File CVE-2023-44271.patch of Package python-Pillow.31438

Index: Pillow-9.5.0/Tests/test_imagefont.py
===================================================================
--- Pillow-9.5.0.orig/Tests/test_imagefont.py
+++ Pillow-9.5.0/Tests/test_imagefont.py
@@ -1106,6 +1106,25 @@ def test_render_mono_size():
     assert_image_equal_tofile(im, "Tests/images/text_mono.gif")
 
 
+def test_too_many_characters(font):
+    with pytest.raises(ValueError):
+        font.getlength("A" * 1_000_001)
+    with pytest.raises(ValueError):
+        font.getbbox("A" * 1_000_001)
+    with pytest.raises(ValueError):
+        font.getmask2("A" * 1_000_001)
+
+    transposed_font = ImageFont.TransposedFont(font)
+    with pytest.raises(ValueError):
+        transposed_font.getlength("A" * 1_000_001)
+
+    default_font = ImageFont.load_default()
+    with pytest.raises(ValueError):
+        default_font.getlength("A" * 1_000_001)
+    with pytest.raises(ValueError):
+        default_font.getbbox("A" * 1_000_001)
+
+
 @pytest.mark.parametrize(
     "test_file",
     [
Index: Pillow-9.5.0/src/PIL/ImageFont.py
===================================================================
--- Pillow-9.5.0.orig/src/PIL/ImageFont.py
+++ Pillow-9.5.0/src/PIL/ImageFont.py
@@ -54,6 +54,9 @@ def __getattr__(name):
     raise AttributeError(msg)
 
 
+MAX_STRING_LENGTH = 1_000_000
+
+
 try:
     from . import _imagingft as core
 except ImportError as ex:
@@ -65,6 +68,12 @@ except ImportError as ex:
 _UNSPECIFIED = object()
 
 
+def _string_length_check(text):
+    if MAX_STRING_LENGTH is not None and len(text) > MAX_STRING_LENGTH:
+        msg = "too many characters in string"
+        raise ValueError(msg)
+
+
 # FIXME: add support for pilfont2 format (see FontFile.py)
 
 # --------------------------------------------------------------------
@@ -185,6 +194,7 @@ class ImageFont:
 
         :return: ``(left, top, right, bottom)`` bounding box
         """
+        _string_length_check(text)
         width, height = self.font.getsize(text)
         return 0, 0, width, height
 
@@ -195,6 +205,7 @@ class ImageFont:
 
         .. versionadded:: 9.2.0
         """
+        _string_length_check(text)
         width, height = self.font.getsize(text)
         return width
 
@@ -346,6 +357,7 @@ class FreeTypeFont:
 
         :return: Width for horizontal, height for vertical text.
         """
+        _string_length_check(text)
         return self.font.getlength(text, mode, direction, features, language) / 64
 
     def getbbox(
@@ -405,6 +417,7 @@ class FreeTypeFont:
 
         :return: ``(left, top, right, bottom)`` bounding box
         """
+        _string_length_check(text)
         size, offset = self.font.getsize(
             text, mode, direction, features, language, anchor
         )
@@ -749,6 +762,7 @@ class FreeTypeFont:
                  :py:mod:`PIL.Image.core` interface module, and the text offset, the
                  gap between the starting coordinate and the first marking
         """
+        _string_length_check(text)
         if fill is _UNSPECIFIED:
             fill = Image.core.fill
         else:
@@ -912,6 +926,7 @@ class TransposedFont:
         if self.orientation in (Image.Transpose.ROTATE_90, Image.Transpose.ROTATE_270):
             msg = "text length is undefined for text rotated by 90 or 270 degrees"
             raise ValueError(msg)
+        _string_length_check(text)
         return self.font.getlength(text, *args, **kwargs)