Commit Graph

141 Commits

Author SHA1 Message Date
Eric Soroos
2f409261eb Fix for CVE CVE-2020-35655 - Read Overflow in PCX Decoding.
* Don't trust the image to specify a buffer size
2021-01-02 20:38:46 +11:00
Hugo van Kemenade
309cb9e5c4
Merge pull request #4927 from radarhere/tuple 2020-10-12 14:40:22 +03:00
Andrew Murray
7a1f0f6a8f Fixed bug in Exif __delitem__ 2020-10-05 09:45:05 +11:00
Andrew Murray
27c0747518 Allow tuples with one item to give single color value in getink 2020-09-20 14:23:05 +10:00
Andrew Murray
c83ffc6aea Fixed effect_spread bug for zero distance 2020-09-08 18:51:58 +10:00
nulano
a340dc5fd3 Merge remote-tracking branch 'upstream/master' into formats 2020-09-04 21:07:34 +02:00
Andrew Murray
298b7d0333 Update pre-commit 2020-08-31 18:50:15 +10:00
Hugo van Kemenade
dd87dd50c0 Update to isort 5 with Black profile support 2020-08-08 22:39:29 +03:00
nulano
2b061b68db add formats parameter to Image.open to restrict list of formats attempting to read an image file 2020-08-03 00:24:02 +02:00
Hugo van Kemenade
40aefc6ba5 Remove im.offset, deprecated in 2001; and fromstring and tostring, deprecated in 2013 2020-07-17 10:55:20 +03:00
Andrew Murray
9432bba6d1 Moved tests 2020-07-02 20:28:00 +10:00
Andrew Murray
ee06255ff0 Deprecated _showxv 2020-06-23 22:20:58 +10:00
nulano
66954ad176 deprecate Image.show(command="...") 2020-05-25 18:57:02 +02:00
Hugo
dda6145fce Since Python 3.3 IOError and WindowsError have been merged into OSError 2020-04-10 12:57:29 +03:00
Hugo
ada137eba5 Fix Flake8 2020-04-01 10:52:21 +03:00
Eric Soroos
124f4bb591 Tests for PCX OOB Access 2020-04-01 10:50:48 +03:00
Andrew Murray
750bbc7256 Parametrized test 2020-03-31 17:41:52 +11:00
Andrew Murray
7597a9fbfd Raise warning for more operations 2020-03-31 17:41:47 +11:00
Andrew Murray
027d180eda Raise a DeprecationWarning when comparing PILLOW_VERSION 2020-03-30 21:53:02 +11:00
Hugo
44e661f25a Convert to use pytest 2020-02-22 23:03:01 +02:00
Andrew Murray
8482919a37 Converted most assert statements to pytest 2020-02-23 00:06:21 +11:00
Jon Dufresne
98a2081a78 Move safe imports to the top of test files
These modules are safe to import and this better follows PEP 8.

From https://www.python.org/dev/peps/pep-0008/#imports

> Imports are always put at the top of the file, just after any module
> comments and docstrings, and before module globals and constants.
2020-02-17 10:49:27 -08:00
Hugo
38bf862185 Replace PillowTestCase.assert_warning with pytest.warns 2020-02-03 11:11:32 +02:00
Hugo
a4bf9fa036 Convert most PillowTestCase methods to pytest 2020-02-02 12:26:01 +02:00
Andrew Murray
be44f0d992 Catch SGI buffer overruns 2020-01-02 15:24:36 +11:00
Andrew Murray
8f0c8f7311 Catch PCX P mode buffer overrun 2020-01-02 15:24:16 +11:00
Andrew Murray
c40bc25847 Catch FLI buffer overrun 2020-01-02 15:23:36 +11:00
Andrew Murray
fedb0407b4 Raise ValueError for io.StringIO in Image.open 2019-12-26 18:53:06 +11:00
Andrew Murray
c0048ad7de Use context managers 2019-11-26 07:03:23 +11:00
Jon Dufresne
33dabf986f Import unittest from stdlib rather than helper.py
The unittest in helper.py has not offered an interesting abstraction
since dbe9f85c7d so import from the more
typical stdlib location.
2019-11-20 18:42:52 -08:00
Hugo van Kemenade
a949d7882e
Merge branch 'master' into rm-2.7 2019-11-20 10:26:55 +02:00
Andrew Murray
40f891dfd7 Added UnidentifiedImageError 2019-11-19 21:20:02 +11:00
Hugo
cc63f66575 Merge remote-tracking branch 'upstream/master' into rm-2.7 2019-11-01 13:22:56 +02:00
Jon Dufresne
4cd4adddc3 Improve handling of file resources
Follow Python's file object semantics. User code is responsible for
closing resources (usually through a context manager) in a deterministic
way.

To achieve this, remove __del__ functions. These functions used to
closed open file handlers in an attempt to silence Python
ResourceWarnings. However, using __del__ has the following drawbacks:

- __del__ isn't called until the object's reference count reaches 0.
  Therefore, resource handlers remain open or in use longer than
  necessary.

- The __del__ method isn't guaranteed to execute on system exit. See the
  Python documentation:

  https://docs.python.org/3/reference/datamodel.html#object.__del__

  > It is not guaranteed that __del__() methods are called for objects
  > that still exist when the interpreter exits.

- Exceptions that occur inside __del__ are ignored instead of raised.
  This has the potential of hiding bugs. This is also in the Python
  documentation:

  > Warning: Due to the precarious circumstances under which __del__()
  > methods are invoked, exceptions that occur during their execution
  > are ignored, and a warning is printed to sys.stderr instead.

Instead, always close resource handlers when they are no longer in use.
This will close the file handler at a specified point in the user's code
and not wait until the interpreter chooses to. It is always guaranteed
to run. And, if an exception occurs while closing the file handler, the
bug will not be ignored.

Now, when code receives a ResourceWarning, it will highlight an area
that is mishandling resources. It should not simply be silenced, but
fixed by closing resources with a context manager.

All warnings that were emitted during tests have been cleaned up. To
enable warnings, I passed the `-Wa` CLI option to Python. This exposed
some mishandling of resources in ImageFile.__init__() and
SpiderImagePlugin.loadImageSeries(), they too were fixed.
2019-10-12 08:27:17 -07:00
Andrew Murray
4140cd807b
Merge branch 'master' into rm-2.7 2019-10-12 18:03:58 +11:00
nulano
a0a5601689
Merge branch 'master' into gha-win 2019-10-08 12:56:43 +01:00
Andrew Murray
6cd99fc3cf
Merge branch 'master' into rm-2.7 2019-10-08 18:57:27 +11:00
Jon Dufresne
64032061c0 Move several imports to the top-level of the file
This better follows PEP 8 style guide:

https://www.python.org/dev/peps/pep-0008/#imports

> Imports are always put at the top of the file, just after any module
> comments and docstrings, and before module globals and constants.

This also avoids duplicate import code within the same file.
2019-10-07 06:28:36 -07:00
Hugo
538d9e2e5d Upgrade Python syntax with pyupgrade --py3-plus 2019-10-07 14:30:59 +03:00
Hugo
af770a6c55 Drop support for EOL Python 2.7 2019-10-07 14:30:59 +03:00
Andrew Murray
ab52630d06 Catch buffer overruns 2019-09-30 18:45:43 +10:00
nulano
cf1f8b0498 Tests.helper cleanup 2019-09-25 11:58:02 +02:00
Jon Dufresne
d50445ff30 Introduce isort to automate import ordering and formatting
Similar to the recent adoption of Black. isort is a Python utility to
sort imports alphabetically and automatically separate into sections. By
using isort, contributors can quickly and automatically conform to the
projects style without thinking. Just let the tool do it.

Uses the configuration recommended by the Black to avoid conflicts of
style.

Rewrite TestImageQt.test_deprecated to no rely on import order.
2019-07-06 16:11:35 -07:00
Hugo
77f946d8bc Format with Black 2019-06-13 18:54:24 +03:00
Andrew Murray
691df96734 Fixed opening mmap image through Path on Windows 2019-05-04 15:00:49 +10:00
Hugo
a93bcdfe0c
Merge pull request #3724 from radarhere/readonly_save
Ensure image is mutable before saving
2019-03-28 11:53:33 +02:00
Hugo
adbe97594e
Merge pull request #3719 from radarhere/p_rgb_rgba
Allow RGB and RGBA values for new P images
2019-03-27 18:03:23 +02:00
Andrew Murray
0b62337b6f Ensure image is mutable before saving 2019-03-17 23:37:40 +11:00
Andrew Murray
6790c2e375 Allow RGB and RGBA values for new P images 2019-03-15 17:35:05 +11:00
Andrew Murray
22b0110f89 Only close original fp in __del__ and __exit__ if original fp is exclusive 2019-03-12 08:54:43 +11:00