[SECURITY] Do not allow Pillow to parse EPS files

src/pretix/helpers/images.py

@@ -22,6 +22,7 @@
 import logging
 from io import BytesIO
 
+from django.conf import settings
 from django.core.exceptions import ValidationError
 from django.utils.translation import gettext_lazy as _
 from PIL.Image import MAX_IMAGE_PIXELS, DecompressionBombError
@@ -51,7 +52,7 @@ def validate_uploaded_file_for_valid_image(f):
 
     try:
         try:
-            image = Image.open(file)
+            image = Image.open(file, formats=settings.PILLOW_FORMATS_QUESTIONS_IMAGE)
             # verify() must be called immediately after the constructor.
             image.verify()
         except DecompressionBombError:

src/pretix/helpers/monkeypatching.py

@@ -21,6 +21,8 @@
 #
 from datetime import datetime
 
+from PIL import Image
+
 
 def monkeypatch_vobject_performance():
     """
@@ -52,5 +54,19 @@ def monkeypatch_vobject_performance():
     icalendar.tzinfo_eq = new_tzinfo_eq
 
 
+def monkeypatch_pillow_safer():
+    """
+    Pillow supports many file formats, among them EPS. For EPS, Pillow loads GhostScript whenever GhostScript
+    is installed (cannot officially be disabled). However, GhostScript is known for regular security vulnerabilities.
+    We have no use of reading EPS files and usually prevent this by using `Image.open(…, formats=[…])` to disable EPS
+    support explicitly. However, we are worried about our dependencies like reportlab using `Image.open` without the
+    `formats=` parameter. Therefore, as a defense in depth approach, we monkeypatch EPS support away by modifying the
+    internal image format registry of Pillow.
+    """
+    if "EPS" in Image.ID:
+        Image.ID.remove("EPS")
+
+
 def monkeypatch_all_at_ready():
     monkeypatch_vobject_performance()
+    monkeypatch_pillow_safer()

src/pretix/helpers/reportlab.py

@@ -20,8 +20,9 @@
 # <https://www.gnu.org/licenses/>.
 #
 from arabic_reshaper import ArabicReshaper
+from django.conf import settings
 from django.utils.functional import SimpleLazyObject
-from PIL.Image import Resampling
+from PIL import Image
 from reportlab.lib.utils import ImageReader
 
 
@@ -33,7 +34,7 @@ class ThumbnailingImageReader(ImageReader):
             height = width * self._image.size[1] / self._image.size[0]
         self._image.thumbnail(
             size=(int(width * dpi / 72), int(height * dpi / 72)),
-            resample=Resampling.BICUBIC
+            resample=Image.Resampling.BICUBIC
         )
         self._data = None
         return width, height
@@ -44,6 +45,9 @@ class ThumbnailingImageReader(ImageReader):
         # (smaller) size of the modified image.
         return None
 
+    def _read_image(self, fp):
+        return Image.open(fp, formats=settings.PILLOW_FORMATS_IMAGE)
+
 
 reshaper = SimpleLazyObject(lambda: ArabicReshaper(configuration={
     'delete_harakat': True,

src/pretix/helpers/thumb.py

@@ -23,6 +23,7 @@ import hashlib
 import math
 from io import BytesIO
 
+from django.conf import settings
 from django.core.files.base import ContentFile
 from django.core.files.storage import default_storage
 from PIL import Image, ImageOps, ImageSequence
@@ -165,7 +166,7 @@ def resize_image(image, size):
 
 def create_thumbnail(sourcename, size):
     source = default_storage.open(sourcename)
-    image = Image.open(BytesIO(source.read()))
+    image = Image.open(BytesIO(source.read()), formats=settings.PILLOW_FORMATS_QUESTIONS_IMAGE)
     try:
         image.load()
     except: