[php-maint] php5-suhosin: T1Lib Error: Rasterization Aborted

Vladimir Stavrinov vs at inist.ru
Tue Apr 13 07:40:34 UTC 2010 

On Mon, Apr 12, 2010 at 09:40:20PM +0200, Jan Wagner wrote:

 
> root at test:~# vi /etc/php5/
> apache2/ cli/     conf.d/  
> root at test:~# vi /etc/php5/conf.d/suhosin.ini 
> root at test:~# cat /var/www/test.php 
> <?php
> $size = 64;
> $code = ($argv[1]) ? $argv[1] : date("r");
> $angle = 0;
> $angle = mt_rand(20,40)*((mt_rand(0,1)) ? 1 : -1);
> print "\$angle = " . $angle . "\n";
> $font = imagepsloadfont("/usr/share/fonts/type1/gsfonts/c059036l.pfb");
> print_r(imagepsbbox( $code, $font, $size, 0, 0, $angle ));
> ?>
> 
> root at test:~# php5 /var/www/test.php
> PHP Notice:  Undefined offset: 1 in /var/www/test.php on line 3
> $angle = -24
> Array
> (
>     [0] => -137438953
>     [1] => -416
>     [2] => 954
>     [3] => 43
> )
> 
> root at test:~# dpkg -l |grep php5-suhosin
> ii  php5-suhosin                    0.9.29-1+b1                advanced 
> protection module for php5
> root at test:~# dpkg -l |grep php5-common 
> ii  php5-common                     5.3.2-1                    Common files 
> for packages built from the php
> 
> Now purging php5-suhosin:
> 
> root at test:~# php5 /var/www/test.php
> PHP Notice:  Undefined offset: 1 in /var/www/test.php on line 3
> $angle = -25
> Array
> (
>     [0] => -1
>     [1] => -434
>     [2] => 951
>     [3] => 43
> )
> 
> root at test:~# dpkg -l |grep php5-suhosin
> root at test:~# 
> 
> I can't reproduce your problem, sorry.

NO! You HAVE REPRODUCED this case! Look at the value of Array :

[0] => -137438953

This is wrong, impossible value, because it is left coordinate of box
around small text returned by date("r") like this:

Tue, 13 Apr 2010 11:24:46 +0400

while font size is 64 pixels. This wrong value appear when both suhosin
and mt_rand() is used. Try comment the string with mt_rand(), and You see:
the problem go away. If text (date) or/and angle are changed, the
coordinates should changed too, but this wrong value is constant.

-- 

*********************************
****   Vladimir Stavrinov  ******
*******   vs at inist.ru   *********
*********************************

More information about the pkg-php-maint mailing list