Legacy ImageMagick Discussions Archive

I'm sorry, file permission problem, download works now.

I'm open to helping creating an image corpus. I agree that bundling them in the imagemagick distribution may not be the best idea, due to the fact that this could quickly become pretty large. But it could simply be a git repository where the ...

Here's a file that causes invalid heap memory read accesses in convert which show up when compiled with address sanitizer:
https://crashes.fuzzing-project.org/imagemagick-omp_outlined-invalid-memory-read.wpg

Test:

convert -resize 1 [input] out


This happened while testing some older files I had ...

Thanks for the note with the height/width limit.

However given the description of the "area" limit I'd still consider these a bug if these try to alloc huge amounts of memory if a limit is set. Or am I misunderstanding something here?

Here are three more cases:
https://crashes.fuzzing-project.org/imagemagick-malloc-fail-ReadBMPImage
https://crashes.fuzzing-project.org/imagemagick-malloc-fail-ReadPCXImage
https://crashes.fuzzing-project.org/imagemagick-malloc-fail-ReadRLEImage

Although ImageMagick exists gracefully I think these ...

That's the point of fuzzing, it's "garbage" that imagemagick will try to interpret and expose bugs on doing so.

Forgot in the initial post, here's the address sanitizer stack trace:

==9248==AddressSanitizer CHECK failed: /var/tmp/portage/sys-devel/llvm-3.6.1/work/llvm-3.6.1.src/projects/compiler ...

The first time I posted this it got deleted and my account locked, but according to twitter replies this happened by accident ;-) Therefore I post it again.

I was fuzzing imagemagick's identify command and on certain input files it tries to allocate huge amounts of memory. This would be okay if ...