Advanced search  

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Pages: [1]   Go Down

Author Topic: Bug report and possible fix in /include/makers/canon.php v.1.6.03  (Read 1635 times)

0 Members and 1 Guest are viewing this topic.

jsh

  • Contributor
  • Coppermine newbie
  • ***
  • Offline Offline
  • Posts: 2

Hi folks,

After working well for years, a picture was recently uploaded to my installation of CPG which broke displayimage.php, resulting in the following php-error message:
"
Fatal error: Uncaught Error: Cannot use assign-op operators with string offsets in /home/www/include/makers/canon.php:241 Stack trace: #0 /home/www/include/makers/canon.php(425): formatCanonData('USHORT', '0001', 0, 98, Array, '0') #1 /home/www/include/exif.php(755): parseCanon('\x00&\x00\x01\x00\x03\x00\x00\x001\x00\x00\x05N\x00...', Array, Resource id #33, 30) #2 /home/www/include/exif.php(1015): read_entry(Array, Resource id #32, Resource id #33, 0, 'SubIFD', 30) #3 /home/www/include/exif_php.inc.php(51): read_exif_data_raw('albums/userpics...', 0) #4 /home/www/displayimage.php(212): exif_parse_file('albums/userpics...', '2902') #5 /home/www/displayimage.php(462): html_picinfo() #6 {main} thrown in /home/www/include/makers/canon.php on line 241
"

Without reeeeally understanding what is going on in all detail, I believe the bug is in line 242 of /include/makers/canon.php:
$result['SubIFD']['MakerNote'][$tag_name] = ''; // insure the index exists

However, just one line below that variable is passed by reference to $formated_data - and there, it is used as an associative array.

Therefore, I think(!) the fix is to initialize the variable as an empty array rather than an empty string:
$result['SubIFD']['MakerNote'][$tag_name] = array(); // insure the index exists

After that fix, the picture displays well.

I hope this makes sense to somebody in the programming team.
Thanks to everybody that keeps CPG alive!
Logged

ron4mac

  • Dev Team member
  • Coppermine addict
  • ****
  • Country: us
  • Offline Offline
  • Posts: 1366
Re: Bug report and possible fix in /include/makers/canon.php v.1.6.03
« Reply #1 on: October 17, 2018, 03:46:07 am »

Thank you for the feedback. It would seem that you've correctly assessed the situation.

Would you be able to supply the image for testing purposes? You can PM me a link, if needed.
Logged

jsh

  • Contributor
  • Coppermine newbie
  • ***
  • Offline Offline
  • Posts: 2
Re: Bug report and possible fix in /include/makers/canon.php v.1.6.03
« Reply #2 on: October 17, 2018, 08:28:32 pm »

Hi ron4mac,

Many thanks for your response. I have PM'd you some deep links to images that throw the error.

Cheers,

Simon
Logged

ron4mac

  • Dev Team member
  • Coppermine addict
  • ****
  • Country: us
  • Offline Offline
  • Posts: 1366
Re: Bug report and possible fix in /include/makers/canon.php v.1.6.03
« Reply #3 on: October 17, 2018, 09:27:08 pm »

Thanks for your help. Correction made at the Github repository.
Logged
Pages: [1]   Go Up
 

Page created in 0.027 seconds with 21 queries.