PHP :: Bug #79067 :: gdTransformAffineCopy() may use unitialized values

Bug #79067	gdTransformAffineCopy() may use unitialized values
Submitted:	2020-01-06 08:28 UTC	Modified:	2020-01-06 08:28 UTC
From:	cmb@php.net	Assigned:	cmb (profile)
Status:	Closed	Package:	GD related
PHP Version:	7.3Git-2020-01-06 (Git)	OS:	*
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	cmb@php.net
New email:
PHP Version:		OS:

New Comment:

[2020-01-06 08:28 UTC] cmb@php.net

Description:
------------
See <https://github.com/libgd/libgd/issues/583>.

Test script:
---------------
<?php

$matrix = [1, 1, 1, 1, 1, 1];
$src = imagecreatetruecolor(8, 8);
var_dump(imageaffine($src, $matrix));


Expected result:
----------------
bool(false)

Actual result:
--------------
==10583== Memcheck, a memory error detector
==10583== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
==10583== Using Valgrind-3.12.0.SVN and LibVEX; rerun with -h for copyright info
==10583== Command: sapi/cli/php /mnt/c/php-sdk/phpdev/vc15/x64/affine.php
==10583==
==10583== Conditional jump or move depends on uninitialised value(s)
==10583==    at 0x297F3B: getPixelInterpolated (gd_interpolation.c:747)
==10583==    by 0x29D050: gdTransformAffineCopy (gd_interpolation.c:2425)
==10583==    by 0x29D384: gdTransformAffineGetImage (gd_interpolation.c:2309)
==10583==    by 0x27E017: zif_imageaffine (gd.c:4880)
==10583==    by 0x439ADD: ZEND_DO_ICALL_SPEC_RETVAL_USED_HANDLER (zend_vm_execute.h:694)
==10583==    by 0x439ADD: execute_ex (zend_vm_execute.h:55507)
==10583==    by 0x44214F: zend_execute (zend_vm_execute.h:60939)
==10583==    by 0x3B842A: zend_execute_scripts (zend.c:1568)
==10583==    by 0x357F9F: php_execute_script (main.c:2639)
==10583==    by 0x44449D: do_cli (php_cli.c:997)
==10583==    by 0x1E94FC: main (php_cli.c:1389)
==10583==
==10583== Conditional jump or move depends on uninitialised value(s)
==10583==    at 0x297F4E: getPixelInterpolated (gd_interpolation.c:748)
==10583==    by 0x29D050: gdTransformAffineCopy (gd_interpolation.c:2425)
==10583==    by 0x29D384: gdTransformAffineGetImage (gd_interpolation.c:2309)
==10583==    by 0x27E017: zif_imageaffine (gd.c:4880)
==10583==    by 0x439ADD: ZEND_DO_ICALL_SPEC_RETVAL_USED_HANDLER (zend_vm_execute.h:694)
==10583==    by 0x439ADD: execute_ex (zend_vm_execute.h:55507)
==10583==    by 0x44214F: zend_execute (zend_vm_execute.h:60939)
==10583==    by 0x3B842A: zend_execute_scripts (zend.c:1568)
==10583==    by 0x357F9F: php_execute_script (main.c:2639)
==10583==    by 0x44449D: do_cli (php_cli.c:997)
==10583==    by 0x1E94FC: main (php_cli.c:1389)
==10583==
==10583== Conditional jump or move depends on uninitialised value(s)
==10583==    at 0x296F5C: filter_bicubic (gd_interpolation.c:343)
==10583==    by 0x297FDC: getPixelInterpolated (gd_interpolation.c:773)
==10583==    by 0x29D050: gdTransformAffineCopy (gd_interpolation.c:2425)
==10583==    by 0x29D384: gdTransformAffineGetImage (gd_interpolation.c:2309)
==10583==    by 0x27E017: zif_imageaffine (gd.c:4880)
==10583==    by 0x439ADD: ZEND_DO_ICALL_SPEC_RETVAL_USED_HANDLER (zend_vm_execute.h:694)
==10583==    by 0x439ADD: execute_ex (zend_vm_execute.h:55507)
==10583==    by 0x44214F: zend_execute (zend_vm_execute.h:60939)
==10583==    by 0x3B842A: zend_execute_scripts (zend.c:1568)
==10583==    by 0x357F9F: php_execute_script (main.c:2639)
==10583==    by 0x44449D: do_cli (php_cli.c:997)
==10583==    by 0x1E94FC: main (php_cli.c:1389)
==10583==
==10583== Conditional jump or move depends on uninitialised value(s)
==10583==    at 0x296F6A: filter_bicubic (gd_interpolation.c:344)
==10583==    by 0x297FDC: getPixelInterpolated (gd_interpolation.c:773)
==10583==    by 0x29D050: gdTransformAffineCopy (gd_interpolation.c:2425)
==10583==    by 0x29D384: gdTransformAffineGetImage (gd_interpolation.c:2309)
==10583==    by 0x27E017: zif_imageaffine (gd.c:4880)
==10583==    by 0x439ADD: ZEND_DO_ICALL_SPEC_RETVAL_USED_HANDLER (zend_vm_execute.h:694)
==10583==    by 0x439ADD: execute_ex (zend_vm_execute.h:55507)
==10583==    by 0x44214F: zend_execute (zend_vm_execute.h:60939)
==10583==    by 0x3B842A: zend_execute_scripts (zend.c:1568)
==10583==    by 0x357F9F: php_execute_script (main.c:2639)
==10583==    by 0x44449D: do_cli (php_cli.c:997)
==10583==    by 0x1E94FC: main (php_cli.c:1389)
==10583==
==10583== Conditional jump or move depends on uninitialised value(s)
==10583==    at 0x296F5C: filter_bicubic (gd_interpolation.c:343)
==10583==    by 0x297FFF: getPixelInterpolated (gd_interpolation.c:774)
==10583==    by 0x29D050: gdTransformAffineCopy (gd_interpolation.c:2425)
==10583==    by 0x29D384: gdTransformAffineGetImage (gd_interpolation.c:2309)
==10583==    by 0x27E017: zif_imageaffine (gd.c:4880)
==10583==    by 0x439ADD: ZEND_DO_ICALL_SPEC_RETVAL_USED_HANDLER (zend_vm_execute.h:694)
==10583==    by 0x439ADD: execute_ex (zend_vm_execute.h:55507)
==10583==    by 0x44214F: zend_execute (zend_vm_execute.h:60939)
==10583==    by 0x3B842A: zend_execute_scripts (zend.c:1568)
==10583==    by 0x357F9F: php_execute_script (main.c:2639)
==10583==    by 0x44449D: do_cli (php_cli.c:997)
==10583==    by 0x1E94FC: main (php_cli.c:1389)
==10583==
==10583== Conditional jump or move depends on uninitialised value(s)
==10583==    at 0x296F6A: filter_bicubic (gd_interpolation.c:344)
==10583==    by 0x297FFF: getPixelInterpolated (gd_interpolation.c:774)
==10583==    by 0x29D050: gdTransformAffineCopy (gd_interpolation.c:2425)
==10583==    by 0x29D384: gdTransformAffineGetImage (gd_interpolation.c:2309)
==10583==    by 0x27E017: zif_imageaffine (gd.c:4880)
==10583==    by 0x439ADD: ZEND_DO_ICALL_SPEC_RETVAL_USED_HANDLER (zend_vm_execute.h:694)
==10583==    by 0x439ADD: execute_ex (zend_vm_execute.h:55507)
==10583==    by 0x44214F: zend_execute (zend_vm_execute.h:60939)
==10583==    by 0x3B842A: zend_execute_scripts (zend.c:1568)
==10583==    by 0x357F9F: php_execute_script (main.c:2639)
==10583==    by 0x44449D: do_cli (php_cli.c:997)
==10583==    by 0x1E94FC: main (php_cli.c:1389)
==10583==
==10583== Conditional jump or move depends on uninitialised value(s)
==10583==    at 0x298036: getPixelInterpolated (gd_interpolation.c:784)
==10583==    by 0x29D050: gdTransformAffineCopy (gd_interpolation.c:2425)
==10583==    by 0x29D384: gdTransformAffineGetImage (gd_interpolation.c:2309)
==10583==    by 0x27E017: zif_imageaffine (gd.c:4880)
==10583==    by 0x439ADD: ZEND_DO_ICALL_SPEC_RETVAL_USED_HANDLER (zend_vm_execute.h:694)
==10583==    by 0x439ADD: execute_ex (zend_vm_execute.h:55507)
==10583==    by 0x44214F: zend_execute (zend_vm_execute.h:60939)
==10583==    by 0x3B842A: zend_execute_scripts (zend.c:1568)
==10583==    by 0x357F9F: php_execute_script (main.c:2639)
==10583==    by 0x44449D: do_cli (php_cli.c:997)
==10583==    by 0x1E94FC: main (php_cli.c:1389)
==10583==
==10583== Use of uninitialised value of size 8
==10583==    at 0x2980E0: getPixelInterpolated (gd_interpolation.c:786)
==10583==    by 0x29D050: gdTransformAffineCopy (gd_interpolation.c:2425)
==10583==    by 0x29D384: gdTransformAffineGetImage (gd_interpolation.c:2309)
==10583==    by 0x27E017: zif_imageaffine (gd.c:4880)
==10583==    by 0x439ADD: ZEND_DO_ICALL_SPEC_RETVAL_USED_HANDLER (zend_vm_execute.h:694)
==10583==    by 0x439ADD: execute_ex (zend_vm_execute.h:55507)
==10583==    by 0x44214F: zend_execute (zend_vm_execute.h:60939)
==10583==    by 0x3B842A: zend_execute_scripts (zend.c:1568)
==10583==    by 0x357F9F: php_execute_script (main.c:2639)
==10583==    by 0x44449D: do_cli (php_cli.c:997)
==10583==    by 0x1E94FC: main (php_cli.c:1389)
==10583==
==10583== Conditional jump or move depends on uninitialised value(s)
==10583==    at 0x2980F4: getPixelInterpolated (gd_interpolation.c:788)
==10583==    by 0x29D050: gdTransformAffineCopy (gd_interpolation.c:2425)
==10583==    by 0x29D384: gdTransformAffineGetImage (gd_interpolation.c:2309)
==10583==    by 0x27E017: zif_imageaffine (gd.c:4880)
==10583==    by 0x439ADD: ZEND_DO_ICALL_SPEC_RETVAL_USED_HANDLER (zend_vm_execute.h:694)
==10583==    by 0x439ADD: execute_ex (zend_vm_execute.h:55507)
==10583==    by 0x44214F: zend_execute (zend_vm_execute.h:60939)
==10583==    by 0x3B842A: zend_execute_scripts (zend.c:1568)
==10583==    by 0x357F9F: php_execute_script (main.c:2639)
==10583==    by 0x44449D: do_cli (php_cli.c:997)
==10583==    by 0x1E94FC: main (php_cli.c:1389)
==10583==
==10583== Conditional jump or move depends on uninitialised value(s)
==10583==    at 0x298114: getPixelOverflowTC (gd_interpolation.c:658)
==10583==    by 0x298114: getPixelInterpolated (gd_interpolation.c:789)
==10583==    by 0x29D050: gdTransformAffineCopy (gd_interpolation.c:2425)
==10583==    by 0x29D384: gdTransformAffineGetImage (gd_interpolation.c:2309)
==10583==    by 0x27E017: zif_imageaffine (gd.c:4880)
==10583==    by 0x439ADD: ZEND_DO_ICALL_SPEC_RETVAL_USED_HANDLER (zend_vm_execute.h:694)
==10583==    by 0x439ADD: execute_ex (zend_vm_execute.h:55507)
==10583==    by 0x44214F: zend_execute (zend_vm_execute.h:60939)
==10583==    by 0x3B842A: zend_execute_scripts (zend.c:1568)
==10583==    by 0x357F9F: php_execute_script (main.c:2639)
==10583==    by 0x44449D: do_cli (php_cli.c:997)
==10583==    by 0x1E94FC: main (php_cli.c:1389)
==10583==
==10583== Use of uninitialised value of size 8
==10583==    at 0x2981A0: getPixelInterpolated (gd_interpolation.c:791)
==10583==    by 0x29D050: gdTransformAffineCopy (gd_interpolation.c:2425)
==10583==    by 0x29D384: gdTransformAffineGetImage (gd_interpolation.c:2309)
==10583==    by 0x27E017: zif_imageaffine (gd.c:4880)
==10583==    by 0x439ADD: ZEND_DO_ICALL_SPEC_RETVAL_USED_HANDLER (zend_vm_execute.h:694)
==10583==    by 0x439ADD: execute_ex (zend_vm_execute.h:55507)
==10583==    by 0x44214F: zend_execute (zend_vm_execute.h:60939)
==10583==    by 0x3B842A: zend_execute_scripts (zend.c:1568)
==10583==    by 0x357F9F: php_execute_script (main.c:2639)
==10583==    by 0x44449D: do_cli (php_cli.c:997)
==10583==    by 0x1E94FC: main (php_cli.c:1389)
==10583==
==10583== Conditional jump or move depends on uninitialised value(s)
==10583==    at 0x2981D7: getPixelInterpolated (gd_interpolation.c:788)
==10583==    by 0x29D050: gdTransformAffineCopy (gd_interpolation.c:2425)
==10583==    by 0x29D384: gdTransformAffineGetImage (gd_interpolation.c:2309)
==10583==    by 0x27E017: zif_imageaffine (gd.c:4880)
==10583==    by 0x439ADD: ZEND_DO_ICALL_SPEC_RETVAL_USED_HANDLER (zend_vm_execute.h:694)
==10583==    by 0x439ADD: execute_ex (zend_vm_execute.h:55507)
==10583==    by 0x44214F: zend_execute (zend_vm_execute.h:60939)
==10583==    by 0x3B842A: zend_execute_scripts (zend.c:1568)
==10583==    by 0x357F9F: php_execute_script (main.c:2639)
==10583==    by 0x44449D: do_cli (php_cli.c:997)
==10583==    by 0x1E94FC: main (php_cli.c:1389)
==10583==
==10583== Conditional jump or move depends on uninitialised value(s)
==10583==    at 0x2981ED: getPixelInterpolated (gd_interpolation.c:784)
==10583==    by 0x29D050: gdTransformAffineCopy (gd_interpolation.c:2425)
==10583==    by 0x29D384: gdTransformAffineGetImage (gd_interpolation.c:2309)
==10583==    by 0x27E017: zif_imageaffine (gd.c:4880)
==10583==    by 0x439ADD: ZEND_DO_ICALL_SPEC_RETVAL_USED_HANDLER (zend_vm_execute.h:694)
==10583==    by 0x439ADD: execute_ex (zend_vm_execute.h:55507)
==10583==    by 0x44214F: zend_execute (zend_vm_execute.h:60939)
==10583==    by 0x3B842A: zend_execute_scripts (zend.c:1568)
==10583==    by 0x357F9F: php_execute_script (main.c:2639)
==10583==    by 0x44449D: do_cli (php_cli.c:997)
==10583==    by 0x1E94FC: main (php_cli.c:1389)
==10583==
==10583== Conditional jump or move depends on uninitialised value(s)
==10583==    at 0x298121: getPixelOverflowTC (gd_interpolation.c:658)
==10583==    by 0x298121: getPixelInterpolated (gd_interpolation.c:789)
==10583==    by 0x29D050: gdTransformAffineCopy (gd_interpolation.c:2425)
==10583==    by 0x29D384: gdTransformAffineGetImage (gd_interpolation.c:2309)
==10583==    by 0x27E017: zif_imageaffine (gd.c:4880)
==10583==    by 0x439ADD: ZEND_DO_ICALL_SPEC_RETVAL_USED_HANDLER (zend_vm_execute.h:694)
==10583==    by 0x439ADD: execute_ex (zend_vm_execute.h:55507)
==10583==    by 0x44214F: zend_execute (zend_vm_execute.h:60939)
==10583==    by 0x3B842A: zend_execute_scripts (zend.c:1568)
==10583==    by 0x357F9F: php_execute_script (main.c:2639)
==10583==    by 0x44449D: do_cli (php_cli.c:997)
==10583==    by 0x1E94FC: main (php_cli.c:1389)
==10583==
==10583== Conditional jump or move depends on uninitialised value(s)
==10583==    at 0x29812E: getPixelOverflowTC (gd_interpolation.c:658)
==10583==    by 0x29812E: getPixelInterpolated (gd_interpolation.c:789)
==10583==    by 0x29D050: gdTransformAffineCopy (gd_interpolation.c:2425)
==10583==    by 0x29D384: gdTransformAffineGetImage (gd_interpolation.c:2309)
==10583==    by 0x27E017: zif_imageaffine (gd.c:4880)
==10583==    by 0x439ADD: ZEND_DO_ICALL_SPEC_RETVAL_USED_HANDLER (zend_vm_execute.h:694)
==10583==    by 0x439ADD: execute_ex (zend_vm_execute.h:55507)
==10583==    by 0x44214F: zend_execute (zend_vm_execute.h:60939)
==10583==    by 0x3B842A: zend_execute_scripts (zend.c:1568)
==10583==    by 0x357F9F: php_execute_script (main.c:2639)
==10583==    by 0x44449D: do_cli (php_cli.c:997)
==10583==    by 0x1E94FC: main (php_cli.c:1389)
==10583==
==10583== Conditional jump or move depends on uninitialised value(s)
==10583==    at 0x29813B: getPixelOverflowTC (gd_interpolation.c:658)
==10583==    by 0x29813B: getPixelInterpolated (gd_interpolation.c:789)
==10583==    by 0x29D050: gdTransformAffineCopy (gd_interpolation.c:2425)
==10583==    by 0x29D384: gdTransformAffineGetImage (gd_interpolation.c:2309)
==10583==    by 0x27E017: zif_imageaffine (gd.c:4880)
==10583==    by 0x439ADD: ZEND_DO_ICALL_SPEC_RETVAL_USED_HANDLER (zend_vm_execute.h:694)
==10583==    by 0x439ADD: execute_ex (zend_vm_execute.h:55507)
==10583==    by 0x44214F: zend_execute (zend_vm_execute.h:60939)
==10583==    by 0x3B842A: zend_execute_scripts (zend.c:1568)
==10583==    by 0x357F9F: php_execute_script (main.c:2639)
==10583==    by 0x44449D: do_cli (php_cli.c:997)
==10583==    by 0x1E94FC: main (php_cli.c:1389)
==10583==
==10583== Conditional jump or move depends on uninitialised value(s)
==10583==    at 0x298204: getPixelInterpolated (gd_interpolation.c:810)
==10583==    by 0x29D050: gdTransformAffineCopy (gd_interpolation.c:2425)
==10583==    by 0x29D384: gdTransformAffineGetImage (gd_interpolation.c:2309)
==10583==    by 0x27E017: zif_imageaffine (gd.c:4880)
==10583==    by 0x439ADD: ZEND_DO_ICALL_SPEC_RETVAL_USED_HANDLER (zend_vm_execute.h:694)
==10583==    by 0x439ADD: execute_ex (zend_vm_execute.h:55507)
==10583==    by 0x44214F: zend_execute (zend_vm_execute.h:60939)
==10583==    by 0x3B842A: zend_execute_scripts (zend.c:1568)
==10583==    by 0x357F9F: php_execute_script (main.c:2639)
==10583==    by 0x44449D: do_cli (php_cli.c:997)
==10583==    by 0x1E94FC: main (php_cli.c:1389)
==10583==
==10583== Conditional jump or move depends on uninitialised value(s)
==10583==    at 0x298427: getPixelInterpolated (gd_interpolation.c:810)
==10583==    by 0x29D050: gdTransformAffineCopy (gd_interpolation.c:2425)
==10583==    by 0x29D384: gdTransformAffineGetImage (gd_interpolation.c:2309)
==10583==    by 0x27E017: zif_imageaffine (gd.c:4880)
==10583==    by 0x439ADD: ZEND_DO_ICALL_SPEC_RETVAL_USED_HANDLER (zend_vm_execute.h:694)
==10583==    by 0x439ADD: execute_ex (zend_vm_execute.h:55507)
==10583==    by 0x44214F: zend_execute (zend_vm_execute.h:60939)
==10583==    by 0x3B842A: zend_execute_scripts (zend.c:1568)
==10583==    by 0x357F9F: php_execute_script (main.c:2639)
==10583==    by 0x44449D: do_cli (php_cli.c:997)
==10583==    by 0x1E94FC: main (php_cli.c:1389)
==10583==
==10583== Conditional jump or move depends on uninitialised value(s)
==10583==    at 0x29843D: getPixelInterpolated (gd_interpolation.c:811)
==10583==    by 0x29D050: gdTransformAffineCopy (gd_interpolation.c:2425)
==10583==    by 0x29D384: gdTransformAffineGetImage (gd_interpolation.c:2309)
==10583==    by 0x27E017: zif_imageaffine (gd.c:4880)
==10583==    by 0x439ADD: ZEND_DO_ICALL_SPEC_RETVAL_USED_HANDLER (zend_vm_execute.h:694)
==10583==    by 0x439ADD: execute_ex (zend_vm_execute.h:55507)
==10583==    by 0x44214F: zend_execute (zend_vm_execute.h:60939)
==10583==    by 0x3B842A: zend_execute_scripts (zend.c:1568)
==10583==    by 0x357F9F: php_execute_script (main.c:2639)
==10583==    by 0x44449D: do_cli (php_cli.c:997)
==10583==    by 0x1E94FC: main (php_cli.c:1389)
==10583==
==10583== Conditional jump or move depends on uninitialised value(s)
==10583==    at 0x2983F7: getPixelInterpolated (gd_interpolation.c:811)
==10583==    by 0x29D050: gdTransformAffineCopy (gd_interpolation.c:2425)
==10583==    by 0x29D384: gdTransformAffineGetImage (gd_interpolation.c:2309)
==10583==    by 0x27E017: zif_imageaffine (gd.c:4880)
==10583==    by 0x439ADD: ZEND_DO_ICALL_SPEC_RETVAL_USED_HANDLER (zend_vm_execute.h:694)
==10583==    by 0x439ADD: execute_ex (zend_vm_execute.h:55507)
==10583==    by 0x44214F: zend_execute (zend_vm_execute.h:60939)
==10583==    by 0x3B842A: zend_execute_scripts (zend.c:1568)
==10583==    by 0x357F9F: php_execute_script (main.c:2639)
==10583==    by 0x44449D: do_cli (php_cli.c:997)
==10583==    by 0x1E94FC: main (php_cli.c:1389)
==10583==
==10583== Conditional jump or move depends on uninitialised value(s)
==10583==    at 0x29840F: getPixelInterpolated (gd_interpolation.c:812)
==10583==    by 0x29D050: gdTransformAffineCopy (gd_interpolation.c:2425)
==10583==    by 0x29D384: gdTransformAffineGetImage (gd_interpolation.c:2309)
==10583==    by 0x27E017: zif_imageaffine (gd.c:4880)
==10583==    by 0x439ADD: ZEND_DO_ICALL_SPEC_RETVAL_USED_HANDLER (zend_vm_execute.h:694)
==10583==    by 0x439ADD: execute_ex (zend_vm_execute.h:55507)
==10583==    by 0x44214F: zend_execute (zend_vm_execute.h:60939)
==10583==    by 0x3B842A: zend_execute_scripts (zend.c:1568)
==10583==    by 0x357F9F: php_execute_script (main.c:2639)
==10583==    by 0x44449D: do_cli (php_cli.c:997)
==10583==    by 0x1E94FC: main (php_cli.c:1389)
==10583==
==10583== Conditional jump or move depends on uninitialised value(s)
==10583==    at 0x29822B: getPixelInterpolated (gd_interpolation.c:812)
==10583==    by 0x29D050: gdTransformAffineCopy (gd_interpolation.c:2425)
==10583==    by 0x29D384: gdTransformAffineGetImage (gd_interpolation.c:2309)
==10583==    by 0x27E017: zif_imageaffine (gd.c:4880)
==10583==    by 0x439ADD: ZEND_DO_ICALL_SPEC_RETVAL_USED_HANDLER (zend_vm_execute.h:694)
==10583==    by 0x439ADD: execute_ex (zend_vm_execute.h:55507)
==10583==    by 0x44214F: zend_execute (zend_vm_execute.h:60939)
==10583==    by 0x3B842A: zend_execute_scripts (zend.c:1568)
==10583==    by 0x357F9F: php_execute_script (main.c:2639)
==10583==    by 0x44449D: do_cli (php_cli.c:997)
==10583==    by 0x1E94FC: main (php_cli.c:1389)
==10583==
==10583== Conditional jump or move depends on uninitialised value(s)
==10583==    at 0x29823B: getPixelInterpolated (gd_interpolation.c:813)
==10583==    by 0x29D050: gdTransformAffineCopy (gd_interpolation.c:2425)
==10583==    by 0x29D384: gdTransformAffineGetImage (gd_interpolation.c:2309)
==10583==    by 0x27E017: zif_imageaffine (gd.c:4880)
==10583==    by 0x439ADD: ZEND_DO_ICALL_SPEC_RETVAL_USED_HANDLER (zend_vm_execute.h:694)
==10583==    by 0x439ADD: execute_ex (zend_vm_execute.h:55507)
==10583==    by 0x44214F: zend_execute (zend_vm_execute.h:60939)
==10583==    by 0x3B842A: zend_execute_scripts (zend.c:1568)
==10583==    by 0x357F9F: php_execute_script (main.c:2639)
==10583==    by 0x44449D: do_cli (php_cli.c:997)
==10583==    by 0x1E94FC: main (php_cli.c:1389)
==10583==
==10583== Conditional jump or move depends on uninitialised value(s)
==10583==    at 0x2983D7: getPixelInterpolated (gd_interpolation.c:813)
==10583==    by 0x29D050: gdTransformAffineCopy (gd_interpolation.c:2425)
==10583==    by 0x29D384: gdTransformAffineGetImage (gd_interpolation.c:2309)
==10583==    by 0x27E017: zif_imageaffine (gd.c:4880)
==10583==    by 0x439ADD: ZEND_DO_ICALL_SPEC_RETVAL_USED_HANDLER (zend_vm_execute.h:694)
==10583==    by 0x439ADD: execute_ex (zend_vm_execute.h:55507)
==10583==    by 0x44214F: zend_execute (zend_vm_execute.h:60939)
==10583==    by 0x3B842A: zend_execute_scripts (zend.c:1568)
==10583==    by 0x357F9F: php_execute_script (main.c:2639)
==10583==    by 0x44449D: do_cli (php_cli.c:997)
==10583==    by 0x1E94FC: main (php_cli.c:1389)
==10583==
==10583== Conditional jump or move depends on uninitialised value(s)
==10583==    at 0x298213: getPixelInterpolated (gd_interpolation.c:811)
==10583==    by 0x29D050: gdTransformAffineCopy (gd_interpolation.c:2425)
==10583==    by 0x29D384: gdTransformAffineGetImage (gd_interpolation.c:2309)
==10583==    by 0x27E017: zif_imageaffine (gd.c:4880)
==10583==    by 0x439ADD: ZEND_DO_ICALL_SPEC_RETVAL_USED_HANDLER (zend_vm_execute.h:694)
==10583==    by 0x439ADD: execute_ex (zend_vm_execute.h:55507)
==10583==    by 0x44214F: zend_execute (zend_vm_execute.h:60939)
==10583==    by 0x3B842A: zend_execute_scripts (zend.c:1568)
==10583==    by 0x357F9F: php_execute_script (main.c:2639)
==10583==    by 0x44449D: do_cli (php_cli.c:997)
==10583==    by 0x1E94FC: main (php_cli.c:1389)
==10583==
==10583== Conditional jump or move depends on uninitialised value(s)
==10583==    at 0x298222: getPixelInterpolated (gd_interpolation.c:812)
==10583==    by 0x29D050: gdTransformAffineCopy (gd_interpolation.c:2425)
==10583==    by 0x29D384: gdTransformAffineGetImage (gd_interpolation.c:2309)
==10583==    by 0x27E017: zif_imageaffine (gd.c:4880)
==10583==    by 0x439ADD: ZEND_DO_ICALL_SPEC_RETVAL_USED_HANDLER (zend_vm_execute.h:694)
==10583==    by 0x439ADD: execute_ex (zend_vm_execute.h:55507)
==10583==    by 0x44214F: zend_execute (zend_vm_execute.h:60939)
==10583==    by 0x3B842A: zend_execute_scripts (zend.c:1568)
==10583==    by 0x357F9F: php_execute_script (main.c:2639)
==10583==    by 0x44449D: do_cli (php_cli.c:997)
==10583==    by 0x1E94FC: main (php_cli.c:1389)
==10583==
resource(5) of type (gd)
==10583==
==10583== HEAP SUMMARY:
==10583==     in use at exit: 0 bytes in 0 blocks
==10583==   total heap usage: 6,999 allocs, 6,999 frees, 1,190,925 bytes allocated
==10583==
==10583== All heap blocks were freed -- no leaks are possible
==10583==
==10583== For counts of detected and suppressed errors, rerun with: -v
==10583== Use --track-origins=yes to see where uninitialised values come from
==10583== ERROR SUMMARY: 28416 errors from 26 contexts (suppressed: 0 from 0)

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2020-01-06 08:28 UTC] cmb@php.net

-Assigned To: +Assigned To: cmb

[2020-01-06 08:40 UTC] cmb@php.net

Automatic comment on behalf of cmbecker69@gmx.de
Revision: http://git.php.net/?p=php-src.git;a=commit;h=2c5860517c4a1f7ebc81ef79858aa5aff5aad76c
Log: Fix #79067: gdTransformAffineCopy() may use unitialized values

[2020-01-06 08:40 UTC] cmb@php.net

-Status: Assigned +Status: Closed

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Thu Nov 21 11:01:29 2024 UTC