GNOME Bugzilla – Bug 391671
Metadata parse failure due to recursive IFD pointers.
Last modified: 2010-07-13 18:33:29 UTC
Attached testcase crashes f-spot when trying to import this photo. This is 0.3.0-2 on Fedora Rawhide. Ping me back if you'd like a full trace, CVS, whatever. Thanks.
Original photo (1.3 MiB) uploaded at: http://putstuff.putfile.com/32423/2658356 This is a worthless picture of a guy getting into a car. Note that putfile.com has lots of stupid ads to click-through, sorry about this.
confirmed
The issue is in the picture, but this shouldn't be critical. The exif part is corrupt (Maximum directory nesting exceeded). If you remove the exif part of the image (e.g. using "jhead -purejpg crasher.jpeg"), you then can import it. Do you have that kind of issue only with this image (in this case, we can say that the file was bad) or on a complete set ?
This was the only image out of a batch of >8000. Even if the image is unbelievably corrupt, it still shouldn't crash the program IMHO. Is this another libexif bug? On a (possibly) unrelated note, importing photos past this one triggers bug #397775.
Just from reading the description this sounds like a libexif bug. The error string Stephane mentions indicates that part of the tiff structure has a self referencial loop. The internal f-spot code tries to deal with that case, I suspect libexif doesn't and the stack is being blown. I'll look into it more deeply soon.
requalified as Normal, since it only affects one picture
Hi folks, the picture at the mentioned links doesn't exist anymore. Does anyone still have it around?
Re-uploaded at http://www.et.byu.edu/~shb34/software/crasher.jpg . Thanks again!
Created attachment 109708 [details] Minimal testcase Resized to a single pixel. Attaching to the bug so that it doesn't get lost.
bump
Created attachment 125825 [details] [review] Throw exception on recursion This image has a corrupt exif structure such that the IFDs point in a loop: Exif -> IFD 0 -> Interop -> Exif ... etc. This indirect path does not trigger F-Spot's recursion detection code. Here is a patch. I am a novice and it is very inelegant. (Specifically, I changed a whole bunch of class constructors.) Can someone find a simpler way to fix this? I also (mistakenly) cross-posted this at http://sourceforge.net/tracker/index.php?func=detail&aid=2482865&group_id=12272&atid=112272
Interesting corruption. We should get this into the Taglib# regression suite.
Comment on attachment 125825 [details] [review] Throw exception on recursion Maintenance update: In the past we've been less than stellar in reviewing patches. As such we have a pile of patches in bugzilla which are outdated and don't apply anymore. Am currently marking all of these as "needs-work". My apologies for this. Since I've become a maintainer of the project, I've set the personal rule of quickly reviewing all patches, to avoid that this happens again. If you (or anyone) wants to go through the trouble of updating this patch, please talk to us to figure out if it fits in the F-Spot long term roadmap. Should you, in the future, notice a patch lingering around for too long, please notify us immediately and we'll look into it, to avoid situations like these from happening again. You can filter these mails by searching for ###F-OLDPATCHCLEANUP###
Added cycle-detection support to Taglib#, so this should work fine starting with F-Spot 0.7.1.