Overview

File 027-CVE-2021-23437.patch of Package python-Pillow

From 9e08eb8f78fdfd2f476e1b20b7cf38683754866b Mon Sep 17 00:00:00 2001
From: Hugo van Kemenade <hugovk@users.noreply.github.com>
Date: Mon, 23 Aug 2021 19:10:49 +0300
Subject: [PATCH] Raise ValueError if color specifier is too long

---
 Tests/test_imagecolor.py | 9 +++++++++
 src/PIL/ImageColor.py    | 2 ++
 2 files changed, 11 insertions(+)

diff --git a/Tests/test_imagecolor.py b/Tests/test_imagecolor.py
index b5d69379655..dbe8b9e957b 100644
--- a/Tests/test_imagecolor.py
+++ b/Tests/test_imagecolor.py
@@ -187,6 +187,13 @@ class TestImageColor(PillowTestCase):
             (162, 33), ImageColor.getcolor("rgba(0, 255, 115, 33)", "LA"))
         Image.new("LA", (1, 1), "white")
 
+    def test_color_too_long(self):
+        # Arrange
+        color_too_long = "hsl(" + "1" * 100 + ")"
+
+        # Act / Assert
+        self.assertRaises(ValueError, ImageColor.getrgb, color_too_long)
+
 
 if __name__ == '__main__':
     unittest.main()
diff --git a/src/PIL/ImageColor.py b/src/PIL/ImageColor.py
index 51df4404039..25f92f2c732 100644
--- a/src/PIL/ImageColor.py
+++ b/src/PIL/ImageColor.py
@@ -31,6 +31,8 @@ def getrgb(color):
     :param color: A color string
     :return: ``(red, green, blue[, alpha])``
     """
+    if len(color) > 100:
+        raise ValueError("color specifier is too long")
     color = color.lower()
 
     rgb = colormap.get(color, None)
openSUSE Build Service is sponsored by
Places