From: dpark at mit dot edu Operating system: Linux PHP version: 4CVS-2005-02-15 (stable) PHP Bug Type: EXIF related Bug description: exif_read_data incorrectly calculates nesting_level, throwing warnings
Description: ------------ Related to #31797? exif_read_data is still throwing the same warnings as in #31797 on every camera-created image I give it (for cameras both new and old, cheap and expensive). The Debian package in question is actually based off the 2005-02-06 4CVS snapshot, which is later than the time at which #31797 was reported to be fixed in 4CVS. Adam Conrad, the package maintainer, confirms the bug is in PHP, and can reproduce the problem with his own camera-created images. Quoting an email from Adam Conrad: Danny Park said: > Anyway, when you say the nesting limit was increased from 5 to 25, are > you saying 4.3.10-3 reflects that increase? Indeed, it does. However, it seems that the way the code's written, the nesting_level increases quite rapidly, and obviously takes on a different meaning than the original developer thought it had. As an example your 5 images all work fine with jhead(1), which has a hardcoded directory nesting limit of *5*. However, with some debug statements thrown into PHP's exif.c, we're reaching nesting levels of: img_0949.jpg: 53 P1000415.JPG: 54 IMG_0669.JPG: 65 DSC00804.JPG: 48 dcp00884.jpg: 38 I don't currently have the time to hunt down what upstream's doing wrong here, so I would encourage you to (re)file this bug upstream, and you're welcome to quote this whole message. I recommend they have a look at what jhead(1) is considering "directory nesting" and mimic it, since PHP's obviously doing something a bit differently. If it doesn't get fixed properly upstream in a relatively timely fashion, I'll make sure the next Debian packages uploaded either revert this change, or hack MAX_IFD_NESTING_LEVEL to be something ridiculously high, like 250. I'll test with some pro cameras lying around the house here to see just how much higher we can get before I do that. A second email from Adam Conrad: Woo. An image from my EOS 300D gets the counter up to 75. I'm just going to set it at 250 in the next upload. :) You should still talk to upsteam about unbreaking this, as it LOOKS like they're incrementing the counter at altogether the wrong bounday. Reproduce code: --------------- $url = "http://dpark.mitacf.org/pix/pics/mit04/danny/03-sly_foliage/img_0949.jpg"; print("\n\ntest img 1 - canon powershot S45\n"); $data = exif_read_data($url); print_r($data); $url = "http://dpark.mitacf.org/pix/pics/mit05/janice/01-christmas/P1000415.JPG"; print("\n\ntest img 2 - panasonic DMC-FZ20\n"); $data = exif_read_data($url); print_r($data); $url = "http://dpark.mitacf.org/pix/pics/mit04/fslee/08-usgl_beach_sunrise/IMG_0669.JPG"; print("\n\ntest img 3 - powershot S1 IS\n"); $data = exif_read_data($url); print_r($data); $url = "http://dpark.mitacf.org/pix/pics/mit04/chking/01-ivcf_sound_closet/DSC00804.JPG"; print("\n\ntest img 4 - sony cybershot\n"); $data = exif_read_data($url); print_r($data); $url = "http://dpark.mitacf.org/pix/pics/mit00/dannys_camera/08-burton5-asbestos-evac/dcp00884.jpg"; print("\n\ntest img 5 - kodak DC210\n"); $data = exif_read_data($url); print_r($data); Expected result: ---------------- Output of the print and print_r statements. Actual result: -------------- Output of the print and print_r statements interspersed with "<b>Warning</b>: exif_read_data(imagefilename.jpg): corrupt EXIF header: maximum directory nesting level reached in <b>/path/to/script</b> on line <b>line in script</b>" Each image produces two or three such warnings. -- Edit bug report at http://bugs.php.net/?id=31986&edit=1 -- Try a CVS snapshot (php4): http://bugs.php.net/fix.php?id=31986&r=trysnapshot4 Try a CVS snapshot (php5.0): http://bugs.php.net/fix.php?id=31986&r=trysnapshot50 Try a CVS snapshot (php5.1): http://bugs.php.net/fix.php?id=31986&r=trysnapshot51 Fixed in CVS: http://bugs.php.net/fix.php?id=31986&r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=31986&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=31986&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=31986&r=needscript Try newer version: http://bugs.php.net/fix.php?id=31986&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=31986&r=support Expected behavior: http://bugs.php.net/fix.php?id=31986&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=31986&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=31986&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=31986&r=globals PHP 3 support discontinued: http://bugs.php.net/fix.php?id=31986&r=php3 Daylight Savings: http://bugs.php.net/fix.php?id=31986&r=dst IIS Stability: http://bugs.php.net/fix.php?id=31986&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=31986&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=31986&r=float No Zend Extensions: http://bugs.php.net/fix.php?id=31986&r=nozend MySQL Configuration Error: http://bugs.php.net/fix.php?id=31986&r=mysqlcfg