Merge pull request #738 from hugovk/warning

Warn about decompression bombs
This commit is contained in:
Hugo 2014-06-27 21:47:06 +03:00
commit be61256222

View File

@ -49,6 +49,8 @@ Functions
.. autofunction:: open
.. warning:: > To protect against potential DOS attacks caused by "[decompression bombs](https://en.wikipedia.org/wiki/Zip_bomb)" (i.e. malicious files which decompress into a huge amount of data and are designed to crash or cause disruption by using up a lot of memory), Pillow will issue a `DecompressionBombWarning` if the image is over a certain limit. If desired, the warning can be turned into an error with `warnings.simplefilter('error', Image.DecompressionBombWarning)` or suppressed entirely with `warnings.simplefilter('ignore', Image.DecompressionBombWarning)`. See also [the logging documentation](https://docs.python.org/2/library/logging.html?highlight=logging#integration-with-the-warnings-module) to have warnings output to the logging facility instead of stderr.
Image processing
^^^^^^^^^^^^^^^^