From 094f23dd5c4a78152a6beeffa394ed7866e3de2e Mon Sep 17 00:00:00 2001 From: Andrew Murray Date: Fri, 22 Sep 2023 18:26:41 +1000 Subject: [PATCH] EOF ends not just the trailer, but also the file --- Tests/images/zero_bb_eof_before_boundingbox.eps | Bin 0 -> 26388 bytes Tests/test_file_eps.py | 12 +++++++++--- src/PIL/EpsImagePlugin.py | 5 ++--- 3 files changed, 11 insertions(+), 6 deletions(-) create mode 100644 Tests/images/zero_bb_eof_before_boundingbox.eps diff --git a/Tests/images/zero_bb_eof_before_boundingbox.eps b/Tests/images/zero_bb_eof_before_boundingbox.eps new file mode 100644 index 0000000000000000000000000000000000000000..c268bffd1cb2a63f2fdb96a629f0822a67708e04 GIT binary patch literal 26388 zcmcItdsE}amj4@lir(6yirE`ubxZPN>gHAj2(zgR2?fmD>`tb(j4i--jO|!5GZZ!7 zeShb4OKQC};8YUOqfejrqmR1D{(oFt^?sVIZo-~Abj8mXSEqF0?C)RC<3;#ZM3aa0 zB0LP&5uP1y!b!Z^ycKuL?Rv3_g?~5@>q$JlUxbh0LU_rT`D%GGi2?qva3+3TJqqOt z*L|zJx6;M6q=6@^>GmO9#;2=g9K96>7{8po!Hc8Sb~&3b?~Ybq?Z-baXUD4tf*?|k z!n^tMVzXMT?wmfzna!uMP{Ba(#Voval7}}m(%EI-HU@n#$LZzqcg z4;PcWNIXoQ#7!u|**pf-H&5bzvYd(et(b+;d=t(N%@o_^JQj=jG8A9tv-n=nsJqSN zDVk0ep_o5R?m}@ld3czJ>1wkHr!l0#lLOa^FibJ=9na_VkHNu)X#tvBr+>7VOh3or z*H~!M_~F%RF`wBFP9_mVzPtl=so~B*1qfJ!8D@#$&PXfLesW2&1$Wk<2F*C!5dqtLx2V8LcN9DCA-i$Khrf*{>mfl93isaOk?OCUhHxo9sny z6w~~UB`0BwS{@L`-G->vl6vmp73RwQ`o?4To&IBVKfjGd&xak5G-u%c*%3mzn9ma0 z!*(I?AKoMac^1H`2nWVCoNiIS_LvY}G5xDg4!|E}N zSHg#v;*LaN?mSl|w|HUQO&6;uq#1ZNLWc`WCggYTOtjGMDn5jph+Kk#$H7&&j>CtW za6@51!Tp{6e$nX2QxgrJi)T&bH*qtE<1wFS;#t#bKfDyroAS^Pcv>F&t9VWXQ3m;6 z@tksLBRCe%Q5bLTZl>hJ_M6)jiMX9F7WS(<2BL6bKYbV7ufE_7ezGY+G5g|N$0J0Z z@D`ewi3LLBM$DHYra(4_F+w{LJan~*#rx~i-UuGBjulyeP;9y^9+-zB8?m3AX^h6` z*Q@z57E!!eeGbJr4Ba@=rL&g>r02V6@)+VJxF!Y!PjQFvfSeG1OUR$!hKQ-gBQBfJ zkWT?8g0YSggV4FCHJ@k~6jLsB3i?TGN}^q$OCdo4dE-6W6U zKK-)77_^{RBjOWSzln{OISQRKo=K)3KXIgD#m$g8zBz)Q(>o4ksYaWC5a%q#9s#Sd zmwZImb_Yt*K10!>FY z$DoLI$a5Te7M>BtAjz5kG{pr@ubNSs#(4U%P>y7BJNMl63(x| zIV|g=6kDi`^rw=mPdcWNYXE3M!p@?)nH6Hv2+xjDNo2D^TJ+o(RB9l6EEFM@_7KRA zhR{nXykv;7hd`n<1hpK7aHiMuc=jMjnFgV>Nl=0N^qSE6_HgKch7&@A)(lTc2<+j| zP(~#)!t6*v_?W4IJskSWDAvOp2pig<&~r5=8>@Xy!et6Z*)$i(S4jYZuG82ibds_| z3nw&Jd`R+Jma$m3Cv#Ya31zvN6dY^)#L1LOvU5ac3e=pT%!UlZy^#*a5Oj5kxjd|5;^NF*V|2!nwVc^GM2Z|3hC z#X-!=L#Z=cA_dzNuoxNWw}}bpJMdr7OE$1sFjw(pBc6>q$UGpaOnIl(8a$gG=ijW!biilGBt7QNQ6 zLnpA;@Vo=O#Ab@s_}}q-Go?O2eabLKg>~}46_d?0NjzD=*K^d+O|r>gElH#DFr`hF z?u^Nsg*$oS*cCq3=)h~QFj0~;!#aDG_qa3*QJ$%Q=y3K3K}K8pHirrIjxNAzsLWvk z9yxkBE)-7PalH-|jI}!|;zR>5&5|* z)zFZhs^wET^>^8ie4$h4xk*u0lWD23n(z7ukOcL*pmc)Jt-Fxfiq{XaWv(j_+|BAS zS<%`SbOHlvfk%5&f2*s6hc&dot44T)=@xje5gz($f%hBXA^H~hpb;Lyv;}_92#=82 z0zYhoM*wVr#|NDT{UP+Vz>gc@Dde?GfFVs3P?6p?L$eK15#2UJvlUY0X`7+h4k?hd z&CqO#RG7BS&}@tI$v>Xko!$fg94UGvQFYOWMkW-hq20JmG zc4iZ#JMW}tef^UzbdV&9A9u1o{VO`eh7M|w*3iMWwbRz9)ugP(S<{>}aKEi5e`2$Z zG5U15lYM5@rFfEdur$KQQr--bjx{r(7yYll(((yP95j!*ZDk8|*YlwKUwde3u_2a7%mP|c2kFitO%qeyGjmgtmia#E+QFDox7<*#a z;WC=XPrR$HPoT4KnQj9CO7k%?*+GCOw8`@*9m2Qo^0$}itr>nP0COpl>1n${a!uNk zoI2>6oSyw14S$yoX&Zh-!;d-*XEJzl1}Sfifc)@=h_gj_v06OQGb6L)HW_kaWOz$p ziG0%w19YG5qD#6n$#0#L(~y%7N>(jRyALl`QG7Ms%#nI{KP-f2_N%f0P?v9G+C_7V zeYhL!*2Ui31vZ)Ni}w+B^1c;c#gq6V?nNXf;`iSZSYpoE-~0N*llW0!M=>_$EkbNP z#g^YCu2;9>1|Qk6KM(tTiOX)V>-P68o?5FG-Zi(VV z{{4&7iTEhSNjvNl?+d_|1Uz=dT^RF~;w$XLz^*Gw*7R1UZ@t3Xbg=`Qq>&ohY^kFM z8o+v>M`W+ydw{LlSNx3Kg<9vezNvSo0p9FEHEx*hLgRf!GOZ&ZO zR7O?ugd`CCiJg|(?PyEXIS&h15auf;&1P66KwBuZt13a}GYknWgIAQ-2*f)~Y5^PF z!aMY~|1bC9CNz5rb8nzE>%*z5nY#6~vkDv!1Kca}9ccDwYiY`*snX{(_ zqD4XaJ7Yun)*ue=g=l*|Fp|`90mN`lg*H1MEZulSY==k%)0dL=vyi88Tt?=nj=g7UJ-fld}mZR`g0h z(Gsc!MK36f>p{^Ass%+8s0kEJplZS$aLZJyGxo^;TS(qXqrM|#p>^Q5{mNB(v8aU72d*HU#&-!f*QRd+HkblB*1g|p_ZBA+#e44 znQB2AUFfEULz=>2xHm{SAF+#^LVXSX;YN_*p7aVQ5vRIErQpSX6RHx8BA<}4(i{p9nW zbhi7xKSfkckDo?Q5e~NTZGSzxeW25mpO>pIOEx$12Rd?+e{aKJkKtq!uNaOB{q;7+ zF+-d+)TlIe3H>V@~mAZ;GdQdDKta_#WPM zKnHFoi#4rqaXOFIOPkefJH;9|nOQ&nXZZAGwV6fYAVXq~0gHpWW57K0h98vk32f?Ec~0TzHnX>_xdNF({<9$ zrDIP1IS2n8E^z#DKApVD>`wX^NC$h_6p(1x=8g)dQgK!?#`@MQrudFKj(i0v;$I3f z&qcUnbi?U1EB!N6F6bk=eg2&_R#@$N;QKS@?E1!`qb;B%?J?0aY`Z}{Jsf&yW*_hx zYq6SsrjyRstIhn4;L~u9ndSnj@`C1fF+YnZo!=Xc2f_<{iMe~y^@TUW z)^=UaRRau00RV7n^xTo|Pz;C7e426M_@fg)7 zfEyto9zYBf%3-JidI!n^K*9Q43EinN1Hd08%%l+jcHsd4-~Y~?Ai$C5tfIQbW4+}8jN7#LzpU5Cw4nHBfT3bmd1JtAh7L5+T{oiqedJ6NLxOFUn78R z6Ezr$DrPqxkWKUuRZ9`8pAZCD2uZGyiSuoB#h&O<*D;Ixo1GbX}jb;#!U0_5YiepRJkMl@; z7nXqit3+2Xz#2Aai}IEkDTJh+1c3!X<@I2jMMsFhLwFy->5v{t2IZm@07<@!BmoC(gs}58hxrl@ zd9fl(p^$N57a(Z}6NEnvi>{O>3S|$78v2~AMgl3KKv5n8@>8lfWVjCb)|ViI;teIY z#G{(ciB%^N2{<1be2pN1f>aTt$SokK0NJ{c4Lcz!%7=bSfc1P-0cr?Kh3-(0^}H6> z)=7Q9=0uiJrYNrmoEv~+Q$Yd*66u91n*t972+OlQifD+SjR2ktr;%f9D?*tIdC}hd zMgTia^d#a)Z`2}J&;j2Z!KA83%sUFUk;kCj zPO)tmw`++`-WVkt798Xgo*cm|e1yXSlDuCiJBf8MDBlXRm>ynR)I}ZvTP&(uqKPfM z6fpB#+sf_@p$aT08kKEFCpjc@YOz0C6%dwavnJ&ak%_1@AQytdvA$_0$+itx5;AI= z)A^``QIL@nNn~sk;*C6eE*ak-Ad*nPiuT0=Ez5jfZcsc16NUNnO7pGY2M59$9ShR} zL|$!*RtqX%4tgHE0Sk#{2%CqV2l`;P%_uBAC=Vr0X?&guJGP>QPYde8{Q2?z2oc7k zfJ}=G%DgD&3J?XR$FLp5dtQ!`ahKGV$Ka8M;m}--dRWQypuqx$0)!Qp6s;4HhzbCC zlI-M8nno4aI9^#SNEcG28nXbAC&{)A`jb}ZY?N>mASh%gpW`=4soX@!^MKVGB}KRd z6oI;+MMjz+UC&^8uiO*JlanhpKv;RvlphaoM(f5yD1x)4;j%HR+NOlXIvg5X*&C&5 zhix6ac&S_jFt6l9Ba0J+L?=+2|CZKF3v^GYI{6u2lraHXhI7F%D7 zL)fa2aJ(veEhvLlP3T)ujnzX-pgpzg%1?)Hr4Wl@iA65*IBbLB=!ey8f$cni7a&}C z(&uGqTFMqIBrmC4nMD-}kyb#GhhS}B?aM2uZl20DuSr}Ug1;=s9 zRM|$=3(y&9tDEdZp$4!*q^|__t&h=<{IaFYQ)(>h3YN$r0uwP;#kHOY8`%zmkpbFVggcX4-uayh)TiH4* zGaC)oCP@c_wv}uyZgwjzGfnqK@CStwwqP51KDbykeAg6<1x;9~sK?n0g=qmr0m9Oq zhr+MtwdHKCkWIRy3R!~pW)#%f^eDKZ@d^>ZWLp9bFGv%Eq83kUeSN zktt9#mXuMD6g6G&NrEbUAD2D9tvkmpUBkFSx^G?0asxR*kt(KOw|S~^jAQYu{5Cc$ zZNLhtYt;r}G0v^|)@*O{L5*;9lwczJg0=@FpO*5UnpFD9qVN%`pMHO9`}|h?JFm#3 z=m4X}#h0(?D*EGK`^THV9R~lETQh&6nxhaRzl@F8WoEXSxwC@jbI`G+I;m?n#}U1N>#Gpzuw% z`qQxa;9K(&#T%yN7Fh=ZBw8^jwxJ!SU|LU$`U~FNQ)Ql)dBx5B!IdX zLe(AX4mN=5DG+0>VGo3Sy#PEPU+-w8(a8l+g+C7rj#2pNPS34tQ z-cII%rThqcA2=}y^?G4p1%MO_Wp$I56(Kul7T?Yg6uD`1Ak;2QYd|Yue0d=LyAY72 zfF8P;Cr%;DCbgRg8jR5gl_M-IEJ@i|b`U0WwFsFl^`jUE)@5)G`m4b^ zutZ7&rXcAd%2NG`zR>^|sRNek;)*Bp#v$ln&La8%TuFTsG_Jp2i)%msVLPPkB1 zK0)Ut9AxXe!9ZJdsxgqhcY|ZhyHF~)fZgr{gDHutFnk{u7s+}lIWx-pL+Q`_udyo> o|63UBF~^~lddiC>gV51>Hi>O|8Hh!1E!DM>IKUAe@pEN9smFU literal 0 HcmV?d00001 diff --git a/Tests/test_file_eps.py b/Tests/test_file_eps.py index 21c1fd778..4f4d26fb1 100644 --- a/Tests/test_file_eps.py +++ b/Tests/test_file_eps.py @@ -406,10 +406,16 @@ def test_timeout(test_file): pass -def test_boundary_box_in_trailer(): - # Check whether boundary boxes are parsed in the same way - # when specified in the header or the trailer +def test_bounding_box_in_trailer(): + # Check bounding boxes are parsed in the same way + # when specified in the header and the trailer with Image.open("Tests/images/zero_bb_trailer.eps") as trailer_image, Image.open( FILE1 ) as header_image: assert trailer_image.size == header_image.size + + +def test_eof_before_bounding_box(): + with pytest.raises(OSError): + with Image.open("Tests/images/zero_bb_eof_before_boundingbox.eps"): + pass diff --git a/src/PIL/EpsImagePlugin.py b/src/PIL/EpsImagePlugin.py index e67519be1..3a71b35cf 100644 --- a/src/PIL/EpsImagePlugin.py +++ b/src/PIL/EpsImagePlugin.py @@ -367,10 +367,9 @@ class EpsImageFile(ImageFile.ImageFile): # Load EPS trailer # if this line starts with "%%EOF", - # then we've reached the end of the trailer + # then we've reached the end of the file if bytes_mv[:5] == b"%%EOF": - reading_trailer_comments = False - continue + break s = str(bytes_mv[:bytes_read], "latin-1") _read_comment(s)