helly Sun Oct 9 10:36:26 2005 EDT Added files: (Branch: PHP_4_4) /php-src/ext/exif/tests bug34704.jpg bug34704.phpt
Modified files: /php-src NEWS /php-src/ext/exif exif.c Log: - MFH Bugfix #34704 (Infinite recursion due to corrupt JPEG) http://cvs.php.net/diff.php/php-src/NEWS?r1=1.1247.2.920.2.51&r2=1.1247.2.920.2.52&ty=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.51 php-src/NEWS:1.1247.2.920.2.52 --- php-src/NEWS:1.1247.2.920.2.51 Fri Oct 7 05:32:02 2005 +++ php-src/NEWS Sun Oct 9 10:36:22 2005 @@ -1,7 +1,7 @@ PHP 4 NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| ?? Oct 2005, Version 4.4.1 - +- Fixed bug #34704 (Infinite recursion due to corrupt JPEG). (Marcus) 07 Oct 2005, Version 4.4.1RC1 - Added missing safe_mode checks for image* functions and cURL. (Ilia) http://cvs.php.net/diff.php/php-src/ext/exif/exif.c?r1=1.118.2.37.2.1&r2=1.118.2.37.2.2&ty=u Index: php-src/ext/exif/exif.c diff -u php-src/ext/exif/exif.c:1.118.2.37.2.1 php-src/ext/exif/exif.c:1.118.2.37.2.2 --- php-src/ext/exif/exif.c:1.118.2.37.2.1 Fri Aug 5 10:09:18 2005 +++ php-src/ext/exif/exif.c Sun Oct 9 10:36:24 2005 @@ -17,7 +17,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: exif.c,v 1.118.2.37.2.1 2005/08/05 14:09:18 hyanantha Exp $ */ +/* $Id: exif.c,v 1.118.2.37.2.2 2005/10/09 14:36:24 helly Exp $ */ /* ToDos * @@ -107,7 +107,7 @@ }; /* }}} */ -#define EXIF_VERSION "1.4 $Id: exif.c,v 1.118.2.37.2.1 2005/08/05 14:09:18 hyanantha Exp $" +#define EXIF_VERSION "1.4 $Id: exif.c,v 1.118.2.37.2.2 2005/10/09 14:36:24 helly Exp $" /* {{{ PHP_MINFO_FUNCTION */ @@ -3014,6 +3014,12 @@ } } /* + * Ignore IFD2 if it purportedly exists + */ + if (section_index == SECTION_THUMBNAIL) { + return FALSE; + } + /* * Hack to make it process IDF1 I hope * There are 2 IDFs, the second one holds the keys (0x0201 and 0x0202) to the thumbnail */ http://cvs.php.net/co.php/php-src/ext/exif/tests/bug34704.phpt?r=1.1&p=1 Index: php-src/ext/exif/tests/bug34704.phpt +++ php-src/ext/exif/tests/bug34704.phpt --TEST-- Bug # 34704 (Infinite recursion due to corrupt JPEG) --SKIPIF-- <?php if (!extension_loaded('exif')) print 'skip exif extension not available';?> --INI-- magic_quotes_runtime=0 output_handler= zlib.output_compression=0 --FILE-- <?php $infile = dirname(__FILE__).'/bug34704.jpg'; var_dump(exif_read_data($infile)); ?> ===DONE=== --EXPECT-- array(7) { ["FileName"]=> string(12) "bug34704.jpg" ["FileDateTime"]=> int(1128866682) ["FileSize"]=> int(9976) ["FileType"]=> int(2) ["MimeType"]=> string(10) "image/jpeg" ["SectionsFound"]=> string(4) "IFD0" ["COMPUTED"]=> array(5) { ["html"]=> string(24) "width="386" height="488"" ["Height"]=> int(488) ["Width"]=> int(386) ["IsColor"]=> int(1) ["ByteOrderMotorola"]=> int(0) } } ===DONE=== -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php