From: Scott MacVicar Date: Fri, 13 May 2011 05:06:48 +0000 (+0000) Subject: Fixed bug #54723 - getimagesize() doesn't check the full ico signature and misreport... X-Git-Tag: php-5.3.7RC1~132 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=a0857d56acce3a52bd61bcd95b190ec3e9fb011e;p=php Fixed bug #54723 - getimagesize() doesn't check the full ico signature and misreports mpg files --- diff --git a/NEWS b/NEWS index 533770c219..9ae62c830e 100644 --- a/NEWS +++ b/NEWS @@ -19,6 +19,8 @@ PHP NEWS . Implemented FR #54459 (Range function accuracy). (Adam) . Added PHP_MANDIR constant telling where the manpages were installed into, and an --man-dir argument to php-config. (Hannes) + . Fixed bug #54723 (getimagesize() doesn't check the full ico signature). + (Scott) . Fixed bug #54580 (get_browser() segmentation fault when browscap ini directive is set through php_admin_value). (Gustavo) . Fixed bug #54238 (use-after-free in substr_replace()). (Stas) diff --git a/ext/standard/image.c b/ext/standard/image.c index 6a35941b50..d65a8bb59e 100644 --- a/ext/standard/image.c +++ b/ext/standard/image.c @@ -51,7 +51,7 @@ PHPAPI const char php_sig_jp2[12] = {(char)0x00, (char)0x00, (char)0x00, (char)0 (char)0x6a, (char)0x50, (char)0x20, (char)0x20, (char)0x0d, (char)0x0a, (char)0x87, (char)0x0a}; PHPAPI const char php_sig_iff[4] = {'F','O','R','M'}; -PHPAPI const char php_sig_ico[3] = {(char)0x00, (char)0x00, (char)0x01}; +PHPAPI const char php_sig_ico[4] = {(char)0x00, (char)0x00, (char)0x01, (char)0x00}; /* REMEMBER TO ADD MIME-TYPE TO FUNCTION php_image_type_to_mime_type */ /* PCX must check first 64bytes and byte 0=0x0a and byte2 < 0x06 */ @@ -1265,7 +1265,7 @@ PHPAPI int php_getimagetype(php_stream * stream, char *filetype TSRMLS_DC) return IMAGE_FILETYPE_TIFF_MM; } else if (!memcmp(filetype, php_sig_iff, 4)) { return IMAGE_FILETYPE_IFF; - } else if (!memcmp(filetype, php_sig_ico, 3)) { + } else if (!memcmp(filetype, php_sig_ico, 4)) { return IMAGE_FILETYPE_ICO; }