Replies: 4 comments 6 replies
-
For future readers, see #5121 for an implementation of this |
Beta Was this translation helpful? Give feedback.
-
Quite the opposite. That documentation refers to the exception handler here (which does not match the types mentioned in the documentation): Line 2933 in 41462d8 That specifically silences exceptions of certain types. That's because So if you're doing this: Image.open('mystery_image', formats=('JPEG', 'PNG', 'GIF')) and the file turns out to be a GIF, you don't want to get any exceptions for the obvious failures you're gonna get when trying to load it as a JPEG or PNG image first. But if the image you're loading is actually an invalid GIF, you do still want to see those errors. |
Beta Was this translation helpful? Give feedback.
-
Isn't that intentional? Why should it be caught when its message already contains enough detail to explain what's wrong with your file?
👍
The Pillow/src/PIL/PpmImagePlugin.py Line 32 in 41462d8 The ASCII character with the highest value in any of those strings is, you guessed it,
I think it's a valuable check to have. PPM might not have any size restrictions, but Pillow does. Why would you even try loading the image data you already know you can't handle? I don't think 10+ digit image dimensions or pixel values are reasonable values to expect. And if you encounter a value like this I think it's more likely the file is corrupt or Pillow's file parsing is broken than that someone genuinely thinks such a massive image is a good idea. For example, if someone accidentally stripped most whitespace from their PPM file, not having a token limit could mean you end up reading the whole file byte-by-byte into a single token before you finally reach the end and realize it was all for nothing. And my example at the end of #5121 (comment) shows limiting the size of the token could also prevent Pillow from shooting itself in the foot. The cryptic message can certainly be improved, though. |
Beta Was this translation helpful? Give feedback.
-
#5121 has now been merged |
Beta Was this translation helpful? Give feedback.
-
Hi, I've been studying the
PpmImagePlugin
source file for a plugin I've been working on and have spotted a few things that maybe could be improved._open
methodThe
_open
method starts by checking the magic number of the file. However, there is already an_accept
method in place. I don't see how the exception in line 69 could be raised. Isn't that dead code?In line 85 a for loop reads the three tokens that should follow the magic number. If
s
is not a whitespace, it is assumed to be a decimal ASCII, passed to_token
and then tried to make into an int. This makes the following header raise an uncaught exception in line 96:b"P6\n!4"
.The PBM specification states that comments start with
#
but can do so in the middle of a token. Although this is a somewhat contrived case, shouldn't it still be considered?_token
methodThe
_token
method is supposed to read one byte at a time and append to the result until a whitespace is found or the file ends.Given the PPM specification, it should also check if the byte read is a decimal ASCII. However, line 57 (
if c > b"\x79:"
) makes no sense to me (b'\x79'
equalsb'y'
). Shouldn't it check forb"\x2F" < c < b"\x3A"
? As it is, header"P6\n4!"
raisesValueError
too. Also, how about using"Non-decimal-ASCII found in header"
as the exception message?It also checks the length of the resulting token. If it's more than 9 it raises an exception with a cryptic message. What is the purpose of this check? The format specification does not limit this length, and there is also Pillow's
_decompression_bomb_check
safeguard in place. Shouldn't this condition be removed?Finally, all exceptions raised except one are of the
ValueError
type. The docs state thatthe calling code considers exceptions like SyntaxError, KeyError, IndexError, EOFError and struct.error as a failure to identify the file
. Shouldn't all the exceptions raised in this file be of the above types?Beta Was this translation helpful? Give feedback.
All reactions