From: ajp at aripollak dot com Operating system: Red Hat Linux 9 PHP version: 4.3.7 PHP Bug Type: Reproducible crash Bug description: ImageCreateFromPNG() causes segfault
Description: ------------ In PHP 4.3.6 and 4.3.7, with or without zend optimizer, PHP crashes on ImageCreateFromPNG() if a valid PNG file is specified. Backtrace follows: #0 0x00000049 in ?? () #1 0x40218dcd in png_create_info_struct (png_ptr=0x49) at png.c:224 #2 0x0809f6d5 in gdImageCreateFromPngCtx (infile=0x84b76b4) at /home/ari/build/php-4.3.7/ext/gd/libgd/gd_png.c:149 #3 0x0809f5f2 in gdImageCreateFromPng (inFile=0x84bba60) at /home/ari/build/php-4.3.7/ext/gd/libgd/gd_png.c:90 #4 0x0808ff5f in _php_image_create_from (ht=139162860, return_value=0x84b750c, this_ptr=0x0, return_value_used=1, image_type=2, tn=0x81db9ab "PNG", func_p=0x809f5d8 <gdImageCreateFromPng>, ioctx_func_p=0x809f634 <gdImageCreateFromPngCtx>) at /home/ari/build/php-4.3.7/ext/gd/gd.c:1466 #5 0x08090128 in zif_imagecreatefrompng (ht=1, return_value=0x84b750c, this_ptr=0x0, return_value_used=1) at /home/ari/build/php-4.3.7/ext/gd/gd.c:1512 #6 0x405ab542 in zend_assign_to_variable_reference () from /usr/local/Zend/lib/Optimizer-2.1.0/php-4.3.x/ZendOptimizer.so #7 0x405b4a02 in zend_oe () from /usr/local/Zend/lib/Optimizer-2.1.0/php-4.3.x/ZendOptimizer.so #8 0x0813d59f in php_execute_script (primary_file=0xbfffdb20) at /home/ari/build/php-4.3.7/main/main.c:1731 #9 0x0816e473 in main (argc=2, argv=0xbfffdba4) at /home/ari/build/php-4.3.7/sapi/cgi/cgi_main.c:1592 #10 0x42015704 in __libc_start_main () from /lib/tls/libc.so.6 This only happens with libpng 1.2.2 (or 1.2.5), but not with 1.0.13. -- Edit bug report at http://bugs.php.net/?id=29027&edit=1 -- Try a CVS snapshot (php4): http://bugs.php.net/fix.php?id=29027&r=trysnapshot4 Try a CVS snapshot (php5): http://bugs.php.net/fix.php?id=29027&r=trysnapshot5 Fixed in CVS: http://bugs.php.net/fix.php?id=29027&r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=29027&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=29027&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=29027&r=needscript Try newer version: http://bugs.php.net/fix.php?id=29027&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=29027&r=support Expected behavior: http://bugs.php.net/fix.php?id=29027&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=29027&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=29027&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=29027&r=globals PHP 3 support discontinued: http://bugs.php.net/fix.php?id=29027&r=php3 Daylight Savings: http://bugs.php.net/fix.php?id=29027&r=dst IIS Stability: http://bugs.php.net/fix.php?id=29027&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=29027&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=29027&r=float