Hugo van Kemenade
8febdad8dd
Review, typos and lint
2021-04-01 17:41:46 +03:00
Eric Soroos
496245aa43
Fix BLP DOS -- CVE-2021-28678
...
* BlpImagePlugin did not properly check that reads after jumping to
file offsets returned data. This could lead to a DOS where the
decoder could be run a large number of times on empty data
* This dates to Pillow 5.1.0
2021-04-01 17:17:35 +03:00
Eric Soroos
22e9bee4ef
Fix DOS in PSDImagePlugin -- CVE-2021-28675
...
* PSDImagePlugin did not sanity check the number of input layers and
vs the size of the data block, this could lead to a DOS on
Image.open prior to Image.load.
* This issue dates to the PIL fork
2021-04-01 17:17:31 +03:00
Eric Soroos
ba65f0b08e
Fix Memory DOS in ImageFont
...
* A corrupt or specially crafted TTF font could have font metrics that
lead to unreasonably large sizes when rendering text in
font. ImageFont.py did not check the image size before allocating
memory for it.
* Found with oss-fuzz
* This dates from the PIL fork
2021-04-01 17:17:27 +03:00
Eric Soroos
bb6c11fb88
Fix FLI DOS -- CVE-2021-28676
...
* FliDecode did not properly check that the block advance was
non-zero, potentally leading to an infinite loop on load.
* This dates to the PIL Fork
* Found with oss-fuzz
2021-04-01 17:17:23 +03:00
Eric Soroos
5a5e6db0ab
Fix EPS DOS on _open -- CVE-2021-28677
...
* The readline used in EPS has to deal with any combination of \r and
\n as line endings. It used an accidentally quadratic method of
accumulating lines while looking for a line ending.
* A malicious EPS file could use this to perform a DOS of Pillow in
the open phase, before an image was accepted for opening.
* This dates to the PIL Fork
2021-04-01 17:17:18 +03:00
Eric Soroos
3bf5eddb89
Fix OOB Read in Jpeg2KDecode CVE-2021-25287,CVE-2021-25288
...
* For J2k images with multiple bands, it's legal in to have different
widths for each band, e.g. 1 byte for L, 4 bytes for A
* This dates to Pillow 2.4.0
2021-04-01 17:17:13 +03:00
Andrew Murray
e12d5042ad
Adjusted docstring
2021-04-01 22:28:42 +11:00
Andrew Murray
2c8684c525
Moved getxmp() into JpegImageFile
2021-04-01 22:28:37 +11:00
Hugo van Kemenade
6812205f18
Merge pull request #5144 from UrielMaD/feature_xmp
2021-04-01 12:44:47 +03:00
Hugo van Kemenade
8c852e44f0
Merge pull request #5349 from latosha-maltba/master
2021-04-01 11:55:37 +03:00
Eric Soroos
87934e22d0
Fix for crash-0da0
2021-03-31 23:24:30 +02:00
Eric Soroos
53c80281d7
fix for crash-8115
2021-03-31 22:23:57 +02:00
Eric Soroos
45530d5ce1
fixes crash-74d2
2021-03-31 22:23:57 +02:00
wiredfool
4044ecc1fb
Merge pull request #5366 from kkopachev/kk-remove-extra-check
...
Remove redundant check (addition to #5364 )
2021-03-31 20:54:07 +01:00
Hugo van Kemenade
c54a7bb031
Merge pull request #5333 from radarhere/gif_frame_transparency
2021-03-31 18:08:11 +03:00
Hugo van Kemenade
54e9f3bd0f
Merge pull request #5291 from raygard/giflzw
2021-03-31 17:58:44 +03:00
Hugo van Kemenade
727533148e
Merge pull request #5282 from radarhere/quantize
...
Set all transparent colors to be equal in quantize()
2021-03-31 17:58:21 +03:00
Hugo van Kemenade
683affa29c
Merge pull request #5206 from radarhere/numpy
2021-03-31 17:46:32 +03:00
Hugo van Kemenade
06dfbb8e3e
Merge branch 'master' into giflzw
2021-03-31 16:45:02 +03:00
Andrew Murray
80878fa4c6
Merge branch 'master' into modes
2021-03-31 18:58:11 +11:00
Hugo van Kemenade
d3ad66d851
Merge pull request #5332 from radarhere/typo
...
Corrected grammar
2021-03-31 09:40:41 +03:00
Ray Gardner
306d030fce
Add comment to reference GIF LZW specification.
2021-03-30 17:35:21 -06:00
Hugo van Kemenade
e08474afa3
Merge pull request #5365 from nulano/fribidi-notes
2021-03-30 21:00:09 +03:00
Andrew Murray
b0b4fee796
Merge pull request #5350 from elejke/master
...
Add preserve_tone option to autocontrast
2021-03-30 07:59:57 +11:00
Konstantin Kopachev
19a815dd73
Remove redundant check
...
It's duplicated inside following call of TIFFReadTile
2021-03-29 11:27:50 -07:00
nulano
4f61637e7f
document libraqm/fribidi linking, support fribidi-0.dll on Windows
2021-03-29 17:45:12 +02:00
Hugo van Kemenade
b3a1de94d0
Merge pull request #5323 from radarhere/imagefilter_numpy
...
Only import numpy when necessary
2021-03-28 19:11:01 +03:00
wiredfool
9a683db339
Merge pull request #5274 from radarhere/gradient
...
Fixed linear_gradient and radial_gradient I and F modes
2021-03-28 14:35:22 +01:00
Konstantin Kopachev
52ecf1b142
Stop guessing strip size and pass expected size
2021-03-28 15:03:37 +02:00
Konstantin Kopachev
ab24c98491
Add sanity check for memory overruns
2021-03-28 15:03:37 +02:00
Konstantin Kopachev
1c295bf43c
Check for dimensions and sizes to fit into int
2021-03-28 15:03:37 +02:00
Konstantin Kopachev
e438046201
Refactor into smaller functions
2021-03-28 15:03:37 +02:00
Konstantin Kopachev
4dd288c66c
unify reading of YCbCr Tiffs
2021-03-28 15:03:37 +02:00
Konstantin Kopachev
4c2dfadf26
Swap pixel values on Big Endian
2021-03-28 15:03:37 +02:00
Konstantin Kopachev
169bb4842f
only use TIFFReadRGBA* in case of o_jpeg compression
2021-03-28 15:03:37 +02:00
Eric Soroos
f2020eeab4
UINT8 -> int for plane
2021-03-28 15:03:37 +02:00
Eric Soroos
b1d3f0d5c2
not
2021-03-28 15:03:37 +02:00
Eric Soroos
c9ea87ecfd
Use flag instead of recalculating
2021-03-28 15:03:37 +02:00
Eric Soroos
fda638befe
Planes should be int, not uint
2021-03-28 15:03:37 +02:00
nulano
daf7b6546e
remove double pointer
2021-03-28 15:03:37 +02:00
nulano
a921c01102
correct TIFFTAG_PLANARCONFIG size
2021-03-28 15:03:37 +02:00
Eric Soroos
77a1a9aba3
initialize the unpackers
2021-03-28 15:03:37 +02:00
Eric Soroos
64500434c2
Implementation for PlanarConfiguration=2 Tiffs, manually merged from f566c8a
2021-03-28 15:03:37 +02:00
Konstantin Kopachev
0018685a8e
Add Tests and support for Planar Tiff Images
2021-03-28 15:03:37 +02:00
Hugo van Kemenade
e405ab300b
Merge pull request #5351 from radarhere/categories
2021-03-28 14:34:50 +03:00
Andrew Murray
f799915d6f
Merge pull request #5304 from nulano/5300
...
Do not premultiply alpha when resizing with Image.NEAREST resampling
2021-03-28 16:02:01 +11:00
Andrew Murray
71cd97a519
Added deprecation warnings
2021-03-28 15:51:28 +11:00
Hugo van Kemenade
5e1d304769
Merge pull request #5353 from radarhere/quantize_attributes
...
Use quantization method attributes
2021-03-27 20:01:49 +02:00
wiredfool
3addd7df4e
Merge pull request #5062 from nulano/fribidi-link
...
Dynamically link FriBiDi instead of Raqm
2021-03-27 16:29:04 +00:00
Andrew Murray
a4a38b805b
Removed return value of build_distance_tables
2021-03-27 14:47:11 +11:00
Ray Gardner
5390786c65
Add braces to if -- conform with Pillow style.
2021-03-25 17:22:11 -06:00
Ray Gardner
0acf3514a1
Modify GifEncode.c and Gif.h to use LZW encoding
2021-03-25 17:22:10 -06:00
nulano
c718cc6c94
avoid unused variable warnings
2021-03-25 00:41:05 +01:00
nulano
5e61c1842f
fix support for old versions of Raqm
2021-03-25 00:41:05 +01:00
nulano
49fa3656b1
do not premultiply alpha when resizing with Image.NEAREST resampling
2021-03-23 13:16:20 +01:00
elejke
2c973b4cca
versionadded version fixed
2021-03-23 13:57:51 +03:00
elejke
9b8f7c2a8f
versionadded directive and releasenotes added
2021-03-23 13:56:51 +03:00
Andrew Murray
4e0bc3bab6
Use quantization method attributes
2021-03-22 19:44:56 +11:00
Andrew Murray
0ff9879171
Document supported quantization methods for RGBA images
2021-03-22 19:21:31 +11:00
Andrew Murray
ab56edb49f
Documented default quantization method
2021-03-22 19:18:36 +11:00
elejke
c585e6ab6b
Add preserve_tone option to autocontrast
2021-03-21 21:15:13 +03:00
Hugo van Kemenade
ddcc936643
Merge pull request #5330 from radarhere/png_plte
...
Allow fewer PNG palette entries than the bit depth maximum when saving
2021-03-21 17:31:35 +02:00
Latosha Maltba
bb88d8d017
Add support to use GraphicsMagick's "gm display" as viewer
2021-03-21 14:36:18 +00:00
Hugo van Kemenade
688e6f163f
Merge pull request #5338 from radarhere/webp_save_duration
...
Use duration from info dictionary when saving WebP
2021-03-21 11:35:28 +02:00
Andrew Murray
754752e78f
Allow fewer palette entries than the bit depth maximum
2021-03-21 09:22:01 +11:00
Hugo van Kemenade
82b2f4aa36
Merge pull request #5326 from radarhere/gif_disposal
...
Improved efficiency when creating GIF disposal images
2021-03-20 12:45:34 +02:00
Hugo van Kemenade
5a209081b2
Merge pull request #4947 from radarhere/exif
2021-03-19 21:26:33 +02:00
Andrew Murray
298600381f
Replaced tiff_deflate with tiff_adobe_deflate compression when saving
2021-03-19 12:00:29 +11:00
Andrew Murray
1d8c5a820c
Use duration from info dictionary when saving
2021-03-17 20:37:31 +11:00
Andrew Murray
b216b367ac
Only set info transparency on first frame
2021-03-17 00:24:57 +11:00
Glenn Maynard
18854dcf14
GIF: Handle GIF transparency in the decoder.
...
Remove the special case for disposal_method == 1 and handle GIF
transparency by telling the decoder the transparent index.
2021-03-16 23:17:28 +11:00
Glenn Maynard
a4a314f765
GIF: Support transparency in the native decoder.
...
Allow the transparency index to be passed to the native decoder. If not
-1, pixels with this index will be left at their previous value.
This only adds the decoder support and isn't active yet.
2021-03-16 23:17:12 +11:00
Andrew Murray
d7cbc9a27e
Corrected grammar
2021-03-16 22:19:48 +11:00
Andrew Murray
36a4b055bb
Updated comments
2021-03-15 12:50:30 +11:00
Andrew Murray
68719fe6ea
Merge branch 'master' into exif
2021-03-15 12:41:45 +11:00
Andrew Murray
c52b45df62
Removed automatic retrieval of GPS IFD
2021-03-15 12:33:06 +11:00
Hugo van Kemenade
1c086c65d4
Merge pull request #5321 from radarhere/tiff_icc_profile
...
Save ICC profile from TIFF encoderinfo
2021-03-14 10:42:51 +02:00
Hugo van Kemenade
4c297ec312
Merge pull request #5268 from radarhere/rgb
...
Moved RGB fix inside ImageQt class
2021-03-14 10:26:08 +02:00
Andrew Murray
2f84f633e3
Create disposal image at the destination size, instead of cropping
2021-03-14 13:40:55 +11:00
Andrew Murray
16dbffc3a8
_crop already makes a copy of the image
2021-03-14 13:31:16 +11:00
Andrew Murray
188d4f6b6a
Only import numpy when necessary
2021-03-12 12:03:48 +11:00
Andrew Murray
f91f93e246
Merge pull request #5305 from lukegb/bug/format-strings
...
Fix -Wformat error in TiffDecode
2021-03-11 22:34:17 +11:00
Andrew Murray
68b655f3f0
Updated format specifiers
2021-03-10 20:43:16 +11:00
Andrew Murray
f42d6cf1ac
Save ICC profile from TIFF encoderinfo
2021-03-10 20:16:49 +11:00
Andrew Murray
e54880c652
Moved RGB fix inside ImageQt class
2021-03-10 13:17:19 +11:00
Hugo van Kemenade
3225e39e9a
Merge branch 'master' into alpha_composite
2021-03-08 14:16:46 +02:00
Hugo van Kemenade
d9e4424a7f
Merge pull request #5260 from radarhere/imageqt_exclusive_fp
...
Ensure file is closed if it is opened by ImageQt.ImageQt
2021-03-08 14:13:48 +02:00
Andrew Murray
e7f5bb1831
Ensure file is closed if it is opened by ImageQt.ImageQt
2021-03-08 20:38:03 +11:00
Andrew Murray
9ce3eba7eb
Only draw each pixel once
2021-03-08 19:54:03 +11:00
Andrew Murray
f5d49f4f61
Added rounded_rectangle method
2021-03-08 19:53:59 +11:00
Hugo van Kemenade
6108596ff8
Merge pull request #5289 from radarhere/ipythonviewer
2021-03-07 14:26:50 +02:00
Hugo van Kemenade
3a27118d76
Merge pull request #5183 from radarhere/rectangle
...
Only draw each rectangle outline pixel once
2021-03-07 12:25:45 +02:00
Hugo van Kemenade
f15f573e51
Merge pull request #5224 from radarhere/mapper
2021-03-07 11:51:46 +02:00
Hugo van Kemenade
f9b830f058
Merge pull request #5214 from radarhere/pcx
...
Handle PCX images with an odd stride
2021-03-07 11:41:14 +02:00
Hugo van Kemenade
95986f38da
Merge pull request #5168 from radarhere/mpo
2021-03-07 11:38:36 +02:00
Andrew Murray
ca204ba04f
Removed Image._MODEINFO
2021-03-07 14:21:27 +11:00
Andrew Murray
690cf9ebe2
Allow alpha_composite destination to be negative
2021-03-06 20:54:21 +11:00
Eric Soroos
480f6819b5
Fix Memory DOS in Icns, Ico and Blp Image Plugins
...
Some container plugins that could contain images of other formats,
such as the ICNS format, did not properly check the reported size of
the contained image. These images could cause arbitrariliy large
memory allocations.
This is fixed for all locations where individual *ImageFile classes
are created without going through the usual Image.open method.
2021-03-06 10:19:14 +11:00
Andrew Murray
7b09463809
Added IPythonViewer docstring
2021-03-04 08:56:49 +11:00