[Bug 1589190] [NEW] SEGV in coders/rle.c:435:15

Sat, 04 Jun 2016 21:46:04 -0700 

*** This bug is a security vulnerability ***

Public security bug reported:

This bug was found while fuzzing ImageMagick with afl-fuzz

Tested on ImageMagick git commit
f435e8724ade942148d065a4b898a0ed0c42c368


Command: magick id:000434,sig:06,src:007452+006268,op:splice,rep:4 /dev/null

ASAN:SIGSEGV
=================================================================
==11472==ERROR: AddressSanitizer: SEGV on unknown address 0xb600fbf0 (pc 
0x084872b9 bp 0xbfbf8df8 sp 0xbfbf7ac0 T0)
    #0 0x84872b8 in ReadRLEImage 
/home/user/Desktop/ImageMagick/coders/rle.c:435:15
    #1 0x85f17b3 in ReadImage 
/home/user/Desktop/ImageMagick/MagickCore/constitute.c:496:13
    #2 0x85f52a4 in ReadImages 
/home/user/Desktop/ImageMagick/MagickCore/constitute.c:851:9
    #3 0x8bd3193 in CLINoImageOperator 
/home/user/Desktop/ImageMagick/MagickWand/operation.c:4705:22
    #4 0x8bd697f in CLIOption 
/home/user/Desktop/ImageMagick/MagickWand/operation.c:5199:7
    #5 0x8a94b84 in ProcessCommandOptions 
/home/user/Desktop/ImageMagick/MagickWand/magick-cli.c:474:7
    #6 0x8a95ee2 in MagickImageCommand 
/home/user/Desktop/ImageMagick/MagickWand/magick-cli.c:791:5
    #7 0x8a9809d in MagickCommandGenesis 
/home/user/Desktop/ImageMagick/MagickWand/mogrify.c:183:14
    #8 0x81434a3 in MagickMain 
/home/user/Desktop/ImageMagick/utilities/magick.c:145:10
    #9 0x81434a3 in main /home/user/Desktop/ImageMagick/utilities/magick.c:176
    #10 0xb741c7ad in __libc_start_main 
/build/glibc-xt1eTb/glibc-2.21/csu/libc-start.c:289
    #11 0x808956b in _start (/usr/local/bin/magick+0x808956b)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /home/user/Desktop/ImageMagick/coders/rle.c:435 
ReadRLEImage
==11472==ABORTING

** Affects: imagemagick (Ubuntu)
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1589190

Title:
  SEGV in coders/rle.c:435:15

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1589190/+subscriptions

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to