:04 98316 /usr/lib64/libICE.so.6.3.0 
7f77ded4c000-7f77ded4d000 rw-p 00018000 fd:04 98316 /usr/lib64/libICE.so.6.3.0 
7f77ded4d000-7f77ded51000 rw-p 7f77ded4d000 00:00 0 
7f77ded51000-7f77ded55000 r-xp 00000000 fd:01 245871 /lib64/libuuid.so.1.2 
7f77ded55000-7f77def54000 ---p 00004000 fd:01 245871 /lib64/libuuid.so.1.2 
7f77def54000-7f77def55000 r--p 00003000 fd:01 245871 /lib64/libuuid.so.1.2 
7f77def55000-7f77def56000 rw-p 00004000 fd:01 245871 /lib64/libuuid.so.1.2 
7f77def56000-7f77def5e000 r-xp 00000000 fd:04 99026 /usr/lib64/libSM.so.6.0.0 
7f77def5e000-7f77df15d000 ---p 00008000 fd:04 99026 /usr/lib64/libSM.so.6.0.0 
7f77df15d000-7f77df15e000 r--p 00007000 fd:04 99026 /usr/lib64/libSM.so.6.0.0 
7f77df15e000-7f77df15f000 rw-p 00008000 fd:04 99026 /usr/lib64/libSM.so.6.0.0 
7f77df15f000-7f77df168000 r-xp 00000000 fd:04 98451 /usr/lib64/libltdl.so.7.2.0 
7f77df168000-7f77df367000 ---p 00009000 fd:04 98451 /usr/lib64/libltdl.so.7.2.0 
7f77df367000-7f77df368000 r--p 00008000 fd:04 98451 /usr/lib64/libltdl.so.7.2.0 
7f77df368000-7f77df369000 rw-p 00009000 fd:04 98451 /usr/lib64/libltdl.so.7.2.0 
7f77df369000-7f77df37f000 r-xp 00000000 fd:01 245795 /lib64/libpthread-2.9.so 
7f77df37f000-7f77df57f000 ---p 00016000 fd:01 245795 /lib64/libpthread-2.9.so 
7f77df57f000-7f77df580000 r--p 00016000 fd:01 245795 /lib64/libpthread-2.9.so 
7f77df580000-7f77df581000 rw-p 00017000 fd:01 245795 /lib64/libpthread-2.9.so 
7f77df581000-7f77df585000 rw-p 7f77df581000 00:00 0 
7f77df585000-7f77df58d000 r-xp 00000000 fd:04 99003 /usr/lib64/libgomp.so.1.0.0 
7f77df58d000-7f77df78c000 ---p 00008000 fd:04 99003 /usr/lib64/libgomp.so.1.0.0 
7f77df78c000-7f77df78d000 r--p 00007000 fd:04 99003 /usr/lib64/libgomp.so.1.0.0 
7f77df78d000-7f77df78e000 rw-p 00008000 fd:04 99003 /usr/lib64/libgomp.so.1.0.0 
7f77df78e000-7f77df7a3000 r-xp 00000000 fd:01 245805 /lib64/libz.so.1.2.3 
7f77df7a3000-7f77df9a2000 ---p 00015000 fd:01 245805 /lib64/libz.so.1.2.3 
7f77df9a2000-7f77df9a3000 r--p 00014000 fd:01 245805 /lib64/libz.so.1.2.3 
7f77df9a3000-7f77df9a4000 rw-p 00015000 fd:01 245805 /lib64/libz.so.1.2.3 
7f77df9a4000-7f77df9b2000 r-xp 00000000 fd:01 245845 /lib64/libbz2.so.1.0.5 
7f77df9b2000-7f77dfbb1000 ---p 0000e000 fd:01 245845 /lib64/libbz2.so.1.0.5 
7f77dfbb1000-7f77dfbb2000 r--p 0000d000 fd:01 245845 /lib64/libbz2.so.1.0.5 
7f77dfbb2000-7f77dfbb3000 rw-p 0000e000 fd:01 245845 /lib64/libbz2.so.1.0.5 
7f77dfbb3000-7f77dfc12000 r-xp 00000000 fd:04 100348 /usr/lib64/libXt.so.6.0.0 
7f77dfc12000-7f77dfe12000 ---p 0005f000 fd:04 100348 /usr/lib64/libXt.so.6.0.0 
7f77dfe12000-7f77dfe13000 r--p 0005f000 fd:04 100348 /usr/lib64/libXt.so.6.0.0 
7f77dfe13000-7f77dfe18000 rw-p 00060000 fd:04 100348 /usr/lib64/libXt.so.6.0.0 
7f77dfe18000-7f77dfe19000 rw-p 7f77dfe18000 00:00 0 
7f77dfe19000-7f77dfe2a000 r-xp 00000000 fd:04 100354 /usr/lib64/libXext.so.6.4.0 
7f77dfe2a000-7f77e0029000 ---p 00011000 fd:04 100354 /usr/lib64/libXext.so.6.4.0 
7f77e0029000-7f77e002a000 r--p 00010000 fd:04 100354 /usr/lib64/libXext.so.6.4.0 
7f77e002a000-7f77e002b000 rw-p 00011000 fd:04 100354 /usr/lib64/libXext.so.6.4.0 
7f77e002b000-7f77e004d000 r-xp 00000000 fd:04 98453 /usr/lib64/libjpeg.so.62.0.0 
7f77e004d000-7f77e024d000 ---p 00022000 fd:04 98453 /usr/lib64/libjpeg.so.62.0.0 
7f77e024d000-7f77e024e000 r--p 00022000 fd:04 98453 /usr/lib64/libjpeg.so.62.0.0 
7f77e024e000-7f77e024f000 rw-p 00023000 fd:04 98453 /usr/lib64/libjpeg.so.62.0.0 
7f77e024f000-7f77e02cf000 r-xp 00000000 fd:04 98926 /usr/lib64/libfreetype.so.6.3.18 
7f77e02cf000-7f77e04cf000 ---p 00080000 fd:04 98926 /usr/lib64/libfreetype.so.6.3.18 
7f77e04cf000-7f77e04d4000 r--p 00080000 fd:04 98926 /usr/lib64/libfreetype.so.6.3.18 
7f77e04d4000-7f77e04d5000 rw-p 00085000 fd:04 98926 /usr/lib64/libfreetype.so.6.3.18 
7f77e04d5000-7f77e052e000 r-xp 00000000 fd:04 100209 /usr/lib64/libtiff.so.3.8.2 
7f77e052e000-7f77e072e000 ---p 00059000 fd:04 100209 /usr/lib64/libtiff.so.3.8.2 
7f77e072e000-7f77e0730000 r--p 00059000 fd:04 100209 /usr/lib64/libtiff.so.3.8.2 
7f77e0730000-7f77e0731000 rw-p 0005b000 fd:04 100209 /usr/lib64/libtiff.so.3.8.2 
7f77e0731000-7f77e0765000 r-xp 00000000 fd:04 100373 /usr/lib64/liblcms.so.1.0.16 
7f77e0765000-7f77e0965000 ---p 00034000 fd:04 100373 /usr/lib64/liblcms.so.1.0.16 
7f77e0965000-7f77e0966000 r--p 00034000 fd:04 100373 /usr/lib64/liblcms.so.1.0.16 
7f77e0966000-7f77e0967000 rw-p 00035000 fd:04 100373 /usr/lib64/liblcms.so.1.0.16 
7f77e0967000-7f77e096a000 rw-p 7f77e0967000 00:00 0 
7f77e096a000-7f77e0a6b000 r-xp 00000000 fd:04 117771 /usr/lib64/libMagickWand.so.1.0.0 
7f77e0a6b000-7f77e0c6a000 ---p 00101000 fd:04 117771 /usr/lib64/libMagickWand.so.1.0.0 
7f77e0c6a000-7f77e0c6b000 r--p 00100000 fd:04 117771 /usr/lib64/libMagickWand.so.1.0.0 
7f77e0c6b000-7f77e0c6f000 rw-p 00101000 fd:04 117771 /usr/lib64/libMagickWand.so.1.0.0 
7f77e0c6f000-7f77e0e2f000 r-xp 00000000 fd:04 100424 /usr/lib64/libMagickCore.so.1.0.0 
7f77e0e2f000-7f77e102e000 ---p 001c0000 fd:04 100424 /usr/lib64/libMagickCore.so.1.0.0 
7f77e102e000-7f77e1037000 r--p 001bf000 fd:04 100424 /usr/lib64/libMagickCore.so.1.0.0 
7f77e1037000-7f77e107f000 rw-p 001c8000 fd:04 100424 /usr/lib64/libMagickCore.so.1.0.0 
7f77e107f000-7f77e1098000 rw-p 7f77e107f000 00:00 0 
7f77e1098000-7f77e10b6000 r-xp 00000000 fd:01 245762 /lib64/ld-2.9.so 
7f77e1275000-7f77e1281000 rw-p 7f77e1275000 00:00 0 
7f77e12b2000-7f77e12b5000 rw-p 7f77e12b2000 00:00 0 
7f77e12b5000-7f77e12b6000 r--p 0001d000 fd:01 245762 /lib64/ld-2.9.so 
7f77e12b6000-7f77e12b7000 rw-p 0001e000 fd:01 245762 /lib64/ld-2.9.so 
7fffe92a0000-7fffe92b7000 rw-p 7ffffffe8000 00:00 0 [stack] 
7fffe93ff000-7fffe9400000 r-xp 7fffe93ff000 00:00 0 [vdso] 
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]

Re: /usr/bin/convert: free(): invalid pointer

Posted: 2012-12-19T14:03:54-07:00
by magick
Its possible you have a corrupt profile in one of your images. Post a URL to one or two of your images that fail to convert. We need to download it and reproduce the problem before we can comment further.

Re: /usr/bin/convert: free(): invalid pointer

Posted: 2012-12-20T06:05:42-07:00
by aaronh
This url is from one of the catalog pages:
http://www.timelessexpressions.com/post ... uthor-997|

you may have to refresh the pages to get the error to pop up

Here is one of the images:
http://www.timelessexpressions.com/post ... 1118045709

Re: /usr/bin/convert: free(): invalid pointer

Posted: 2012-12-20T06:54:44-07:00
by magick
We downloaded a3304738709dc921365828ae4ce66065.jpg from http://www.timelessexpressions.com/post ... 1118045709 and it does not contain a profile so its likely not the image causing the exception. Once you identify the exact image that causes the invalid pointer exception, let us know. We'll report if the image is corrupt and if recent versions of ImageMagick can read it despite the corruption.

Re: /usr/bin/convert: free(): invalid pointer

Posted: 2012-12-20T07:10:31-07:00
by aaronh
There are tons of images on our site. How will I know the one corrupt image when I see it? Should I just upgrade?

Re: /usr/bin/convert: free(): invalid pointer

Posted: 2012-12-20T07:17:44-07:00
by magick
You understand the conundrum, we can't help you unless we can reproduce the problem and we don't know how your site works so we can't help you identify the problematic image. Upgrading ImageMagick may help, your version of IM is quite old and a newer version may have bug fixes.