mirror of
https://github.com/python-pillow/Pillow.git
synced 2025-01-27 17:54:32 +03:00
Merge pull request #6 from hugovk/bomb2
Change the decompression bomb warning into a subclass of RuntimeWarning to aid filtering
This commit is contained in:
commit
729b9f385e
|
@ -31,6 +31,9 @@ from PIL import VERSION, PILLOW_VERSION, _plugins
|
||||||
import warnings
|
import warnings
|
||||||
|
|
||||||
|
|
||||||
|
class DecompressionBombWarning(RuntimeWarning):
|
||||||
|
pass
|
||||||
|
|
||||||
class _imaging_not_installed:
|
class _imaging_not_installed:
|
||||||
# module placeholder
|
# module placeholder
|
||||||
def __getattr__(self, id):
|
def __getattr__(self, id):
|
||||||
|
@ -2187,7 +2190,7 @@ def _decompression_bomb_check(size):
|
||||||
"Image size (%d pixels) exceeds limit of %d pixels, "
|
"Image size (%d pixels) exceeds limit of %d pixels, "
|
||||||
"could be decompression bomb DOS attack." %
|
"could be decompression bomb DOS attack." %
|
||||||
(pixels, MAX_IMAGE_PIXELS),
|
(pixels, MAX_IMAGE_PIXELS),
|
||||||
RuntimeWarning)
|
DecompressionBombWarning)
|
||||||
|
|
||||||
|
|
||||||
def open(fp, mode="r"):
|
def open(fp, mode="r"):
|
||||||
|
|
|
@ -1,37 +1,45 @@
|
||||||
from tester import *
|
from helper import unittest, PillowTestCase, tearDownModule
|
||||||
|
|
||||||
from PIL import Image
|
from PIL import Image
|
||||||
|
|
||||||
test_file = "Images/lena.ppm"
|
test_file = "Images/lena.ppm"
|
||||||
|
|
||||||
|
ORIGINAL_LIMIT = Image.MAX_IMAGE_PIXELS
|
||||||
|
|
||||||
def test_no_warning_small_file():
|
|
||||||
|
class TestDecompressionBomb(PillowTestCase):
|
||||||
|
|
||||||
|
def tearDown(self):
|
||||||
|
Image.MAX_IMAGE_PIXELS = ORIGINAL_LIMIT
|
||||||
|
|
||||||
|
def test_no_warning_small_file(self):
|
||||||
# Implicit assert: no warning.
|
# Implicit assert: no warning.
|
||||||
# A warning would cause a failure.
|
# A warning would cause a failure.
|
||||||
Image.open(test_file)
|
Image.open(test_file)
|
||||||
|
|
||||||
|
def test_no_warning_no_limit(self):
|
||||||
def test_no_warning_no_limit():
|
|
||||||
# Arrange
|
# Arrange
|
||||||
# Turn limit off
|
# Turn limit off
|
||||||
Image.MAX_IMAGE_PIXELS = None
|
Image.MAX_IMAGE_PIXELS = None
|
||||||
assert_equal(Image.MAX_IMAGE_PIXELS, None)
|
self.assertEqual(Image.MAX_IMAGE_PIXELS, None)
|
||||||
|
|
||||||
# Act / Assert
|
# Act / Assert
|
||||||
# Implicit assert: no warning.
|
# Implicit assert: no warning.
|
||||||
# A warning would cause a failure.
|
# A warning would cause a failure.
|
||||||
Image.open(test_file)
|
Image.open(test_file)
|
||||||
|
|
||||||
|
def test_warning(self):
|
||||||
def test_warning():
|
|
||||||
# Arrange
|
# Arrange
|
||||||
# Set limit to a low, easily testable value
|
# Set limit to a low, easily testable value
|
||||||
Image.MAX_IMAGE_PIXELS = 10
|
Image.MAX_IMAGE_PIXELS = 10
|
||||||
assert_equal(Image.MAX_IMAGE_PIXELS, 10)
|
self.assertEqual(Image.MAX_IMAGE_PIXELS, 10)
|
||||||
|
|
||||||
# Act / Assert
|
# Act / Assert
|
||||||
assert_warning(
|
self.assert_warning(
|
||||||
RuntimeWarning,
|
Image.DecompressionBombWarning,
|
||||||
lambda: Image.open(test_file))
|
lambda: Image.open(test_file))
|
||||||
|
|
||||||
|
if __name__ == '__main__':
|
||||||
|
unittest.main()
|
||||||
|
|
||||||
# End of file
|
# End of file
|
||||||
|
|
Loading…
Reference in New Issue
Block a user