[Bug 1549042] Re: SEGV in MagickCore/locale.c:1417
Moshe Kaplan
mk.moshe.kaplan at gmail.com
Wed Feb 24 00:00:27 UTC 2016
input file to trigger crash
** Attachment added: "id:000119,sig:06,src:001982,op:int32,pos:16,val:-1"
https://bugs.launchpad.net/bugs/1549042/+attachment/4579527/+files/id%3A000119%2Csig%3A06%2Csrc%3A001982%2Cop%3Aint32%2Cpos%3A16%2Cval%3A-1
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to imagemagick in Ubuntu.
https://bugs.launchpad.net/bugs/1549042
Title:
SEGV in MagickCore/locale.c:1417
Status in imagemagick package in Ubuntu:
New
Bug description:
This bug was found while fuzzing ImageMagick with afl-fuzz
Tested on ImageMagick git commit
5afc3a6a4c6cc8a2226bbd96ea60c80d975b56cc
Command: magick id:000119,sig:06,src:001982,op:int32,pos:16,val:-1
/dev/null
ASAN:SIGSEGV
=================================================================
==23655==ERROR: AddressSanitizer: SEGV on unknown address 0xfeffffff (pc 0x0808c433 sp 0xbfb18140 bp 0xbfb18188 T0)
#0 0x808c432 in __interceptor_strcasecmp (/usr/local/bin/magick+0x808c432)
#1 0x814aa4c in LocaleCompare /home/user/Desktop/FuzzImageMagick-master/ImageMagick/MagickCore/locale.c:1417
#2 0x8232e86 in CompareSplayTreeString /home/user/Desktop/FuzzImageMagick-master/ImageMagick/MagickCore/splay-tree.c:419
#3 0x823fdbe in Splay /home/user/Desktop/FuzzImageMagick-master/ImageMagick/MagickCore/splay-tree.c:1492
#4 0x823040f in SplaySplayTree /home/user/Desktop/FuzzImageMagick-master/ImageMagick/MagickCore/splay-tree.c:1583
#5 0x82351c0 in DeleteNodeFromSplayTree /home/user/Desktop/FuzzImageMagick-master/ImageMagick/MagickCore/splay-tree.c:619
#6 0x822281f in RelinquishUniqueFileResource /home/user/Desktop/FuzzImageMagick-master/ImageMagick/MagickCore/resource.c:1000
#7 0x88941e8 in RelinquishPixelCachePixels /home/user/Desktop/FuzzImageMagick-master/ImageMagick/MagickCore/cache.c:886
#8 0x8893e87 in DestroyPixelCache /home/user/Desktop/FuzzImageMagick-master/ImageMagick/MagickCore/cache.c:943
#9 0x8893b66 in DestroyImagePixels /home/user/Desktop/FuzzImageMagick-master/ImageMagick/MagickCore/cache.c:823
#10 0x80ff39a in DestroyImage /home/user/Desktop/FuzzImageMagick-master/ImageMagick/MagickCore/image.c:1189
#11 0x8132efc in DeleteImageFromList /home/user/Desktop/FuzzImageMagick-master/ImageMagick/MagickCore/list.c:298
#12 0x8132efc in DestroyImageList /home/user/Desktop/FuzzImageMagick-master/ImageMagick/MagickCore/list.c:451
#13 0x8748c73 in ReadSUNImage /home/user/Desktop/FuzzImageMagick-master/ImageMagick/coders/sun.c:300
#14 0x89163de in ReadImage /home/user/Desktop/FuzzImageMagick-master/ImageMagick/MagickCore/constitute.c:494
#15 0x89181ee in ReadImages /home/user/Desktop/FuzzImageMagick-master/ImageMagick/MagickCore/constitute.c:844
#16 0x8dac5b9 in CLINoImageOperator /home/user/Desktop/FuzzImageMagick-master/ImageMagick/MagickWand/operation.c:4690
#17 0x8db4aa1 in CLIOption /home/user/Desktop/FuzzImageMagick-master/ImageMagick/MagickWand/operation.c:5184
#18 0x8b3f08d in ProcessCommandOptions /home/user/Desktop/FuzzImageMagick-master/ImageMagick/MagickWand/magick-cli.c:474
#19 0x8b42405 in MagickImageCommand /home/user/Desktop/FuzzImageMagick-master/ImageMagick/MagickWand/magick-cli.c:786
#20 0x8b468e9 in MagickCommandGenesis /home/user/Desktop/FuzzImageMagick-master/ImageMagick/MagickWand/mogrify.c:172
#21 0x80ddf3d in MagickMain /home/user/Desktop/FuzzImageMagick-master/ImageMagick/utilities/magick.c:74
#22 0x80ddf3d in main /home/user/Desktop/FuzzImageMagick-master/ImageMagick/utilities/magick.c:85
#23 0xb755aa82 in __libc_start_main /build/eglibc-617sU_/eglibc-2.19/csu/libc-start.c:287
#24 0x80ddd64 in _start (/usr/local/bin/magick+0x80ddd64)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV ??:0 __interceptor_strcasecmp
==23655==ABORTING
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1549042/+subscriptions
More information about the foundations-bugs
mailing list