Overview

File CVE-2021-27921.patch of Package python-Pillow.35230

Index: Pillow-7.2.0/Tests/test_file_icns.py
===================================================================
--- Pillow-7.2.0.orig/Tests/test_file_icns.py
+++ Pillow-7.2.0/Tests/test_file_icns.py
@@ -138,3 +138,9 @@ def test_not_an_icns_file():
     with io.BytesIO(b"invalid\n") as fp:
         with pytest.raises(SyntaxError):
             IcnsImagePlugin.IcnsFile(fp)
+
+
+def test_icns_decompression_bomb():
+    with pytest.raises(Image.DecompressionBombError):
+        im = Image.open('Tests/images/oom-8ed3316a4109213ca96fb8a256a0bfefdece1461.icns')
+        im.load()
Index: Pillow-7.2.0/src/PIL/BlpImagePlugin.py
===================================================================
--- Pillow-7.2.0.orig/src/PIL/BlpImagePlugin.py
+++ Pillow-7.2.0/src/PIL/BlpImagePlugin.py
@@ -356,6 +356,7 @@ class BLP1Decoder(_BLPBaseDecoder):
         data = jpeg_header + data
         data = BytesIO(data)
         image = JpegImageFile(data)
+        Image._decompression_bomb_check(image.size)
         self.tile = image.tile  # :/
         self.fd = image.fp
         self.mode = image.mode
Index: Pillow-7.2.0/src/PIL/IcnsImagePlugin.py
===================================================================
--- Pillow-7.2.0.orig/src/PIL/IcnsImagePlugin.py
+++ Pillow-7.2.0/src/PIL/IcnsImagePlugin.py
@@ -106,6 +106,7 @@ def read_png_or_jpeg2000(fobj, start_len
     if sig[:8] == b"\x89PNG\x0d\x0a\x1a\x0a":
         fobj.seek(start)
         im = PngImagePlugin.PngImageFile(fobj)
+        Image._decompression_bomb_check(im.size)
         return {"RGBA": im}
     elif (
         sig[:4] == b"\xff\x4f\xff\x51"
@@ -122,6 +123,7 @@ def read_png_or_jpeg2000(fobj, start_len
         jp2kstream = fobj.read(length)
         f = io.BytesIO(jp2kstream)
         im = Jpeg2KImagePlugin.Jpeg2KImageFile(f)
+        Image._decompression_bomb_check(im.size)
         if im.mode != "RGBA":
             im = im.convert("RGBA")
         return {"RGBA": im}
Index: Pillow-7.2.0/src/PIL/IcoImagePlugin.py
===================================================================
--- Pillow-7.2.0.orig/src/PIL/IcoImagePlugin.py
+++ Pillow-7.2.0/src/PIL/IcoImagePlugin.py
@@ -174,6 +174,7 @@ class IcoFile:
         if data[:8] == PngImagePlugin._MAGIC:
             # png frame
             im = PngImagePlugin.PngImageFile(self.buf)
+            Image._decompression_bomb_check(im.size)
         else:
             # XOR + AND mask bmp frame
             im = BmpImagePlugin.DibImageFile(self.buf)
openSUSE Build Service is sponsored by
Places