|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #37360 imageCreateFromGIF have a memory-leak bug
Submitted: 2006-05-08 05:40 UTC Modified: 2006-05-08 11:58 UTC
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:0 (0.0%)
Same OS:1 (100.0%)
From: cnteacher at discuz dot com Assigned: pajoye
Status: Closed Package: GD related
PHP Version: 5CVS-2006-05-08 (snap) OS: win32/*nix
Private report: No CVE-ID:
 [2006-05-08 05:40 UTC] cnteacher at discuz dot com
When I use the function 'imageCreateFromGIF' with some special images (GIF), the memory will be ran out. I test it with all GD version (above 2.0.28).

Reproduce code:
$file = 'specialimg.gif';
$im = imagecreatefromgif($file); 

Expected result:
the memory ran out, and my web server is down.

Actual result:
I put the special gif file on my friend's web, you can download it from
I think some one can use this bug to attack web server. It's so danger.


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2006-05-08 05:44 UTC] cnteacher at discuz dot com
The test gif url
 [2006-05-08 05:59 UTC] cnteacher at discuz dot com

If you get an Forbidden error,

you must visit first, and than type the file's url in brower.
 [2006-05-08 08:16 UTC] judas dot iscariote at gmail dot com
duplicated of

already fixed in CVS
 [2006-05-08 08:19 UTC]
Please do not submit the same bug more than once. An existing
bug report already describes this very problem. Even if you feel
that your issue is somewhat different, the resolution is likely
to be the same. 

Thank you for your interest in PHP.

Dup of bug #37346
 [2006-05-08 08:36 UTC] cnteacher at discuz dot com
I regret that you see it like that.

Did you have a test of my file?

I've already read bug #37346 , and got the newest version GD from ( Stable 5.2.x-dev Built On: May 08, 2006 06:30 GMT ). But, when I test it with the special file, my server was down.
 [2006-05-08 11:58 UTC]
This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
Thank you for the report, and for helping us make PHP better.

All branches contain the fix.
PHP Copyright © 2001-2015 The PHP Group
All rights reserved.
Last updated: Sun Nov 29 19:01:35 2015 UTC