felipe Fri Apr 4 17:39:52 2008 UTC Modified files: (Branch: PHP_5_2) /php-src NEWS /php-src/ext/gd gd.c Log: Fixed bug #44591 (imagegif's filename parameter) http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.1132&r2=1.2027.2.547.2.1133&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.2027.2.547.2.1132 php-src/NEWS:1.2027.2.547.2.1133 --- php-src/NEWS:1.2027.2.547.2.1132 Fri Apr 4 00:16:53 2008 +++ php-src/NEWS Fri Apr 4 17:39:52 2008 @@ -1,6 +1,7 @@ PHP NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| ?? Apr 2008, PHP 5.2.6 +- Fixed bug #44591 (imagegif's filename parameter). (Felipe) 03 Apr 2008, PHP 5.2.6RC4 - Fixed possible stack buffer overflow in FastCGI SAPI. (Andrei Nigmatulin) http://cvs.php.net/viewvc.cgi/php-src/ext/gd/gd.c?r1=1.312.2.20.2.33&r2=1.312.2.20.2.34&diff_format=u Index: php-src/ext/gd/gd.c diff -u php-src/ext/gd/gd.c:1.312.2.20.2.33 php-src/ext/gd/gd.c:1.312.2.20.2.34 --- php-src/ext/gd/gd.c:1.312.2.20.2.33 Mon Dec 31 07:20:06 2007 +++ php-src/ext/gd/gd.c Fri Apr 4 17:39:52 2008 @@ -18,7 +18,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: gd.c,v 1.312.2.20.2.33 2007/12/31 07:20:06 sebastian Exp $ */ +/* $Id: gd.c,v 1.312.2.20.2.34 2008/04/04 17:39:52 felipe Exp $ */ /* gd 1.2 is copyright 1994, 1995, Quest Protein Database Center, Cold Spring Harbor Labs. */ @@ -2813,7 +2813,7 @@ } } - if ((argc == 2) || (argc > 2 && Z_STRLEN_PP(file))) { + if (argc >= 2 && Z_STRLEN_PP(file)) { PHP_GD_CHECK_OPEN_BASEDIR(fn, "Invalid filename"); fp = VCWD_FOPEN(fn, "wb");
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php