[php-maint] Bug#336826: php4-gd: image{png, jpeg, ...} can't create file if safe_mode=on and file doesn't exist

Corentin Chary webmaster at iksaif.net
Tue Nov 1 14:32:29 UTC 2005 

Package: php4-gd
Version: 4:4.4.0-4
Severity: normal

imagepng, imagejpeg and others can't create file if safe_mode is on and if the file doesn't exist.
Exemple:
<?php
header ("Content-type: image/png");
$im = imagecreate (100, 50);
$background_color = imagecolorallocate ($im, 255, 255, 255);
$text_color = imagecolorallocate ($im, 233, 14, 91);
imagestring ($im, 1, 5, 5,  "A Simple Text String", $text_color);
imagepng ($im,'test.png');
imagedestroy($im);
?> 
this code won't work with safe_mode if test.png doesn't existe.

I think I find why :
in php4-4.4.0/debian/patches/055-gd_safe_mode_checks.patch : 
if (!fn || php_check_open_basedir(fn TSRMLS_CC) || (PG(safe_mode) && !php_checkuid(fn, "rb+", CHECKUID_CHECK_FILE_AND_DIR))) {
it should be 
if (!fn || php_check_open_basedir(fn TSRMLS_CC) || (PG(safe_mode) && !php_checkuid(fn, "wb+", CHECKUID_CHECK_FILE_AND_DIR))) {
because "rb+" change mode to CHECKUID_DISALLOW_FILE_NOT_EXISTS in php4-4.4.0/main/safe_mode.c (68)

-- System Information:
Debian Release: testing/unstable
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable')
Architecture: amd64 (x86_64)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.13-hardened-r1
Locale: LANG=fr_FR at euro, LC_CTYPE=fr_FR at euro (charmap=ISO-8859-15)

Versions of packages php4-gd depends on:
ii  debconf [debconf-2.0]     1.4.58         Debian configuration management sy
ii  libapache2-mod-php4 [phpa 4:4.4.0-4      server-side, HTML-embedded scripti
ii  libc6                     2.3.5-6        GNU C Library: Shared libraries an
ii  libfreetype6              2.1.7-2.4      FreeType 2 font engine, shared lib
ii  libgd2-xpm                2.0.33-2       GD Graphics Library version 2
ii  libjpeg62                 6b-10          The Independent JPEG Group's JPEG 
ii  libpng12-0                1.2.8rel-5     PNG library - runtime
ii  libt1-5                   5.1.0-2        Type 1 font rasterizer library - r
ii  libx11-6                  6.8.2.dfsg.1-7 X Window System protocol client li
ii  libxpm4                   6.8.2.dfsg.1-7 X pixmap library
ii  php4-cli [phpapi-20050606 4:4.4.0-4      command-line interpreter for the p
ii  php4-common               4:4.4.0-4      Common files for packages built fr
ii  zlib1g                    1:1.2.3-4      compression library - runtime

php4-gd recommends no packages.

-- debconf information:
* php4/extension_gd_cli: true
* php4/extension_gd_cgi: true
  php4/add_extension: true
  php4/remove_extension: true
* php4/extension_gd_apache2: true

More information about the pkg-php-maint mailing list