Overview

File php-CVE-2016-7127.patch of Package php7.5285

Index: php-7.0.7/ext/gd/gd.c
===================================================================
--- php-7.0.7.orig/ext/gd/gd.c	2016-09-07 10:56:05.457183805 +0200
+++ php-7.0.7/ext/gd/gd.c	2016-09-07 11:00:21.897552808 +0200
@@ -3013,6 +3013,11 @@ PHP_FUNCTION(imagegammacorrect)
 		return;
 	}
 
+	if ( input <= 0.0 || output <= 0.0 ) {
+		php_error_docref(NULL TSRMLS_CC, E_WARNING, "Gamma values should be positive");
+		RETURN_FALSE;
+	}
+
 	if ((im = (gdImagePtr)zend_fetch_resource(Z_RES_P(IM), "Image", le_gd)) == NULL) {
 		RETURN_FALSE;
 	}
openSUSE Build Service is sponsored by
Places