Ubuntu
imagemagick package

SEGV in coders/rle.c:435:15

Bug #1589190 reported by Moshe Kaplan on 2016-06-05

256

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	ImageMagick	Fix Released	Unknown	auto-github-imagemagick-imagemagick #212
	imagemagick (Ubuntu)	Fix Released	Undecided	Unassigned

Bug Description

This bug was found while fuzzing ImageMagick with afl-fuzz

Tested on ImageMagick git commit f435e8724ade942148d065a4b898a0ed0c42c368

Command: magick id:000434,sig:06,src:007452+006268,op:splice,rep:4 /dev/null

ASAN:SIGSEGV
=================================================================
==11472==ERROR: AddressSanitizer: SEGV on unknown address 0xb600fbf0 (pc 0x084872b9 bp 0xbfbf8df8 sp 0xbfbf7ac0 T0)
    #0 0x84872b8 in ReadRLEImage /home/user/Desktop/ImageMagick/coders/rle.c:435:15
    #1 0x85f17b3 in ReadImage /home/user/Desktop/ImageMagick/MagickCore/constitute.c:496:13
    #2 0x85f52a4 in ReadImages /home/user/Desktop/ImageMagick/MagickCore/constitute.c:851:9
    #3 0x8bd3193 in CLINoImageOperator /home/user/Desktop/ImageMagick/MagickWand/operation.c:4705:22
    #4 0x8bd697f in CLIOption /home/user/Desktop/ImageMagick/MagickWand/operation.c:5199:7
    #5 0x8a94b84 in ProcessCommandOptions /home/user/Desktop/ImageMagick/MagickWand/magick-cli.c:474:7
    #6 0x8a95ee2 in MagickImageCommand /home/user/Desktop/ImageMagick/MagickWand/magick-cli.c:791:5
    #7 0x8a9809d in MagickCommandGenesis /home/user/Desktop/ImageMagick/MagickWand/mogrify.c:183:14
    #8 0x81434a3 in MagickMain /home/user/Desktop/ImageMagick/utilities/magick.c:145:10
    #9 0x81434a3 in main /home/user/Desktop/ImageMagick/utilities/magick.c:176
    #10 0xb741c7ad in __libc_start_main /build/glibc-xt1eTb/glibc-2.21/csu/libc-start.c:289
    #11 0x808956b in _start (/usr/local/bin/magick+0x808956b)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /home/user/Desktop/ImageMagick/coders/rle.c:435 ReadRLEImage
==11472==ABORTING