From 8ad7b436649c424e22689a8a874c1b0cd7c1c0fc Mon Sep 17 00:00:00 2001 From: Lumir Balhar Date: Mon, 14 Jun 2021 09:22:45 +0200 Subject: [PATCH 3/5] CVE-2021-28677 --- src/PIL/EpsImagePlugin.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/PIL/EpsImagePlugin.py b/src/PIL/EpsImagePlugin.py index b503487..5f5af15 100644 --- a/src/PIL/EpsImagePlugin.py +++ b/src/PIL/EpsImagePlugin.py @@ -167,12 +167,12 @@ class PSFile(object): self.fp.seek(offset, whence) def readline(self): - s = self.char or b"" + s = [self.char or b""] self.char = None c = self.fp.read(1) - while c not in b"\r\n": - s = s + c + while (c not in b"\r\n") and len(c): + s.append(c) c = self.fp.read(1) self.char = self.fp.read(1) @@ -180,7 +180,7 @@ class PSFile(object): if self.char in b"\r\n": self.char = None - return s.decode('latin-1') + return b"".join(s).decode("latin-1") def _accept(prefix): -- 2.31.1