Segmentation fault: 11

[sbarex]

Requesting a region outside the image size can cause a Segmentation fault: 11. This happens to me for example when I pass pixel values ​​as region parameter and not the normalized ones. The image is in TIFF format, and the system is MacOS, IIPImage Server Version 1.2.

[ruven]

Can you give me an example of a request where this happens. What are the dimensions of the image itself?

[sbarex]

I have a pyramidal tif (jpeg compressed) generated with vips, 8742 x 11656 px.

I think I have better circumscribed the problem.

I request a region a url like this: http://iipsrv.test/fcgi-bin/iipsrv.fcgi?FIF=/Users/username/data/zoom/1.tif&WID=348&HEI=1395&ROT=0&RGN=0.12582933,0.272134523,0.019903912,0.014756349&CVT=jpeg

If I ask to extract a region specifying the normalized coordinates it works correctly. In the same way it works even if I do not specify the final size with the WID and HEI parameters (so I get the image at the maximum available resolution).

If I request a region with the WID and HEI parameters and coordinates external to the image (e.g. 2,3,0.5,0.5) I still get a solid image but with variable colors.

if I don't specify the WID and HEI parameters and the region is very outside I get the segmentation fault:

http://iipsrv.test/fcgi-bin/iipsrv.fcgi?FIF=/Users/username/data/zoom/1.tif&ROT=0&RGN=10000,2000,200,400&CVT=jpeg

I think it would be useful to insert a check for coordinates and if invalid return a black (jpeg) or transparent (png) image. The fact that sometimes a solid image of various colors is returned suggests that it may be trying to access unavailable memory areas.

Thank you!

[ruven]

I just pushed a fix: https://github.com/ruven/iipsrv/commit/52261b2192f5ceffc8d26725d2bb59922f424ac3. In fact there already is code to check for invalid coordinates, but there was a bug linked to the way this check was carried out when a maximum size has been set through the MAX_CVT startup parameter.

Let me know if this now works for you.

[sbarex]

Thanks you, now the segmentation fault is fixed.

But before, by providing a valid region and not specifying the WID and HEI parameters I obtained the image with the dimensions of the region at maximum resolution. Now instead it extracts an image of 1 x 3000 px (the file is automatically named 1_1x3000.jpg), both for a valid region and for a region outside the image.

Also requesting region outside the image boundary generate images filled with random color.

[ruven]

For the 1x3000 px bug, this should be fixed by this latest commit: https://github.com/ruven/iipsrv/commit/7b4ed2898fd1ceb55acd7dee4f7d3edcdb4bf3ed

For invalid regions, you should just get a black image. Can you give me an example of URL parameters that create a random color filled image? If you set invalid region parameters, iipsrv will try to correct the invalid x,y of the region. In your case, it limits x,y to the max possible values, so the top right edge which results in a 1x1px image, but which is scaled up to the size you set in the WID parameter. But perhaps iipsrv should just simply ignore the RGN parameter if it's not valid? Or even send an error? Any thoughts on how best to handle this?

[sbarex]

Thanks, the 1x3000 bug is fixed!

With an image of 8742 x 11656 px, this url generate a black 2250 x 3000 px image: http://iipsrv.test/fcgi-bin/iipsrv.fcgi?FIF=/Users/username/data/zoom/1.tif&ROT=0&RGN=100,100,10,10&CVT=jpeg

This url generate a 1x3000px image: http://iipsrv.test/fcgi-bin/iipsrv.fcgi?FIF=/Users/username/data/zoom/1.tif&ROT=0&RGN=10,10,10,10&CVT=jpeg

If set the WID and HEI arguments will be generated a a dark red (#8a2900) imge: http://iipsrv.test/fcgi-bin/iipsrv.fcgi?FIF=/Users/username/data/zoom/1.tif&WID=100&HEI=100&ROT=0&RGN=10,10,10,10&CVT=jpeg

In my opinion, if the origin is external to the image, a black image (or white or transparent if allowed by the format) of the requested dimensions must be immediately returned. If the origin is internal but the dimensions exceed the edge of the image, an image must be returned with the existing portion and the excess black (or white or transparent) field.

[ruven]

The reason your images are resized to 3000px along one axis is that your MAX_CVT setting must be set to 3000. So iipsrv will limit all images output to this maximum size.

This URI gives me a 2250 x 3000 px image like your first example, not 1x3000: http://iipsrv.test/fcgi-bin/iipsrv.fcgi?FIF=/Users/username/data/zoom/1.tif&ROT=0&RGN=10,10,10,10&CVT=jpeg

If you set width and height to 100, you should get a 75x100 pixel image.

The color is dependent on the pixel color of the nearest real pixel (the top right corner pixel in your example). But you are right, maybe this isn't really logical. I'm not sure it should return a blank image, though. Maybe if there is an origin that is > 1.0, it would be more better to either return an error or simply ignore this origin and set it to 0,0.

As for dimensions exceeding the edge of the image, there does need to be a practical limit - I can't really see many use-cases for allowing arbitrary values here. The only thing I can think of is that you may want to add a black border around an image. But in that case, iipsrv would also need to accept -ve origin values also.

By the way, why do you have these kind of RGN parameters? Are you trying to do something specific or were these created in error?

[sbarex]

Hi, thanks for the info. Maybe for wrong ranges you should return a 404 code.

The wrong range is my programming error, the main problem was that it caused a iipsrv crash, now that it's solved the rest are just minor issues.