File CVE-2014-1932-mktemp.patch of Package python-imaging
From 4e9f367dfd3f04c8f5d23f7f759ec12782e10ee7 Mon Sep 17 00:00:00 2001
From: wiredfool <eric-github@soroos.net>
Date: Fri, 14 Mar 2014 15:56:41 -0700
Subject: [PATCH] Removed tempfile.mktemp, fixes CVE-2014-1932 CVE-2014-1933,
debian bug #737059
---
PIL/EpsImagePlugin.py | 3 ++-
PIL/Image.py | 9 ++++++---
PIL/IptcImagePlugin.py | 4 ++--
PIL/JpegImagePlugin.py | 12 ++++++++----
4 files changed, 18 insertions(+), 10 deletions(-)
Index: Imaging-1.1.7/PIL/EpsImagePlugin.py
===================================================================
--- Imaging-1.1.7.orig/PIL/EpsImagePlugin.py 2009-11-01 01:44:11.000000000 +0100
+++ Imaging-1.1.7/PIL/EpsImagePlugin.py 2014-04-18 15:47:47.125694292 +0200
@@ -44,7 +44,8 @@
import tempfile, os
- file = tempfile.mktemp()
+ out_fd, file = tempfile.mkstemp()
+ os.close(out_fd)
# Build ghostscript command
command = ["gs",
Index: Imaging-1.1.7/PIL/Image.py
===================================================================
--- Imaging-1.1.7.orig/PIL/Image.py 2009-11-15 16:51:25.000000000 +0100
+++ Imaging-1.1.7/PIL/Image.py 2014-04-18 15:57:25.748089006 +0200
@@ -482,14 +482,22 @@
self.readonly = 0
def _dump(self, file=None, format=None):
- import tempfile
- if not file:
- file = tempfile.mktemp()
+ import tempfile, os
+
self.load()
+
+ suffix = ''
+ if format: suffix = '.' + format
+
+ if not file:
+ f, file = tempfile.mkstemp(suffix)
+ os.close(f)
+
if not format or format == "PPM":
self.im.save_ppm(file)
else:
- file = file + "." + format
+ if not file.endswith(format):
+ file = file + "." + format
self.save(file, format)
return file
Index: Imaging-1.1.7/PIL/IptcImagePlugin.py
===================================================================
--- Imaging-1.1.7.orig/PIL/IptcImagePlugin.py 2009-11-01 01:44:12.000000000 +0100
+++ Imaging-1.1.7/PIL/IptcImagePlugin.py 2014-04-18 15:47:47.125694292 +0200
@@ -173,8 +173,8 @@
self.fp.seek(offset)
# Copy image data to temporary file
- outfile = tempfile.mktemp()
- o = open(outfile, "wb")
+ o_fd, outfile = tempfile.mkstemp(text=False)
+ o = os.fdopen(o_fd)
if encoding == "raw":
# To simplify access to the extracted file,
# prepend a PPM header
Index: Imaging-1.1.7/PIL/JpegImagePlugin.py
===================================================================
--- Imaging-1.1.7.orig/PIL/JpegImagePlugin.py 2009-11-01 01:44:12.000000000 +0100
+++ Imaging-1.1.7/PIL/JpegImagePlugin.py 2014-04-18 16:03:18.452141478 +0200
@@ -343,15 +343,18 @@
# ALTERNATIVE: handle JPEGs via the IJG command line utilities
+ if not os.path.exists(self.filename):
+ raise ValueError("Invalid Filename")
+
import tempfile, os
- file = tempfile.mktemp()
- os.system("djpeg %s >%s" % (self.filename, file))
+ f, path = tempfile.mkstemp()
+ os.close(f)
try:
- self.im = Image.core.open_ppm(file)
+ os.system("djpeg '%s' >'%s'" % (self.filename, path))
+ self.im = Image.core.open_ppm(path)
finally:
- try: os.unlink(file)
- except: pass
+ os.unlink(path)
self.mode = self.im.mode
self.size = self.im.size
