Hang file and error INFECTED PNG files

Post any defects you find in the released or beta versions of the ImageMagick software here. Include the ImageMagick version, OS, and any command-line required to reproduce the problem. Got a patch for a bug? Post it here.
Post Reply
ltruong
Posts: 3
Joined: 2016-09-08T19:20:56-07:00
Authentication code: 1151

Hang file and error INFECTED PNG files

Post by ltruong »

Hi image magick,
I have some INFECTED PNG samples which image magick failed to convert. Command line I used is

Code: Select all

"ImageMagick\convert.exe" -auto-orient "O:\infile.png" bmp:"O:\outfile.bmp"
My ImageMagick version is

Code: Select all

Version: ImageMagick 7.0.1-2 Q16 x86 2016-05-08 http://www.imagemagick.org
hang.zip ImageMagick hang and create very big temp files in "C:\windows\temp" with name "magick...."
infected_error.zip contains many files which can be opened by "window photo viewer" but ImageMagick returned error when converting to bmp.

Code: Select all

convert.exe: bad adaptive filter value `O:\infile.png' @ error/png.c/MagickPNGErrorHandler/1650.
convert.exe: CorruptImage `O:\infile.png' @ error/png.c/ReadPNGImage/4020.
convert.exe: NoImagesDefined `bmp:O:\outfile.bmp' @ error/convert.c/ConvertImageCommand/3235.

Code: Select all

convert.exe: IDAT: CRC error `O:\infile.png' @ error/png.c/MagickPNGErrorHandler/1650.
convert.exe: CorruptImage `O:\infile.png' @ error/png.c/ReadPNGImage/4020.
convert.exe: NoImagesDefined `bmp:O:\outfile.bmp' @ error/convert.c/ConvertImageCommand/3235.

Code: Select all

convert.exe: IDAT: incorrect header check `O:\infile.png' @ error/png.c/MagickPNGErrorHandler/1650.
convert.exe: CorruptImage `O:\infile.png' @ error/png.c/ReadPNGImage/4020.
convert.exe: NoImagesDefined `bmp:O:\outfile.bmp' @ error/convert.c/ConvertImageCommand/3235.
Top
snibgo
Posts: 12159
Joined: 2010-01-23T23:01:33-07:00
Authentication code: 1151
Location: England, UK

Re: Hang file and error INFECTED PNG files

Post by snibgo »

IM doesn't attempt to fix errors in files: it should report them and exit. It shouldn't hang.

If you can paste a URL of a zip that contains PNG files that make IM hang, I expect the IM developers would like to take a look.
snibgo's IM pages: im.snibgo.com
Top
ltruong
Posts: 3
Joined: 2016-09-08T19:20:56-07:00
Authentication code: 1151

Re: Hang file and error INFECTED PNG files

Post by ltruong »

Sorry, Here is the zip files.
Please be careful, they are all infected PNG
http://www.mediafire.com/download/y395w ... _error.zip
http://www.mediafire.com/download/qnn1p ... d/hang.zip

For infected_error.zip, I expected IM converted successfully because these files can be opened by "window photo viewer"
For infected_error.zip, I expected IM does not hang
Top
User avatar
glennrp
Posts: 1147
Joined: 2006-04-01T08:16:32-07:00
Location: Maryland 39.26.30N 76.16.01W

Re: Hang file and error INFECTED PNG files

Post by glennrp »

The "hang" is a 32k by 32k by 1-bit grayscale PNG which expands to a 4-terabyte image. Some of the "infected_error" images are CgBI files not PNG files, and others seem to mostly have truncated IDAT or IDAT with bad CRC.
Top
User avatar
magick
Site Admin
Posts: 11064
Joined: 2003-05-31T11:32:55-07:00

Re: Hang file and error INFECTED PNG files

Post by magick »

See http://www.imagemagick.org/script/security-policy.php. You can add limits to the security policy to stop large images from being processed.
Top
ltruong
Posts: 3
Joined: 2016-09-08T19:20:56-07:00
Authentication code: 1151

Re: Hang file and error INFECTED PNG files

Post by ltruong »

Thanks you for your reply.
My policy.xml is like this and IM will fail hang.zip. It's good in my case.
<policymap>
<policy domain="resource" name="disk" value="1GB"/>
<policy domain="cache" name="shared-secret" value="passphrase"/>
</policymap>

With this policy, large images are cached to disk. I want to ask my statement here is right or wrong? "1GB is sum of total temp file's size"
Thanks you
Top
Post Reply

Return to “Bugs”