Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Fixed second security issue in image uploading. Disclosure and releas…

…e forthcoming.
  • Loading branch information...
commit b1d463468694f2e91fde67221b7996e9c52a9720 1 parent dd16b17
@apollo13 apollo13 authored
Showing with 4 additions and 14 deletions.
  1. +4 −14 django/forms/fields.py
View
18 django/forms/fields.py
@@ -560,20 +560,10 @@ def to_python(self, data):
file = BytesIO(data['content'])
try:
- # load() is the only method that can spot a truncated JPEG,
- # but it cannot be called sanely after verify()
- trial_image = Image.open(file)
- trial_image.load()
-
- # Since we're about to use the file again we have to reset the
- # file object if possible.
- if hasattr(file, 'seek') and callable(file.seek):
- file.seek(0)
-
- # verify() is the only method that can spot a corrupt PNG,
- # but it must be called immediately after the constructor
- trial_image = Image.open(file)
- trial_image.verify()
+ # load() could spot a truncated JPEG, but it loads the entire
+ # image in memory, which is a DoS vector. See #3848 and #18520.
+ # verify() must be called immediately after the constructor.
+ Image.open(file).verify()
except ImportError:
# Under PyPy, it is possible to import PIL. However, the underlying
# _imaging C module isn't available, so an ImportError will be
Please sign in to comment.
Something went wrong with that request. Please try again.