Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

[1.3.x] Fixed second security issue in image uploading. Disclosure an…

…d release forthcoming.

Backport of b1d4634 from master.
  • Loading branch information...
commit b2eb4787a0fff9c9993b78be5c698e85108f3446 1 parent 9ca0ff6
Florian Apolloner apollo13 authored
Showing with 4 additions and 14 deletions.
  1. +4 −14 django/forms/fields.py
18 django/forms/fields.py
View
@@ -538,20 +538,10 @@ def to_python(self, data):
file = StringIO(data['content'])
try:
- # load() is the only method that can spot a truncated JPEG,
- # but it cannot be called sanely after verify()
- trial_image = Image.open(file)
- trial_image.load()
-
- # Since we're about to use the file again we have to reset the
- # file object if possible.
- if hasattr(file, 'reset'):
- file.reset()
-
- # verify() is the only method that can spot a corrupt PNG,
- # but it must be called immediately after the constructor
- trial_image = Image.open(file)
- trial_image.verify()
+ # load() could spot a truncated JPEG, but it loads the entire
+ # image in memory, which is a DoS vector. See #3848 and #18520.
+ # verify() must be called immediately after the constructor.
+ Image.open(file).verify()
except ImportError:
# Under PyPy, it is possible to import PIL. However, the underlying
# _imaging C module isn't available, so an ImportError will be
Please sign in to comment.
Something went wrong with that request. Please try again.