Blob Blame History Raw
From 8ad7b436649c424e22689a8a874c1b0cd7c1c0fc Mon Sep 17 00:00:00 2001
From: Lumir Balhar <lbalhar@redhat.com>
Date: Mon, 14 Jun 2021 09:22:45 +0200
Subject: [PATCH 3/5] CVE-2021-28677

---
 src/PIL/EpsImagePlugin.py | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/PIL/EpsImagePlugin.py b/src/PIL/EpsImagePlugin.py
index b503487..5f5af15 100644
--- a/src/PIL/EpsImagePlugin.py
+++ b/src/PIL/EpsImagePlugin.py
@@ -167,12 +167,12 @@ class PSFile(object):
         self.fp.seek(offset, whence)
 
     def readline(self):
-        s = self.char or b""
+        s = [self.char or b""]
         self.char = None
 
         c = self.fp.read(1)
-        while c not in b"\r\n":
-            s = s + c
+        while (c not in b"\r\n") and len(c):
+            s.append(c)
             c = self.fp.read(1)
 
         self.char = self.fp.read(1)
@@ -180,7 +180,7 @@ class PSFile(object):
         if self.char in b"\r\n":
             self.char = None
 
-        return s.decode('latin-1')
+        return b"".join(s).decode("latin-1")
 
 
 def _accept(prefix):
-- 
2.31.1