1--TEST--
2Testing null byte injection in imagegd
3--SKIPIF--
4<?php
5        if(!extension_loaded('gd')){ die('skip gd extension not available'); }
6?>
7--CLEAN--
8$tempdir = sys_get_temp_dir(). '/php-gdtest';
9foreach (glob($tempdir . "/test*") as $file ) { unlink($file); }
10rmdir($tempdir);
11--FILE--
12<?php
13$image = imagecreate(1,1);// 1px image
14
15
16$tempdir = sys_get_temp_dir(). '/php-gdtest';
17if (!file_exists($tempdir) && !is_dir($tempdir)) {
18	mkdir ($tempdir, 0777, true);
19}
20
21$userinput = "1\0"; // from post or get data
22$temp = $tempdir. "/test" . $userinput .".tmp";
23
24echo "\nimagegd TEST\n";
25imagegd($image, $temp);
26var_dump(file_exists($tempdir. "/test1"));
27var_dump(file_exists($tempdir. "/test1.tmp"));
28foreach (glob($tempdir . "/test*") as $file ) { unlink($file); }
29
30--EXPECTF--
31imagegd TEST
32
33Warning: imagegd() expects parameter 2 to be a valid path, string given in %s on line %d
34bool(false)
35bool(false)
36