Bug #748
Crash with certain jpeg files
0%
Description
We have two reported bugs in KPhotoAlbum that are related to exif data on files. In both cases the crash occurs in exiv2 library. I have tested these files with version 0.21 and the latest svn trunk. Here are links to the bugzilla reports that include file samples and back traces:
https://bugs.kde.org/show_bug.cgi?id=255286
And the troublesome image: http://bugsfiles.kde.org/attachment.cgi?id=52874
https://bugs.kde.org/show_bug.cgi?id=237889
And image: http://bugsfiles.kde.org/attachment.cgi?id=51869
History
Updated by Andreas Huggel almost 11 years ago
The likely cause of both problems is unprotected access to non-existing values: Both images have several empty tags like these two:
Exif.Image.Orientation Short 0 Exif.Image.XResolution Rational 0
I.e., an orientation tag of type Short with 0 elements and an X-resolution tag of type Rational with no elements either. Accessing the non-existing value of such a tag typically through Exifdatum::toLong() or Exifdatum::toRational() results in undefined behaviour, usually a segfault.
Please check if your application ensures that the value has at least one element before it calls toLong() or toRational() etc. The usual way to do this is with a count() > 0 test, something like this:
Exiv2::ExifKey key("Exif.Image.Orientation");
Exiv2::ExifData::const_iterator it = exifData.findKey(key);
if (it != exifData.end() && it->count() > 0) {
long orientation = it->toLong();
}
Updated by Miika Turkia almost 11 years ago
Thank's, looks like it was what you expected. Should be fixed now on our code.
Updated by Andreas Huggel almost 11 years ago
- Status changed from Feedback to Rejected
Closed ("not a bug")