From 717720b0516b5e94b18dcc0a4383d56fe03f0db9 Mon Sep 17 00:00:00 2001 From: Eric Soroos Date: Thu, 14 Jan 2016 04:59:19 -0800 Subject: [PATCH] Fix for buffer overflow in TiffDecode.c CVE-2016-0740 --- Tests/check_libtiff_segfault.py | 23 +++++++++++++++++++++++ Tests/images/libtiff_segfault.tif | Bin 0 -> 262 bytes libImaging/TiffDecode.c | 2 +- 3 files changed, 24 insertions(+), 1 deletion(-) create mode 100644 Tests/check_libtiff_segfault.py create mode 100644 Tests/images/libtiff_segfault.tif diff --git a/Tests/check_libtiff_segfault.py b/Tests/check_libtiff_segfault.py new file mode 100644 index 000000000..898a165d4 --- /dev/null +++ b/Tests/check_libtiff_segfault.py @@ -0,0 +1,23 @@ +from helper import unittest, PillowTestCase +from PIL import Image + +TEST_FILE = "Tests/images/libtiff_segfault.tif" + +class TestLibtiffSegfault(PillowTestCase): + def test_segfault(self): + """ This test should not segfault. It will on Pillow <= 3.1.0 and + libtiff >= 4.0.0 + """ + + try: + im = Image.open(TEST_FILE) + im.load() + except IOError: + self.assertTrue(True, "Got expected IOError") + except Exception: + self.fail("Should have returned IOError") + + + +if __name__ == '__main__': + unittest.main() diff --git a/Tests/images/libtiff_segfault.tif b/Tests/images/libtiff_segfault.tif new file mode 100644 index 0000000000000000000000000000000000000000..8665e5f2bb9372183a72f4f173771f64e66bd421 GIT binary patch literal 262 zcmebD)MDUZU|`^7U|?isU<9)M{|7Rm>=tGQ1|}#Qq>35J-qgUrzy@W5^l%}u1sPeu z=BxvX3n7V%LfIhm#h`2rpc-+g`UoIf21$J|5*sMRaDkDLp<>S4gN#6@G8|g4=6(Dj SIX;j9lz<0k8H}E8Z2$mZF%