Hugo van Kemenade
9e73f7a324
Merge pull request #5374 from radarhere/static
...
Changed quantize and quantize2 to static
2021-04-19 17:58:35 +03:00
Hugo van Kemenade
d2e73b0304
Merge pull request #5411 from radarhere/resize_default
...
For special image modes, revert default resize resampling to NEAREST
2021-04-19 17:57:46 +03:00
Hugo van Kemenade
fc08a72600
Merge pull request #5400 from radarhere/mapdepth_16
...
Changed mode for TGA 16-bit palette to BGR;15
2021-04-18 13:00:29 +03:00
Hugo van Kemenade
50fdc151ea
Merge pull request #5396 from radarhere/mapdepth
...
TGA color map entry size is only 1 byte
2021-04-18 12:57:58 +03:00
Hugo van Kemenade
197673b9b2
Merge pull request #4996 from nulano/jp2-decode-subsample
2021-04-17 21:42:17 +03:00
Andrew Murray
7c0344bb99
For special image modes, revert default resize resampling to NEAREST
2021-04-17 12:18:42 +10:00
Andrew Murray
1e074f5040
Merge pull request #4144 from jansol/master
...
Stop decoding BC1 punchthrough alpha in BC2&3
2021-04-15 20:24:52 +10:00
Hugo van Kemenade
85d251b479
Merge pull request #5384 from radarhere/core_tags
2021-04-15 13:10:25 +03:00
Hugo van Kemenade
2f5687f886
Merge pull request #5390 from radarhere/gif_missing_background
...
Use zero if GIF background color index is missing
2021-04-15 11:57:31 +03:00
Hugo van Kemenade
0cc2943aef
Merge pull request #5386 from radarhere/previous_frame_loaded
...
Fixed ensuring that GIF previous frame was loaded
2021-04-15 10:47:44 +03:00
Andrew Murray
2cb1d056c0
Merge branch 'master' into jp2-decode-subsample
2021-04-11 12:49:10 +10:00
Andrew Murray
8be655bec6
Merge branch 'master' into core_tags
2021-04-11 12:46:37 +10:00
Andrew Murray
65cdc21105
Changed quantize and quantize2 to static
2021-04-11 12:40:59 +10:00
wiredfool
fe668716ed
Merge pull request #5397 from wiredfool/valgrind_fixes
...
Valgrind fixes
2021-04-10 19:15:17 +01:00
nulano
ee41a133dd
formatting
2021-04-10 20:03:46 +02:00
Andrew Murray
fc64064387
Changed mode for 16-bit palette to BGR;15
2021-04-10 22:11:20 +10:00
Eric Soroos
441e6426ae
Initialize buffer with 0, fixes valgrind undefined behavior issues
2021-04-09 13:41:23 +02:00
Andrew Murray
04df6e3bf1
mapdepth is only 1 byte
2021-04-09 21:38:28 +10:00
Andrew Murray
3cb2413066
Use zero if background color index is missing
2021-04-08 08:04:20 +10:00
Hugo van Kemenade
75c111903c
Merge pull request #5382 from radarhere/rounded_rectangle
...
Round down the radius in rounded_rectangle
2021-04-07 19:31:19 +03:00
Andrew Murray
d661e438f6
Fixed ensuring that previous frame was loaded
2021-04-06 19:31:51 +10:00
Andrew Murray
9d489f69ae
Removed duplicate word in error message
2021-04-05 19:34:00 +10:00
Andrew Murray
56dfc4a956
Added 301 and 532 to core tags
2021-04-05 19:01:13 +10:00
Andrew Murray
d06871d543
Set mode of three channel uncompressed RGB data to RGB
2021-04-05 17:58:02 +10:00
Andrew Murray
6f87faf0ee
Reversed rawmode for uncompressed RGB data
2021-04-05 17:54:34 +10:00
Andrew Murray
92edc29439
Round down the radius in rounded_rectangle
2021-04-05 08:54:06 +10:00
Andrew Murray
60da129d4b
Replaced register_open lambdas with _accept method for consistency
2021-04-03 21:51:28 +11:00
Andrew Murray
d4f9c6e082
Renamed register_open accept methods for consistency
2021-04-03 21:51:23 +11:00
Andrew Murray
39fe85f308
Merge branch 'master' into jp2-decode-subsample
2021-04-03 09:26:55 +11:00
Hugo van Kemenade
330f77ae7a
8.3.0.dev0 version bump
2021-04-01 23:56:43 +03:00
Hugo van Kemenade
e0e353c0ef
8.2.0 version bump
2021-04-01 20:58:27 +03:00
Hugo van Kemenade
694c84f88f
Fix typo [ci skip]
...
Co-authored-by: Andrew Murray <3112309+radarhere@users.noreply.github.com>
2021-04-01 20:00:13 +03:00
Hugo van Kemenade
8febdad8dd
Review, typos and lint
2021-04-01 17:41:46 +03:00
Eric Soroos
496245aa43
Fix BLP DOS -- CVE-2021-28678
...
* BlpImagePlugin did not properly check that reads after jumping to
file offsets returned data. This could lead to a DOS where the
decoder could be run a large number of times on empty data
* This dates to Pillow 5.1.0
2021-04-01 17:17:35 +03:00
Eric Soroos
22e9bee4ef
Fix DOS in PSDImagePlugin -- CVE-2021-28675
...
* PSDImagePlugin did not sanity check the number of input layers and
vs the size of the data block, this could lead to a DOS on
Image.open prior to Image.load.
* This issue dates to the PIL fork
2021-04-01 17:17:31 +03:00
Eric Soroos
ba65f0b08e
Fix Memory DOS in ImageFont
...
* A corrupt or specially crafted TTF font could have font metrics that
lead to unreasonably large sizes when rendering text in
font. ImageFont.py did not check the image size before allocating
memory for it.
* Found with oss-fuzz
* This dates from the PIL fork
2021-04-01 17:17:27 +03:00
Eric Soroos
bb6c11fb88
Fix FLI DOS -- CVE-2021-28676
...
* FliDecode did not properly check that the block advance was
non-zero, potentally leading to an infinite loop on load.
* This dates to the PIL Fork
* Found with oss-fuzz
2021-04-01 17:17:23 +03:00
Eric Soroos
5a5e6db0ab
Fix EPS DOS on _open -- CVE-2021-28677
...
* The readline used in EPS has to deal with any combination of \r and
\n as line endings. It used an accidentally quadratic method of
accumulating lines while looking for a line ending.
* A malicious EPS file could use this to perform a DOS of Pillow in
the open phase, before an image was accepted for opening.
* This dates to the PIL Fork
2021-04-01 17:17:18 +03:00
Eric Soroos
3bf5eddb89
Fix OOB Read in Jpeg2KDecode CVE-2021-25287,CVE-2021-25288
...
* For J2k images with multiple bands, it's legal in to have different
widths for each band, e.g. 1 byte for L, 4 bytes for A
* This dates to Pillow 2.4.0
2021-04-01 17:17:13 +03:00
Andrew Murray
e12d5042ad
Adjusted docstring
2021-04-01 22:28:42 +11:00
Andrew Murray
2c8684c525
Moved getxmp() into JpegImageFile
2021-04-01 22:28:37 +11:00
Hugo van Kemenade
6812205f18
Merge pull request #5144 from UrielMaD/feature_xmp
2021-04-01 12:44:47 +03:00
Hugo van Kemenade
8c852e44f0
Merge pull request #5349 from latosha-maltba/master
2021-04-01 11:55:37 +03:00
Eric Soroos
87934e22d0
Fix for crash-0da0
2021-03-31 23:24:30 +02:00
Eric Soroos
53c80281d7
fix for crash-8115
2021-03-31 22:23:57 +02:00
Eric Soroos
45530d5ce1
fixes crash-74d2
2021-03-31 22:23:57 +02:00
wiredfool
4044ecc1fb
Merge pull request #5366 from kkopachev/kk-remove-extra-check
...
Remove redundant check (addition to #5364 )
2021-03-31 20:54:07 +01:00
Hugo van Kemenade
c54a7bb031
Merge pull request #5333 from radarhere/gif_frame_transparency
2021-03-31 18:08:11 +03:00
Hugo van Kemenade
54e9f3bd0f
Merge pull request #5291 from raygard/giflzw
2021-03-31 17:58:44 +03:00
Hugo van Kemenade
727533148e
Merge pull request #5282 from radarhere/quantize
...
Set all transparent colors to be equal in quantize()
2021-03-31 17:58:21 +03:00