php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #73968 Premature failing of XBM reading
Submitted: 2017-01-21 00:02 UTC Modified: 2017-01-21 12:09 UTC
From: cmb@php.net Assigned: cmb
Status: Closed Package: GD related
PHP Version: 7.0Git-2017-01-20 (snap) OS: *
Private report: No CVE-ID:
 [2017-01-21 00:02 UTC] cmb@php.net
Description:
------------
libgd's XBM reader calculates the maximum number of image data
bytes to read in advance. However, it doesn't take into account
the line padding, so reading of XBM files with a width that is not
a multiple of 8 is likely to fail, for instance with the following
test.xbm:

    #define test_width 10
    #define test_height 10
    static unsigned char test_bits[] = {
      0xFF, 0x03, 0x00, 0x00, 0xFF, 0x03, 0x00, 0x00, 0xFF, 0x03, 0x00, 0x00, 
      0xFF, 0x03, 0x00, 0x00, 0xFF, 0x03, 0x00, 0x00};


Test script:
---------------
<?php

$im = imagecreatefromxbm(__DIR__ . '/test.xbm');
var_dump($im);


Expected result:
----------------
resource(%d) of type (gd)

Actual result:
--------------
Warning: imagecreatefromxbm(): EOF before image was complete in %s on line %d

Warning: imagecreatefromxbm(): '%s' is not a valid XBM file in %s on line %d
bool(false)

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2017-01-21 00:03 UTC] cmb@php.net
-Assigned To: +Assigned To: cmb
 [2017-01-21 12:09 UTC] cmb@php.net
This issue had been reported against GD with
<https://github.com/libgd/libgd/issues/109>.
 [2017-01-21 12:28 UTC] cmb@php.net
Automatic comment on behalf of cmbecker69@gmx.de
Revision: http://git.php.net/?p=php-src.git;a=commit;h=f67d599a0179d0895170c77188847ae60b497714
Log: Fix #73968: Premature failing of XBM reading
 [2017-01-21 12:28 UTC] cmb@php.net
-Status: Assigned +Status: Closed
 
PHP Copyright © 2001-2017 The PHP Group
All rights reserved.
Last updated: Mon Feb 20 22:01:35 2017 UTC