Pillow/Tests/test_decompression_bomb.py

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

113 lines
3.6 KiB
Python
Raw Permalink Normal View History

from __future__ import annotations
2024-01-20 14:23:03 +03:00
import pytest
2014-05-27 13:40:52 +04:00
from PIL import Image
2020-03-28 04:51:28 +03:00
from .helper import hopper
2014-09-05 13:36:24 +04:00
TEST_FILE = "Tests/images/hopper.ppm"
2014-05-27 13:40:52 +04:00
2014-06-23 12:22:25 +04:00
ORIGINAL_LIMIT = Image.MAX_IMAGE_PIXELS
2014-05-27 13:40:52 +04:00
2020-03-28 04:51:28 +03:00
class TestDecompressionBomb:
2024-06-09 08:16:17 +03:00
def teardown_method(self) -> None:
2014-06-23 12:22:25 +04:00
Image.MAX_IMAGE_PIXELS = ORIGINAL_LIMIT
def test_no_warning_small_file(self) -> None:
# Implicit assert: no warning.
# A warning would cause a failure.
Improve handling of file resources Follow Python's file object semantics. User code is responsible for closing resources (usually through a context manager) in a deterministic way. To achieve this, remove __del__ functions. These functions used to closed open file handlers in an attempt to silence Python ResourceWarnings. However, using __del__ has the following drawbacks: - __del__ isn't called until the object's reference count reaches 0. Therefore, resource handlers remain open or in use longer than necessary. - The __del__ method isn't guaranteed to execute on system exit. See the Python documentation: https://docs.python.org/3/reference/datamodel.html#object.__del__ > It is not guaranteed that __del__() methods are called for objects > that still exist when the interpreter exits. - Exceptions that occur inside __del__ are ignored instead of raised. This has the potential of hiding bugs. This is also in the Python documentation: > Warning: Due to the precarious circumstances under which __del__() > methods are invoked, exceptions that occur during their execution > are ignored, and a warning is printed to sys.stderr instead. Instead, always close resource handlers when they are no longer in use. This will close the file handler at a specified point in the user's code and not wait until the interpreter chooses to. It is always guaranteed to run. And, if an exception occurs while closing the file handler, the bug will not be ignored. Now, when code receives a ResourceWarning, it will highlight an area that is mishandling resources. It should not simply be silenced, but fixed by closing resources with a context manager. All warnings that were emitted during tests have been cleaned up. To enable warnings, I passed the `-Wa` CLI option to Python. This exposed some mishandling of resources in ImageFile.__init__() and SpiderImagePlugin.loadImageSeries(), they too were fixed.
2019-05-25 19:30:58 +03:00
with Image.open(TEST_FILE):
pass
2014-05-27 13:40:52 +04:00
def test_no_warning_no_limit(self) -> None:
# Arrange
# Turn limit off
Image.MAX_IMAGE_PIXELS = None
2020-02-12 19:29:19 +03:00
assert Image.MAX_IMAGE_PIXELS is None
2014-05-27 13:40:52 +04:00
# Act / Assert
# Implicit assert: no warning.
# A warning would cause a failure.
Improve handling of file resources Follow Python's file object semantics. User code is responsible for closing resources (usually through a context manager) in a deterministic way. To achieve this, remove __del__ functions. These functions used to closed open file handlers in an attempt to silence Python ResourceWarnings. However, using __del__ has the following drawbacks: - __del__ isn't called until the object's reference count reaches 0. Therefore, resource handlers remain open or in use longer than necessary. - The __del__ method isn't guaranteed to execute on system exit. See the Python documentation: https://docs.python.org/3/reference/datamodel.html#object.__del__ > It is not guaranteed that __del__() methods are called for objects > that still exist when the interpreter exits. - Exceptions that occur inside __del__ are ignored instead of raised. This has the potential of hiding bugs. This is also in the Python documentation: > Warning: Due to the precarious circumstances under which __del__() > methods are invoked, exceptions that occur during their execution > are ignored, and a warning is printed to sys.stderr instead. Instead, always close resource handlers when they are no longer in use. This will close the file handler at a specified point in the user's code and not wait until the interpreter chooses to. It is always guaranteed to run. And, if an exception occurs while closing the file handler, the bug will not be ignored. Now, when code receives a ResourceWarning, it will highlight an area that is mishandling resources. It should not simply be silenced, but fixed by closing resources with a context manager. All warnings that were emitted during tests have been cleaned up. To enable warnings, I passed the `-Wa` CLI option to Python. This exposed some mishandling of resources in ImageFile.__init__() and SpiderImagePlugin.loadImageSeries(), they too were fixed.
2019-05-25 19:30:58 +03:00
with Image.open(TEST_FILE):
pass
2014-05-27 13:40:52 +04:00
def test_warning(self) -> None:
# Set limit to trigger warning on the test file
2018-03-06 11:53:07 +03:00
Image.MAX_IMAGE_PIXELS = 128 * 128 - 1
2020-02-12 19:29:19 +03:00
assert Image.MAX_IMAGE_PIXELS == 128 * 128 - 1
2014-05-27 13:40:52 +04:00
2023-02-23 16:30:38 +03:00
with pytest.warns(Image.DecompressionBombWarning):
Improve handling of file resources Follow Python's file object semantics. User code is responsible for closing resources (usually through a context manager) in a deterministic way. To achieve this, remove __del__ functions. These functions used to closed open file handlers in an attempt to silence Python ResourceWarnings. However, using __del__ has the following drawbacks: - __del__ isn't called until the object's reference count reaches 0. Therefore, resource handlers remain open or in use longer than necessary. - The __del__ method isn't guaranteed to execute on system exit. See the Python documentation: https://docs.python.org/3/reference/datamodel.html#object.__del__ > It is not guaranteed that __del__() methods are called for objects > that still exist when the interpreter exits. - Exceptions that occur inside __del__ are ignored instead of raised. This has the potential of hiding bugs. This is also in the Python documentation: > Warning: Due to the precarious circumstances under which __del__() > methods are invoked, exceptions that occur during their execution > are ignored, and a warning is printed to sys.stderr instead. Instead, always close resource handlers when they are no longer in use. This will close the file handler at a specified point in the user's code and not wait until the interpreter chooses to. It is always guaranteed to run. And, if an exception occurs while closing the file handler, the bug will not be ignored. Now, when code receives a ResourceWarning, it will highlight an area that is mishandling resources. It should not simply be silenced, but fixed by closing resources with a context manager. All warnings that were emitted during tests have been cleaned up. To enable warnings, I passed the `-Wa` CLI option to Python. This exposed some mishandling of resources in ImageFile.__init__() and SpiderImagePlugin.loadImageSeries(), they too were fixed.
2019-05-25 19:30:58 +03:00
with Image.open(TEST_FILE):
pass
def test_exception(self) -> None:
# Set limit to trigger exception on the test file
2018-03-06 11:53:07 +03:00
Image.MAX_IMAGE_PIXELS = 64 * 128 - 1
2020-02-12 19:29:19 +03:00
assert Image.MAX_IMAGE_PIXELS == 64 * 128 - 1
2020-02-12 19:29:19 +03:00
with pytest.raises(Image.DecompressionBombError):
Improve handling of file resources Follow Python's file object semantics. User code is responsible for closing resources (usually through a context manager) in a deterministic way. To achieve this, remove __del__ functions. These functions used to closed open file handlers in an attempt to silence Python ResourceWarnings. However, using __del__ has the following drawbacks: - __del__ isn't called until the object's reference count reaches 0. Therefore, resource handlers remain open or in use longer than necessary. - The __del__ method isn't guaranteed to execute on system exit. See the Python documentation: https://docs.python.org/3/reference/datamodel.html#object.__del__ > It is not guaranteed that __del__() methods are called for objects > that still exist when the interpreter exits. - Exceptions that occur inside __del__ are ignored instead of raised. This has the potential of hiding bugs. This is also in the Python documentation: > Warning: Due to the precarious circumstances under which __del__() > methods are invoked, exceptions that occur during their execution > are ignored, and a warning is printed to sys.stderr instead. Instead, always close resource handlers when they are no longer in use. This will close the file handler at a specified point in the user's code and not wait until the interpreter chooses to. It is always guaranteed to run. And, if an exception occurs while closing the file handler, the bug will not be ignored. Now, when code receives a ResourceWarning, it will highlight an area that is mishandling resources. It should not simply be silenced, but fixed by closing resources with a context manager. All warnings that were emitted during tests have been cleaned up. To enable warnings, I passed the `-Wa` CLI option to Python. This exposed some mishandling of resources in ImageFile.__init__() and SpiderImagePlugin.loadImageSeries(), they too were fixed.
2019-05-25 19:30:58 +03:00
with Image.open(TEST_FILE):
pass
def test_exception_ico(self) -> None:
2020-02-12 19:29:19 +03:00
with pytest.raises(Image.DecompressionBombError):
2021-02-11 13:43:54 +03:00
with Image.open("Tests/images/decompression_bomb.ico"):
pass
2019-09-29 07:14:38 +03:00
def test_exception_gif(self) -> None:
2020-02-12 19:29:19 +03:00
with pytest.raises(Image.DecompressionBombError):
2021-02-11 13:43:54 +03:00
with Image.open("Tests/images/decompression_bomb.gif"):
pass
2019-09-29 07:14:38 +03:00
def test_exception_gif_extents(self) -> None:
2022-06-30 05:47:35 +03:00
with Image.open("Tests/images/decompression_bomb_extents.gif") as im:
with pytest.raises(Image.DecompressionBombError):
im.seek(1)
def test_exception_gif_zero_width(self) -> None:
# Set limit to trigger exception on the test file
Image.MAX_IMAGE_PIXELS = 4 * 64 * 128
assert Image.MAX_IMAGE_PIXELS == 4 * 64 * 128
with pytest.raises(Image.DecompressionBombError):
with Image.open("Tests/images/zero_width.gif"):
pass
def test_exception_bmp(self) -> None:
with pytest.raises(Image.DecompressionBombError):
2021-02-11 13:43:54 +03:00
with Image.open("Tests/images/bmp/b/reallybig.bmp"):
pass
2018-03-03 12:54:00 +03:00
2020-03-28 04:51:28 +03:00
class TestDecompressionCrop:
@classmethod
def setup_class(cls) -> None:
2020-03-27 11:50:51 +03:00
width, height = 128, 128
Image.MAX_IMAGE_PIXELS = height * width * 4 - 1
2017-02-17 18:07:14 +03:00
2020-03-28 04:51:28 +03:00
@classmethod
def teardown_class(cls) -> None:
2017-02-17 18:07:14 +03:00
Image.MAX_IMAGE_PIXELS = ORIGINAL_LIMIT
def test_enlarge_crop(self) -> None:
2017-02-17 18:07:14 +03:00
# Crops can extend the extents, therefore we should have the
# same decompression bomb warnings on them.
2020-03-27 11:50:51 +03:00
with hopper() as src:
box = (0, 0, src.width * 2, src.height * 2)
2023-02-23 16:30:38 +03:00
with pytest.warns(Image.DecompressionBombWarning):
src.crop(box)
2014-05-27 13:40:52 +04:00
def test_crop_decompression_checks(self) -> None:
2018-08-23 16:40:46 +03:00
im = Image.new("RGB", (100, 100))
for value in ((-9999, -9999, -9990, -9990), (-999, -999, -990, -990)):
2020-02-12 19:29:19 +03:00
assert im.crop(value).size == (9, 9)
2018-08-23 16:40:46 +03:00
2023-02-23 16:30:38 +03:00
with pytest.warns(Image.DecompressionBombWarning):
im.crop((-160, -160, 99, 99))
2018-08-23 16:40:46 +03:00
with pytest.raises(Image.DecompressionBombError):
im.crop((-99909, -99990, 99999, 99999))