]> granicus.if.org Git - php/commitdiff
projects / php / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 687dad3)
Fix #77391: 1bpp BMPs may fail to be loaded
authorChristoph M. Becker <cmbecker69@gmx.de>
Mon, 31 Dec 2018 19:45:47 +0000 (20:45 +0100)
committerChristoph M. Becker <cmbecker69@gmx.de>
Mon, 31 Dec 2018 19:45:47 +0000 (20:45 +0100)
We port the upstream fix[1].

[1] <https://github.com/libgd/libgd/commit/d0859134fcbd8817f87895bd1cb158096568a7a2>

NEWS patch | blob | history
ext/gd/libgd/gd_bmp.c patch | blob | history
ext/gd/tests/bug77391.bmp [new file with mode: 0644] patch | blob
ext/gd/tests/bug77391.phpt [new file with mode: 0644] patch | blob

diff --git a/NEWS b/NEWS
index 3798a5b2203319967df6e2b6ba6ea04b0b726251..552c94d13668936548667129debf5617113cb3b7 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -2,6 +2,9 @@ PHP                                                                        NEWS
 |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
 ?? ??? 2019, PHP 7.2.15
 
+- GD:
+  . Fixed bug #77391 (1bpp BMPs may fail to be loaded). (Romain Déoux, cmb)
+
 - Sockets:
   . Fixed bug #76839 (socket_recvfrom may return an invalid 'from' address
     on MacOS). (Michael Meyer)
diff --git a/ext/gd/libgd/gd_bmp.c b/ext/gd/libgd/gd_bmp.c
index 8af8751299c8de1a01caa7325f29ce71b1be5455..d71175e413536f372ebc9f766a829de8c85f7925 100644 (file)
--- a/ext/gd/libgd/gd_bmp.c
+++ b/ext/gd/libgd/gd_bmp.c
@@ -813,8 +813,8 @@ static int bmp_read_1bit(gdImagePtr im, gdIOCtxPtr infile, bmp_info_t *info, bmp
                }
        }
 
-       /* The line must be divisible by 4, else its padded with NULLs */
-       padding = ((int)ceil(0.1 * info->width)) % 4;
+       /* The line must be aligned on a 32 bits word, else it is padded with zeros */
+       padding = (info->width + 7) / 8 % 4;
        if (padding) {
                padding = 4 - padding;
        }
diff --git a/ext/gd/tests/bug77391.bmp b/ext/gd/tests/bug77391.bmp
new file mode 100644 (file)
index 0000000..2db27a3
Binary files /dev/null and b/ext/gd/tests/bug77391.bmp differ
diff --git a/ext/gd/tests/bug77391.phpt b/ext/gd/tests/bug77391.phpt
new file mode 100644 (file)
index 0000000..aa76c14
--- /dev/null
+++ b/ext/gd/tests/bug77391.phpt
@@ -0,0 +1,15 @@
+--TEST--
+Bug #77391 (1bpp BMPs may fail to be loaded)
+--SKIPIF--
+<?php
+if (!extension_loaded('gd')) die('skip gd extension not available');
+if (!GD_BUNDLED && version_compare(GD_VERSION, '2.2.5', '<=')) die('skip upstream not yet fixed');
+?>
+--FILE--
+<?php
+var_dump(imagecreatefrombmp(__DIR__ . '/bug77391.bmp'));
+?>
+===DONE===
+--EXPECTF--
+resource(%d) of type (gd)
+===DONE===
Unnamed repository; edit this file 'description' to name the repository.