File: imagebmp_nullbyte_injection.phpt

package info (click to toggle)
php8.4 8.4.11-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 208,108 kB
  • sloc: ansic: 1,060,628; php: 35,345; sh: 11,866; cpp: 7,201; pascal: 4,913; javascript: 3,091; asm: 2,810; yacc: 2,411; makefile: 689; xml: 446; python: 301; awk: 148
file content (19 lines) | stat: -rw-r--r-- 387 bytes parent folder | download | duplicates (3) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
 
--TEST--
Testing null byte injection in imagebmp
--EXTENSIONS--
gd
--SKIPIF--
<?php
if (!gd_info()['BMP Support']) die('skip BMP support not available');
?>
--FILE--
<?php
$image = imagecreate(1,1);// 1px image
try {
    imagebmp($image, "./foo\0bar");
} catch (TypeError $e) {
    echo $e->getMessage(), "\n";
}
?>
--EXPECT--
imagebmp(): Argument #2 ($file) must not contain null bytes