packages/python-pillow
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix CVE-2021-23437

Browse Source 
Signed-off-by: herengui <herengui@uniontech.com>
This commit is contained in:
herengui 2022-01-28 13:45:22 +08:00
parent 9dc87ec144
commit 8d8b7d3939
2 changed files with 47 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
backport-CVE-2021-23437.patch Normal file
View File

@ -0,0 +1,42 @@
From 1dc6564eb7ee8f28fb16eeffaf3572f3e1d5aa29 Mon Sep 17 00:00:00 2001
From: Hugo van Kemenade <hugovk@users.noreply.github.com>
Date: Mon, 23 Aug 2021 19:10:49 +0300
Subject: [PATCH] Raise ValueError if color specifier is too long
Conflict:NA
Reference:https://github.com/python-pillow/Pillow/commit/1dc6564eb7ee8f28fb16eeffaf3572f3e1d5aa29
----
Tests/test_imagecolor.py | 9 +++++++++
src/PIL/ImageColor.py | 2 ++
2 files changed, 11 insertions(+)
diff --git a/Tests/test_imagecolor.py b/Tests/test_imagecolor.py
index b5d6937965..dbe8b9e957 100644
--- a/Tests/test_imagecolor.py
+++ b/Tests/test_imagecolor.py
@@ -191,3 +191,12 @@ def test_rounding_errors():
assert (255, 255) == ImageColor.getcolor("white", "LA")
assert (163, 33) == ImageColor.getcolor("rgba(0, 255, 115, 33)", "LA")
Image.new("LA", (1, 1), "white")
+
+
+def test_color_too_long():
+ # Arrange
+ color_too_long = "hsl(" + "1" * 100 + ")"
+
+ # Act / Assert
+ with pytest.raises(ValueError):
+ ImageColor.getrgb(color_too_long)
diff --git a/src/PIL/ImageColor.py b/src/PIL/ImageColor.py
index 51df440403..25f92f2c73 100644
--- a/src/PIL/ImageColor.py
+++ b/src/PIL/ImageColor.py
@@ -32,6 +32,8 @@ def getrgb(color):
:param color: A color string
:return: ``(red, green, blue[, alpha])``
"""
+ if len(color) > 100:
+ raise ValueError("color specifier is too long")
color = color.lower()
rgb = colormap.get(color, None)

6
python-pillow.spec
View File

@ -5,7 +5,7 @@
Name: python-pillow
Version: 8.1.1
Release: 6
Release: 7
Summary: Python image processing library
License: MIT
URL: http://python-pillow.github.io/
@ -28,6 +28,7 @@ Patch6011: backport-Fix-Memory-DOS-in-ImageFont.patch
Patch6012: backport-0001-CVE-2021-34552.patch
Patch6013: backport-0002-CVE-2021-34552.patch
Patch6014: backport-Updated-default-value-for-SAMPLESPERPIXEL-tag.patch
Patch6015: backport-CVE-2021-23437.patch
BuildRequires: freetype-devel ghostscript lcms2-devel libimagequant-devel libjpeg-devel libraqm-devel libtiff-devel
BuildRequires: libwebp-devel openjpeg2-devel tk-devel zlib-devel python3-cffi python3-devel python3-numpy python3-olefile
@ -159,6 +160,9 @@ popd
%{python3_sitearch}/PIL/__pycache__/ImageQt*
%changelog
* Fri Jan 28 2022 herengui <herengui@uniontech.com> - 8.1.1-7
- fix CVE-2021-23437
* Tue Aug 10 2021 hanhui <hanhui15@huawei.com> - 8.1.1-6
- Type:modify CVE-2021-27921CVE-2021-27922CVE-2021-27923