php打印var_duc,PHP :: Bug #74435 :: Patches

Patch fix-74435-php-7.0 for GD related Bug #74435

Patch version 2017-06-20 14:47 UTC

Return to Bug #74435 |

Download this patch

Patch Revisions:

Developer: cmb@php.net

From 5e11807c1e0a9b33228e59aa669207d47916cbbc Mon Sep 17 00:00:00 2001

From: "Christoph M. Becker"

Date: Tue, 20 Jun 2017 16:45:42 +0200

Subject: [PATCH] Fix #74435: Buffer over-read into uninitialized memory

The stack allocated color map buffers were not zeroed before usage, and

so undefined palette indexes could cause information leakage.

---

ext/gd/libgd/gd_gif_in.c | 3 +++

ext/gd/tests/bug74435.gif | Bin 0 -> 11464 bytes

ext/gd/tests/bug74435.phpt | 27 +++++++++++++++++++++++++++

3 files changed, 30 insertions(+)

create mode 100644 ext/gd/tests/bug74435.gif

create mode 100644 ext/gd/tests/bug74435.phpt

diff --git a/ext/gd/libgd/gd_gif_in.c b/ext/gd/libgd/gd_gif_in.c

index 74b7493..76ba152 100644

--- a/ext/gd/libgd/gd_gif_in.c

+++ b/ext/gd/libgd/gd_gif_in.c

@@ -147,6 +147,9 @@ gdImagePtr gdImageCreateFromGifCtx(gdIOCtxPtr fd) /* {{{ */

int haveGlobalColormap;

gdImagePtr im = 0;

+memset(ColorMap, 0, 3 * MAXCOLORMAPSIZE);

+memset(localColorMap, 0, 3 * MAXCOLORMAPSIZE);

+

/*1.4//imageNumber = 1; */

if (! ReadOK(fd,buf,6)) {

return 0;

diff --git a/ext/gd/tests/bug74435.gif b/ext/gd/tests/bug74435.gif

new file mode 100644

index 0000000000000000000000000000000000000000..92fbb7ff20d577a87e9f107e87ae4dfd5f7e069c

GIT binary patch

literal 11464

zcmV;(EH~3fNk%w1VE_RD0e}Di{{R5~001li000000RRC22>$^82^>hU;6Hx|6DnNj

zub;z*5F_^EN3o*Ci~RO!+{m%xK7AlViX5pgpUIObQ|80RvZc$H`0mM^NwelXdpL9I

z+-a|#&!0ep)}u$XsL`YJ

zA7Wfv(WBdqB;$ruN%thoyDe?%oyoIrPN9H*A{|`Rso|wm6Gzp`_$t`PUB`|!Yc_3K

zwrtDUC?($>m}XS

zG+@+&RU2lV*fnF=k7XOA&Cs?)+!%FxNfPSv?q=wPK6

zq`uI4MC=!}cjP|OdrI&xiB}VOJDC?0dPk|(6nj&-mlb?p$wv@<3fTt{eirG+5q~22

zhZ2A;2}l!xIvEHQf

zibSc17>iK3=opM#$tVzwHQG24jv49r5sxMLxDt>t33(HdJsCL^l1VA~6q8jsxfPUQ

zNl9fxR$`f@j$C%>BbZ?dNoJWwqM4?WY_{nnoN>xHr

z=9)~p`6iT79z-Rhc0QV?qW3aLPI=

zt&VDWs+XyXxvH71s`;v$vC28DjinlUE3&yNyDPK3I{PcM!AeUbskK@gDYleqdnvb?

zdfO?uP`)GYy!6)ljyw3~tM9(

z@x>TtoDMo1ckJ=U=$s?+$RwA1jyWi&tn$j{l;iTtFvnaDIW*U7^UdUpqw~%@_dJd`

zKnE@K(Bgz+^wCHs9S%55H|_M(;Mgnmy!=+3ufSOUi}2P3JM8ts6o(zL#$;a%^4T4m

ztoFz(x1F-gaKDW6+%@}b_s&G;9kkMXAO8*Y-%U?FwbfQ

zw%cyU9XH){-+i~8^

zd3(+`=zoiDFX{Z6E->l{tL`xC6uYi5>>$f-GVLteE;H^p>+Un}MEkBZ@K6h1FY)^t

zA29L

zVGMpAlOM_Gr!xD&41YG$AJ6zFH2)zDfKC%2)d+|$18NO{1XCc`7zi;3nhk;+lOWqD

zh%yVx4TCh(Al^6#G!Oa>giI5my#Gj8LK6-Qg$YyP!&q1`7j6uOA(P?BXxK6v&J2e+

z)8Wr}STr9l4Tw<_a>

zafvK+;uB#g#VOLzidV#;7PrVlFMbh-LcA9d`Dn&Jrcsb=EaV#zDaS?D(UEwJ

zL`yOelTg$o6*-ATPjV5IU=-yfN$E!=Uebw~l;S3>*hwvZ(u

zDtXyTU%nEUu@oi=DOpNm1`?TsROTU>sYquw5}H8#hB(Jb&T@Xk8|X}@I@jrqZn*QE

z@Qi0SxIxc)+Vh^=*oHp$$^XxOZbKUY4X8i|s*P+I^q>e$Xg09H(1tqnq1d>FL?=qo

zieAGS7|p0gH)@S)c=V$n4QVx~LDG_%^rY07hDuk;(w0s`8ZeEiOlK;MXxQ|oIL&D^

zpuy9g`t+yJFsD$*$2Pk%afp9GC+Kov^WgF^JG4YjCNC(6;TW>lnL

z{U}PuT2hyqb)_^-YfN>@)|&$Ltvwy;P>pKTq$ZWAOnvH8r7G2`Ru!vQ-Rf4o>eaA@

zm8@hv>si&R*0#14u5gvBQ0ZD!yCM~@OVz7W`5INfQWdaQ6|7bX+f~DY6|rMgtXUbG

zR>!gxvTv2FIVsCd%m2y~v-s4kKRHWK&ngtO5EZRONy|~wiWIddRjo@|OH

zZ8>SXPTR&4xA)X-KY2S)-zF5e4;5}jiMvtbh7`FcRc=d}J5%T86uLi^E;*^IPV2%G

zyY|#BKe;PV?;;eu4izs&$*WQGf)u?bRWD1~D^vI46uv%{FHz}>PWvhqzx32ERQU@~

z|5_Em3>7d}35-z#ixt5nRWMo^3{wZY6~a7~usA7PVGGX_!}-+kKRH}b4=)tN5f$-8

zN!(Erj}*lzRq;z%TvHeC6vjc7F^$`4V;tvL!#wV>hk+bq5fiz{CPs3SRm|ijyBNw*

zmhhBqd}9pjc>l*7_VJHFEaV}R*vLmlv67d}VkbWt#xg!9joEDFH)mPST(0w%@hs*&

zm)Xx~4)mI

zTxe5Y8r7Lr^`=?fX;*(5)}fX)g$Z40TgMsKbk_Bqd97z(_ZiqQeulKCP3>ww!x`Al

zwzjwJjAnTI+u#m&Gnhf{a+~|y%vgrH*Uj#BFGCsdj<>w$t&C*Y``-A@cQTN{?|%FH

z-^e(Izz0t7f*->e2v4}e7jBGVIQ-!dk9aYNLGg-P{NltIhQ>F}@s1Be7$6V1$VV=W

zV3_>mDF07+Fo41Gmb?7rz_7N=r_Jq}XItDj|2DdJUT$~$eBJa8dc5^b^m_yR=>0ah

z(g)7)rYBtDP=7ear(SW7TYcjs&w9vJ&h?YS{Oc{B`OIx@^PK0L=RE)U&xJ1Zq8A

zNMHKWo$mCgN1f_azxvg+uJx{W9qeEiyUfX6bF<?d ?K@Yy&)FVyw-X)iN0+E3j^

zLmlr^*SppEo^`)-9q?ZlytN6>ZNrNj@#t2(yBSY!$LkyN0GGVMDbH}rOC0kU*SyC$

zPjb(z9P}_3eYHuyZPSMv_2*W7yIDVP*XJAd|CW8hX}@sWM;!MT*L}x%KXTuv9QZF6

zKL53euWjRl8~Nr|KD(JOZ|CD1`u>(a!Ktrs>q8v-7S}$qa6G$Cw??Xe%NMy

zI){GbrhY)je(>ggMhAcVCVxyve+XxPQip#Or+-+-e<0_7UI&0ICxFsMfCXrP

zrhxCpfc55p`v!plCxHh?femMY6NiBrr-2{GfhFgGD+huxCxRr{Z6=6

zgE1(9G+2Wch=Vz(fjroQ9tea%D1bv~f+vW8D!76S=z=c@figIQ6ljAth=Dq|gB<9C

zKL~;%cx@!eg+};=NhpR)ScXrChElkORp^FT7>8R}geYi-EQp6NsE0JjhdAhmJpTxY

zKq!cFNQhpjf_LbGc_@Q>XoG#IgMa9QfhdHNXn=KSiHC@ZiKvN-$cc^UiH``1ktm7;

zNQZ@JieZR~WT=W~$ck#{ifsssAovTyIE=(tjKAOu$e4`ExQxEg3(okA&=`%qzzft^

zjn;ULys!(}xQ*P{jk}-=;24hLIF7oI3+8x^=$MYVfD7!{j_&x5xNr;dIFIyLkGEh8

z_?VCSxR16_3;y_z02z?AKnny}kOp~>v@i<_xsvlmkh35q5e>

z01F)1kskSxuwaZLIgHF$lF2BIDEW-oxRTZAjV`&3

z*pvAvkU;s52sxAm>5xXbkQAAe5vh?(d66LblpQ&eBWaQ*nUX2Vk}Ua>FDa8US(7!1

zlQ_APJL!`?8I(aultg)yN2!!b*_2HQl~5^_B1x4cX_Y96l`E;0F3FWK>6J7ImNzMu

zI!Ts2X_i2VmP4tQM#+{*>6T0hmrp5|#z>dUXqVE6m)NM6-pH5a=$GmUnD8i=_DGog

zXqW6jV`nII{d#YmaUXqnN7nb)Y9-N>2a=$YvVn(ru@^+=lgXqo|u

zng^+x4au4l>6#e{n;$8g#7LXUXq(W8o7SkC+{l~a=$q&WobD)`^#4el`e>X0iJS(h

zoD9jF66u^637sA(og_(}$Y`A^iJjD_oiNFr;OLz;37+gIo;*pO_-LL&iJk

z5b2&y37;G(pTbC=^=Y5eh@aW0pWn!z<>;U52%zyOp!Z0i{b-;AiJ%FopbyEQ73rWG

z385h=p%mJT7K))6s-GO%q5cV?Au6CGTA~JuqA9ANEZU+D3ZpS9pEGKq7mA-6x}p5(

zp&tsMB08c3YN98Kpenke4CZM2;rb}9*

z7;2^*il!i{rXY-^WqHAiRZU3sGZ|b6PDx-sHpJi&O

zcZ#Tas;GO)sD0|Fe+sFADyj5IrgdtmQHrTls;O7Xsaoo(T?(oY`U

znyb3HtFF)rzWS@c8mz6r3dCBh#(J!*unNk$tjyZ1tDp+d8m-bgt*Vd;)_SejnysmT

z3f$VQ-ukVma0=o&uH;&-r(g=`ny%`)uBK25?)t9q8n2~53iMj9_Ij_RFbev*ul(At

zqaX?Z8?XX9u%ZwO279mwo3Nn(3Jlw@4*Rg6V5V*hvBm1F9=oj6

z8nV%f=_;=yypv-Rq)HvhY?1e>z~tFSzKun_yR4Lh+D

zYq1uau^G#;9Q&~!E3zV6vL%bMD7&&N>#{BzvoTAvG

zv>1!D8>_S)%d{cuv?L3)Co8ooOSLU)wJ?jdGpn^W%e6V{wLA;9KP$GjO18Xew!(_G

z$f~x^%C^+%w%Q7};3~J~O1JE4xAKa&_^P-5%C`jTw+aim5G%N~O1QgfxWS6J$Evu^

z%DB_&xY-K1-zvG~O1bN5x$%m*_o})5%DDsUxd{up4=cK~O1ipgy1

zy4VW4-YUD~O1tW6yYPy;_Nu%5%DV#Vy9f)s4*x5>6id9gYP=eYyu_-!Aj`ba>bxck

zz1%9jEK9xUYP~Xxz4WTRILo~N>%Be;z6>kAvP!<?YreyZzR9Y- &&s~l>b~0wzu_vs

z=SsirYQOV}zxk@a|H{7w>%R*Nz!59J1l+3zjKB%3z6{*J?hC;YEWZ?7!S;*68LYn?

z+`;|}!XYfaBW%D2jJ^uI!0hY54-CH&Ji+v9!556b8oa^$>%kukzyf@$1kA%G{KF|M

z#4KFIFO0-8yu>x^#5f$qJ6ysDY{d+W#SpB;6wJjK?8O`m#vm-lQ%uG_tiV_7z*#K8

zTWrBytifOG!C@@Ib8Nm

zO6

zpb5Yn%)&g(nve;`e9Xw4%$a}*%-qb*{LGke3DP{x)LhM%U

z&Xqt3

ztX$BkEXxS}%DBAHwd~6dz01TL(ZQ_D6n)Ile9_Hp%^E$;+}zRGEY2YP&FDPR<?PNT

zz0UNU(($a%EPc-a{nGtB&;xDI2LGMV3C++9{m>6B(Gp$J6^+ptz0n)((H

zebOhb(kk83Ee+E!Ez

z)G6)MEDhB!E!Cz>)vRpQvW(TZtku5E)x_-8$_&=fEY{Xc*4%8?;*8eltk&+#*7WSw

z`V7|qE!U+?*Q;#Tv5eQZtk=EF*Td}B$qd-fEZEgd*xPK_;f&bltk~_$*z@ez`3%|r

zEZL+?*{W>Wu#DNZtl7NG*~0AE$PC)fEZWpe+S+W|;EdYltlI3%+Vbq$_zc_rEZYQ4

z+o){Y3XR*etlJRH+raGG7XJ<0%q-j-P2AXQ+#-$K{4Cv~Ox@LO

z-Ls6{xvbs4%-zN8-OCK#(JbEAOy1pW-s6nk>8#%G%-;3v-un#S0WIJ3-OBcj-}$ZG

z{N3N)4d4MT-UMFY=8fP9uHFpZ;O-6K5iZ>mZr}Hf-TJ-X-0k204c-Di;N)%K2aetf

zzToWb;13Sp@_owm&EgjR;u$XE9A4uej^iS}<0bCnC?4c1Ug7v{

zNiN_^Zs1L>;7{)0Q7++QZrw$0=2wp9S+3?=&gNb2=3fry

zVJ_#?P2^Q>=P{1wH27X9!

zjlc+`Uh1ZP>Wr`ms=n&1-s+2>2(TXOvOepIkO;PZ>$slliGT>a-s`^p>xgg&!anT8

zUhIcp2*{r7%D(J|PzcWc?9d+Vg+K_@UhUR??SwE0+P>}F-tB`R2;d&>;y&(z5D4ae

z?&zNGfdB~X-tO-H?tozF@;>RDUhkPM>iGWYsJ`!|?&|)&>a-s4v99X`f9t@0@V##A

z3P0@3-tfsT?GXR$*go;q?(G)8?c|>E;jZo+f9~-9@$EkE^KS3

zU+@Kw@Cd)~3;*x%4j=ImPw^Cg@fWZ08sG695Aq-{^72md^=|U`j`I7i^8U{90q^nz

z5Az2v^9oP%4R7-hkMk3+^A^wZ8SnEP5A+`|^p;NaoNn}@j`XOm^sdhIwC?n}4)wq;

z^~O&1%x?A4j`i5C_1@0)

z%Wn74j`!ED_ubC-wA4*2gb_>@lgnr`@@j`*go_^i(OvhMh}4*9+=`NU57%5M44

zj``NE`P|O=;_mtA4*Kpc`t(lvm~Q&|j{2mo`T)=Ru5Bt0>`wUO}$Zq=*kNecF

z`xwvr;Q#LX9uNHNF8q>C{KaqlqmKNkuKcgg{I%}

z{pAi2fdmdDSP;-bgb5V_deqS2Lx_(YO{7@SqN7F`HE!hCh|x!oAw@D;RMO;0l#3Lt

zWZBZCqC_!e&ZL{)8|j1hYSrRTGXhaLP?b_Wmam;5*k$1>Q$_R

z1a0No)vKU_VGS-MdobczhZogS?ATW0NVp(V&NcbcF3XyEW$xsQGw5HRM+FmYT3G2+

z#89&?w))jESFw=;l`V@F?b@|&-Nubem+sxWdiD103mEX=!G;YdPRy9`

zEdOS;n%i=Q>v=9{yQ1@w=4J@O!_r=8J0k9jx;ye7={qIxm%?ij

z-)TH3@}tU|GN0-^EA+3@$5KaV9U^v%+BtF;=^Z6_m&BuqJe|w~3O%FLV~Rbg+`|e!

zujC_$zJ%<12)~N-+larA{5uK2mIR!Mz?=;H3BjTiT#CV{9J~s`t|T0YLWKUX@kShT

z{KF3(d-U-~Kl%`INFs~ugAXK=RB}l^_Hgn^D5Km%4=Ss)@=87O&~i&IyUYU*FvApc

zOg!!|^Gr0;yu%JQ+jR3yJL-^gPCDzXgAP3N)N@Zd=J4}RKm(ma4nhkx^iVnCQ2%sM

zMjMR-4oD-FbW%8UwDd+GGwsnxPKRXj(

zeN|RjYpoSmTzB2o

zS6_n-mRMqqwG`P*mF1M#Pn{JN+ES%OmD*LUbrsuKwWXEYTfNm4++M{6mfT^@)e&7F

z)ish`Cf$`1UM%JHl3p_HRTE!0^|g~

zlHxHfP7~udHLjE6Jv|N-Vnl;lZG#t~&7RVI>UC0&LRW-Ddpl4db&M*kCMH+80y

zXFYue6lg2J_R+VZnt%enAHnp~uYdpQ?6>LJq7M5&C

z&9)KkwADV6?Izux67DSJ{*vx8?Oqe_IQ71h?>_w=6!1g^f0Xb_4M#jk#TjqhZO9{+

zoAS!-#yoSqIq%$W&_frT^wP~fUGc@)cKmU;C7+yb%P+@U^UeA8{ByuXADwW+cSIa`

z)rW80c-WJloq5}z&s}=ntN%T9#d&<4X9DL5j2c3M

zZhWFEpXu(Ww(RL|ef(>m|K10{_z7@+1gxI{(T2VBDX@49M4khe2me9mNicd8B-|TJ

zctRAW@C|NYVGCXOLN~NQhBKsL4cov59Oh7mJ7mKeeE35k25}8)AYu`Xctka%L5WLb

zViVJV1}H{Ric>_x8LW6kEN1ZxX5eBMz4%2lltGMRBx4!NKn66XQH^UP!x-H7MmWZC

z3}T>T9qo8WF@!;nd*ovu!vF?A22zlN1cM3

zOfHd%n~b6sJ$XeihO&!hB;^>{c*-=&QI&7RV=L?EM_BHWkh2WrArGlYMK-dLkc8wU

zCuvDbW-^nU|1*mb9d$Ee(mwME~lNk-U7QFC_`gN(vK`

z#N4DYJ&DXvDwCAVJf$;L3C&hY6PDDRr8QNEO&Ds^hTP

zs?&_@WTQLf2v0o9(~tBdq&-uJ&ll>mhWy;2KZ6L+BMP*M1f8Nmvxv|yDzuCYU86(e

z2+=!Aw2u@Wq(xDPQ5R~Ih8)$QM}Y`ZBZ`!XB$c8`v4~PHs+5c@RijJc2va-Cl#etO

zq)ictQx@vfkvzqrPbmphA_`TLM1`VJL5Wl@D%F%sMWa($2~|2uRhCo*q*YCb)vRju

zhFtBTSBD7JB#QNkWUZoEw}{p-s`ZR)ZKGS~2-iHy_5Y7_Eu>xX8biJEwXa?UY+%Jo

z*ut6>v58eHV;k#M$VOJKl&!2)FRRzRa@DVY1*>2OOIE`k7Oje1EL$D>Shz}dvUIiU

z3h@eC&Ca&7wgqi&N6TB&{x-G3Wo>a^n_0dp7qHAFtaA|yUB*fmvec!lb&rc(+4^<4

zf^Dv0pR3sDI(E8}t*&LytJUPHcf0KEu6w@=-|)(Jy!0)veX)w%?CQ6+{Kc(*cMD+O

z3OKj~rt23hd|?b{_zPa(aECqoVJ~z+#3LqgiMzlB6sK6lE9Sx$T>N4f$9M}`pmB|D

zd}A$SLB~7hagVcr1t14m$V0}$6^wjjBq#X_R{vmflb!rzD^x+sQ>Jp2t3U-TXIaZz

zrot4w{ADnQc?wb>bD7P2W+_BL&1+_Jo1*{)ILBGebB2P3?R;Sn=effs=JSYI{O1(Q

zSkN!VaiMGMV?^(m$cqlLk{x|yC`Y=}F7}na-n*^PTUk

zXFd11&wvK>pa*SeLnk`XjArzsA1!G~SGv-e#`LB)?P*VkI@F{lwW;ll>O8BOeBl

zs|5|~LdzP_v|hBW9gXWq>zdNMzO=734eU+}8`Q)ewXrpfY!EBk#LQ-~vt

z)F!gEm5gmDYun1)=CZfN3~n@w+s)*rv;Vm>jP4JsyTt5XvAbgo?;Fdz$Mhbuy_1aZ

zC+oY){NA#^!wm2<3%tz)pR>U+jBpPtoWu-QvBO~uaT`mV#}pT`#gUA0Cu^L_9M`hP

z!3=UUi=53Qm$S+7jB*aE+|MjWvC9b!a~jKB(KH9L%^{6*ChOeNJjb%nISq6&3tiMi

zhqKWwjP#@{{lrXfvD0S^^&Ct6$5bz})t8L*C~N)7T

zz3onid)%c?_qtmh?|Iic-}~-$zz1IJgfG0&53lyMGu`cPhq~P7PIbHA9qW4EJJ

zcd!e7@MJgphS3gs#gD%6riXm$C;!iS%fCMJvgds5Kc9HE>mKgBr@Qa*4t%}~AMnH{

zyzy_3e9^mo_j2#O-G8t5;QM{}f-k

z^z28y`&SQt*OR~4qd&5H0s}li1WdpuZ~_KwKnHw4Cujl*oInb!z$Rb<49q|c+(0H+

z0uTH^5DdX3Py!MxK@&VdB}f7lTtOCW!6ZNe7>q#~oIxZw0vo(R9L&KZFajRzK_C1<

zBPaqP96};2!Xh97BuqjjTtXrk0w;VzD2&1(5CST!LMyyNAqWC3+(Itw!XN+wFbqR6

z977;bKr=i*2u#BUv_LkTK>rSW!weKbIs8Brtiuv?K|EYR8r;Je)ImSIK_Cpo9yCHi

z96}~M#3YnLMSMamY{V+`LP*>~GMvOPJi{|oLp5x}HiSbsoWnV^Lp#jFJmf

zL_sXXLPSJFT*O6mL`RIoNTftcv_vz+#5B}IHsr)N^h7xX#X1y4JS4?EG(|r|#XwX=

zLS)55bVWsk#YU7xNTkI{v_%EPMF`YI3*

zbVezJMl6&@FQi5?w8jL)#s}2K3gpHO^u`bb#}gFC79__RG{+o7#~)P3B4o!UbjK)!

z$19Y_E~LjXv_}NQNB;-ZM+)Re4fID41V|GUNEReW88k>7L`WZ0NFroNC3HwAgh(rt

zNG_yEF|qegh?utNlBzh

zFtkYn#L1l0$qVGk4)nTc8Z^osM9Lsk$|GdTCUnXvgvu

zj6kjA%C7WDunbF~B+IfiO0-N%rDV&tbV|64OR1#Gy0po=)XJ^oNw54$pcKooBucY9

zOQclGwPZ@Sd`qa5%ekaVt6V^=giO7h%)Yctz|73S

zvUE+fgiW@TP5-#0O}ezr)5J~5^vcx~%hoi@*Hp{cbj#V4%i6Td

z--OQKl+NL#&f>IAoJ7ss)XvJ}PR#Vq%>+-+6wlBkPpbR@`@B#5%+DY20siby|NKuM

z=m7y8Py#K`9^e54O;810P#)L;2YpZojnEy?0Sc{93%yVs$N>%AP!8?T9KZn(4N(yt

zQ5?7d6FpHBP0

zBRx_Xhyf*CQYLNE7=QsNjZ!I{QW(%rE4@zu&C>ofP%a%%2K~|ml~6H#Pz){83iVJl

z-B1!;)Bg}vQ8ztN7>&~wwNW~qQ69b192HVM{ZShj(ks

z1ye8`(=jzuGfmSpWm7hN(>Ik?W5KMmACB~(H+R4YZ)ELBu4Wz;Wq

zR569rGL=*`rPMXGR5!)cIMq}-<

z43$+6rBxEORTafm7}Zr9

zrPdL())d9o7uD7p<<=eb)*uDfBNf*sCD$o6SNud*|5R53Wmg4tR|thy3zb(6rB@NP

zSN{~nR~OY+8s%3V^;aMTSR)l!CM8%YHCQY~SpHO4FJ)K+byzZmSPGR`HKkY(wOBaC

zSQgb-JLOm$^;kXySt1o#K_yuzHCg*a*_2h;17+C;b=e7p*$kE052e`>wb>QL*%;N?

z8|B#^_1Pf>+9Va)Cnee{HCm(%P^D$srgd4Ujar$d+N!l#tj$`T<=U?GS+EUTp(We0

zHQBRO+NEV#r+r$OmD;JLS*yKToYmT`

zT)TbTyp>$Ot=zv&Tc*`qsO4O$^<1n4U9J^fuq9oxHQmcaUBPwQ&6V2Dwc5|s+W*k?

z+R+u;(ly)LRoTqd-PPsY*7e=j1>V>d-q|JI+BII3#oW|Y-oj;G#C6`qg

zqJ07LJzw-q-xqKJ_HAGHeP0)70r{O@`mNs

zK429{0R>)Q25#UKKmiDjU

zVHI9s5*Ps&eqk7n;Smr48m?g*zF`pv0Uh399`4}~00AHlVj&)45KvzuK417v;`X&)

zCZ1pZed7ETU@87z1g_!&c3>=CU

z8unp0-eDr1;~+lbBUWN1ZsI0}Vkn;CDYjxO&f+ZQVlMvTFBW4lF5@yrV>DjlHFje+

zj^j9{V>-5DBgW$-)?+5-<0tlGDF);!7Gx|Y

z

z^u^`()#du-L00!m*7Ul*f<_r>4E>mgXL&

z)n@wTX8rYM00w6R7H0+~X9+fE3`S=UR%a4sXBBp57=~vXmS-NOXa6C#XC%gF_SI)6

z=4br%XDSA00v2d3CTIvYXfQ@-4pwM0W@r?4Xf}pu8kT4|rf49xX!FJBjMnJ;<>>zP

z=m7@l1QzKBCg}

zqBd!yPHL5A>ZW#SsE%rxrs}G;=&RQ0o#tqt{%MdF>Y*lSqdsbsR_di@X{UZ_n3n3P

zrfHjAUz~#^o*v;OO}7HqaI?6=Npo>pw2W^AH%Y@~*4rj~4|rfjOV

z?8C-vx%TPB7V5?}>c>{s3>eJTf#8&OiX6?>)?f=h)?a-F((WdRvwrz|?

z?9A5fy5?=X_U*j}Zod}pz$R{*{s8N~ZtTwP5AXo)?r!h?ZV%`H@g8sTF7FQD0Q638

z^?(Yo1000kg0UvM-xBvq`a0E~A3$OqN

zZ*T{Ha0{pa37>EZukZ?>01VG?4c~AIm;ev|a1ami36KC1FL4t;aS4b36<=`{Z}A9#

z02q&P8J}?o&~6*QZt%|W?lx~8A8+>l@${B&A%AcDF7o>JZzSJu0$=g~S8yjka0rj`

z2Dfl3pKuPp@(dSoE&p&7@A49NaWG$T8Xxl*zwsN_asM6f@g4_qARqD}H*zCS@+4

zCV%oLmvSku@+!x2EZ_1i_i`@}^DrlKGB

z$MY!Hb1LWaEBA9P2lOr%bTB9MF*kJWMs)C2bn|9(_I7mnhIIUvbpNJw0=IMp$8-qS

zbPMNn4)=5s2Xzz|br&af8aMUqM)mJj_3~!*^>+36hV}cF_5P;y0k`!8$Mpx-^$O?p

z4fpjB2lf*e_7*4h88>$9Mt1L3cJgL+^>%jnhIadwcK)Vz0k?Jp$94zTb_(Zq4fl2s

z2X_+}cNQmi88>$vM|bX4cOPeW^mcb5hj;pxcmE})cL29{D93jO*LN%DcMSJ;E(drL

z7kDuzco;W$>qhv5SNQX0`1W@A`G)xXmiYgs_yV{11;_XZ*Z2$P_zw5@5eNAc7x@<_>

z`5HHQln-x}XZe

znWuQ0zj=(;`JLx@pZ|G~7y6+md6VC6lm~mIAN!^^d#F$Qsb_nufBUSLd#

z*L#@fdz$xqoCkcK7kr>6e4;n}yGMMnclo`S`M$ULzt{P|_xZsW`ocH*%UAfk*Zjrj

z{KohE#|Qn$7yZd6{mM6egva~DSN*bQegCv~{k4aEx0n66r+t!t0OLP?

ze&>IF2WSB4pML7E{sv$G?9YDf-+l&I0Pp{P@DKk5Pyq5TfAc?o1xNt(Uw`&*{{%n)

z_>X`2pML~60Q

z6cFGe$dDof04QnlBuW4eR

zmoin5;3?FoQWGGkYV|5s1P8Wq?dtVF!LS7vl0_Kttiy|HDRykDaU@)jDd(DeX_sZq

zyfSz4#ToRk&!d8gHZ81lDq^Tv7yn!R>X@t8$Og)mMT>UrTDNZF#-&U5?p?il`}PG4

zc

zv>g%mMco~FkMx}q_)Fn6iSINX6!}r*O_@)1o)!96>0_xUv<?xwMeQ89i }a2Xyi4NI

zM4nFO0fnAX>M_NhRPJE~pI7n`L|=XOrG+0``n|=UT>jMsAYKCQMW9~>28JME3LeIw

zVh%P2A!HH?M4?$0HiTh@8hXUxM;?9%B1|I2L}H013WefODz3;PRW4QqV~jG=c#w@Z

z;)s!sJM!pbNkFb7

ziQ<_>

zrG8$DRHlQj+3BHEG88JES(1upq!rTB%Bi8k

if@-6vwjOILkh(5wX|t^|32d~VCQ2)gqh9M{Kma>sw7>2E

literal 0

HcmV?d00001

diff --git a/ext/gd/tests/bug74435.phpt b/ext/gd/tests/bug74435.phpt

new file mode 100644

index 0000000..9d11eb3

--- /dev/null

+++ b/ext/gd/tests/bug74435.phpt

@@ -0,0 +1,27 @@

+--TEST--

+Bug #74435 (Buffer over-read into uninitialized memory)

+--SKIPIF--

+<?php

+if (!extension_loaded('gd')) die('skip gd extension not available');

+?>

+--FILE--

+<?php

+$im = imagecreatefromgif(__DIR__ . DIRECTORY_SEPARATOR . 'bug74435.gif');

+var_dump($im);

+$width = imagesx($im);

+$height = imagesy($im);

+for ($i = 0; $i < $width; $i += 16) {

+ for ($j = 0; $j < $height; $j += 16) {

+ if (($index = imagecolorat($im, $i, $j)) >= 2) {

+ list($red, $green, $blue, $alpha) = array_values(imagecolorsforindex($im, $index));

+ if ($red !== 0 || $green !== 0 || $blue !== 0 || $alpha !== 0) {

+ echo "unexpected color at ($i, $j)\n";

+ }

+ }

+ }

+}

+?>

+===DONE===

+--EXPECTF--

+resource(%d) of type (gd)

+===DONE===

--

2.10.2.windows.1