Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:chajain:branches:Cloud:Openstack:Master
python-Pillow
018-Use-more-specific-regex-chars-to-prevent-Re...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 018-Use-more-specific-regex-chars-to-prevent-ReDoS.patch of Package python-Pillow
From 521dab94c7ab72b037bd9a83e9663401e0fd2cee Mon Sep 17 00:00:00 2001 From: Hugo van Kemenade <hugovk@users.noreply.github.com> Date: Sat, 9 Jan 2021 15:53:09 +0200 Subject: [PATCH] Use more specific regex chars to prevent ReDoS * CVE-2021-25292 --- src/PIL/PdfParser.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/PIL/PdfParser.py b/src/PIL/PdfParser.py index 975905f969..86d78a95c2 100644 --- a/src/PIL/PdfParser.py +++ b/src/PIL/PdfParser.py @@ -560,8 +560,9 @@ def next_object_id(self, offset=None): whitespace_or_hex = br"[\000\011\012\014\015\0400-9a-fA-F]" whitespace_optional = whitespace + b"*" whitespace_mandatory = whitespace + b"+" + whitespace_optional_no_nl = br"[\000\011\014\015\040]*" # no "\012" aka "\n" newline_only = br"[\r\n]+" - newline = whitespace_optional + newline_only + whitespace_optional + newline = whitespace_optional_no_nl + newline_only + whitespace_optional_no_nl re_trailer_end = re.compile(whitespace_mandatory + br"trailer" + whitespace_optional + br"\<\<(.*\>\>)" + newline + br"startxref" + newline + br"([0-9]+)" + newline + br"%%EOF" + whitespace_optional + br"$", re.DOTALL) re_trailer_prev = re.compile(whitespace_optional + br"trailer" + whitespace_optional + br"\<\<(.*?\>\>)" + newline
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor