]> granicus.if.org Git - php/commit
projects / php / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: aba76f0) | patch
Fixed bug #66356 (Heap Overflow Vulnerability in imagecrop())
authorRemi Collet <remi@php.net>
Sat, 28 Dec 2013 13:22:13 +0000 (14:22 +0100)
committerRemi Collet <remi@php.net>
Sat, 28 Dec 2013 13:22:13 +0000 (14:22 +0100)
commit8f4a5373bb71590352fd934028d6dde5bc18530b
treec2ee7de2a99f6ee62c04806fce592f24bef4e259tree | snapshot
parentaba76f09fa3adca5208b877ed75b2c2ef8f4498fcommit | diff
Fixed bug #66356 (Heap Overflow Vulnerability in imagecrop())

Initial fix was PHP stuff
This one is libgd fix.

- filter invalid crop size
- dont try to copy on invalid position
- fix crop size when out of src image
- fix possible NULL deref
- fix possible integer overfloow
NEWS diff | blob | history
ext/gd/libgd/gd_crop.c diff | blob | history
ext/gd/tests/bug66356.phpt diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.