Commit Graph

418 Commits

Author SHA1 Message Date
Hugo van Kemenade
694c84f88f
Fix typo [ci skip]
Co-authored-by: Andrew Murray <3112309+radarhere@users.noreply.github.com>
2021-04-01 20:00:13 +03:00
Hugo van Kemenade
8febdad8dd Review, typos and lint 2021-04-01 17:41:46 +03:00
Eric Soroos
bb6c11fb88 Fix FLI DOS -- CVE-2021-28676
* FliDecode did not properly check that the block advance was
  non-zero, potentally leading to an infinite loop on load.
* This dates to the PIL Fork
* Found with oss-fuzz
2021-04-01 17:17:23 +03:00
Eric Soroos
3bf5eddb89 Fix OOB Read in Jpeg2KDecode CVE-2021-25287,CVE-2021-25288
* For J2k images with multiple bands, it's legal in to have different
  widths for each band, e.g. 1 byte for L, 4 bytes for A
* This dates to Pillow 2.4.0
2021-04-01 17:17:13 +03:00
Eric Soroos
87934e22d0 Fix for crash-0da0 2021-03-31 23:24:30 +02:00
Eric Soroos
45530d5ce1 fixes crash-74d2 2021-03-31 22:23:57 +02:00
wiredfool
4044ecc1fb
Merge pull request #5366 from kkopachev/kk-remove-extra-check
Remove redundant check (addition to #5364)
2021-03-31 20:54:07 +01:00
Hugo van Kemenade
c54a7bb031
Merge pull request #5333 from radarhere/gif_frame_transparency 2021-03-31 18:08:11 +03:00
Hugo van Kemenade
54e9f3bd0f
Merge pull request #5291 from raygard/giflzw 2021-03-31 17:58:44 +03:00
Hugo van Kemenade
727533148e
Merge pull request #5282 from radarhere/quantize
Set all transparent colors to be equal in quantize()
2021-03-31 17:58:21 +03:00
Hugo van Kemenade
06dfbb8e3e
Merge branch 'master' into giflzw 2021-03-31 16:45:02 +03:00
Hugo van Kemenade
d3ad66d851
Merge pull request #5332 from radarhere/typo
Corrected grammar
2021-03-31 09:40:41 +03:00
Ray Gardner
306d030fce Add comment to reference GIF LZW specification. 2021-03-30 17:35:21 -06:00
Konstantin Kopachev
19a815dd73
Remove redundant check
It's duplicated inside following call of TIFFReadTile
2021-03-29 11:27:50 -07:00
wiredfool
9a683db339
Merge pull request #5274 from radarhere/gradient
Fixed linear_gradient and radial_gradient I and F modes
2021-03-28 14:35:22 +01:00
Konstantin Kopachev
52ecf1b142 Stop guessing strip size and pass expected size 2021-03-28 15:03:37 +02:00
Konstantin Kopachev
ab24c98491 Add sanity check for memory overruns 2021-03-28 15:03:37 +02:00
Konstantin Kopachev
1c295bf43c Check for dimensions and sizes to fit into int 2021-03-28 15:03:37 +02:00
Konstantin Kopachev
e438046201 Refactor into smaller functions 2021-03-28 15:03:37 +02:00
Konstantin Kopachev
4dd288c66c unify reading of YCbCr Tiffs 2021-03-28 15:03:37 +02:00
Konstantin Kopachev
4c2dfadf26 Swap pixel values on Big Endian 2021-03-28 15:03:37 +02:00
Konstantin Kopachev
169bb4842f only use TIFFReadRGBA* in case of o_jpeg compression 2021-03-28 15:03:37 +02:00
Eric Soroos
f2020eeab4 UINT8 -> int for plane 2021-03-28 15:03:37 +02:00
Eric Soroos
b1d3f0d5c2 not 2021-03-28 15:03:37 +02:00
Eric Soroos
c9ea87ecfd Use flag instead of recalculating 2021-03-28 15:03:37 +02:00
Eric Soroos
fda638befe Planes should be int, not uint 2021-03-28 15:03:37 +02:00
nulano
daf7b6546e remove double pointer 2021-03-28 15:03:37 +02:00
nulano
a921c01102 correct TIFFTAG_PLANARCONFIG size 2021-03-28 15:03:37 +02:00
Eric Soroos
77a1a9aba3 initialize the unpackers 2021-03-28 15:03:37 +02:00
Eric Soroos
64500434c2 Implementation for PlanarConfiguration=2 Tiffs, manually merged from f566c8a 2021-03-28 15:03:37 +02:00
Konstantin Kopachev
0018685a8e Add Tests and support for Planar Tiff Images 2021-03-28 15:03:37 +02:00
wiredfool
3addd7df4e
Merge pull request #5062 from nulano/fribidi-link
Dynamically link FriBiDi instead of Raqm
2021-03-27 16:29:04 +00:00
Andrew Murray
a4a38b805b Removed return value of build_distance_tables 2021-03-27 14:47:11 +11:00
Ray Gardner
5390786c65 Add braces to if -- conform with Pillow style. 2021-03-25 17:22:11 -06:00
Ray Gardner
0acf3514a1 Modify GifEncode.c and Gif.h to use LZW encoding 2021-03-25 17:22:10 -06:00
Glenn Maynard
a4a314f765 GIF: Support transparency in the native decoder.
Allow the transparency index to be passed to the native decoder.  If not
-1, pixels with this index will be left at their previous value.

This only adds the decoder support and isn't active yet.
2021-03-16 23:17:12 +11:00
Andrew Murray
d7cbc9a27e Corrected grammar 2021-03-16 22:19:48 +11:00
Andrew Murray
f91f93e246
Merge pull request #5305 from lukegb/bug/format-strings
Fix -Wformat error in TiffDecode
2021-03-11 22:34:17 +11:00
Andrew Murray
68b655f3f0
Updated format specifiers 2021-03-10 20:43:16 +11:00
Hugo van Kemenade
3a27118d76
Merge pull request #5183 from radarhere/rectangle
Only draw each rectangle outline pixel once
2021-03-07 12:25:45 +02:00
Luke Granger-Brown
852fd170f8 Fix -Wformat error in TiffDecode
src/libImaging/TiffDecode.c: In function ‘_tiffReadProc’:
src/libImaging/TiffDecode.c:59:58: error: format ‘%d’ expects argument of type ‘int’, but argument 3 has type ‘toff_t’ {aka ‘long unsigned int’} [-Werror=format=]
src/libImaging/TiffDecode.c:59:67: error: format ‘%d’ expects argument of type ‘int’, but argument 4 has type ‘toff_t’ {aka ‘long unsigned int’} [-Werror=format=]
2021-03-03 13:30:28 +00:00
wiredfool
c477bed95f
Merge pull request #5280 from cgohlke/patch-1
Fix suspicious sequence of types castings
2021-03-01 20:19:26 +00:00
Eric Soroos
cbdce6c5d0 Fix for CVE-2021-25291
* Invalid tile boundaries lead to OOB Read in TiffDecode.c, in TiffReadRGBATile
* Check the tile validity before attempting to read.
2021-03-01 19:04:48 +11:00
Eric Soroos
86f02f7c70 Fix negative size read in TiffDecode.c
* Caught by oss-fuzz runs
* CVE-2021-25290
2021-03-01 19:04:42 +11:00
Eric Soroos
4853e522bd Fix OOB read in SgiRleDecode.c
* From Pillow 4.3.0->8.1.0
* CVE-2021-25293
2021-03-01 19:04:19 +11:00
Eric Soroos
3fee28eb94 Incorrect error code checking in TiffDecode.c
* since Pillow 8.1.0
* CVE-2021-25289
2021-03-01 18:51:13 +11:00
Andrew Murray
114145a61a Set all transparent colors to be equal 2021-02-25 22:49:11 +11:00
Christoph Gohlke
71f48e19b9
Use unsigned size_t 2021-02-24 08:15:25 -08:00
Christoph Gohlke
48ac517c8d
Fix suspicious sequence of types castings 2021-02-24 07:02:42 -08:00
Andrew Murray
297789284b Fixed linear_gradient and radial_gradient 32-bit modes 2021-02-22 19:32:52 +11:00
Andrew Murray
c0ee869c2c Only draw each rectangle outline pixel once 2021-02-22 07:48:58 +11:00
Andrew Murray
c8ca4b909a Added braces 2021-02-13 11:32:52 +11:00
nulano
8bc1ff35b4 use FriBiDi shim in Raqm 2021-01-05 00:03:52 +11:00
Andrew Murray
2341c6b933
Merge branch 'master' into jp2-decode-subsample 2021-01-04 23:25:09 +11:00
Jan Solanti
b08c514ee7 BcnDecode: add comment about BC2&3 color blocks 2021-01-04 22:48:02 +11:00
Jan Solanti
097f7d0f56 Stop decoding BC1 punchthrough alpha in BC2&3 2021-01-04 22:47:18 +11:00
Andrew Murray
46b7e86bab Format with ClangFormat 2021-01-03 14:17:51 +11:00
Andrew Murray
c8dd1c8422
Merge pull request #5175 from radarhere/tiff
Fix TIFF OOB Write error
2021-01-02 21:13:28 +11:00
wiredfool
45a62e91b1 Rework ReadTile
* Don't malloc for the swap line, just shuffle backwards
* Ensure that im->pixelsize is sanity checked
* Ensure that we're using the right size for the buffer from TiffReadRGBATile
2021-01-02 20:37:48 +11:00
wiredfool
eb8c1206d6 Fix CVE-2020-35654 - OOB Write in TiffDecode.c
* In some circumstances with some versions of libtiff (4.1.0+), there
  could be a 4 byte out of bound write when decoding a YCbCr tiff.
* The Pillow code dates to 6.0.0
* Found and reported through Tidelift
2021-01-02 20:37:48 +11:00
Eric Soroos
9a2c9f722f Make the SGI code return -1 as an error flag, error in state 2021-01-02 20:10:02 +11:00
Eric Soroos
7e95c63fa7 Fix for SGI Decode buffer overrun CVE-2020-35655
* Independently found by a contributor and sent to Tidelift, and by Google's OSS Fuzz.
2021-01-02 20:09:58 +11:00
Hugo van Kemenade
07bbc46589
Merge pull request #5149 from wiredfool/gif_write_oob_read 2021-01-02 10:14:17 +02:00
Eric Soroos
250e42f7f8 Bad Rebase 2020-12-30 11:07:58 +01:00
Andrew Murray
6b21a96578 Changed readcount so that _TIFFSetGetType can identify the type 2020-12-30 11:57:05 +11:00
Eric Soroos
a39d7c4fcf Fix OOB Read in tif_dirinfo.c
==3330==    at 0xBD4110C: _TIFFSetupFields (tif_dirinfo.c:327)

Passing in a stack allocated array is going to fail, as a reference
is retained to the name and used later when flushing the Tiff to
the file.
2020-12-28 15:00:48 +01:00
Eric Soroos
d96945b7c8 Fix Out of bounds read when saving GIF of xsize=1 2020-12-27 16:01:26 +01:00
Andrew Murray
cf530b8d9c
Merge pull request #5111 from cgohlke/patch-3
Fix dereferencing of potential null pointers
2020-12-27 12:21:09 +11:00
Andrew Murray
51b8137924
Changed style for consistency 2020-12-26 21:49:40 +11:00
Andrew Murray
8eaf9e7cb7 Fixed warning assigning to "unsigned char *" from "char *" 2020-12-24 10:47:06 +11:00
Andrew Murray
36dc83e3ac Fixed comparison between unsigned int and int 2020-12-22 16:07:32 +11:00
Andrew Murray
26e5929617 Fixed comparison between int and unsigned long 2020-12-22 16:06:44 +11:00
Christoph Gohlke
fd14616dbb
Return ImagingError_MemoryError 2020-12-19 19:37:05 -08:00
Christoph Gohlke
15dd7aef9f
Return ImagingError_MemoryError 2020-12-19 19:35:21 -08:00
Christoph Gohlke
fd4b0609ef
Fix dereferencing of potential null pointers 2020-12-19 15:58:25 -08:00
nulano
4f4c3b34f8 jpeg2000: add subsampling decoder support 2020-10-20 07:16:24 +01:00
Hugo van Kemenade
1cb3e2f742
Merge pull request #4918 from gofr/4825-jpeg-16-bit-qt 2020-10-14 17:58:12 +03:00
Hugo van Kemenade
e58baa0c09
Merge pull request #4756 from nulano/warn-tiff
Fix TiffDecode comparison warnings
2020-10-14 17:33:05 +03:00
Hugo van Kemenade
15c339470d
Merge pull request #4523 from xtsm/ellipse
Implemented another ellipse drawing algorithm
2020-10-11 18:04:34 +03:00
gofr
b212a1eb8f Keep baseline compatibility when specifying quality
16-bit quantization tables can appear at quality values below
about 25. These may cause compatibility problems. Maintain
baseline compatibility and avoid confusing users with warning
messages.
2020-10-10 16:23:58 +02:00
gofr
6db0843af4 Add support for 16-bit precision JPEG quantization values
Don't force JPEG quantization to be baseline-compatible

Quantization values will not be limited to values 1..255 and may
be 16 bits if needed. This may cause compatibility issues.
2020-10-10 14:35:09 +02:00
Hugo van Kemenade
c841501c34
Merge pull request #4752 from radarhere/warnings
Fixed comparison warnings
2020-10-05 23:49:54 +03:00
Stanislau T
17d83d6a7c
Fix comment grammar
Co-authored-by: Hugo van Kemenade <hugovk@users.noreply.github.com>
2020-09-11 19:51:57 +03:00
Hugo van Kemenade
68da661db9 Small optimisation: move distance==0 comparison to outer loop, to check once per call instead of once per pixel 2020-09-09 10:08:46 +03:00
Andrew Murray
c83ffc6aea Fixed effect_spread bug for zero distance 2020-09-08 18:51:58 +10:00
Hugo van Kemenade
63d8a600cb
Merge pull request #4890 from nulano/mingw-setup 2020-09-03 21:11:39 +03:00
Andrew Murray
799b25d9f1 Renamed zip header file 2020-08-31 22:44:51 +10:00
nulano
3cabcf242f fix libtiff in MSYS2 2020-08-30 04:31:46 +02:00
Andrew Murray
ffe566f0c3 Fixed comparison warnings 2020-08-15 13:22:58 +10:00
Peter Petrik
ef88be6548 fix build on macos and clang when zip.h is present on system from zlib library 2020-07-23 15:59:18 +02:00
Hugo van Kemenade
88b7b9c1f5 Remove unused externs from Imaging.h 2020-07-07 20:46:10 +03:00
nulano
21533e4deb tiff comparison warnings 2020-07-02 16:14:07 +02:00
Stanislau Tsitsianok
88651c334f
Try to fix CI 2020-06-29 23:58:58 +03:00
Stanislau Tsitsianok
7dedb1402f
Merge remote-tracking branch 'upstream/master' into ellipse 2020-06-29 23:31:25 +03:00
Stanislau Tsitsianok
5830a641cc
Added more tests 2020-06-29 23:31:04 +03:00
Stanislau Tsitsianok
9a9d3a050a
Fixed tests 2020-06-29 22:49:11 +03:00
Stanislau Tsitsianok
96f69eb287
Replaced drawing algorithm for arcs, chords and pies 2020-06-29 17:21:53 +03:00
Andrew Murray
c1fe0b4e0c Use hypot function 2020-06-23 19:17:00 +10:00
nulano
6c1ff252d6 check run-time version numbers where available, add docs 2020-06-21 18:58:39 +10:00
Hugo van Kemenade
dbadd2d39e
Merge pull request #4653 from radarhere/clip
Corrected undefined behaviour
2020-06-20 15:57:30 +03:00
Hugo van Kemenade
bcb8cbbf22
Merge pull request #4639 from radarhere/jfif
Write JFIF header when saving JPEG
2020-06-20 15:54:11 +03:00
Hugo van Kemenade
b9a087d482
Merge pull request #4566 from radarhere/text
Consider transparency when pasting text on an RGBA image
2020-06-20 15:02:59 +03:00
Hugo van Kemenade
8e63260d44
Merge pull request #4551 from radarhere/warnings
Fixed comparison warnings
2020-06-20 14:10:16 +03:00
Stanislau Tsitsianok
27109c9011
Merge remote-tracking branch 'upstream/master' into ellipse 2020-06-16 20:20:44 +03:00
Stanislau Tsitsianok
70aea26781
Added core clipping tools for ellipses 2020-06-16 20:20:29 +03:00
Andrew Murray
eeb9e719e3 Fixed drawing a 1px high polygon 2020-06-07 12:07:13 +10:00
Hugo van Kemenade
9f4c5810ec
Merge pull request #4619 from radarhere/unused 2020-05-31 23:20:06 +03:00
Andrew Murray
9067e68e64 Corrected undefined behaviour 2020-05-27 22:43:06 +10:00
Hugo van Kemenade
c71ede3649
Merge pull request #4617 from radarhere/return 2020-05-25 17:03:48 +03:00
Andrew Murray
660894cd36 Write JFIF header when saving JPEG 2020-05-24 23:58:30 +10:00
Andrew Murray
720f79a629 Removed unused argument from CHOP 2020-05-14 18:16:54 +10:00
Andrew Murray
228301373f Fixed comparison warnings 2020-05-14 06:57:15 +10:00
Andrew Murray
3a75e843f4 Added braces 2020-05-11 07:46:12 +10:00
Andrew Murray
9f2773b3f7
Added braces
Co-authored-by: Hugo van Kemenade <hugovk@users.noreply.github.com>
2020-05-11 07:19:52 +10:00
Andrew Murray
c1d9931adc Added braces 2020-05-10 19:56:36 +10:00
Andrew Murray
9d701a0026 Removed duplicate return statements 2020-05-10 19:55:33 +10:00
Andrew Murray
ae43af61da Replaced tabs with spaces 2020-05-01 22:08:57 +10:00
Andrew Murray
9390e5636a Also consider other alpha modes 2020-04-20 18:53:37 +10:00
Andrew Murray
e10cab42f1 Consider transparency when drawing text on an RGBA image 2020-04-19 20:56:17 +10:00
Hugo
dda6145fce Since Python 3.3 IOError and WindowsError have been merged into OSError 2020-04-10 12:57:29 +03:00
Stanislau T
68f87e14ca Fix grammar
Co-Authored-By: Andrew Murray <3112309+radarhere@users.noreply.github.com>
2020-04-06 22:01:42 +10:00
Stanislau Tsitsianok
8aa2386c77 added stdint.h for MSVC builds 2020-04-06 22:01:42 +10:00
Stanislau Tsitsianok
a491ed6889 fixed failing tests 2020-04-06 22:01:42 +10:00
Stanislau Tsitsianok
e5ac436a51 implemented another ellipse drawing algorithm 2020-04-06 22:01:42 +10:00
Hugo van Kemenade
46f4a349b8
Merge pull request #4507 from hugovk/fix_tiff
Fix 2 buffer overflows in TIFF decoding
2020-04-01 12:51:04 +03:00
Hugo van Kemenade
ff60894d69
Merge pull request #4505 from hugovk/jpeg2k_overflow
Fix bounds overflow in JPEG 2000 decoding
2020-04-01 12:27:27 +03:00
Hugo van Kemenade
2ef59fdbae
Merge pull request #4504 from hugovk/sgi_fixes
Fix buffer overflow in SGI-RLE decoding
2020-04-01 12:27:14 +03:00
Hugo van Kemenade
0da1eca7cf
Merge pull request #4503 from hugovk/fix_fli_6.2.x
Fix multiple OOB reads in FLI decoding
2020-04-01 12:27:04 +03:00
Hugo van Kemenade
c00fdc7e30 Fix typos
Co-Authored-By: Andrew Murray <3112309+radarhere@users.noreply.github.com>
2020-04-01 11:02:44 +03:00
Eric Soroos
b8d4ce1a59 Avoid uninitialized read 2020-04-01 11:02:36 +03:00
Eric Soroos
6b842f4ec0 Ensure that Tiff's concept of Strip and Tilesize matches Pillow's 2020-04-01 11:02:33 +03:00
Eric Soroos
6a83e43247 Fix OOB Access on PcxDecode.c 2020-04-01 10:50:51 +03:00
Hugo van Kemenade
c5e9de15b1 Fix typo 2020-04-01 10:34:24 +03:00
Eric Soroos
cf6da6b790 Fix for OOB Read in DecodeJpeg2k 2020-04-01 10:33:41 +03:00
Eric Soroos
394d6a180a Track number of pixels, not the number of runs 2020-04-01 10:12:17 +03:00
Eric Soroos
5b490fc413 additional FLI check 2020-04-01 09:53:14 +03:00
Eric Soroos
088ce4df98 comments 2020-04-01 09:53:08 +03:00
Eric Soroos
8d4f3c0c5f Fix OOB Read in FLI Copy Chunk 2020-04-01 09:52:59 +03:00
Eric Soroos
c5edc361fd Fix OOB Advance Values 2020-04-01 09:52:55 +03:00
Eric Soroos
c88b0204d7 Fix OOB in LC packet 2020-04-01 09:52:51 +03:00
Eric Soroos
b4e439d6d7 Fix OOB Reads in SS2 Chunk 2020-04-01 09:52:47 +03:00
Eric Soroos
f6926a041b Refactor to macro 2020-04-01 09:52:44 +03:00
Eric Soroos
c66d8aa754 Fli issue 1 2020-04-01 09:52:40 +03:00
Hugo van Kemenade
c6115c1ceb
Merge pull request #4230 from dwastberg/new_chops
Added three new channel operations
2020-03-31 10:24:44 +03:00
Hugo van Kemenade
332e3923cb
Merge pull request #4457 from radarhere/endian
Fixed endian handling for I;16 getextrema
2020-03-25 23:32:37 +02:00
Andrew Murray
42a0653097 Fixed endian handling for I;16 getextrema 2020-02-29 20:29:28 +11:00
Andrew Murray
b934b50867 If an alpha channel is present, only use that to get bounding box 2020-02-28 22:33:02 +11:00
Andrew Murray
a8c0794107 Allow saving of zero quality JPEG images 2020-02-21 22:05:44 +11:00
dwastberg
7d5ab9f1d4 Remove old code 2020-02-19 19:37:34 +11:00
Dag Wästberg
705140cc2c add hardlight and softlight chops 2020-02-19 19:30:59 +11:00