* PSDImagePlugin did not sanity check the number of input layers and
vs the size of the data block, this could lead to a DOS on
Image.open prior to Image.load.
* This issue dates to the PIL fork
Follow Python's file object semantics. User code is responsible for
closing resources (usually through a context manager) in a deterministic
way.
To achieve this, remove __del__ functions. These functions used to
closed open file handlers in an attempt to silence Python
ResourceWarnings. However, using __del__ has the following drawbacks:
- __del__ isn't called until the object's reference count reaches 0.
Therefore, resource handlers remain open or in use longer than
necessary.
- The __del__ method isn't guaranteed to execute on system exit. See the
Python documentation:
https://docs.python.org/3/reference/datamodel.html#object.__del__
> It is not guaranteed that __del__() methods are called for objects
> that still exist when the interpreter exits.
- Exceptions that occur inside __del__ are ignored instead of raised.
This has the potential of hiding bugs. This is also in the Python
documentation:
> Warning: Due to the precarious circumstances under which __del__()
> methods are invoked, exceptions that occur during their execution
> are ignored, and a warning is printed to sys.stderr instead.
Instead, always close resource handlers when they are no longer in use.
This will close the file handler at a specified point in the user's code
and not wait until the interpreter chooses to. It is always guaranteed
to run. And, if an exception occurs while closing the file handler, the
bug will not be ignored.
Now, when code receives a ResourceWarning, it will highlight an area
that is mishandling resources. It should not simply be silenced, but
fixed by closing resources with a context manager.
All warnings that were emitted during tests have been cleaned up. To
enable warnings, I passed the `-Wa` CLI option to Python. This exposed
some mishandling of resources in ImageFile.__init__() and
SpiderImagePlugin.loadImageSeries(), they too were fixed.
Similar to the recent adoption of Black. isort is a Python utility to
sort imports alphabetically and automatically separate into sections. By
using isort, contributors can quickly and automatically conform to the
projects style without thinking. Just let the tool do it.
Uses the configuration recommended by the Black to avoid conflicts of
style.
Rewrite TestImageQt.test_deprecated to no rely on import order.
On truncated jpeg, decoder can suspend waiting for additional bytes in
buffer. For some input files, decoder suspends on jpeg_start_decompress
stage. If at this point file reader reaches EOF, py code never gets back
to jpeg decoder and we end up with no bytes to result image. This leaves
us with some amount of potentially useful bytes undecoded and thrown
away.
Libjpeg docs suggest that in such situation, more appropriate would be
to add EOI marker to the end of buffer, which will allows decoder
to finish. https://github.com/libjpeg-turbo/libjpeg-turbo/blob/0dd9a2c1fd6c/libjpeg.txt#L1803-L1809
Docs also mention that adding EOI markers is what non-suspending code
does anyway.