SIGABRT - convert - IM 6.9.0-1 - d54227aa

Post any defects you find in the released or beta versions of the ImageMagick software here. Include the ImageMagick version, OS, and any command-line required to reproduce the problem. Got a patch for a bug? Post it here.
Post Reply
JodieC
Posts: 82
Joined: 2014-10-03T21:38:50-07:00
Authentication code: 6789

SIGABRT - convert - IM 6.9.0-1 - d54227aa

Post by JodieC » 2014-12-11T03:51:38-07:00

Source file: https://www.dropbox.com/s/a218rgxd4srwe9y/d54227aa?dl=0
To reproduce:

Code: Select all

convert d54227aa png:/dev/null
Output:

Code: Select all

*** Error in `convert': realloc(): invalid next size: 0x0000000000647bd0 ***
Aborted (core dumped)
System Details:
AMD64
Distributor ID: Ubuntu
Description: Ubuntu 14.04.1 LTS
Release: 14.04
Codename: trusty

ImageMagick 6.9.0-1 Beta compiled from source.
Also crashed on IM 6.9.0-0 from Ubuntu.

Found with American Fuzzy Lop ( http://lcamtuf.coredump.cx/afl/ )
I have a 24-core box going 24/7 on this so I'm sure there will be more tomorrow. :D

User avatar
magick
Site Admin
Posts: 11062
Joined: 2003-05-31T11:32:55-07:00

Re: SIGABRT - convert - IM 6.9.0-1 - d54227aa

Post by magick » 2014-12-11T04:55:54-07:00

We cannot reproduce the problem. We're getting expected results:
  • -> convert -version
    Version: ImageMagick 6.9.0-1 Q16 x86_64 2014-12-10 http://www.imagemagick.org
    Copyright: Copyright (C) 1999-2015 ImageMagick Studio LLC
    Features: DPC Modules OpenMP
    Delegates (built-in): bzlib djvu fftw fontconfig freetype fpx jbig jng jpeg lcms lqr ltdl lzma openexr pangocairo png tiff webp wmf x xml zlib

    -> convert d54227aa png:/dev/null
    convert: negative or zero image size `d54227aa' @ error/pnm.c/ReadPNMImage/413.
    convert: no images defined `png:/dev/null' @ error/convert.c/ConvertImageCommand/3210.

broucaries
Posts: 467
Joined: 2008-12-21T11:51:10-07:00

Re: SIGABRT - convert - IM 6.9.0-1 - d54227aa

Post by broucaries » 2014-12-13T12:57:41-07:00

It crash under debian
bt
#0 0x00007ffff7067107 in __GI_raise (sig=sig@entry=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:56
#1 0x00007ffff70684e8 in __GI_abort () at abort.c:89
#2 0x00007ffff70a5044 in __libc_message (do_abort=do_abort@entry=1, fmt=fmt@entry=0x7ffff7197c60 "*** Error in `%s': %s: 0x%s ***\n") at ../sysdeps/posix/libc_fatal.c:175
#3 0x00007ffff70aa81e in malloc_printerr (action=1, str=0x7ffff7193e22 "realloc(): invalid next size", ptr=<optimized out>) at malloc.c:4996
#4 0x00007ffff70ad5fb in _int_realloc (av=av@entry=0x7ffff73d5620 <main_arena>, oldp=oldp@entry=0x625280, oldsize=oldsize@entry=4112, nb=nb@entry=4112) at malloc.c:4234
#5 0x00007ffff70ae5f9 in __GI___libc_realloc (oldmem=0x625290, bytes=4096) at malloc.c:3029
#6 0x00007ffff7a4ead3 in ResizeMagickMemory (memory=0x625290, size=<optimized out>) at ../../magick/memory.c:1140
#7 0x00007ffff7a4eb2c in ResizeQuantumMemory (memory=<optimized out>, count=<optimized out>, quantum=<optimized out>) at ../../magick/memory.c:1205
#8 0x00007ffff3c221ef in PNMComment (image=image@entry=0x61fc40) at ../../coders/pnm.c:165
#9 0x00007ffff3c222a1 in PNMInteger (image=0x61fc40, base=10) at ../../coders/pnm.c:201
#10 0x00007ffff3c22410 in ReadPNMImage (image_info=0x44d9, exception=0x44d9) at ../../coders/pnm.c:290
#11 0x00007ffff79a89c8 in ReadImage (image_info=0x609250, exception=0x44d9, exception@entry=0x604e10) at ../../magick/constitute.c:547
#12 0x00007ffff79a9a6b in ReadImages (image_info=0x609250, exception=0x604e10) at ../../magick/constitute.c:853
#13 0x00007ffff7639e11 in ConvertImageCommand (image_info=0x2, argc=3, argv=0x603010, metadata=0xffffffffffffffff, exception=0x3039323532363030) at ../../wand/convert.c:622
#14 0x00007ffff76a5ee7 in MagickCommandGenesis (image_info=image_info@entry=0x604f90, command=0x400810 <ConvertImageCommand@plt>, argc=argc@entry=3, argv=argv@entry=0x7fffffffe108,
metadata=metadata@entry=0x0, exception=exception@entry=0x604e10) at ../../wand/mogrify.c:168
#15 0x0000000000400887 in ConvertMain (argv=0x7fffffffe108, argc=3) at ../../utilities/convert.c:81
#16 main (argc=3, argv=0x7fffffffe108) at ../../utilities/convert.c:92

broucaries
Posts: 467
Joined: 2008-12-21T11:51:10-07:00

Re: SIGABRT - convert - IM 6.9.0-1 - d54227aa

Post by broucaries » 2014-12-13T12:58:08-07:00

I also need a patch for this

JodieC
Posts: 82
Joined: 2014-10-03T21:38:50-07:00
Authentication code: 6789

Re: SIGABRT - convert - IM 6.9.0-1 - d54227aa

Post by JodieC » 2014-12-15T19:18:08-07:00

Tested 12/15/2014 with http://www.imagemagick.org/download/bet ... 215.tar.gz Result: Fail

User avatar
dlemstra
Posts: 1568
Joined: 2013-05-04T15:28:54-07:00
Authentication code: 6789
Contact:

Re: SIGABRT - convert - IM 6.9.0-1 - d54227aa

Post by dlemstra » 2014-12-18T01:30:53-07:00

Can you try with a newer beta or a svn checkout? I am getting the following output:

Code: Select all

D:\Images\Fuzz>convert d54227aa d54227aa.png
convert.exe: Negative or zero image size `d54227aa' @ error/pnm.c/ReadPNMImage/417.
convert.exe: no images defined `d54227aa.png' @ error/convert.c/ConvertImageCommand/3210.
.NET + ImageMagick = Magick.NET https://github.com/dlemstra/Magick.NET, @MagickNET, Donate

JodieC
Posts: 82
Joined: 2014-10-03T21:38:50-07:00
Authentication code: 6789

Re: SIGABRT - convert - IM 6.9.0-1 - d54227aa

Post by JodieC » 2014-12-18T05:22:27-07:00


User avatar
dlemstra
Posts: 1568
Joined: 2013-05-04T15:28:54-07:00
Authentication code: 6789
Contact:

Re: SIGABRT - convert - IM 6.9.0-1 - d54227aa

Post by dlemstra » 2014-12-18T06:56:47-07:00

I just tested this on my Ubuntu machine and it exits properly there:

Code: Select all

magick@singlemalt:~/fuzz$ ../ImageMagick6/utilities/convert -version
Version: ImageMagick 6.9.0-1 Q16 x86_64 2014-12-16 http://www.imagemagick.org
Copyright: Copyright (C) 1999-2015 ImageMagick Studio LLC
Features: DPC OpenMP
Delegates (built-in): bzlib djvu fontconfig freetype jbig jng jpeg lcms lqr lzma openexr pangocairo png tiff x xml zlib

magick@singlemalt:~/fuzz$ ../ImageMagick6/utilities/convert d54227aa png:/dev/null
lt-convert: NegativeOrZeroImageSize `d54227aa' @ error/pnm.c/ReadPNMImage/417.
lt-convert: NoImagesDefined `png:/dev/null' @ error/convert.c/ConvertImageCommand/3210.
magick@singlemalt:~/fuzz$
Are you sure you are using the correct version of ImageMagick?
.NET + ImageMagick = Magick.NET https://github.com/dlemstra/Magick.NET, @MagickNET, Donate

JodieC
Posts: 82
Joined: 2014-10-03T21:38:50-07:00
Authentication code: 6789

Re: SIGABRT - convert - IM 6.9.0-1 - d54227aa

Post by JodieC » 2014-12-18T16:02:50-07:00

Looks like you're running lt-convert while I am running convert.

JodieC
Posts: 82
Joined: 2014-10-03T21:38:50-07:00
Authentication code: 6789

Re: SIGABRT - convert - IM 6.9.0-1 - d54227aa

Post by JodieC » 2014-12-18T16:33:44-07:00

Works now that I fixed the libs.

Post Reply