From: webmaster at iksaif dot net Operating system: All PHP version: 4.4.1 PHP Bug Type: GD related Bug description: Safe mode restrictions: "rb+" should be "wb+"
Description: ------------ in ext/gd.c ext/gd_ctx.c (PG(safe_mode) && !php_checkuid(fn, "rb+", CHECKUID_CHECK_FILE_AND_DIR))) should be : (PG(safe_mode) && !php_checkuid(fn, "wb+", CHECKUID_CHECK_FILE_AND_DIR))) because with "rb+" it's impossible to create a new file with imagepng,imagejpeg, etc .... ("r" change mode from CHECKUID_CHECK_FILE_AND_DIR to CHECKUID_DISALLOW_FILE_NOT_EXISTS). -- Edit bug report at http://bugs.php.net/?id=35071&edit=1 -- Try a CVS snapshot (php4): http://bugs.php.net/fix.php?id=35071&r=trysnapshot4 Try a CVS snapshot (php5.0): http://bugs.php.net/fix.php?id=35071&r=trysnapshot50 Try a CVS snapshot (php5.1): http://bugs.php.net/fix.php?id=35071&r=trysnapshot51 Fixed in CVS: http://bugs.php.net/fix.php?id=35071&r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=35071&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=35071&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=35071&r=needscript Try newer version: http://bugs.php.net/fix.php?id=35071&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=35071&r=support Expected behavior: http://bugs.php.net/fix.php?id=35071&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=35071&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=35071&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=35071&r=globals PHP 3 support discontinued: http://bugs.php.net/fix.php?id=35071&r=php3 Daylight Savings: http://bugs.php.net/fix.php?id=35071&r=dst IIS Stability: http://bugs.php.net/fix.php?id=35071&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=35071&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=35071&r=float No Zend Extensions: http://bugs.php.net/fix.php?id=35071&r=nozend MySQL Configuration Error: http://bugs.php.net/fix.php?id=35071&r=mysqlcfg