Potential DoS attack by running large images through GD
Bug #784978 reported by
Richard Mansfield
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Mahara |
Fix Released
|
High
|
Richard Mansfield | ||
1.4 |
Fix Released
|
High
|
Richard Mansfield |
Bug Description
When resizing images to create icons, etc., gd's imagecreatefrompng, etc., functions are called without checking the image size. This can gobble lots of memory when the images are large, because gd can allocate memory without respecting the php memory limit.
CVE References
summary: |
- Check image dimensions before resizing + Potential DoS attack by running large images through GD |
Changed in mahara: | |
milestone: | none → 1.3.7 |
Changed in mahara: | |
assignee: | nobody → Richard Mansfield (richard-mansfield) |
Changed in mahara: | |
status: | Confirmed → In Progress |
Changed in mahara: | |
status: | In Progress → Fix Released |
visibility: | private → public |
To post a comment you must log in.
That is a good one. It looks like it is possible to estimate how much memory will be <a href="http:// www.charles- reace.com/ blog/2009/ 11/18/memory- usage-in- php-gd- image-functions /">required</a> for GD functions, in which case, the decision about resize can be made based on the particular system performance (rather than keeping it fixed). Also there are some suggestions to use gc_collect_cycles() after GD calls to free system memory that GP keeps after use.