strtok() is not thread safe, so this will potentially break in
very bad ways if used in ZTS mode.
I'm not sure why gd_strtok_r() exists since it seems to do the
same thing as strtok_r(), but I'll assume it's a portability
decision and do as the Romans do.
Upstream 463c3bd09b
Notice: this fix don't manage monochrome/monovisual values
but just fix the security issue CVE-2014-2497
failing when trying to load such an image
This amends commit 8f4a537, which aimed to correct NULL dereference because of
missing check of gdImageCreateTrueColor() / gdImageCreate() return value. That
commit checks for negative crop rectangle width and height, but
gdImageCreate*() can also return NULL when width * height overflows. Hence
NULL deref is still possible, as gdImageSaveAlpha() and gdImagePaletteCopy()
is called before dst == NULL check.
This moves NULL check to happen right after gdImageCreate*(). It also removes
width and height check before gdImageCreate*(), as the same check is done by
image create functions (with an extra warning).
From thoger redhat com
Summary:
This caused issues when you picked a font with multiple maps, it wouldn't
pick the unicode version but instead pick the last one it saw. Change so
we cache on a per encoding level. There was even a todo list item in the code.
In an ideal world we can probably iterate through at font write time.
Test Plan:
See said unit test, it's Apache Licensed font included
Initial fix was PHP stuff
This one is libgd fix.
- filter invalid crop size
- dont try to copy on invalid position
- fix crop size when out of src image
- fix possible NULL deref
- fix possible integer overfloow
* PHP-5.5:
fix#65070, bgcolor does not use the same format as the input image with imagerotate
fix#65070, bgcolor does not use the same format as the input image with imagerotate
Fix the spelling of the php_cli_server_http_response_status_code_pair typedef.
Change the search in get_status_string() to correctly handle unknown codes.
Update git rules (5.5 is stable, 5.3 sec only)
skip test for bug #64936 when tokenizer not built
Bump version
Update credits
Merge NEWS from PHP 5.4 branch
Reorder NEWS for PHP 5.5.0 final
Conflicts:
configure.in
ext/gd/libgd/gd_interpolation.c
main/php_version.h
* PHP-5.5:
NEWS
fix build with bundled libgd
Move png and jpeg version functions to gd.c so the external library build doesn't include anything from libgd/.
Remove extra unused functions from gd_compat.h
Rewrite Xpm library check so it doesn't break on MultiArch systems
Required GD >= 2.1.0 or GD bundled, this allows us to remove most of the #ifdef
* Remove overflow2, getmbi and skipheaders from gd_compat.h * Add missing return in _php_ctx_getmbi * Reintroduce imagecreatefromxbm by checking for gdCreateImageFromXbm
Remove overflow2, getmbi and skipheader, since they are not needed anymore.
Allow to use new GD-2.1.0 function from system library
