php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #13213 Unknown image format
Submitted: 2001-09-08 15:07 UTC Modified: 2003-12-15 17:04 UTC
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:0 (0.0%)
Same OS:0 (0.0%)
From: pulstar at mail dot com Assigned: helly (profile)
Status: Closed Package: GetImageSize related
PHP Version: 4.1.1 OS: Linux RedHat 7.1
Private report: No CVE-ID: None
View Add Comment Developer Edit
 [2001-09-08 15:07 UTC] pulstar at mail dot com 
GetImageSize() don't recognize the JPG image format generated by a software called Arles Image Web Page Creator. I make a test script, that you can see at the address below. There have also links to sample images, etc. 

http://www.dr-micro.net/files/gis.php

The browser display the images normally. This program website is at http://www.digitaldutch.com

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2002-01-07 08:49 UTC] lobbin@php.net 
I get a 404 not found on this url.
 [2002-01-07 10:17 UTC] pulstar at mail dot com 
ID: 13213
Updated by: lobbin

I get a 404 not found on this url.

http://www.dr-micro.net/files/gis.php

Sorry. I sent this script to the server months ago and somebody removed it from there... Please try again.
 [2002-01-11 17:09 UTC] lobbin@php.net 
I experience the same on 4.1.1
 [2002-01-22 13:15 UTC] mul at rentapacs dot com 
Offending images contain COM marker with length parameter two bytes short. This breaks further decoding of JPEG header - GetImageSize() cannot return useful information.
 [2002-01-22 16:34 UTC] mul at rentapacs dot com 
Solution: Read additional bytes to resync on the marker sequence. If marker length is too short, nothing is lost. If too long, one marker will be missing. Besides that APPn in $info array will contain consistent entries and no bogus markers. Uhm, ... and if the JPEG format follows the spec and contains correct marker lengths, it will work also ;-)

This patch against 4.1.1 might do the trick:
--- ext/standard/image.c.orig   Sat Aug 11 19:03:37 2001
+++ ext/standard/image.c        Tue Jan 22 22:10:42 2002
@@ -253,12 +253,20 @@
 
 /* {{{ php_next_marker
  */
-static unsigned int php_next_marker(int socketd, FILE *fp, int issock)
+static unsigned int php_next_marker(int socketd, FILE *fp, int issock, int isfirst)
         /* get next marker byte from file */
 {
        int c;
 
-       /* get marker byte, swallowing possible padding */
+       if (!isfirst) {
+               /* swallow bytes resulting from short marker length */
+               do {
+                       if ((c = FP_FGETC(socketd, fp, issock)) == EOF)
+                               return M_EOI;       /* we hit EOF */
+               } while (c != 0xff);
+       }
+
+       /* get marker byte, swallowing possible 0xff padding */
        do {
                if ((c = FP_FGETC(socketd, fp, issock)) == EOF)
                        return M_EOI;           /* we hit EOF */
@@ -320,12 +328,14 @@
 static struct gfxinfo *php_handle_jpeg (int socketd, FILE *fp, int issock, pval *info)
 {
        struct gfxinfo *result = NULL;
+       int isfirst = 1;        /* First marker after JPEG sig 'FF D8 FF' */
        unsigned int marker;
        char tmp[2];
        unsigned char a[4];
 
        for (;;) {
-               marker = php_next_marker(socketd, fp, issock);
+               marker = php_next_marker(socketd, fp, issock, isfirst);
+               isfirst = 0;
                switch (marker) {
                        case M_SOF0:
                        case M_SOF1:
 [2002-03-08 11:44 UTC] helly@php.net 
The current CVS implementation has been improoved on that.
As you can see from exif's debug warnings. photo1 and photo3 are illegal. An internal section says it is longer than the file :-(

I could implement handling that but it would blow up code.
I will consider the applied patch...

photo1.jpg 
GetImageSize [ , , , ] 
exif_read_data exif_read_data returned false
Invalid JPEG/TIFF file: 'photo1.jpg' 
21 
PHP Warning: error reading from file: got=x3648(=13896) != itemlen-2=x4EE1(=20193)

photo2.jpg 
GetImageSize [ 640, 480, 2, width="640" height="480" ] 
exif_read_data exif_read_data returned false
O.K. 
22 

photo3.jpg 
GetImageSize [ , , , ] 
exif_read_data exif_read_data returned false
Invalid JPEG/TIFF file: 'photo3.jpg' 
23 
PHP Warning: error reading from file: got=x1E3D(=7741) != itemlen-2=xF698(=63128)

photo4.jpg 
GetImageSize [ 640, 480, 2, width="640" height="480" ] 
exif_read_data exif_read_data returned false
O.K.
 [2002-03-09 11:04 UTC] helly@php.net 
Took a closer look on the file.
The promlem is that both photo1 and photo3 have an illegal comment section. The section is appended by some 0x00 where 0xFF were expected. As other software ignores the NULLs i will add this to CVS / php4.3 version.
 [2002-03-10 07:15 UTC] janderk at digitaldutch dot com 
I'm the main developer of Arles Image Web Page Creator, the application that generated those JPEG's with the illegal comment section. I got an email about this PHP BUG report from a user asking me to repair this Arles bug.

FYI: It was a bug in an older versions of Arles and has been repaired in the latest releases. It was actually caused by a bug in the Intel JPEG library we used at that time.

I'm glad that we could help making PHP more robust in reading corrupted images ;)
 [2003-12-15 17:04 UTC] helly@php.net 
Also see: Bug #25905 getimagesize fail with some jpegs
 [2004-02-01 16:05 UTC] lee at klres dot com 
How do I repair a jpg file with uknown format? Burned from memory tsick to CD, but now can't open any of them.
 [2004-02-01 16:06 UTC] lee at klres dot com 
How do I repair a jpg file with uknown format? Burned from memory tsick to CD, but now can't open any of them.
 [2016-08-13 12:59 UTC] cmb@php.net 
Related To: Bug #72278
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Sat Apr 20 04:01:28 2024 UTC