php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #35225 Wrong fopen mode used in GD safe-mode checks
Submitted: 2005-11-15 10:49 UTC Modified: 2005-11-23 01:00 UTC
From: virus at tgu dot ru Assigned:
Status: No Feedback Package: GD related
PHP Version: 4CVS-2005-11-15 (snap) OS:
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: virus at tgu dot ru
New email:
PHP Version: OS:

 

 [2005-11-15 10:49 UTC] virus at tgu dot ru 
Description:
------------
Bug #35071 doesn't seem to be fixed in CVS.
(We still have !php_checkuid(filename, "rb+", CHECKUID_CHECK_FILE_AND_DIR) in php_gd.h)
Bug #35060 is still reproduceable.


Reproduce code:
---------------
<?php
// safe_mode is enabled
$img_out=imagecreatetruecolor(200,200);
imagejpeg($img_out,'files/thingy/test.jpg',100);
imagedestroy($img_out);
?>


Expected result:
----------------
new image created "files/thingy/test.jpg"


Actual result:
--------------
Warning: imagejpeg(): Unable to access files/thingy/test.jpg in /home/moron/www/test.php on line 3

Warning: imagejpeg(): Invalid filename 'files/thingy/test.jpg' in /home/moron/www/test.php on line 3

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2005-11-15 10:52 UTC] tony2001@php.net 
Please try using this CVS snapshot:

  http://snaps.php.net/php4-STABLE-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php4-win32-STABLE-latest.zip

Should be in the next snapshot.
 [2005-11-23 01:00 UTC] php-bugs at lists dot php dot net 
No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Fri Dec 27 11:01:30 2024 UTC