-
-
Notifications
You must be signed in to change notification settings - Fork 2.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix unpack to c_ssize_t on 32 bit systems with corrupt EXIF data #3995
Conversation
Would you be able to add a test? One that fails without your fix and passes with it. |
Fixed lint error
…#3003 on 32bit systems
Impressive amount of checking, if maybe a little pedantic! However I'm not sure how the issue targeted by this pull request will be verified as it needs to be run on a 32 bit system. Is this done manually prior to each release? Paddy |
Half of the AppVeyor jobs are 32-bit, so it should already be tested. |
Great. I'm not sure what the appveyor test failure is (other pull requests also seem to be suffering from it) - presumably relates to #4019. Let me know if there's anything I can do to help or test. |
#4019 is now merged, if you rebase or merge from master it should now pass. |
If I print out the tags and the offsets at the relevant line,
I get
This looks like a problem with the test image to me - at least one of the offset values should be greater than 32-bit to trigger the error, yes? |
Andrew, this is my mistake. The latest version of Pillow does generate the tags you list, the version I tested the python mods on produced these tags from the same file:
If the fixes to the exif reading and associated tests can guarantee that no big offsets will get through then my modification is superfluous and can be rejected. |
What version of Pillow are you testing with? |
Testing, I find that this problem - #3994 - is fixed by #3584, in Pillow 6.0. See also the issue behind that PR, #3337 So, your image can be read correctly by current Pillow. However, I think it's because the image is actually fine - meaning that the fix does not address any concerns you might have about 32-bit systems. |
@radarhere , yes. The version I was using and testing on was the 'standard' Pillow packaged with debian buster as raspbian for Raspberry Pi (still version 5.1). I intend the module I maintain (pi3d) to be easy for user of the vanilla system without having to upgrade PIL so I was reluctant to do that on the system I was testing on. However on a new setup I have tested the latest PIL and, as you say, the #3584 fix has prevented the corrupt offsets that caused the problem. If the exif corruption isn't going to happen in future then my suggested mod is not needed and I'm happy for it to be nullified. Do I need to do that or can you, as a Pillow member? |
I can do that. Thanks for your help in discussing the problem |
Add an additional specific try except to allow continued iteration through tags and image data to be subsequently read. On 64bit systems this isn't an issue as 4 bytes can't be unpacked to overflow ssize_t.
The alternative approach would have been to mask the value of offset like:
but that would prevent offset ever taking a negative value which might be bad