From 5071692039805253ab37dad9fac2f375935a38af Mon Sep 17 00:00:00 2001 From: Andrew Murray Date: Wed, 25 Oct 2023 08:52:06 +1100 Subject: [PATCH 1/8] Fixed Image.frombytes() for images with a zero dimension --- Tests/test_image.py | 4 ++++ src/PIL/Image.py | 15 ++++++++------- 2 files changed, 12 insertions(+), 7 deletions(-) diff --git a/Tests/test_image.py b/Tests/test_image.py index 83dac70802f..f82b3a9472e 100644 --- a/Tests/test_image.py +++ b/Tests/test_image.py @@ -906,6 +906,10 @@ def test_zero_tobytes(self, size): im = Image.new("RGB", size) assert im.tobytes() == b"" + @pytest.mark.parametrize("size", ((1, 0), (0, 1), (0, 0))) + def test_zero_frombytes(self, size): + Image.frombytes("RGB", size, b"") + def test_has_transparency_data(self): for mode in ("1", "L", "P", "RGB"): im = Image.new(mode, (1, 1)) diff --git a/src/PIL/Image.py b/src/PIL/Image.py index 771cb33c3de..0c93f4dc72a 100644 --- a/src/PIL/Image.py +++ b/src/PIL/Image.py @@ -2967,15 +2967,16 @@ def frombytes(mode, size, data, decoder_name="raw", *args): _check_size(size) - # may pass tuple instead of argument list - if len(args) == 1 and isinstance(args[0], tuple): - args = args[0] + im = new(mode, size) + if im.width != 0 and im.height != 0: + # may pass tuple instead of argument list + if len(args) == 1 and isinstance(args[0], tuple): + args = args[0] - if decoder_name == "raw" and args == (): - args = mode + if decoder_name == "raw" and args == (): + args = mode - im = new(mode, size) - im.frombytes(data, decoder_name, args) + im.frombytes(data, decoder_name, args) return im From 91f115bead706e7b9b57a9135be82726a843cdda Mon Sep 17 00:00:00 2001 From: Andrew Murray Date: Wed, 25 Oct 2023 08:52:26 +1100 Subject: [PATCH 2/8] Fixed im.frombytes() for images with a zero dimension --- Tests/test_image.py | 3 +++ src/PIL/Image.py | 3 +++ 2 files changed, 6 insertions(+) diff --git a/Tests/test_image.py b/Tests/test_image.py index f82b3a9472e..039eb33d1ef 100644 --- a/Tests/test_image.py +++ b/Tests/test_image.py @@ -910,6 +910,9 @@ def test_zero_tobytes(self, size): def test_zero_frombytes(self, size): Image.frombytes("RGB", size, b"") + im = Image.new("RGB", size) + im.frombytes(b"") + def test_has_transparency_data(self): for mode in ("1", "L", "P", "RGB"): im = Image.new(mode, (1, 1)) diff --git a/src/PIL/Image.py b/src/PIL/Image.py index 0c93f4dc72a..cb092f1ae1f 100644 --- a/src/PIL/Image.py +++ b/src/PIL/Image.py @@ -791,6 +791,9 @@ def frombytes(self, data, decoder_name="raw", *args): but loads data into this image instead of creating a new image object. """ + if self.width == 0 or self.height == 0: + return + # may pass tuple instead of argument list if len(args) == 1 and isinstance(args[0], tuple): args = args[0] From 1a6c76495bf9a9c4599c8dd4b794df228051c735 Mon Sep 17 00:00:00 2001 From: Andrew Murray Date: Tue, 31 Oct 2023 17:47:52 +1100 Subject: [PATCH 3/8] Mention olefile in installation instructions --- docs/installation.rst | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/docs/installation.rst b/docs/installation.rst index 2ffd9ae5902..00a32a81ea0 100644 --- a/docs/installation.rst +++ b/docs/installation.rst @@ -42,6 +42,11 @@ Install Pillow with :command:`pip`:: python3 -m pip install --upgrade pip python3 -m pip install --upgrade Pillow +:pypi:`olefile` can additionally be installed to allow Pillow to read FPX and +MIC images:: + + python3 -m pip install --upgrade olefile + .. tab:: Linux From b92c09a391d83d8a81e17078f0645e1529255bc5 Mon Sep 17 00:00:00 2001 From: Andrew Murray <3112309+radarhere@users.noreply.github.com> Date: Tue, 31 Oct 2023 18:39:38 +1100 Subject: [PATCH 4/8] Updated wording Co-authored-by: Hugo van Kemenade --- docs/installation.rst | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/docs/installation.rst b/docs/installation.rst index 00a32a81ea0..252ad6e6c38 100644 --- a/docs/installation.rst +++ b/docs/installation.rst @@ -42,8 +42,7 @@ Install Pillow with :command:`pip`:: python3 -m pip install --upgrade pip python3 -m pip install --upgrade Pillow -:pypi:`olefile` can additionally be installed to allow Pillow to read FPX and -MIC images:: +Optionally, install :pypi:`olefile` for Pillow to read FPX and MIC images:: python3 -m pip install --upgrade olefile From d499f0016f1d1a9bbe9711e49623871aa5adb84c Mon Sep 17 00:00:00 2001 From: Andrew Murray <3112309+radarhere@users.noreply.github.com> Date: Thu, 2 Nov 2023 08:21:35 +1100 Subject: [PATCH 5/8] Mention defusedxml MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Ondrej Baranovič --- docs/installation.rst | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/docs/installation.rst b/docs/installation.rst index 252ad6e6c38..7afccc5b0c2 100644 --- a/docs/installation.rst +++ b/docs/installation.rst @@ -42,9 +42,10 @@ Install Pillow with :command:`pip`:: python3 -m pip install --upgrade pip python3 -m pip install --upgrade Pillow -Optionally, install :pypi:`olefile` for Pillow to read FPX and MIC images:: +Optionally, install :pypi:`defusedxml` for Pillow to read XMP data, +and :pypi:`olefile` for Pillow to read FPX and MIC images:: - python3 -m pip install --upgrade olefile + python3 -m pip install --upgrade defusedxml olefile .. tab:: Linux From 6b1e939027cd6b76a2a86d86414d6087c7c0b44d Mon Sep 17 00:00:00 2001 From: Andrew Murray Date: Thu, 2 Nov 2023 17:33:10 +1100 Subject: [PATCH 6/8] Removed Fedora 37 --- .github/workflows/test-docker.yml | 1 - docs/installation.rst | 2 -- 2 files changed, 3 deletions(-) diff --git a/.github/workflows/test-docker.yml b/.github/workflows/test-docker.yml index c8fd69ba045..ec22a8184b4 100644 --- a/.github/workflows/test-docker.yml +++ b/.github/workflows/test-docker.yml @@ -51,7 +51,6 @@ jobs: debian-11-bullseye-amd64, debian-12-bookworm-x86, debian-12-bookworm-amd64, - fedora-37-amd64, fedora-38-amd64, gentoo, ubuntu-20.04-focal-amd64, diff --git a/docs/installation.rst b/docs/installation.rst index 2ffd9ae5902..d5aa66f4970 100644 --- a/docs/installation.rst +++ b/docs/installation.rst @@ -456,8 +456,6 @@ These platforms are built and tested for every change. +----------------------------------+----------------------------+---------------------+ | Debian 12 Bookworm | 3.11 | x86, x86-64 | +----------------------------------+----------------------------+---------------------+ -| Fedora 37 | 3.11 | x86-64 | -+----------------------------------+----------------------------+---------------------+ | Fedora 38 | 3.11 | x86-64 | +----------------------------------+----------------------------+---------------------+ | Gentoo | 3.9 | x86-64 | From fa138155b20811c7a18bcf5f8890ec1c072e0dc2 Mon Sep 17 00:00:00 2001 From: Andrew Murray Date: Fri, 3 Nov 2023 19:01:22 +1100 Subject: [PATCH 7/8] Update CHANGES.rst [ci skip] --- CHANGES.rst | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/CHANGES.rst b/CHANGES.rst index f4d11ba48e6..0f1e419aa93 100644 --- a/CHANGES.rst +++ b/CHANGES.rst @@ -2,6 +2,12 @@ Changelog (Pillow) ================== +10.2.0 (unreleased) +------------------- + +- Fixed frombytes() for images with a zero dimension #7493 + [radarhere] + 10.1.0 (2023-10-15) ------------------- From 5339c1cf63bb4ea43739ac293bdd801a316e66b2 Mon Sep 17 00:00:00 2001 From: Hugo van Kemenade Date: Fri, 3 Nov 2023 11:59:37 +0200 Subject: [PATCH 8/8] Add CVE-2023-44271 to ImageFont.MAX_STRING_LENGTH fix in release notes --- docs/releasenotes/10.0.0.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/releasenotes/10.0.0.rst b/docs/releasenotes/10.0.0.rst index 06acfc7afd2..a3f238119f0 100644 --- a/docs/releasenotes/10.0.0.rst +++ b/docs/releasenotes/10.0.0.rst @@ -173,8 +173,8 @@ been processed before Pillow started checking for decompression bombs. Added ImageFont.MAX_STRING_LENGTH ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -To protect against potential DOS attacks when using arbitrary strings as text -input, Pillow will now raise a ``ValueError`` if the number of characters +:cve:`2023-44271`: To protect against potential DOS attacks when using arbitrary strings as text +input, Pillow will now raise a :py:exc:`ValueError` if the number of characters passed into ImageFont methods is over a certain limit, :py:data:`PIL.ImageFont.MAX_STRING_LENGTH`.