Removed tempfile.mktemp, fixes CVE-2014-1932 CVE-2014-1933, debian bug #737059

2025-11-04 09:57:43 +03:00 · 2014-03-14 15:56:41 -07:00 · 2014-03-14 15:56:41 -07:00 · 4e9f367dfd
commit 4e9f367dfd
parent b1b88cf4d2
4 changed files with 18 additions and 10 deletions
--- a/PIL/EpsImagePlugin.py
+++ b/PIL/EpsImagePlugin.py
@ -67,7 +67,8 @@ def Ghostscript(tile, size, fp, scale=1):
    import tempfile, os, subprocess
-    file = tempfile.mktemp()
+    out_fd, file = tempfile.mkstemp()
    os.close(out_fd)
    # Build ghostscript command
    command = ["gs",
--- a/PIL/Image.py
+++ b/PIL/Image.py
@ -495,13 +495,16 @@ class Image:
        self.readonly = 0
    def _dump(self, file=None, format=None):
-        import tempfile
+        import tempfile, os
        if not file:
-            file = tempfile.mktemp()
+            f, file = tempfile.mkstemp(format or '')
            os.close(f)
        self.load()
        if not format or format == "PPM":
            self.im.save_ppm(file)
        else:
            if file.endswith(format):
                file = file + "." + format
            self.save(file, format)
        return file
--- a/PIL/IptcImagePlugin.py
+++ b/PIL/IptcImagePlugin.py
@ -172,8 +172,8 @@ class IptcImageFile(ImageFile.ImageFile):
        self.fp.seek(offset)
        # Copy image data to temporary file
-        outfile = tempfile.mktemp()
+        o_fd, outfile = tempfile.mkstemp(text=False)
-        o = open(outfile, "wb")
+        o = os.fdopen(o_fd)
        if encoding == "raw":
            # To simplify access to the extracted file,
            # prepend a PPM header
--- a/PIL/JpegImagePlugin.py
+++ b/PIL/JpegImagePlugin.py
@ -344,13 +344,17 @@ class JpegImageFile(ImageFile.ImageFile):
        # ALTERNATIVE: handle JPEGs via the IJG command line utilities
        import tempfile, os
-        file = tempfile.mktemp()
+        f, path = tempfile.mkstemp()
-        os.system("djpeg %s >%s" % (self.filename, file))
+        os.close(f)
        if os.path.exists(self.filename):
            os.system("djpeg '%s' >'%s'" % (self.filename, path))
        else:
            raise ValueError("Invalid Filename")
        try:
-            self.im = Image.core.open_ppm(file)
+            self.im = Image.core.open_ppm(path)
        finally:
-            try: os.unlink(file)
+            try: os.unlink(path)
            except: pass
        self.mode = self.im.mode