From 26f989313e4b0bc5880128b332a26e3b2d7c4de0 Mon Sep 17 00:00:00 2001 From: Gina Peter Banyard Date: Sun, 5 Oct 2025 13:58:47 +0100 Subject: [PATCH] Fix GH-20070: Return type violation in imagefilter when an invalid filter is provided Closes GH-20071 --- NEWS | 4 ++++ ext/gd/gd.c | 6 ++++-- .../tests/imagefilter_invalid_filter_error.phpt | 16 ++++++++++++++++ 3 files changed, 24 insertions(+), 2 deletions(-) create mode 100644 ext/gd/tests/imagefilter_invalid_filter_error.phpt diff --git a/NEWS b/NEWS index 6f764b0c853..b06b1bf300b 100644 --- a/NEWS +++ b/NEWS @@ -11,6 +11,10 @@ PHP NEWS . Fixed bug GH-19974 (fpm_status_export_to_zval segfault for parallel execution). (Jakub Zelenka, txuna) +- GD: + . Fixed bug GH-20070 (Return type violation in imagefilter when an invalid + filter is provided). (Girgias) + - Opcache: . Fixed bug GH-20081 (access to uninitialized vars in preload_load()). (Arnaud) diff --git a/ext/gd/gd.c b/ext/gd/gd.c index 44e46841062..2c3fce862ea 100644 --- a/ext/gd/gd.c +++ b/ext/gd/gd.c @@ -3404,9 +3404,11 @@ PHP_FUNCTION(imagefilter) RETURN_THROWS(); } - if (filtertype >= 0 && filtertype <= IMAGE_FILTER_MAX) { - filters[filtertype](INTERNAL_FUNCTION_PARAM_PASSTHRU); + if (UNEXPECTED(filtertype < 0 || filtertype > IMAGE_FILTER_MAX)) { + zend_argument_value_error(2, "must be one of the IMG_FILTER_* filter constants"); + RETURN_THROWS(); } + filters[filtertype](INTERNAL_FUNCTION_PARAM_PASSTHRU); } /* }}} */ diff --git a/ext/gd/tests/imagefilter_invalid_filter_error.phpt b/ext/gd/tests/imagefilter_invalid_filter_error.phpt new file mode 100644 index 00000000000..f543e4a69f5 --- /dev/null +++ b/ext/gd/tests/imagefilter_invalid_filter_error.phpt @@ -0,0 +1,16 @@ +--TEST-- +GH-20070: Testing wrong parameter passing in imagefilter() of GD library +--EXTENSIONS-- +gd +--FILE-- +getMessage(), "\n"; +} +?> +--EXPECT-- +ValueError: imagefilter(): Argument #2 ($filter) must be one of the IMG_FILTER_* filter constants