Debian Bug report logs - #514609
php5-gd: Segfault after infinite recursion in imagefill / gdImageFill

version graph

Package: php5-gd; Maintainer for php5-gd is (unknown);

Reported by: "Chris West \(Faux\)" <debian-bugs@goeswhere.com>

Date: Mon, 9 Feb 2009 13:06:01 UTC

Severity: normal

Found in version php5/5.2.0-8+etch13

Fixed in version 5.2.6.dfsg.1-1+lenny4

Done: Ondřej Surý <ondrej@sury.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to debian-bugs-dist@lists.debian.org, Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>:
Bug#514609; Package php5-gd. (Mon, 09 Feb 2009 13:06:04 GMT) (full text, mbox, link).

Acknowledgement sent to "Chris West \(Faux\)" <debian-bugs@goeswhere.com>:
New Bug report received and forwarded. Copy sent to Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>. (Mon, 09 Feb 2009 13:06:04 GMT) (full text, mbox, link).

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: "Chris West \(Faux\)" <debian-bugs@goeswhere.com>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: php5-gd: Segfault after infinite recursion in imagefill / gdImageFill
Date: Mon, 09 Feb 2009 13:04:58 +0000
Package: php5-gd
Version: 5.2.0-8+etch13
Severity: normal

The following code:

<?php
$im = imagecreatetruecolor(1000, 500);
$c = imagecolorallocatealpha($im,0,0,0,127);
imagefill($im, 1, 1, $c);

... stack-overflows and segfaults.

faux@hoki:~% php debug.php
zsh: segmentation fault  php debug.php

You may need to increase the size of the image, and it'll happen faster witha ulimit -s set.

(stack actually taken on a different etch machine)

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 47672849432560 (LWP 10921)]
0x00002b5bb5247d24 in gdImageSetPixel () from /usr/lib/libgd.so.2
(gdb) bt
#0  0x00002b50a59d9d24 in gdImageSetPixel () from /usr/lib/libgd.so.2
#1  0x00002b50a59dae51 in gdImageFill () from /usr/lib/libgd.so.2
#2  0x00002b50a59db04c in gdImageFill () from /usr/lib/libgd.so.2
#3  0x00002b50a59db033 in gdImageFill () from /usr/lib/libgd.so.2
[...]
#1051 0x00002b50a59db033 in gdImageFill () from /usr/lib/libgd.so.2
#1052 0x00002b50a59db04c in gdImageFill () from /usr/lib/libgd.so.2
#1053 0x00002b50a59db033 in gdImageFill () from /usr/lib/libgd.so.2
#1054 0x00002b50a58b6b93 in zif_imagefill () from /usr/lib/php5/20060613/gd.so
#1055 0x0000000000660447 in execute ()
#1056 0x000000000064fe63 in execute ()
#1057 0x0000000000632ec9 in zend_execute_scripts ()
#1058 0x00000000005f3678 in php_execute_script ()
#1059 0x00000000006b9755 in main ()



-- System Information:
Debian Release: 4.0
  APT prefers stable
  APT policy: (700, 'stable'), (400, 'testing')
Architecture: amd64 (x86_64)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-6-xen-amd64
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)

Versions of packages php5-gd depends on:
ii  libc6                    2.7-18          GNU C Library: Shared libraries
ii  libfreetype6             2.3.7-2         FreeType 2 font engine, shared lib
ii  libgd2-xpm               2.0.33-5.2etch1 GD Graphics Library version 2
ii  libjpeg62                6b-13           The Independent JPEG Group's JPEG 
ii  libpng12-0               1.2.15~beta5-1  PNG library - runtime
ii  libt1-5                  5.1.0-2etch1    Type 1 font rasterizer library - r
ii  libx11-6                 2:1.0.3-7       X11 client-side library
ii  libxpm4                  1:3.5.5-2       X11 pixmap library
ii  php5-cgi [phpapi-2006061 5.2.0-8+etch13  server-side, HTML-embedded scripti
ii  php5-cli [phpapi-2006061 5.2.0-8+etch13  command-line interpreter for the p
ii  php5-common              5.2.0-8+etch13  Common files for packages built fr
ii  zlib1g                   1:1.2.3-13      compression library - runtime

php5-gd recommends no packages.

-- no debconf information

Information forwarded to debian-bugs-dist@lists.debian.org, Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>:
Bug#514609; Package php5-gd. (Wed, 01 Apr 2009 16:15:02 GMT) (full text, mbox, link).

Acknowledgement sent to Justus <justus@abi007.info>:
Extra info received and forwarded to list. Copy sent to Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>. (Wed, 01 Apr 2009 16:15:02 GMT) (full text, mbox, link).

Message #10 received at 514609@bugs.debian.org (full text, mbox, reply):

From: Justus <justus@abi007.info>
To: 514609@bugs.debian.org
Subject: update?
Date: Wed, 01 Apr 2009 18:07:37 +0200
Hi,
any updates on this bug?
I got the exactly same problem here:

~$ php --version
PHP 5.2.0-8+etch13 (cli) (built: Oct  2 2008 08:26:18) 
Copyright (c) 1997-2006 The PHP Group
Zend Engine v2.2.0, Copyright (c) 1998-2006 Zend Technologies
 
<?PHP
echo "0\n";
$image = imageCreateTrueColor(504,40); // create Image
echo "1\n";
$transparent = ImageColorAllocateAlpha($image,0,0,0,127); // define transparent color
echo "2\n";
ImageFill($image,0,0,$transparent); // fill picture with transparent color
echo "3\n";
?>

Leads to:

~$ php /var/www/test2.php 
0
1
2
Segmentation fault


With one additional problem:

<?PHP
$image = imageCreateTrueColor(504,40); // bild erstellen
echo "1\n";
$transparent = ImageColorAllocate($image,0,0,0); // transparente farbe bestimmen
echo "2\n";
ImageFill($image,0,0,$transparent); // bild komplett mit dieser farbe füllen
echo "3\n";
ImageColorTransparent($image,$transparent); // bild transparent machen
echo "4\n";
ImageGif($image,"/path/to/myimage.gif");
echo "5\n";
?>

That creates a black image at /path/to/myimage.gif
Does anyone have a solution?
At the moment it seems to me as if you cannot create transparent gif with Debian Etch.

Regards,
Justus

Reply sent to Ondřej Surý <ondrej@sury.org>:
You have taken responsibility. (Fri, 08 Jan 2010 16:45:12 GMT) (full text, mbox, link).

Notification sent to "Chris West \(Faux\)" <debian-bugs@goeswhere.com>:
Bug acknowledged by developer. (Fri, 08 Jan 2010 16:45:13 GMT) (full text, mbox, link).

Message #15 received at 514609-done@bugs.debian.org (full text, mbox, reply):

From: Ondřej Surý <ondrej@sury.org>
To: 514609-done@bugs.debian.org
Subject: #514609: php5-gd: Segfault after infinite recursion in imagefill / gdImageFill
Date: Fri, 8 Jan 2010 17:40:33 +0100
Version: 5.2.6.dfsg.1-1+lenny4

Works ok in current stable.

-- 
Ondřej Surý <ondrej@sury.org>
http://blog.rfc1925.org/

Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Sat, 06 Feb 2010 07:27:41 GMT) (full text, mbox, link).

Send a report that this bug log contains spam.

Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Sun Jul 2 03:05:27 2023; Machine Name: buxtehude

Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.