Some environments, apparently regardless to the freetype version, output 155, while others 156. I guess we can accept both ;)
This reverts commit 592df89027.
strtok() is not thread safe, so this will potentially break in
very bad ways if used in ZTS mode.
I'm not sure why gd_strtok_r() exists since it seems to do the
same thing as strtok_r(), but I'll assume it's a portability
decision and do as the Romans do.
Upstream 463c3bd09b
Notice: this fix don't manage monochrome/monovisual values
but just fix the security issue CVE-2014-2497
failing when trying to load such an image
This amends commit 8f4a537, which aimed to correct NULL dereference because of
missing check of gdImageCreateTrueColor() / gdImageCreate() return value. That
commit checks for negative crop rectangle width and height, but
gdImageCreate*() can also return NULL when width * height overflows. Hence
NULL deref is still possible, as gdImageSaveAlpha() and gdImagePaletteCopy()
is called before dst == NULL check.
This moves NULL check to happen right after gdImageCreate*(). It also removes
width and height check before gdImageCreate*(), as the same check is done by
image create functions (with an extra warning).
From thoger redhat com
Initial fix was PHP stuff
This one is libgd fix.
- filter invalid crop size
- dont try to copy on invalid position
- fix crop size when out of src image
- fix possible NULL deref
- fix possible integer overfloow
This fixes GD compilation against libfreetype 2.5.1 and later after they made
the rather interesting decision to change their include directory layout in a
point release.
The original suggestion in the bug was to use pkg-config, but my inclination is
to use freetype-config instead: we should be able to get the same configuration
information without actually needing pkg-config installed, since pkg-config is
by no means guaranteed to exist on many Unices and distros, whereas
freetype-config should always be present if a libfreetype build environment is
installed. Let's try it out and see what happens.
Fixes bug #64405 (Use freetype-config for determining freetype2 dir(s)).
Fixed Bug #65084 imagecreatefromjpeg fails with URL
Regression introduced in 8a90aad (drop of USE_GD_IOCTX)
Secure with php_stream_can_cast to avoid segfault in php_stream_cast.
(encountered when imagecreatefromxpm with URL)
