From 37516fb665c2c9f99ba0681a25fa3e2b1caf7deb Mon Sep 17 00:00:00 2001 From: Jayakrishna Menon Date: Fri, 8 Mar 2019 11:30:35 -0700 Subject: [PATCH 1/6] adding an upper limit for blocks_max in _set_blocks_max --- src/_imaging.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/_imaging.c b/src/_imaging.c index 1391ffae6..dffef3689 100644 --- a/src/_imaging.c +++ b/src/_imaging.c @@ -3625,6 +3625,12 @@ _set_blocks_max(PyObject* self, PyObject* args) "blocks_max should be greater than 0"); return NULL; } + else if ( blocks_max > SIZE_MAX/sizeof(ImagingDefaultArena.blocks_pool[0])) { + PyErr_SetString(PyExc_ValueError, + "blocks_max is too large"); + return NULL; + } + if ( ! ImagingMemorySetBlocksMax(&ImagingDefaultArena, blocks_max)) { ImagingError_MemoryError(); From 494fb25bdb81b35cf792b7c956d3d631f3bb6102 Mon Sep 17 00:00:00 2001 From: Jayakrishna Menon Date: Fri, 8 Mar 2019 14:23:48 -0700 Subject: [PATCH 2/6] adding testcase for overflow --- Tests/32bit_overflow_check.py | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 Tests/32bit_overflow_check.py diff --git a/Tests/32bit_overflow_check.py b/Tests/32bit_overflow_check.py new file mode 100644 index 000000000..dfe1371f1 --- /dev/null +++ b/Tests/32bit_overflow_check.py @@ -0,0 +1,6 @@ +from PIL import Image +import sys + + +if sys.maxsize < 2**32: + Image.core.set_blocks_max(2**29) From 2acc098cabbbdeabae7688a41ed36dec2cc36d60 Mon Sep 17 00:00:00 2001 From: Jayakrishna Menon Date: Fri, 8 Mar 2019 14:35:03 -0700 Subject: [PATCH 3/6] adding testcase for overflow --- Tests/32bit_overflow_check.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Tests/32bit_overflow_check.py b/Tests/32bit_overflow_check.py index dfe1371f1..3001fec37 100644 --- a/Tests/32bit_overflow_check.py +++ b/Tests/32bit_overflow_check.py @@ -1,3 +1,5 @@ +#!/usr/bin/env python + from PIL import Image import sys From 590b5b7f9ef599afd1910b103894e060195b60a2 Mon Sep 17 00:00:00 2001 From: Jayakrishna Menon Date: Mon, 18 Mar 2019 15:13:48 -0700 Subject: [PATCH 4/6] test case for set_blocks_max --- Tests/test_core_resources.py | 1 + 1 file changed, 1 insertion(+) diff --git a/Tests/test_core_resources.py b/Tests/test_core_resources.py index d5e358f31..cd34a0414 100644 --- a/Tests/test_core_resources.py +++ b/Tests/test_core_resources.py @@ -105,6 +105,7 @@ class TestCoreMemory(PillowTestCase): Image.new("RGB", (10, 10)) self.assertRaises(ValueError, Image.core.set_blocks_max, -1) + self.assertRaises(ValueError, Image.core.set_blocks_max, 2**29) @unittest.skipIf(is_pypy, "images are not collected") def test_set_blocks_max_stats(self): From d591cf8d3f92f1bd07f8b001b5ed261467f1c2cf Mon Sep 17 00:00:00 2001 From: Andrew Murray Date: Sat, 23 Mar 2019 17:16:43 +1100 Subject: [PATCH 5/6] Error is not raised on 64-bit systems --- Tests/32bit_overflow_check.py | 8 -------- Tests/test_core_resources.py | 3 ++- 2 files changed, 2 insertions(+), 9 deletions(-) delete mode 100644 Tests/32bit_overflow_check.py diff --git a/Tests/32bit_overflow_check.py b/Tests/32bit_overflow_check.py deleted file mode 100644 index 3001fec37..000000000 --- a/Tests/32bit_overflow_check.py +++ /dev/null @@ -1,8 +0,0 @@ -#!/usr/bin/env python - -from PIL import Image -import sys - - -if sys.maxsize < 2**32: - Image.core.set_blocks_max(2**29) diff --git a/Tests/test_core_resources.py b/Tests/test_core_resources.py index cd34a0414..f3d8753e1 100644 --- a/Tests/test_core_resources.py +++ b/Tests/test_core_resources.py @@ -105,7 +105,8 @@ class TestCoreMemory(PillowTestCase): Image.new("RGB", (10, 10)) self.assertRaises(ValueError, Image.core.set_blocks_max, -1) - self.assertRaises(ValueError, Image.core.set_blocks_max, 2**29) + if sys.maxsize < 2**32: + self.assertRaises(ValueError, Image.core.set_blocks_max, 2**29) @unittest.skipIf(is_pypy, "images are not collected") def test_set_blocks_max_stats(self): From f22198e3bc157fd6c56b1660c30a5c9c9d7f4184 Mon Sep 17 00:00:00 2001 From: Andrew Murray Date: Wed, 26 Jun 2019 19:09:02 +1000 Subject: [PATCH 6/6] Lint fixes --- Tests/test_core_resources.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Tests/test_core_resources.py b/Tests/test_core_resources.py index f3d8753e1..c8ba4b4d5 100644 --- a/Tests/test_core_resources.py +++ b/Tests/test_core_resources.py @@ -105,8 +105,8 @@ class TestCoreMemory(PillowTestCase): Image.new("RGB", (10, 10)) self.assertRaises(ValueError, Image.core.set_blocks_max, -1) - if sys.maxsize < 2**32: - self.assertRaises(ValueError, Image.core.set_blocks_max, 2**29) + if sys.maxsize < 2 ** 32: + self.assertRaises(ValueError, Image.core.set_blocks_max, 2 ** 29) @unittest.skipIf(is_pypy, "images are not collected") def test_set_blocks_max_stats(self):