Extend color component range checks

We also check for alpha components to be within range, and we add yet
missing range checks for other functions as well.

diff --git a/ext/gd/gd.c b/ext/gd/gd.c
index fd4a8401c364372372953859fe03c25ea01908df..54f6b77678b834f222defff4c41601fc074b2b5f 100644 (file)
--- a/ext/gd/gd.c
+++ b/ext/gd/gd.c
@@ -1836,8 +1836,8 @@ PHP_FUNCTION(imagelayereffect)
 }
 /* }}} */
 
-#define CHECK_RGB_RANGE(component, name) \
-       if (component < 0 || component > 255) { \
+#define CHECK_RGBA_RANGE(component, name) \
+       if (component < 0 || component > gd##name##Max) { \
                php_error_docref(NULL, E_WARNING, #name " component is out of range"); \
                RETURN_FALSE; \
        }
@@ -1859,9 +1859,10 @@ PHP_FUNCTION(imagecolorallocatealpha)
                RETURN_FALSE;
        }
 
-       CHECK_RGB_RANGE(red, Red);
-       CHECK_RGB_RANGE(green, Green);
-       CHECK_RGB_RANGE(blue, Blue);
+       CHECK_RGBA_RANGE(red, Red);
+       CHECK_RGBA_RANGE(green, Green);
+       CHECK_RGBA_RANGE(blue, Blue);
+       CHECK_RGBA_RANGE(alpha, Alpha);
 
        ct = gdImageColorAllocateAlpha(im, red, green, blue, alpha);
        if (ct < 0) {
@@ -1887,6 +1888,11 @@ PHP_FUNCTION(imagecolorresolvealpha)
                RETURN_FALSE;
        }
 
+       CHECK_RGBA_RANGE(red, Red);
+       CHECK_RGBA_RANGE(green, Green);
+       CHECK_RGBA_RANGE(blue, Blue);
+       CHECK_RGBA_RANGE(alpha, Alpha);
+
        RETURN_LONG(gdImageColorResolveAlpha(im, red, green, blue, alpha));
 }
 /* }}} */
@@ -1907,6 +1913,11 @@ PHP_FUNCTION(imagecolorclosestalpha)
                RETURN_FALSE;
        }
 
+       CHECK_RGBA_RANGE(red, Red);
+       CHECK_RGBA_RANGE(green, Green);
+       CHECK_RGBA_RANGE(blue, Blue);
+       CHECK_RGBA_RANGE(alpha, Alpha);
+
        RETURN_LONG(gdImageColorClosestAlpha(im, red, green, blue, alpha));
 }
 /* }}} */
@@ -1927,6 +1938,11 @@ PHP_FUNCTION(imagecolorexactalpha)
                RETURN_FALSE;
        }
 
+       CHECK_RGBA_RANGE(red, Red);
+       CHECK_RGBA_RANGE(green, Green);
+       CHECK_RGBA_RANGE(blue, Blue);
+       CHECK_RGBA_RANGE(alpha, Alpha);
+
        RETURN_LONG(gdImageColorExactAlpha(im, red, green, blue, alpha));
 }
 /* }}} */
@@ -2868,9 +2884,9 @@ PHP_FUNCTION(imagecolorallocate)
                RETURN_FALSE;
        }
 
-       CHECK_RGB_RANGE(red, Red);
-       CHECK_RGB_RANGE(green, Green);
-       CHECK_RGB_RANGE(blue, Blue);
+       CHECK_RGBA_RANGE(red, Red);
+       CHECK_RGBA_RANGE(green, Green);
+       CHECK_RGBA_RANGE(blue, Blue);
 
        ct = gdImageColorAllocate(im, red, green, blue);
        if (ct < 0) {
@@ -2955,6 +2971,10 @@ PHP_FUNCTION(imagecolorclosest)
                RETURN_FALSE;
        }
 
+       CHECK_RGBA_RANGE(red, Red);
+       CHECK_RGBA_RANGE(green, Green);
+       CHECK_RGBA_RANGE(blue, Blue);
+
        RETURN_LONG(gdImageColorClosest(im, red, green, blue));
 }
 /* }}} */
@@ -2975,6 +2995,10 @@ PHP_FUNCTION(imagecolorclosesthwb)
                RETURN_FALSE;
        }
 
+       CHECK_RGBA_RANGE(red, Red);
+       CHECK_RGBA_RANGE(green, Green);
+       CHECK_RGBA_RANGE(blue, Blue);
+
        RETURN_LONG(gdImageColorClosestHWB(im, red, green, blue));
 }
 /* }}} */
@@ -3029,6 +3053,10 @@ PHP_FUNCTION(imagecolorresolve)
                RETURN_FALSE;
        }
 
+       CHECK_RGBA_RANGE(red, Red);
+       CHECK_RGBA_RANGE(green, Green);
+       CHECK_RGBA_RANGE(blue, Blue);
+
        RETURN_LONG(gdImageColorResolve(im, red, green, blue));
 }
 /* }}} */
@@ -3049,6 +3077,10 @@ PHP_FUNCTION(imagecolorexact)
                RETURN_FALSE;
        }
 
+       CHECK_RGBA_RANGE(red, Red);
+       CHECK_RGBA_RANGE(green, Green);
+       CHECK_RGBA_RANGE(blue, Blue);
+
        RETURN_LONG(gdImageColorExact(im, red, green, blue));
 }
 /* }}} */
@@ -3070,6 +3102,11 @@ PHP_FUNCTION(imagecolorset)
                RETURN_FALSE;
        }
 
+       CHECK_RGBA_RANGE(red, Red);
+       CHECK_RGBA_RANGE(green, Green);
+       CHECK_RGBA_RANGE(blue, Blue);
+       CHECK_RGBA_RANGE(alpha, Alpha);
+
        col = color;
 
        if (col >= 0 && col < gdImageColorsTotal(im)) {