id summary reporter owner description type status component version severity resolution keywords cc stage has_patch needs_docs needs_tests needs_better_patch easy ui_ux 3848 Image validator: fails to spot image truncation or corruption andrewc-djangotrac1@… nobody "django.core.validators.isValidImage in trunk does not detect corrupt or truncated images: more PIL calls than just the constructor need to be made in order to effect the full set of checks PIL is capable of, because most PIL.xxxImagePlugin modules read no more data than is necessary at construction time. One of load() or verify() (or both if possible) must be called on the PIL.Image object in order to perform the fullest set of checks. To reproduce: * Prepare truncated/corrupted PNG or JPEG files with vi, dd, based on some known-good images, and leaving the first few bytes of the image header intact. * Test that PIL can spot that the images are corrupt: {{{ >>> from PIL import Image >>> from cStringIO import StringIO >>> i = Image.open(StringIO(open('hi_truncated.png', 'r').read())) >>> i.verify() [...] IndexError: string index out of range >>> i = Image.open(StringIO(open('hi_truncated.jpg', 'r').read())) >>> i.load() [...] IOError: image file is truncated (46 bytes not processed) >>> }}} * Set up a model with an ImageField * Try to upload one of the bad images you prepared via the django admin interface. Expected behaviour: * Upload will be rejected with the message ""Upload a valid image. The file you uploaded was either not an image or a corrupted image."" Observed behaviour as of [4836] (and presumably all the way back to [3]): * Image is accepted as if it were non-corrupt. This is my first django bug report, so I hope I'm doing it right. I could provide a test case if you like, but I noticed that the existing test framework makes no attempt to test this area of code in order to avoid a dependency on PIL at test time. " closed Core (Other) dev fixed images, image, validation, verification, PIL dev@… Ready for checkin 1 0 0 0 0 0