php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Doc Bug #74239 getimagesize returns incorrect value for corrupt file.
Submitted: 2017-03-12 10:12 UTC Modified: 2017-03-17 12:12 UTC
Votes:2
Avg. Score:3.0 ± 2.0
Reproduced:1 of 2 (50.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: akaamitgupta at gmail dot com Assigned: cmb (profile)
Status: Closed Package: GetImageSize related
PHP Version: 5.6.30 OS: Mac OSX
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: akaamitgupta at gmail dot com
New email:
PHP Version: OS:

 

 [2017-03-12 10:12 UTC] akaamitgupta at gmail dot com
Description:
------------
I have wrapped an executable inside an image which has the following content -

GIF89a<?php
echo 'hacked';
?>

and saved it as filename image.gif.

Whene I use getimagesize() PHP function then it returns

array:6 [▼
  0 => 16188
  1 => 26736
  2 => 1
  3 => "width="16188" height="26736""
  "channels" => 3
  "mime" => "image/gif"
]

although image is not valid but still it has valid width and height.


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2017-03-17 11:58 UTC] cmb@php.net
-Status: Open +Status: Verified -Package: *General Issues +Package: GetImageSize related -Assigned To: +Assigned To: cmb
 [2017-03-17 11:58 UTC] cmb@php.net
From the manual[1]:

| This function expects filename to be a valid image file. If a
| non-image file is supplied, it may be incorrectly detected as an
| image and the function will return successfully.

This notice should better be moved to a more prominent place, and be
improved. So I'm changing to doc-bug.

[1] <http://php.net/manual/en/function.getimagesize.php#refsect1-function.getimagesize-notes>
 [2017-03-17 12:12 UTC] cmb@php.net
Automatic comment from SVN on behalf of cmb
Revision: http://svn.php.net/viewvc/?view=revision&amp;revision=342146
Log: Fix #74239: getimagesize returns incorrect value for corrupt file.

We promote the respective notice to a caution, move it up, and explain
that the returned array may contain nonsense.
 [2017-03-17 12:12 UTC] cmb@php.net
-Status: Verified +Status: Closed -Type: Bug +Type: Documentation Problem
 [2017-03-17 12:12 UTC] cmb@php.net
This bug has been fixed in the documentation's XML sources. Since the
online and downloadable versions of the documentation need some time
to get updated, we would like to ask you to be a bit patient.

Thank you for the report, and for helping us make our documentation better.
 [2020-02-07 06:06 UTC] phpdocbot@php.net
Automatic comment on behalf of cmb
Revision: http://git.php.net/?p=doc/en.git;a=commit;h=7ec5fffa2fc455432606db7ebc7b5ac403052731
Log: Fix #74239: getimagesize returns incorrect value for corrupt file.
 
PHP Copyright © 2001-2022 The PHP Group
All rights reserved.
Last updated: Sat Dec 03 22:05:53 2022 UTC