PHP :: Bug #69024 :: imagescale segfault with palette based image

Bug #69024	imagescale segfault with palette based image
Submitted:	2015-02-11 01:33 UTC	Modified:	2015-07-13 14:05 UTC
From:	gmblar+php at gmail dot com	Assigned:	cmb (profile)
Status:	Closed	Package:	GD related
PHP Version:	5.6.5	OS:	MacOSX 10.10.2
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	gmblar+php at gmail dot com
New email:
PHP Version:		OS:

New Comment:

[2015-02-11 01:33 UTC] gmblar+php at gmail dot com

Description:
------------
imagescale segfault with palette based image.


Program received signal EXC_BAD_ACCESS, Could not access memory.
Reason: KERN_INVALID_ADDRESS at address: 0x0000000000000000
0x0000000100f7843f in gdImageScaleTwoPass ()
(gdb) bt
#0  0x0000000100f7843f in gdImageScaleTwoPass ()
#1  0x0000000100f5e3ba in zif_imagescale ()
#2  0x0000000100ac4bb0 in xdebug_execute_internal ()
#3  0x000000010023fe24 in zend_do_fcall_common_helper_SPEC ()
#4  0x00000001001fd5f6 in execute_ex ()
#5  0x0000000100ac48b9 in xdebug_execute_ex ()
#6  0x00000001001d64b2 in zend_execute_scripts ()
#7  0x000000010017ec27 in php_execute_script ()
#8  0x000000010025f6be in do_cli ()
#9  0x000000010025e354 in main ()

Test script:
---------------
<?php

$image = imagecreate(256, 256);
imagescale($image, 32, 32, IMG_BICUBIC);

Expected result:
----------------
Nothing

Actual result:
--------------
Segmentation fault: 11

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2015-02-11 01:35 UTC] gmblar+php at gmail dot com

Same with PHP 5.6.5-1~dotdeb.1 on debian 7.6


Program received signal SIGSEGV, Segmentation fault.
0x00007ffff3f41bf1 in ?? () from /usr/lib/php5/20131226/gd.so
(gdb) bt
#0  0x00007ffff3f41bf1 in ?? () from /usr/lib/php5/20131226/gd.so
#1  0x00007ffff3f18f1e in ?? () from /usr/lib/php5/20131226/gd.so
#2  0x00000000006c9919 in dtrace_execute_internal ()
#3  0x000000000077d1e1 in ?? ()
#4  0x0000000000743a88 in execute_ex ()
#5  0x00000000006c97ed in dtrace_execute_ex ()
#6  0x00000000006dc028 in zend_execute_scripts ()
#7  0x000000000067796c in php_execute_script ()
#8  0x0000000000780783 in ?? ()
#9  0x0000000000433b7f in ?? ()
#10 0x00007ffff503eeed in __libc_start_main () from /lib/x86_64-linux-gnu/libc.so.6
#11 0x0000000000433c15 in _start ()

[2015-07-13 11:04 UTC] laruence@php.net

-Assigned To: +Assigned To: cmb

[2015-07-13 11:04 UTC] laruence@php.net

I confirm this bug also exists in master, @cmb maybe you could have a look into it?

[2015-07-13 11:22 UTC] cmb@php.net

-Status: Assigned +Status: Verified

[2015-07-13 11:22 UTC] cmb@php.net

I can confirm the issue with PHP 7.0.0beta1 on Windows, too. I'll
have a closer look.

[2015-07-13 12:53 UTC] cmb@php.net

-Status: Verified +Status: Analyzed

[2015-07-13 12:53 UTC] cmb@php.net

Several of the scaling algorithms require true color images. The
external libgd converts if necessary[1], what is not yet
implemented for the bundled libgd. I'm working on patch.

[1] <https://github.com/libgd/libgd/commit/723ea520bed3b5854df87393c687323d3930edf3>

[2015-07-13 14:05 UTC] cmb@php.net

-Status: Analyzed +Status: Closed

[2015-07-13 14:05 UTC] cmb@php.net

> Several of the scaling algorithms require true color images.

No, only IMG_BICUBIC has been affected.

The fix for this bug has been committed[1].

Thank you for the report, and for helping us make PHP better.

[1] <http://git.php.net/?p=php-src.git;a=commit;h=fa53d8463f2566f5e4cdedda7a2662f74a7dcd7c>

[2015-07-14 08:14 UTC] cmb@php.net

Automatic comment on behalf of cmb
Revision: http://git.php.net/?p=php-src.git;a=commit;h=bccbd2df218f5a36650581506c4306a58a157cb2
Log: Fix #69024: imagescale segfault with palette based image

[2015-07-21 14:20 UTC] ab@php.net

Automatic comment on behalf of cmb
Revision: http://git.php.net/?p=php-src.git;a=commit;h=fa53d8463f2566f5e4cdedda7a2662f74a7dcd7c
Log: Fix #69024: imagescale segfault with palette based image

[2015-07-21 14:20 UTC] ab@php.net

Automatic comment on behalf of cmb
Revision: http://git.php.net/?p=php-src.git;a=commit;h=bccbd2df218f5a36650581506c4306a58a157cb2
Log: Fix #69024: imagescale segfault with palette based image

[2016-07-20 11:37 UTC] davey@php.net

Automatic comment on behalf of cmb
Revision: http://git.php.net/?p=php-src.git;a=commit;h=bccbd2df218f5a36650581506c4306a58a157cb2
Log: Fix #69024: imagescale segfault with palette based image

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Tue Dec 03 17:01:29 2024 UTC