blob: d8cc1d518d9b1d54f72a6cd5deb0bbaf76de7b69 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
|
$NetBSD: patch-PIL_Image.py,v 1.1 2014/05/15 06:23:06 spz Exp $
patch for CVE-2014-1932 and CVE-2014-1933 taken from
https://github.com/python-imaging/Pillow/commit/4e9f367dfd3f04c8f5d23f7f759ec12782e10ee7
--- PIL/Image.py.orig 2009-11-15 15:51:25.000000000 +0000
+++ PIL/Image.py
@@ -482,14 +482,17 @@ class Image:
self.readonly = 0
def _dump(self, file=None, format=None):
- import tempfile
+ import tempfile, os
if not file:
- file = tempfile.mktemp()
+ f, file = tempfile.mkstemp(format or '')
+ os.close(f)
+
self.load()
if not format or format == "PPM":
self.im.save_ppm(file)
else:
- file = file + "." + format
+ if file.endswith(format):
+ file = file + "." + format
self.save(file, format)
return file
|