419852 – Seg fault (double free or corruption) while detecting faces, 0-length JPG files

Bug 419852 - Seg fault (double free or corruption) while detecting faces, 0-length JPG files

Summary: Seg fault (double free or corruption) while detecting faces, 0-length JPG files

Status:	RESOLVED FIXED

Alias:	None

Product:	digikam
Classification:	Applications
Component:	Faces-Detection (show other bugs)
Version:	7.0.0
Platform:	Appimage Linux

Importance:	NOR crash
Target Milestone:	---
Assignee:	Digikam Developers

URL:
Keywords:

Depends on:
Blocks:

Reported:	2020-04-08 17:30 UTC by Jeff W
Modified:	2020-08-31 20:25 UTC (History)
CC List:	2 users (show)

See Also:
Latest Commit:
Version Fixed In:	7.0.0
Sentry Crash Report:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description Jeff W 2020-04-08 17:30:16 UTC

SUMMARY

While running digiKam 7.0.0-beta2 face detection on my large, untidy collection, digiKam crashed on one particular file. I restarted digiKam, and restarted face detection, and it crashed on the same file. Some notes - probably not all relevant:

- it's crashing on a 0-length file (invalid JPEG)
- there is a space in the filename.
- there are spaces and an apostrophe in the directory name
- there are other 0-length files in the same directory which did not cause a crash.
- the /share/ directory is a CIFS network mount, and the collection is a "Network Share" type

Here's the directory listing:

>ls -la "/share/pics/080304 Jeff's Pics/"
total 0
drwxr-xr-x 2 jward jward 0 Sep  8  2012  .
drwxr-xr-x 2 jward jward 0 Aug  3  2019  ..
-rwxr-xr-x 1 jward jward 0 Mar  5  2008  IMG_0391_small.jpg
-rwxr-xr-x 1 jward jward 0 Mar  5  2008  IMG_0406_small.jpg
-rwxr-xr-x 1 jward jward 0 Mar  5  2008  IMG_0445_small.jpg
-rwxr-xr-x 1 jward jward 0 Mar  5  2008 'IMG_0474_small copy.jpg'


Here's digiKam's appImage stdout:

Digikam::MetaEngine::Private::printExiv2ExceptionError: Cannot load metadata from file /share/pics/080304 Jeff's Pics/IMG_0445_small.jpg  (Error # 20 :  Failed to read input data
Digikam::MetaEngine::Private::printExiv2ExceptionError: Cannot load metadata from file /share/pics/080304 Jeff's Pics/IMG_0445_small.jpg  (Error # 20 :  Failed to read input data
unknown: Can not load " "/share/pics/080304 Jeff's Pics/IMG_0445_small.jpg" " using DImg::DImgQImageLoader!
unknown: Error message from loader: "Unsupported image format"
Digikam::DImg::load: "/share/pics/080304 Jeff's Pics/IMG_0445_small.jpg" : Unknown image format !!!
Digikam::PreviewLoadingTask::execute: Cannot extract preview for "/share/pics/080304 Jeff's Pics/IMG_0445_small.jpg"
Digikam::MetaEngine::Private::printExiv2ExceptionError: Cannot load metadata from file /share/pics/080304 Jeff's Pics/IMG_0474_small copy.jpg  (Error # 20 :  Failed to read input data
Digikam::MetaEngine::Private::printExiv2ExceptionError: Cannot load metadata from file /share/pics/080304 Jeff's Pics/IMG_0474_small copy.jpg  (Error # 20 :  Failed to read input data
unknown: Can not load " "/share/pics/080304 Jeff's Pics/IMG_0474_small copy.jpg" " using DImg::DImgQImageLoader!
unknown: Error message from loader: "Unsupported image format"
Digikam::DImg::load: "/share/pics/080304 Jeff's Pics/IMG_0474_small copy.jpg" : Unknown image format !!!
Digikam::PreviewLoadingTask::execute: Cannot extract preview for "/share/pics/080304 Jeff's Pics/IMG_0474_small copy.jpg"
double free or corruption (out)
/tmp/.mount_digikaaSK5HO/AppRun: line 155:  5130 Aborted                 (core dumped) digikam $@
>


STEPS TO REPRODUCE

I tried to setup a simple test album with a directory containing empty files as above, but the issue did not reproduce. :(

OBSERVED RESULT

digiKam crashes while running face detection on odd files.

EXPECTED RESULT

digiKam should not crash due to invalid image files.

SOFTWARE/OS VERSIONS
Windows: n/a
macOS: n/a
Linux/KDE Plasma: n/a
(available in About System)
KDE Plasma Version: 
KDE Frameworks Version: 
Qt Version: 4.8.7

ADDITIONAL INFORMATION

Comment 1 Maik Qualmann 2020-04-08 18:43:46 UTC

Can you please run the AppImage with the "debug" option to get a GDB backtrace?

Maik

Comment 2 caulier.gilles 2020-04-08 19:00:18 UTC

And please try also with the current beta3 available here :

https://files.kde.org/digikam/

Gilles Caulier

Comment 3 Maik Qualmann 2020-04-08 19:32:37 UTC

Gilles, my guess is that it crashes in the ImageMagick Loader because we try all JPG Loaders. I will change it and only use the loader that registers for file extension and as a second test on the Magic Bytes. As a result, ImageMagick is only used for file types for which we do not have a native loader.

Maik

Comment 4 Maik Qualmann 2020-04-08 20:14:54 UTC

Git commit d6ce3a9a7a269a391ba42fc1910383c70d2597fc by Maik Qualmann.
Committed on 08/04/2020 at 20:12.
Pushed by mqualmann into branch 'master'.

load only with the best DImg loader
Related: bug 415771

M  +23   -36   core/libs/dimg/dimg_fileio.cpp
M  +7    -2    core/libs/dimg/dimg_p.h

https://invent.kde.org/kde/digikam/commit/d6ce3a9a7a269a391ba42fc1910383c70d2597fc

Comment 5 Jeff W 2020-04-08 20:42:33 UTC

I can't seem to trigger it again, either with beta2 or beta3-debug appImage files. I tried adjusting "Whole collection" and "Search In", and "Scan Again and Merge". I tried restoring my SQLlite DB files (from 6.4, before upgrading.)

I can't get it to crash again. Sorry!

Comment 6 caulier.gilles 2020-04-08 21:14:34 UTC

Hi MAik,

Yes i fully agree with this approach...

Gilles