php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Request #18052 getimagesize() should not trust the header info in gifs
Submitted: 2002-06-28 15:27 UTC Modified: 2010-12-22 15:07 UTC
Votes:28
Avg. Score:4.8 ± 0.6
Reproduced:24 of 26 (92.3%)
Same Version:21 (87.5%)
Same OS:15 (62.5%)
From: arpen at home dot se Assigned:
Status: Not a bug Package: *General Issues
PHP Version: 4.2.1 OS: Linux
Private report: No CVE-ID: None
View Add Comment Developer Edit
 [2002-06-28 15:27 UTC] arpen at home dot se 
getimagesize() blindly trusts the width and height specified in the header of gifs. You can just hexedit the file and set the width and height to any value and getimagesize() will believe that is the "true size" of the image. Even worse - Internet Explorer ignores the width and height in the header and thus it is possible to, for instance, upload a much larger image in an upload form that uses getimagesize() than what is allowed. I believe getimagesize() should just skip the header and read the size from the beginning of the "Image Block".

http://www.goice.co.jp/member/mo/formats/gif.html

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2002-06-28 16:09 UTC] arpen at home dot se 
This is, as far as I know, "reproduceable" in all PHP versions and on on plattforms.
 [2002-06-28 16:12 UTC] derick@php.net 
Not a bug... making it a feature request
 [2002-06-28 16:23 UTC] arpen at home dot se 
Oh, ok. My bad. I just figured it was a bug since getimagesize() can't determine the correct size.
 [2010-12-22 15:07 UTC] johannes@php.net
-Status: Open +Status: Bogus -Package: Feature/Change Request +Package: *General Issues
 [2010-12-22 15:07 UTC] johannes@php.net 
use imagefromgif() or similar for correct info. getimagesize is a quick check.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Sat May 18 15:01:33 2024 UTC