Use strncpy to avoid buffer overflow

This commit is contained in:
Andrew Murray 2024-02-22 18:56:26 +11:00 committed by Hugo van Kemenade
parent 22376775b0
commit 2a93aba5cf
3 changed files with 9 additions and 5 deletions

BIN
Tests/icc/sGrey-v2-nano.icc Normal file

Binary file not shown.

View File

@ -661,6 +661,11 @@ def test_auxiliary_channels_isolated() -> None:
assert_image_equal(test_image.convert(dst_format[2]), reference_image) assert_image_equal(test_image.convert(dst_format[2]), reference_image)
def test_long_modes() -> None:
p = ImageCms.getOpenProfile("Tests/icc/sGrey-v2-nano.icc")
ImageCms.buildTransform(p, p, "ABCDEFGHI", "ABCDEFGHI")
@pytest.mark.parametrize("mode", ("RGB", "RGBA", "RGBX")) @pytest.mark.parametrize("mode", ("RGB", "RGBA", "RGBX"))
def test_rgb_lab(mode: str) -> None: def test_rgb_lab(mode: str) -> None:
im = Image.new(mode, (1, 1)) im = Image.new(mode, (1, 1))

View File

@ -201,8 +201,8 @@ cms_transform_new(cmsHTRANSFORM transform, char *mode_in, char *mode_out) {
self->transform = transform; self->transform = transform;
strcpy(self->mode_in, mode_in); strncpy(self->mode_in, mode_in, 8);
strcpy(self->mode_out, mode_out); strncpy(self->mode_out, mode_out, 8);
return (PyObject *)self; return (PyObject *)self;
} }
@ -242,10 +242,9 @@ findLCMStype(char *PILmode) {
// LabX equivalent like ALab, but not reversed -- no #define in lcms2 // LabX equivalent like ALab, but not reversed -- no #define in lcms2
return (COLORSPACE_SH(PT_LabV2) | CHANNELS_SH(3) | BYTES_SH(1) | EXTRA_SH(1)); return (COLORSPACE_SH(PT_LabV2) | CHANNELS_SH(3) | BYTES_SH(1) | EXTRA_SH(1));
} }
else { else {
/* take a wild guess... but you probably should fail instead. */ /* take a wild guess... */
return TYPE_GRAY_8; /* so there's no buffer overrun... */ return TYPE_GRAY_8;
} }
} }