ID: 28451 Updated by: [EMAIL PROTECTED] Reported By: [EMAIL PROTECTED] -Status: Verified +Status: Closed Bug Type: *Graphics related Operating System: * PHP Version: 4CVS, 5CVS (2004-12-12) New Comment:
This bug has been fixed in CVS. Snapshots of the sources are packaged every three hours; this change will be in the next snapshot. You can grab the snapshot at http://snaps.php.net/. Thank you for the report, and for helping us make PHP better. Previous Comments: ------------------------------------------------------------------------ [2004-05-20 01:18:02] [EMAIL PROTECTED] Description: ------------ This jpg (http://lerdorf.com/file.jpg) causes infinite recursion leading to a crash. I'll get to fixing it eventually, but can't right now and don't want it to go unfixed for too long, so if anybody else is keen... Reproduce code: --------------- <?php $exif=exif_read_data('http://lerdorf.com/file.jpg'); ?> Actual result: -------------- #1087 0x08090f77 in exif_process_IFD_TAG (ImageInfo=0xbfffcc50, dir_entry=0x1 <Address 0x1 out of bounds>, offset_base=0x84f4bac "MM", IFDlength=24989, displacement=12, section_index=7, ReadNextIFD=1, tag_table=0x827ccc0) at /home/rasmus/php43/ext/exif/exif.c:2955 #1088 0x0809152e in exif_process_IFD_in_JPEG (ImageInfo=0xbfffcc50, dir_start=0x84f4bf0 "", offset_base=0x84f4bac "MM", IFDlength=24989, displacement=12, section_index=7) at /home/rasmus/php43/ext/exif/exif.c:2990 #1089 0x08090f77 in exif_process_IFD_TAG (ImageInfo=0xbfffcc50, dir_entry=0x1 <Address 0x1 out of bounds>, offset_base=0x84f4bac "MM", IFDlength=24989, displacement=12, section_index=7, ReadNextIFD=1, tag_table=0x827ccc0) at /home/rasmus/php43/ext/exif/exif.c:2955 #1090 0x0809152e in exif_process_IFD_in_JPEG (ImageInfo=0xbfffcc50, dir_start=0x84f4bf0 "", offset_base=0x84f4bac "MM", IFDlength=24989, displacement=12, section_index=7) at /home/rasmus/php43/ext/exif/exif.c:2990 ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=28451&edit=1
