Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Improved checks in font_render #7218

Merged
merged 5 commits into from
Jun 18, 2023
Merged

Improved checks in font_render #7218

merged 5 commits into from
Jun 18, 2023

Conversation

radarhere
Copy link
Member

@radarhere radarhere commented Jun 17, 2023

  1. Only call text_layout once in getmask2 #7206 introduced new code to font_render, triggering https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=59831, because I didn't check that Image.core.fill didn't return NULL. I've added a fix for that, and tested it at https://github.com/radarhere/oss-fuzz/actions/runs/5296042009 and https://github.com/radarhere/oss-fuzz/actions/runs/5296052733.

  2. I've also improved the memory handling by destroying the image when an error occurs.

  3. Investigating https://github.com/python-pillow/Pillow/actions/runs/5262013783, I find that this failure is because of a problem checking for decompression bombs. 529621 * 541261 should be greater than Image.MAX_IMAGE_PIXELS * 2, but instead it becomes a negative number. Casting to long long first fixes that.

src/_imagingft.c Outdated Show resolved Hide resolved
Co-authored-by: Ondrej Baranovič <ondreko.tiba@gmail.com>
@radarhere
Copy link
Member Author

I'm unconcerned about the Windows failures, as I believe they will be fixed once the cache is cleared by #7216

@hugovk
Copy link
Member

hugovk commented Jun 17, 2023

There's a new UI for clearing CI cache files.

I cleared the cache by going to https://github.com/python-pillow/Pillow/actions/caches (also https://github.com/python-pillow/Pillow/actions > Management > Caches) and deleting 93478be93085fc54c3d24154a61c1a69df7fc001ac7a395ac7396f2123670bdc-b03bb08209f989d5ec95d20d01e46b3caf49b2c8e91095eb6898f612eea1518a-C:\hostedtoolcache\windows\PyPy\3.9.16\x86-17.6.33723.286, and have restarted https://github.com/python-pillow/Pillow/actions/runs/5296892543/jobs/9591206960.

@radarhere
Copy link
Member Author

Thanks for the tip.

Windows is now passing. Cygwin Python 3.8 is failing however, as it is also doing on main - https://github.com/python-pillow/Pillow/actions/runs/5296887052/jobs/9595867281

@hugovk hugovk merged commit d64739f into python-pillow:main Jun 18, 2023
@radarhere radarhere deleted the null branch June 18, 2023 21:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants