PHP :: Sec Bug #73868 :: Fix DOS vulnerability in gdImageCreateFromGd2Ctx()

Sec Bug #73868	Fix DOS vulnerability in gdImageCreateFromGd2Ctx()
Submitted:	2017-01-05 10:31 UTC	Modified:	2017-01-28 23:06 UTC
From:	ondrej@php.net	Assigned:	cmb (profile)
Status:	Closed	Package:	GD related
PHP Version:	5.6.29	OS:
Private report:	No	CVE-ID:	2016-10167

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	ondrej@php.net
New email:
PHP Version:		OS:

New Comment:

[2017-01-05 10:31 UTC] ondrej@php.net

Description:
------------
This is a security sync with GD-2.2

~~~

We must not pretend that there are image data if there are none. Instead
we fail reading the image file gracefully.

Patches

fix-73868 (last revision 2017-01-05 15:53 UTC by cmb@php.net)
0003-Fix-DOS-vulnerability-in-gdImageCreateFromGd2Ctx.patch (last revision 2017-01-05 10:31 UTC by ondrej)

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2017-01-05 10:32 UTC] ondrej@php.net

-Type: Bug +Type: Security -Private report: No +Private report: Yes

[2017-01-05 15:53 UTC] cmb@php.net

The following patch has been added/updated:

Patch Name: fix-73868
Revision:   1483631603
URL:        https://bugs.php.net/patch-display.php?bug=73868&patch=fix-73868&revision=1483631603

[2017-01-05 15:56 UTC] cmb@php.net

fix-73868 fixes a compile issue with Ondřej's patch and also adds
a respective PHPT. It should be applied against PHP-5.6.

[2017-01-05 19:33 UTC] stas@php.net

-Assigned To: +Assigned To: cmb

[2017-01-05 19:34 UTC] stas@php.net

Is this bug 7.1 only? If not, the version should be set to the minimal branch this bug happens in (since it's GD I assume it'd be 5.6).

[2017-01-05 23:07 UTC] cmb@php.net

-PHP Version: 7.1.0 +PHP Version: 5.6.29

[2017-01-05 23:07 UTC] cmb@php.net

Indeed, this affects PHP 5.6+.

[2017-01-16 17:08 UTC] ab@php.net

Merged into security repo as cdb648dc4115ce0722f3cc75e6a65115fc0e56ab.

Thanks.

[2017-01-21 16:54 UTC] cmb@php.net

-Status: Assigned +Status: Closed

[2017-01-21 16:54 UTC] cmb@php.net

The fix has been released with PHP 5.6.30, 7.0.15 and 7.1.1, so
I'm (dis)closing.

[2017-01-28 23:06 UTC] cmb@php.net

-CVE-ID: +CVE-ID: 2016-10167

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Thu Nov 21 10:01:29 2024 UTC