Page MenuHomePhabricator
Create Task
Maniphest T33740

(Jpeg|Gif)MetadataExtractor lacks bounds checking, spams error logs with E_WARNING
Closed, ResolvedPublic
Actions

Description

When running refreshImageMetadata.php on angwiki, I got:

Warning: unpack(): Type N: not enough input, need 4, have 0 in /usr/local/apache/common-local/php-1.18/includes/media/JpegMetadataExtractor.php on line 205

298290 times, and then I hit ctrl-C. JpegMetadataExtractor should use a wrapper around unpack that guards against reading beyond the end of the string. I made one for ZipDirectoryReader, maybe we should factor that out for the benefit of other binary format parsers.

Version: 1.18.x
Severity: normal

Details

Reference
bz31740

Related Objects
Search...

Event Timeline

bzimport raised the priority of this task from to High.Nov 21 2014, 11:50 PM
bzimport added a project: MediaWiki-File-management.
bzimport set Reference to bz31740.
tstarling created this task.Oct 15 2011, 10:34 PM
tstarling added a comment.Oct 15 2011, 10:35 PM

Assigning to Bawolff.

demon added a comment.Oct 15 2011, 10:51 PM

Expanding summary, also happens with GifMetadataExtrator.

Bawolff added a comment.Oct 18 2011, 12:44 PM

(btw, I probably won't have time to fix this until the weekend)

Bawolff added a comment.Oct 24 2011, 2:21 AM

fixed in r100572.

I think [[ang:File:Handsprecan.jpg]] might have been the specific file in question causing the issue (It has some metadata inside it that looks invalid), but I wasn't able to re-produce the massive number of warnings on my local install, so I don't really know for sure if it was that file or something else.

Gilles raised the priority of this task from High to Unbreak Now!.Dec 4 2014, 10:19 AM
Gilles added a project: Multimedia.
Gilles moved this task from Untriaged to Done on the Multimedia board.
Gilles lowered the priority of this task from Unbreak Now! to High.Dec 4 2014, 11:21 AM
Krinkle mentioned this in T32961: Run refreshImageMetadata.php --force.Sep 13 2019, 12:35 AM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL