python-pillow/Pillow
1
1
Fork 0
mirror of https://github.com/python-pillow/Pillow.git synced 2024-09-23 12:28:56 +03:00
Code Issues Packages Projects Releases Wiki Activity
11,553 Commits 47 Branches 90 Tags 274 MiB
9a4b1301de
Commit Graph

1695 Commits

Author SHA1 Message Date
Andrew Murray
5491bd5eda Merge parallel horizontal edges in ImagingDrawPolygon 2021-04-11 12:41:32 +10:00
wiredfool
fe668716ed
Merge pull request #5397 from wiredfool/valgrind_fixes 
Valgrind fixes
 2021-04-10 19:15:17 +01:00
Eric Soroos
441e6426ae Initialize buffer with 0, fixes valgrind undefined behavior issues 2021-04-09 13:41:23 +02:00
Hugo van Kemenade
75c111903c
Merge pull request #5382 from radarhere/rounded_rectangle 
Round down the radius in rounded_rectangle
 2021-04-07 19:31:19 +03:00
Andrew Murray
d06871d543 Set mode of three channel uncompressed RGB data to RGB 2021-04-05 17:58:02 +10:00
Andrew Murray
6f87faf0ee Reversed rawmode for uncompressed RGB data 2021-04-05 17:54:34 +10:00
Andrew Murray
92edc29439 Round down the radius in rounded_rectangle 2021-04-05 08:54:06 +10:00
Andrew Murray
60da129d4b Replaced register_open lambdas with _accept method for consistency 2021-04-03 21:51:28 +11:00
Andrew Murray
d4f9c6e082 Renamed register_open accept methods for consistency 2021-04-03 21:51:23 +11:00
Hugo van Kemenade
330f77ae7a 8.3.0.dev0 version bump 2021-04-01 23:56:43 +03:00
Hugo van Kemenade
e0e353c0ef 8.2.0 version bump 2021-04-01 20:58:27 +03:00
Hugo van Kemenade
694c84f88f
Fix typo [ci skip] 
Co-authored-by: Andrew Murray <3112309+radarhere@users.noreply.github.com>
 2021-04-01 20:00:13 +03:00
Hugo van Kemenade
8febdad8dd Review, typos and lint 2021-04-01 17:41:46 +03:00
Eric Soroos
496245aa43 Fix BLP DOS -- CVE-2021-28678 
* BlpImagePlugin did not properly check that reads after jumping to
  file offsets returned data. This could lead to a DOS where the
  decoder could be run a large number of times on empty data
* This dates to Pillow 5.1.0
 2021-04-01 17:17:35 +03:00
Eric Soroos
22e9bee4ef Fix DOS in PSDImagePlugin -- CVE-2021-28675 
* PSDImagePlugin did not sanity check the number of input layers and
  vs the size of the data block, this could lead to a DOS on
  Image.open prior to Image.load.
* This issue dates to the PIL fork
 2021-04-01 17:17:31 +03:00
Eric Soroos
ba65f0b08e Fix Memory DOS in ImageFont 
* A corrupt or specially crafted TTF font could have font metrics that
  lead to unreasonably large sizes when rendering text in
  font. ImageFont.py did not check the image size before allocating
  memory for it.
* Found with oss-fuzz
* This dates from the PIL fork
 2021-04-01 17:17:27 +03:00
Eric Soroos
bb6c11fb88 Fix FLI DOS -- CVE-2021-28676 
* FliDecode did not properly check that the block advance was
  non-zero, potentally leading to an infinite loop on load.
* This dates to the PIL Fork
* Found with oss-fuzz
 2021-04-01 17:17:23 +03:00
Eric Soroos
5a5e6db0ab Fix EPS DOS on _open -- CVE-2021-28677 
* The readline used in EPS has to deal with any combination of \r and
  \n as line endings. It used an accidentally quadratic method of
  accumulating lines while looking for a line ending.
* A malicious EPS file could use this to perform a DOS of Pillow in
  the open phase, before an image was accepted for opening.
* This dates to the PIL Fork
 2021-04-01 17:17:18 +03:00
Eric Soroos
3bf5eddb89 Fix OOB Read in Jpeg2KDecode CVE-2021-25287,CVE-2021-25288 
* For J2k images with multiple bands, it's legal in to have different
  widths for each band, e.g. 1 byte for L, 4 bytes for A
* This dates to Pillow 2.4.0
 2021-04-01 17:17:13 +03:00
Andrew Murray
e12d5042ad Adjusted docstring 2021-04-01 22:28:42 +11:00
Andrew Murray
2c8684c525 Moved getxmp() into JpegImageFile 2021-04-01 22:28:37 +11:00
Hugo van Kemenade
6812205f18
Merge pull request #5144 from UrielMaD/feature_xmp 2021-04-01 12:44:47 +03:00
Hugo van Kemenade
8c852e44f0
Merge pull request #5349 from latosha-maltba/master 2021-04-01 11:55:37 +03:00
Eric Soroos
87934e22d0 Fix for crash-0da0 2021-03-31 23:24:30 +02:00
Eric Soroos
53c80281d7 fix for crash-8115 2021-03-31 22:23:57 +02:00
Eric Soroos
45530d5ce1 fixes crash-74d2 2021-03-31 22:23:57 +02:00
wiredfool
4044ecc1fb
Merge pull request #5366 from kkopachev/kk-remove-extra-check 
Remove redundant check (addition to #5364)
 2021-03-31 20:54:07 +01:00
Hugo van Kemenade
c54a7bb031
Merge pull request #5333 from radarhere/gif_frame_transparency 2021-03-31 18:08:11 +03:00
Hugo van Kemenade
54e9f3bd0f
Merge pull request #5291 from raygard/giflzw 2021-03-31 17:58:44 +03:00
Hugo van Kemenade
727533148e
Merge pull request #5282 from radarhere/quantize 
Set all transparent colors to be equal in quantize()
 2021-03-31 17:58:21 +03:00
Hugo van Kemenade
683affa29c
Merge pull request #5206 from radarhere/numpy 2021-03-31 17:46:32 +03:00
Hugo van Kemenade
06dfbb8e3e
Merge branch 'master' into giflzw 2021-03-31 16:45:02 +03:00
Andrew Murray
80878fa4c6 Merge branch 'master' into modes 2021-03-31 18:58:11 +11:00
Hugo van Kemenade
d3ad66d851
Merge pull request #5332 from radarhere/typo 
Corrected grammar
 2021-03-31 09:40:41 +03:00
Ray Gardner
306d030fce Add comment to reference GIF LZW specification. 2021-03-30 17:35:21 -06:00
Hugo van Kemenade
e08474afa3
Merge pull request #5365 from nulano/fribidi-notes 2021-03-30 21:00:09 +03:00
Andrew Murray
b0b4fee796
Merge pull request #5350 from elejke/master 
Add preserve_tone option to autocontrast
 2021-03-30 07:59:57 +11:00
Konstantin Kopachev
19a815dd73
Remove redundant check 
It's duplicated inside following call of TIFFReadTile
 2021-03-29 11:27:50 -07:00
nulano
4f61637e7f document libraqm/fribidi linking, support fribidi-0.dll on Windows 2021-03-29 17:45:12 +02:00
Hugo van Kemenade
b3a1de94d0
Merge pull request #5323 from radarhere/imagefilter_numpy 
Only import numpy when necessary
 2021-03-28 19:11:01 +03:00
wiredfool
9a683db339
Merge pull request #5274 from radarhere/gradient 
Fixed linear_gradient and radial_gradient I and F modes
 2021-03-28 14:35:22 +01:00
Konstantin Kopachev
52ecf1b142 Stop guessing strip size and pass expected size 2021-03-28 15:03:37 +02:00
Konstantin Kopachev
ab24c98491 Add sanity check for memory overruns 2021-03-28 15:03:37 +02:00
Konstantin Kopachev
1c295bf43c Check for dimensions and sizes to fit into int 2021-03-28 15:03:37 +02:00
Konstantin Kopachev
e438046201 Refactor into smaller functions 2021-03-28 15:03:37 +02:00
Konstantin Kopachev
4dd288c66c unify reading of YCbCr Tiffs 2021-03-28 15:03:37 +02:00
Konstantin Kopachev
4c2dfadf26 Swap pixel values on Big Endian 2021-03-28 15:03:37 +02:00
Konstantin Kopachev
169bb4842f only use TIFFReadRGBA* in case of o_jpeg compression 2021-03-28 15:03:37 +02:00
Eric Soroos
f2020eeab4 UINT8 -> int for plane 2021-03-28 15:03:37 +02:00
Eric Soroos
b1d3f0d5c2 not 2021-03-28 15:03:37 +02:00