Page 1 of 1

crash while reading Exif from PNG

Posted: 2011-02-21T07:39:47-07:00
by JuergenW
convert fails to parse exif headers of certain PNG images.

convert: magick/splay-tree.c:880: GetValueFromSplayTree: Assertion `splay_tree != (SplayTreeInfo *) ((void *)0)' failed.

gdb tells me, this happens while GetEXIFProperty() is looking for 'exif:Orientation', finds nothing, but still returns MagicTrue;
it was looking for exif:sans before, and MagicFalse was returned then.

exiftool reports neither exif:Orientation nor exif:sans for the same image.

I am patching the symptoms as follows

Code: Select all

--- ImageMagick-6.6.7-8/magick/property.c.orig  2010-12-24 14:44:32.000000000 +0100
+++ ImageMagick-6.6.7-8/magick/property.c 2011-02-21 15:09:40.008402000 +0100
@@ -2012,9 +2012,14 @@ MagickExport const char *GetImagePropert
         {
           if (GetEXIFProperty(image,property) != MagickFalse)
             {
-              p=(const char *) GetValueFromSplayTree((SplayTreeInfo *)
-                image->properties,property);
-              return(p);
+            // FIXME: GetEXIFProperty should have return MagickFalse, if it failed, no?
+            // I see here a false positive of exif:Orientation, which exiftool does not see.
+            if (image->properties)
+       {
+         p=(const char *) GetValueFromSplayTree((SplayTreeInfo *)
+           image->properties,property);
+         return(p);
+       }
             }
         }
       break;

Re: crash while reading Exif from PNG

Posted: 2011-02-21T07:51:14-07:00
by JuergenW
see also https://bugzilla.novell.com/show_bug.cgi?id=673789

reproduce with convert this/test_image.png -type grayscale -colors 256 /tmp/x.png
https://bugzilla.novell.com/attachment.cgi?id=415304

Re: crash while reading Exif from PNG

Posted: 2011-02-21T08:11:08-07:00
by magick
We have a patch for the problem you reported in the Subversion trunk. Look for it in ImageMagick 6.6.7-9 Beta by sometime tomorrow. Thanks.