mirror of
https://github.com/php/php-src.git
synced 2026-04-14 11:32:11 +02:00
8dc4f4dc9e
The stack allocated color map buffers were not zeroed before usage, and so undefined palette indexes could cause information leakage.
28 lines
766 B
PHP
28 lines
766 B
PHP
--TEST--
|
|
Bug #74435 (Buffer over-read into uninitialized memory)
|
|
--SKIPIF--
|
|
<?php
|
|
if (!extension_loaded('gd')) die('skip gd extension not available');
|
|
?>
|
|
--FILE--
|
|
<?php
|
|
$im = imagecreatefromgif(__DIR__ . DIRECTORY_SEPARATOR . 'bug74435.gif');
|
|
var_dump($im);
|
|
$width = imagesx($im);
|
|
$height = imagesy($im);
|
|
for ($i = 0; $i < $width; $i += 16) {
|
|
for ($j = 0; $j < $height; $j += 16) {
|
|
if (($index = imagecolorat($im, $i, $j)) >= 2) {
|
|
list($red, $green, $blue, $alpha) = array_values(imagecolorsforindex($im, $index));
|
|
if ($red !== 0 || $green !== 0 || $blue !== 0 || $alpha !== 0) {
|
|
echo "unexpected color at ($i, $j)\n";
|
|
}
|
|
}
|
|
}
|
|
}
|
|
?>
|
|
===DONE===
|
|
--EXPECTF--
|
|
resource(%d) of type (gd)
|
|
===DONE===
|