File 0018-Invalid-number-of-bands-in-FPX-image.patch of Package python-Pillow

From 774e53bb132461d8d5ebefec1162e29ec0ebc63d Mon Sep 17 00:00:00 2001
From: Andrew Murray <radarhere@users.noreply.github.com>
Date: Wed, 1 Jan 2020 16:07:03 +1100
Subject: [PATCH] Raise an error for an invalid number of bands in FPX image

---
 Tests/test_image.py                  |   6 ++++++
 src/PIL/FpxImagePlugin.py            |   5 ++++-
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/Tests/test_file_fpx.py b/Tests/test_file_fpx.py
index 68412c8caa..8135937d44 100644
--- a/Tests/test_image.py
+++ b/Tests/test_image.py
@@ -214,6 +214,10 @@ def test_overrun(self):
                 self.assertFail()
             except IOError as e:
                 self.assertEqual(str(e), "buffer overrun when reading image file")
+
+    def test_fpx_invalid_number_of_bands(self):
+        with self.assertRaisesRegexp(IOError, "Invalid number of bands"):
+            Image.open("Tests/images/input_bw_five_bands.fpx")
 
 if __name__ == '__main__':
     unittest.main()
diff --git a/PIL/FpxImagePlugin.py b/PIL/FpxImagePlugin.py
index 15ebe0e3b0..8555a6b75a 100644
--- a/PIL/FpxImagePlugin.py
+++ b/PIL/FpxImagePlugin.py
@@ -100,7 +100,10 @@ def _open_index(self, index=1):
         s = prop[0x2000002 | id]
 
         colors = []
-        for i in range(i32(s, 4)):
+        bands = i32(s, 4)
+        if bands > 4:
+            raise IOError("Invalid number of bands")
+        for i in range(bands):
             # note: for now, we ignore the "uncalibrated" flag
             colors.append(i32(s, 8+i*4) & 0x7fffffff)