xref: /PHP-7.3/ext/gd/tests/bug75111.phpt (revision 5cd348c1)
1--TEST--
2Bug #75111 (Memory disclosure or DoS via crafted .bmp image)
3--SKIPIF--
4<?php
5if (!extension_loaded('gd')) die('skip gd extension not available');
6?>
7--FILE--
8<?php
9// craft BMP image
10$str  = hex2bin("424D3603000000000000");
11$str .= pack("V", -0x120000);   // offset of image data
12$str .= pack("V", 40);          // length of header
13$str .= pack("V", 256);         // width
14$str .= pack("V", 256);         // height
15$str .= hex2bin("01001800000000000000000000000000000000000000000000000000");
16
17var_dump(imagecreatefromstring($str));
18?>
19===DONE===
20--EXPECTF--
21Warning: imagecreatefromstring(): Passed data is not in 'BMP' format in %s on line %d
22
23Warning: imagecreatefromstring(): Couldn't create GD Image Stream out of Data in %s on line %d
24bool(false)
25===DONE===
26