Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Fixed second security issue in image uploading. Disclosure and releas…

…e forthcoming.
  • Loading branch information...
commit b1d463468694f2e91fde67221b7996e9c52a9720 1 parent dd16b17
Florian Apolloner apollo13 authored
Showing with 4 additions and 14 deletions.
  1. +4 −14 django/forms/fields.py
18 django/forms/fields.py
View
@@ -560,20 +560,10 @@ def to_python(self, data):
file = BytesIO(data['content'])
try:
- # load() is the only method that can spot a truncated JPEG,
- # but it cannot be called sanely after verify()
- trial_image = Image.open(file)
- trial_image.load()
-
- # Since we're about to use the file again we have to reset the
- # file object if possible.
- if hasattr(file, 'seek') and callable(file.seek):
- file.seek(0)
-
- # verify() is the only method that can spot a corrupt PNG,
- # but it must be called immediately after the constructor
- trial_image = Image.open(file)
- trial_image.verify()
+ # load() could spot a truncated JPEG, but it loads the entire
+ # image in memory, which is a DoS vector. See #3848 and #18520.
+ # verify() must be called immediately after the constructor.
+ Image.open(file).verify()
except ImportError:
# Under PyPy, it is possible to import PIL. However, the underlying
# _imaging C module isn't available, so an ImportError will be
Please sign in to comment.
Something went wrong with that request. Please try again.