aboutsummaryrefslogtreecommitdiffstats
path: root/meta-python/recipes-devtools/python/python3-pillow/CVE-2023-50447-2.patch
diff options
context:
space:
mode:
Diffstat (limited to 'meta-python/recipes-devtools/python/python3-pillow/CVE-2023-50447-2.patch')
-rw-r--r--meta-python/recipes-devtools/python/python3-pillow/CVE-2023-50447-2.patch54
1 files changed, 54 insertions, 0 deletions
diff --git a/meta-python/recipes-devtools/python/python3-pillow/CVE-2023-50447-2.patch b/meta-python/recipes-devtools/python/python3-pillow/CVE-2023-50447-2.patch
new file mode 100644
index 0000000000..9c5d3fbcdc
--- /dev/null
+++ b/meta-python/recipes-devtools/python/python3-pillow/CVE-2023-50447-2.patch
@@ -0,0 +1,54 @@
+From 0ca3c33c59927e1c7e0c14dbc1eea1dfb2431a80 Mon Sep 17 00:00:00 2001
+From: Andrew Murray <radarhere@users.noreply.github.com>
+Date: Sat, 28 Oct 2023 15:58:52 +1100
+Subject: [PATCH] Allow ops
+
+Upstream-Status: Backport [https://github.com/python-pillow/Pillow/commit/0ca3c33c59927e1c7e0c14dbc1eea1dfb2431a80]
+CVE: CVE-2023-50447
+Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
+---
+ Tests/test_imagemath.py | 4 ++++
+ src/PIL/ImageMath.py | 9 +++++----
+ 2 files changed, 9 insertions(+), 4 deletions(-)
+
+diff --git a/Tests/test_imagemath.py b/Tests/test_imagemath.py
+index da41b3a12..14a58a532 100644
+--- a/Tests/test_imagemath.py
++++ b/Tests/test_imagemath.py
+@@ -56,6 +56,10 @@ class TestImageMath(PillowTestCase):
+ pixel(ImageMath.eval("float(B)**33", images)), "F 8589934592.0"
+ )
+
++ def test_prevent_double_underscores():
++ with pytest.raises(ValueError):
++ ImageMath.eval("1", {"__": None})
++
+ def test_logical(self):
+ self.assertEqual(pixel(ImageMath.eval("not A", images)), 0)
+ self.assertEqual(pixel(ImageMath.eval("A and B", images)), "L 2")
+diff --git a/src/PIL/ImageMath.py b/src/PIL/ImageMath.py
+index 4cea3855e..776604e3f 100644
+--- a/src/PIL/ImageMath.py
++++ b/src/PIL/ImageMath.py
+@@ -258,13 +258,14 @@ def eval(expression, _dict={}, **kw):
+
+ # build execution namespace
+ args = ops.copy()
+- args.update(_dict)
+- args.update(kw)
+- for k, v in list(args.items()):
+- if '__' in k or hasattr(__builtins__, k):
++ for k in list(_dict.keys()) + list(kw.keys()):
++ if "__" in k or hasattr(__builtins__, k):
+ msg = f"'{k}' not allowed"
+ raise ValueError(msg)
+
++ args.update(_dict)
++ args.update(kw)
++ for k, v in list(args.items()):
+ if hasattr(v, "im"):
+ args[k] = _Operand(v)
+
+--
+2.25.1
+
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-06-06 02:40:19 +0000