[Bug 1537600] [NEW] SEGV in utilities/gm+0x807a361)

Sun, 24 Jan 2016 20:06:07 -0800 

*** This bug is a security vulnerability ***

Public security bug reported:

This bug was found while fuzzing graphicsmagick with afl-fuzz

Tested on hg changeset 14720:3b1f1e0c1098

Command: gm convert %s /dev/null

ASAN:SIGSEGV
=================================================================
==22695==ERROR: AddressSanitizer: SEGV on unknown address 0xbebebeae (pc 
0x0807a362 sp 0xbfb772b0 bp 0xbfb77340 T0)
    #0 0x807a361 in __asan::Deallocate(void*, __sanitizer::StackTrace*, 
__asan::AllocType) 
(/home/user/Desktop/graphicsmagick_fuzz_results/graphicsmagick/utilities/gm+0x807a361)
    #1 0x807a313 in __asan::asan_free(void*, __sanitizer::StackTrace*, 
__asan::AllocType) 
(/home/user/Desktop/graphicsmagick_fuzz_results/graphicsmagick/utilities/gm+0x807a313)
    #2 0x80bd3d1 in free 
(/home/user/Desktop/graphicsmagick_fuzz_results/graphicsmagick/utilities/gm+0x80bd3d1)
    #3 0x839da78 in MagickFree 
/home/user/Desktop/graphicsmagick_fuzz_results/graphicsmagick/magick/memory.c:509
    #4 0x89c572e in ReadXPMImage 
/home/user/Desktop/graphicsmagick_fuzz_results/graphicsmagick/coders/xpm.c:324
    #5 0x8244d62 in ReadImage 
/home/user/Desktop/graphicsmagick_fuzz_results/graphicsmagick/magick/constitute.c:1607
    #6 0x812c3ac in ConvertImageCommand 
/home/user/Desktop/graphicsmagick_fuzz_results/graphicsmagick/magick/command.c:4348
    #7 0x8165066 in MagickCommand 
/home/user/Desktop/graphicsmagick_fuzz_results/graphicsmagick/magick/command.c:8862
    #8 0x81ed0dc in GMCommandSingle 
/home/user/Desktop/graphicsmagick_fuzz_results/graphicsmagick/magick/command.c:17338
    #9 0x81ea204 in GMCommand 
/home/user/Desktop/graphicsmagick_fuzz_results/graphicsmagick/magick/command.c:17391
    #10 0x80d4a76 in main 
/home/user/Desktop/graphicsmagick_fuzz_results/graphicsmagick/utilities/gm.c:61
    #11 0xb754ea82 in __libc_start_main 
/build/buildd/eglibc-2.19/csu/libc-start.c:287
    #12 0x80d4904 in _start 
(/home/user/Desktop/graphicsmagick_fuzz_results/graphicsmagick/utilities/gm+0x80d4904)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV ??:0 __asan::Deallocate(void*, 
__sanitizer::StackTrace*, __asan::AllocType)
==22695==ABORTING

** Affects: graphicsmagick (Ubuntu)
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1537600

Title:
  SEGV in utilities/gm+0x807a361)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/graphicsmagick/+bug/1537600/+subscriptions

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to