Source: imagemagick
Version: 8:6.9.7.4+dfsg-15
Severity: important
Tags: security upstream
X-Debbugs-CC: t...@security.debian.org
control: found -1 8:6.8.9.9-5+deb8u8
control: found -1 8:6.8.9.9-5+deb8u9
control: found -1 8:6.7.7.10-5+deb7u14
control: found -1 8:6.7.7.10-5+deb9u1
forwarded:https://github.com/ImageMagick/ImageMagick/issues/573
ersion: ImageMagick 7.0.6-2 Q16 x86_64
./magick convert $FILE out.map
==12299==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 3 byte(s) in 1 object(s) allocated from:
#0 0x4deeb6 in __interceptor_malloc asan_malloc_linux.cc:66
#1 0x7f9e4bb7a186 in AcquireMagickMemory memory.c:464:10
#2 0x7f9e4bb7a1e8 in AcquireQuantumMemory memory.c:537:10
#3 0x7f9e4bf5e0a3 in WriteMAPImage map.c:390:30
#4 0x7f9e4b9596fe in WriteImage constitute.c:1114:14
#5 0x7f9e4b95a5fd in WriteImages constitute.c:1333:13
#6 0x7f9e4b005900 in ConvertImageCommand convert.c:3280:11
#7 0x7f9e4b1540cf in MagickCommandGenesis mogrify.c:183:14
#8 0x514a37 in MagickMain magick.c:149:10
#9 0x514491 in main magick.c:180:10
#10 0x7f9e45991f44 in __libc_start_main libc-start.c:287
POC: https://github.com/jgj212/poc/blob/master/leak-WriteMAPImage
Credit : ADLab of Venustech
