python-pillow/Pillow
1
1
Fork 0
mirror of https://github.com/python-pillow/Pillow.git synced 2024-11-11 04:07:21 +03:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #6 from hugovk/bomb2

Browse Source 
Change the decompression bomb warning into a subclass of RuntimeWarning to aid filtering
This commit is contained in:
Hugo 2014-06-23 11:46:21 +03:00
commit 729b9f385e
2 changed files with 36 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
PIL/Image.py
View File

@ -31,6 +31,9 @@ from PIL import VERSION, PILLOW_VERSION, _plugins
import warnings import warnings
class DecompressionBombWarning(RuntimeWarning):
pass
class _imaging_not_installed: class _imaging_not_installed:
# module placeholder # module placeholder
def __getattr__(self, id): def __getattr__(self, id):
@ -2187,7 +2190,7 @@ def _decompression_bomb_check(size):
"Image size (%d pixels) exceeds limit of %d pixels, " "Image size (%d pixels) exceeds limit of %d pixels, "
"could be decompression bomb DOS attack." % "could be decompression bomb DOS attack." %
(pixels, MAX_IMAGE_PIXELS), (pixels, MAX_IMAGE_PIXELS),
RuntimeWarning) DecompressionBombWarning)
def open(fp, mode="r"): def open(fp, mode="r"):

56
Tests/test_decompression_bomb.py
View File

@ -1,37 +1,45 @@
from tester import * from helper import unittest, PillowTestCase, tearDownModule
from PIL import Image from PIL import Image
test_file = "Images/lena.ppm" test_file = "Images/lena.ppm"
ORIGINAL_LIMIT = Image.MAX_IMAGE_PIXELS
def test_no_warning_small_file():
# Implicit assert: no warning.
# A warning would cause a failure.
Image.open(test_file)
def test_no_warning_no_limit(): class TestDecompressionBomb(PillowTestCase):
# Arrange
# Turn limit off
Image.MAX_IMAGE_PIXELS = None
assert_equal(Image.MAX_IMAGE_PIXELS, None)
# Act / Assert def tearDown(self):
# Implicit assert: no warning. Image.MAX_IMAGE_PIXELS = ORIGINAL_LIMIT
# A warning would cause a failure.
Image.open(test_file)
def test_no_warning_small_file(self):
# Implicit assert: no warning.
# A warning would cause a failure.
Image.open(test_file)
def test_warning(): def test_no_warning_no_limit(self):
# Arrange # Arrange
# Set limit to a low, easily testable value # Turn limit off
Image.MAX_IMAGE_PIXELS = 10 Image.MAX_IMAGE_PIXELS = None
assert_equal(Image.MAX_IMAGE_PIXELS, 10) self.assertEqual(Image.MAX_IMAGE_PIXELS, None)
# Act / Assert # Act / Assert
assert_warning( # Implicit assert: no warning.
RuntimeWarning, # A warning would cause a failure.
lambda: Image.open(test_file)) Image.open(test_file)
def test_warning(self):
# Arrange
# Set limit to a low, easily testable value
Image.MAX_IMAGE_PIXELS = 10
self.assertEqual(Image.MAX_IMAGE_PIXELS, 10)
# Act / Assert
self.assert_warning(
Image.DecompressionBombWarning,
lambda: Image.open(test_file))
if __name__ == '__main__':
unittest.main()
# End of file # End of file