packages/python-pillow
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

incorporate community patch

Browse Source
This commit is contained in:
liuyumeng 2021-07-15 15:22:31 +08:00
parent 650fdeb0c7
commit eccb6b2b76
4 changed files with 123 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
backport-0001-CVE-2021-34552.patch Normal file
View File

@ -0,0 +1,43 @@
From 5f4504bb03f4edeeef8c2633dc5ba03a4c2a8a97 Mon Sep 17 00:00:00 2001
From: Andrew Murray <radarhere@users.noreply.github.com>
Date: Tue, 15 Jun 2021 15:14:26 +1000
Subject: [PATCH] Limit sprintf modes to 10 characters
Conflict:NA
Reference:https://github.com/python-pillow/Pillow/commit/5f4504bb03f4edeeef8c2633dc5ba03a4c2a8a97
---
src/libImaging/Convert.c | 10 ++++------
1 file changed, 4 insertions(+), 6 deletions(-)
diff --git a/src/libImaging/Convert.c b/src/libImaging/Convert.c
index b0b794d..64bbeee 100644
--- a/src/libImaging/Convert.c
+++ b/src/libImaging/Convert.c
@@ -1664,9 +1664,8 @@ convert(Imaging imOut, Imaging imIn, const char *mode,
#ifdef notdef
return (Imaging) ImagingError_ValueError("conversion not supported");
#else
- static char buf[256];
- /* FIXME: may overflow if mode is too large */
- sprintf(buf, "conversion from %s to %s not supported", imIn->mode, mode);
+ static char buf[100];
+ sprintf(buf, "conversion from %.10s to %.10s not supported", imIn->mode, mode);
return (Imaging) ImagingError_ValueError(buf);
#endif
}
@@ -1724,9 +1723,8 @@ ImagingConvertTransparent(Imaging imIn, const char *mode,
}
#else
{
- static char buf[256];
- /* FIXME: may overflow if mode is too large */
- sprintf(buf, "conversion from %s to %s not supported in convert_transparent", imIn->mode, mode);
+ static char buf[100];
+ sprintf(buf, "conversion from %.10s to %.10s not supported in convert_transparent", imIn->mode, mode);
return (Imaging) ImagingError_ValueError(buf);
}
#endif
--
2.27.0

37
backport-0002-CVE-2021-34552.patch Normal file
View File

@ -0,0 +1,37 @@
From 518ee3722a99d7f7d890db82a20bd81c1c0327fb Mon Sep 17 00:00:00 2001
From: Andrew Murray <radarhere@users.noreply.github.com>
Date: Wed, 30 Jun 2021 23:47:10 +1000
Subject: [PATCH] Use snprintf instead of sprintf
Conflict:NA
Reference:https://github.com/python-pillow/Pillow/commit/518ee3722a99d7f7d890db82a20bd81c1c0327fb
---
src/libImaging/Convert.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/libImaging/Convert.c b/src/libImaging/Convert.c
index 64bbeee..28b952e 100644
--- a/src/libImaging/Convert.c
+++ b/src/libImaging/Convert.c
@@ -1665,7 +1665,7 @@ convert(Imaging imOut, Imaging imIn, const char *mode,
return (Imaging) ImagingError_ValueError("conversion not supported");
#else
static char buf[100];
- sprintf(buf, "conversion from %.10s to %.10s not supported", imIn->mode, mode);
+ snprintf(buf, 100, "conversion from %.10s to %.10s not supported", imIn->mode, mode);
return (Imaging) ImagingError_ValueError(buf);
#endif
}
@@ -1724,7 +1724,7 @@ ImagingConvertTransparent(Imaging imIn, const char *mode,
#else
{
static char buf[100];
- sprintf(buf, "conversion from %.10s to %.10s not supported in convert_transparent", imIn->mode, mode);
+ snprintf(buf, 100, "conversion from %.10s to %.10s not supported in convert_transparent", imIn->mode, mode);
return (Imaging) ImagingError_ValueError(buf);
}
#endif
--
2.27.0

31
backport-Updated-default-value-for-SAMPLESPERPIXEL-tag.patch Normal file
View File

@ -0,0 +1,31 @@
From 6fc039a21c683b13c311e1759c3570bc4dc5f459 Mon Sep 17 00:00:00 2001
From: Andrew Murray <radarhere@users.noreply.github.com>
Date: Tue, 4 May 2021 16:50:12 +1000
Subject: [PATCH] Updated default value for SAMPLESPERPIXEL tag
Conflict:NA
Reference:https://github.com/python-pillow/Pillow/commit/6fc039a21c683b13c311e1759c3570bc4dc5f459
---
src/PIL/TiffImagePlugin.py | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/src/PIL/TiffImagePlugin.py b/src/PIL/TiffImagePlugin.py
index ced414f..860d870 100644
--- a/src/PIL/TiffImagePlugin.py
+++ b/src/PIL/TiffImagePlugin.py
@@ -1250,7 +1250,10 @@ class TiffImageFile(ImageFile.ImageFile):
if bps_count > len(bps_tuple) and len(bps_tuple) == 1:
bps_tuple = bps_tuple * bps_count
- samplesPerPixel = self.tag_v2.get(SAMPLESPERPIXEL, 1)
+ samplesPerPixel = self.tag_v2.get(
+ SAMPLESPERPIXEL,
+ 3 if self._compression == "tiff_jpeg" and photo in (2, 6) else 1,
+ )
if len(bps_tuple) != samplesPerPixel:
raise SyntaxError("unknown data organization")
--
2.27.0

15
python-pillow.spec
View File

@ -5,7 +5,7 @@
Name: python-pillow
Version: 8.1.1
Release: 5
Release: 6
Summary: Python image processing library
License: MIT
URL: http://python-pillow.github.io/
@ -26,7 +26,10 @@ Patch6008: backport-Fixed-linear_gradient-and-radial_gradient-32-bit-mod.pa
Patch6009: backport-fixes-crash-74d2.patch
Patch6010: backport-fix-for-crash-8115.patch
Patch6011: backport-Fix-Memory-DOS-in-ImageFont.patch
Patch6012: backport-0001-CVE-2021-34552.patch
Patch6013: backport-0002-CVE-2021-34552.patch
Patch6014: backport-Updated-default-value-for-SAMPLESPERPIXEL-tag.patch
BuildRequires: freetype-devel ghostscript lcms2-devel libimagequant-devel libjpeg-devel libraqm-devel libtiff-devel
BuildRequires: libwebp-devel openjpeg2-devel tk-devel zlib-devel python3-cffi python3-devel python3-numpy python3-olefile
BuildRequires: python3-qt5 python3-setuptools python3-tkinter gcc
@ -157,6 +160,12 @@ popd
%{python3_sitearch}/PIL/__pycache__/ImageQt*
%changelog
* Thu Jul 15 2021 liuyumeng <liuyumeng5@huawei.com> - 8.1.1-6
- Type:bugfix
- CVE:CVE-2021-34552
- SUG:NA
- DESC: incorporate community patch
* Tue Jul 6 2021 hanhui <hanhui15@huawei.com> - 8.1.1-5
- Type:bugfix
- CVE:CVE-2021-28675 CVE-2021-28676 CVE-2021-28677 CVE-2021-28678 CVE-2021-25287 CVE-2021-25288
@ -166,7 +175,7 @@ popd
* Mon Jun 21 2021 hanhui <hanhui15@huawei.com> - 8.1.1-4
- DESC: in the check section,using the cp -a instead of install
* Mon Jun 15 2021 hanhui <hanhui15@huawei.com> - 8.1.1-3
* Tue Jun 15 2021 hanhui <hanhui15@huawei.com> - 8.1.1-3
- DESC: add buildrequire gcc
* Sat Mar 13 2021 wangye <wangye70@huawei.com> - 8.1.1-2