mirror of
https://github.com/python-pillow/Pillow.git
synced 2024-12-24 17:06:16 +03:00
FLI overflow error fix and testcase CVE-2016-0775
This commit is contained in:
parent
c3cb690fed
commit
893a40850c
16
Tests/check_fli_overflow.py
Normal file
16
Tests/check_fli_overflow.py
Normal file
|
@ -0,0 +1,16 @@
|
|||
from helper import unittest, PillowTestCase
|
||||
from PIL import Image
|
||||
|
||||
TEST_FILE = "Tests/images/fli_overflow.fli"
|
||||
|
||||
|
||||
class TestFliOverflow(PillowTestCase):
|
||||
def test_fli_overflow(self):
|
||||
|
||||
# this should not crash with a malloc error or access violation
|
||||
im = Image.open(TEST_FILE)
|
||||
im.load()
|
||||
|
||||
|
||||
if __name__ == '__main__':
|
||||
unittest.main()
|
BIN
Tests/images/fli_overflow.fli
Normal file
BIN
Tests/images/fli_overflow.fli
Normal file
Binary file not shown.
|
@ -185,7 +185,7 @@ ImagingFliDecode(Imaging im, ImagingCodecState state, UINT8* buf, int bytes)
|
|||
/* COPY chunk */
|
||||
for (y = 0; y < state->ysize; y++) {
|
||||
UINT8* buf = (UINT8*) im->image[y];
|
||||
memcpy(buf+x, data, state->xsize);
|
||||
memcpy(buf, data, state->xsize);
|
||||
data += state->xsize;
|
||||
}
|
||||
break;
|
||||
|
|
Loading…
Reference in New Issue
Block a user