ID: 27674 Updated by: [EMAIL PROTECTED] Reported By: xuefer at 21cn dot com -Status: Open +Status: Bogus Bug Type: GetImageSize related Operating System: * PHP Version: 4.3.5 New Comment:
The flash file you provided is corrupted, here's same file, uncorrupted which works fine: http://www.miniclip.com/gamefiles0304/bushshootout_game.swf Previous Comments: ------------------------------------------------------------------------ [2004-04-09 04:00:39] xuefer at 21cn dot com reoped and updated changed cos 125-bad.swf is really "fine playing in flashplayer" swf ------------------------------------------------------------------------ [2004-03-27 06:16:22] xuefer at 21cn dot com yes, just a guess because no matter how much memory it alloc, uncompress() just return Z_BUF_ERROR i don't know why this swf is bad, it plays ok in stand alone flashplayer and ie browser by the way, when i test it with a "good" swf, the part of erealloc() don't even executed. In another word, the first uncompress: if (uncompress(b, &len, a, sizeof(a)) != Z_OK) { is Z_OK ------------------------------------------------------------------------ [2004-03-27 05:58:53] [EMAIL PROTECTED] Where does the 50MByte const come from, a guess? ------------------------------------------------------------------------ [2004-03-26 22:09:42] xuefer at 21cn dot com this bug may be "can't reproduce" not "closed" this is the "fix" with testing code Index: ext/standard/image.c =================================================================== RCS file: /repository/php-src/ext/standard/image.c,v retrieving revision 1.72.2.13 diff -u -r1.72.2.13 image.c --- ext/standard/image.c 12 Nov 2003 22:56:09 -0000 1.72.2.13 +++ ext/standard/image.c 27 Mar 2004 03:11:00 -0000 @@ -196,8 +196,8 @@ long bits; unsigned char a[64]; - unsigned long len=64, szlength; - int factor=1,maxfactor=16; + unsigned long len=64, szlength, maxlength = 50*1024*1024; + int factor=1,maxfactor=8; int slength, status=0; char *b, *buf=NULL, *bufz=NULL; @@ -226,8 +226,13 @@ do { szlength=slength*(1<<factor++); + if (szlength > maxlength) { + break; + } + printf("szlength: %d\n", szlength); buf = (char *) erealloc(buf,szlength); status = uncompress(buf, &szlength, bufz, slength); + printf("status: %d\n", (int) (status == Z_BUF_ERROR)); } while ((status==Z_BUF_ERROR)&&(factor<maxfactor)); if (bufz) { $ make && ./sapi/cli/php -r "var_dump(getimagesize('125-bad.swf'));" Build complete. (It is safe to ignore warnings about tempnam and tmpnam). szlength: 2229880 status: 1 szlength: 4459760 status: 1 szlength: 8919520 status: 1 szlength: 17839040 status: 1 szlength: 35678080 status: 1 bool(false) ------------------------------------------------------------------------ [2004-03-26 13:45:53] [EMAIL PROTECTED] Both PHP4 (4.3.5) and PHP5 CVS return false with the given file. ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/27674 -- Edit this bug report at http://bugs.php.net/?id=27674&edit=1
