lt-convert - IM 6.9.0-1 - SIGABRT - 39b80955 - coders/rle.c:538

Post any defects you find in the released or beta versions of the ImageMagick software here. Include the ImageMagick version, OS, and any command-line required to reproduce the problem. Got a patch for a bug? Post it here.
Post Reply
JodieC
Posts: 82
Joined: 2014-10-03T21:38:50-07:00
Authentication code: 6789

lt-convert - IM 6.9.0-1 - SIGABRT - 39b80955 - coders/rle.c:538

Post by JodieC »

Source file:
https://www.dropbox.com/s/dj5foy2afeh1pmi/39b80955?dl=0

Reproduce:

Code: Select all

convert 39b80955 png:/dev/null
Output 6.9.0-1 from SVN 20141221:

Code: Select all

Aborted (core dumped)
Output from 6.6.9.7-5ubuntu3.3:

Code: Select all

Segmentation fault (core dumped)
(I'm gathering the BTs automatically with a script for gdb... if you want anything else for these please let me know! I can also give you the whole core file. Whatever works.)

BT 6.9.0-1 from SVN 20141221:

Code: Select all

[New LWP 2204]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Core was generated by `/home/jodicun/opt/ImageMagick-2014-12-19/utilities/.libs/lt-convert ../bugs/ima'.
Program terminated with signal SIGABRT, Aborted.
#0  0x00007ffff6f8dbb9 in __GI_raise (sig=sig@entry=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:56
#0  0x00007ffff6f8dbb9 in __GI_raise (sig=sig@entry=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:56
#1  0x00007ffff6f90fc8 in __GI_abort () at abort.c:89
#2  0x00007ffff79614f1 in MagickSignalHandler (signal_number=6) at magick/magick.c:1171
#3  <signal handler called>
#4  0x00007ffff6f8dbb9 in __GI_raise (sig=sig@entry=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:56
#5  0x00007ffff6f90fc8 in __GI_abort () at abort.c:89
#6  0x00007ffff79614f1 in MagickSignalHandler (signal_number=11) at magick/magick.c:1171
#7  <signal handler called>
#8  ScaleCharToQuantum (value=<error reading variable: Cannot access memory at address 0x7ffff7fec000>) at ./magick/quantum-private.h:366
#9  ReadRLEImage (image_info=0x60e050, exception=0x604990) at coders/rle.c:538
#10 0x00007ffff78d3cd8 in ReadImage (image_info=image_info@entry=0x608ea0, exception=exception@entry=0x604990) at magick/constitute.c:547
#11 0x00007ffff78d4d73 in ReadImages (image_info=image_info@entry=0x608ea0, exception=exception@entry=0x604990) at magick/constitute.c:853
#12 0x00007ffff7571168 in ConvertImageCommand (image_info=0x608ea0, argc=3, argv=0x604010, metadata=0x0, exception=0x604990) at wand/convert.c:622
#13 0x00007ffff75c2fd8 in MagickCommandGenesis (image_info=image_info@entry=0x604b10, command=0x400830 <ConvertImageCommand@plt>, argc=argc@entry=3, argv=argv@entry=0x7fffffffdc38, metadata=metadata@entry=0x0, exception=exception@entry=0x604990) at wand/mogrify.c:168
#14 0x0000000000400907 in ConvertMain (argv=0x7fffffffdc38, argc=3) at utilities/convert.c:81
#15 main (argc=3, argv=0x7fffffffdc38) at utilities/convert.c:92
System Details:
AMD64
Distributor ID: Ubuntu
Description: Ubuntu 14.04.1 LTS
Release: 14.04
Codename: trusty

Software: ImageMagick 6.9.0-1 Beta compiled from svn IM6 branch 20141221

Found with American Fuzzy Lop ( http://lcamtuf.coredump.cx/afl/ )
User avatar
magick
Site Admin
Posts: 11064
Joined: 2003-05-31T11:32:55-07:00

Re: lt-convert - IM 6.9.0-1 - SIGABRT - 39b80955 - coders/rle.c:538

Post by magick »

We can reproduce the problem you posted and have a patch in ImageMagick 6.9.0-1 Beta, available by sometime tomorrow. Thanks.
JodieC
Posts: 82
Joined: 2014-10-03T21:38:50-07:00
Authentication code: 6789

Re: lt-convert - IM 6.9.0-1 - SIGABRT - 39b80955 - coders/rle.c:538

Post by JodieC »

Looks good on the new SVN checkout.
Post Reply