Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Some files processing errors after update to 1.17.6 #1133

Open
anatoliiKumunzhiev opened this issue Feb 27, 2024 · 7 comments
Open

Some files processing errors after update to 1.17.6 #1133

anatoliiKumunzhiev opened this issue Feb 27, 2024 · 7 comments

Comments

@anatoliiKumunzhiev
Copy link

anatoliiKumunzhiev commented Feb 27, 2024
edited

Hi!
I faced with some issues after update libheif in a project from 1.12.0 to 1.17.6.
I'm get an errors for some files that were successfully processed in version 1.12.0.
It happens when I call heif_context_read_from_reader().
For sample_1.heic it is error code 2: "Invalid input: Unspecified: 'iref' has double references"
For sample_2.heic it is error code 6: "Memory allocation error: Security limit exceeded: Maximum number of child boxes 20000 exceeded."
At the same time for 1.12.0 version I get 0 error code, get the page count after heif_context_get_number_of_top_level_images() calling, image handle after heif_context_get_image_handle() etc. without any problem.
Could you tell pls, is it expected behavior in this case?
It is strange for me because I successfully processed these files with previous version before.

Thank you.

Samples download link: https://drive.google.com/file/d/1F8UqW57cFx06CF4p2ZU81mjY8f2YKmTt/view?usp=sharing
@bradh
Copy link
Contributor

bradh commented Feb 27, 2024

It looks like your example didn't upload correctly before you submitted. Can you edit the issue and upload the file again?

@anatoliiKumunzhiev
Copy link
Author

anatoliiKumunzhiev commented Feb 29, 2024
edited

Sorry, there are some problems with file uploading. I have edited the issue and added the link.

@anatoliiKumunzhiev
Copy link
Author

Tell pls, were you able to download the files?

@bradh
Copy link
Contributor

bradh commented Mar 12, 2024

They can be downloaded OK.

They are both hitting security checks that have been added to newer versions of libheif.

The first one (sample_1) is failing a check for double iref linkage. It doesn't look like a real problem in your case, but I think it is technically invalid.

The second one (sample_2) has an extremely large number of images (like > 20000). That could be valid, but probably makes no sense.

What device or software produced those images?

@bradh
Copy link
Contributor

bradh commented Apr 7, 2024

@anatoliiKumunzhiev Can you follow up on this?

@anatoliiKumunzhiev
Copy link
Author

Sorry for delay.
Actually it is difficult to determine where these files came from.
That's fine for me if you confirm that this is not a regression but this is expected behavior related to the new security checks.
Tanks a lot!

@bradh
Copy link
Contributor

bradh commented Apr 10, 2024

I think the second sample is probably valid but not sensible. The first sample is probably invalid.

Both cases relate to additional security checks, and are expected and (currently) intended behaviour.

If the data in those are important to your use cases (as opposed to just noting the difference in behaviour, which is still worth reporting), there might be options for further changes.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bradh @anatoliiKumunzhiev