python-pillow_1
/
backport-CVE-2021-28677.patch

From 5a5e6db0abf4e7a638fb1b3408c4e495a096cb92 Mon Sep 17 00:00:00 2001
From: Eric Soroos <eric-github@soroos.net>
Date: Mon, 8 Mar 2021 20:31:41 +0100
Subject: [PATCH] Fix EPS DOS on _open -- CVE-2021-28677

Conflict:NA
Reference:https://github.com/python-pillow/Pillow/commit/5a5e6db0abf4e7a638fb1b3408c4e495a096cb92
---
 src/PIL/EpsImagePlugin.py | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/PIL/EpsImagePlugin.py b/src/PIL/EpsImagePlugin.py
index dc61f48..3bf8ee0 100644
--- a/src/PIL/EpsImagePlugin.py
+++ b/src/PIL/EpsImagePlugin.py
@@ -170,12 +170,12 @@ class PSFile:
         self.fp.seek(offset, whence)

     def readline(self):
-        s = self.char or b""
+        s = [self.char or b""]
         self.char = None

         c = self.fp.read(1)
-        while c not in b"\r\n":
-            s = s + c
+        while (c not in b"\r\n") and len(c):
+            s.append(c)
             c = self.fp.read(1)

         self.char = self.fp.read(1)
@@ -183,7 +183,7 @@ class PSFile:
         if self.char in b"\r\n":
             self.char = None

-        return s.decode("latin-1")
+        return b"".join(s).decode("latin-1")


 def _accept(prefix):
--
2.23.0