oss-sec mailing list archives
GraphicsMagick CVE request: 8BIM/8BIMW unsigned underflow leads to heap overflow
From: Bob Friesenhahn <bfriesen () simple dallas tx us>
Date: Sat, 1 Oct 2016 10:43:18 -0500 (CDT)
Today we received a report from Marco Grassi about a heap overflow in the 8BIM reader. 8BIM is a metadata chunk often attached to JPEG files.
After investigation it was found that there was a small unsigned overflow leading to a huge size value, which then resulted in a heap overflow (causing a crash).
We believe that this issue exists in all GraphicsMagick releases to date (including 1.3.25).
The fix to this may be found in GraphicsMagick Mercurial at "https://sourceforge.net/p/graphicsmagick/code/ci/5c7b6d6094a25e99c57f8b18343914ebfd8213ef/";.
Bob -- Bob Friesenhahn bfriesen () simple dallas tx us, http://www.simplesystems.org/users/bfriesen/ GraphicsMagick Maintainer, http://www.GraphicsMagick.org/
Current thread:
- GraphicsMagick CVE request: 8BIM/8BIMW unsigned underflow leads to heap overflow Bob Friesenhahn (Oct 01)