From e2690606cb325599c24000ecca932b945e29a095 Mon Sep 17 00:00:00 2001
From: shirely16 <hanhui_0117@126.com>
Date: Tue, 10 Aug 2021 09:29:10 +0800
Subject: [PATCH] modify CVE-2021-27921/CVE-2021-27922/CVE-2021-27923

---
 ...21-27921_CVE-2021-27922_CVE-2021-27923.patch | 17 ++++++++++-------
 python-pillow.spec                              |  5 ++++-
 2 files changed, 14 insertions(+), 8 deletions(-)

diff --git a/backport-CVE-2021-27921_CVE-2021-27922_CVE-2021-27923.patch b/backport-CVE-2021-27921_CVE-2021-27922_CVE-2021-27923.patch
index ff8c0f5..d0dcf2c 100644
--- a/backport-CVE-2021-27921_CVE-2021-27922_CVE-2021-27923.patch
+++ b/backport-CVE-2021-27921_CVE-2021-27922_CVE-2021-27923.patch
@@ -10,6 +10,9 @@ memory allocations.
 
 This is fixed for all locations where individual *ImageFile classes
 are created without going through the usual Image.open method.
+
+Conflict:NA
+Reference:https://github.com/python-pillow/Pillow/commit/480f6819b592d7f07b9a9a52a7656c10bbe07442
 ---
  src/PIL/BlpImagePlugin.py  | 1 +
  src/PIL/IcnsImagePlugin.py | 2 ++
@@ -17,10 +20,10 @@ are created without going through the usual Image.open method.
  3 files changed, 4 insertions(+)
 
 diff --git a/src/PIL/BlpImagePlugin.py b/src/PIL/BlpImagePlugin.py
-index 398e0fa..792a433 100644
+index ab5a8e3..1098b6d 100644
 --- a/src/PIL/BlpImagePlugin.py
 +++ b/src/PIL/BlpImagePlugin.py
-@@ -362,6 +362,7 @@ class BLP1Decoder(_BLPBaseDecoder):
+@@ -365,6 +365,7 @@ class BLP1Decoder(_BLPBaseDecoder):
          data = jpeg_header + data
          data = BytesIO(data)
          image = JpegImageFile(data)
@@ -29,7 +32,7 @@ index 398e0fa..792a433 100644
          self.fd = image.fp
          self.mode = image.mode
 diff --git a/src/PIL/IcnsImagePlugin.py b/src/PIL/IcnsImagePlugin.py
-index 21236d4..4147395 100644
+index e8244fd..0da7df6 100644
 --- a/src/PIL/IcnsImagePlugin.py
 +++ b/src/PIL/IcnsImagePlugin.py
 @@ -110,6 +110,7 @@ def read_png_or_jpeg2000(fobj, start_length, size):
@@ -40,14 +43,14 @@ index 21236d4..4147395 100644
          return {"RGBA": im}
      elif sig[:4] == b'\xff\x4f\xff\x51' \
              or sig[:4] == b'\x0d\x0a\x87\x0a' \
-@@ -121,6 +122,7 @@ def read_png_or_jpeg2000(fobj, start_length, size):
-         fobj.seek(start)
+@@ -122,6 +123,7 @@ def read_png_or_jpeg2000(fobj, start_length, size):
          jp2kstream = fobj.read(length)
          f = io.BytesIO(jp2kstream)
-+        Image._decompression_bomb_check(im.size)
          im = Jpeg2KImagePlugin.Jpeg2KImageFile(f)
++        Image._decompression_bomb_check(im.size)
          if im.mode != 'RGBA':
              im = im.convert('RGBA')
+         return {"RGBA": im}
 diff --git a/src/PIL/IcoImagePlugin.py b/src/PIL/IcoImagePlugin.py
 index 926838d..f358695 100644
 --- a/src/PIL/IcoImagePlugin.py
@@ -61,5 +64,5 @@ index 926838d..f358695 100644
              # XOR + AND mask bmp frame
              im = BmpImagePlugin.DibImageFile(self.buf)
 -- 
-2.23.0
+2.27.0
 
diff --git a/python-pillow.spec b/python-pillow.spec
index 8d2eb23..ad2088f 100644
--- a/python-pillow.spec
+++ b/python-pillow.spec
@@ -5,7 +5,7 @@
 
 Name:               python-pillow
 Version:            5.3.0
-Release:            15
+Release:            16
 Summary:            Python image processing library
 License:            MIT
 URL:                http://python-pillow.github.io/
@@ -187,6 +187,9 @@ popd
 %doc docs/_build_py3/html
 
 %changelog
+* Tue Aug 10 2021 hanhui <hanhui15@huawei.com> - 5.3.0-16
+- Type:modify CVE-2021-27921CVE-2021-27922CVE-2021-27923
+
 * Mon Jun 21 2021 hanhui <hanhui15@huawei.com> - 5.3.0-15
 - DESC: in the check section,using the cp -a instead of install
 
-- 
Gitee