1--TEST-- 2Testing null byte injection in imagewbmp 3--SKIPIF-- 4<?php 5if(!extension_loaded('gd')){ die('skip gd extension not available'); } 6$support = gd_info(); 7if (!isset($support['WBMP Support']) || $support['WBMP Support'] === false) { 8 print 'skip wbmp support not available'; 9} 10?> 11--FILE-- 12<?php 13$image = imagecreate(1,1);// 1px image 14try { 15 imagewbmp($image, "./foo\0bar"); 16} catch (TypeError $e) { 17 echo $e->getMessage(), "\n"; 18} 19?> 20--EXPECT-- 21imagewbmp(): Argument #2 ($file) must not contain null bytes 22