PHP :: Request #25905 :: getimagesize fail with some jpegs

Request #25905	getimagesize fail with some jpegs
Submitted:	2003-10-18 18:05 UTC	Modified:	2003-12-15 17:03 UTC
From:	sitnikov at infonet dot ee	Assigned:	helly (profile)
Status:	Closed	Package:	Feature/Change Request
PHP Version:	4CVS-2003-10-18 (stable)	OS:	*
Private report:	No	CVE-ID:	None

View Developer Edit

[2003-10-18 18:05 UTC] sitnikov at infonet dot ee

Description:
------------
getimagesize fail with jpeg created by 602PC Suite software

Example jpeg:
http://si.infonet.ee/wrong_jpeg.jpg

All other software (Photoshop, ACDSee, xnview, IE, Mozila, Opera, etc) open this file correctly.

ImageMagic/identify says:
/usr/local/ImageMagick/bin/identify: Corrupt JPEG data: 2 extraneous bytes before marker 0xfe

After some debuging, i can see, than this jpg file have 2 zero byte before next marker, and php_next_marker fail with this data.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2003-10-18 20:20 UTC] helly@php.net

Interesting. Could you try to open the file with the exif functions?

But however the file is borked.

[2003-10-19 03:10 UTC] sitnikov at infonet dot ee

/usr/local/ImageMagick/bin/identify -format "%[EXIF:*]" wrong_jpeg.jpg
Make=Konica
Model=Revio C2
Orientation=1
XResolution=288/3
YResolution=288/3
ResolutionUnit=2
DateTime=2003:10:15 13:48:10
YCbCrPositioning=2
ExifOffset=174
ExposureTime=5924356/268435456
FNumber=28/10
ExposureProgram=3
ISOSpeedRatings=64
ExifVersion=0220
DateTimeOriginal=2003:10:15 13:48:10
DateTimeDigitized=2003:10:15 13:48:10
ComponentsConfiguration=...
CompressedBitsPerPixel=1989456/1228800
ShutterSpeedValue=44/8
ApertureValue=28/10
ExposureBiasValue=0/10
MaxApertureValue=28/10
SubjectDistance=11/10
MeteringMode=5
LightSource=0
Flash=0
FocalLength=45/10
MakerNote=0060162454
FlashPixVersion=0100
ColorSpace=1
ExifImageWidth=1280
ExifImageLength=960
unknown=
InteroperabilityOffset=724
unknown=R98
unknown=0100
ExposureIndex=1/1
SensingMethod=2
FileSource=.
SceneType=.
unknown=1280/1280
unknown=37

jpeg lib also working properly with this image.
Please see this code (from jpeg-6b):
next_marker (j_decompress_ptr cinfo)
{
  int c;
  INPUT_VARS(cinfo);

  for (;;) {
    INPUT_BYTE(cinfo, c, return FALSE);
    /* Skip any non-FF bytes. 
     * This may look a bit inefficient, but it will not occur in a valid file. 
     * We sync after each discarded byte so that a suspending data source 
     * can discard the byte from its buffer. 
     */
    while (c != 0xFF) {
      cinfo->marker->discarded_bytes++;
      INPUT_SYNC(cinfo);
      INPUT_BYTE(cinfo, c, return FALSE);
    }
    /* This loop swallows any duplicate FF bytes.  Extra FFs are legal as 
     * pad bytes, so don't count them in discarded_bytes.  We assume there 
     * will not be so many consecutive FF bytes as to overflow a suspending 
     * data source's input buffer. 
     */
    do {
      INPUT_BYTE(cinfo, c, return FALSE);
    } while (c == 0xFF);
    if (c != 0)
      break;            /* found a valid marker, exit loop */
    /* Reach here if we found a stuffed-zero data sequence (FF/00). 
     * Discard it and loop back to try again. 
     */
    cinfo->marker->discarded_bytes += 2;
    INPUT_SYNC(cinfo);
  }
  
  if (cinfo->marker->discarded_bytes != 0) {
    WARNMS2(cinfo, JWRN_EXTRANEOUS_DATA, cinfo->marker->discarded_bytes, c);
    cinfo->marker->discarded_bytes = 0;
  }
  
  cinfo->unread_marker = c;

  INPUT_SYNC(cinfo);
  return TRUE;
}

[2003-10-19 04:56 UTC] helly@php.net

Sorry, but your problem does not imply a bug in PHP itself.  For a
list of more appropriate places to ask for help using PHP, please
visit http://www.php.net/support.php as this bug system is not the
appropriate forum for asking support questions. 

Thank you for your interest in PHP.

Your image file is corrupt and i don\'t think i will implement a special handling for all wrong software out there. That would lead to unrobust php code.

[2003-10-19 05:21 UTC] sitnikov at infonet dot ee

ok, why you implement this ?

/* get marker byte, swallowing possible padding */
if ( last_marker==M_COM && comment_correction) {
/* some software does not count the length bytes of COM section */
/* one company doing so is very much envolved in JPEG... so we accept too */
/* by the way: some of those companies changed their code now... */
  comment_correction = 2;
} else {
  last_marker = 0;
  comment_correction = 0;
}

[2003-10-19 06:03 UTC] helly@php.net

Well it's a valid point you can take. Probably i'll even adapt the code for getImageSize() but not now.

[2003-10-20 10:41 UTC] sitnikov at infonet dot ee

reopen

[2003-12-15 17:03 UTC] helly@php.net

The code you mentioned is to support the 'standard' error in writing wrong jpeg files. I do not plan to add any additional workarounds for any other software whose manufacturer cannot read a standard. If you feel a need for this go ahead and show me a working patch. If that does not hurt robustness too much, i will consider applying it.

[2003-12-15 17:03 UTC] helly@php.net

Also see: Bug #13213 Unknown image format

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Tue Apr 01 21:01:28 2025 UTC