Search...

imagemagick/encoder_pdf_fuzzer: Use-of-uninitialized-value in ReadPDFInfo

2019-07-02T12:27:36

ID OSSFUZZ-15627
Type ossfuzz
Reporter Google
Modified 2019-08-02T15:28:38

Description

Project: https://github.com/imagemagick/imagemagick.git

Detailed report: https://oss-fuzz.com/testcase?key=5629534981849088

Project: imagemagick Fuzzer: libFuzzer_imagemagick_encoder_pdf_fuzzer Fuzz target binary: encoder_pdf_fuzzer Job Type: libfuzzer_msan_imagemagick Platform Id: linux

Crash Type: Use-of-uninitialized-value Crash Address: Crash State: ReadPDFInfo ReadPDFImage ReadImage

Sanitizer: memory (MSAN)

Recommended Security Severity: Medium

Regressed: https://oss-fuzz.com/revisions?job=libfuzzer_msan_imagemagick&range=201906280242:201906290242

Reproducer Testcase: https://oss-fuzz.com/download?testcase_id=5629534981849088

Issue filed automatically.

See https://github.com/google/oss-fuzz/blob/master/docs/reproducing.md for instructions to reproduce this bug locally.

This bug is subject to a 90 day disclosure deadline. If 90 days elapse without an upstream patch, then the bug report will automatically become visible to the public.

JSON Vulners Source

Initial Source

{"id": "OSSFUZZ-15627", "type": "ossfuzz", "bulletinFamily": "software", "title": "imagemagick/encoder_pdf_fuzzer: Use-of-uninitialized-value in ReadPDFInfo", "description": "Project:\nhttps://github.com/imagemagick/imagemagick.git\n\nDetailed report: https://oss-fuzz.com/testcase?key=5629534981849088\n\nProject: imagemagick\nFuzzer: libFuzzer_imagemagick_encoder_pdf_fuzzer\nFuzz target binary: encoder_pdf_fuzzer\nJob Type: libfuzzer_msan_imagemagick\nPlatform Id: linux\n\nCrash Type: Use-of-uninitialized-value\nCrash Address: \nCrash State:\n ReadPDFInfo\n ReadPDFImage\n ReadImage\n \nSanitizer: memory (MSAN)\n\nRecommended Security Severity: Medium\n\nRegressed: https://oss-fuzz.com/revisions?job=libfuzzer_msan_imagemagick&range=201906280242:201906290242\n\nReproducer Testcase: https://oss-fuzz.com/download?testcase_id=5629534981849088\n\nIssue filed automatically.\n\nSee https://github.com/google/oss-fuzz/blob/master/docs/reproducing.md for instructions to reproduce this bug locally.\n\nThis bug is subject to a 90 day disclosure deadline. If 90 days elapse\nwithout an upstream patch, then the bug report will automatically\nbecome visible to the public.", "published": "2019-07-02T12:27:36", "modified": "2019-08-02T15:28:38", "cvss": {}, "href": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15627", "reporter": "Google", "references": [], "cvelist": [], "lastseen": "2020-04-03T13:45:44", "viewCount": 0, "enchantments": {"dependencies": {"references": [], "modified": "2020-04-03T13:45:44", "rev": 2}, "score": {"value": -0.7, "vector": "NONE", "modified": "2020-04-03T13:45:44", "rev": 2}, "vulnersScore": -0.7}, "ossfuzz": {"issue": 15627, "status": "Verified", "project": "imagemagick", "ref": "https://oss-fuzz.com/revisions?job=libfuzzer_msan_imagemagick&range=201907020242:201907030239", "crashType": "Use-of-uninitialized-value", "revisions": ["4a334bbf5584de37c6f5a47c380a531c8c4b140a:39a0e0cdc47ebc9c17f9eee57eb14dc118404dfe"], "project_repos": ["https://github.com/imagemagick/imagemagick.git"], "tags": ["7.0.10-3", "7.0.10-2", "7.0.10-1", "7.0.10-0", "7.0.9-27", "7.0.9-26", "7.0.9-25", "7.0.9-24", "7.0.9-23", "7.0.9-22", "7.0.9-21", "7.0.9-20", "7.0.9-19", "7.0.9-18", "7.0.9-17", "7.0.9-16", "7.0.9-15", "7.0.9-14", "7.0.9-13", "7.0.9-12", "7.0.9-11", "7.0.9-10", "7.0.9-9", "7.0.9-8", "7.0.9-7", "7.0.9-6", "7.0.9-5", "7.0.9-4", "7.0.9-2", "7.0.9-1", "7.0.9-0", "7.0.8-68", "7.0.8-67", "7.0.8-66", "7.0.8-65", "7.0.8-64", "7.0.8-63", "7.0.8-62", "7.0.8-61", "7.0.8-60", "7.0.8-59", "7.0.8-58", "7.0.8-57", "7.0.8-56", "7.0.8-55", "7.0.8-54", "7.0.8-53", "7.0.8-52", "7.0.8-51", "7.0.8-50", "7.0.8-49", "7.0.8-48", "7.0.8-47", "7.0.8-46", "7.0.8-45", "7.0.8-44", "7.0.8-43", "7.0.8-42", "7.0.8-41", "7.0.8-40", "7.0.8-39", "7.0.8-38", "7.0.8-37", "7.0.8-36", "7.0.8-35", "7.0.8-34", "7.0.8-33", "7.0.8-32", "7.0.8-31", "7.0.8-30", "7.0.8-29", "7.0.8-28", "7.0.8-27", "7.0.8-26", "7.0.8-25", "7.0.8-24", "7.0.8-23", "7.0.8-22", "7.0.8-21", "7.0.8-20", "7.0.8-19", "7.0.8-18", "7.0.8-17", "7.0.8-16", "7.0.8-15", "7.0.8-14", "7.0.8-13", "7.0.8-12", "7.0.8-11", "7.0.8-10", "7.0.8-9", "7.0.8-8", "7.0.8-7", "7.0.8-6", "7.0.8-5", "7.0.8-4", "7.0.8-3", "7.0.8-2", "7.0.8-1", "7.0.8-0", "7.0.7-39", "7.0.7-38", "7.0.7-37", "7.0.7-36", "7.0.7-35", "7.0.7-34", "7.0.7-33", "7.0.7-32", "7.0.7-31", "7.0.7-30", "7.0.7-29", "7.0.7-28", "7.0.7-27", "7.0.7-26", "7.0.7-25", "7.0.7-24", "7.0.7-23", "7.0.7-22", "7.0.7-21", "7.0.7-20", "7.0.7-19", "7.0.7-18", "7.0.7-17", "7.0.7-16", "7.0.7-15", "7.0.7-14", "7.0.7-13", "7.0.7-12", "7.0.7-11", "7.0.7-10", "7.0.7-9", "7.0.7-8", "7.0.7.7", "7.0.7-6", "7.0.7-5", "7.0.7-4", "7.0.7-3", "7.0.7-2", "7.0.7-1", "7.0.7-0", "7.0.6-9", "7.0.6-8", "7.0.6-7", "7.0.6-6", "7.0.6-5", "7.0.6-4", "7.0.6-3", "7.0.6-2", "7.0.6-1", "7.0.6-0", "7.0.5-10", "7.0.5-9", "7.0.5-8", "7.0.5-7", "7.0.5-6", "7.0.5-5", "7.0.5-4", "7.0.5-3", "7.0.5-2", "7.0.5-1", "7.0.5-0", "7.0.4-10", "7.0.4-9", "7.0.4-8", "7.0.4-7", "7.0.4-6", "7.0.4-5", "7.0.4-4", "7.0.4-3", "7.0.4-2", "7.0.4-1", "7.0.4-0", "7.0.3-10", "7.0.3-9", "7.0.3-8", "7.0.3-7", "7.0.3-6", "7.0.3-5", "7.0.3-4", "7.0.3-3", "7.0.3-2", "7.0.3-1", "7.0.3-0", "7.0.2-10", "7.0.2-9", "7.0.2-8", "7.0.2-7", "7.0.2-6", "7.0.2-5", "7.0.2-4", "7.0.2-3", "7.0.2-2", "7.0.2-1", "7.0.2-0", "7.0.1-10", "7.0.1-9", "7.0.1-8", "7.0.1-7", "7.0.1-6", "7.0.1-5", "7.0.1-4", "7.0.1-3", "7.0.1-2", "7.0.1-1", "7.0.1-0"]}, "affectedSoftware": [{"name": "imagemagick", "version": "7.0.8-51", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.8-50", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.8-49", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.8-48", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.8-47", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.8-46", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.8-45", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.8-44", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.8-43", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.8-42", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.8-41", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.8-40", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.8-39", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.8-38", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.8-37", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.8-36", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.8-35", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.8-34", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.8-33", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.8-32", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.8-31", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.8-30", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.8-29", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.8-28", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.8-27", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.8-26", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.8-25", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.8-24", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.8-23", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.8-22", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.8-21", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.8-20", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.8-19", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.8-18", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.8-17", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.8-16", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.8-15", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.8-14", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.8-13", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.8-12", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.8-11", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.8-10", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.8-9", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.8-8", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.8-7", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.8-6", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.8-5", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.8-4", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.8-3", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.8-2", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.8-1", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.8-0", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.7.7", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.7-39", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.7-38", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.7-37", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.7-36", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.7-35", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.7-34", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.7-33", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.7-32", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.7-31", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.7-30", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.7-29", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.7-28", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.7-27", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.7-26", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.7-25", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.7-24", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.7-23", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.7-22", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.7-21", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.7-20", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.7-19", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.7-18", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.7-17", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.7-16", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.7-15", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.7-14", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.7-13", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.7-12", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.7-11", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.7-10", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.7-9", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.7-8", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.7-6", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.7-5", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.7-4", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.7-3", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.7-2", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.7-1", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.7-0", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.6-9", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.6-8", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.6-7", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.6-6", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.6-5", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.6-4", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.6-3", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.6-2", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.6-1", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.6-0", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.5-10", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.5-9", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.5-8", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.5-7", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.5-6", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.5-5", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.5-4", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.5-3", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.5-2", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.5-1", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.5-0", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.4-10", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.4-9", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.4-8", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.4-7", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.4-6", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.4-5", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.4-4", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.4-3", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.4-2", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.4-1", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.4-0", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.3-10", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.3-9", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.3-8", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.3-7", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.3-6", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.3-5", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.3-4", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.3-3", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.3-2", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.3-1", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.3-0", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.2-10", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.2-9", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.2-8", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.2-7", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.2-6", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.2-5", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.2-4", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.2-3", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.2-2", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.2-1", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.2-0", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.1-10", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.1-9", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.1-8", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.1-7", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.1-6", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.1-5", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.1-4", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.1-3", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.1-2", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.1-1", "operator": "eq"}, {"name": "imagemagick", "version": "7.0.1-0", "operator": "eq"}], "immutableFields": []}