oss-sec mailing list archives
imagemagick: null pointer must never be null (tiff.c)
From: Agostino Sarubbo <ago () gentoo org>
Date: Sat, 19 Nov 2016 17:18:26 +0100
If suitable for a CVE please assign one. Thanks. Description: imagemagick is a software suite to create, edit, compose, or convert bitmap images. A fuzz on an updated version with the undefined behavior sanitizer enabled, revealed a null pointer which is declared to never be null. The complete UBSan output: # identify $FILE coders/tiff.c:655:39: runtime error: null pointer passed as argument 2, which is declared to never be null MagickCore/string_.h:76:23: note: nonnull attribute specified here Affected version: 7.0.3.6 Fixed version: 7.0.3.7 Commit fix: https://github.com/ImageMagick/ImageMagick/commit/b61d35eaccc0a7ddeff8a1c3abfcd0a43ccf210b Credit: This bug was discovered by Agostino Sarubbo of Gentoo. CVE: N/A Reproducer: https://github.com/asarubbo/poc/blob/master/00049-imagemagick-pointernerverbenull Timeline: 2016-11-09: bug discovered and reported to upstream 2016-11-09: upstream released a patch 2016-11-15: upstream released 7.0.3.7 2016-11-19: blog post about the issue Note: This bug was found with American Fuzzy Lop. Permalink: https://blogs.gentoo.org/ago/2016/11/19/imagemagick-null-pointer-must-never-be-null-tiff-c -- Agostino Sarubbo Gentoo Linux Developer
Current thread:
- imagemagick: null pointer must never be null (tiff.c) Agostino Sarubbo (Nov 19)
- Re: imagemagick: null pointer must never be null (tiff.c) cve-assign (Nov 22)