pajoye Sat Jun 2 15:41:02 2007 UTC
Modified files:
/php-src/ext/gd gd.c
Log:
- MFB: sx/sy must be > 0 and < INT_MAX
http://cvs.php.net/viewvc.cgi/php-src/ext/gd/gd.c?r1=1.375&r2=1.376&diff_format=u
Index: php-src/ext/gd/gd.c
diff -u php-src/ext/gd/gd.c:1.375 php-src/ext/gd/gd.c:1.376
--- php-src/ext/gd/gd.c:1.375 Tue May 22 09:44:55 2007
+++ php-src/ext/gd/gd.c Sat Jun 2 15:41:02 2007
@@ -18,7 +18,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: gd.c,v 1.375 2007/05/22 09:44:55 tony2001 Exp $ */
+/* $Id: gd.c,v 1.376 2007/06/02 15:41:02 pajoye Exp $ */
/* gd 1.2 is copyright 1994, 1995, Quest Protein Database Center,
Cold Spring Harbor Labs. */
@@ -1560,7 +1560,7 @@
return;
}
- if (x_size <= 0 || y_size <= 0) {
+ if (x_size <= 0 || y_size <= 0 || x_size >= INT_MAX || y_size >=
INT_MAX) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid image
dimensions");
RETURN_FALSE;
}
@@ -2109,7 +2109,7 @@
return;
}
- if (x_size <= 0 || y_size <= 0) {
+ if (x_size <= 0 || y_size <= 0 || x_size >= INT_MAX || y_size >=
INT_MAX) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid image
dimensions");
RETURN_FALSE;
}
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
