Commit Graph

655 Commits

Author SHA1 Message Date
Andrew Murray
cbdc751628 Read AND mask from end 2021-08-10 07:04:36 +10:00
Andrew Murray
4063deddac
Merge branch 'master' into eps 2021-08-06 23:32:02 +10:00
Andrew Murray
caecb3a772 Merge branch 'master' into wal 2021-08-06 22:03:51 +10:00
Andrew Murray
929c561937 Merge branch 'master' into eps 2021-08-06 22:03:12 +10:00
Andrew Murray
6596e31605 Determine mode purely from ihdr header box 2021-08-05 01:06:01 +10:00
Andrew Murray
6406dabf29
Merge pull request #5568 from rogermb/jpeg2000-resolution
Add support for reading DPI information from JPEG2000 images
2021-08-03 00:06:13 +10:00
Alexander Karpinsky
a312b0e9d0
Merge pull request #5639 from uploadcare/jpeg-safe-dpi-read
Add TypeError handling to pass corrupted DPI value in EXIF
2021-08-02 14:34:54 +03:00
Andrew Murray
8045ecceef Added tests 2021-08-01 19:01:43 +10:00
Andrew Murray
ae54838146 If DPI is invalid, ignore it instead of raising an error 2021-08-01 18:38:56 +10:00
Andrew Murray
a9372d5cf0 Fixed generated palettes 2021-07-29 16:20:20 +10:00
Alexander Karpinsky
3abe5e884b Add TypeError handling to pass corrupted dpi value in exif 2021-07-26 16:13:01 +03:00
Andrew Murray
1d73a483f4 Added "transparency" argument to load() 2021-07-19 09:08:45 +10:00
Andrew Murray
a9fccfada1 Added WalImageFile class 2021-07-18 12:35:27 +10:00
Meithal
3fbc9eb229 self.mode = "BGRA" wasn't correct and captured by #affa059 2021-07-15 20:33:35 +02:00
Andrew Murray
a46f5cdd0a PSD layer count may be negative 2021-07-15 19:38:26 +10:00
Andrew Murray
917a598615 Handle removing orientation from alternate types of EXIF data 2021-07-06 10:37:28 +10:00
Meithal
919f38e3d9 Try test 2021-07-05 00:20:15 +02:00
mergify[bot]
28330c2f9d
Merge pull request #5561 from radarhere/crash
Moved CVE image to pillow-depends
2021-06-29 07:07:14 +00:00
Hugo van Kemenade
78f150cb42
Merge pull request #5405 from radarhere/fits
Read FITS image mode and size
2021-06-28 17:57:49 +03:00
Hugo van Kemenade
f3db65db09
Merge pull request #5347 from radarhere/edge 2021-06-28 17:17:17 +03:00
Andrew Murray
2976c4efdc Removed crash image 2021-06-28 23:27:52 +10:00
Glenn Maynard
432677740d Add a test for an image that works with other GIF decoders.
This test is fixed by the next commits.
2021-06-26 00:48:10 +10:00
Andrew Murray
5b4cb5052a Draw first frame on top of transparency 2021-06-25 21:54:21 +10:00
Hugo van Kemenade
ec74f3b1c0
Merge pull request #5367 from radarhere/quant 2021-06-20 21:57:05 +03:00
Hugo van Kemenade
101887360c
Merge pull request #5501 from radarhere/dds_bc5 2021-06-11 10:34:19 +03:00
Hugo van Kemenade
87dca4f477
Merge pull request #5493 from radarhere/png_load_end
Ensure PNG seeks to end of previous chunk at start of load_end
2021-06-06 10:35:04 +03:00
Hugo van Kemenade
1ac7bd9f87
Merge pull request #5473 from radarhere/tiff_seek
Do not allow TIFF to seek to a past frame
2021-06-05 18:49:34 +03:00
Andrew Murray
3b4db88202 Added BC5_SNORM reading when FourCC is DX10 2021-05-19 22:19:19 +10:00
Andrew Murray
f59ff6d55b Read BC5_TYPELESS as BC5_UNORM 2021-05-19 21:16:12 +10:00
Andrew Murray
2e7f40e0b8 Added BC5_SNORM reading 2021-05-18 17:44:21 +10:00
Andrew Murray
68ac6d151e Added BC5_UNORM reading 2021-05-17 18:57:23 +10:00
Hugo van Kemenade
a72ae6823c
Merge pull request #5476 from radarhere/dpi_rounding 2021-05-16 20:00:10 +03:00
Hugo van Kemenade
d53a664866
Merge pull request #5470 from radarhere/wmf_dpi_rounding
Removed WMF DPI rounding
2021-05-16 19:57:14 +03:00
Hugo van Kemenade
f02739715d
Merge pull request #5452 from radarhere/missing_samplesperpixel
Updated default value for SAMPLESPERPIXEL TIFF tag
2021-05-14 16:17:34 +03:00
Andrew Murray
bf97a92bc6 Ensure PNG seeks to end of previous chunk at start of load_end 2021-05-14 13:18:49 +10:00
Andrew Murray
9bbe53a01d
Merge pull request #5446 from radarhere/tiff_dpi_rounding
Removed TIFF DPI rounding
2021-05-10 08:34:05 +10:00
Andrew Murray
9ac888262a Do not allow TIFF to seek to a past frame 2021-05-08 00:25:47 +10:00
Andrew Murray
18e204df05 Removed DPI rounding from JPEG loading 2021-05-07 21:23:29 +10:00
Andrew Murray
0de3beaeaf Removed DPI rounding when BMP loading 2021-05-07 20:50:18 +10:00
Andrew Murray
b9c571a328 Removed WMF DPI rounding 2021-05-06 20:08:54 +10:00
Andrew Murray
6fc039a21c Updated default value for SAMPLESPERPIXEL tag 2021-05-04 16:50:12 +10:00
Andrew Murray
8bc19ac78c Do not alter pixels outside mask when drawing text on an image with transparency 2021-04-29 23:08:25 +10:00
Andrew Murray
537cd7a82e Removed TIFF DPI rounding 2021-04-29 22:47:44 +10:00
Hugo van Kemenade
6461dd63b3
Merge pull request #5429 from radarhere/ico
Use bpp from ICO header
2021-04-25 12:07:38 +03:00
Hugo van Kemenade
d3a3b6dddb
Merge pull request #5408 from radarhere/indexerror
Corrected JPEG APP14 transform value
2021-04-25 11:36:40 +03:00
Andrew Murray
900b849aa8 Use bpp from header 2021-04-22 21:18:21 +10:00
Andrew Murray
6967f3519f Test when "adobe_transform" is unable to be read 2021-04-20 20:53:50 +10:00
Hugo van Kemenade
bb5a34fcb0
Merge pull request #5391 from radarhere/gif_disposal
Treat previous contents of first GIF frame as transparent
2021-04-20 13:23:11 +03:00
Hugo van Kemenade
fc08a72600
Merge pull request #5400 from radarhere/mapdepth_16
Changed mode for TGA 16-bit palette to BGR;15
2021-04-18 13:00:29 +03:00
Hugo van Kemenade
50fdc151ea
Merge pull request #5396 from radarhere/mapdepth
TGA color map entry size is only 1 byte
2021-04-18 12:57:58 +03:00
Andrew Murray
1e074f5040
Merge pull request #4144 from jansol/master
Stop decoding BC1 punchthrough alpha in BC2&3
2021-04-15 20:24:52 +10:00
Andrew Murray
a47072bcbe Treat previous contents of first frame as transparent 2021-04-15 19:01:12 +10:00
Andrew Murray
4dde8109d7 Resolved FIXME by reading mandatory FITS header items 2021-04-14 22:48:27 +10:00
Andrew Murray
c5f886958a Merge branch 'master' into quant 2021-04-11 12:41:48 +10:00
Tsung-Po Sun
824d2fa4f3 Add test 2021-04-11 12:41:32 +10:00
Andrew Murray
fc64064387 Changed mode for 16-bit palette to BGR;15 2021-04-10 22:11:20 +10:00
Andrew Murray
04df6e3bf1 mapdepth is only 1 byte 2021-04-09 21:38:28 +10:00
Andrew Murray
3cb2413066 Use zero if background color index is missing 2021-04-08 08:04:20 +10:00
Hugo van Kemenade
75c111903c
Merge pull request #5382 from radarhere/rounded_rectangle
Round down the radius in rounded_rectangle
2021-04-07 19:31:19 +03:00
Andrew Murray
d06871d543 Set mode of three channel uncompressed RGB data to RGB 2021-04-05 17:58:02 +10:00
Andrew Murray
6f87faf0ee Reversed rawmode for uncompressed RGB data 2021-04-05 17:54:34 +10:00
Andrew Murray
92edc29439 Round down the radius in rounded_rectangle 2021-04-05 08:54:06 +10:00
Andrew Murray
6541bd7cb5 Added second attribute to avoid unstable nature of qsort 2021-04-02 04:07:18 +11:00
Eric Soroos
496245aa43 Fix BLP DOS -- CVE-2021-28678
* BlpImagePlugin did not properly check that reads after jumping to
  file offsets returned data. This could lead to a DOS where the
  decoder could be run a large number of times on empty data
* This dates to Pillow 5.1.0
2021-04-01 17:17:35 +03:00
Eric Soroos
22e9bee4ef Fix DOS in PSDImagePlugin -- CVE-2021-28675
* PSDImagePlugin did not sanity check the number of input layers and
  vs the size of the data block, this could lead to a DOS on
  Image.open prior to Image.load.
* This issue dates to the PIL fork
2021-04-01 17:17:31 +03:00
Eric Soroos
bb6c11fb88 Fix FLI DOS -- CVE-2021-28676
* FliDecode did not properly check that the block advance was
  non-zero, potentally leading to an infinite loop on load.
* This dates to the PIL Fork
* Found with oss-fuzz
2021-04-01 17:17:23 +03:00
Eric Soroos
5a5e6db0ab Fix EPS DOS on _open -- CVE-2021-28677
* The readline used in EPS has to deal with any combination of \r and
  \n as line endings. It used an accidentally quadratic method of
  accumulating lines while looking for a line ending.
* A malicious EPS file could use this to perform a DOS of Pillow in
  the open phase, before an image was accepted for opening.
* This dates to the PIL Fork
2021-04-01 17:17:18 +03:00
Eric Soroos
3bf5eddb89 Fix OOB Read in Jpeg2KDecode CVE-2021-25287,CVE-2021-25288
* For J2k images with multiple bands, it's legal in to have different
  widths for each band, e.g. 1 byte for L, 4 bytes for A
* This dates to Pillow 2.4.0
2021-04-01 17:17:13 +03:00
Hugo van Kemenade
6812205f18
Merge pull request #5144 from UrielMaD/feature_xmp 2021-04-01 12:44:47 +03:00
Eric Soroos
87934e22d0 Fix for crash-0da0 2021-03-31 23:24:30 +02:00
Eric Soroos
53c80281d7 fix for crash-8115 2021-03-31 22:23:57 +02:00
Eric Soroos
45530d5ce1 fixes crash-74d2 2021-03-31 22:23:57 +02:00
Hugo van Kemenade
c54a7bb031
Merge pull request #5333 from radarhere/gif_frame_transparency 2021-03-31 18:08:11 +03:00
Konstantin Kopachev
0018685a8e Add Tests and support for Planar Tiff Images 2021-03-28 15:03:37 +02:00
Andrew Murray
b216b367ac Only set info transparency on first frame 2021-03-17 00:24:57 +11:00
Andrew Murray
9ce3eba7eb Only draw each pixel once 2021-03-08 19:54:03 +11:00
Andrew Murray
f5d49f4f61 Added rounded_rectangle method 2021-03-08 19:53:59 +11:00
Ondrej Baranovič
14671f715f
Merge branch 'master' into sbix 2021-03-07 20:05:25 +01:00
Hugo van Kemenade
3a27118d76
Merge pull request #5183 from radarhere/rectangle
Only draw each rectangle outline pixel once
2021-03-07 12:25:45 +02:00
Hugo van Kemenade
f9b830f058
Merge pull request #5214 from radarhere/pcx
Handle PCX images with an odd stride
2021-03-07 11:41:14 +02:00
Hugo van Kemenade
95986f38da
Merge pull request #5168 from radarhere/mpo 2021-03-07 11:38:36 +02:00
Eric Soroos
480f6819b5 Fix Memory DOS in Icns, Ico and Blp Image Plugins
Some container plugins that could contain images of other formats,
such as the ICNS format, did not properly check the reported size of
the contained image. These images could cause arbitrariliy large
memory allocations.

This is fixed for all locations where individual *ImageFile classes
are created without going through the usual Image.open method.
2021-03-06 10:19:14 +11:00
Eric Soroos
cbdce6c5d0 Fix for CVE-2021-25291
* Invalid tile boundaries lead to OOB Read in TiffDecode.c, in TiffReadRGBATile
* Check the tile validity before attempting to read.
2021-03-01 19:04:48 +11:00
Eric Soroos
86f02f7c70 Fix negative size read in TiffDecode.c
* Caught by oss-fuzz runs
* CVE-2021-25290
2021-03-01 19:04:42 +11:00
Eric Soroos
4853e522bd Fix OOB read in SgiRleDecode.c
* From Pillow 4.3.0->8.1.0
* CVE-2021-25293
2021-03-01 19:04:19 +11:00
Eric Soroos
3fee28eb94 Incorrect error code checking in TiffDecode.c
* since Pillow 8.1.0
* CVE-2021-25289
2021-03-01 18:51:13 +11:00
nulano
61ee8ec03c document and add tests for SBIX color font support 2021-02-22 12:00:20 +11:00
Andrew Murray
c0ee869c2c Only draw each rectangle outline pixel once 2021-02-22 07:48:58 +11:00
Andrew Murray
ac31061f22 Handle PCX images with an odd stride 2021-01-21 19:29:11 +11:00
Jan Solanti
ddd3a2b482 Add tests for issue #4142 2021-01-04 22:47:18 +11:00
Andrew Murray
c8dd1c8422
Merge pull request #5175 from radarhere/tiff
Fix TIFF OOB Write error
2021-01-02 21:13:28 +11:00
Andrew Murray
0117694533
Merge pull request #5174 from radarhere/pcx
Fix for Read Overflow in PCX Decoding
2021-01-02 21:00:25 +11:00
Eric Soroos
2f409261eb Fix for CVE CVE-2020-35655 - Read Overflow in PCX Decoding.
* Don't trust the image to specify a buffer size
2021-01-02 20:38:46 +11:00
wiredfool
eb8c1206d6 Fix CVE-2020-35654 - OOB Write in TiffDecode.c
* In some circumstances with some versions of libtiff (4.1.0+), there
  could be a 4 byte out of bound write when decoding a YCbCr tiff.
* The Pillow code dates to 6.0.0
* Found and reported through Tidelift
2021-01-02 20:37:48 +11:00
Eric Soroos
7e95c63fa7 Fix for SGI Decode buffer overrun CVE-2020-35655
* Independently found by a contributor and sent to Tidelift, and by Google's OSS Fuzz.
2021-01-02 20:09:58 +11:00
Andrew Murray
db3b5108dc Changed MP Type to match #1631 image 2021-01-01 13:00:01 +11:00
Andrew Murray
6175389186 Only read different sizes for "Large Thumbnail" frames 2021-01-01 12:45:02 +11:00
Hugo van Kemenade
4093897673
Merge pull request #5126 from radarhere/apng_disposal
Use disposal settings from previous frame in APNG
2020-12-31 16:06:33 +02:00
UrielMaD
7968279c13 XMP feature added 2020-12-27 22:24:38 -06:00
Andrew Murray
5e4e0fa6ee Use disposal settings from previous frame 2020-12-24 09:55:22 +11:00