Security News > 2023 > March > Windows 11 also vulnerable to “aCropalypse” image data leakage
The new, smaller, image file would be written over the start of the old one, but the file size would remain the same and the now-redundant data at the end of the original file would stay where it was.
If you sent that file to someone else and they opened it with a conventional image viewing or editing tool, their software would read the file until it reached a data chunk that said, "That's it; you can stop now and ignore any trailing data in the file."
If you're talking about image fragments can be reconstructed from a file that's been cropped or redacted.
You could get lucky, to be sure: if the image is stored row-by-row, and you crop off the top of the image, you will probably end up with a new image consisting of the bottom half of the old image in the "Official" part of the file, and the bottom half repeated in the left-over data that was supposed to be chopped off but wasn't.
If you crop off the bottom of the image, the new file will have the old top part "Officially" re-encoded and written over the start, and the cropped-off bottom half of the image left behind exactly where it was before, in the unofficial end of the new file, waiting to be extracted by an attacker.
Well, the deal is that this problem of files not being truncated when they are replaced with new version also applies on Windows 11, where the Snipping Tool, like the Google Pixel Markup app, will let you crop an image without also correctly cropping the file it's updating.