DOS-issue-in-debians-libgd

Thu, 27 Aug 2009 , modified Fri, 28 May 2010

DOS issue in debians libgd

I just stumbled about a DOS issue in debians libgd. Atm I could only confirm it with php, but I guess I'll have a look on the perl bindings too.

I wrote a simple php resizer to prove another issue:

update

Looks like its not really a endless look, but it takes a lot of time, about 10 minutes on my laptop and the image is black afterwards *shrug*. But imo that doesn't really change the impact: If you have a gd/php site under debian, where users can upload images and you resize them, you run in that issue. Looks like a large german social network has the issue too. At least they use limits so the resizing process gets stopped after some seconds.

New Comment

Comments

nmrxafxw WWW Wed, 30 Jun 2010 10:20

aNZTHg <a href="http://yedpjqahnqkc.com/">yedpjqahnqkc</a>, yeofrowvycod, [link=http://yxosgznfclmp.com/]yxosgznfclmp[/link], http://djebhgolyire.com/

lcbthr WWW Wed, 16 Jun 2010 14:54

NpO7ed <a href="http://gnkirbiewkaf.com/">gnkirbiewkaf</a>, hsxamgtbgkoa, [link=http://lzpyzfvjqwbp.com/]lzpyzfvjqwbp[/link], http://xnxrsiktsjhc.com/

fish 2.0rc2

life, the universe and everything

DOS-issue-in-debians-libgd

update

New Comment

Comments