From: Rich dot West at wesmo dot com
Operating system: Fedora Core 1
PHP version: 4.3.6
PHP Bug Type: GD related
Bug description: PNG image generation causes Segmentation Fault
Description:
------------
After upgrading from PHP 4.3.3 to 4.3.5, and then again to 4.3.6, I
discovered that image generation calls to create PNG files were producing
zero length images.
I dug through it further by testing with the CLI version of PHP, and it
appears that if a PNG image is being created, the process with segfault.
I was able to compile PHP 4.3.3 on this machine using the configure
options below, and, after running the test script through php, it would
properly output a PNG file.
Using the same configure options for PHP 4.3.5 and PHP 4.3.6, the
operation segfaults (and creates a core file) when creating a PNG file.
It works just fine when creating a JPEG file.
I can consistently get things to work for PHP 4.3.3 and I can consistently
get it to NOT work for PHP 4.3.5 and PHP 4.3.6...
Oh, and, yes, my GD and libpng10/libpng libraries are linked properly..
>From phpinfo():
'./configure' '--host=i686-pc-linux-gnu' '--build=i686-pc-linux-gnu'
'--target=i386-redhat-linux-gnu' '--program-prefix=' '--prefix=/usr'
'--exec-prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin'
'--sysconfdir=/etc' '--datadir=/usr/share' '--includedir=/usr/include'
'--libdir=/usr/lib' '--libexecdir=/usr/libexec' '--localstatedir=/var'
'--sharedstatedir=/usr/com' '--mandir=/usr/share/man'
'--infodir=/usr/share/info' '--cache-file=../config.cache'
'--with-config-file-path=/etc' '--with-config-file-scan-dir=/etc/php.d'
'--enable-force-cgi-redirect' '--disable-debug' '--enable-pic'
'--disable-rpath' '--enable-inline-optimization' '--with-bz2'
'--with-db4=/usr' '--with-curl' '--with-exec-dir=/usr/bin'
'--with-freetype-dir=/usr' '--with-png-dir=/usr' '--with-gd'
'--enable-gd-native-ttf' '--with-gdbm' '--with-gettext' '--with-ncurses'
'--with-gmp' '--with-iconv' '--with-jpeg-dir=/usr' '--with-openssl'
'--with-png' '--with-pspell' '--with-regex=system' '--with-xml'
'--with-expat-dir=/usr' '--with-dom=shared,/usr' '--with-dom-xslt=/usr'
'--with-dom-exslt=/usr' '--with-xmlrpc=shared' '--with-pcre=/usr'
'--with-zlib' '--with-layout=GNU' '--enable-bcmath' '--enable-exif'
'--enable-ftp' '--enable-magic-quotes' '--enable-safe-mode'
'--enable-sockets' '--enable-sysvsem' '--enable-sysvshm'
'--enable-discard-path' '--enable-track-vars' '--enable-trans-sid'
'--enable-yp' '--enable-wddx' '--without-oci8'
'--with-pear=/usr/share/pear' '--with-imap=shared' '--with-imap-ssl'
'--with-kerberos' '--with-ldap=shared' '--with-pdflib'
'--with-mysql=shared,/usr' '--with-pgsql=shared' '--with-snmp=shared,/usr'
'--with-snmp=shared' '--enable-ucd-snmp-hack' '--with-unixODBC=shared'
'--enable-memory-limit' '--enable-bcmath' '--enable-shmop'
'--enable-calendar' '--enable-dbx' '--enable-dio' '--enable-mcal'
'--enable-mbstring' '--enable-mbstr-enc-trans' '--enable-mbregex'
'--with-apxs2=/usr/sbin/apxs'
Reproduce code:
---------------
<?php
header("Content-type: image/png");
$string = "Test";
$im = imagecreatefrompng("image.png");
$orange = imagecolorallocate($im, 220, 210, 60);
$px = (imagesx($im) - 7.5 * strlen($string)) / 2;
imagestring($im, 3, $px, 9, $string, $orange);
imagepng($im);
imagedestroy($im);
?>
Expected result:
----------------
Result should have been a PNG image.
Actual result:
--------------
#0 0x00002009 in ?? ()
#1 0x00f1d850 in png_create_struct_2 () from /usr/lib/libpdf.so.1
#2 0x00997dcd in png_create_info_struct () from /usr/lib/libpng12.so.0
#3 0x080c1b72 in gdImageCreateFromPngCtx ()
#4 0x080c1a61 in gdImageCreateFromPng ()
#5 0x080af917 in zif_imagecreatefromstring ()
#6 0x080afbea in zif_imagecreatefrompng ()
#7 0x0a11aa34 in ?? ()
--
Edit bug report at http://bugs.php.net/?id=28263&edit=1
--
Try a CVS snapshot (php4): http://bugs.php.net/fix.php?id=28263&r=trysnapshot4
Try a CVS snapshot (php5): http://bugs.php.net/fix.php?id=28263&r=trysnapshot5
Fixed in CVS: http://bugs.php.net/fix.php?id=28263&r=fixedcvs
Fixed in release: http://bugs.php.net/fix.php?id=28263&r=alreadyfixed
Need backtrace: http://bugs.php.net/fix.php?id=28263&r=needtrace
Need Reproduce Script: http://bugs.php.net/fix.php?id=28263&r=needscript
Try newer version: http://bugs.php.net/fix.php?id=28263&r=oldversion
Not developer issue: http://bugs.php.net/fix.php?id=28263&r=support
Expected behavior: http://bugs.php.net/fix.php?id=28263&r=notwrong
Not enough info: http://bugs.php.net/fix.php?id=28263&r=notenoughinfo
Submitted twice: http://bugs.php.net/fix.php?id=28263&r=submittedtwice
register_globals: http://bugs.php.net/fix.php?id=28263&r=globals
PHP 3 support discontinued: http://bugs.php.net/fix.php?id=28263&r=php3
Daylight Savings: http://bugs.php.net/fix.php?id=28263&r=dst
IIS Stability: http://bugs.php.net/fix.php?id=28263&r=isapi
Install GNU Sed: http://bugs.php.net/fix.php?id=28263&r=gnused
Floating point limitations: http://bugs.php.net/fix.php?id=28263&r=float
