diff --git a/.travis.yml b/.travis.yml index 7635334a0..783974b53 100644 --- a/.travis.yml +++ b/.travis.yml @@ -20,7 +20,10 @@ install: - "pip install cffi" - "pip install coveralls nose coveralls-merge" - "gem install coveralls-lcov" - - travis_retry pip install pyroma + + # Pyroma installation is slow on Py3, so just do it for Py2. + - if [ ${TRAVIS_PYTHON_VERSION:0:1} == "2" ]; then travis_retry pip install pyroma; fi + - if [ "$TRAVIS_PYTHON_VERSION" == "2.6" ]; then pip install unittest2; fi # webp diff --git a/CHANGES.rst b/CHANGES.rst index 141d5c715..97bbd5d86 100644 --- a/CHANGES.rst +++ b/CHANGES.rst @@ -4,6 +4,15 @@ Changelog (Pillow) 2.6.0 (unreleased) ------------------ +- Fix TGA files with image ID field #856 + [megabuz] + +- Fixed wrong P-mode of small, unoptimized L-mode GIF #843 + [uvNikita] + +- Fixed CVE-2014-3598, a DOS in the Jpeg2KImagePlugin + [Andrew Drake] + - Fixed CVE-2014-3589, a DOS in the IcnsImagePlugin [Andrew Drake] @@ -61,6 +70,12 @@ Changelog (Pillow) - Test PalmImagePlugin and method to skip known bad tests #776 [hugovk, wiredfool] +2.5.3 (2014-08-18) +------------------ + +- Fixed CVE-2014-3598, a DOS in the Jpeg2KImagePlugin (backport) + [Andrew Drake] + 2.5.2 (2014-08-13) ------------------ diff --git a/PIL/GifImagePlugin.py b/PIL/GifImagePlugin.py index 4107c6ba3..640af9efc 100644 --- a/PIL/GifImagePlugin.py +++ b/PIL/GifImagePlugin.py @@ -268,10 +268,9 @@ def _save(im, fp, filename): except IOError: pass # write uncompressed file - try: - rawmode = RAWMODE[im.mode] + if im.mode in RAWMODE: imOut = im - except KeyError: + else: # convert on the fly (EXPERIMENTAL -- I'm not sure PIL # should automatically convert images on save...) if Image.getmodebase(im.mode) == "RGB": @@ -279,10 +278,8 @@ def _save(im, fp, filename): if im.palette: palette_size = len(im.palette.getdata()[1]) // 3 imOut = im.convert("P", palette=1, colors=palette_size) - rawmode = "P" else: imOut = im.convert("L") - rawmode = "L" # header try: @@ -290,12 +287,6 @@ def _save(im, fp, filename): except KeyError: palette = None im.encoderinfo["optimize"] = im.encoderinfo.get("optimize", True) - if im.encoderinfo["optimize"]: - # When the mode is L, and we optimize, we end up with - # im.mode == P and rawmode = L, which fails. - # If we're optimizing the palette, we're going to be - # in a rawmode of P anyway. - rawmode = 'P' header, usedPaletteColors = getheader(imOut, palette, im.encoderinfo) for s in header: @@ -352,7 +343,7 @@ def _save(im, fp, filename): o8(8)) # bits imOut.encoderconfig = (8, interlace) - ImageFile._save(imOut, fp, [("gif", (0,0)+im.size, 0, rawmode)]) + ImageFile._save(imOut, fp, [("gif", (0,0)+im.size, 0, RAWMODE[imOut.mode])]) fp.write(b"\0") # end of image data diff --git a/PIL/Jpeg2KImagePlugin.py b/PIL/Jpeg2KImagePlugin.py index 0a7a6e297..53b10ca1a 100644 --- a/PIL/Jpeg2KImagePlugin.py +++ b/PIL/Jpeg2KImagePlugin.py @@ -70,6 +70,9 @@ def _parse_jp2_header(fp): else: hlen = 8 + if lbox < hlen: + raise SyntaxError('Invalid JP2 header length') + if tbox == b'jp2h': header = fp.read(lbox - hlen) break diff --git a/PIL/TgaImagePlugin.py b/PIL/TgaImagePlugin.py index 55790db08..46eafe8d0 100644 --- a/PIL/TgaImagePlugin.py +++ b/PIL/TgaImagePlugin.py @@ -42,9 +42,6 @@ MODES = { } -def _accept(prefix): - return prefix[0:1] == b"\0" - ## # Image plugin for Targa files. @@ -58,7 +55,7 @@ class TgaImageFile(ImageFile.ImageFile): # process header s = self.fp.read(18) - id = i8(s[0]) + idlen = i8(s[0]) colormaptype = i8(s[1]) imagetype = i8(s[2]) @@ -70,7 +67,7 @@ class TgaImageFile(ImageFile.ImageFile): self.size = i16(s[12:]), i16(s[14:]) # validate header fields - if id != 0 or colormaptype not in (0, 1) or\ + if colormaptype not in (0, 1) or\ self.size[0] <= 0 or self.size[1] <= 0 or\ depth not in (1, 8, 16, 24, 32): raise SyntaxError("not a TGA file") @@ -79,7 +76,7 @@ class TgaImageFile(ImageFile.ImageFile): if imagetype in (3, 11): self.mode = "L" if depth == 1: - self.mode = "1" # ??? + self.mode = "1" # ??? elif imagetype in (1, 9): self.mode = "P" elif imagetype in (2, 10): @@ -103,22 +100,25 @@ class TgaImageFile(ImageFile.ImageFile): if imagetype & 8: self.info["compression"] = "tga_rle" + if idlen: + self.info["id_section"] = self.fp.read(idlen) + if colormaptype: # read palette start, size, mapdepth = i16(s[3:]), i16(s[5:]), i16(s[7:]) if mapdepth == 16: - self.palette = ImagePalette.raw("BGR;16", - b"\0"*2*start + self.fp.read(2*size)) + self.palette = ImagePalette.raw( + "BGR;16", b"\0"*2*start + self.fp.read(2*size)) elif mapdepth == 24: - self.palette = ImagePalette.raw("BGR", - b"\0"*3*start + self.fp.read(3*size)) + self.palette = ImagePalette.raw( + "BGR", b"\0"*3*start + self.fp.read(3*size)) elif mapdepth == 32: - self.palette = ImagePalette.raw("BGRA", - b"\0"*4*start + self.fp.read(4*size)) + self.palette = ImagePalette.raw( + "BGRA", b"\0"*4*start + self.fp.read(4*size)) # setup tile descriptor try: - rawmode = MODES[(imagetype&7, depth)] + rawmode = MODES[(imagetype & 7, depth)] if imagetype & 8: # compressed self.tile = [("tga_rle", (0, 0)+self.size, @@ -127,7 +127,7 @@ class TgaImageFile(ImageFile.ImageFile): self.tile = [("raw", (0, 0)+self.size, self.fp.tell(), (rawmode, 0, orientation))] except KeyError: - pass # cannot decode + pass # cannot decode # # -------------------------------------------------------------------- @@ -145,6 +145,7 @@ SAVE = { "RGBA": ("BGRA", 32, 0, 2), } + def _save(im, fp, filename, check=0): try: @@ -185,13 +186,14 @@ def _save(im, fp, filename, check=0): if colormaptype: fp.write(im.im.getpalette("RGB", "BGR")) - ImageFile._save(im, fp, [("raw", (0,0)+im.size, 0, (rawmode, 0, orientation))]) + ImageFile._save( + im, fp, [("raw", (0, 0) + im.size, 0, (rawmode, 0, orientation))]) # # -------------------------------------------------------------------- # Registry -Image.register_open("TGA", TgaImageFile, _accept) +Image.register_open("TGA", TgaImageFile) Image.register_save("TGA", _save) Image.register_extension("TGA", ".tga") diff --git a/PIL/__init__.py b/PIL/__init__.py index 56edaf247..7b4b8abfa 100644 --- a/PIL/__init__.py +++ b/PIL/__init__.py @@ -12,7 +12,7 @@ # ;-) VERSION = '1.1.7' # PIL version -PILLOW_VERSION = '2.5.0' # Pillow +PILLOW_VERSION = '2.5.3' # Pillow _plugins = ['BmpImagePlugin', 'BufrStubImagePlugin', diff --git a/Tests/check_j2k_dos.py b/Tests/check_j2k_dos.py new file mode 100644 index 000000000..68f065bbc --- /dev/null +++ b/Tests/check_j2k_dos.py @@ -0,0 +1,11 @@ +# Tests potential DOS of Jpeg2kImagePlugin with 0 length block. +# Run from anywhere that PIL is importable. + +from PIL import Image +from io import BytesIO + +if bytes is str: + Image.open(BytesIO(bytes('\x00\x00\x00\x0cjP\x20\x20\x0d\x0a\x87\x0a\x00\x00\x00\x00hang'))) +else: + Image.open(BytesIO(bytes('\x00\x00\x00\x0cjP\x20\x20\x0d\x0a\x87\x0a\x00\x00\x00\x00hang', 'latin-1'))) + diff --git a/Tests/images/tga_id_field.tga b/Tests/images/tga_id_field.tga new file mode 100644 index 000000000..a3d666848 Binary files /dev/null and b/Tests/images/tga_id_field.tga differ diff --git a/Tests/test_file_gif.py b/Tests/test_file_gif.py index 93b826fd6..bd4a6e76c 100644 --- a/Tests/test_file_gif.py +++ b/Tests/test_file_gif.py @@ -35,6 +35,14 @@ class TestFileGif(PillowTestCase): self.assertEqual(test(0), 800) self.assertEqual(test(1), 38) + def test_optimize_full_l(self): + from io import BytesIO + + im = Image.frombytes("L", (16, 16), bytes(bytearray(range(256)))) + file = BytesIO() + im.save(file, "GIF", optimize=True) + self.assertEqual(im.mode, "L") + def test_roundtrip(self): out = self.tempfile('temp.gif') im = lena() diff --git a/Tests/test_file_jpeg2k.py b/Tests/test_file_jpeg2k.py index a0e7dfb53..db67e9551 100644 --- a/Tests/test_file_jpeg2k.py +++ b/Tests/test_file_jpeg2k.py @@ -52,7 +52,8 @@ class TestFileJpeg2k(PillowTestCase): def test_lossless(self): im = Image.open('Tests/images/test-card-lossless.jp2') im.load() - im.save('/tmp/test-card.png') + outfile = self.tempfile('temp_test-card.png') + im.save(outfile) self.assert_image_similar(im, test_card, 1.0e-3) def test_lossy_tiled(self): diff --git a/Tests/test_file_tga.py b/Tests/test_file_tga.py new file mode 100644 index 000000000..ea94dee64 --- /dev/null +++ b/Tests/test_file_tga.py @@ -0,0 +1,20 @@ +from helper import unittest, PillowTestCase + +from PIL import Image + + +class TestFileTga(PillowTestCase): + + def test_id_field(self): + # tga file with id field + test_file = "Tests/images/tga_id_field.tga" + + # Act + im = Image.open(test_file) + + # Assert + self.assertEqual(im.size, (100, 100)) + + +if __name__ == '__main__': + unittest.main() diff --git a/_imaging.c b/_imaging.c index c28bd4d93..ec8205dd4 100644 --- a/_imaging.c +++ b/_imaging.c @@ -71,7 +71,7 @@ * See the README file for information on usage and redistribution. */ -#define PILLOW_VERSION "2.5.0" +#define PILLOW_VERSION "2.5.3" #include "Python.h" diff --git a/setup.py b/setup.py index ac3bc3ea8..5cf0e5e65 100644 --- a/setup.py +++ b/setup.py @@ -90,7 +90,7 @@ except (ImportError, OSError): NAME = 'Pillow' -PILLOW_VERSION = '2.5.0' +PILLOW_VERSION = '2.5.3' TCL_ROOT = None JPEG_ROOT = None JPEG2K_ROOT = None