python - ImageMagick not authorized to convert PDF to an image

Question

I have a program, in which I need to convert a PDF to an image using Image Magick. I do that using the subprocess package:

        cmd = 'magick convert -density 300 '+pdfFile+'['+str(rangeTuple[0])+'-'+str(rangeTuple[1])+'] -depth 8 '+'temp.tiff' #WINDOWS
        if(os.path.isfile('temp.tiff')):
            os.remove('temp.tiff')
        subprocess.call(cmd,shell=True)
        im = Image.open('temp.tiff')

The error I got is:

convert-im6.q16: not authorized `temp2.pdf' @ error/constitute.c/ReadImage/412.
convert-im6.q16: no images defined `temp.tiff' @ error/convert.c/ConvertImageCommand/3258.
Traceback (most recent call last):
  File "UKExtraction2.py", line 855, in <module>
    doItAllUpper("A0","UK5.csv","temp",59,70,"box",2,1000,firstPageCoordsUK,boxCoordUK,voterBoxCoordUK,internalBoxNumberCoordUK,externalBoxNumberCoordUK,addListInfoUK)
  File "UKExtraction2.py", line 776, in doItAllUpper
    doItAll(tempPDFName,outputCSV,2,pdfs,formatType,n_blocks,writeBlockSize,firstPageCoords,boxCoord,voterBoxCoord,internalBoxNumberCoord,externalBoxNumberCoord,addListInfo,pdfName)
  File "UKExtraction2.py", line 617, in doItAll
    mainProcess(pdfName,(0,noOfPages-1),formatType,n_blocks,outputCSV,writeBlockSize,firstPageCoords,boxCoord,voterBoxCoord,internalBoxNumberCoord,externalBoxNumberCoord,addListInfo,bigPDFName,basePages)
  File "UKExtraction2.py", line 542, in mainProcess
    im = Image.open('temp.tiff')
  File "/home/rohit/.local/lib/python3.6/site-packages/PIL/Image.py", line 2609, in open
    fp = builtins.open(filename, "rb")
FileNotFoundError: [Errno 2] No such file or directory: 'temp.tiff'

The most important of which is:

convert-im6.q16: not authorized `temp2.pdf' @ error/constitute.c/ReadImage/412.

I think this is because ImageMagick isn't authorized to access the PDF. What should be done now? I'm on a Linux server. Any help is appreciated.

Please review Security Policy in the documentation. You'll need to enable support by editing a policy.xml file. — emcconville
It looks like a temporary patch to safeguard against this security vulnerability: bugs.gentoo.org/664236 so it should "go away" and "just work" again at some point. In the mean time you have the choice of either being unable to use imagemagick for some formats, or having a vulnerability (which you get by following the suggestions below). — TheChymera
One more thing, if possible, people should look into using GhostScript directly, instead of ImageMagick, as it an do the same task of PDF conversion much much faster than IM. — Mooncrater

fmw42 fmw42 · Accepted Answer · 2018-10-17T20:50:58

emcconville is correct. More specifically edit the Imagemagick policy.xml file to uncomment this line:

  <!-- <policy domain="module" rights="none" pattern="{PS,PDF,XPS}" /> -->

And change it from rights="none" to rights="read|write"

  <policy domain="module" rights="read|write" pattern="{PS,PDF,XPS}" />

This was a recent addition to the policy.xml file, I believe, due to a security flaw found in the Ghostscript delegate. I think that flaw has now been fixed in the current version of Ghostscript, which is 9.25.

NOTE: On some systems the policy line will have domain="coder" rather than domain="module"

python - ImageMagick not authorized to convert PDF to an image

4 Answers