Bug 182719 - ImageCreateFromGif does not clean up its temporary file
Summary: ImageCreateFromGif does not clean up its temporary file
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: php
Version: 4.0
Hardware: All
OS: Linux
medium
high
Target Milestone: ---
: ---
Assignee: Joe Orton
QA Contact: David Lawrence
URL: http://cvs.php.net/viewcvs.cgi/php-sr...
Whiteboard:
: 169771 189165 (view as bug list)
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2006-02-24 09:36 UTC by Sander Steffann
Modified: 2007-11-30 22:07 UTC (History)
2 users (show)

Fixed In Version: RHSA-2006-0276
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2006-04-25 14:28:33 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
PHP Bug Tracker 30658 0 None None None Never
Red Hat Product Errata RHSA-2006:0276 0 normal SHIPPED_LIVE Moderate: php security update 2006-04-25 04:00:00 UTC

Description Sander Steffann 2006-02-24 09:36:34 UTC 
Description of problem:


Version-Release number of selected component (if applicable):
 PHP 4.3.9

How reproducible:
 Use the function ImageCreateFromGif

Steps to Reproduce:
1. Create a PHP script that uses the function ImageCreateFromGif
  
Actual results:
 The tempfile created by ImageCreateFromGif still exists

Expected results:
 No tempfiles should remain

Additional info:
 This causes a full /tmp partition on webservers that use the
 ImageCreateFromGif function. This leads to server problems and can be used
 as a DoS attack on the webserver by a local user. This is especially important
 for webhosting providers like us, where there are many 'external' users who
 can upload PHP scripts.

 The bug has been fixed by the PHP developers on 2004/11/02, so I am very
 disappointed that Red Hat has nog included this (imho important) fix yet.
 The diff in on the supplied URL.
Comment 3 Red Hat Bugzilla 2006-04-25 14:28:33 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2006-0276.html
Comment 4 Joe Orton 2006-12-12 13:18:05 UTC 
*** Bug 169771 has been marked as a duplicate of this bug. ***
Comment 5 Joe Orton 2006-12-14 15:41:46 UTC 
*** Bug 189165 has been marked as a duplicate of this bug. ***
Note You need to log in before you can comment on or make changes to this bug.