diff options
| author | Anatol Belski <ab@php.net> | 2017-01-17 09:33:51 +0100 |
|---|---|---|
| committer | Anatol Belski <ab@php.net> | 2017-01-17 09:33:51 +0100 |
| commit | 5d07438cb3d72b7d6d3675cdccf5eef361e6e591 (patch) | |
| tree | 4065d62713d3d86c3c698ed3785fb77b76fd7abf /ext/gd/tests | |
| parent | b28c2e20ca83ffb5dc9159d7d03f0baf55b0aeaf (diff) | |
| parent | d2274b01cbbadf5516b3ea87ad76fbae18834007 (diff) | |
| download | php-git-5d07438cb3d72b7d6d3675cdccf5eef361e6e591.tar.gz | |
Merge branch 'PHP-5.6' into PHP-7.0
* PHP-5.6:
Fix #73869: Signed Integer Overflow gd_io.c
Fix #73868: DOS vulnerability in gdImageCreateFromGd2Ctx()
Diffstat (limited to 'ext/gd/tests')
| -rw-r--r-- | ext/gd/tests/bug73868.gd2 | bin | 0 -> 1050 bytes | |||
| -rw-r--r-- | ext/gd/tests/bug73868.phpt | 18 | ||||
| -rw-r--r-- | ext/gd/tests/bug73869.phpt | 19 | ||||
| -rw-r--r-- | ext/gd/tests/bug73869a.gd2 | bin | 0 -> 92 bytes | |||
| -rw-r--r-- | ext/gd/tests/bug73869b.gd2 | bin | 0 -> 18 bytes |
5 files changed, 37 insertions, 0 deletions
diff --git a/ext/gd/tests/bug73868.gd2 b/ext/gd/tests/bug73868.gd2 Binary files differnew file mode 100644 index 0000000000..1c797d1acf --- /dev/null +++ b/ext/gd/tests/bug73868.gd2 diff --git a/ext/gd/tests/bug73868.phpt b/ext/gd/tests/bug73868.phpt new file mode 100644 index 0000000000..135be7917b --- /dev/null +++ b/ext/gd/tests/bug73868.phpt @@ -0,0 +1,18 @@ +--TEST-- +Bug 73868 (DOS vulnerability in gdImageCreateFromGd2Ctx()) +--SKIPIF-- +<?php +if (!extension_loaded('gd')) die('skip gd extension not available'); +?> +--FILE-- +<?php +var_dump(imagecreatefromgd2(__DIR__ . DIRECTORY_SEPARATOR . 'bug73868.gd2')); +?> +===DONE=== +--EXPECTF-- +Warning: imagecreatefromgd2(): gd2: EOF while reading + in %s on line %d + +Warning: imagecreatefromgd2(): '%s' is not a valid GD2 file in %s on line %d +bool(false) +===DONE=== diff --git a/ext/gd/tests/bug73869.phpt b/ext/gd/tests/bug73869.phpt new file mode 100644 index 0000000000..3cc10a4201 --- /dev/null +++ b/ext/gd/tests/bug73869.phpt @@ -0,0 +1,19 @@ +--TEST-- +Bug #73869 (Signed Integer Overflow gd_io.c) +--SKIPIF-- +<?php +if (!extension_loaded('gd')) die('skip gd extension not available'); +?> +--FILE-- +<?php +var_dump(imagecreatefromgd2(__DIR__ . DIRECTORY_SEPARATOR . 'bug73869a.gd2')); +var_dump(imagecreatefromgd2(__DIR__ . DIRECTORY_SEPARATOR . 'bug73869b.gd2')); +?> +===DONE=== +--EXPECTF-- +Warning: imagecreatefromgd2(): '%s' is not a valid GD2 file in %s on line %d +bool(false) + +Warning: imagecreatefromgd2(): '%s' is not a valid GD2 file in %s on line %d +bool(false) +===DONE===
\ No newline at end of file diff --git a/ext/gd/tests/bug73869a.gd2 b/ext/gd/tests/bug73869a.gd2 Binary files differnew file mode 100644 index 0000000000..5060bfde3a --- /dev/null +++ b/ext/gd/tests/bug73869a.gd2 diff --git a/ext/gd/tests/bug73869b.gd2 b/ext/gd/tests/bug73869b.gd2 Binary files differnew file mode 100644 index 0000000000..8600126bec --- /dev/null +++ b/ext/gd/tests/bug73869b.gd2 |