pyexiv2

Segmentation fault when replacing a tag by itself

Bug #622739 reported by Yannick Patois on 2010-08-23

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	pyexiv2	Fix Released	Medium	Olivier Tilloy	pyexiv2 0.3 "A Good Year"

Bug Description

Hi,

I first used the version 0.1.3 provided by my distribution (Ubuntu Lucid on i386), and used the following code (extract):

d1=pyexiv2.Image("org/img_9085.jpg")
d2=pyexiv2.Image("ok/img_9085.jpg")
d1.readMetadata()
d2.readMetadata()
for key in d1.exifKeys():
print str(key)+" : "+str(d1[key])
d2[key]=d1[key]

This crashed on "Exif.CanonCs.Lens : (55, 18, 1) ValueError: invalid literal for int() with base 10: '(55, 18, 1)" which is a known bug, that has been fixed in most recent versions.

So I installed first the 0.2.2 and the the latest brz one with the same outcome.

The code is now:

d1=pyexiv2.ImageMetadata("org/img_9085.jpg")
d2=pyexiv2.ImageMetadata("ok/img_9085.jpg")
d1.read()
d2.read()
for key in d1.exif_keys:
print str(key)+" : "+str(d1[key])
d2[key]=d1[key]

And it crash just after the d2[key]=d1[key] affectation printing only:

Exif.Image.Make : <Exif.Image.Make [Ascii] = Canon>
Segmentation fault

I used the version 0.19-1 of libexiv2 (the one distributed by ubuntu).

Thanks for any help.

Related branches

lp:pyexiv2/0.2.x

Revision history for this message

Yannick Patois (patois) wrote on 2010-08-23:

Simplification of the problem:

This is enough to crash:
d1=pyexiv2.ImageMetadata("org/img_9085.jpg")
d1.read()
for key in d1.exif_keys:
print str(key)+" : "+str(d1[key])
d1[key]= d1[key]

That works until a non string is required ( Invalid value for EXIF type [Short]):
d1=pyexiv2.ImageMetadata("org/img_9085.jpg")
d1.read()
for key in d1.exif_keys:
print str(key)+" : "+str(d1[key])
d1[key]= str(d1[key])

Sorry for first report and I agree that it's still not very clear.

Can you reproduce?

Thanks.

Revision history for this message

Olivier Tilloy (osomon) wrote on 2010-08-23:

Thanks for the report Yannick. Could you please attach a sample picture with which the issue can be reproduced?

In the simplified case you’re describing in comment #1, do you still get a segmentation fault, or is it a python exception that aborts "cleanly" the execution of your script?

Revision history for this message

Yannick Patois (patois) wrote on 2010-08-23:

test image Edit (4.5 KiB, image/jpeg)

Thanks for your prompt answer.

Yes, the first crash is an hard crash. I gdb it, but couldnt go very far. It crash in
const ExifTag Image::getExifTag(std::string key)
at this call: _exifData->findKey(exifKey);

I attached the code and a sample image.

Thanks.

Yannick

Revision history for this message

Yannick Patois (patois) wrote on 2010-08-23:

code Edit (212 bytes, text/x-python)

Revision history for this message

Olivier Tilloy (osomon) wrote on 2010-08-23:

I can reproduce with the unit test provided and any image containing EXIF metadata.

Changed in pyexiv2:
assignee:	nobody → Olivier Tilloy (osomon)
importance:	Undecided → High
status:	New → Confirmed

Revision history for this message

Olivier Tilloy (osomon) wrote on 2010-08-23:

Here is the relevant part of the backtrace obtained with gdb:

#0 0x0000006e in ?? ()
#1 0x005e007b in Exiv2::ExifData::findKey(Exiv2::ExifKey const&) () from /usr/lib/libexiv2.so.6
#2 0x005e03e5 in Exiv2::ExifData::operator[](std::string const&) () from /usr/lib/libexiv2.so.6
#3 0x004efaf3 in exiv2wrapper::ExifTag::setParentImage(exiv2wrapper::Image&) () from /home/osomon/dev/pyexiv2-branches/pyexiv2/build/libexiv2python.so

The problem is with re-setting the parent image of a tag (not just EXIF tags for that matter, the same issue likely exists for IPTC and XMP tags) to the same owner image. It should be relatively easy to add a check to avoid the problem.

@Yannick: note that the bug can easily be worked around by doing something like this:

d1[key] = pyexiv2.ExifTag(key, d1[key].value)

or, even more concise:

d1[key] = d1[key].value

Revision history for this message

Olivier Tilloy (osomon) wrote on 2010-08-23:

Lowering importance as an easy-to-implement workaround has been identified.

Changed in pyexiv2:
importance:	High → Medium

Olivier Tilloy (osomon) on 2010-08-23

summary:

- Segmentation fault on key affectation with 0.2.2
+ Segmentation fault when replacing a tag by itself

Revision history for this message

Olivier Tilloy (osomon) wrote on 2010-08-23:

I’m working on a branch that adds unit tests for this case and fixes the issue for EXIF and IPTC tags. A bit more work is required for XMP.

Changed in pyexiv2:
status:	Confirmed → In Progress

Revision history for this message

Yannick Patois (patois) wrote on 2010-08-24:

#10

Thanks you very much for your prompt reaction and the quick fix (adding .value). It works fine for me now.

Revision history for this message

Olivier Tilloy (osomon) wrote on 2010-08-24:

#11

Fixed in the trunk with revision 321.

Changed in pyexiv2:
status:	In Progress → Fix Committed

Olivier Tilloy (osomon) on 2010-11-29

Changed in pyexiv2:
milestone:	none → 0.3

Olivier Tilloy (osomon) on 2010-12-31

Changed in pyexiv2:
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Bug attachments

test image Edit
code Edit

Add attachment

Remote bug watches

Bug watches keep track of this bug in other bug trackers.