18226205 problem in PYTHON-MOD/PIL
authorApril Chin <april.chin@oracle.com>
Wed, 09 Apr 2014 14:17:46 -0700
changeset 1819 36c9d3c4fc50
parent 1818 bb0ae58774e5
child 1820 f3a6bd7bd4a6
18226205 problem in PYTHON-MOD/PIL
components/python/imaging/patches/01-CVE-2014-1932-1933.patch
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/python/imaging/patches/01-CVE-2014-1932-1933.patch	Wed Apr 09 14:17:46 2014 -0700
@@ -0,0 +1,88 @@
+# Patch based on fix to CVE-2014-1932, CVE-2014-1933 from
+# https://github.com/python-imaging/Pillow/commit/4e9f367dfd3f04c8f5d23f7f759ec12782e10ee7
+# plus subsequent fixes at
+# https://github.com/python-imaging/Pillow/commit/844ed441deb6b75d3048fa111977188ed47f0b76
+# and
+# https://github.com/python-imaging/Pillow/commit/86d5c5c3894f58895f31287081cdd146f5fe00f7
+#
+# Patch to be contributed upstream to PIL version 1.1.7
+
+diff -rup Imaging-1.1.7-orig/PIL/EpsImagePlugin.py Imaging-1.1.7/PIL/EpsImagePlugin.py
+--- Imaging-1.1.7-orig/PIL/EpsImagePlugin.py	2009-10-31 17:44:11.000000000 -0700
++++ Imaging-1.1.7/PIL/EpsImagePlugin.py	2014-04-07 09:59:16.000000000 -0700
[email protected]@ -44,7 +44,8 @@ def Ghostscript(tile, size, fp):
+ 
+     import tempfile, os
+ 
+-    file = tempfile.mktemp()
++    out_fd, file = tempfile.mkstemp()
++    os.close(out_fd)
+ 
+     # Build ghostscript command
+     command = ["gs",
+diff -rup Imaging-1.1.7-orig/PIL/Image.py Imaging-1.1.7/PIL/Image.py
+--- Imaging-1.1.7-orig/PIL/Image.py	2009-11-15 07:51:25.000000000 -0800
++++ Imaging-1.1.7/PIL/Image.py	2014-04-08 15:57:22.704420000 -0700
[email protected]@ -482,14 +482,20 @@ class Image:
+         self.readonly = 0
+ 
+     def _dump(self, file=None, format=None):
+-        import tempfile
++        import tempfile, os
++        suffix = ''
++        if format:
++            suffix = '.' + format
+         if not file:
+-            file = tempfile.mktemp()
++            f, file = tempfile.mkstemp(suffix)
++            os.close(f) 
++
+         self.load()
+         if not format or format == "PPM":
+             self.im.save_ppm(file)
+         else:
+-            file = file + "." + format
++            if not file.endswith(format):
++                file = file + "." + format
+             self.save(file, format)
+         return file
+ 
+diff -rup Imaging-1.1.7-orig/PIL/IptcImagePlugin.py Imaging-1.1.7/PIL/IptcImagePlugin.py
+--- Imaging-1.1.7-orig/PIL/IptcImagePlugin.py	2009-10-31 17:44:12.000000000 -0700
++++ Imaging-1.1.7/PIL/IptcImagePlugin.py	2014-04-04 11:37:00.000000000 -0700
[email protected]@ -173,8 +173,8 @@ class IptcImageFile(ImageFile.ImageFile)
+         self.fp.seek(offset)
+ 
+         # Copy image data to temporary file
+-        outfile = tempfile.mktemp()
+-        o = open(outfile, "wb")
++        o_fd, outfile = tempfile.mkstemp()
++        o = os.fdopen(o_fd)
+         if encoding == "raw":
+             # To simplify access to the extracted file,
+             # prepend a PPM header
+diff -rup Imaging-1.1.7-orig/PIL/JpegImagePlugin.py Imaging-1.1.7/PIL/JpegImagePlugin.py
+--- Imaging-1.1.7-orig/PIL/JpegImagePlugin.py	2009-10-31 17:44:12.000000000 -0700
++++ Imaging-1.1.7/PIL/JpegImagePlugin.py	2014-04-07 10:03:37.000000000 -0700
[email protected]@ -344,13 +344,17 @@ class JpegImageFile(ImageFile.ImageFile)
+         # ALTERNATIVE: handle JPEGs via the IJG command line utilities
+ 
+         import tempfile, os
+-        file = tempfile.mktemp()
+-        os.system("djpeg %s >%s" % (self.filename, file))
++        f, path = tempfile.mkstemp()
++        os.close(f)
++        if os.path.exists(self.filename):
++            os.system("djpeg '%s' >'%s'" % (self.filename, path))
++        else:
++            raise ValueError("Invalid Filename")
+ 
+         try:
+-            self.im = Image.core.open_ppm(file)
++            self.im = Image.core.open_ppm(path)
+         finally:
+-            try: os.unlink(file)
++            try: os.unlink(path)
+             except: pass
+ 
+         self.mode = self.im.mode