Commits

pajoye  committed cc3eb67

- #11, gdImageCreateFromPng* possible crash with empty file
Thanks to Antony Dovgal to have catched this bug

  • Participants
  • Parent commits ada1a43

Comments (0)

Files changed (3)

File src/gd_png.c

+/* $Id$ */
 #ifdef HAVE_CONFIG_H
 #include "config.h"
 #endif
 
   /* first do a quick check that the file really is a PNG image; could
    * have used slightly more general png_sig_cmp() function instead */
-  gdGetBuf (sig, 8, infile);
+  if (gdGetBuf (sig, 8, infile) < 8) {
+	return NULL;
+  }
+
   if (!png_check_sig (sig, 8))
     return NULL;		/* bad signature */
 

File src/tests/bug00011.c

+/* $Id$ */
+#include "gd.h"
+#include <stdio.h>
+#include <stdlib.h>
+
+int main()
+{
+ 	gdImagePtr im;
+	FILE *fp;
+
+	fp = fopen("emptyfile", "rb");
+	if (!fp) {
+		printf("failed, cannot open file\n");
+	}
+	im = gdImageCreateFromPng(fp);
+	fclose(fp);
+	if (!im) {
+		printf("ok\n");
+		/* Success */
+		exit(0);
+	}		
+	printf("failed\n");
+ 	/* Test fails */
+ 	gdImageDestroy(im);
+
+	exit(1);
+}

File src/tests/emptyfile

Empty file added.