diff options
author | Ilia Alshanetsky <iliaa@php.net> | 2005-06-01 22:29:20 +0000 |
---|---|---|
committer | Ilia Alshanetsky <iliaa@php.net> | 2005-06-01 22:29:20 +0000 |
commit | a02c9cf4f15240ed274f80e385265c3d23143483 (patch) | |
tree | 7fc4bedd4b4a099e9060432f3378f117b40c4e7d | |
parent | ca669645301cff3b2b86d01fe8dc6cb684770c5a (diff) | |
download | php-git-a02c9cf4f15240ed274f80e385265c3d23143483.tar.gz |
MFH: Fixed bug #33210 (relax jpeg recursive loop protection).
-rw-r--r-- | NEWS | 1 | ||||
-rw-r--r-- | ext/standard/image.c | 2 |
2 files changed, 2 insertions, 1 deletions
@@ -7,6 +7,7 @@ PHP 4 NEWS them sort based on the current locale. (Derick) - Changed sha1_file() and md5_file() functions to use streams instead of low level IO. (Uwe) +- Fixed bug #33210 (relax jpeg recursive loop protection). (Ilia) - Fixed bug #33200 (preg_replace(): magic_quotes_sybase=On makes 'e' modifier misbehave). (Jani) - Fixed bug #33072 (Add a safemode/open_basedir check for runtime save_path diff --git a/ext/standard/image.c b/ext/standard/image.c index 6a015cb326..4849fff715 100644 --- a/ext/standard/image.c +++ b/ext/standard/image.c @@ -401,7 +401,7 @@ static unsigned int php_next_marker(php_stream * stream, int last_marker, int co last_marker = M_PSEUDO; /* stop skipping non 0xff for M_COM */ } } - if (++a > 10) + if (++a > 25) { /* who knows the maxim amount of 0xff? though 7 */ /* but found other implementations */ |