diff --git a/CHANGES.rst b/CHANGES.rst index 33226eac5..ae917acb1 100644 --- a/CHANGES.rst +++ b/CHANGES.rst @@ -4,6 +4,12 @@ Changelog (Pillow) 2.4.0 (2014-04-01 est.) ------------------ +- Fixed DOS with invalid palette size or invalid image size in BMP file + [wiredfool] + +- Added support for BMP version 4 and 5 + [eddwardo, wiredfool] + - Fix segfault in getfont when passed a memory resident font [wiredfool] diff --git a/PIL/BmpImagePlugin.py b/PIL/BmpImagePlugin.py index a4eb1d3f2..436ca5dce 100644 --- a/PIL/BmpImagePlugin.py +++ b/PIL/BmpImagePlugin.py @@ -82,7 +82,7 @@ class BmpImageFile(ImageFile.ImageFile): colors = 0 direction = -1 - elif len(s) in [40, 64]: + elif len(s) in [40, 64, 108, 124]: # WIN 3.1 or OS/2 2.0 INFO bits = i16(s[14:]) @@ -99,6 +99,10 @@ class BmpImageFile(ImageFile.ImageFile): else: raise IOError("Unsupported BMP header type (%d)" % len(s)) + if (self.size[0]*self.size[1]) > 2**31: + # Prevent DOS for > 2gb images + raise IOError("Unsupported BMP Size: (%dx%d)" % self.size) + if not colors: colors = 1 << bits @@ -129,6 +133,8 @@ class BmpImageFile(ImageFile.ImageFile): greyscale = 1 if colors == 2: indices = (0, 255) + elif colors > 2**16 or colors <=0: #We're reading a i32. + raise IOError("Unsupported BMP Palette size (%d)" % colors) else: indices = list(range(colors)) for i in indices: diff --git a/Tests/images/bmp/README.txt b/Tests/images/bmp/README.txt new file mode 100644 index 000000000..4829834f4 --- /dev/null +++ b/Tests/images/bmp/README.txt @@ -0,0 +1,3 @@ +These images are from the bmpsuite: +https://github.com/jsummers/bmpsuite and are in the public domain +according to the readme in the project. diff --git a/Tests/images/bmp/b/badbitcount.bmp b/Tests/images/bmp/b/badbitcount.bmp new file mode 100644 index 000000000..d4fa4e8b8 Binary files /dev/null and b/Tests/images/bmp/b/badbitcount.bmp differ diff --git a/Tests/images/bmp/b/badbitssize.bmp b/Tests/images/bmp/b/badbitssize.bmp new file mode 100644 index 000000000..0a99a605a Binary files /dev/null and b/Tests/images/bmp/b/badbitssize.bmp differ diff --git a/Tests/images/bmp/b/baddens1.bmp b/Tests/images/bmp/b/baddens1.bmp new file mode 100644 index 000000000..a6150a6fe Binary files /dev/null and b/Tests/images/bmp/b/baddens1.bmp differ diff --git a/Tests/images/bmp/b/baddens2.bmp b/Tests/images/bmp/b/baddens2.bmp new file mode 100644 index 000000000..f2c1dfb66 Binary files /dev/null and b/Tests/images/bmp/b/baddens2.bmp differ diff --git a/Tests/images/bmp/b/badfilesize.bmp b/Tests/images/bmp/b/badfilesize.bmp new file mode 100644 index 000000000..da52cb51d Binary files /dev/null and b/Tests/images/bmp/b/badfilesize.bmp differ diff --git a/Tests/images/bmp/b/badheadersize.bmp b/Tests/images/bmp/b/badheadersize.bmp new file mode 100644 index 000000000..2a4083a6f Binary files /dev/null and b/Tests/images/bmp/b/badheadersize.bmp differ diff --git a/Tests/images/bmp/b/badpalettesize.bmp b/Tests/images/bmp/b/badpalettesize.bmp new file mode 100644 index 000000000..7d9d1b745 Binary files /dev/null and b/Tests/images/bmp/b/badpalettesize.bmp differ diff --git a/Tests/images/bmp/b/badplanes.bmp b/Tests/images/bmp/b/badplanes.bmp new file mode 100644 index 000000000..92d2855b6 Binary files /dev/null and b/Tests/images/bmp/b/badplanes.bmp differ diff --git a/Tests/images/bmp/b/badrle.bmp b/Tests/images/bmp/b/badrle.bmp new file mode 100644 index 000000000..cbf8fdc2e Binary files /dev/null and b/Tests/images/bmp/b/badrle.bmp differ diff --git a/Tests/images/bmp/b/badwidth.bmp b/Tests/images/bmp/b/badwidth.bmp new file mode 100644 index 000000000..9fca005dc Binary files /dev/null and b/Tests/images/bmp/b/badwidth.bmp differ diff --git a/Tests/images/bmp/b/pal8badindex.bmp b/Tests/images/bmp/b/pal8badindex.bmp new file mode 100644 index 000000000..efe16c05c Binary files /dev/null and b/Tests/images/bmp/b/pal8badindex.bmp differ diff --git a/Tests/images/bmp/b/reallybig.bmp b/Tests/images/bmp/b/reallybig.bmp new file mode 100644 index 000000000..101e0b494 Binary files /dev/null and b/Tests/images/bmp/b/reallybig.bmp differ diff --git a/Tests/images/bmp/b/rletopdown.bmp b/Tests/images/bmp/b/rletopdown.bmp new file mode 100644 index 000000000..21a909fda Binary files /dev/null and b/Tests/images/bmp/b/rletopdown.bmp differ diff --git a/Tests/images/bmp/b/shortfile.bmp b/Tests/images/bmp/b/shortfile.bmp new file mode 100644 index 000000000..73960797b Binary files /dev/null and b/Tests/images/bmp/b/shortfile.bmp differ diff --git a/Tests/images/bmp/g/pal1.bmp b/Tests/images/bmp/g/pal1.bmp new file mode 100644 index 000000000..4776f8277 Binary files /dev/null and b/Tests/images/bmp/g/pal1.bmp differ diff --git a/Tests/images/bmp/g/pal1bg.bmp b/Tests/images/bmp/g/pal1bg.bmp new file mode 100644 index 000000000..466d0ba72 Binary files /dev/null and b/Tests/images/bmp/g/pal1bg.bmp differ diff --git a/Tests/images/bmp/g/pal1wb.bmp b/Tests/images/bmp/g/pal1wb.bmp new file mode 100644 index 000000000..56cb93203 Binary files /dev/null and b/Tests/images/bmp/g/pal1wb.bmp differ diff --git a/Tests/images/bmp/g/pal4.bmp b/Tests/images/bmp/g/pal4.bmp new file mode 100644 index 000000000..7fd36303c Binary files /dev/null and b/Tests/images/bmp/g/pal4.bmp differ diff --git a/Tests/images/bmp/g/pal4rle.bmp b/Tests/images/bmp/g/pal4rle.bmp new file mode 100644 index 000000000..a5672aebd Binary files /dev/null and b/Tests/images/bmp/g/pal4rle.bmp differ diff --git a/Tests/images/bmp/g/pal8-0.bmp b/Tests/images/bmp/g/pal8-0.bmp new file mode 100644 index 000000000..ab8815a36 Binary files /dev/null and b/Tests/images/bmp/g/pal8-0.bmp differ diff --git a/Tests/images/bmp/g/pal8.bmp b/Tests/images/bmp/g/pal8.bmp new file mode 100644 index 000000000..96b2f8668 Binary files /dev/null and b/Tests/images/bmp/g/pal8.bmp differ diff --git a/Tests/images/bmp/g/pal8nonsquare.bmp b/Tests/images/bmp/g/pal8nonsquare.bmp new file mode 100644 index 000000000..0aa8de04c Binary files /dev/null and b/Tests/images/bmp/g/pal8nonsquare.bmp differ diff --git a/Tests/images/bmp/g/pal8os2.bmp b/Tests/images/bmp/g/pal8os2.bmp new file mode 100644 index 000000000..14901b388 Binary files /dev/null and b/Tests/images/bmp/g/pal8os2.bmp differ diff --git a/Tests/images/bmp/g/pal8rle.bmp b/Tests/images/bmp/g/pal8rle.bmp new file mode 100644 index 000000000..d43101490 Binary files /dev/null and b/Tests/images/bmp/g/pal8rle.bmp differ diff --git a/Tests/images/bmp/g/pal8topdown.bmp b/Tests/images/bmp/g/pal8topdown.bmp new file mode 100644 index 000000000..4b2f8e019 Binary files /dev/null and b/Tests/images/bmp/g/pal8topdown.bmp differ diff --git a/Tests/images/bmp/g/pal8v4.bmp b/Tests/images/bmp/g/pal8v4.bmp new file mode 100644 index 000000000..7064be315 Binary files /dev/null and b/Tests/images/bmp/g/pal8v4.bmp differ diff --git a/Tests/images/bmp/g/pal8v5.bmp b/Tests/images/bmp/g/pal8v5.bmp new file mode 100644 index 000000000..c54647a31 Binary files /dev/null and b/Tests/images/bmp/g/pal8v5.bmp differ diff --git a/Tests/images/bmp/g/pal8w124.bmp b/Tests/images/bmp/g/pal8w124.bmp new file mode 100644 index 000000000..b7cc2d8bf Binary files /dev/null and b/Tests/images/bmp/g/pal8w124.bmp differ diff --git a/Tests/images/bmp/g/pal8w125.bmp b/Tests/images/bmp/g/pal8w125.bmp new file mode 100644 index 000000000..06efed744 Binary files /dev/null and b/Tests/images/bmp/g/pal8w125.bmp differ diff --git a/Tests/images/bmp/g/pal8w126.bmp b/Tests/images/bmp/g/pal8w126.bmp new file mode 100644 index 000000000..112aa9fe6 Binary files /dev/null and b/Tests/images/bmp/g/pal8w126.bmp differ diff --git a/Tests/images/bmp/g/rgb16-565.bmp b/Tests/images/bmp/g/rgb16-565.bmp new file mode 100644 index 000000000..c03a27975 Binary files /dev/null and b/Tests/images/bmp/g/rgb16-565.bmp differ diff --git a/Tests/images/bmp/g/rgb16-565pal.bmp b/Tests/images/bmp/g/rgb16-565pal.bmp new file mode 100644 index 000000000..e7632e344 Binary files /dev/null and b/Tests/images/bmp/g/rgb16-565pal.bmp differ diff --git a/Tests/images/bmp/g/rgb16.bmp b/Tests/images/bmp/g/rgb16.bmp new file mode 100644 index 000000000..6bfe47af4 Binary files /dev/null and b/Tests/images/bmp/g/rgb16.bmp differ diff --git a/Tests/images/bmp/g/rgb24.bmp b/Tests/images/bmp/g/rgb24.bmp new file mode 100644 index 000000000..40f8bb094 Binary files /dev/null and b/Tests/images/bmp/g/rgb24.bmp differ diff --git a/Tests/images/bmp/g/rgb24pal.bmp b/Tests/images/bmp/g/rgb24pal.bmp new file mode 100644 index 000000000..102e971dd Binary files /dev/null and b/Tests/images/bmp/g/rgb24pal.bmp differ diff --git a/Tests/images/bmp/g/rgb32.bmp b/Tests/images/bmp/g/rgb32.bmp new file mode 100644 index 000000000..5d57eaaea Binary files /dev/null and b/Tests/images/bmp/g/rgb32.bmp differ diff --git a/Tests/images/bmp/g/rgb32bf.bmp b/Tests/images/bmp/g/rgb32bf.bmp new file mode 100644 index 000000000..20fa9a132 Binary files /dev/null and b/Tests/images/bmp/g/rgb32bf.bmp differ diff --git a/Tests/images/bmp/html/bkgd.png b/Tests/images/bmp/html/bkgd.png new file mode 100644 index 000000000..d66ca9d65 Binary files /dev/null and b/Tests/images/bmp/html/bkgd.png differ diff --git a/Tests/images/bmp/html/bmpsuite.html b/Tests/images/bmp/html/bmpsuite.html new file mode 100644 index 000000000..6604102bb --- /dev/null +++ b/Tests/images/bmp/html/bmpsuite.html @@ -0,0 +1,578 @@ + + + +
+ +For BMP Suite +version 2.3
+ +This document describes the images in BMP Suite, and shows what +I allege to be the correct way to interpret them. PNG and JPEG images are +used for reference. +
+ +It also shows how your web browser displays the BMP images, +but that’s not its main purpose. +BMP is poor image format to use on web pages, so a web browser’s +level of support for it is arguably not important.
+ +File | +Ver. | +Correct display | +In your browser | +Notes | +
---|---|---|---|---|
g/pal1.bmp | +3 | ++ | + | 1 bit/pixel paletted image, in which black is the first color in + the palette. | +
g/pal1wb.bmp | +3 | ++ | + | 1 bit/pixel paletted image, in which white is the first color in + the palette. | +
g/pal1bg.bmp | +3 | ++ | + | 1 bit/pixel paletted image, with colors other than black and white. | +
q/pal1p1.bmp | +3 | ++ | + | 1 bit/pixel paletted image, with only one color in the palette. + The documentation says that 1-bpp images have a palette size of 2 + (not “up to 2”), but it would be silly for a viewer not to + support a size of 1. | +
q/pal2.bmp | +3 | ++ | + | A paletted image with 2 bits/pixel. Usually only 1, 4, + and 8 are allowed, but 2 is legal on Windows CE. | +
g/pal4.bmp | +3 | ++ | + | Paletted image with 12 palette colors, and 4 bits/pixel. | +
g/pal4rle.bmp | +3 | ++ | + | 4-bit image that uses RLE compression. | +
q/pal4rletrns.bmp | +3 | ++ or + or |
+ + | An RLE-compressed image that used “delta” + codes to skip over some pixels, leaving them undefined. Some viewers + make undefined pixels transparent, others make them black, and + others assign them palette color 0 (purple, in this case). | +
g/pal8.bmp | +3 | ++ | + | Our standard paletted image, with 252 palette colors, and 8 + bits/pixel. | +
g/pal8-0.bmp | +3 | ++ | + | Every field that can be set to 0 is set to 0: pixels/meter=0; + colors used=0 (meaning the default 256); size-of-image=0. | +
g/pal8rle.bmp | +3 | ++ | + | 8-bit image that uses RLE compression. | +
q/pal8rletrns.bmp | +3 | ++ or + or |
+ + | 8-bit version of q/pal4rletrns.bmp. | +
g/pal8w126.bmp | +3 | ++ | + | Images with different widths and heights. + In BMP format, rows are padded to a multiple of four bytes, so we + test all four possibilities. | +
g/pal8w125.bmp | +3 | ++ | + | |
g/pal8w124.bmp | +3 | ++ | + | |
g/pal8topdown.bmp | +3 | ++ | + | BMP images are normally stored from the bottom up, but + there is a way to store them from the top down. | +
q/pal8offs.bmp | +3 | ++ | + | A file with some unused bytes between the palette and the + image. This is probably valid, but I’m not 100% sure. | +
q/pal8oversizepal.bmp | +3 | ++ | + | An 8-bit image with 300 palette colors. This may be invalid, + because the documentation could + be interpreted to imply that 8-bit images aren’t allowed + to have more than 256 colors. | +
g/pal8nonsquare.bmp | +3 | +
+ + or + + |
+ + | An image with non-square pixels: the X pixels/meter is twice + the Y pixels/meter. Image editors can be expected to + leave the image “squashed”; image viewers should + consider stretching it to its correct proportions. | +
g/pal8os2.bmp | +OS/2v1 | ++ | + | An OS/2-style bitmap. | +
q/pal8os2sp.bmp | +OS/2v1 | ++ | + | An OS/2v1 with a less-than-full-sized palette. + Probably not valid, but such files have been seen in the wild. | +
q/pal8os2v2.bmp | +OS/2v2 | ++ | + | My attempt to make an OS/2v2 bitmap. | +
q/pal8os2v2-16.bmp | +OS/2v2 | ++ | + | An OS/2v2 bitmap whose header has only 16 bytes, instead of the full 64. | +
g/pal8v4.bmp | +4 | ++ | + | A v4 bitmap. I’m not sure that the gamma and chromaticity values in + this file are sensible, because I can’t find any detailed documentation + of them. | +
g/pal8v5.bmp | +5 | ++ | + | A v5 bitmap. Version 5 has additional colorspace options over v4, so it + is easier to create, and ought to be more portable. | +
g/rgb16.bmp | +3 | ++ | + | A 16-bit image with the default color format: 5 bits each for red, + green, and blue, and 1 unused bit. + The whitest colors should (I assume) be displayed as pure white: + (255,255,255), not + (248,248,248). | +
g/rgb16-565.bmp | +3 | ++ | + | A 16-bit image with a BITFIELDS segment indicating 5 red, 6 green, + and 5 blue bits. This is a standard 16-bit format, even supported by + old versions of Windows that don’t support any other non-default 16-bit + formats. + The whitest colors should be displayed as pure white: + (255,255,255), not + (248,252,248). | +
g/rgb16-565pal.bmp | +3 | ++ | + | A 16-bit image with both a BITFIELDS segment and a palette. | +
q/rgb16-231.bmp | +3 | ++ | + | An unusual and silly 16-bit image, with 2 red bits, 3 green bits, and 1 + blue bit. Most viewers do support this image, but the colors may be darkened + with a yellow-green shadow. That’s because they’re doing simple + bit-shifting (possibly including one round of bit replication), instead of + proper scaling. | +
q/rgba16-4444.bmp | +5 | ++ | + | A 16-bit image with an alpha channel. There are 4 bits for each color + channel, and 4 bits for the alpha channel. + It’s not clear if this is valid, but I can’t find anything that + suggests it isn’t. + | +
g/rgb24.bmp | +3 | ++ | + | A perfectly ordinary 24-bit (truecolor) image. | +
g/rgb24pal.bmp | +3 | ++ | + | A 24-bit image, with a palette containing 256 colors. There is little if + any reason for a truecolor image to contain a palette, but it is legal. | +
q/rgb24largepal.bmp | +3 | ++ | + | A 24-bit image, with a palette containing 300 colors. + The fact that the palette has more than 256 colors may cause some viewers + to complain, but the documentation does not mention a size limit. | +
q/rgb24prof.bmp | +5 | ++ | + | My attempt to make a BMP file with an embedded color profile. | +
q/rgb24lprof.bmp | +5 | ++ | + | My attempt to make a BMP file with a linked color profile. | +
q/rgb24jpeg.bmp | +5 | ++ | + | My attempt to make BMP files with embedded JPEG and PNG images. + These are not likely to be supported by much of anything (they’re + intended for printers). | +
q/rgb24png.bmp | +5 | ++ | + | |
g/rgb32.bmp | +3 | ++ | + | A 32-bit image using the default color format for 32-bit images (no + BITFIELDS segment). There are 8 bits per color channel, and 8 unused + bits. The unused bits are set to 0. | +
g/rgb32bf.bmp | +3 | ++ | + | A 32-bit image with a BITFIELDS segment. As usual, there are 8 bits per + color channel, and 8 unused bits. But the color channels are in an unusual + order, so the viewer must read the BITFIELDS, and not just guess. | +
q/rgb32fakealpha.bmp | +3 | ++ or + + |
+ + | Same as g/rgb32.bmp, except that the unused bits are set to something + other than 0. + If the image becomes transparent toward the bottom, it probably means + the viewer uses heuristics to guess whether the undefined + data represents transparency. | +
q/rgb32-111110.bmp | +3 | ++ | + | A 32 bits/pixel image, with all 32 bits used: 11 each for red and + green, and 10 for blue. As far as I know, this is perfectly valid, but it + is unusual. | +
q/rgba32.bmp | +5 | ++ | + | A BMP with an alpha channel. Transparency is barely documented, + so it’s possible that this file is not correctly formed. + The color channels are in an unusual order, to prevent viewers from + passing this test by making a lucky guess. | +
q/rgba32abf.bmp | +3 | ++ | + | An image of type BI_ALHPABITFIELDS. Supposedly, this was used on + Windows CE. I don’t know whether it is constructed correctly. | +
b/badbitcount.bmp | +3 | +N/A | ++ | Header indicates an absurdly large number of bits/pixel. | +
b/badbitssize.bmp | +3 | +N/A | ++ | Header incorrectly indicates that the bitmap is several GB in size. | +
b/baddens1.bmp | +3 | +N/A | ++ | Density (pixels per meter) suggests the image is much + larger in one dimension than the other. | +
b/baddens2.bmp | +3 | +N/A | ++ | |
b/badfilesize.bmp | +3 | +N/A | ++ | Header incorrectly indicates that the file is several GB in size. | +
b/badheadersize.bmp | +? | +N/A | ++ | Header size is 66 bytes, which is not a valid size for any known BMP + version. | +
b/badpalettesize.bmp | +3 | +N/A | ++ | Header incorrectly indicates that the palette contains an absurdly large + number of colors. | +
b/badplanes.bmp | +3 | +N/A | ++ | The “planes” setting, which is required to be 1, is not 1. | +
b/badrle.bmp | +3 | +N/A | ++ | An invalid RLE-compressed image that tries to cause buffer overruns. | +
b/badwidth.bmp | +3 | +N/A | ++ | The image claims to be a negative number of pixels in width. | +
b/pal8badindex.bmp | +3 | +N/A | ++ | Many of the palette indices used in the image are not present in the + palette. | +
b/reallybig.bmp | +3 | +N/A | ++ | An image with a very large reported width and height. | +
b/rletopdown.bmp | +3 | +N/A | ++ | An RLE-compressed image that tries to use top-down orientation, + which isn’t allowed. | +
b/shortfile.bmp | +3 | +N/A | ++ | A file that has been truncated in the middle of the bitmap. | +