main/py-pillow/cve-2021-23437.patch


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23

From 1dc6564eb7ee8f28fb16eeffaf3572f3e1d5aa29 Mon Sep 17 00:00:00 2001
From: Hugo van Kemenade <hugovk@users.noreply.github.com>
Date: Mon, 23 Aug 2021 19:10:49 +0300
Subject: [PATCH] Raise ValueError if color specifier is too long

---
 Tests/test_imagecolor.py | 9 +++++++++
 src/PIL/ImageColor.py    | 2 ++
 2 files changed, 11 insertions(+)

diff --git a/src/PIL/ImageColor.py b/src/PIL/ImageColor.py
index 51df4404039..25f92f2c732 100644
--- a/src/PIL/ImageColor.py
+++ b/src/PIL/ImageColor.py
@@ -32,6 +32,8 @@ def getrgb(color):
     :param color: A color string
     :return: ``(red, green, blue[, alpha])``
     """
+    if len(color) > 100:
+        raise ValueError("color specifier is too long")
     color = color.lower()
 
     rgb = colormap.get(color, None)