CVE-2014-8354: ImageMagick - Out-of-bounds read / heap overflow in resize code

ImageMagick is vulnerable to an out of bounds read / heap overflow in the function HorizontalFilter() in the file resize.c. It is triggered if an image has dimensions 0x0.
The issue has been found with the help of Address Sanitizer and the fuzzing tool zzuf.


ImageMagick has released version 6.8.9-9 which fixes this and some other out-of-bounds issues. GraphicsMagick, which is a fork of ImageMagick, is not affected.


2014-10-21: Discovery, informed upstream developers
2014-10-21: Patch in upstream SVN
2014-10-25: Upstream released 6.8.9-9 with fix


Patch / upstream commit
ImageMagick Changelog
Fuzzing sample (try with convert -resize 30)

Hanno Böck, 2014-01-11