mirror of
https://github.com/python-pillow/Pillow.git
synced 2024-12-25 09:26:16 +03:00
Fix for buffer overflow in TiffDecode.c CVE-2016-0740
This commit is contained in:
parent
893a40850c
commit
717720b051
23
Tests/check_libtiff_segfault.py
Normal file
23
Tests/check_libtiff_segfault.py
Normal file
|
@ -0,0 +1,23 @@
|
|||
from helper import unittest, PillowTestCase
|
||||
from PIL import Image
|
||||
|
||||
TEST_FILE = "Tests/images/libtiff_segfault.tif"
|
||||
|
||||
class TestLibtiffSegfault(PillowTestCase):
|
||||
def test_segfault(self):
|
||||
""" This test should not segfault. It will on Pillow <= 3.1.0 and
|
||||
libtiff >= 4.0.0
|
||||
"""
|
||||
|
||||
try:
|
||||
im = Image.open(TEST_FILE)
|
||||
im.load()
|
||||
except IOError:
|
||||
self.assertTrue(True, "Got expected IOError")
|
||||
except Exception:
|
||||
self.fail("Should have returned IOError")
|
||||
|
||||
|
||||
|
||||
if __name__ == '__main__':
|
||||
unittest.main()
|
BIN
Tests/images/libtiff_segfault.tif
Normal file
BIN
Tests/images/libtiff_segfault.tif
Normal file
Binary file not shown.
|
@ -169,7 +169,7 @@ int ImagingLibTiffDecode(Imaging im, ImagingCodecState state, UINT8* buffer, int
|
|||
char *filename = "tempfile.tif";
|
||||
char *mode = "r";
|
||||
TIFF *tiff;
|
||||
int size;
|
||||
tsize_t size;
|
||||
|
||||
|
||||
/* buffer is the encoded file, bytes is the length of the encoded file */
|
||||
|
|
Loading…
Reference in New Issue
Block a user