NULL pointer dereference in NTRegistryKeyLookup

Swiss army knife of image processing

Brought to you by: bfriesen

#482 NULL pointer dereference in NTRegistryKeyLookup

Milestone: v1.0_(example)

Status: closed-fixed

Owner: Bob Friesenhahn

Labels: None

Priority: 5

Updated: 2017-09-30

Created: 2017-09-25

Creator: bestshow

Private: No

Here is the critical code: (in NTRegistryKeyLookup)

   dest = MagickAllocateMemory(unsigned char *,size); //1915

    res = RegQueryValueExA (reg_key, subkey, 0, &type, dest, &size);
    if (res == ERROR_MORE_DATA && type == REG_SZ)
      {
        MagickReallocMemory(unsigned char *,dest,size);
        res = RegQueryValueExA (reg_key, subkey, 0, &type, dest, &size);
      }

    if (type != REG_SZ || res != ERROR_SUCCESS)
      {
        MagickFreeMemory(dest);
      }

MagickAllocateMemory(...) may return NULL, so the following operations on the "dest" will Dereference Null pointer to cause memory error.

Credit : ADLab of Venustech

Discussion

Bob Friesenhahn - 2017-09-30

status: open --> closed-fixed

assigned_to: Bob Friesenhahn
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Bob Friesenhahn - 2017-09-30

This problem is fixed by Mercurial changeset 15188:59b266bdfcf3. Thanks for the report!

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

NULL pointer dereference in NTRegistryKeyLookup

Swiss army knife of image processing

Group

Searches

Help

#482 NULL pointer dereference in NTRegistryKeyLookup

Discussion