CVE-2018-15607: In ImageMagick 7.0.8-11 Q16, a tiny input file 0x50 0x36 0x36 0x36 0x36 0x4c 0x36 0x38 0x36 0x36...

The GitHub issue (https://github.com/ImageMagick/ImageMagick/issues/1255) describes a denial-of-service vulnerability in ImageMagick 7.0.8-11 due to excessive memory consumption when processing a crafted file. The ASan stack trace provided in the issue points to a crash during a large memory allocation (0xa3b70000 bytes) and implicates functions within libMagickCore and libMagickWand. Specifically, functions like AcquireMagickMemory, AcquireQuantumMemory, ReadGROUP4Image, and ReadImage appear in the call stack leading to the crash. A potential fix commit (1912621fdfb71a245b95d1a990ed970037532043) was identified from a related issue, but I was unable to fetch its details. Without the commit information, it's not possible to definitively identify the vulnerable functions and the exact changes made. The evidence suggests the vulnerability is in the image processing and memory allocation parts of ImageMagick, but the specific functions cannot be confirmed without the patch details.