1--TEST-- 2Testing null byte injection in imagebmp 3--SKIPIF-- 4<?php 5if(!extension_loaded('gd')) die('skip gd extension not available'); 6if (!gd_info()['BMP Support']) die('skip BMP support not available'); 7?> 8--FILE-- 9<?php 10$image = imagecreate(1,1);// 1px image 11var_dump(imagebmp($image, "./foo\0bar")); 12?> 13===DONE=== 14--EXPECTF-- 15Warning: imagebmp(): Invalid 2nd parameter, filename must not contain null bytes in %s on line %d 16bool(false) 17===DONE=== 18
