Fix #77195: Incorrect error handling of imagecreatefromjpeg()

The broken JPEG image triggers a notice, two warnings and outputs a
message to stderr directly.  The additional notice is pretty useless,
and the direct output to stderr is bad.  Therefore, we port the
relevant differences from upstream to our bundled libgd.  This leaves
us with two warnings; the first one is triggered by libjpeg and shows
the actual problem, the second one is triggered by our libgd wrapper
whenever an image can't be read, what may not have necessarily
triggered a warning before.

Author: cmb69

NEWS

@@ -9,6 +9,9 @@ PHP                                                                        NEWS
 - COM:
   . Fixed bug #77177 (Serializing or unserializing COM objects crashes). (cmb)
 
+- GD:
+  . Fixed bug #77195 (Incorrect error handling of imagecreatefromjpeg()). (cmb)
+
 - Sockets:
   . Fixed bug #77136 (Unsupported IPV6_RECVPKTINFO constants on macOS).
     (Mizunashi Mana)

ext/gd/libgd/gd_jpeg.c

@@ -67,14 +67,18 @@ static long php_jpeg_emit_message(j_common_ptr jpeg_info, int level)
 		 * unless strace_level >= 3
 		 */
 		if ((jpeg_info->err->num_warnings == 0) || (jpeg_info->err->trace_level >= 3)) {
-			gd_error_ex(ignore_warning ? GD_NOTICE : GD_WARNING, "gd-jpeg, libjpeg: recoverable error: %s\n", message);
+			if (!ignore_warning) {
+				gd_error("gd-jpeg, libjpeg: recoverable error: %s\n", message);
+			}
 		}
 
 		jpeg_info->err->num_warnings++;
 	} else {
 		/* strace msg, Show it if trace_level >= level. */
 		if (jpeg_info->err->trace_level >= level) {
-			gd_error_ex(GD_NOTICE, "gd-jpeg, libjpeg: strace message: %s\n", message);
+			if (!ignore_warning) {
+				gd_error("gd-jpeg, libjpeg: strace message: %s\n", message);
+			}
 		}
 	}
 	return 1;
@@ -86,9 +90,10 @@ static long php_jpeg_emit_message(j_common_ptr jpeg_info, int level)
 static void fatal_jpeg_error (j_common_ptr cinfo)
 {
 	jmpbuf_wrapper *jmpbufw;
+	char buffer[JMSG_LENGTH_MAX];
 
-	gd_error("gd-jpeg: JPEG library reports unrecoverable error: ");
-	(*cinfo->err->output_message) (cinfo);
+	(*cinfo->err->format_message)(cinfo, buffer);
+	gd_error_ex(GD_WARNING, "gd-jpeg: JPEG library reports unrecoverable error: %s", buffer);
 
 	jmpbufw = (jmpbuf_wrapper *) cinfo->client_data;
 	jpeg_destroy (cinfo);

ext/gd/tests/bug77195.jpeg

@@ -0,0 +1,19 @@
+--TEST--
+Bug #77195 (Incorrect error handling of imagecreatefromjpeg())
+--SKIPIF--
+<?php
+if (!extension_loaded('gd')) die('skip gd extension not available');
+if (!gd_info()['JPEG Support']) die('skip JPEG support not available');
+?>
+--FILE--
+<?php
+$filename = __DIR__ . '/bug77195.jpeg';
+@imagecreatefromjpeg($filename);
+imagecreatefromjpeg($filename);
+?>
+===DONE===
+--EXPECTF--
+Warning: imagecreatefromjpeg(): gd-jpeg: JPEG library reports unrecoverable error: JPEG datastream contains no image in %s on line %d
+
+Warning: imagecreatefromjpeg(): '/mnt/c/Users/cmb/php-dev/php-src/ext/gd/tests/bug77195.jpeg' is not a valid JPEG file in %s on line %d
+===DONE===