php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #16841 imagepng() segfaults
Submitted: 2002-04-25 21:23 UTC Modified: 2002-06-02 19:05 UTC
Votes:3
Avg. Score:4.3 ± 0.9
Reproduced:2 of 2 (100.0%)
Same Version:2 (100.0%)
Same OS:1 (50.0%)
From: daniel at pressure dot net dot nz Assigned:
Status: Closed Package: GD related
PHP Version: 4.2.0 OS: Linux
Private report: No CVE-ID:
 [2002-04-25 21:23 UTC] daniel at pressure dot net dot nz
<?php
header ("Content-type: image/png");
$im = @imagecreate (50, 100)
    or die ("Cannot Initialize new GD image stream");
$background_color = imagecolorallocate ($im, 255, 255, 255);
$text_color = imagecolorallocate ($im, 233, 14, 91);
imagestring ($im, 1, 5, 5,  "A Simple Text String", $text_color);
imagepng ($im);
?>

generates a reproducable segfault in DSO, CGI and CLI versions. GD is version 1.8.4, although segfaults also occurred with 2.0.1. Libpng is 1.2.1, zlib is 1.1.4.

Compiling PHP 4.1.2 identically does not produce the segfault.

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2002-04-25 22:15 UTC] sniper@php.net
To properly diagnose this bug, we need a backtrace to see what is
happening behind the scenes. To find out how to generate a backtrace,
please read http://bugs.php.net/bugs-generating-backtrace.php

Once you have generated a backtrace, please submit it to this bug
report and change the status back to "Open".


 [2002-04-25 22:50 UTC] daniel at pressure dot net dot nz
backtrace follows:

#0  0xa81 in ?? ()
#1  0x400d1468 in png_create_write_struct_2 () from /usr/lib/libpng.so.3
#2  0x400d12c9 in png_create_write_struct () from /usr/lib/libpng.so.3
#3  0x8169099 in gdImagePngCtx ()
#4  0x80ef360 in _php_image_output_ctx (ht=1, return_value=0x8210fe4, this_ptr=0x0, return_value_used=0, image_type=2, 
    tn=0x8187b4b "PNG", func_p=0x8169030 <gdImagePngCtx>) at gd_ctx.c:94
#5  0x80f14be in zif_imagepng (ht=1, return_value=0x8210fe4, this_ptr=0x0, return_value_used=0) at gd.c:1479
#6  0x815436a in execute (op_array=0x82111ac) at ./zend_execute.c:1598
#7  0x80cf919 in zend_execute_scripts (type=8, retval=0x0, file_count=3) at zend.c:810
#8  0x806b3f1 in php_execute_script (primary_file=0xbffff9c4) at main.c:1381
#9  0x8065821 in main (argc=2, argv=0xbffffa54) at cgi_main.c:785
#10 0x4019774f in __libc_start_main () from /lib/libc.so.6
 [2002-04-25 23:00 UTC] mfischer@php.net
This one looks really strange. It looks like your libpng has some problems. I've the same libs installed and just tested it and it works wihout problems.

Can you try cleanly uninstalling it completely from your system and re-installing it [libpng] (best is to try a stable release directly and not the same as you had intalled already on your system).
 [2002-04-26 01:00 UTC] rasmus@php.net
Tested here as well and not able to reproduce.  I got a proper PNG.  (PHP HEAD and GD-2.0.1) 
This smells like a local libpng problem to me.  The segfault is deep inside libpng.
 [2002-04-26 02:21 UTC] derick@php.net

I think this is the same libgd / libpng 1.2 incompability as we saw before.
If you downgrade to libpng 1.0.9 it should work fine. Can you try this?

Derick
 [2002-04-26 02:23 UTC] derick@php.net
Not closing yet...
 [2002-04-26 08:34 UTC] daniel at pressure dot net dot nz
I got it to work ok by removing the --with-pdflib from my configure. There's something over at http://www.pdflib.com/pdflib/patches.html which sounds almost relevant (although it affects TIFF routines). I'm running pdflib 4.0.2
 [2002-04-26 09:20 UTC] mfischer@php.net
I couldn't reproduce this either with pdflib from pdflib.com.

Can you paste the full configure line of PHP and of pdflib ?
 [2002-04-26 21:18 UTC] daniel at pressure dot net dot nz
The simplest configuration I can get it to crash with is:
configure --with-zlib --with-gd --with-png-dir=/usr --with-jpeg-dir=/usr --pdflib

I'm just building the CGI version because it is easier than doing a 'make install' and restarting the Apache etc, but this bug does affect the Apache DSO build as well.

The weird thing is that this works fine with PHP 4.1.2, AND the libpng 1.2.1. It seems to look more and more like this bug is pdflib related.
 [2002-04-26 21:23 UTC] mfischer@php.net
And your pdflib configure line?
 [2002-04-26 21:25 UTC] daniel at pressure dot net dot nz
Uh, 'configure', 'make', 'make install'. Always worked in the past.
 [2002-04-28 21:23 UTC] sniper@php.net
Have you tried compiling pdflib with external pnglib?
(--with-pnglib)

--Jani

 [2002-05-13 06:35 UTC] k dot allan-php at au dot darkbluesea dot com
I am having a similar problem, if you notice in the backtrace, it references /usr/lib/libpng.so.3 on my system this is soft-linked to libpng.so.5, and if I remove --with-pdflib from my configure line, it seems to link against the correct library and not segfault, but --with-pdflib it reverts to the version 3 library and segfaults when I try to create from PNG in the GD routines
 [2002-05-24 03:36 UTC] jb dot quenot at caraldi dot com
I'm experiencing the same problem on FreeBSD 4.5 with PHP 4.2.1, libpdf's internal support for PNG conflicts with PHP linking against libpng.  The two libpng versions differ from libpdf to PHP.

Maybe the people from libpdf could add some configure options to allow the external libpng to be grabbed, but for now the --with-libpng does not accept a path as argument, so compilation fails.

In our hosting company, the support for libpdf is suspended until the bug is fixed.
 [2002-05-29 00:00 UTC] php-bugs at lists dot php dot net
No feedback was provided for this bug for over a month, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
 [2002-06-02 13:29 UTC] johan at ekenberg dot se
I experienced a similar thing with PHP-4.2.1 + pdflib-4.0.2 on Linux (glibc-2.2.3). However, recompiling pdflib with: "--with-pnglib --with-zlib" (and then rebuilding PHP) solved the problem.

My backtrace from before recompiling pdflib was a bit different, I'm including it here in case it might be of interest:

Program received signal SIGSEGV, Segmentation fault.
0x251 in ?? ()
(gdb) bt
#0  0x251 in ?? ()
#1  0x80f0010 in _php_image_output_ctx (ht=1, return_value=0x82fc314, this_ptr=0x0, return_value_used=0, image_type=2,
    tn=0x818c38b "PNG", func_p=0x816c010 <gdImagePngCtx>) at gd_ctx.c:94
#2  0x80f21d2 in zif_imagepng (ht=1, return_value=0x82fc314, this_ptr=0x0, return_value_used=0) at gd.c:1479
#3  0x8155bba in execute (op_array=0x82fc524) at ./zend_execute.c:1598
#4  0x80d0659 in zend_execute_scripts (type=8, retval=0x0, file_count=3) at zend.c:810
#5  0x806c081 in php_execute_script (primary_file=0xbffff9b4) at main.c:1381
#6  0x80664b1 in main (argc=2, argv=0xbffffa44) at cgi_main.c:778
#7  0x3232eb in __libc_start_main () from /lib/libc.so.6
(gdb) frame 3
#3  0x8155bba in execute (op_array=0x82fc524) at ./zend_execute.c:1598
1598                                                    ((zend_internal_function *) EX(function_state).function)->handle
r(EX(opline)->extended_value, EX(Ts)[EX(opline)->result.u.var].var.ptr, EX(object).ptr, return_value_used TSRMLS_CC);
(gdb) print (char *)(executor_globals.function_state_ptr->function)->common.function_name
$1 = 0x818bd55 "imagepng"
 [2002-06-02 19:05 UTC] sniper@php.net
So this clearly isn't any bug in PHP. Users should always
make sure they're linking with same libraries in this kind
of cases.

 [2003-03-11 15:03 UTC] gmunoz at atichile dot com
Hi ..
I  installed  APACHE  1.3.27,  GD 2.0.11 and PHP 4.3.1  on solaris 2.6 , but I got a fatal error on function imagepng().
 Fatal error: Call to undefined function: imagepng() in /www/htdocs/png.php on line 8 

How do i get imagepng() to work properly?

You can see the details below:

    

Install Apache 1.3.27
*************************

./configure --prefix=/www --enable-module=so --with-port=82
make 
make install




install GD 2.0.11
*******************

./configure
make
make install


   





Install PHP 4.3.1
********************

./configure --disable-all --with-gd=shared --with-apxs=/www/bin/apxs --enable-ftp --with-gd-dir=/usr/local/lib --with-jpeg-dir=/usr/lib --with-png-dir=/usr/local/lib --with-xpm-dir=/usr/X11R6 --with-ttf --with-zlib --with-oci8=$ORACLE_HOME --with-oracle=$ORACLE_HOME

make
make install

   



file png.php
***********************
<?php
header ("Content-type: image/png");
$im = @imagecreate (50, 100)
    or die ("Cannot Initialize new GD image stream");
$background_color = imagecolorallocate ($im, 255, 255, 255);
$text_color = imagecolorallocate ($im, 233, 14, 91);
imagestring ($im, 1, 5, 5,  "A Simple Text String", $text_color);
imagepng ($im);
?>
******************

 Fatal error: Call to undefined function: imagepng() in /www/htdocs/png.php on line 8
 
PHP Copyright © 2001-2014 The PHP Group
All rights reserved.
Last updated: Sun Apr 20 20:02:01 2014 UTC