search

imazen / imageflow-dotnet

The official .NET API for Imageflow, the Rust image processing and optimization engine for web servers
GNU Affero General Public License v3.0
143 stars 25 forks source link

Corrupt jpg causing System.AccessViolationException #32

Closed jakenuts closed 3 years ago

jakenuts commented 3 years ago

Every once in a while, one of these partial/corrupt jpegs sneak into our system (todo: don't let them) and cause AccessViolationExceptions during processing bringing down the windows service doing the work. We can definitely fallback to InSubprocessAsync but I thought I'd check if this was avoidable.

Versions: ImageFlow.Net 0.7.23 Imageflow.NativeRuntime.win-x86_64 1.5.7(rc61)

Corrupt.jpg file: https://user-images.githubusercontent.com/344606/112767745-4f833a80-8fcd-11eb-921a-c824a077e1d6.jpg

Here's the stacktrace and a demo:

Fatal error. System.AccessViolationException: Attempted to read or write protected memory. This is often an indication that other memory is corrupt.
   at Imageflow.Bindings.NativeMethods.imageflow_context_send_json(Imageflow.Bindings.JobContextHandle, IntPtr, IntPtr, UIntPtr)
   at Imageflow.Bindings.NativeMethods.imageflow_context_send_json(Imageflow.Bindings.JobContextHandle, IntPtr, IntPtr, UIntPtr)
   at Imageflow.Bindings.JobContext.SendJsonBytes(System.String, Byte[])
   at Imageflow.Bindings.JobContext.Execute[[System.__Canon, System.Private.CoreLib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e]](System.__Canon)
   at Imageflow.Fluent.ImageJob+<FinishAsync>d__29.MoveNext()
   at System.Runtime.CompilerServices.AsyncMethodBuilderCore.Start[[Imageflow.Fluent.ImageJob+<FinishAsync>d__29, Imageflow.Net, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null]](<FinishAsync>d__29 ByRef)
   at System.Runtime.CompilerServices.AsyncTaskMethodBuilder`1[[System.__Canon, System.Private.CoreLib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e]].Start[[Imageflow.Fluent.ImageJob+<FinishAsync>d__29, Imageflow.Net, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null]](<FinishAsync>d__29 ByRef)
   at Imageflow.Fluent.ImageJob.FinishAsync(Imageflow.Fluent.JobExecutionOptions, Imageflow.Fluent.SecurityOptions, System.Threading.CancellationToken)
   at Imageflow.Fluent.FinishJobBuilder.InProcessAsync()
   at ComposeImages.Program+<Process>d__1.MoveNext()
   at System.Runtime.CompilerServices.AsyncMethodBuilderCore.Start[[System.__Canon, System.Private.CoreLib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e]](System.__Canon ByRef)
   at System.Runtime.CompilerServices.AsyncTaskMethodBuilder.Start[[System.__Canon, System.Private.CoreLib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e]](System.__Canon ByRef)
   at ComposeImages.Program.Process()
   at ComposeImages.Program+<Main>d__0.MoveNext()
   at System.Runtime.CompilerServices.AsyncMethodBuilderCore.Start[[System.__Canon, System.Private.CoreLib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e]](System.__Canon ByRef)
   at System.Runtime.CompilerServices.AsyncTaskMethodBuilder.Start[[System.__Canon, System.Private.CoreLib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e]](System.__Canon ByRef)
   at ComposeImages.Program.Main(System.String[])
   at ComposeImages.Program.<Main>(System.String[])
using System;
using System.IO;
using System.Threading.Tasks;
using Imageflow.Fluent;

namespace CorruptJpeg
{
    class Program
    {
        static async Task Main(string[] args)
        {
            var bytes = await File.ReadAllBytesAsync("corrupt.jpg");
            await new ImageJob().Decode(new BytesSource(bytes)).EncodeToBytes(new MozJpegEncoder(100)).Finish().InProcessAsync();

        }
    }
}

corrupt

lilith commented 3 years ago

Thank you so much for reporting this! I had a few bugs in the error handling for jpeg decoding which slipped past the integration tests. I'd been testing jpegs with warnings but not with errors.

The access violation was actually a null reference exception, so there's no security risk.

Can you give NativeRuntime v1.5.8-rc62 a try once it lands and see if it resolves your issue?

jakenuts commented 3 years ago

Will do! 8)

jakenuts commented 3 years ago

You're the best, getting the "unsupported marker" exception in the latest build which will let us gracefully recover and also know there's a problem with the file which is great. Thanks so much!

lilith commented 3 years ago

No problem, thank you for the report!