[php-maint] Bug#643282: php5-gd: gd ignores memory limit

Jasen Betts jasen at smtp2go.com
Mon Sep 26 22:08:11 UTC 2011

Package: php5-gd
Version: 5.2.6.dfsg.1-1+lenny10
Severity: normal

gd circumvents php's built-in memory limit
it easy to far exceed the memory limit by using 
imagecreate with large parameters, probably also possible 
using imagecreatefrom* too.

perhaps gdFree() and gdAlloc() can be hijacked to track usage?

-- System Information:
Debian Release: 5.0.8
  APT prefers oldstable
  APT policy: (500, 'oldstable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.26-2-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages php5-gd depends on:
ii  libapache2-mod- 5.2.6.dfsg.1-1+lenny10   server-side, HTML-embedded scripti
ii  libc6           2.7-18lenny7             GNU C Library: Shared libraries
ii  libfreetype6    2.3.7-2+lenny5           FreeType 2 font engine, shared lib
ii  libgd2-xpm      2.0.36~rc1~dfsg-3+lenny1 GD Graphics Library version 2
ii  libjpeg62       6b-14                    The Independent JPEG Group's JPEG 
ii  libpng12-0      1.2.27-2+lenny4          PNG library - runtime
ii  libt1-5         5.1.2-3                  Type 1 font rasterizer library - r
ii  libx11-6        2:1.1.5-2                X11 client-side library
ii  libxpm4         1:3.5.7-1                X11 pixmap library
ii  php5-cli [phpap 5.2.6.dfsg.1-1+lenny10   command-line interpreter for the p
ii  php5-common     5.2.6.dfsg.1-1+lenny10   Common files for packages built fr
ii  zlib1g          1:        compression library - runtime

php5-gd recommends no packages.

php5-gd suggests no packages.

-- debconf-show failed

More information about the pkg-php-maint mailing list