Opened 16 years ago

Closed 16 years ago

#4478 closed (fixed)

[patch] PIL Bug Causes Django 0.96 Image Validator to Break if OLE Document Uploaded

Reported by: pchilds@… Owned by: nobody
Component: Validators Version: 0.96
Severity: Keywords: image validator
Cc: v.oostveen@… Triage Stage: Design decision needed
Has patch: yes Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no


My first test was to upload a valid image. Worked fine.
My next few tests were to upload invalid files: pdf, vb, xml, txt,
The result was a nice error message except when I tried to upload any
kind of MS Office file. This broke Django...

Traceback (most recent call last):
File "C:\Python24\Lib\site-packages\django\core\handlers\" in

  1. response = callback(request, *callback_args, callback_kwargs)

File "C:\Python24\Lib\site-packages\django\contrib\auth\"
in _checklogin

  1. return view_func(request, *args, kwargs)

File "c:\idms_project\idms\ssi\" in update_ssi_status

  1. errors = manipulator.get_validation_errors(new_data)

File "C:\Python24\Lib\site-packages\django\oldforms\" in

  1. errors.update(field.get_validation_errors(new_data))

File "C:\Python24\Lib\site-packages\django\oldforms\" in

  1. self.run_validator(new_data, validator)

File "C:\Python24\Lib\site-packages\django\oldforms\" in

  1. validator(new_data.get(self.field_name, ), new_data)

File "C:\Python24\Lib\site-packages\django\oldforms\" in

  1. validators.isValidImage(field_data, all_data)

File "C:\Python24\Lib\site-packages\django\core\" in


File "C:\Python24\lib\site-packages\PIL\" in open

  1. return factory(fp, filename)

File "C:\Python24\lib\site-packages\PIL\" in init

  1. self._open()

File "C:\Python24\lib\site-packages\PIL\" in _open

  1. self.ole = OleFileIO(self.fp)

File "C:\Python24\lib\site-packages\PIL\" in init


File "C:\Python24\lib\site-packages\PIL\" in open

  1. self.loadfat(header)

File "C:\Python24\lib\site-packages\PIL\" in loadfat

  1. s = self.getsect(ix)

File "C:\Python24\lib\site-packages\PIL\" in getsect

  1. + self.sectorsize * sect)

OverflowError at /ssi/ssi_status/update/380/181/
long int too large to convert to int

According to Chris Beaven, the problem is with PIL...
It's a bug with PIL reading OLE files with Python 2.4:

Probably worth filing a ticket - it'd be easy enough to catch
OverflowError in our validator.
-end quote-

Attachments (1)

pil_validator_fix.patch (837 bytes) - added by Chris Beaven 16 years ago.

Download all attachments as: .zip

Change History (5)

comment:1 Changed 16 years ago by Chris Beaven

Triage Stage: UnreviewedDesign decision needed

Design decision because I'm not sure what the policy is on Django working around bugs in third-party products. I do have a simple patch which will solve the problem if we do want to work around it.

Changed 16 years ago by Chris Beaven

Attachment: pil_validator_fix.patch added

comment:2 Changed 16 years ago by anonymous

Cc: v.oostveen@… added
Has patch: set
Summary: PIL Bug Causes Django 0.96 Image Validator to Break if OLE Document Uploaded[patch] PIL Bug Causes Django 0.96 Image Validator to Break if OLE Document Uploaded

Applyed this patch to my django project and it works fine.

I'm +1 on including this

only recommand that we change the except to:

except (IOError, OverflowError): # Python Imaging Library doesn't recognize it as an image 

so it's less confusing towards except Exception, e: and future Python versions.

p.s. i don't think this is a design decision, this is a bug in PIL and we should capture the OverFlow acception.
as it tells the application, something went wrong in trying to read the image (OLE object in this case)

comment:3 Changed 16 years ago by Chris Beaven

Thank's v, you're right that the exceptions should have been tupled.

comment:4 Changed 16 years ago by Russell Keith-Magee

Resolution: fixed
Status: newclosed

(In [6096]) Fixed #4478 -- Added a catch for an error thrown by PIL when attempting to validate MS OLE files.

Note: See TracTickets for help on using tickets.
Back to Top