patches for CVE-2014-1932 and CVE-2014-1933 taken from

https://github.com/python-imaging/Pillow/commit/4e9f367dfd3f04c8f5d23f7f759ec12782e10ee7

4 files changed, 92 insertions, 0 deletions

diff --git a/graphics/py-imaging/patches/patch-PIL_EpsImagePlugin.py b/graphics/py-imaging/patches/patch-PIL_EpsImagePlugin.py
new file mode 100644
index 00000000000..1e9bac626a6
--- /dev/null
+++ b/graphics/py-imaging/patches/patch-PIL_EpsImagePlugin.py
@@ -0,0 +1,17 @@
+$NetBSD: patch-PIL_EpsImagePlugin.py,v 1.1 2014/05/15 06:23:06 spz Exp $
+
+patch for CVE-2014-1932 and CVE-2014-1933 taken from
+https://github.com/python-imaging/Pillow/commit/4e9f367dfd3f04c8f5d23f7f759ec12782e10ee7
+
+--- PIL/EpsImagePlugin.py.orig	2009-11-01 00:44:11.000000000 +0000
++++ PIL/EpsImagePlugin.py
+@@ -44,7 +44,8 @@ def Ghostscript(tile, size, fp):
+ 
+     import tempfile, os
+ 
+-    file = tempfile.mktemp()
++    out_fd, file = tempfile.mkstemp()
++    os.close(out_fd)
+ 
+     # Build ghostscript command
+     command = ["gs",
diff --git a/graphics/py-imaging/patches/patch-PIL_Image.py b/graphics/py-imaging/patches/patch-PIL_Image.py
new file mode 100644
index 00000000000..d8cc1d518d9
--- /dev/null
+++ b/graphics/py-imaging/patches/patch-PIL_Image.py
@@ -0,0 +1,28 @@
+$NetBSD: patch-PIL_Image.py,v 1.1 2014/05/15 06:23:06 spz Exp $
+
+patch for CVE-2014-1932 and CVE-2014-1933 taken from
+https://github.com/python-imaging/Pillow/commit/4e9f367dfd3f04c8f5d23f7f759ec12782e10ee7
+
+--- PIL/Image.py.orig	2009-11-15 15:51:25.000000000 +0000
++++ PIL/Image.py
+@@ -482,14 +482,17 @@ class Image:
+         self.readonly = 0
+ 
+     def _dump(self, file=None, format=None):
+-        import tempfile
++        import tempfile, os
+         if not file:
+-            file = tempfile.mktemp()
++            f, file = tempfile.mkstemp(format or '')
++            os.close(f)
++
+         self.load()
+         if not format or format == "PPM":
+             self.im.save_ppm(file)
+         else:
+-            file = file + "." + format
++            if file.endswith(format):
++                file = file + "." + format
+             self.save(file, format)
+         return file
+ 
diff --git a/graphics/py-imaging/patches/patch-PIL_IptcImagePlugin.py b/graphics/py-imaging/patches/patch-PIL_IptcImagePlugin.py
new file mode 100644
index 00000000000..d7de6765c6a
--- /dev/null
+++ b/graphics/py-imaging/patches/patch-PIL_IptcImagePlugin.py
@@ -0,0 +1,18 @@
+$NetBSD: patch-PIL_IptcImagePlugin.py,v 1.1 2014/05/15 06:23:06 spz Exp $
+
+patch for CVE-2014-1932 and CVE-2014-1933 taken from
+https://github.com/python-imaging/Pillow/commit/4e9f367dfd3f04c8f5d23f7f759ec12782e10ee7
+
+--- PIL/IptcImagePlugin.py.orig	2009-11-01 00:44:12.000000000 +0000
++++ PIL/IptcImagePlugin.py
+@@ -173,8 +173,8 @@ class IptcImageFile(ImageFile.ImageFile)
+         self.fp.seek(offset)
+ 
+         # Copy image data to temporary file
+-        outfile = tempfile.mktemp()
+-        o = open(outfile, "wb")
++        o_fd, outfile = tempfile.mkstemp(text=False)
++        o = os.fdopen(o_fd)
+         if encoding == "raw":
+             # To simplify access to the extracted file,
+             # prepend a PPM header
diff --git a/graphics/py-imaging/patches/patch-PIL_JpegImagePlugin.py b/graphics/py-imaging/patches/patch-PIL_JpegImagePlugin.py
new file mode 100644
index 00000000000..dcb94da278f
--- /dev/null
+++ b/graphics/py-imaging/patches/patch-PIL_JpegImagePlugin.py
@@ -0,0 +1,29 @@
+$NetBSD: patch-PIL_JpegImagePlugin.py,v 1.1 2014/05/15 06:23:06 spz Exp $
+
+patch for CVE-2014-1932 and CVE-2014-1933 taken from
+https://github.com/python-imaging/Pillow/commit/4e9f367dfd3f04c8f5d23f7f759ec12782e10ee7
+
+--- PIL/JpegImagePlugin.py.orig	2009-11-01 00:44:12.000000000 +0000
++++ PIL/JpegImagePlugin.py
+@@ -344,13 +344,17 @@ class JpegImageFile(ImageFile.ImageFile)
+         # ALTERNATIVE: handle JPEGs via the IJG command line utilities
+ 
+         import tempfile, os
+-        file = tempfile.mktemp()
+-        os.system("djpeg %s >%s" % (self.filename, file))
++        f, path = tempfile.mkstemp()
++        os.close(f)
++        if os.path.exists(self.filename):
++            os.system("djpeg '%s' >'%s'" % (self.filename, path))
++        else:
++            raise ValueError("Invalid Filename")
+ 
+         try:
+-            self.im = Image.core.open_ppm(file)
++            self.im = Image.core.open_ppm(path)
+         finally:
+-            try: os.unlink(file)
++            try: os.unlink(path)
+             except: pass
+ 
+         self.mode = self.im.mode