The issue is that gdImageWebpCtx() (which is called by gdImageWebpPtr() and
the other WebP output functions to do the real work) does not return whether
it succeeded or failed, so this is not checked in gdImageWebpPtr() and the
function wrongly assumes everything is okay, which is not, in this case,
because there is a size limitation for WebP, namely that the width and
height must by less than 16383.
We can't change the signature of gdImageWebpCtx() for API compatibility
reasons, so we introduce the static helper _gdImageWebpCtx() which returns
success respective failure, so gdImageWebpPtr() and gdImageWebpPtrEx() can
check the return value. We leave it solely to libwebp for now to report
warnings regarding the failing write.
This issue had been reported by Ibrahim El-Sayed to security@libgd.org.
CVE-2016-6912
Lossless WebP is a rather interesting alternative to PNG, and already
supported by `gdImageCreateFromWebp*()`, so we add support for
`gdImageWebp*()`, too.
We can stick with the existing API, using the quality parameter to
request lossless encoding if it is set to `gdWebpLossless`, which we
define to `PHP_INT` (to avoid adding a new dependency to gd.h, we hard-
code the value – we're assuming `sizeof(int)==4` anyway).
The test of the lossy image fails on Travis, what is a clear signal that
it could fail elsewhere as well. Therefore we allow up to 1% of the pixels
to be different from the expected result.
We're testing a lossless and a lossy Webp with alpha channel. The images
have been taken from <https://developers.google.com/speed/webp/gallery2>,
have been authored by Fizyplankton and are in the public domain.
The lossy test might fail for another libwebp version, so it appears to
be best to not cherry-pick into GD-2.2 yet.
This makes it a bit cleaner when dealing with optional tests as we
use the LIST(APPEND...) command everywhere instead of sometimes SET
and sometimes LIST.
This makes it better match the autotools which makes it easier to
compare, and allows finer grain checks (since some subtests need
more than one feature test).
As an example, this makes it clear we were missing gdinterpolatedscale.
Many of the tests open files in local paths for writing which leaves a
variety of temp files in the tests subdirs. This ends up failing in a
few scenarios like out of tree builds or cmake builds.
Add a few helper functions to the common gdtest module to quickly get
handles to temp files for the tests to leverage.
Since we have random files we want to read & check, turn the two
read programs into general tools. Then we have shell scripts to
run against the right inputs.
Most of the changes here are just shuffling variable names so we
can add to check_PROGRAMS independently of TESTS.
This makes the test code a lot easier to manage rather than copying &
pasting the same boiler plate multiple times.
Also take the opportunity to add a common prefix to each test name so
we don't get collisions between subdirs if a test happens to use the
same exact name.
gdnametest uses string funcs, so pull in string.h. It also can't pull
in test_config.h directly as it breaks when building out of tree. Use
the -I paths to find it.
bug00111 uses unlink(), so pull in unistd.h
URL: https://bugs.gentoo.org/540376
Pierre Joye
Adam Silverstein
wilson chen
Christoph M. Becker
Mike Frysinger