1--TEST-- 2Bug #75111 (Memory disclosure or DoS via crafted .bmp image) 3--SKIPIF-- 4<?php 5if (!extension_loaded('gd')) die('skip gd extension not available'); 6?> 7--FILE-- 8<?php 9// craft BMP image 10$str = hex2bin("424D3603000000000000"); 11$str .= pack("V", -0x120000); // offset of image data 12$str .= pack("V", 40); // length of header 13$str .= pack("V", 256); // width 14$str .= pack("V", 256); // height 15$str .= hex2bin("01001800000000000000000000000000000000000000000000000000"); 16 17var_dump(imagecreatefromstring($str)); 18?> 19--EXPECTF-- 20Warning: imagecreatefromstring(): Passed data is not in "BMP" format in %s on line %d 21 22Warning: imagecreatefromstring(): Couldn't create GD Image Stream out of Data in %s on line %d 23bool(false) 24
