python-pillow/SOURCES/CVE-2021-34552.patch
2021-11-09 09:46:11 +00:00

34 lines
1.2 KiB
Diff

diff --git a/src/libImaging/Convert.c b/src/libImaging/Convert.c
index b3e48e5..cfed8ad 100644
--- a/src/libImaging/Convert.c
+++ b/src/libImaging/Convert.c
@@ -1338,9 +1338,8 @@ convert(Imaging imOut, Imaging imIn, const char *mode,
return (Imaging) ImagingError_ValueError("conversion not supported");
#else
{
- static char buf[256];
- /* FIXME: may overflow if mode is too large */
- sprintf(buf, "conversion from %s to %s not supported", imIn->mode, mode);
+ static char buf[100];
+ snprintf(buf, 100, "conversion from %.10s to %.10s not supported", imIn->mode, mode);
return (Imaging) ImagingError_ValueError(buf);
}
#endif
@@ -1394,9 +1393,13 @@ ImagingConvertTransparent(Imaging imIn, const char *mode,
}
#else
{
- static char buf[256];
- /* FIXME: may overflow if mode is too large */
- sprintf(buf, "conversion from %s to %s not supported in convert_transparent", imIn->mode, mode);
+ static char buf[100];
+ snprintf(
+ buf,
+ 100,
+ "conversion from %.10s to %.10s not supported in convert_transparent",
+ imIn->mode,
+ mode);
return (Imaging) ImagingError_ValueError(buf);
}
#endif