Eric Soroos
53c80281d7
fix for crash-8115
2021-03-31 22:23:57 +02:00
Eric Soroos
45530d5ce1
fixes crash-74d2
2021-03-31 22:23:57 +02:00
Hugo van Kemenade
c54a7bb031
Merge pull request #5333 from radarhere/gif_frame_transparency
2021-03-31 18:08:11 +03:00
Konstantin Kopachev
0018685a8e
Add Tests and support for Planar Tiff Images
2021-03-28 15:03:37 +02:00
Andrew Murray
b216b367ac
Only set info transparency on first frame
2021-03-17 00:24:57 +11:00
Andrew Murray
9ce3eba7eb
Only draw each pixel once
2021-03-08 19:54:03 +11:00
Andrew Murray
f5d49f4f61
Added rounded_rectangle method
2021-03-08 19:53:59 +11:00
Ondrej Baranovič
14671f715f
Merge branch 'master' into sbix
2021-03-07 20:05:25 +01:00
Hugo van Kemenade
3a27118d76
Merge pull request #5183 from radarhere/rectangle
...
Only draw each rectangle outline pixel once
2021-03-07 12:25:45 +02:00
Hugo van Kemenade
f9b830f058
Merge pull request #5214 from radarhere/pcx
...
Handle PCX images with an odd stride
2021-03-07 11:41:14 +02:00
Hugo van Kemenade
95986f38da
Merge pull request #5168 from radarhere/mpo
2021-03-07 11:38:36 +02:00
Eric Soroos
480f6819b5
Fix Memory DOS in Icns, Ico and Blp Image Plugins
...
Some container plugins that could contain images of other formats,
such as the ICNS format, did not properly check the reported size of
the contained image. These images could cause arbitrariliy large
memory allocations.
This is fixed for all locations where individual *ImageFile classes
are created without going through the usual Image.open method.
2021-03-06 10:19:14 +11:00
Eric Soroos
cbdce6c5d0
Fix for CVE-2021-25291
...
* Invalid tile boundaries lead to OOB Read in TiffDecode.c, in TiffReadRGBATile
* Check the tile validity before attempting to read.
2021-03-01 19:04:48 +11:00
Eric Soroos
86f02f7c70
Fix negative size read in TiffDecode.c
...
* Caught by oss-fuzz runs
* CVE-2021-25290
2021-03-01 19:04:42 +11:00
Eric Soroos
4853e522bd
Fix OOB read in SgiRleDecode.c
...
* From Pillow 4.3.0->8.1.0
* CVE-2021-25293
2021-03-01 19:04:19 +11:00
Eric Soroos
3fee28eb94
Incorrect error code checking in TiffDecode.c
...
* since Pillow 8.1.0
* CVE-2021-25289
2021-03-01 18:51:13 +11:00
nulano
61ee8ec03c
document and add tests for SBIX color font support
2021-02-22 12:00:20 +11:00
Andrew Murray
c0ee869c2c
Only draw each rectangle outline pixel once
2021-02-22 07:48:58 +11:00
Andrew Murray
ac31061f22
Handle PCX images with an odd stride
2021-01-21 19:29:11 +11:00
Andrew Murray
c8dd1c8422
Merge pull request #5175 from radarhere/tiff
...
Fix TIFF OOB Write error
2021-01-02 21:13:28 +11:00
Andrew Murray
0117694533
Merge pull request #5174 from radarhere/pcx
...
Fix for Read Overflow in PCX Decoding
2021-01-02 21:00:25 +11:00
Eric Soroos
2f409261eb
Fix for CVE CVE-2020-35655 - Read Overflow in PCX Decoding.
...
* Don't trust the image to specify a buffer size
2021-01-02 20:38:46 +11:00
wiredfool
eb8c1206d6
Fix CVE-2020-35654 - OOB Write in TiffDecode.c
...
* In some circumstances with some versions of libtiff (4.1.0+), there
could be a 4 byte out of bound write when decoding a YCbCr tiff.
* The Pillow code dates to 6.0.0
* Found and reported through Tidelift
2021-01-02 20:37:48 +11:00
Eric Soroos
7e95c63fa7
Fix for SGI Decode buffer overrun CVE-2020-35655
...
* Independently found by a contributor and sent to Tidelift, and by Google's OSS Fuzz.
2021-01-02 20:09:58 +11:00
Andrew Murray
db3b5108dc
Changed MP Type to match #1631 image
2021-01-01 13:00:01 +11:00
Andrew Murray
6175389186
Only read different sizes for "Large Thumbnail" frames
2021-01-01 12:45:02 +11:00
Hugo van Kemenade
4093897673
Merge pull request #5126 from radarhere/apng_disposal
...
Use disposal settings from previous frame in APNG
2020-12-31 16:06:33 +02:00
Andrew Murray
5e4e0fa6ee
Use disposal settings from previous frame
2020-12-24 09:55:22 +11:00
Andrew Murray
9940c84b08
Use previous disposal method in load_end
2020-12-23 13:22:53 +11:00
Andrew Murray
f886bc973b
Moved string_dimension image to pillow-depends
2020-10-19 21:32:56 +11:00
Hugo van Kemenade
b074d87179
Merge pull request #4760 from qiankanglai/dds-rgba8888
...
Support raw rgba8888 for dds
2020-10-15 08:10:01 +03:00
Hugo van Kemenade
1cb3e2f742
Merge pull request #4918 from gofr/4825-jpeg-16-bit-qt
2020-10-14 17:58:12 +03:00
Andrew Murray
1a3367400c
Added reading of IFD tag type
2020-10-14 23:37:54 +11:00
nulano
90e8255ba4
Merge remote-tracking branch 'upstream/master' into anchor-part3
...
# Conflicts:
# Tests/test_imagefontctl.py
2020-10-12 15:50:45 +01:00
Hugo van Kemenade
43c3f4de80
Merge pull request #4955 from nulano/ft-color3
2020-10-12 13:52:01 +03:00
nulano
d84185579e
move bitmap font tests to test_imagefont
2020-10-11 21:45:10 +01:00
Hugo van Kemenade
15c339470d
Merge pull request #4523 from xtsm/ellipse
...
Implemented another ellipse drawing algorithm
2020-10-11 18:04:34 +03:00
gofr
938e251088
Add new JPEG test image
2020-10-10 20:08:39 +02:00
nulano
1551e120ae
add textlength and textbbox to ImageDraw
2020-10-09 01:02:51 +01:00
nulano
395aa946a9
add getbbox and getlength, with tests
...
Squashed commits:
[ec9ec31b] add tests for invalid anchor
(cherry picked from commit 9e50a6a47f79876ee56942152047f03fff03c49b)
[386a9170] fix lint and docs
(cherry picked from commit 2d0d5282fcfc3ee332a41e60b865ee766445cc3d)
[29f5d4c9] restore and document previous getsize behaviour
see discussion in issue 4789
(cherry picked from commit 9fbc94571ce0ed42fdd11e99f343a1613c9dc6d3)
[0ffd51a0] add getbbox and getlength, with tests
(cherry picked from commit c5f63737476a998c81e589e5819d21ca69bb7b46)
2020-10-09 00:56:58 +01:00
nulano
786eaf11e2
downgrade NotoColorEmoji to minimize size
2020-10-07 13:31:05 +01:00
nulano
24f3d85a3e
add test for {1bpp, 2bpp, 4bpp, 8bpp} bitmap fonts
2020-10-07 11:57:15 +01:00
nulano
55db572467
add tests for opaque COLR and CBDT fonts
2020-10-07 05:29:18 +01:00
Hugo van Kemenade
b29cab08d3
Merge pull request #4930 from nulano/anchor-part2
2020-10-05 20:19:33 +03:00
Andrew Murray
26bf1c3524
Moved CVE images to pillow-depends
2020-09-23 00:14:40 +10:00
nulano
0838d8ea62
add tests for multiline text with anchor
2020-09-22 14:58:21 +02:00
nulano
3fc1be06e6
add and fix tests for text anchors
2020-09-22 11:31:43 +02:00
Hugo van Kemenade
93d011efb5
Merge pull request #4910 from nulano/anchor-part1
2020-09-19 13:41:15 +03:00
nulano
ee1cc6ad7c
remove use of FT_Set_Transform
2020-09-09 02:14:49 +02:00
nulano
54e067779b
fix and add tests
...
(cherry picked from commit 0b711f10d0490863976699c051f2027b6799d501) (+1 squashed commits)
Squashed commits:
[9d4e6c17] fix tests
2020-09-09 02:12:21 +02:00