this post was submitted on 02 May 2024
1 points (100.0% liked)
sh.itjust.works Main Community
7688 readers
6 users here now
Home of the sh.itjust.works instance.
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Got it.
Your PNG contains extra data after the PNG's IEND marker which pict-rs probably errors on.
Your images aren't stored as-is, among other things, their metadata is stripped so people don't unwittingly share their geolocation, etc.
It rewrites the file in the process, but in this case doesn't know what to do with the non png compliant data appended at the end.
Here's a fixed version of your image that uploads fine.
Using
pngcheck -vf
on the original image will give you the starting hex offset (0x10fc31) of that invalid chunk of data, which can then be browsed with whatever hex editor.I haven't investigated that extra data much.
It might be part of a 'capture the flag' game, or not.
The fixed image is just the first bytes of the file upto that invalid extra chunk.
Wow, that's some amazing digital detective work!
Huh, interesting!
If you would indulge me, I have a few additional questions and suggestions:
Q1: Do you know if it would be possible to implement tools to detect and discard invalid data automatically?
Good to know; I had wondered about how metadata was handled.
Q2: Is metadata stripping unique to this server, or a Lemmy-wide standard?
Q3: Is this limit set on a per-server basis, or a Lemmy-wide standard?
Q4:Would it be possible to implement automatic compression of large images?
Most modern phone cameras routinely take larger photos than 5MB.
Just some off-the-cuff suggestions, and I'm not even sure whether they would be best implemented by the instance or the platform.
Thanks for all of your help already!
A1: probably, although that's more processing power. The tool I used to fix it would have outputted a second image file if the extra data had been an image, which is then a weird case to handle. (Upload both? Make 2 links?) Certainly, it could output a better error message though.
A2: Should be lemmy-wide, although technically a malicious server could disable that somehow, which I think would only affect their local users. ie: don't make an account on a server you don't trust.
A3: It is a server specific setting. It's easy enough to change the setting. Bigger limits uses more storage which costs money
A4: Possible, I would think. No idea if that's ever on the devs' roadmap. I think that would be added to the pict-rs code which is then used by the lemmy server.
Both are open source projects, so an instance implementing this could then share the code so it's eventually a feature for everyone.
I've ran into bugs before on some public image host I don't remember where it wouldn't strip metadata if you uploaded an album. It's probably a good practice to strip metadata before uploading, although much less convenient. I double-check that it still works here from time to time, doubly so after upgrading versions.