gdImageScaleTwoPass() can leak memory #173

Closed
cmb69 opened this Issue Jul 13, 2015 · 2 comments

Projects

None yet

3 participants

@cmb69
Contributor
cmb69 commented Jul 13, 2015

In gdImageScaleTwoPass() a tmp_im is created with gdImageCreateTrueColor(), but later freed with gdFree() instead of gdImageDestroy(). This is likely to cause a memory leak.

See also the related downstream bug report.

@vapier vapier added the bug label Jul 20, 2015
@uranium uranium referenced this issue in uranium/libgd Aug 5, 2015
Merged

Update gd_interpolation.c #1

@vapier vapier added a commit that closed this issue Aug 5, 2015
@uranium @vapier uranium + vapier gdImageScaleTwoPass memory leak fix
Fixing memory leak in gdImageScaleTwoPass, as reported by @cmb69 and
confirmed by @vapier.  This bug actually bit me in production and I'm
very thankful that it was reported with an easy fix.

Fixes #173.
4751b60
@vapier vapier closed this in 4751b60 Aug 5, 2015
@kaplanlior

Issue was assigned CVE-2015-8877. Details at https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8877

@cmb69
Contributor
cmb69 commented Jul 7, 2016

@kaplanlior Thanks! That info is yet missing in the changelog of PHP 5.6.12 and 7.0.0.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment