Mercurial Mercurial > upstream > oracle > userland-gate / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/python/imaging/patches/07-CVE-2016-9190.patch
changeset 7369 a206d468357a
equal deleted inserted replaced
7368:13871af9f746 7369:a206d468357a 
       
     1 CVE-2016-9190
 
       
     2 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9190
 
       
     3 
       
     4 Python Imaging allows context-dependent attackers to execute arbitrary code
 
       
     5 by using the "crafted image file" approach, related to an "Insecure Sign
 
       
     6 Extension" issue affecting the ImagingNew in Storage.c component.
 
       
     7 
       
     8 Code changes based on those found upstream for Pillow at:
 
       
     9 
       
    10 https://github.com/python-pillow/Pillow/pull/2146/commits/5d8a0be45aad78c5a22c8d099118ee26ef8144af
 
       
    11 for:
 
       
    12   libImaging/Storage.c
 
       
    13 
       
    14 --- Imaging-1.1.7/libImaging/Storage.c.orig	2016-11-21 07:38:52.301251099 +0000
 
       
    15 +++ Imaging-1.1.7/libImaging/Storage.c	2016-11-21 07:40:39.795030452 +0000
 
       
    16 @@ -369,6 +369,10 @@
 
       
    17      } else
 
       
    18          bytes = strlen(mode); /* close enough */
 
       
    19  
       
    20 +    if (xsize < 0 || ysize < 0) {
 
       
    21 +        return (Imaging) ImagingError_ValueError("bad image size");
 
       
    22 +    }
 
       
    23 +
 
       
    24      if ((long) xsize * ysize * bytes <= THRESHOLD) {
 
       
    25          im = ImagingNewBlock(mode, xsize, ysize);
 
       
    26          if (im)
upstream/oracle/userland-gate