| Server IP : 79.136.114.73 / Your IP : 216.73.216.55 Web Server : Apache/2.4.7 (Ubuntu) PHP/5.5.9-1ubuntu4.29 OpenSSL/1.0.1f System : Linux b8009 3.13.0-170-generic #220-Ubuntu SMP Thu May 9 12:40:49 UTC 2019 x86_64 User : www-data ( 33) PHP Version : 5.5.9-1ubuntu4.29 Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority, MySQL : ON | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON Directory : /proc/self/root/home/b8009/php-5.6.22/ext/exif/tests/ |
Upload File : |
--TEST--
Bug #68799 (Free called on uninitialized pointer)
--SKIPIF--
<?php if (!extension_loaded('exif')) print 'skip exif extension not available';?>
--FILE--
<?php
/*
* Pollute the heap. Helps trigger bug. Sometimes not needed.
*/
class A {
function __construct() {
$a = 'AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAa';
$this->a = $a . $a . $a . $a . $a . $a;
}
};
function doStuff ($limit) {
$a = new A;
$b = array();
for ($i = 0; $i < $limit; $i++) {
$b[$i] = clone $a;
}
unset($a);
gc_collect_cycles();
}
$iterations = 3;
doStuff($iterations);
doStuff($iterations);
gc_collect_cycles();
print_r(exif_read_data(__DIR__.'/bug68799.jpg'));
?>
--EXPECTF--
Array
(
[FileName] => bug68799.jpg
[FileDateTime] => %d
[FileSize] => 735
[FileType] => 2
[MimeType] => image/jpeg
[SectionsFound] => ANY_TAG, IFD0, WINXP
[COMPUTED] => Array
(
[html] => width="1" height="1"
[Height] => 1
[Width] => 1
[IsColor] => 1
[ByteOrderMotorola] => 1
)
[XResolution] => 96/1
[YResolution] => 96/1
[ResolutionUnit] => 2
[Author] =>
)