| Server IP : 79.136.114.73 / Your IP : 18.225.92.18 Web Server : Apache/2.4.7 (Ubuntu) PHP/5.5.9-1ubuntu4.29 OpenSSL/1.0.1f System : Linux b8009 3.13.0-170-generic #220-Ubuntu SMP Thu May 9 12:40:49 UTC 2019 x86_64 User : www-data ( 33) PHP Version : 5.5.9-1ubuntu4.29 Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority, MySQL : ON | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON Directory : /proc/self/root/home/b8009/php-5.6.22/ext/gd/tests/ |
Upload File : |
--TEST--
Testing null byte injection in imagejpeg
--CLEAN--
$tempdir = sys_get_temp_dir(). '/php-gdtest';
foreach (glob($tempdir . "/test*") as $file ) { unlink($file); }
rmdir($tempdir);
--SKIPIF--
<?php
if(!extension_loaded('gd')){ die('skip gd extension not available'); }
$support = gd_info();
if (!isset($support['JPEG Support']) || $support['JPEG Support'] === false) {
print 'skip jpeg support not available';
}
?>
--FILE--
<?php
$image = imagecreate(1,1);// 1px image
$tempdir = sys_get_temp_dir(). '/php-gdtest';
if (!file_exists($tempdir) && !is_dir($tempdir)) {
mkdir ($tempdir, 0777, true);
}
$userinput = "1\0"; // from post or get data
$temp = $tempdir. "/test" . $userinput .".tmp";
echo "\nimagejpeg TEST\n";
imagejpeg($image, $temp);
var_dump(file_exists($tempdir. "/test1"));
var_dump(file_exists($tempdir. "/test1.tmp"));
foreach (glob($tempdir . "/test*") as $file ) { unlink($file); }
--EXPECTF--
imagejpeg TEST
Warning: imagejpeg(): Invalid 2nd parameter, filename must not contain null bytes in %s on line %d
bool(false)
bool(false)