Tree - rpms/python-pillow - src.fedoraproject.org

rpms / python-pillow

Overview Files Commits Branches Forks Releases
Monitoring status:

Bugzilla Assignee:

Fedora:: smani
EPEL:: smani
Files

Commit: 9d3a3d47fde8c51dcfd88263937a3b8e338e7659
Blob Blame History Raw
diff -rupN --no-dereference Pillow-7.2.0/src/PIL/BlpImagePlugin.py Pillow-7.2.0-new/src/PIL/BlpImagePlugin.py
--- Pillow-7.2.0/src/PIL/BlpImagePlugin.py	2020-06-30 09:50:35.000000000 +0200
+++ Pillow-7.2.0-new/src/PIL/BlpImagePlugin.py	2021-05-24 15:38:11.071397292 +0200
@@ -353,6 +353,7 @@ class BLP1Decoder(_BLPBaseDecoder):
         data = jpeg_header + data
         data = BytesIO(data)
         image = JpegImageFile(data)
+        Image._decompression_bomb_check(image.size)
         self.tile = image.tile  # :/
         self.fd = image.fp
         self.mode = image.mode
diff -rupN --no-dereference Pillow-7.2.0/src/PIL/IcnsImagePlugin.py Pillow-7.2.0-new/src/PIL/IcnsImagePlugin.py
--- Pillow-7.2.0/src/PIL/IcnsImagePlugin.py	2020-06-30 09:50:35.000000000 +0200
+++ Pillow-7.2.0-new/src/PIL/IcnsImagePlugin.py	2021-05-24 15:38:11.071397292 +0200
@@ -106,6 +106,7 @@ def read_png_or_jpeg2000(fobj, start_len
     if sig[:8] == b"\x89PNG\x0d\x0a\x1a\x0a":
         fobj.seek(start)
         im = PngImagePlugin.PngImageFile(fobj)
+        Image._decompression_bomb_check(im.size)
         return {"RGBA": im}
     elif (
         sig[:4] == b"\xff\x4f\xff\x51"
@@ -122,6 +123,7 @@ def read_png_or_jpeg2000(fobj, start_len
         jp2kstream = fobj.read(length)
         f = io.BytesIO(jp2kstream)
         im = Jpeg2KImagePlugin.Jpeg2KImageFile(f)
+        Image._decompression_bomb_check(im.size)
         if im.mode != "RGBA":
             im = im.convert("RGBA")
         return {"RGBA": im}
diff -rupN --no-dereference Pillow-7.2.0/src/PIL/IcoImagePlugin.py Pillow-7.2.0-new/src/PIL/IcoImagePlugin.py
--- Pillow-7.2.0/src/PIL/IcoImagePlugin.py	2020-06-30 09:50:35.000000000 +0200
+++ Pillow-7.2.0-new/src/PIL/IcoImagePlugin.py	2021-05-24 15:38:11.071397292 +0200
@@ -174,6 +174,7 @@ class IcoFile:
         if data[:8] == PngImagePlugin._MAGIC:
             # png frame
             im = PngImagePlugin.PngImageFile(self.buf)
+            Image._decompression_bomb_check(im.size)
         else:
             # XOR + AND mask bmp frame
             im = BmpImagePlugin.DibImageFile(self.buf)
diff -rupN --no-dereference Pillow-7.2.0/Tests/test_file_icns.py Pillow-7.2.0-new/Tests/test_file_icns.py
--- Pillow-7.2.0/Tests/test_file_icns.py	2020-06-30 09:50:35.000000000 +0200
+++ Pillow-7.2.0-new/Tests/test_file_icns.py	2021-05-24 15:38:11.071397292 +0200
@@ -138,3 +138,8 @@ def test_not_an_icns_file():
     with io.BytesIO(b"invalid\n") as fp:
         with pytest.raises(SyntaxError):
             IcnsImagePlugin.IcnsFile(fp)
+
+def test_icns_decompression_bomb():
+    with pytest.raises(Image.DecompressionBombError):
+        im = Image.open('Tests/images/oom-8ed3316a4109213ca96fb8a256a0bfefdece1461.icns')
+        im.load()
rpms / python-pillow

Source Code

Files
