Bug #100746
Updated by Sybille Peters 10 months ago
If files with wrong file ending (e.g. png image with .jpg or vice versa) are uploaded there are some problem which are difficult to detect if one is not aware of it.
This may vary, depending on the Webserver configuration and graphics tool used (Image Magick or Graphics Magick).
*Note: Behaviour may vary depending on TYPO3 version, most of my tests were with v11, should be verified with latest main.*
I describe what happens on my system.
* for processed files, a processed file with size 0 is created (Graphics Magick does not convert it and shows an error message, but this is not displayed in BE)
* in the BE, no image is displayed as preview
* in the FE, the image is not scaled
* no error messages are displayed and no errors are logged (severity >= ERROR)
Unfortunately, I have a number of these files, noticed this when searching for files with size 0 (_processed files are created with size=0).
h2. Suggested changes
* if possible show an error on upload if the wrong file ending is used or refuse to upload the file (requires 100% correct detection of wrong file ending, at least for images, which may be difficult, should probably be configurable)
* or use correct file ending when creating the processed file (e.g. as detected by graphics tool)
* or do not create processed files with file ending 0, possibly fallback to creating a placeholder image if the created file has size 0
* show errors / log messages
h2. System
* TYPO3 11.5.26
* Graphics Magick (gm)
h2. Reproduce
(1)
1. Upload a file with wrong file ending (e.g. previously mv, do not convert 1.jpg 1.png)
2. Insert file in "Text & Media" as "asset", specify smaller height / width, view in FE (check if scaled), compare with file which is ok
3. activate preview images in file list
Expected:
* error message or fail on trying to upload image with wrong file extension or error message when creation of scaled image fails (actual: there is no flash message and no log message)
* image is scaled in FE or error message is diplayed. (Actual: is not scaled)
* preview image is displayed in filelist. (Actual: is not)
h2. How to detect affected processed files
On command line:
<pre><code class="shell">
find htdocs/fileadmin/_processed -type f -size 0
</code></pre>
The file name of actual file can be derived from the processed file name or looked up in DB sys_file_processedfile.original => sys_file.uid.
h2. Resources / Tools
*gm* This is what was used by TYPO3 to create the thumbnail image in the filelist
<pre><code class="shell">
'/usr/bin/gm' 'convert' -interlace None -auto-orient +profile '*' -sample '64'x'64' 'png:/var/www/site-uol11/htdocs/fileadmin/test/problems/Koala.png[0]' '/var/www/site-uol11/var/transient/preview_6908622721787002005.png'
</code></pre>
output:
<pre><code class="shell">
/usr/bin/gm identify: Improper image header (/var/www/site-uol11/var/transient/preview_6908622721787002005.png) [No such file or directory].
</code></pre>
file
<pre>
$ file htdocs/fileadmin/test/problems/Koala.png
</pre>
output:
<pre>
JPEG image data, JFIF standard 1.02, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, datetime=2009:03:12 13:48:28], baseline, precision 8, 1024x768, components 3
</pre>
file can be used to show the mime type:
<pre>
$ file -b --mime-type htdocs/fileadmin/test/problems/Koala.png
</pre>
shows:
<pre>
image/jpeg
</pre>
or the (correct) extension(s):
<pre>
$ file --extension htdocs/fileadmin/test/problems/Koala.png
</pre>
shows:
<pre>
jpeg/jpg/jpe/jfif
</pre>
-----
PHP exif_imagetype
https://www.php.net/manual/en/function.exif-imagetype.php
also determines real image type.