|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #57955 pdflib buffer overflow
Submitted: 2007-12-06 12:14 UTC Modified: 2016-08-25 13:37 UTC
Avg. Score:3.0 ± 0.0
Reproduced:0 of 0 (0.0%)
From: poplix at papuasia dot org Assigned: rjs (profile)
Status: Closed Package: pdflib (PECL)
PHP Version: Irrelevant OS: any
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
Block user comment
Status: Assign to:
Bug Type:
From: poplix at papuasia dot org
New email:
PHP Version: OS:


 [2007-12-06 12:14 UTC] poplix at papuasia dot org
i would like to inform you that recently multiple buffer overflows have been found inside of pdflib. php apps that uses pdflib can be exploited by passing a long filename to certain funtions (ie PDF_load_image()). pdflib developers have been contacted and they plained to fix those bugs in the next release.

I know this is not a php bug so i only hope it can be useful in some way

please keep this information confidential



Reproduce code:
PDF_load_image($p, str_repeat("A", 1100),null)


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2016-08-04 14:43 UTC]
-Assigned To: +Assigned To: rjs
 [2016-08-04 14:43 UTC]
Has this issue been resolved, Rainer?
 [2016-08-25 13:36 UTC]
-Status: Assigned +Status: Closed
 [2016-08-25 13:36 UTC]
Current PDFlib (PDFlib 9.0.7) does not have this problem any longer.

Here the error message that is implemented:

MyBigMac (2)$ 
PDFlib exception occurred in starter_image sample:
 [2016-08-25 13:37 UTC]
This was fixed with this bugfix in PDFlib:

- 2007-12-06 (bug #1548/add-on)
 Check incoming filename parameters and searchpath entries for a maximum
 length of 1023 bytes. This fixes vulnerability CVE-2007-6561.
PHP Copyright © 2001-2021 The PHP Group
All rights reserved.
Last updated: Thu Dec 09 04:03:34 2021 UTC