PHP :: Bug #21835 :: Crashes with 6 slashes in URL and non-existant file

Bug #21835	Crashes with 6 slashes in URL and non-existant file
Submitted:	2003-01-22 23:04 UTC	Modified:	2003-01-22 23:41 UTC
From:	info at ofek dot com	Assigned:
Status:	Not a bug	Package:	GetImageSize related
PHP Version:	4.3.0	OS:	Win 2000 IIS (CGI)
Private report:	No	CVE-ID:	None

View Add Comment Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If this is not your bug, you can add a comment by following this link.
If this is your bug, but you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	info at ofek dot com
New email:
PHP Version:		OS:

New Comment:

[2003-01-22 23:04 UTC] info at ofek dot com

please read carefully. this crashes PHP. (i.e. PHP.exe causes a GPF) 

the code is:
<?php
function ImageExists($url) {
  $r=@getimagesize($url);
  return $r[2]!=0;
}
echo ImageExists('http://domain/dir1/dir2/dir3/image.gif');
?>

make sure the path:
http://domain/dir1/dir2/dir3/
containts THREE directories after the domain (i.e. 6 forward-slashes total), and that the PATH physically EXISTS.

AND make sure that the file (in code 'image.gif') DOES NOT exist.

You can test against:
http://economads.com/libaware/_font/title/image.gif

This crashes on my server - running PHP 4.3.0 as CGI with IIS Win2000. 

Hope this helps.

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports

[2003-01-22 23:24 UTC] sniper@php.net

Please do not submit the same bug more than once. An existing
bug report already describes this very problem. Even if you feel
that your issue is somewhat different, the resolution is likely
to be the same. Because of this, we hope you add your comments
to the existing bug instead.

Thank you for your interest in PHP.

don\'t submit two reports about same issue..

[2003-01-22 23:41 UTC] info at ofek dot com

sorry - i wasn't sure, since the last report was changed to 'bogus' if it's already part of history and also the new summary field is more exact. i will follow with comments with previous report (21479)

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Sat Apr 20 05:01:27 2024 UTC