GNOME Bugzilla – Bug 493778
metadata plug-in crashes on some images
Last modified: 2009-07-20 15:52:49 UTC
Please describe the problem: When opening pictures metadata.exe crashes every time. It says this in Windows: "metadata.exe has encountered a problem and needs to close. sorry for the inconvience." and you have to click OK. The graphic will then open and GIMP presents this message: "GIMP Message Plug-in crashed: "metadata.exe" (C:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\metadata.exe) The dying plug-in may have messed up GIMP's internal state. You may want to save your images and restart GIMP to be on the safe side." Steps to reproduce: 1. Open a graphic. I've only tried this with JPG since it's all I have here. 2. 3. Actual results: Already described what happens in the "Please describe the problem" section. Expected results: The graphic opens, no error message. Does this happen every time? Yes. Other information:
Could you make an image available that causes the crash? If possible, please attach it to this bug-report.
Sorry, I think we should go ahead and close this bug. I just read this and went to repeat the steps to make it happen again for a screen shot and everything works fine now. Weird. I had restarted GIMP yesterday, but didn't actually reboot my computer. Maybe that did the trick that I shutdown last night and came in this morning and started up. Thanks for the help, keep up the good work.
Created attachment 98671 [details] First error message This is the first error message. I click not to send and then the second error message pops up.
Created attachment 98672 [details] Second error message.. Here is the second error message..
Created attachment 98673 [details] One of the graphics which gives me the error message.. Here is one of the graphics that gives me the error message..
Okay it still does the error, but only certain graphics. I've attached two screenshots.. one of each error message. Then I've attached a third graphic, which is one of the graphics that brings up the error message. Note, I've never experienced this problem with the old versions of GIMP I've been using.
I can reproduce the crash here: (metadata:3969): GLib-CRITICAL **: g_markup_escape_text: assertion `text != NULL' failed /usr/local/lib/gimp/2.0/plug-ins/metadata: fatal error: Segmentation fault
So does that mean it's a problem with my graphic or a problem with GIMP? The graphic does still open after the error message pops up, just annoying to click the error messages away, specially when I open like 20 graphics at once.
Could be both. But the plug-in must not crash even if the image is broken.
I just had a look at the embedded XMP metadata and it contains the following unusual (but valid) elements: <xapRights:UsageTerms> <rdf:Alt/> </xapRights:UsageTerms> So instead of omitting the usage terms or defining it as an empty element (like in most other images that I have seen), this one defines it as a non-empty element that contains an empty Alt list. The XMP parser handles that without problems. However, because the metadata editor is a plug-in and not part of the core, it has to re-encode the parsed metadata and store it in a parasite of the image that is being loaded. Alas, the encoder has a bug when it encounters this unusual construct with an element including only an empty Alt. This new bug was introduced by the fix for bug #455481. I will try to implement a workaround or a real fix as soon as possible.
Increasing priority as this should be fixed for the 2.4.2 release.
Just thought I'd say I have 2.4.3 Windows and this problem still exists.
If it would have been fixed, then there would be a comment in this bug report. If this problem nags you, feel free to contribute a patch.
I have encountered this problem too. It can be reproduced with image available at http://farm4.static.flickr.com/3162/2678237026_59a90d767e_o.jpg (web page where it is published http://flickr.com/photos/george_eastman_house/2678237026/sizes/o/in/set-72157606226772243/) My environment: Windows XP Professional SP3, Gimp 2.6.0
All I get is a warning: (metadata:27490): GLib-CRITICAL **: g_markup_escape_text: assertion `text != NULL' failed Did someone compile GLib for Windows with checks disabled (G_DISABLE_CHECKS) ??? Should be easy to get the code fixed that spits out this warning, though.
Created attachment 120864 [details] [review] patch that introduces a utility funtion to deal with writing XML elements
This patch does not fix the crash reported originally. But it fixes the warning reported in comment #14. Committed to trunk: 2008-10-19 Sven Neumann <sven@gimp.org> Bug 493778 – metadata plug-in crashes on some images * plug-ins/metadata/xmp-encode.c (gen_property): introduced a utility function to create XML elements. Deal gracefully with NULL and empty values. Does not fix the crash, but fixes a warning that has been reported in the same bug report.
The XMP metadata from the file in comment #4 has an empty element for UsageTerms. It seems that the parser does not deal correctly with this. Later when the XmpModel is serialized, the serialization code hits a bogus pointer and crashes: <xapRights:UsageTerms> <rdf:Alt/> </xapRights:UsageTerms>
Created attachment 138180 [details] [review] Patch against release 2.6.6 The problem is that the parser adds an empty property value when parsing an empty <rdf:Alt/>. But when it is encoded it is expected to be in the form of a NULL terminated array of pairs of property values, with the result that the NULL terminator is considered the second element of the first pair and the loop encoding these properties goes beyond the end of the array, thus dereferencing invalid pointers. The attached patch alters the parser to avoid adding dummy values when an empty <rdf:Alt/> is found.
Still not using git?
I have commited this patch after moving the bugfix below the case STATE_INSIDE_BAG: case STATE_INSIDE_SEQ: cases too, so that we can handle empty Bag and Seq arrays as well if they show up. I have pushed to both master and gimp-2-6: commit baf48c6167cbf77bccc686498de96fb674619f1f Author: Massimo Valentini <sixtysix@inwind.it> Date: Mon Jul 20 14:59:29 2009 +0200 Bug 493778 – metadata plug-in crashes on some images The problem is that the parser adds an empty property value when parsing an empty Alt-array, "<rdf:Alt/>". But when it is encoded it is expected to be in the form of a NULL terminated array of pairs of property values, with the result that the NULL terminator is considered the second element of the first pair and the loop encoding these properties goes beyond the end of the array, thus dereferencing invalid pointers. This commit alters the parser to avoid adding dummy values when empty rdf:Alt, rdf:Bag and rdf:Seq elements are found.