Here is the critical code:
…
if (image->profiles == 0) //line 1250
image->profiles=MagickMapAllocateMap(MagickMapCopyBlob,
MagickMapDeallocateBlob);
(void) LogMagickEvent(TransformEvent,GetMagickModule(),
"Adding %s profile with length %ld bytes",name,
(unsigned long) length);
if (profile != 0)
{
status &= MagickMapAddEntry(image->profiles,name,profile,length,
&image->exception); //line 1260
}
…
MagickMapAllocateMap(…) may return NULL, the “image->profiles” was passed to MagickMapAddEntry(…).
in MagickMapAddEntry:
MagickExport unsigned int
MagickMapAddEntry(MagickMap map,const char *key, const void *object,
const size_t object_size, ExceptionInfo *exception)
{
MagickMapObject
*new_object;
assert(map != 0); //line 326
assert(map->signature == MagickSignature);
assert(key != 0);
assert(object != 0);
…
}
If map is NULL,the assertion “assert(map !=0)" will failed.
Credit: ADLab of Venustech
This is a duplicate of issue #480, which is fixed.