Memory corruption in MagickQueryMultilineFontMetrics()

Post any defects you find in the released or beta versions of the ImageMagick software here. Include the ImageMagick version, OS, and any command-line required to reproduce the problem. Got a patch for a bug? Post it here.
Post Reply
fisheggs

Memory corruption in MagickQueryMultilineFontMetrics()

Post by fisheggs »

At line 580 in wand/magick-wand.c

font_metrics=(double *) AcquireMagickMemory(7*sizeof(*font_metrics));

Then it puts 13 values in space reserved for 7...... boom

Oops, forgot to mention:

Version: ImageMagick 6.3.5 07/09/07 Q16 http://www.imagemagick.org

compiled from ImageMagick-6.3.5-0.tar.gz on x86_64 GNU/Linux
Top
User avatar
magick
Site Admin
Posts: 11064
Joined: 2003-05-31T11:32:55-07:00

Re: Memory corruption in MagickQueryMultilineFontMetrics()

Post by magick »

We have a patch in ImageMagick 6.3.5-1 Beta to fix the problem you reported. Thanks.
Top
fisheggs

Re: Memory corruption in MagickQueryMultilineFontMetrics()

Post by fisheggs »

Thank you.
Top
Post Reply

Return to “Bugs”