Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP4:Update
python-Pillow.35230
CVE-2021-23437.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2021-23437.patch of Package python-Pillow.35230
From 9e08eb8f78fdfd2f476e1b20b7cf38683754866b Mon Sep 17 00:00:00 2001 From: Hugo van Kemenade <hugovk@users.noreply.github.com> Date: Mon, 23 Aug 2021 19:10:49 +0300 Subject: [PATCH] Raise ValueError if color specifier is too long --- Tests/test_imagecolor.py | 9 +++++++++ src/PIL/ImageColor.py | 2 ++ 2 files changed, 11 insertions(+) Index: Pillow-7.2.0/Tests/test_imagecolor.py =================================================================== --- Pillow-7.2.0.orig/Tests/test_imagecolor.py +++ Pillow-7.2.0/Tests/test_imagecolor.py @@ -190,3 +190,12 @@ def test_rounding_errors(): assert (255, 255) == ImageColor.getcolor("white", "LA") assert (163, 33) == ImageColor.getcolor("rgba(0, 255, 115, 33)", "LA") Image.new("LA", (1, 1), "white") + + +def test_color_too_long(): + # Arrange + color_too_long = "hsl(" + "1" * 100 + ")" + + # Act / Assert + with pytest.raises(ValueError): + ImageColor.getrgb(color_too_long) Index: Pillow-7.2.0/src/PIL/ImageColor.py =================================================================== --- Pillow-7.2.0.orig/src/PIL/ImageColor.py +++ Pillow-7.2.0/src/PIL/ImageColor.py @@ -32,6 +32,8 @@ def getrgb(color): :param color: A color string :return: ``(red, green, blue[, alpha])`` """ + if len(color) > 100: + raise ValueError("color specifier is too long") color = color.lower() rgb = colormap.get(color, None)
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor