php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Sec Bug #73866 Fix potential unsigned underflow
Submitted: 2017-01-05 10:29 UTC Modified: 2017-01-18 15:11 UTC
From: ondrej@php.net Assigned: cmb (profile)
Status: Not a bug Package: GD related
PHP Version: 5.6.29 OS:
Private report: No CVE-ID: None
View Developer Edit
 [2017-01-05 10:29 UTC] ondrej@php.net 
Description:
------------
This is a sync with GD-2.2 security branch.

~~~

No need to decrease `u`, so we don't do it. While we're at it, we also factor
out the overflow check of the loop, what improves performance and readability.

This issue has been reported by Stefan Esser to security@libgd.org.

Patches

0001-Fix-potential-unsigned-underflow.patch (last revision 2017-01-05 10:29 UTC by ondrej@php.net)

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2017-01-05 10:29 UTC] ondrej@php.net 
The following patch has been added/updated:

Patch Name: 0001-Fix-potential-unsigned-underflow.patch
Revision:   1483612162
URL:        https://bugs.php.net/patch-display.php?bug=73866&patch=0001-Fix-potential-unsigned-underflow.patch&revision=1483612162
 [2017-01-05 15:29 UTC] cmb@php.net
-PHP Version: 7.1.0 +PHP Version: 5.6.29
 [2017-01-05 15:29 UTC] cmb@php.net 
The patch should be applied against PHP-5.6 and merged upwards.
 [2017-01-05 19:36 UTC] stas@php.net
-Assigned To: +Assigned To: cmb
 [2017-01-16 17:19 UTC] cmb@php.net
-Status: Assigned +Status: Not a bug
 [2017-01-16 17:19 UTC] cmb@php.net 
Actually, this is not an issue with regard to PHP, because PHP
assumes an infallible memory allocator. So this is not-a-bug. I'm
keeping this ticket private until GD 2.2.4 is released.
 [2017-01-18 15:11 UTC] cmb@php.net 
GD 2.2.4 has been released, so I'm revealing this ticket.
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Fri May 09 14:01:27 2025 UTC