python-pillow/Pillow
1
1
Fork 0
mirror of https://github.com/python-pillow/Pillow.git synced 2025-06-05 21:53:15 +03:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #3393 from frenzymadness/CWE_fixes_master

Browse Source 
Fixes for issues reported by static code analysis
This commit is contained in:
Hugo 2018-12-26 13:02:19 +02:00 committed by GitHub
commit 55e5b7de6c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
9 changed files with 49 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/Tk/tkImaging.c
View File

@ -425,6 +425,7 @@ int load_tkinter_funcs(void)
/* Try loading from the main program namespace first */ /* Try loading from the main program namespace first */
main_program = dlopen(NULL, RTLD_LAZY); main_program = dlopen(NULL, RTLD_LAZY);
if (_func_loader(main_program) == 0) { if (_func_loader(main_program) == 0) {
dlclose(main_program);
return 0; return 0;
} }
/* Clear exception triggered when we didn't find symbols above */ /* Clear exception triggered when we didn't find symbols above */
@ -453,6 +454,7 @@ int load_tkinter_funcs(void)
/* dlclose probably safe because tkinter has been imported. */ /* dlclose probably safe because tkinter has been imported. */
dlclose(tkinter_lib); dlclose(tkinter_lib);
exit: exit:
dlclose(main_program);
Py_XDECREF(pModule); Py_XDECREF(pModule);
Py_XDECREF(pString); Py_XDECREF(pString);
return ret; return ret;

15
src/_imaging.c
View File

@ -1053,8 +1053,10 @@ _gaussian_blur(ImagingObject* self, PyObject* args)
if (!imOut) if (!imOut)
return NULL; return NULL;
if (!ImagingGaussianBlur(imOut, imIn, radius, passes)) if (!ImagingGaussianBlur(imOut, imIn, radius, passes)) {
ImagingDelete(imOut);
return NULL; return NULL;
}
return PyImagingNew(imOut); return PyImagingNew(imOut);
} }
@ -1949,8 +1951,10 @@ _box_blur(ImagingObject* self, PyObject* args)
if (!imOut) if (!imOut)
return NULL; return NULL;
if (!ImagingBoxBlur(imOut, imIn, radius, n)) if (!ImagingBoxBlur(imOut, imIn, radius, n)) {
ImagingDelete(imOut);
return NULL; return NULL;
}
return PyImagingNew(imOut); return PyImagingNew(imOut);
} }
@ -2596,6 +2600,7 @@ _draw_arc(ImagingDrawObject* self, PyObject* args)
return NULL; return NULL;
if (n != 2) { if (n != 2) {
PyErr_SetString(PyExc_TypeError, must_be_two_coordinates); PyErr_SetString(PyExc_TypeError, must_be_two_coordinates);
free(xy);
return NULL; return NULL;
} }
@ -2633,6 +2638,7 @@ _draw_bitmap(ImagingDrawObject* self, PyObject* args)
PyErr_SetString(PyExc_TypeError, PyErr_SetString(PyExc_TypeError,
"coordinate list must contain exactly 1 coordinate" "coordinate list must contain exactly 1 coordinate"
); );
free(xy);
return NULL; return NULL;
} }
@ -2669,6 +2675,7 @@ _draw_chord(ImagingDrawObject* self, PyObject* args)
return NULL; return NULL;
if (n != 2) { if (n != 2) {
PyErr_SetString(PyExc_TypeError, must_be_two_coordinates); PyErr_SetString(PyExc_TypeError, must_be_two_coordinates);
free(xy);
return NULL; return NULL;
} }
@ -2705,6 +2712,7 @@ _draw_ellipse(ImagingDrawObject* self, PyObject* args)
return NULL; return NULL;
if (n != 2) { if (n != 2) {
PyErr_SetString(PyExc_TypeError, must_be_two_coordinates); PyErr_SetString(PyExc_TypeError, must_be_two_coordinates);
free(xy);
return NULL; return NULL;
} }
@ -2856,6 +2864,7 @@ _draw_pieslice(ImagingDrawObject* self, PyObject* args)
return NULL; return NULL;
if (n != 2) { if (n != 2) {
PyErr_SetString(PyExc_TypeError, must_be_two_coordinates); PyErr_SetString(PyExc_TypeError, must_be_two_coordinates);
free(xy);
return NULL; return NULL;
} }
@ -2894,6 +2903,7 @@ _draw_polygon(ImagingDrawObject* self, PyObject* args)
PyErr_SetString(PyExc_TypeError, PyErr_SetString(PyExc_TypeError,
"coordinate list must contain at least 2 coordinates" "coordinate list must contain at least 2 coordinates"
); );
free(xy);
return NULL; return NULL;
} }
@ -2937,6 +2947,7 @@ _draw_rectangle(ImagingDrawObject* self, PyObject* args)
return NULL; return NULL;
if (n != 2) { if (n != 2) {
PyErr_SetString(PyExc_TypeError, must_be_two_coordinates); PyErr_SetString(PyExc_TypeError, must_be_two_coordinates);
free(xy);
return NULL; return NULL;
} }

12
src/encode.c
View File

@ -584,11 +584,15 @@ PyImaging_ZipEncoderNew(PyObject* self, PyObject* args)
dictionary = NULL; dictionary = NULL;
encoder = PyImaging_EncoderNew(sizeof(ZIPSTATE)); encoder = PyImaging_EncoderNew(sizeof(ZIPSTATE));
if (encoder == NULL) if (encoder == NULL) {
free(dictionary);
return NULL; return NULL;
}
if (get_packer(encoder, mode, rawmode) < 0) if (get_packer(encoder, mode, rawmode) < 0) {
free(dictionary);
return NULL; return NULL;
}
encoder->encode = ImagingZipEncode; encoder->encode = ImagingZipEncode;
encoder->cleanup = ImagingZipEncodeCleanup; encoder->cleanup = ImagingZipEncodeCleanup;
@ -749,8 +753,10 @@ PyImaging_JpegEncoderNew(PyObject* self, PyObject* args)
if (rawExif && rawExifLen > 0) { if (rawExif && rawExifLen > 0) {
/* malloc check ok, length is from python parsearg */ /* malloc check ok, length is from python parsearg */
char* pp = malloc(rawExifLen); // Freed in JpegEncode, Case 5 char* pp = malloc(rawExifLen); // Freed in JpegEncode, Case 5
if (!pp) if (!pp) {
if (extra) free(extra);
return PyErr_NoMemory(); return PyErr_NoMemory();
}
memcpy(pp, rawExif, rawExifLen); memcpy(pp, rawExif, rawExifLen);
rawExif = pp; rawExif = pp;
} else } else

16
src/libImaging/Histo.c
View File

@ -41,7 +41,9 @@ ImagingHistogramNew(Imaging im)
/* Create histogram descriptor */ /* Create histogram descriptor */
h = calloc(1, sizeof(struct ImagingHistogramInstance)); h = calloc(1, sizeof(struct ImagingHistogramInstance));
strncpy(h->mode, im->mode, IMAGING_MODE_LENGTH); strncpy(h->mode, im->mode, IMAGING_MODE_LENGTH-1);
h->mode[IMAGING_MODE_LENGTH-1] = 0;
h->bands = im->bands; h->bands = im->bands;
h->histogram = calloc(im->pixelsize, 256 * sizeof(long)); h->histogram = calloc(im->pixelsize, 256 * sizeof(long));
@ -80,8 +82,10 @@ ImagingGetHistogram(Imaging im, Imaging imMask, void* minmax)
h->histogram[im->image8[y][x]]++; h->histogram[im->image8[y][x]]++;
ImagingSectionLeave(&cookie); ImagingSectionLeave(&cookie);
} else { /* yes, we need the braces. C isn't Python! */ } else { /* yes, we need the braces. C isn't Python! */
if (im->type != IMAGING_TYPE_UINT8) if (im->type != IMAGING_TYPE_UINT8) {
ImagingHistogramDelete(h);
return ImagingError_ModeError(); return ImagingError_ModeError();
}
ImagingSectionEnter(&cookie); ImagingSectionEnter(&cookie);
for (y = 0; y < im->ysize; y++) { for (y = 0; y < im->ysize; y++) {
UINT8* in = (UINT8*) im->image32[y]; UINT8* in = (UINT8*) im->image32[y];
@ -120,8 +124,10 @@ ImagingGetHistogram(Imaging im, Imaging imMask, void* minmax)
ImagingSectionLeave(&cookie); ImagingSectionLeave(&cookie);
break; break;
case IMAGING_TYPE_INT32: case IMAGING_TYPE_INT32:
if (!minmax) if (!minmax) {
ImagingHistogramDelete(h);
return ImagingError_ValueError("min/max not given"); return ImagingError_ValueError("min/max not given");
}
if (!im->xsize || !im->ysize) if (!im->xsize || !im->ysize)
break; break;
imin = ((INT32*) minmax)[0]; imin = ((INT32*) minmax)[0];
@ -141,8 +147,10 @@ ImagingGetHistogram(Imaging im, Imaging imMask, void* minmax)
ImagingSectionLeave(&cookie); ImagingSectionLeave(&cookie);
break; break;
case IMAGING_TYPE_FLOAT32: case IMAGING_TYPE_FLOAT32:
if (!minmax) if (!minmax) {
ImagingHistogramDelete(h);
return ImagingError_ValueError("min/max not given"); return ImagingError_ValueError("min/max not given");
}
if (!im->xsize || !im->ysize) if (!im->xsize || !im->ysize)
break; break;
fmin = ((FLOAT32*) minmax)[0]; fmin = ((FLOAT32*) minmax)[0];

3
src/libImaging/Palette.c
View File

@ -37,7 +37,8 @@ ImagingPaletteNew(const char* mode)
if (!palette) if (!palette)
return (ImagingPalette) ImagingError_MemoryError(); return (ImagingPalette) ImagingError_MemoryError();
strncpy(palette->mode, mode, IMAGING_MODE_LENGTH); strncpy(palette->mode, mode, IMAGING_MODE_LENGTH-1);
palette->mode[IMAGING_MODE_LENGTH-1] = 0;
/* Initialize to ramp */ /* Initialize to ramp */
for (i = 0; i < 256; i++) { for (i = 0; i < 256; i++) {

2
src/libImaging/Quant.c
View File

@ -568,6 +568,8 @@ split(BoxNode *node)
left=malloc(sizeof(BoxNode)); left=malloc(sizeof(BoxNode));
right=malloc(sizeof(BoxNode)); right=malloc(sizeof(BoxNode));
if (!left||!right) { if (!left||!right) {
free(left);
free(right);
return 0; return 0;
} }
for(i=0;i<3;i++) { for(i=0;i<3;i++) {

1
src/libImaging/QuantOctree.c
View File

@ -481,6 +481,7 @@ error:
free(qp); free(qp);
free_color_cube(lookupCube); free_color_cube(lookupCube);
free_color_cube(coarseLookupCube); free_color_cube(coarseLookupCube);
free(paletteBuckets);
free(paletteBucketsCoarse); free(paletteBucketsCoarse);
free(paletteBucketsFine); free(paletteBucketsFine);
free_color_cube(coarseCube); free_color_cube(coarseCube);

2
src/libImaging/Resample.c
View File

@ -621,6 +621,8 @@ ImagingResampleInner(Imaging imIn, int xsize, int ysize,
if ( ! ksize_vert) { if ( ! ksize_vert) {
free(bounds_horiz); free(bounds_horiz);
free(kk_horiz); free(kk_horiz);
free(bounds_vert);
free(kk_vert);
return NULL; return NULL;
} }

8
src/path.c
View File

@ -82,12 +82,16 @@ path_new(Py_ssize_t count, double* xy, int duplicate)
xy = p; xy = p;
} }
if (PyType_Ready(&PyPathType) < 0) if (PyType_Ready(&PyPathType) < 0) {
free(xy);
return NULL; return NULL;
}
path = PyObject_New(PyPathObject, &PyPathType); path = PyObject_New(PyPathObject, &PyPathType);
if (path == NULL) if (path == NULL) {
free(xy);
return NULL; return NULL;
}
path->count = count; path->count = count;
path->xy = xy; path->xy = xy;