Overview

File 014-Tests-for-tiff-crashes.patch of Package python-Pillow

From 26bf1c352489c9e847ff770cd752e97fda5b82cb Mon Sep 17 00:00:00 2001
From: Andrew Murray <radarhere@users.noreply.github.com>
Date: Wed, 23 Sep 2020 00:14:40 +1000
Subject: [PATCH] Moved CVE images to pillow-depends

---
 Tests/check_tiff_crashes.py |  29 -----------------------------
 Tests/images/crash_1.tif    | Bin 6511 -> 0 bytes
 Tests/images/crash_2.tif    | Bin 6223 -> 0 bytes
 Tests/test_tiff_crashes.py  |  36 ++++++++++++++++++++++++++++++++++++
 4 files changed, 36 insertions(+), 29 deletions(-)
 delete mode 100644 Tests/check_tiff_crashes.py
 delete mode 100644 Tests/images/crash_1.tif
 delete mode 100644 Tests/images/crash_2.tif
 create mode 100644 Tests/test_tiff_crashes.py

diff --git a/Tests/helper.py b/Tests/helper.py
index 5dbdb66..572d6d5 100644
--- a/Tests/helper.py
+++ b/Tests/helper.py
@@ -243,6 +243,11 @@ def on_appveyor():
 def on_appveyor():
     return 'APPVEYOR' in os.environ
 
+def on_ci():
+    # GitHub Actions and AppVeyor have "CI"
+    return "CI" in os.environ
+
+
 if sys.platform == 'win32':
     IMCONVERT = os.environ.get('MAGICK_HOME', '')
     if IMCONVERT:
diff --git a/Tests/test_tiff_crashes.py b/Tests/test_tiff_crashes.py
new file mode 100644
index 0000000000..9c293e0142
--- /dev/null
+++ b/Tests/test_tiff_crashes.py
@@ -0,0 +1,46 @@
+# Reproductions/tests for crashes/read errors in TiffDecode.c
+
+# When run in Python, all of these images should fail for
+# one reason or another, either as a buffer overrun,
+# unrecognized datastream, or truncated image file.
+# There shouldn't be any segfaults.
+#
+# if run like
+# `valgrind --tool=memcheck pytest test_tiff_crashes.py 2>&1 | grep TiffDecode.c`
+# the output should be empty. There may be Python issues
+# in the valgrind especially if run in a debug Python
+# version.
+
+import errno
+
+from PIL import Image
+
+from helper import on_ci, unittest, PillowTestCase
+
+
+# flat backport of parameterized test collection from newer Pillow
+class TestTiffCrashes(PillowTestCase):
+    #@pytest.mark.filterwarnings("ignore:Possibly corrupt EXIF data")
+    #@pytest.mark.filterwarnings("ignore:Metadata warning")
+    def _test(self, test_file):
+        try:
+            with Image.open(test_file) as im:
+                im.load()
+        except EnvironmentError as e:
+            if e.errno != errno.ENOENT:
+                return
+            if not on_ci():
+                self.skipTest("test image not found")
+                return
+            raise
+
+    def test_crash_1(self):
+        self._test("Tests/images/crash_1.tif")
+
+# test disabled as it triggers https://github.com/python-pillow/Pillow/issues/2006
+#    def test_crash_2(self):
+#        self._test("Tests/images/crash_2.tif")
+
+
+if __name__ == '__main__':
+    unittest.main()
openSUSE Build Service is sponsored by
Places