[Bug]: HEIC box types with non-ASCII bytes trigger UnicodeDecodeError DoS #245
Description
Summary
Opening a HEIC file whose second box type contains a non-ASCII byte causes exifread.core.heic.HEICExifFinder.next_box to throw a
UnicodeDecodeError. The exception bubbles out of exifread.process_file, so any application parsing such a file will crash.
poc:
import io
import exifread # 3.5.1
with open("poc.jpg", "rb") as f:
stream = io.BytesIO(f.read())
exifread.process_file(stream, details=False, strict=False, debug=False)Traceback:
Traceback (most recent call last):
File "<stdin>", line 8, in <module>
File ".../exifread/__init__.py", line 73, in process_file
offset, endian_bytes, fake_exif = determine_type(fh)
File ".../exifread/core/find_exif.py", line 103, in determine_type
offset, endian = heic.find_exif()
File ".../exifread/core/heic.py", line 337, in find_exif
meta = self.expect_parse("meta")
File ".../exifread/core/heic.py", line 187, in expect_parse
box = self.next_box()
File ".../exifread/core/heic.py", line 163, in next_box
kind = self.get(4).decode("ascii")
UnicodeDecodeError: 'ascii' codec can't decode byte 0x8a in position 3: ordinal not in range(128)