Menu

#494 memory leak in pcx.c

v1.0_(example)
closed-fixed
Bob Friesenhahn
None
5
2017-09-30
2017-09-25
bestshow
No 
page_table=MagickAllocateArray(ExtendedSignedIntegralType *,//283
                                     1024,sizeof(ExtendedSignedIntegralType));
      if (page_table == (ExtendedSignedIntegralType *) NULL)
        ThrowPCXReaderException(ResourceLimitError,MemoryAllocationFailed,image);
...
    if (CheckImagePixelLimits(image, exception) != MagickPass)
      ThrowReaderException(ResourceLimitError,ImagePixelLimitExceeded,image);//460

    {
      double
        uncompressed_size;

      uncompressed_size=((double) image->rows*pcx_info.bytes_per_line*pcx_info.planes);
      (void) LogMagickEvent(CoderEvent,GetMagickModule(),
                            "Uncompressed size: %.0f", uncompressed_size);
      if (pcx_info.encoding == 0)
        {
          /* Not compressed */
          if (uncompressed_size > file_size)
            ThrowReaderException(CorruptImageError,InsufficientImageDataInFile,//477
                                   image);
        }
      else
        {
          /* RLE compressed */
          if (uncompressed_size > file_size*254.0)
            ThrowReaderException(CorruptImageError,InsufficientImageDataInFile,//484
                                 image);
        }
}

Line 477,484 do not free memory about page_table, this will cause memory leak.

Credit: ADLab of Venustech

Discussion

  • Bob Friesenhahn

    Bob Friesenhahn - 2017-09-30
    • status: open --> closed-fixed
    • assigned_to: Bob Friesenhahn
     

  • Bob Friesenhahn

    Bob Friesenhahn - 2017-09-30

    This problem is fixed by Mercurial changeset 15200:0a70ee58f401. Thanks for the report!

     

Log in to post a comment.

MongoDB Logo MongoDB