Saves bitmap file with .JPG extension as image/jpeg

Bug Reports No Bugs
#1

I had a cover file with a .jpg extension. For some reason, it really was a BMP file - the first two bytes were 'BM'. mp3tag displays this file without problem, so it doesn't care much about the file extension, but it does use the file extension to determine mime type. This causes problems in mp3 players that rely on the mime type to display the image, for example WinAmp can't display a bitmap file if it has a image/jpg mime type.

Steps to reproduce:

  1. Take a .bmp file
  2. Change extension to .jpg
  3. Set it as cover for an .mp3 file
  4. Observe that mp3tag displays cover without problem
  5. Observe that winamp can't display cover

I don't know what would be good to do here; maybe just display an error dialog that something is wrong, then the user can convert the open and save the file in an image editor.

I love mp3tag, by the way! I've been a happy user for years, and in fact still am :slight_smile:

#2

I walk with you on the bug way.
Yes, it is possible to disguise any content, e. g. some text file, by adding the file extension ".jpg" to the existing file name and put this file disguised as cover art into the mp3 file.
Mp3tag might display no cover picture but the data will be stored in the file.
Later the data can be extracted, without any change, back to the original format.

Basically this is a wanted behaviour of the "cover art container" - in and out of data without changing anything - still having the original unchanged binary content.

But I tend to say, that it is a heavy bug and that such behaviour carries a high risk and is a security problem at all.

DD.20101020.1732.CEST

#3

So the best thing would be to do a check when loading a new cover file - if it's really not a JPEG, warn the user and have him decide if he wants to continue, because in nearly every case, it's a mistake to put something other than a JPEG into an mp3. Many media players are unable to display PNG and BMP files, because they all assume that JPEG is the dominant format.

#4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.