Skip to content

Restore Warning instead of Fatal Error in gd_webp.c #13774

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

Restore Warning instead of Fatal Error in gd_webp.c #13774

wants to merge 1 commit into from

Conversation

dryabov
Copy link
Contributor

@dryabov dryabov commented Mar 21, 2024

According to the docs (see https://www.php.net/manual/en/function.imagecreatefromwebp.php and https://www.php.net/manual/en/function.imagewebp.php), false should be returned on errors (similar to other functions of the gd extension), but actually all errors result in a Fatal Error. It doesn't look normal when trying to read an empty file or a file in the wrong format causes the program to stop.

The problem seems to be related to a mega-patch that replaced zend_error with zend_error_noreturn almost everywhere.

My patch fixes this behavior by switching from zend_error_noerror to gd_error (i.e. to E_WARNING level). All necessary memory cleanup is already in the code (as it was before the "zend_error_noreturn" patch).

You can use the following code to test:

<?php
$empty_webp = __DIR__ . '/empty.webp';
file_put_contents($empty_webp, '');
$im = imagecreatefromwebp($empty_webp);

Current result:

Fatal error: gd-webp cannot get webp info in ...

Expected result:

Warning: imagecreatefromwebp(): gd-webp cannot get webp info in ...

@dryabov
Restore Warning instead of Fatal Error in gd_webp.c
b0a9c33 
According to the docs (https://www.php.net/manual/en/function.imagecreatefromwebp.php and https://www.php.net/manual/en/function.imagewebp.php), `false` should be returned on errors (similar to other functions of the `gd` extension), but actually all errors result in a `Fatal Error`. It doesn't look normal when trying to read an empty file or a file in the wrong format causes the program to stop. The problem seems to be related to a mega-patch that replaced `zend_error` with `zend_error_noreturn` almost everywhere. My patch fixes this behavior by switching from `zend_error_noerror` to `gd_error` (i.e. to `E_WARNING` level). All necessary memory cleanup is already in the code (as it was before the "zend_error_noreturn" patch).
@devnexen devnexen requested a review from iluuu1994 March 21, 2024 10:49
@cmb69
Copy link
Member

cmb69 commented Jul 10, 2024

Ugh, that is pretty strange, since zend_error(E_ERROR, …) is there since that file has been committed, but apparently nobody had reported this issue before. I shall have a closer look.

@cmb69 cmb69 self-assigned this Jul 10, 2024
@cmb69
Copy link
Member

cmb69 commented Jul 13, 2024

The problem seems to be related to a mega-patch that replaced zend_error with zend_error_noreturn almost everywhere.

No, that is not the issue. You will get the same behavior prior to that commit. The problem is indeed that I had replaced gd_error() calls with zend_error() in the original commit, and I have absolutely no idea why I had done that.

The patch looks fine, but we should probably target PHP-8.2 or maybe only PHP-8.3 (as a compromise), since this is clearly unintended behavior, and is different from what you get with a system libgd. And there should be a test to check the behavior (basically the test code in the OP).

@devnexen, what do think?

@dryabov, would you take care of this?

@devnexen
Copy link
Member

Absolutely no objection on my part, however release managers might have a say too.

@cmb69
Copy link
Member

cmb69 commented Jul 13, 2024

Absolutely no objection on my part, however release managers might have a say too.

Ah, right! So asking the PHP 8.2 release managers if they have concerns targeting PHP-8.2 for this bug fix (which is basically emit a warning instead of a fatal error when reading unreadable WebP files): @ramsey, @saundefined, @adoy.

@adoy
Copy link
Member

adoy commented Jul 13, 2024

Lgtm. I agree that an error in an image file shouldn't trigger a fatal.

@devnexen devnexen closed this in b456ae8 Jul 13, 2024
@devnexen
Copy link
Member

Thank you !

cmb69 added a commit to cmb69/php-src that referenced this pull request Jul 13, 2024
@cmb69
Add test case for phpGH-13774
00c8cea 
Besides demonstrating the new behavior, this test also ensures that the
bundled and external libgd now behave the same.  It has to be noted,
though, that we only test one of the five code paths.
@Girgias
Copy link
Member

Girgias commented Jul 13, 2024
edited
Loading

I've commented on the commit, but I do think the allocation failures using E_ERROR is actually correct. The rest are fine as warnings.

cmb69 added a commit that referenced this pull request Jul 14, 2024
@cmb69
Add test case for GH-13774
6d0db52 
Besides demonstrating the new behavior, this test also ensures that the
bundled and external libgd now behave the same.  It has to be noted,
though, that we only test one of the five code paths.

Closes GH-14945.
cmb69 added a commit that referenced this pull request Jul 14, 2024
@cmb69
Merge branch 'PHP-8.2' into PHP-8.3
0ed956d 
* PHP-8.2:
  Add test case for GH-13774
cmb69 added a commit that referenced this pull request Jul 14, 2024
@cmb69
Merge branch 'PHP-8.3'
a6d1844 
* PHP-8.3:
  Add test case for GH-13774
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@adoy adoy adoy approved these changes

@devnexen devnexen devnexen approved these changes

@iluuu1994 iluuu1994 Awaiting requested review from iluuu1994

Assignees

@cmb69 cmb69

Labels
Extension: gd
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@dryabov @cmb69 @devnexen @adoy @Girgias