Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Truncated mpo takes forever #5864

Closed
doublex opened this issue Dec 2, 2021 · 3 comments
Closed

Truncated mpo takes forever #5864

doublex opened this issue Dec 2, 2021 · 3 comments
Labels
Bug Any unexpected behavior, until confirmed feature.

Comments

@doublex
Copy link

doublex commented Dec 2, 2021
edited by radarhere

Image: http://doppelbauer.name/takesforever.jpg
(do you mind if I delete the image?)

Testcase:

import PIL.Image, PIL.ImageFile
PIL.ImageFile.LOAD_TRUNCATED_IMAGES = True
with PIL.Image.open('takesforever.jpg') as img:
    for frame in PIL.ImageSequence.Iterator(img):
        frame.convert('RGBA')
@radarhere radarhere changed the title truncated mpo takes forever Truncated mpo takes forever Dec 2, 2021
@radarhere
Copy link
Member

What is your thinking behind deleting the image?
When you say it takes forever, that's not an exaggeration?

@doublex
Copy link
Author

doublex commented Dec 5, 2021
edited

I have killed the python process after 2 hours (therefore I suspect an infinite loop).
If this issue is wrong, please close it.

The photo is a user-upload ("avatar") – if there is a problem: could you download this photo to your computer?

Thanks a lot for pillow

@radarhere radarhere added the Bug Any unexpected behavior, until confirmed feature. label Dec 16, 2021
@doublex doublex closed this as completed Dec 16, 2021
@radarhere
Copy link
Member

Hi. I know you probably think we just forgot about this, but not so - this should be resolved in Pillow 9.0, thanks to #5921.

We actually classify images that take forever to load as a security vulnerability - which can lead to reluctance to talk about it before we have put a fix out there.

If you find another such image, would you mind following the security procedure, rather than creating an issue? Thanks.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Bug Any unexpected behavior, until confirmed feature.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@doublex @radarhere