reading truncated png can segfault python #9256
Comments
|
attn @mdboom |
|
Related to #5495 Does not segfault on python2 23:18 $ python /tmp/test.py
libpng error: Read Error
Traceback (most recent call last):
File "/tmp/test.py", line 8, in <module>
imread("test.png")
File "/home/tcaswell/src/p/matplotlib/lib/matplotlib/pyplot.py", line 2233, in imread
return _imread(*args, **kwargs)
File "/home/tcaswell/src/p/matplotlib/lib/matplotlib/image.py", line 1300, in imread
return handler(fd)
RuntimeError: Error setting jumpIt looks like it is segfaulting in cpython, not our code I think I have a fix for this.... |
- be more paranoid in _read_png_data about failed reads and check for exceptions after both calls to it - in read_png_data kick the png error handling - only override the exception in the body of `setjmp` handler if there is not already one set closes matplotlib#9256
Me too, because it requires |
|
Our PNG wrapper, IIRC, allows us to pass file-like objects (e.g., StringIO,
GzipFile) to the PNG writing and reading library... (or am I getting that
mixed up with our truetype wrapper?)
…On Sun, Oct 8, 2017 at 8:38 AM, Nikita Kniazev ***@***.***> wrote:
(To be honest I'm not fully convinced there's a much of a benefit in
shipping our own png wrappers rather than, say, relying on PIL throughout.)
Me too, because it requires zlib and libpng build dependencies with zero
benefits. I tried to replace _png with a PIL wrappper, but have not fully
done it https://github.com/Kojoley/matplotlib/tree/use-pil
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#9256 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AARy-Ea0r4Xm0eWksKZuDUFsM1aoO0KXks5sqMJYgaJpZM4Pprnv>
.
|
PIL perfectly does this too, it would be no.1 feature request if it were not. import io
from PIL import Image, ImageDraw
text = "Hello, PIL!!!"
color = (0, 0, 120)
im = Image.new('RGB', (100, 50), color)
imd = ImageDraw.Draw(im)
imd.text((10, 20), text)
buf = io.BytesIO()
im.save(buf, format='png')
assert buf.getvalue()[1:4] == b'PNG'
import matplotlib.pyplot as plt
import matplotlib.image as mpimg
plt.imshow(Image.open(buf))
plt.show() |
|
closed by #9257 |
Bug report
Bug summary
Reading a truncated png file can segfault the process.
Code for reproduction
Actual outcome
Expected outcome
Some exception is raised.
(To be honest I'm not fully convinced there's a much of a benefit in shipping our own png wrappers rather than, say, relying on PIL throughout.)
Matplotlib version
The text was updated successfully, but these errors were encountered: