rpms / python-pillow

Clone
Source Code
GIT

Files

c4 c5 c5-plus c6 c6-plus c7 c7-aarch64 c7-beta c7-ppc64le c8 c8-beta c8s c9s-sig-cloud-openstack-bobcat c9s-sig-cloud-openstack-caracal c9s-sig-cloud-openstack-xena c9s-sig-cloud-openstack-zed
  1.   c8
  2.   SOURCES
  3.   CVE-2021-28677.patch
Blob Blame History Raw 
From 8ad7b436649c424e22689a8a874c1b0cd7c1c0fc Mon Sep 17 00:00:00 2001
From: Lumir Balhar <lbalhar@redhat.com>
Date: Mon, 14 Jun 2021 09:22:45 +0200
Subject: [PATCH 3/5] CVE-2021-28677

---
 src/PIL/EpsImagePlugin.py | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/PIL/EpsImagePlugin.py b/src/PIL/EpsImagePlugin.py
index b503487..5f5af15 100644
--- a/src/PIL/EpsImagePlugin.py
+++ b/src/PIL/EpsImagePlugin.py
@@ -167,12 +167,12 @@ class PSFile(object):
         self.fp.seek(offset, whence)
 
     def readline(self):
-        s = self.char or b""
+        s = [self.char or b""]
         self.char = None
 
         c = self.fp.read(1)
-        while c not in b"\r\n":
-            s = s + c
+        while (c not in b"\r\n") and len(c):
+            s.append(c)
             c = self.fp.read(1)
 
         self.char = self.fp.read(1)
@@ -180,7 +180,7 @@ class PSFile(object):
         if self.char in b"\r\n":
             self.char = None
 
-        return s.decode('latin-1')
+        return b"".join(s).decode("latin-1")
 
 
 def _accept(prefix):
-- 
2.31.1

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation