File 010-Invalid-number-of-bands-in-FPX-image.patch of Package python-Pillow

From 774e53bb132461d8d5ebefec1162e29ec0ebc63d Mon Sep 17 00:00:00 2001
From: Andrew Murray <radarhere@users.noreply.github.com>
Date: Wed, 1 Jan 2020 16:07:03 +1100
Subject: [PATCH] Raise an error for an invalid number of bands in FPX image

---
 Tests/test_file_fpx.py               |   6 ++++++
 src/PIL/FpxImagePlugin.py            |   5 ++++-
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/Tests/test_file_fpx.py b/Tests/test_file_fpx.py
index 68412c8caa..8135937d44 100644
--- a/Tests/test_file_fpx.py
+++ b/Tests/test_file_fpx.py
@@ -1,3 +1,5 @@
+from PIL import Image
+
 from helper import unittest, PillowTestCase
 
 from PIL import FpxImagePlugin
@@ -14,8 +16,12 @@ def test_invalid_file(self):
         # Test a valid OLE file, but not an FPX file
         ole_file = "Tests/images/test-ole-file.doc"
         self.assertRaises(SyntaxError,
                           lambda: FpxImagePlugin.FpxImageFile(ole_file))
+
+    def test_fpx_invalid_number_of_bands(self):
+        with self.assertRaisesRegexp(IOError, "Invalid number of bands"):
+            Image.open("Tests/images/input_bw_five_bands.fpx")
 
 
 if __name__ == '__main__':
     unittest.main()
diff --git a/PIL/FpxImagePlugin.py b/PIL/FpxImagePlugin.py
index 15ebe0e3b0..8555a6b75a 100644
--- a/PIL/FpxImagePlugin.py
+++ b/PIL/FpxImagePlugin.py
@@ -101,7 +101,10 @@ def _open_index(self, index=1):
         s = prop[0x2000002 | id]
 
         colors = []
-        for i in range(i32(s, 4)):
+        bands = i32(s, 4)
+        if bands > 4:
+            raise IOError("Invalid number of bands")
+        for i in range(bands):
             # note: for now, we ignore the "uncalibrated" flag
             colors.append(i32(s, 8+i*4) & 0x7fffffff)