rpms / python-pillow

Clone
Source Code
GIT

Files

  1.   e5ac0ac3d68adb87e766b94cfc0798963f845f38
  2.   CVE-2021-25289.patch
Blob Blame History Raw 
diff -rupN --no-dereference Pillow-7.2.0/src/libImaging/TiffDecode.c Pillow-7.2.0-new/src/libImaging/TiffDecode.c
--- Pillow-7.2.0/src/libImaging/TiffDecode.c	2021-03-05 21:08:18.325401446 +0100
+++ Pillow-7.2.0-new/src/libImaging/TiffDecode.c	2021-03-05 21:08:18.407401440 +0100
@@ -305,7 +305,7 @@ int _decodeStripYCbCr(Imaging im, Imagin
         img.row_offset = state->y;
         rows_to_read = min(rows_per_strip, img.height - state->y);
 
-        if (TIFFRGBAImageGet(&img, (UINT32 *)state->buffer, img.width, rows_to_read) == -1) {
+        if (!TIFFRGBAImageGet(&img, (UINT32 *)state->buffer, img.width, rows_to_read) == -1) {
             TRACE(("Decode Error, y: %d\n", state->y ));
             state->errcode = IMAGING_CODEC_BROKEN;
             TIFFRGBAImageEnd(&img);
diff -rupN --no-dereference Pillow-7.2.0/Tests/test_tiff_crashes.py Pillow-7.2.0-new/Tests/test_tiff_crashes.py
--- Pillow-7.2.0/Tests/test_tiff_crashes.py	1970-01-01 01:00:00.000000000 +0100
+++ Pillow-7.2.0-new/Tests/test_tiff_crashes.py	2021-03-05 21:08:18.407401440 +0100
@@ -0,0 +1,40 @@
+# Reproductions/tests for crashes/read errors in TiffDecode.c
+
+# When run in Python, all of these images should fail for
+# one reason or another, either as a buffer overrun,
+# unrecognized datastream, or truncated image file.
+# There shouldn't be any segfaults.
+#
+# if run like
+# `valgrind --tool=memcheck pytest test_tiff_crashes.py 2>&1 | grep TiffDecode.c`
+# the output should be empty. There may be Python issues
+# in the valgrind especially if run in a debug Python
+# version.
+
+import pytest
+
+from PIL import Image
+
+from .helper import on_ci
+
+
+@pytest.mark.parametrize(
+    "test_file",
+    [
+        "Tests/images/crash-1152ec2d1a1a71395b6f2ce6721c38924d025bf3.tif",
+        "Tests/images/crash-0e16d3bfb83be87356d026d66919deaefca44dac.tif",
+    ],
+)
+@pytest.mark.filterwarnings("ignore:Possibly corrupt EXIF data")
+@pytest.mark.filterwarnings("ignore:Metadata warning")
+def test_tiff_crashes(test_file):
+    try:
+        with Image.open(test_file) as im:
+            im.load()
+    except FileNotFoundError:
+        if not on_ci():
+            pytest.skip("test image not found")
+            return
+        raise
+    except OSError:
+        pass
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.