xpra icon
Bug tracker and wiki

Opened 5 weeks ago

Closed 5 weeks ago

Last modified 5 weeks ago

#2279 closed task (fixed)

harden pillow image parsing

Reported by: Antoine Martin Owned by: Antoine Martin
Priority: major Milestone: 3.0
Component: encodings Version: 2.5.x
Keywords: Cc:

Description (last modified by Antoine Martin)

Apart from the obvious server-to-client transfer of window pixel data, we can receive compressed pixel data from a number of places: webcam, window icons, xdg menus, etc
Some of those can flow back to the server.
We should ensure that we only allow the encodings we support so that a vulnerability in another codec cannot be triggered from those code paths.

We only really care about: webp, png and jpeg for now.
Those all have detectable headers.

Let's move the code to a utility function that can do the checking.

Example Image.open code that could be abused:

                from PIL import Image
                from io import BytesIO
                buf = BytesIO(icondata)
                img = Image.open(buf)
                has_alpha = img.mode=="RGBA"
                width, height = img.size
                rowstride = width * (3+int(has_alpha))
                pixbuf = get_pixbuf_from_data(img.tobytes(), has_alpha, width, height, rowstride)

Change History (3)

comment:1 Changed 5 weeks ago by Antoine Martin

Description: modified (diff)
Status: newassigned

comment:2 Changed 5 weeks ago by Antoine Martin

Here's a list of the formats supported by python-pillow: Image File Formats (long!).

Work started in r22493: we filter tray icons and window icons (server to client), dbus and win32 notifiers only accept png (now actually enforced), webcam validates the encodings used.
r22494 also removes support for jpeg2000 (#618) - that encoding was pretty useless anyway.

Still TODO:

  • validate paint packets
  • add proper validation for jpeg header
Last edited 5 weeks ago by Antoine Martin (previous) (diff)

comment:3 Changed 5 weeks ago by Antoine Martin

Resolution: fixed
Status: assignedclosed

Work completed in:

  • r22513 the client will validate the compressed pixel data before calling into python-pillow
  • r22514 webcam mixin will also validate compressed data from the client

To test, we have to build --without-webp and --without-jpeg_decoder otherwise those faster cython decoders have precedence (and they don't need validating since they only decode the one format they are designed for).
Then just attach with --encodings=jpeg (or --encodings=png.

Last edited 5 weeks ago by Antoine Martin (previous) (diff)
Note: See TracTickets for help on using tickets.