ID: 33210 User updated by: polone at townnews dot com Reported By: polone at townnews dot com -Status: Closed +Status: Open Bug Type: GetImageSize related Operating System: RedHat Linux 7.3 PHP Version: 4.3.11 New Comment:
This is NOT fixed. Raising the limit to 25 0xFF markers doesn't fix this issue - it merely fixes certain JPEGs that have less than 25 0xFF markers, but not all. Previous Comments: ------------------------------------------------------------------------ [2005-06-02 00:29:29] [EMAIL PROTECTED] This bug has been fixed in CVS. Snapshots of the sources are packaged every three hours; this change will be in the next snapshot. You can grab the snapshot at http://snaps.php.net/. Thank you for the report, and for helping us make PHP better. ------------------------------------------------------------------------ [2005-06-01 07:54:18] polone at townnews dot com Description: ------------ The getimagesize() function fails on specific JPEG files. The reason is that php_next_marker() in: ext/standard/image.c has an artificial limit of 10 imposed on the number of 0xFF records that are found in sequential order. As far as I can tell ... the JPEG file format standards impose no such limit (see, http://www.jpeg.org/public/jfif.pdf). The proper behaviour should be to continue to read for the next marker until: (1) M_SOS is found, in which case, image data has begun and no more headers will occur (2) M_EOI has occurred (End of Image header) - this is the proper behavior in a properly encoded image (3) EOF - something's wrong - but, at least it's not getimagesize() I've provided an example of a JPEG file that will fail using getimagesize() online at: http://www.townnews.com/contrib/premature.jpg A fix is easily added by removing the artificial limit and just incrementing "a" in the marker's main loop around line 404: if (++a > 10) { /* who knows the maxim amount of 0xff? though 7 */ /* but found other implementations */ return M_EOI; } I realize this may be in place to prevent infinite loops, but the reality is EOF will do that for us anyway. To fix the problem, just switch that code hunk too: a++; Reproduce code: --------------- <?php $sURL = "http://www.townnews.com/contrib/premature.jpg";; print_r(getimagesize($sURL)); ?> Expected result: ---------------- Array ( [0] => 350 [1] => 603 [2] => 2 [3] => width="350" height="603" [bits] => 8 [channels] => 3 [mime] => image/jpeg ) ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=33210&edit=1
![http://www.townnews.com/contrib/premature.jpg"](http://www.townnews.com/contrib/premature.jpg"){kind=link}