Correct integer overflow in 16-bit resampling#9480
Merged
Conversation
668f9e7 to
1fe3da5
Compare
I;16) resampling by clamping float sumsThis commit fixes a bug in Resample.c where downsampling 16-bit images (I;16) using filters with negative lobes (such as Image.Resampling.LANCZOS) could result in byte corruption. Because Lanczos weighting can create overshoots (ringing artifacts) near sharp edges, the accumulated floating-point sum can sometimes exceed the 16-bit maximum (65535) or fall below zero. Previously, these out-of-bounds values were not correctly clamped before being cast or packed into the 16-bit output buffer, leading to integer overflow/underflow and corrupted pixels. This update correctly clamps the accumulated float values to the [0, 65535] range for I;16 images during resampling.
1fe3da5 to
7681016
Compare
Contributor
Author
|
@radarhere Codecov was failing and I added another test. But I couldn't figure out how I can run Codecov to check the result so it might be going to fail again. Please let me know if there is anything else I should do to merge this PR. 👍🏼 |
wiredfool
reviewed
Mar 27, 2026
Contributor
Author
|
@wiredfool @radarhere Any additional action items for me? Do I need to squash the commits? |
Member
|
You don't need to squash the commits, no. Did you use AI to develop this? |
Contributor
Author
|
Yes, I used AI. |
CLIP16 is already defined in ImagingUtils.h
radarhere
approved these changes
Apr 26, 2026
Contributor
Author
|
Awesome! Thank you for merging it! |
luketainton
pushed a commit
to luketainton/repos_webexmemebot
that referenced
this pull request
Jul 1, 2026
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [pillow](https://github.com/python-pillow/Pillow) ([changelog](https://github.com/python-pillow/Pillow/releases)) | `<12.2.1,>=12.2.0` → `<12.3.1,>=12.3.0` |  |  | --- ### Release Notes <details> <summary>python-pillow/Pillow (pillow)</summary> ### [`v12.3.0`](https://github.com/python-pillow/Pillow/releases/tag/12.3.0) [Compare Source](python-pillow/Pillow@12.2.0...12.3.0) <https://pillow.readthedocs.io/en/stable/releasenotes/12.3.0.html> #### Removals - Remove non-image ImageCms modes [#​9697](python-pillow/Pillow#9697) \[[@​radarhere](https://github.com/radarhere)] #### Documentation - Add release notes for SBOM and performance improvements [#​9747](python-pillow/Pillow#9747) \[[@​radarhere](https://github.com/radarhere)] - Add security release notes [#​9741](python-pillow/Pillow#9741) \[[@​radarhere](https://github.com/radarhere)] - Add release notes for Python 3.15 beta wheels [#​9696](python-pillow/Pillow#9696) \[[@​radarhere](https://github.com/radarhere)] - ImageFont can also be used with ImageText [#​9597](python-pillow/Pillow#9597) \[[@​radarhere](https://github.com/radarhere)] - Additional guidelines for security reports [#​9659](python-pillow/Pillow#9659) \[[@​wiredfool](https://github.com/wiredfool)] - Fixed typo [#​9636](python-pillow/Pillow#9636) \[[@​radarhere](https://github.com/radarhere)] - Added CVEs to 12.2.0 release notes [#​9591](python-pillow/Pillow#9591) \[[@​radarhere](https://github.com/radarhere)] - Revise development support information in README [#​9583](python-pillow/Pillow#9583) \[[@​aclark4life](https://github.com/aclark4life)] - Add INCIDENT\_RESPONSE.md [#​9555](python-pillow/Pillow#9555) \[[@​aclark4life](https://github.com/aclark4life)] - Add STRIDE threat model to security docs [#​9562](python-pillow/Pillow#9562) \[[@​aclark4life](https://github.com/aclark4life)] - Add CVEs to 12.2.0 release notes [#​9556](python-pillow/Pillow#9556) \[[@​radarhere](https://github.com/radarhere)] - Update README with revised security policy [#​9553](python-pillow/Pillow#9553) \[[@​radarhere](https://github.com/radarhere)] - Update security policy [#​9552](python-pillow/Pillow#9552) \[[@​aclark4life](https://github.com/aclark4life)] - Update macOS tested Python versions [#​9534](python-pillow/Pillow#9534) \[[@​radarhere](https://github.com/radarhere)] #### Dependencies - Update dependency harfbuzz to v14.2.1 [#​9720](python-pillow/Pillow#9720) \[@​[renovate\[bot\]](https://github.com/apps/renovate)] - Update dependency mypy to v2 [#​9653](python-pillow/Pillow#9653) \[@​[renovate\[bot\]](https://github.com/apps/renovate)] - Update dependency cibuildwheel to v4 [#​9665](python-pillow/Pillow#9665) \[@​[renovate\[bot\]](https://github.com/apps/renovate)] - Update github-actions [#​9655](python-pillow/Pillow#9655) \[@​[renovate\[bot\]](https://github.com/apps/renovate)] - Update dependency libavif to v1.4.2 [#​9652](python-pillow/Pillow#9652) \[@​[renovate\[bot\]](https://github.com/apps/renovate)] - Update dependency lcms2 to v2.19.1 [#​9651](python-pillow/Pillow#9651) \[@​[renovate\[bot\]](https://github.com/apps/renovate)] - Update dependency check-jsonschema to v0.37.2 [#​9650](python-pillow/Pillow#9650) \[@​[renovate\[bot\]](https://github.com/apps/renovate)] - Update google/oss-fuzz digest to [`d872252`](python-pillow/Pillow@d872252) [#​9614](python-pillow/Pillow#9614) \[@​[renovate\[bot\]](https://github.com/apps/renovate)] - Update dependency lcms2 to v2.19 [#​9609](python-pillow/Pillow#9609) \[@​[renovate\[bot\]](https://github.com/apps/renovate)] - Update dependency libpng to v1.6.58 - autoclosed [#​9608](python-pillow/Pillow#9608) \[@​[renovate\[bot\]](https://github.com/apps/renovate)] - Update dependency harfbuzz to v14 [#​9610](python-pillow/Pillow#9610) \[@​[renovate\[bot\]](https://github.com/apps/renovate)] - Update dependency mypy to v1.20.2 [#​9599](python-pillow/Pillow#9599) \[@​[renovate\[bot\]](https://github.com/apps/renovate)] - Update github-actions [#​9611](python-pillow/Pillow#9611) \[@​[renovate\[bot\]](https://github.com/apps/renovate)] - Update dependency cibuildwheel to v3.4.1 [#​9607](python-pillow/Pillow#9607) \[@​[renovate\[bot\]](https://github.com/apps/renovate)] - Move dependency versions to single JSON and enable Renovate [#​9559](python-pillow/Pillow#9559) \[[@​hugovk](https://github.com/hugovk)] - Updated raqm to 0.10.5 [#​9557](python-pillow/Pillow#9557) \[[@​radarhere](https://github.com/radarhere)] - Update dependency cibuildwheel to v3.4.0 [#​9532](python-pillow/Pillow#9532) \[@​[renovate\[bot\]](https://github.com/apps/renovate)] #### Testing - Remove matrix.os from benchmark [#​9735](python-pillow/Pillow#9735) \[[@​radarhere](https://github.com/radarhere)] - Remove references to libavif patch [#​9734](python-pillow/Pillow#9734) \[[@​radarhere](https://github.com/radarhere)] - Add benchmark tests [#​9654](python-pillow/Pillow#9654) \[[@​akx](https://github.com/akx)] - Use reshape() instead of setting NumPy array shape directly [#​9728](python-pillow/Pillow#9728) \[[@​radarhere](https://github.com/radarhere)] - Add dependencies.json to Windows cache key [#​9721](python-pillow/Pillow#9721) \[[@​radarhere](https://github.com/radarhere)] - Increase AVIF test epsilon for loong64 [#​9714](python-pillow/Pillow#9714) \[[@​wszqkzqk](https://github.com/wszqkzqk)] - Add colour to Linux and Windows wheel build logs [#​9677](python-pillow/Pillow#9677) \[[@​hugovk](https://github.com/hugovk)] - Do not test NumPy against Python 3.15 Windows AMD64 wheels [#​9674](python-pillow/Pillow#9674) \[[@​radarhere](https://github.com/radarhere)] - Run pyroma in `tox -e lint` instead of pytest [#​9670](python-pillow/Pillow#9670) \[[@​hugovk](https://github.com/hugovk)] - Update Ghostscript to 10.7.1 [#​9634](python-pillow/Pillow#9634) \[[@​radarhere](https://github.com/radarhere)] - Update free-threading CI [#​9625](python-pillow/Pillow#9625) \[[@​hugovk](https://github.com/hugovk)] - Increase AVIF test epsilon for riscv64 [#​9606](python-pillow/Pillow#9606) \[[@​radarhere](https://github.com/radarhere)] - Add Fedora 44 [#​9594](python-pillow/Pillow#9594) \[[@​radarhere](https://github.com/radarhere)] - Test Ubuntu 26.04 LTS (Resolute Raccoon) [#​9587](python-pillow/Pillow#9587) \[[@​hugovk](https://github.com/hugovk)] - Skip EPS test\_1 for Ghostscript 10.06.0 [#​9588](python-pillow/Pillow#9588) \[[@​radarhere](https://github.com/radarhere)] - Catch subprocess.CalledProcessError in test\_grab\_x11 [#​9578](python-pillow/Pillow#9578) \[[@​radarhere](https://github.com/radarhere)] - Correct feature name [#​9542](python-pillow/Pillow#9542) \[[@​radarhere](https://github.com/radarhere)] - Skip test if FreeType is not available [#​9540](python-pillow/Pillow#9540) \[[@​radarhere](https://github.com/radarhere)] - Remove type hint ignore [#​9538](python-pillow/Pillow#9538) \[[@​radarhere](https://github.com/radarhere)] - Update macOS tested Python versions [#​9534](python-pillow/Pillow#9534) \[[@​radarhere](https://github.com/radarhere)] - Remove Debian 12 and Fedora 42 from CI [#​9530](python-pillow/Pillow#9530) \[[@​hugovk](https://github.com/hugovk)] - Remove manylinux2014 and Amazon Linux 2 [#​9528](python-pillow/Pillow#9528) \[[@​radarhere](https://github.com/radarhere)] #### Type hints - Use NumPy 2.4.6 for mypy [#​9705](python-pillow/Pillow#9705) \[[@​radarhere](https://github.com/radarhere)] - Update dependency mypy to v2 [#​9653](python-pillow/Pillow#9653) \[@​[renovate\[bot\]](https://github.com/apps/renovate)] - Update putpixel type hint to allow lists in xy [#​9585](python-pillow/Pillow#9585) \[[@​radarhere](https://github.com/radarhere)] - Remove type hint ignore [#​9538](python-pillow/Pillow#9538) \[[@​radarhere](https://github.com/radarhere)] #### Other changes - Speed up ImageChops operations [#​9738](python-pillow/Pillow#9738) \[[@​akx](https://github.com/akx)] - Speed up `Image.filter()` [#​9736](python-pillow/Pillow#9736) \[[@​akx](https://github.com/akx)] - Speed up `Image.getchannel()`, `Image.merge()`, `Image.putalpha()` and `Image.split()` [#​9675](python-pillow/Pillow#9675) \[[@​akx](https://github.com/akx)] - Speed up `Image.fill()`, `Image.linear_gradient()` and `Image.radial_gradient()`. [#​9737](python-pillow/Pillow#9737) \[[@​akx](https://github.com/akx)] - Speed up `Image.resample()` [#​9739](python-pillow/Pillow#9739) \[[@​akx](https://github.com/akx)] - Speed up `alpha_composite`, `matrix`, `negative`, `quantize` [#​9740](python-pillow/Pillow#9740) \[[@​akx](https://github.com/akx)] - Remove PyErr\_Clear() of "weird" exceptions [#​9730](python-pillow/Pillow#9730) \[[@​radarhere](https://github.com/radarhere)] - Check realloc return value [#​9722](python-pillow/Pillow#9722) \[[@​radarhere](https://github.com/radarhere)] - Add max\_length to PdfStream decode() [#​9718](python-pillow/Pillow#9718) \[[@​radarhere](https://github.com/radarhere)] - Return early when there is no fill region [#​9732](python-pillow/Pillow#9732) \[[@​radarhere](https://github.com/radarhere)] - Allow error to be raised if PyDict\_SetItemString fails [#​9731](python-pillow/Pillow#9731) \[[@​radarhere](https://github.com/radarhere)] - Speed up `Image.blend()` [#​9649](python-pillow/Pillow#9649) \[[@​akx](https://github.com/akx)] - Raise OverflowError if number of vertices is too large for Path [#​9729](python-pillow/Pillow#9729) \[[@​radarhere](https://github.com/radarhere)] - Remove unused HSV and LAB matrix conversion from C [#​9724](python-pillow/Pillow#9724) \[[@​radarhere](https://github.com/radarhere)] - Prevent reusing ImagingDecoderObject.setimage [#​9656](python-pillow/Pillow#9656) \[[@​Serotav](https://github.com/Serotav)] - Raise ValueError if FPX tile size is not 64px by 64px [#​9660](python-pillow/Pillow#9660) \[[@​radarhere](https://github.com/radarhere)] - Only clear error if it is BufferError [#​9727](python-pillow/Pillow#9727) \[[@​radarhere](https://github.com/radarhere)] - Apply XOR mask to 1 and L mode CUR images [#​9641](python-pillow/Pillow#9641) \[[@​radarhere](https://github.com/radarhere)] - Do not raise error from unknown channel ID when parsing PSD layers [#​9644](python-pillow/Pillow#9644) \[[@​radarhere](https://github.com/radarhere)] - Raise ValueError if P;2L or P;4L data is truncated in frombytes() [#​9725](python-pillow/Pillow#9725) \[[@​radarhere](https://github.com/radarhere)] - Embed SBOM into wheels [#​9679](python-pillow/Pillow#9679) \[[@​hugovk](https://github.com/hugovk)] - Do not set eval() globals in ImageMath.unsafe\_eval() [#​9576](python-pillow/Pillow#9576) \[[@​radarhere](https://github.com/radarhere)] - Add Tcl/Tk license to wheels [#​9663](python-pillow/Pillow#9663) \[[@​radarhere](https://github.com/radarhere)] - Ensure map stride is at least one full row of pixels [#​9719](python-pillow/Pillow#9719) \[[@​radarhere](https://github.com/radarhere)] - Raise OverflowError if text width exceeds INT\_MAX [#​9717](python-pillow/Pillow#9717) \[[@​radarhere](https://github.com/radarhere)] - Raise error if image modes do not match ImageCms transform modes [#​9715](python-pillow/Pillow#9715) \[[@​radarhere](https://github.com/radarhere)] - Use int64\_t for text height [#​9716](python-pillow/Pillow#9716) \[[@​radarhere](https://github.com/radarhere)] - Return if error occurs in Py\_mod\_exec slot [#​9712](python-pillow/Pillow#9712) \[[@​radarhere](https://github.com/radarhere)] - Add decompression bomb checks to FontFile classes [#​9711](python-pillow/Pillow#9711) \[[@​radarhere](https://github.com/radarhere)] - If C error is raised, return NULL [#​9706](python-pillow/Pillow#9706) \[[@​radarhere](https://github.com/radarhere)] - Prevent saving 1 mode images as TGA with run-length encoding [#​9709](python-pillow/Pillow#9709) \[[@​radarhere](https://github.com/radarhere)] - Raise ValueError if EPS BeginBinary bytecount is negative [#​9708](python-pillow/Pillow#9708) \[[@​radarhere](https://github.com/radarhere)] - Do not DECREF tuple until tuple items are no longer used [#​9707](python-pillow/Pillow#9707) \[[@​radarhere](https://github.com/radarhere)] - Do not update NumPy automatically [#​9713](python-pillow/Pillow#9713) \[[@​radarhere](https://github.com/radarhere)] - Simplified code [#​9642](python-pillow/Pillow#9642) \[[@​radarhere](https://github.com/radarhere)] - If realloc fails, do not reduce block size [#​9702](python-pillow/Pillow#9702) \[[@​radarhere](https://github.com/radarhere)] - DECREF PyDict\_GetItemRef result [#​9701](python-pillow/Pillow#9701) \[[@​radarhere](https://github.com/radarhere)] - Use int64\_t to calculate paste box dimensions [#​9703](python-pillow/Pillow#9703) \[[@​radarhere](https://github.com/radarhere)] - Calculate JPEG2000 total\_component\_width for each tile in isolation [#​9704](python-pillow/Pillow#9704) \[[@​radarhere](https://github.com/radarhere)] - Raise ValueError if value is not bytes for TIFF\_BYTE or TIFF\_ASCII tag [#​9699](python-pillow/Pillow#9699) \[[@​radarhere](https://github.com/radarhere)] - Release Py\_Buffer on error [#​9698](python-pillow/Pillow#9698) \[[@​radarhere](https://github.com/radarhere)] - Use os.startfile() in WindowsViewer show\_file() [#​9692](python-pillow/Pillow#9692) \[[@​radarhere](https://github.com/radarhere)] - Validate large filter sizes when initializing RankFilter [#​9695](python-pillow/Pillow#9695) \[[@​radarhere](https://github.com/radarhere)] - Add decompression bomb check to GdImageFile [#​9693](python-pillow/Pillow#9693) \[[@​radarhere](https://github.com/radarhere)] - Free image bands when an error occurs while splitting an image [#​9694](python-pillow/Pillow#9694) \[[@​radarhere](https://github.com/radarhere)] - Check PyList\_Append return value [#​9690](python-pillow/Pillow#9690) \[[@​radarhere](https://github.com/radarhere)] - Check WebPMuxNew return value [#​9689](python-pillow/Pillow#9689) \[[@​radarhere](https://github.com/radarhere)] - Check PyCapsule\_New return value [#​9691](python-pillow/Pillow#9691) \[[@​radarhere](https://github.com/radarhere)] - Do not return negative width for text length [#​9623](python-pillow/Pillow#9623) \[[@​radarhere](https://github.com/radarhere)] - Add args argument to METH\_NOARGS methods [#​9687](python-pillow/Pillow#9687) \[[@​radarhere](https://github.com/radarhere)] - Check ImagingNewDirty return value [#​9688](python-pillow/Pillow#9688) \[[@​radarhere](https://github.com/radarhere)] - Use int64\_t for text width [#​9686](python-pillow/Pillow#9686) \[[@​radarhere](https://github.com/radarhere)] - Move PyDateTime\_IMPORT inside Py\_mod\_exec slot [#​9580](python-pillow/Pillow#9580) \[[@​radarhere](https://github.com/radarhere)] - Validate size and rank when initializing RankFilter [#​9661](python-pillow/Pillow#9661) \[[@​radarhere](https://github.com/radarhere)] - Raise ValueError if insufficient data is read from DDS RGB file [#​9405](python-pillow/Pillow#9405) \[[@​radarhere](https://github.com/radarhere)] - Correct `IFDRational.__float__()` return value [#​9676](python-pillow/Pillow#9676) \[[@​nyxst4ck](https://github.com/nyxst4ck)] - Correct length when accessing ImagePath.Path subscript [#​9685](python-pillow/Pillow#9685) \[[@​radarhere](https://github.com/radarhere)] - Release reference on non-flattened sequence error [#​9684](python-pillow/Pillow#9684) \[[@​radarhere](https://github.com/radarhere)] - Do not release Py\_buffer until buf is no longer in use [#​9683](python-pillow/Pillow#9683) \[[@​radarhere](https://github.com/radarhere)] - Do not resize macOS retina screenshots by default [#​9266](python-pillow/Pillow#9266) \[[@​radarhere](https://github.com/radarhere)] - Add abstract BaseImageFont class [#​9595](python-pillow/Pillow#9595) \[[@​radarhere](https://github.com/radarhere)] - Cast before multiplying [#​9678](python-pillow/Pillow#9678) \[[@​radarhere](https://github.com/radarhere)] - Limit radius to half width or height of rounded rectangle [#​9561](python-pillow/Pillow#9561) \[[@​radarhere](https://github.com/radarhere)] - linesize is always xsize multiplied by pixelsize [#​9647](python-pillow/Pillow#9647) \[[@​radarhere](https://github.com/radarhere)] - Check annotate\_hash\_table return value [#​9572](python-pillow/Pillow#9572) \[[@​radarhere](https://github.com/radarhere)] - Catch KeyError when checking mode from PNG IHDR chunk [#​9604](python-pillow/Pillow#9604) \[[@​radarhere](https://github.com/radarhere)] - Only pass one argument to C expand [#​9664](python-pillow/Pillow#9664) \[[@​radarhere](https://github.com/radarhere)] - Raise error if declared JPEG2000 marker length is too small [#​9666](python-pillow/Pillow#9666) \[[@​radarhere](https://github.com/radarhere)] - In \_dump(), use Python PPM save, instead of C [#​9566](python-pillow/Pillow#9566) \[[@​radarhere](https://github.com/radarhere)] - Raise error consistently from inside ImagingNewArrow [#​9571](python-pillow/Pillow#9571) \[[@​radarhere](https://github.com/radarhere)] - Simplify `RankFilter.c` check [#​9662](python-pillow/Pillow#9662) \[[@​radarhere](https://github.com/radarhere)] - Support opening and saving L mode AVIF images with libavif >= 1.3.0 [#​9471](python-pillow/Pillow#9471) \[[@​radarhere](https://github.com/radarhere)] - \[pre-commit.ci] pre-commit autoupdate [#​9648](python-pillow/Pillow#9648) \[@​[pre-commit-ci\[bot\]](https://github.com/apps/pre-commit-ci)] - Apply libtiff patch to fix CVE-2026-4775 [#​9646](python-pillow/Pillow#9646) \[[@​radarhere](https://github.com/radarhere)] - Remove duplicate code [#​9640](python-pillow/Pillow#9640) \[[@​radarhere](https://github.com/radarhere)] - Switch iOS back to macos-26-intel [#​9631](python-pillow/Pillow#9631) \[[@​radarhere](https://github.com/radarhere)] - Don't use list as default in PdfParser read\_prev\_trailer [#​9629](python-pillow/Pillow#9629) \[[@​danigm](https://github.com/danigm)] - Add support for Python 3.15 [#​9624](python-pillow/Pillow#9624) \[[@​radarhere](https://github.com/radarhere)] - Do not draw line or arc if width is zero [#​9589](python-pillow/Pillow#9589) \[[@​radarhere](https://github.com/radarhere)] - Use \_accept check in WebP \_open [#​9605](python-pillow/Pillow#9605) \[[@​radarhere](https://github.com/radarhere)] - Compare dist sizes vs latest PyPI release [#​9621](python-pillow/Pillow#9621) \[[@​hugovk](https://github.com/hugovk)] - Do not generate SBOM in scheduled run on fork [#​9620](python-pillow/Pillow#9620) \[[@​radarhere](https://github.com/radarhere)] - Use plugin method directly when saving PDFs [#​9547](python-pillow/Pillow#9547) \[[@​radarhere](https://github.com/radarhere)] - \[pre-commit.ci] pre-commit autoupdate [#​9617](python-pillow/Pillow#9617) \[@​[pre-commit-ci\[bot\]](https://github.com/apps/pre-commit-ci)] - Set Renovate prCreation to not-pending [#​9616](python-pillow/Pillow#9616) \[[@​radarhere](https://github.com/radarhere)] - Raise error if PNG transparency has incorrect type or length when saving [#​9536](python-pillow/Pillow#9536) \[[@​radarhere](https://github.com/radarhere)] - If PdfParser buffer is memoryview, release it when closing [#​9596](python-pillow/Pillow#9596) \[[@​radarhere](https://github.com/radarhere)] - Correct integer overflow in 16-bit resampling [#​9480](python-pillow/Pillow#9480) \[[@​hayatoikoma](https://github.com/hayatoikoma)] - SBOM: Use real versions from dependencies.json [#​9593](python-pillow/Pillow#9593) \[[@​hugovk](https://github.com/hugovk)] - Restrict SBOM upload to only Pillow JSON [#​9598](python-pillow/Pillow#9598) \[[@​radarhere](https://github.com/radarhere)] - Generate CycloneDX SBOM at release time via CI [#​9550](python-pillow/Pillow#9550) \[[@​aclark4life](https://github.com/aclark4life)] - Raise ValueError if ImageOps border has unsupported format [#​9426](python-pillow/Pillow#9426) \[[@​veeceey](https://github.com/veeceey)] - Unsafe pointer dereference from unchecked Python integer in Tk initialization [#​9548](python-pillow/Pillow#9548) \[[@​barttran2k](https://github.com/barttran2k)] - Reorder renovate.json [#​9565](python-pillow/Pillow#9565) \[[@​radarhere](https://github.com/radarhere)] - Add python-pillow GitHub Sponsors to FUNDING.yml [#​9563](python-pillow/Pillow#9563) \[[@​aclark4life](https://github.com/aclark4life)] - Correct environment URL [#​9558](python-pillow/Pillow#9558) \[[@​radarhere](https://github.com/radarhere)] - Remove or protect secrets in Actions [#​9544](python-pillow/Pillow#9544) \[@​[pre-commit-ci\[bot\]](https://github.com/apps/pre-commit-ci)] - Move Homebrew dependencies into Brewfile [#​9546](python-pillow/Pillow#9546) \[[@​hugovk](https://github.com/hugovk)] - Do not precompute horizontal coefficients if not horizontal resizing [#​9543](python-pillow/Pillow#9543) \[[@​radarhere](https://github.com/radarhere)] - Fix comparison warnings [#​9541](python-pillow/Pillow#9541) \[[@​radarhere](https://github.com/radarhere)] - Close PdfParser if error occurs during init [#​9539](python-pillow/Pillow#9539) \[[@​radarhere](https://github.com/radarhere)] - Drop experimental Python 3.13 free-threaded wheels [#​9535](python-pillow/Pillow#9535) \[[@​radarhere](https://github.com/radarhere)] - Update github-actions [#​9533](python-pillow/Pillow#9533) \[@​[renovate\[bot\]](https://github.com/apps/renovate)] </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4yNDkuNCIsInVwZGF0ZWRJblZlciI6IjQzLjI0OS40IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJ0eXBlL2RlcGVuZGVuY2llcyJdfQ==--> Reviewed-on: https://git.tainton.uk/repos/webexmemebot/pulls/596 Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
📝 Description
This PR fixes a bug in
Resample.cwhere downsampling 16-bit images (I;16) using filters with negative lobes (such asImage.Resampling.LANCZOS) could result in byte corruption.Because Lanczos weighting can create overshoots (ringing artifacts) near sharp edges, the accumulated floating-point sum can sometimes exceed the 16-bit maximum (65535) or fall below zero. Previously, these out-of-bounds values were not correctly clamped before being cast or packed into the 16-bit output buffer, leading to integer overflow/underflow and corrupted pixels.
This update correctly clamps the accumulated float values to the
[0, 65535]range forI;16images during resampling.🛠️ Changes Made
src/libImaging/Resample.c: Added bounding/clamping logic to ensure the accumulated float sum is strictly clamped to0and65535before writing to theI;16output buffer.test_resampling_clampto verify this behavior. The test constructs an image with a hard step edge (0 to 65535) and applies a 5x Lanczos downsampling, comparing the clampedI;16output against a float (F) reference image to ensure no byte corruption occurs.