php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #71848 getimagesize with $imageinfo returns false
Submitted: 2016-03-17 19:33 UTC Modified: 2018-06-30 14:56 UTC
Votes:1
Avg. Score:4.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:0 (0.0%)
Same OS:0 (0.0%)
From: mail at mike-gladysch dot de Assigned: cmb (profile)
Status: Closed Package: GetImageSize related
PHP Version: Irrelevant OS: irrelevant
Private report: No CVE-ID: None
View Add Comment Developer Edit
 [2016-03-17 19:33 UTC] mail at mike-gladysch dot de 
Description:
------------
When i call getimagesize with $imageinfo argument, it can occur (on some images), that the return value of the function is false.

With my test image, $imageinfo contains 3 keys after call, but return value is false. There is no notice, warning or other information.
Calling same function without $imageinfo returns correct result.

tested PHP-Versions:
- 5.5.9
- 7.0.2

Test script:
---------------
$info = array();

$sizeInfo = getimagesize($fileName, $info); // returns false, $info not empty
$sizeInfo = getimagesize($fileName);        // returns correct size information

Expected result:
----------------
Better solution should be:
- return correct size information like call without $imageinfo
- trigger an error or warning, if collecting data for $imageinfo causes an error

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2016-03-18 08:28 UTC] mail at mike-gladysch dot de 
testet too with: PHP 7.1.0-dev (cli) (built: Mar 18 2016 09:01:15) ( NTS )

the three keys delivered within $info are:
- APP0 (value starts with JFIF..)
- APP1 (value starts with Exif..)
- APP15 (Value starts with EditDetection..)
 [2016-07-30 19:52 UTC] kalle@php.net
-Status: Open +Status: Feedback
 [2016-07-30 19:52 UTC] kalle@php.net 
Can you provide a jpeg that can be used to replicate this bug?
 [2016-08-07 04:22 UTC] php-bugs at lists dot php dot net 
No feedback was provided. The bug is being suspended because
we assume that you are no longer experiencing the problem.
If this is not the case and you are able to provide the
information that was requested earlier, please do so and
change the status of the bug back to "Re-Opened". Thank you.
 [2017-10-03 07:48 UTC] freecorvette at gmail dot com 
The bug is still ocurring, in all PHP versions, so it should be reopened. Here is a simple test case (script posted, output posted, sample jpg images on Google Drive):

Test file (test.php):

<?php
var_dump(getimagesize('17342761-mobileupload_d5f239209ef5cf6_3426572_20170617_103722.jpg'));
var_dump(getimagesize('17342761-mobileupload_d5f239209ef5cf6_3426572_20170617_103722.jpg', $imageinfo));
var_dump($imageinfo);

var_dump(getimagesize('17342761-mobileupload_d5f239209ef5cf6_2474645_20170617_110134.jpg'));
var_dump(getimagesize('17342761-mobileupload_d5f239209ef5cf6_2474645_20170617_110134.jpg', $imageinfo));
var_dump($imageinfo);
?>

Output:

$ php test.php
test.php:2:
array(7) {
  [0] =>
  int(4032)
  [1] =>
  int(3024)
  [2] =>
  int(2)
  [3] =>
  string(26) "width="4032" height="3024"" 
  'bits' =>
  int(8)
  'channels' =>
  int(3)
  'mime' =>
  string(10) "image/jpeg" 
}
test.php:3:
bool(false)
test.php:4:
array(1) {
  'APP1' =>
\000\000\000\000\000\000�\000\000\000\000\000\000�
                                                         \000\000\00\000\000\000�\000\000\000\000    \000\000\000�\000\000\000\000\000\000\000\000\000\000\000\000\000\000�\000\000\000\000\000\000\000�\000\000\000(\000\000\000\000\000\000\0001\000\000\000\000�\000\000\0002\000\000\000\000�\000\000\000\000\000\000\000\000\000\000i�\000\000\000\000�\000\000\000%�\000\000\000\000�\000\000�\000\000samsung\000SM-G935V\000\000H\000\000\000\"...
}
test.php:6:
array(7) {
  [0] =>
  int(4032)
  [1] =>
  int(3024)
  [2] =>
  int(2)
  [3] =>
  string(26) "width="4032" height="3024"" 
  'bits' =>
  int(8)
  'channels' =>
  int(3)
  'mime' =>
  string(10) "image/jpeg" 
}
test.php:7:
bool(false)
test.php:8:
array(1) {
  'APP1' =>
\000\000\000\000\000\000�\000\000\000\000\000\000�
                                                         \000\000\00\000\000\000�\000\000\000\000    \000\000\000�\000\000\000\000\000\000\000\000\000\000\000\000\000\000�\000\000\000\000\000\000\000�\000\000\000(\000\000\000\000\000\000\0001\000\000\000\000�\000\000\0002\000\000\000\000�\000\000\000\000\000\000\000\000\000\000i�\000\000\000\000�\000\000\000%�\000\000\000\000�\000\000�\000\000samsung\000SM-G935V\000\000H\000\000\000\"...
}

JPG images to test with:

https://drive.google.com/file/d/0B9eJ8bp6Y-f0c3N2b0hycDBPaFU/view?usp=sharing
https://drive.google.com/file/d/0B9eJ8bp6Y-f0WFhaTDBLSXdWTlk/view?usp=sharing

One workaround is to use exif_read_data() in this case, i.e. the code would become:

<?php
var_dump(getimagesize('17342761-mobileupload_d5f239209ef5cf6_3426572_20170617_103722.jpg'));
getimagesize('17342761-mobileupload_d5f239209ef5cf6_3426572_20170617_103722.jpg', $imageinfo);

$exif = exif_read_data('17342761-mobileupload_d5f239209ef5cf6_3426572_20170617_103722.jpg', 'IFD0');
if ($exif !== false) {
    var_dump($exif);
} else {
    var_dump(getimagesize('17342761-mobileupload_d5f239209ef5cf6_3426572_20170617_103722.jpg', $imageinfo));
    var_dump($imageinfo);
}

var_dump(getimagesize('img130912-2.1.jpg'));
$exif = exif_read_data('img130912-2.1.jpg', 'IFD0');
if ($exif !== false) {
    var_dump($exif);
} else {
    var_dump(getimagesize('img130912-2.1.jpg', $imageinfo));
    var_dump($imageinfo);
}
?>

but this is clearly a bug, either in PHP or in the underlying gd layer.
 [2017-10-03 08:13 UTC] requinix@php.net
-Status: No Feedback +Status: Re-Opened
 [2018-03-15 15:03 UTC] cmb@php.net
-Status: Re-Opened +Status: Verified
 [2018-03-15 15:03 UTC] cmb@php.net 
Thanks for the images, freecorvette!  It seems to me there are
multiple not directly related issues.

Firstly, php_read_APP()[1] fails for empty APP segments, but the first
image contains an empty APP5 segment (starting at byte 430D).  I am
not sure whether empty APP segments are allowed according to the 
specification, but at least we could accept them.  It is not clear,
however, if we should add them to the $info with an empty string value,
or simply omit them.

Secondly, the check whether php_stream_read() succeeded[2] appears to
be wrong.  We should check whether it returned `length` – otherwise
we're likely putting garbage from the buffer into the markers value a
few lines below.  Fixing this would also fix the first issue, adding
the empty APP segment to $info with an empty string value.

Thirdly, if php_handle_jpeg()[3] fails, it may nonetheless have
already added entries to `info`, which might better be removed
(perhaps we should even null `info`).

[1] <https://github.com/php/php-src/blob/PHP-7.2.4/ext/standard/image.c#L441>
[2] <https://github.com/php/php-src/blob/PHP-7.2.4/ext/standard/image.c#L456>
[3] <https://github.com/php/php-src/blob/PHP-7.2.4/ext/standard/image.c#L475>
 [2018-06-22 14:23 UTC] requinix@php.net 
Related To: Bug #76521
 [2018-06-22 22:18 UTC] cmb@php.net 
<https://github.com/php/php-src/pull/3319> should solve this issue.
 [2018-06-30 14:52 UTC] cmb@php.net 
Automatic comment on behalf of cmbecker69@gmx.de
Revision: http://git.php.net/?p=php-src.git;a=commit;h=ae04110032702622d59c21f9e615120d9479157a
Log: Fix #71848: getimagesize with $imageinfo returns false
 [2018-06-30 14:52 UTC] cmb@php.net
-Status: Verified +Status: Closed
 [2018-06-30 14:54 UTC] cmb@php.net 
Automatic comment on behalf of cmbecker69@gmx.de
Revision: http://git.php.net/?p=php-src.git;a=commit;h=ae04110032702622d59c21f9e615120d9479157a
Log: Fix #71848: getimagesize with $imageinfo returns false
 [2018-06-30 14:56 UTC] cmb@php.net
-Assigned To: +Assigned To: cmb
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Fri Apr 19 13:01:30 2024 UTC