28 lines
1.2 KiB
Diff
28 lines
1.2 KiB
Diff
From f60b6ae79d3c2e759f54bb4acb62b4c49f89fef2 Mon Sep 17 00:00:00 2001
|
|
From: Lumir Balhar <lbalhar@redhat.com>
|
|
Date: Thu, 8 Apr 2021 17:59:21 +0200
|
|
Subject: [PATCH 2/4] CVE-2021-25292
|
|
|
|
---
|
|
src/PIL/PdfParser.py | 3 ++-
|
|
1 file changed, 2 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/src/PIL/PdfParser.py b/src/PIL/PdfParser.py
|
|
index b6938fd..189aed8 100644
|
|
--- a/src/PIL/PdfParser.py
|
|
+++ b/src/PIL/PdfParser.py
|
|
@@ -562,8 +562,9 @@ class PdfParser:
|
|
whitespace_or_hex = br"[\000\011\012\014\015\0400-9a-fA-F]"
|
|
whitespace_optional = whitespace + b"*"
|
|
whitespace_mandatory = whitespace + b"+"
|
|
+ whitespace_optional_no_nl = br"[\000\011\014\015\040]*" # no "\012" aka "\n"
|
|
newline_only = br"[\r\n]+"
|
|
- newline = whitespace_optional + newline_only + whitespace_optional
|
|
+ newline = whitespace_optional_no_nl + newline_only + whitespace_optional_no_nl
|
|
re_trailer_end = re.compile(whitespace_mandatory + br"trailer" + whitespace_optional + br"\<\<(.*\>\>)" + newline
|
|
+ br"startxref" + newline + br"([0-9]+)" + newline + br"%%EOF" + whitespace_optional + br"$", re.DOTALL)
|
|
re_trailer_prev = re.compile(whitespace_optional + br"trailer" + whitespace_optional + br"\<\<(.*?\>\>)" + newline
|
|
--
|
|
2.30.2
|
|
|