php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #70064 imagescale(..., IMG_BICUBIC) leaks memory
Submitted: 2015-07-13 13:14 UTC Modified: 2015-07-13 16:25 UTC
From: cmb@php.net Assigned: cmb
Status: Closed Package: GD related
PHP Version: 7.0Git-2015-07-13 (Git) OS: *
Private report: No CVE-ID:
 [2015-07-13 13:14 UTC] cmb@php.net
Description:
------------
Apparently, imagescale(..., IMG_BICUBIC) leaks memory.


Test script:
---------------
<?php
$im = imagecreatetruecolor(256, 256);
imagescale($im, 32, 32, IMG_BICUBIC);
imagedestroy($im);
?>


Expected result:
----------------
 

Actual result:
--------------
[Mon Jul 13 15:11:26 2015]  Script:  '/home/cmb/test.php'
/home/cmb/php-src/ext/gd/libgd/gd.c(202) :  Freeing 0x7FC6B1657680 (32 bytes), s
cript=/home/cmb/test.php
/home/cmb/php-src/Zend/zend_alloc.c(2266) : Actual location (location was relaye
d)
Last leak repeated 255 times
[Mon Jul 13 15:11:26 2015]  Script:  '/home/cmb/test.php'
/home/cmb/php-src/ext/gd/libgd/gd.c(193) :  Freeing 0x7FC6B165AE00 (2048 bytes),
 script=/home/cmb/test.php
[Mon Jul 13 15:11:26 2015]  Script:  '/home/cmb/test.php'
/home/cmb/php-src/ext/gd/libgd/gd.c(194) :  Freeing 0x7FC6B165B800 (2048 bytes),
 script=/home/cmb/test.php
[Mon Jul 13 15:11:26 2015]  Script:  '/home/cmb/test.php'
/home/cmb/php-src/ext/gd/libgd/gd.c(201) :  Freeing 0x7FC6B1680000 (128 bytes),
script=/home/cmb/test.php
/home/cmb/php-src/Zend/zend_alloc.c(2266) : Actual location (location was relaye
d)
Last leak repeated 255 times
=== Total 514 memory leaks detected ===

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2015-07-13 13:15 UTC] cmb@php.net
-Assigned To: +Assigned To: cmb
 [2015-07-13 16:25 UTC] cmb@php.net
-Status: Assigned +Status: Analyzed
 [2015-07-13 16:25 UTC] cmb@php.net
Well, actually the test script should have been:

    <?php
    $im = imagecreatetruecolor(256, 256);
    imagedestroy(imagescale($im, 32, 32, IMG_BICUBIC));
    imagedestroy($im);
    ?>

but that doesn't change the result. The problem is that a
temporary image is freed with gdFree() instead of
gdImageDestroy(). I've already reported that upstream[1].

[1] <https://github.com/libgd/libgd/issues/173>
 [2015-07-13 16:39 UTC] cmb@php.net
Automatic comment on behalf of cmb
Revision: http://git.php.net/?p=php-src.git;a=commit;h=1a4722a89ee85be74af5086a7027b3ad1e0a55e8
Log: Fix #70064: imagescale(..., IMG_BICUBIC) leaks memory
 [2015-07-13 16:39 UTC] cmb@php.net
-Status: Analyzed +Status: Closed
 [2015-07-21 14:20 UTC] ab@php.net
Automatic comment on behalf of cmb
Revision: http://git.php.net/?p=php-src.git;a=commit;h=1a4722a89ee85be74af5086a7027b3ad1e0a55e8
Log: Fix #70064: imagescale(..., IMG_BICUBIC) leaks memory
 
PHP Copyright © 2001-2017 The PHP Group
All rights reserved.
Last updated: Sun Apr 30 14:01:37 2017 UTC