python-pillow/Pillow
1
1
Fork 0
mirror of https://github.com/python-pillow/Pillow.git synced 2024-11-13 13:16:52 +03:00
Code Issues Packages Projects Releases Wiki Activity
11,372 Commits 48 Branches 91 Tags 314 MiB
e405ab300b
Commit Graph

1613 Commits

Author SHA1 Message Date
Eric Soroos
4853e522bd Fix OOB read in SgiRleDecode.c 
* From Pillow 4.3.0->8.1.0
* CVE-2021-25293
 2021-03-01 19:04:19 +11:00
Eric Soroos
3fee28eb94 Incorrect error code checking in TiffDecode.c 
* since Pillow 8.1.0
* CVE-2021-25289
 2021-03-01 18:51:13 +11:00
Andrew Murray
5f92636bd0 Removed comment 2021-02-27 00:33:23 +11:00
Christoph Gohlke
71f48e19b9
Use unsigned size_t 2021-02-24 08:15:25 -08:00
Christoph Gohlke
48ac517c8d
Fix suspicious sequence of types castings 2021-02-24 07:02:42 -08:00
Andrew Murray
c0ee869c2c Only draw each rectangle outline pixel once 2021-02-22 07:48:58 +11:00
Andrew Murray
e763f8f2be Save interop IFD when converting Exif to bytes 2021-02-22 07:47:59 +11:00
Andrew Murray
b25bc40009 Simplified code 
Co-authored-by: Konstantin Kopachev <kkopachev@popsugar.com>
 2021-02-22 07:47:05 +11:00
Andrew Murray
4b14f0102d Save base IFDs when converting Exif to bytes 2021-02-22 07:47:05 +11:00
Andrew Murray
faf8fad76d Stopped flattening EXIF IFD into getexif() 2021-02-22 07:47:05 +11:00
Andrew Murray
223b05a2ea Corrected docstring 2021-02-16 22:33:17 +11:00
Andrew Murray
c8ca4b909a Added braces 2021-02-13 11:32:52 +11:00
Andrew Murray
57d6e8ca43 Added PyQt6 support 2021-02-10 21:12:32 +11:00
Andrew Murray
441d75aa28 Updated docstring 2021-02-09 19:14:57 +11:00
Andrew Murray
bc0c0cb11a
Merge pull request #5250 from Piolie/open_formats_case 
Changed Image.open formats parameter to be case-insensitive
 2021-02-08 18:19:02 +11:00
Andrew Murray
9b56833300
Merge branch 'master' into fribidi-link 2021-02-07 16:02:16 +11:00
Andrew Murray
587e073dac Moved case transformation before initialization check 2021-02-05 20:28:34 +11:00
Piolie
0c1675a143 Make formats parameter in Image.open accept aNy cAsE 2021-02-04 22:47:53 -03:00
Hugo van Kemenade
54f12f8aad
Merge pull request #5216 from radarhere/tk 
Deprecate Tk/Tcl 8.4, to be removed in Pillow 10 (2023-01-02)
 2021-02-02 15:00:15 +02:00
Andrew Murray
c10bf8d9a7 Improved docstring [ci skip] 2021-01-31 13:14:14 +11:00
Andrew Murray
685e951182 Removed unused C code 2021-01-30 11:23:24 +11:00
Andrew Murray
f2f92d22d1 Do not use "use built-in mapper WIN32 only" 2021-01-30 11:23:24 +11:00
Andrew Murray
428a62c696
Merge pull request #5223 from Bitblade/master 
Documentation error: Wrong threshold in conversion from L to 1
 2021-01-27 17:51:10 +11:00
Andrew Murray
c9740ab7e3 Deprecate Tk/Tcl 8.4, to be removed in Pillow 10 (2023-01-02) 2021-01-26 18:14:28 +11:00
Andrew Murray
cf98f178ad Added tk version 2021-01-26 08:01:26 +11:00
Mark Laagland
e6ff82b9ab Small fix for convert documentation of Image.py 
[ci skip]
 2021-01-24 22:49:27 +01:00
Andrew Murray
ac31061f22 Handle PCX images with an odd stride 2021-01-21 19:29:11 +11:00
Andrew Murray
6f236284b0 Corrected CVE number 2021-01-20 20:43:00 +11:00
Andrew Murray
543fa2ceb7
Merge pull request #5194 from radarhere/python310 
PyModule_AddObject fix for Python 3.10
 2021-01-12 21:53:54 +11:00
Andrew Murray
4eccadced4 Document that getcolors() returns colors in the image mode [ci skip] 2021-01-09 21:30:16 +11:00
Andrew Murray
cf190a3c2f PyModule_AddObject fix for Python 3.10 2021-01-09 12:17:57 +11:00
nulano
8c02e3803b Revert "raqm: avoid declaring variables in for statement for C89 compatibility" 
This reverts commit b3cfe73854e74bc25a88f53b177713bfb63812e4.
 2021-01-05 00:07:03 +11:00
nulano
9c178435fb raqm: fix FriBiDi<1 support 2021-01-05 00:07:03 +11:00
nulano
b4a57d6fc5 support FriBiDi<1.0 2021-01-05 00:07:03 +11:00
nulano
f2b2d53ca8 raqm: avoid declaring variables in for statement for C89 compatibility 2021-01-05 00:07:03 +11:00
nulano
c3fce854f2 avoid NULL in fribidi shim 2021-01-05 00:07:03 +11:00
nulano
be0d0a3a48 fix finding raqm deps 2021-01-05 00:07:03 +11:00
nulano
3386a9ce02 replace tabs in thirdparty libs 2021-01-05 00:06:29 +11:00
nulano
5cd688fc82 add option to statically link fribidi, version info 2021-01-05 00:06:29 +11:00
nulano
9e5fc136b9 add Raqm license and readme 2021-01-05 00:03:52 +11:00
nulano
8bc1ff35b4 use FriBiDi shim in Raqm 2021-01-05 00:03:52 +11:00
nulano
e5e5761da4 add raqm to thirdparty directory 2021-01-04 23:57:31 +11:00
Andrew Murray
46b7e86bab Format with ClangFormat 2021-01-03 14:17:51 +11:00
Andrew Murray
56e7d1fd9b 8.2.0.dev0 version bump 2021-01-03 07:14:59 +11:00
Andrew Murray
fcc42e0d34 8.1.0 version bump 2021-01-02 22:39:02 +11:00
Andrew Murray
c8dd1c8422
Merge pull request #5175 from radarhere/tiff 
Fix TIFF OOB Write error
 2021-01-02 21:13:28 +11:00
Andrew Murray
0117694533
Merge pull request #5174 from radarhere/pcx 
Fix for Read Overflow in PCX Decoding
 2021-01-02 21:00:25 +11:00
Eric Soroos
2f409261eb Fix for CVE CVE-2020-35655 - Read Overflow in PCX Decoding. 
* Don't trust the image to specify a buffer size
 2021-01-02 20:38:46 +11:00
wiredfool
45a62e91b1 Rework ReadTile 
* Don't malloc for the swap line, just shuffle backwards
* Ensure that im->pixelsize is sanity checked
* Ensure that we're using the right size for the buffer from TiffReadRGBATile
 2021-01-02 20:37:48 +11:00
wiredfool
eb8c1206d6 Fix CVE-2020-35654 - OOB Write in TiffDecode.c 
* In some circumstances with some versions of libtiff (4.1.0+), there
  could be a 4 byte out of bound write when decoding a YCbCr tiff.
* The Pillow code dates to 6.0.0
* Found and reported through Tidelift
 2021-01-02 20:37:48 +11:00
Eric Soroos
9a2c9f722f Make the SGI code return -1 as an error flag, error in state 2021-01-02 20:10:02 +11:00
Eric Soroos
7e95c63fa7 Fix for SGI Decode buffer overrun CVE-2020-35655 
* Independently found by a contributor and sent to Tidelift, and by Google's OSS Fuzz.
 2021-01-02 20:09:58 +11:00
Hugo van Kemenade
07bbc46589
Merge pull request #5149 from wiredfool/gif_write_oob_read 2021-01-02 10:14:17 +02:00
Hugo van Kemenade
4e3dc9a06b Add support for PySide6 2021-01-01 20:34:44 +02:00
Andrew Murray
6175389186 Only read different sizes for "Large Thumbnail" frames 2021-01-01 12:45:02 +11:00
Hugo van Kemenade
4093897673
Merge pull request #5126 from radarhere/apng_disposal 
Use disposal settings from previous frame in APNG
 2020-12-31 16:06:33 +02:00
Andrew Murray
01cee38b9b
Merge pull request #5153 from radarhere/tiff_wheels 
Updated libtiff to 4.2.0
 2020-12-31 10:01:19 +11:00
Eric Soroos
250e42f7f8 Bad Rebase 2020-12-30 11:07:58 +01:00
Alexander
1ff61bcaa6 use offset for all binary input functions instead of slicing 2020-12-30 19:10:50 +11:00
Alexander
3757b8c748 remove extra i8 calls where input is proved bytes[] or int 2020-12-30 19:04:11 +11:00
Andrew Murray
6b21a96578 Changed readcount so that _TIFFSetGetType can identify the type 2020-12-30 11:57:05 +11:00
Hugo van Kemenade
85d61ca7d5
Merge pull request #5139 from radarhere/repr_png 
Added exception explaining that _repr_png_ saves to PNG
 2020-12-29 12:43:22 +02:00
Hugo van Kemenade
cd446e6088
Merge pull request #5125 from radarhere/disposal_method 
Use previous disposal method in GIF load_end
 2020-12-29 12:26:14 +02:00
Hugo van Kemenade
5c64438792
Merge pull request #5090 from radarhere/valueerror 
Do not catch a ValueError only to raise another
 2020-12-29 12:19:16 +02:00
Hugo van Kemenade
25500e83bc
Merge pull request #5089 from radarhere/putpalette_rgba 
Allow putpalette to accept 1024 integers to include alpha values
 2020-12-29 12:17:50 +02:00
Eric Soroos
a39d7c4fcf Fix OOB Read in tif_dirinfo.c 
==3330==    at 0xBD4110C: _TIFFSetupFields (tif_dirinfo.c:327)

Passing in a stack allocated array is going to fail, as a reference
is retained to the name and used later when flushing the Tiff to
the file.
 2020-12-28 15:00:48 +01:00
Eric Soroos
d96945b7c8 Fix Out of bounds read when saving GIF of xsize=1 2020-12-27 16:01:26 +01:00
Andrew Murray
00df94bb78 Removed unused variable 2020-12-27 16:16:55 +11:00
Andrew Murray
fdce845364 Added exception explaining that _repr_png_ saves to PNG 2020-12-27 15:36:16 +11:00
Andrew Murray
cf530b8d9c
Merge pull request #5111 from cgohlke/patch-3 
Fix dereferencing of potential null pointers
 2020-12-27 12:21:09 +11:00
Andrew Murray
51b8137924
Changed style for consistency 2020-12-26 21:49:40 +11:00
Hugo van Kemenade
2635a4859d
Merge pull request #5127 from radarhere/warnings 
Fixed warnings assigning to "unsigned char *" from "char *"
 2020-12-24 10:50:24 +02:00
Andrew Murray
e37a8a263d
Merge pull request #4568 from ziplantil/ico-append-images 
Add append_images support for ICO
 2020-12-24 11:10:33 +11:00
Andrew Murray
8eaf9e7cb7 Fixed warning assigning to "unsigned char *" from "char *" 2020-12-24 10:47:06 +11:00
Andrew Murray
5e4e0fa6ee Use disposal settings from previous frame 2020-12-24 09:55:22 +11:00
Andrew Murray
9940c84b08 Use previous disposal method in load_end 2020-12-23 13:22:53 +11:00
Andrew Murray
36dc83e3ac Fixed comparison between unsigned int and int 2020-12-22 16:07:32 +11:00
Andrew Murray
26e5929617 Fixed comparison between int and unsigned long 2020-12-22 16:06:44 +11:00
Andrew Murray
8794610c76 Block TIFFTAG_SUBIFD 2020-12-22 11:38:02 +11:00
Andrew Murray
0eddc82157
Merge pull request #5108 from cgohlke/patch-1 
Fix dereferencing potential null pointer
 2020-12-22 08:26:48 +11:00
Hugo van Kemenade
396b329507
Merge pull request #5113 from radarhere/memory 
Replaced PyErr_NoMemory with ImagingError_MemoryError
 2020-12-20 22:17:10 +02:00
Christoph Gohlke
d1e706d756
return ImagingError_MemoryError 2020-12-19 19:42:29 -08:00
Christoph Gohlke
fd14616dbb
Return ImagingError_MemoryError 2020-12-19 19:37:05 -08:00
Christoph Gohlke
15dd7aef9f
Return ImagingError_MemoryError 2020-12-19 19:35:21 -08:00
Andrew Murray
83d82ae150
Merge pull request #5098 from hugovk/deprecate-freetype 
Deprecate FreeType 2.7
 2020-12-20 13:35:41 +11:00
Andrew Murray
b7fb39fff8 Use ImagingError_MemoryError NULL return value 2020-12-20 13:00:16 +11:00
Andrew Murray
75542fea6d Replaced PyErr_NoMemory with ImagingError_MemoryError 2020-12-20 13:00:10 +11:00
Christoph Gohlke
fd4b0609ef
Fix dereferencing of potential null pointers 2020-12-19 15:58:25 -08:00
Christoph Gohlke
c1adae6f70
Remove duplicate code 2020-12-19 15:07:51 -08:00
Christoph Gohlke
7673cb7549
Fix dereferencing potential null pointer 2020-12-19 14:57:55 -08:00
Andrew Murray
043d8dac0b Do not require packaging just for a DeprecationWarning 2020-12-18 23:42:16 +11:00
Hugo van Kemenade
27bf17009c Deprecate FreeType 2.7, to be removed in Pillow 9 (2022-01-02) 2020-12-17 10:28:06 +02:00
Andrew Murray
ff0ad9af34 Do not catch a ValueError only to raise another 2020-12-12 23:36:57 +11:00
Andrew Murray
a666c91e10 Allow putpalette to accept 1024 integers to include alpha values 2020-12-12 14:12:30 +11:00
Hugo van Kemenade
0893f502c3 Document when deprecations will be removed [CI skip] 2020-12-10 14:32:43 +02:00
Hugo van Kemenade
2b87ccae89
Merge pull request #5026 from radarhere/unused 
Removed unused C methods
 2020-11-18 14:46:36 +02:00
Andrew Murray
4f0b9185a3 Fixed link formatting 2020-11-14 08:41:44 +11:00
Andrew Murray
7e2015c75f init() if one of the formats is unrecognised 2020-11-11 21:05:57 +11:00
Andrew Murray
2ae597c357 Renamed variable to match IcnsImagePlugin 2020-11-04 22:42:53 +11:00
Andrew Murray
8593e17b05 Removed unused methods 2020-11-02 20:58:51 +11:00