search

DentonW / DevIL

Developer's Image Library (DevIL) is a cross-platform image library utilizing a simple syntax to load, save, convert, manipulate, filter, and display a variety of images with ease. It is highly portable and has been ported to several platforms.
http://openil.sourceforge.net/
GNU Lesser General Public License v2.1
446 stars 138 forks source link

Double free or corruption #60

Open stze opened 7 years ago

stze commented 7 years ago

Following sample file crashes libdevil. The bug was found using examples/simple_example/simple.c with the sample file as input. Sample pnm input file is fuzzed with american fuzzy lop http://lcamtuf.coredump.cx/afl/.

sample file hexdump:

00000000  50 35 0a 39 45 20 31 36  0a 32 35 35 00 01 00 02  |P5.9E 16.255....|
00000010  00 00 ff ff fc ff 01 00  04 00 00 00 00 ff fe ff  |................|
00000020  01 fe fd ff fc ff ff ff  ff 7f 00 23 01 00 00 00  |...........#....|
00000030  ff 04 f8 ff ff ff 00 00  00 16 00 01 05 00 00 01  |................|
00000040  00 00 06 00 01 00 05 01  00 00 00 02 00 00 98 02  |................|
00000050  00 02 e2 ff ff ff 02 00  01 00 02 00 01 01 00 01  |................|
00000060  00 00 04 00 00 02 00 00  02 00 00 02              |............|
0000006c

How to reproduce:

# clang -o simple examples/simple_example/simple.c -lIL -lILU -lILUT
# ./simple <sample-file>

gdb:

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff732aa14 in free () from /usr/lib/libc.so.6
(gdb) bt
#0  0x00007ffff732aa14 in free () from /usr/lib/libc.so.6
#1  0x00007ffff78792d0 in DefaultFreeFunc(void const*) () from build/lib/x64/libIL.so
#2  0x00007ffff78791e9 in ifree () from build/lib/x64/libIL.so
#3  0x00007ffff78ce3a8 in ilCloseImage () from build/lib/x64/libIL.so
#4  0x00007ffff78cf01e in ilShutDown () from build/lib/x64/libIL.so
#5  0x00007ffff78cef59 in ilShutDownInternal() () from build/lib/x64/libIL.so
#6  0x00007ffff72e46c0 in __run_exit_handlers () from /usr/lib/libc.so.6
#7  0x00007ffff72e471a in exit () from /usr/lib/libc.so.6
#8  0x00007ffff72ce518 in __libc_start_main () from /usr/lib/libc.so.6
#9  0x0000000000400f1a in _start ()

valgrind:

==15537== Memcheck, a memory error detector                                                  
==15537== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
==15537== Using Valgrind-3.12.0 and LibVEX; rerun with -h for copyright info
==15537== Command: build/lib/x64/simple findings/crashes/id:000000,sig:11,src:000009,op:flip1,pos:3
==15537== 
==15537== Invalid read of size 1
==15537==    at 0x50BC526: iLoadPnmInternal() (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50BC1C5: ilLoadPnmF (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50BC16C: ilLoadPnm (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50A7665: ilLoad (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50A8314: ilLoadImage (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x4010C8: main (simple.c:64)
==15537==  Address 0xa18ff6c is 12 bytes inside a block of size 168 free'd
==15537==    at 0x4C2C14B: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==15537==    by 0x50752CF: DefaultFreeFunc(void const*) (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50751E8: ifree (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50CA590: ilCloseImage (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50BD54E: ilReadBinaryPpm(PPMINFO*) (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50BC4FE: iLoadPnmInternal() (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50BC1C5: ilLoadPnmF (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50BC16C: ilLoadPnm (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50A7665: ilLoad (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50A8314: ilLoadImage (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x4010C8: main (simple.c:64)
==15537==  Block was alloc'd at
==15537==    at 0x4C2AF1F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==15537==    by 0x50752A4: DefaultAllocFunc(unsigned long) (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x5075193: ialloc (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x5091C20: ilNewImage (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50C9FAD: ilGenImages (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x4010B7: main (simple.c:58)
==15537== 
==15537== Invalid write of size 4
==15537==    at 0x50BC53E: iLoadPnmInternal() (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50BC1C5: ilLoadPnmF (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50BC16C: ilLoadPnm (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50A7665: ilLoad (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50A8314: ilLoadImage (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x4010C8: main (simple.c:64)
==15537==  Address 0xa18ff88 is 40 bytes inside a block of size 168 free'd
==15537==    at 0x4C2C14B: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==15537==    by 0x50752CF: DefaultFreeFunc(void const*) (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50751E8: ifree (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50CA590: ilCloseImage (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50BD54E: ilReadBinaryPpm(PPMINFO*) (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50BC4FE: iLoadPnmInternal() (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50BC1C5: ilLoadPnmF (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50BC16C: ilLoadPnm (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50A7665: ilLoad (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50A8314: ilLoadImage (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x4010C8: main (simple.c:64)
==15537==  Block was alloc'd at
==15537==    at 0x4C2AF1F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==15537==    by 0x50752A4: DefaultAllocFunc(unsigned long) (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x5075193: ialloc (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x5091C20: ilNewImage (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50C9FAD: ilGenImages (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x4010B7: main (simple.c:58)
==15537== 
Could not open file...exiting.
==15537== Invalid read of size 8
==15537==    at 0x50CA390: ilCloseImage (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50CB01D: ilShutDown (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50CAF58: ilShutDownInternal() (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x55F56BF: __run_exit_handlers (in /usr/lib/libc-2.25.so)
==15537==    by 0x55F5719: exit (in /usr/lib/libc-2.25.so)
==15537==    by 0x55DF517: (below main) (in /usr/lib/libc-2.25.so)
==15537==  Address 0xa18ff78 is 24 bytes inside a block of size 168 free'd
==15537==    at 0x4C2C14B: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==15537==    by 0x50752CF: DefaultFreeFunc(void const*) (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50751E8: ifree (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50CA590: ilCloseImage (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50BD54E: ilReadBinaryPpm(PPMINFO*) (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50BC4FE: iLoadPnmInternal() (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50BC1C5: ilLoadPnmF (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50BC16C: ilLoadPnm (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50A7665: ilLoad (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50A8314: ilLoadImage (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x4010C8: main (simple.c:64)
==15537==  Block was alloc'd at
==15537==    at 0x4C2AF1F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==15537==    by 0x50752A4: DefaultAllocFunc(unsigned long) (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x5075193: ialloc (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x5091C20: ilNewImage (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50C9FAD: ilGenImages (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x4010B7: main (simple.c:58)
==15537== 
==15537== Invalid read of size 8
==15537==    at 0x50CA3B8: ilCloseImage (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50CB01D: ilShutDown (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50CAF58: ilShutDownInternal() (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x55F56BF: __run_exit_handlers (in /usr/lib/libc-2.25.so)
==15537==    by 0x55F5719: exit (in /usr/lib/libc-2.25.so)
==15537==    by 0x55DF517: (below main) (in /usr/lib/libc-2.25.so)
==15537==  Address 0xa18ff98 is 56 bytes inside a block of size 168 free'd
==15537==    at 0x4C2C14B: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==15537==    by 0x50752CF: DefaultFreeFunc(void const*) (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50751E8: ifree (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50CA590: ilCloseImage (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50BD54E: ilReadBinaryPpm(PPMINFO*) (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50BC4FE: iLoadPnmInternal() (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50BC1C5: ilLoadPnmF (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50BC16C: ilLoadPnm (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50A7665: ilLoad (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50A8314: ilLoadImage (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x4010C8: main (simple.c:64)
==15537==  Block was alloc'd at
==15537==    at 0x4C2AF1F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==15537==    by 0x50752A4: DefaultAllocFunc(unsigned long) (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x5075193: ialloc (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x5091C20: ilNewImage (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50C9FAD: ilGenImages (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x4010B7: main (simple.c:58)
==15537== 
==15537== Invalid read of size 8
==15537==    at 0x50CA3FF: ilCloseImage (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50CB01D: ilShutDown (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50CAF58: ilShutDownInternal() (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x55F56BF: __run_exit_handlers (in /usr/lib/libc-2.25.so)
==15537==    by 0x55F5719: exit (in /usr/lib/libc-2.25.so)
==15537==    by 0x55DF517: (below main) (in /usr/lib/libc-2.25.so)
==15537==  Address 0xa18ffb8 is 88 bytes inside a block of size 168 free'd
==15537==    at 0x4C2C14B: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==15537==    by 0x50752CF: DefaultFreeFunc(void const*) (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50751E8: ifree (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50CA590: ilCloseImage (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50BD54E: ilReadBinaryPpm(PPMINFO*) (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50BC4FE: iLoadPnmInternal() (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50BC1C5: ilLoadPnmF (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50BC16C: ilLoadPnm (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50A7665: ilLoad (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50A8314: ilLoadImage (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x4010C8: main (simple.c:64)
==15537==  Block was alloc'd at
==15537==    at 0x4C2AF1F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==15537==    by 0x50752A4: DefaultAllocFunc(unsigned long) (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x5075193: ialloc (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x5091C20: ilNewImage (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50C9FAD: ilGenImages (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x4010B7: main (simple.c:58)
==15537== 
==15537== Invalid read of size 8
==15537==    at 0x50CA427: ilCloseImage (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50CB01D: ilShutDown (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50CAF58: ilShutDownInternal() (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x55F56BF: __run_exit_handlers (in /usr/lib/libc-2.25.so)
==15537==    by 0x55F5719: exit (in /usr/lib/libc-2.25.so)
==15537==    by 0x55DF517: (below main) (in /usr/lib/libc-2.25.so)
==15537==  Address 0xa18ffc0 is 96 bytes inside a block of size 168 free'd
==15537==    at 0x4C2C14B: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==15537==    by 0x50752CF: DefaultFreeFunc(void const*) (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50751E8: ifree (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50CA590: ilCloseImage (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50BD54E: ilReadBinaryPpm(PPMINFO*) (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50BC4FE: iLoadPnmInternal() (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50BC1C5: ilLoadPnmF (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50BC16C: ilLoadPnm (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50A7665: ilLoad (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50A8314: ilLoadImage (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x4010C8: main (simple.c:64)
==15537==  Block was alloc'd at
==15537==    at 0x4C2AF1F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==15537==    by 0x50752A4: DefaultAllocFunc(unsigned long) (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x5075193: ialloc (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x5091C20: ilNewImage (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50C9FAD: ilGenImages (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x4010B7: main (simple.c:58)
==15537== 
==15537== Invalid read of size 8
==15537==    at 0x50CA44F: ilCloseImage (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50CB01D: ilShutDown (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50CAF58: ilShutDownInternal() (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x55F56BF: __run_exit_handlers (in /usr/lib/libc-2.25.so)
==15537==    by 0x55F5719: exit (in /usr/lib/libc-2.25.so)
==15537==    by 0x55DF517: (below main) (in /usr/lib/libc-2.25.so)
==15537==  Address 0xa18ffb0 is 80 bytes inside a block of size 168 free'd
==15537==    at 0x4C2C14B: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==15537==    by 0x50752CF: DefaultFreeFunc(void const*) (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50751E8: ifree (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50CA590: ilCloseImage (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50BD54E: ilReadBinaryPpm(PPMINFO*) (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50BC4FE: iLoadPnmInternal() (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50BC1C5: ilLoadPnmF (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50BC16C: ilLoadPnm (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50A7665: ilLoad (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50A8314: ilLoadImage (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x4010C8: main (simple.c:64)
==15537==  Block was alloc'd at
==15537==    at 0x4C2AF1F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==15537==    by 0x50752A4: DefaultAllocFunc(unsigned long) (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x5075193: ialloc (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x5091C20: ilNewImage (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50C9FAD: ilGenImages (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x4010B7: main (simple.c:58)
==15537== 
==15537== Invalid read of size 8
==15537==    at 0x50CA477: ilCloseImage (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50CB01D: ilShutDown (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50CAF58: ilShutDownInternal() (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x55F56BF: __run_exit_handlers (in /usr/lib/libc-2.25.so)
==15537==    by 0x55F5719: exit (in /usr/lib/libc-2.25.so)
==15537==    by 0x55DF517: (below main) (in /usr/lib/libc-2.25.so)
==15537==  Address 0xa18ffc8 is 104 bytes inside a block of size 168 free'd
==15537==    at 0x4C2C14B: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==15537==    by 0x50752CF: DefaultFreeFunc(void const*) (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50751E8: ifree (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50CA590: ilCloseImage (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50BD54E: ilReadBinaryPpm(PPMINFO*) (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50BC4FE: iLoadPnmInternal() (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50BC1C5: ilLoadPnmF (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50BC16C: ilLoadPnm (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50A7665: ilLoad (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50A8314: ilLoadImage (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x4010C8: main (simple.c:64)
==15537==  Block was alloc'd at
==15537==    at 0x4C2AF1F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==15537==    by 0x50752A4: DefaultAllocFunc(unsigned long) (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x5075193: ialloc (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x5091C20: ilNewImage (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50C9FAD: ilGenImages (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x4010B7: main (simple.c:58)
==15537== 
==15537== Invalid read of size 8
==15537==    at 0x50CA49F: ilCloseImage (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50CB01D: ilShutDown (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50CAF58: ilShutDownInternal() (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x55F56BF: __run_exit_handlers (in /usr/lib/libc-2.25.so)
==15537==    by 0x55F5719: exit (in /usr/lib/libc-2.25.so)
==15537==    by 0x55DF517: (below main) (in /usr/lib/libc-2.25.so)
==15537==  Address 0xa18ffd0 is 112 bytes inside a block of size 168 free'd
==15537==    at 0x4C2C14B: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==15537==    by 0x50752CF: DefaultFreeFunc(void const*) (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50751E8: ifree (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50CA590: ilCloseImage (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50BD54E: ilReadBinaryPpm(PPMINFO*) (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50BC4FE: iLoadPnmInternal() (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50BC1C5: ilLoadPnmF (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50BC16C: ilLoadPnm (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50A7665: ilLoad (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50A8314: ilLoadImage (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x4010C8: main (simple.c:64)
==15537==  Block was alloc'd at
==15537==    at 0x4C2AF1F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==15537==    by 0x50752A4: DefaultAllocFunc(unsigned long) (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x5075193: ialloc (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x5091C20: ilNewImage (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50C9FAD: ilGenImages (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x4010B7: main (simple.c:58)
==15537== 
==15537== Invalid read of size 8
==15537==    at 0x50CA4D8: ilCloseImage (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50CB01D: ilShutDown (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50CAF58: ilShutDownInternal() (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x55F56BF: __run_exit_handlers (in /usr/lib/libc-2.25.so)
==15537==    by 0x55F5719: exit (in /usr/lib/libc-2.25.so)
==15537==    by 0x55DF517: (below main) (in /usr/lib/libc-2.25.so)
==15537==  Address 0xa18ffe0 is 128 bytes inside a block of size 168 free'd
==15537==    at 0x4C2C14B: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==15537==    by 0x50752CF: DefaultFreeFunc(void const*) (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50751E8: ifree (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50CA590: ilCloseImage (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50BD54E: ilReadBinaryPpm(PPMINFO*) (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50BC4FE: iLoadPnmInternal() (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50BC1C5: ilLoadPnmF (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50BC16C: ilLoadPnm (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50A7665: ilLoad (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50A8314: ilLoadImage (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x4010C8: main (simple.c:64)
==15537==  Block was alloc'd at
==15537==    at 0x4C2AF1F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==15537==    by 0x50752A4: DefaultAllocFunc(unsigned long) (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x5075193: ialloc (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x5091C20: ilNewImage (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50C9FAD: ilGenImages (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x4010B7: main (simple.c:58)
==15537== 
==15537== Invalid read of size 8
==15537==    at 0x50CA528: ilCloseImage (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50CB01D: ilShutDown (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50CAF58: ilShutDownInternal() (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x55F56BF: __run_exit_handlers (in /usr/lib/libc-2.25.so)
==15537==    by 0x55F5719: exit (in /usr/lib/libc-2.25.so)
==15537==    by 0x55DF517: (below main) (in /usr/lib/libc-2.25.so)
==15537==  Address 0xa18fff8 is 152 bytes inside a block of size 168 free'd
==15537==    at 0x4C2C14B: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==15537==    by 0x50752CF: DefaultFreeFunc(void const*) (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50751E8: ifree (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50CA590: ilCloseImage (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50BD54E: ilReadBinaryPpm(PPMINFO*) (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50BC4FE: iLoadPnmInternal() (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50BC1C5: ilLoadPnmF (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50BC16C: ilLoadPnm (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50A7665: ilLoad (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50A8314: ilLoadImage (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x4010C8: main (simple.c:64)
==15537==  Block was alloc'd at
==15537==    at 0x4C2AF1F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==15537==    by 0x50752A4: DefaultAllocFunc(unsigned long) (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x5075193: ialloc (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x5091C20: ilNewImage (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50C9FAD: ilGenImages (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x4010B7: main (simple.c:58)
==15537== 
==15537== Invalid free() / delete / delete[] / realloc()
==15537==    at 0x4C2C14B: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==15537==    by 0x50752CF: DefaultFreeFunc(void const*) (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50751E8: ifree (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50CA590: ilCloseImage (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50CB01D: ilShutDown (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50CAF58: ilShutDownInternal() (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x55F56BF: __run_exit_handlers (in /usr/lib/libc-2.25.so)
==15537==    by 0x55F5719: exit (in /usr/lib/libc-2.25.so)
==15537==    by 0x55DF517: (below main) (in /usr/lib/libc-2.25.so)
==15537==  Address 0xa18ff60 is 0 bytes inside a block of size 168 free'd
==15537==    at 0x4C2C14B: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==15537==    by 0x50752CF: DefaultFreeFunc(void const*) (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50751E8: ifree (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50CA590: ilCloseImage (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50BD54E: ilReadBinaryPpm(PPMINFO*) (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50BC4FE: iLoadPnmInternal() (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50BC1C5: ilLoadPnmF (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50BC16C: ilLoadPnm (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50A7665: ilLoad (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50A8314: ilLoadImage (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x4010C8: main (simple.c:64)
==15537==  Block was alloc'd at
==15537==    at 0x4C2AF1F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==15537==    by 0x50752A4: DefaultAllocFunc(unsigned long) (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x5075193: ialloc (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x5091C20: ilNewImage (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x50C9FAD: ilGenImages (in /tmp/DevIL/build/lib/x64/libIL.so.1)
==15537==    by 0x4010B7: main (simple.c:58)
==15537== 
==15537== 
==15537== HEAP SUMMARY:
==15537==     in use at exit: 32 bytes in 1 blocks
==15537==   total heap usage: 102 allocs, 102 frees, 110,192 bytes allocated
==15537== 
==15537== LEAK SUMMARY:
==15537==    definitely lost: 0 bytes in 0 blocks
==15537==    indirectly lost: 0 bytes in 0 blocks
==15537==      possibly lost: 0 bytes in 0 blocks
==15537==    still reachable: 32 bytes in 1 blocks
==15537==         suppressed: 0 bytes in 0 blocks
==15537== Rerun with --leak-check=full to see details of leaked memory
==15537== 
==15537== For counts of detected and suppressed errors, rerun with: -v
==15537== ERROR SUMMARY: 12 errors from 12 contexts (suppressed: 0 from 0)