python-pillow/Pillow
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
20,670 Commits 55 Branches 98 Tags 251 MiB
32b6c5f0ee
Commit Graph

4946 Commits

Author SHA1 Message Date
Hugo van Kemenade
b656f900b4
If PdfParser buffer is memoryview, release it when closing (#9596) 2026-05-03 13:23:51 +03:00
Hayato Ikoma
7e4ca8b3ab
Correct integer overflow in 16-bit resampling (#9480) 
Co-authored-by: Andrew Murray <radarhere@users.noreply.github.com>
 2026-05-02 14:36:20 +10:00
Andrew Murray
1f3b8a831d If PdfParser buffer is memoryview, release it when closing 2026-04-30 00:13:37 +10:00
Andrew Murray
53800d4fcf
Raise ValueError if ImageOps border has unsupported format (#9426) 2026-04-24 21:10:05 +10:00
Andrew Murray
a0cd878bed
Check PyLong_AsVoidPtr result (#9548) 2026-04-24 21:04:00 +10:00
Andrew Murray
3a3dab8bb0
Updated raqm to 0.10.5 (#9557) 2026-04-12 15:13:32 +10:00
Trần Bách
117de2b181 fix(security)(_imagingtk.c): unsafe pointer dereference from unchecked python i 
In `_tkinit`, `PyLong_AsVoidPtr(arg)` converts an arbitrary Python object to a `void*` pointer which is then cast to `Tcl_Interp*` and passed to `TkImaging_Init`. If `PyLong_AsVoidPtr` fails (returns NULL and sets an error), or if the caller passes an arbitrary integer value, the code proceeds to dereference it without any validation, potentially leading to a crash or arbitrary memory access.

Affected files: _imagingtk.c

Signed-off-by: Trần Bách <45133811+barttran2k@users.noreply.github.com>
 2026-04-07 09:41:12 +07:00
Hugo van Kemenade
c722aaec53
Do not precompute horizontal coefficients if not horizontal resizing (#9543) 2026-04-06 20:29:12 +03:00
Andrew Murray
abb9b200ef Do not precompute horizontal coefficients if not horizontal resizing 2026-04-06 14:21:21 +10:00
Andrew Murray
b65bc406d8 Fixed comparison warning 2026-04-06 13:19:32 +10:00
Andrew Murray
64f6d4ebd8
Close PdfParser if error occurs during init (#9539) 
Co-authored-by: Hugo van Kemenade <1324225+hugovk@users.noreply.github.com>
 2026-04-05 05:30:11 +10:00
Hugo van Kemenade
7d78ac519b 12.3.0.dev0 version bump 2026-04-01 17:53:55 +03:00
Hugo van Kemenade
3c41c09506 12.2.0 version bump 2026-04-01 15:11:14 +03:00
Andrew Murray
585b2f5a78 Check calloc return value 2026-04-01 22:57:56 +11:00
Hugo van Kemenade
ecf011ea15
Check all allocs in the Arrow tree (#9488) 2026-04-01 14:56:15 +03:00
Hugo van Kemenade
cf6de8ca9b
Reject non-numeric elements inside list coords (#9526) 2026-04-01 22:50:45 +11:00
Hugo van Kemenade
22cdb5f2e4
Move variable declaration inside define (#9525) 2026-04-01 06:35:32 +03:00
Hugo van Kemenade
fc15b3b018
Resize tall images vertically first (#9524) 2026-04-01 06:34:26 +03:00
Andrew Murray
58f9a1d166
Avoid overflow by not adding extents together (#9520) 2026-04-01 13:45:30 +11:00
Andrew Murray
459bdf766f Move variable declaration inside define 2026-04-01 10:38:22 +11:00
Andrew Murray
4ef0ac611d Resize tall images vertically first 2026-04-01 10:00:39 +11:00
Hugo van Kemenade
ec8272044d
Use long for glyph position (#9518) 
Co-authored-by: Andrew Murray <radarhere@users.noreply.github.com>
 2026-04-01 08:52:09 +11:00
Andrew Murray
d9035515f2
Merge branch 'main' into psd_size 2026-04-01 08:42:16 +11:00
Hugo van Kemenade
3bf614e4b8
Raise an error if the trailer chain loops back on itself (#9519) 2026-04-01 08:03:15 +11:00
Hugo van Kemenade
3cb854e8b2
Only read as much data from gzip-decompressed data as necessary (#9521) 2026-04-01 08:02:08 +11:00
Hugo van Kemenade
6dfc2be807
Allow None extents in C setimage() (#9504) 2026-03-31 22:02:41 +03:00
Hugo van Kemenade
da0ed929a0
Use critical sections to protect FontObject (#9498) 2026-03-31 21:54:29 +03:00
Hugo van Kemenade
2c2c2a1eae
Add ImageText.Text.wrap() to wrap text (#9286) 2026-03-31 21:49:22 +03:00
Andrew Murray
b2a16f0dbe Copy offset check from C into Python 2026-03-31 21:42:16 +03:00
Andrew Murray
4bada07dc6 Avoid overflow by not adding extents together 2026-03-31 21:42:16 +03:00
Andrew Murray
751b373d41
Always call StubHandler open() when opening StubImageFile (#9412) 2026-03-31 09:20:47 +11:00
Andrew Murray
f6b50a540d
Improved BCn overflow check (#9043) 2026-03-31 08:05:58 +11:00
Hugo van Kemenade
8d801bcafa
Image will never be None (#9512) 2026-03-30 18:49:06 +03:00
Hugo van Kemenade
7406b371ca
Raise EOFError when seeking too far in PSD (#9388) 2026-03-30 18:34:08 +03:00
Hugo van Kemenade
ded95a6c3d
Raise error if ImageGrab subprocess gives non-zero returncode (#9321) 2026-03-30 18:33:05 +03:00
Andrew Murray
73e1ed91e3 For DXT1, only check if 8 bytes are left 2026-03-30 18:23:49 +03:00
Hugo van Kemenade
b2e3f788f9
Allow for different palette entry sizes when correcting BMP pixel data offset (#9472) 2026-03-30 16:06:55 +03:00
Andrew Murray
007974d35b Ignore EXTRASAMPLES tag from separate planes image when saving 2026-03-30 20:04:39 +11:00
Andrew Murray
84cb30d7a7 For separate planar configuration, ignore unspecified extra components 2026-03-30 19:42:07 +11:00
Andrew Murray
07c180b21e Simplify SAMPLEFORMAT when all values match for values other than 1 2026-03-30 19:40:04 +11:00
Jeffrey 'Alex' Clark
7c121637c9 Jeffrey A. Clark -> Jeffrey 'Alex' Clark 
Follow up to 4197263dff. People cannot figure out
my preferred name, hence this final (I hope!) update to my name in Pillow.
 2026-03-29 10:05:18 -04:00
Andrew Murray
7ef54f6bfd Image will never be None 
Co-authored-by: jorenham <jhammudoglu@gmail.com>
 2026-03-29 19:40:16 +11:00
Andrew Murray
f298638632
Merge branch 'main' into arrow_malloc_guard 2026-03-29 19:13:53 +11:00
Andrew Murray
a69b4ec228 Merge branch 'main' into wrap 2026-03-28 22:44:21 +11:00
Andrew Murray
9f3f6de109 Allow None extents in C setimage 2026-03-28 18:31:49 +11:00
Andrew Murray
9a7b91e5db PERF203 fixes 2026-03-28 15:13:41 +11:00
Andrew Murray
018801805f Simplify setimage() 2026-03-28 14:08:32 +11:00
Hugo van Kemenade
754c7ea3a0 PERF203 and fixes 2026-03-27 14:18:37 +02:00
Hugo van Kemenade
090ca9461b PERF403 and fixes 2026-03-27 14:18:37 +02:00
Hugo van Kemenade
b85b8534d7 PERF401 and fixes 2026-03-27 14:18:37 +02:00