If bitmap buffer is empty, do not render anything#8324
Merged
hugovk merged 2 commits intopython-pillow:mainfrom Mar 20, 2026
Merged
If bitmap buffer is empty, do not render anything#8324hugovk merged 2 commits intopython-pillow:mainfrom
hugovk merged 2 commits intopython-pillow:mainfrom
Conversation
nulano
reviewed
Aug 23, 2024
| draw.text((10, 10), "Test Text", font=font, fill="#000") | ||
|
|
||
| @skip_unless_feature("freetype2") | ||
| @skip_unless_feature_version("freetype2", "2.12.0") |
Contributor
There was a problem hiding this comment.
Why change the version here?
Member
Author
There was a problem hiding this comment.
The test intended to catch OSError: Bitmap missing for glyph from
Lines 1028 to 1032 in b6f90c4
For FreeType2 versions before 2.12.0, FT_New_Face is returning an Unknown_File_Format error. It does that even on main at the moment, it's just not obvious because both are OSError. If I increase the specificity of the test, you can see this.
FreeType2 2.12.0 was released in March 2022, before #6846, so I expect this has been the case the whole time. Now that I've fixed the OSError: Bitmap missing for glyph error, the other error becomes obvious.
This was a font generated by OSS-Fuzz, so its purpose is not to be valid, but merely to trigger a security problem. We could modify the file to be valid, but in principle it would seem to be better to not modify test scenarios over time.
I suppose I could modify the test to run on FreeType2 < 2.12.0 as well, and just catch the error for that scenario if you want.
Contributor
There was a problem hiding this comment.
Thank you for the explanation.
Contributor
|
We might want to add a test that triggers the |
Member
Author
|
You're concerned about passing a glyph where bitmap buffer is empty to this block? |
|
Note then the glyph outline in question is not empty but degenerate. It contains two points but still produces a blank space. In this particular case, it results in a 0×1 bitmap, aka one empty row. Do not check for |
Member
Author
|
The glyph outline may not be empty, but the bitmap buffer is. From my understanding, we're safe to skip drawing and just advance if that is the case. I presume the size of the glyph does not affect the advance. |
|
Correct, just advance if the buffer is NULL regardless of its dimensions. You have sufficient error checking from FreeType calls. |
This was referenced Mar 20, 2026
Merged
luketainton
pushed a commit
to luketainton/repos_webexmemebot
that referenced
this pull request
Apr 1, 2026
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [pillow](https://github.com/python-pillow/Pillow) ([changelog](https://github.com/python-pillow/Pillow/releases)) | `<12.1.2,>=12.1.1` → `<12.2.1,>=12.2.0` |  |  | --- ### Release Notes <details> <summary>python-pillow/Pillow (pillow)</summary> ### [`v12.2.0`](https://github.com/python-pillow/Pillow/releases/tag/12.2.0) [Compare Source](python-pillow/Pillow@12.1.1...12.2.0) <https://pillow.readthedocs.io/en/stable/releasenotes/12.2.0.html> #### Documentation - Update 12.2.0 release notes [#​9522](python-pillow/Pillow#9522) \[[@​hugovk](https://github.com/hugovk)] - Add loader plugins: AMOS abk, Atari Degas, 40+ more obscure formats via Netpbm [#​9482](python-pillow/Pillow#9482) \[[@​bitplane](https://github.com/bitplane)] - Update Python versions [#​9515](python-pillow/Pillow#9515) \[[@​radarhere](https://github.com/radarhere)] - Jeffrey A. Clark -> Jeffrey 'Alex' Clark [#​9513](python-pillow/Pillow#9513) \[[@​aclark4life](https://github.com/aclark4life)] - Add release notes for [#​9394](python-pillow/Pillow#9394), [#​9419](python-pillow/Pillow#9419) and [#​9456](python-pillow/Pillow#9456) [#​9467](python-pillow/Pillow#9467) \[[@​radarhere](https://github.com/radarhere)] - Add Amiga Workbench .info loader to 3rd party plugins list [#​9459](python-pillow/Pillow#9459) \[[@​bitplane](https://github.com/bitplane)] - Merge PFM documentation into PPM [#​9434](python-pillow/Pillow#9434) \[[@​radarhere](https://github.com/radarhere)] - Update macOS tested Pillow versions [#​9431](python-pillow/Pillow#9431) \[[@​radarhere](https://github.com/radarhere)] - Fix CVE number [#​9430](python-pillow/Pillow#9430) \[[@​hugovk](https://github.com/hugovk)] #### Dependencies - Update xz to 5.8.3 [#​9523](python-pillow/Pillow#9523) \[[@​radarhere](https://github.com/radarhere)] - Update libjpeg-turbo to 3.1.4.1 [#​9507](python-pillow/Pillow#9507) \[[@​radarhere](https://github.com/radarhere)] - Update libpng to 1.6.56 [#​9499](python-pillow/Pillow#9499) \[[@​radarhere](https://github.com/radarhere)] - Update freetype to 2.14.3 [#​9485](python-pillow/Pillow#9485) \[[@​radarhere](https://github.com/radarhere)] - Updated libavif to 1.4.1 [#​9479](python-pillow/Pillow#9479) \[[@​radarhere](https://github.com/radarhere)] - Updated harfbuzz to 13.2.1 [#​9461](python-pillow/Pillow#9461) \[[@​radarhere](https://github.com/radarhere)] - Update Ghostscript to 10.7.0 [#​9469](python-pillow/Pillow#9469) \[[@​radarhere](https://github.com/radarhere)] - Update harfbuzz to 13.0.1 [#​9453](python-pillow/Pillow#9453) \[[@​radarhere](https://github.com/radarhere)] - Update libavif to 1.4.0 [#​9460](python-pillow/Pillow#9460) \[[@​radarhere](https://github.com/radarhere)] - Update freetype to 2.14.2 [#​9449](python-pillow/Pillow#9449) \[[@​radarhere](https://github.com/radarhere)] - Update actions/download-artifact action to v8 [#​9451](python-pillow/Pillow#9451) \[@​[renovate\[bot\]](https://github.com/apps/renovate)] - Updated libpng to 1.6.55 [#​9425](python-pillow/Pillow#9425) \[[@​radarhere](https://github.com/radarhere)] #### Testing - Cleanup .spider extension in the same test where it is added [#​9517](python-pillow/Pillow#9517) \[[@​radarhere](https://github.com/radarhere)] - Run tests in parallel via tox for 3.5x speedup [#​9516](python-pillow/Pillow#9516) \[[@​hugovk](https://github.com/hugovk)] - Enable colour in CI logs [#​9486](python-pillow/Pillow#9486) \[[@​hugovk](https://github.com/hugovk)] - Update Ghostscript to 10.7.0 [#​9469](python-pillow/Pillow#9469) \[[@​radarhere](https://github.com/radarhere)] - Simplify TGA test code [#​9477](python-pillow/Pillow#9477) \[[@​radarhere](https://github.com/radarhere)] - Update tests to check for ValueError when encoding an empty image [#​9464](python-pillow/Pillow#9464) \[[@​radarhere](https://github.com/radarhere)] - Upgrade CI from `macos-15-intel` to `macos-26-intel` [#​9454](python-pillow/Pillow#9454) \[[@​hugovk](https://github.com/hugovk)] - Add check-case-conflict hook [#​9446](python-pillow/Pillow#9446) \[[@​radarhere](https://github.com/radarhere)] - Specify platform when pulling docker image [#​9440](python-pillow/Pillow#9440) \[[@​radarhere](https://github.com/radarhere)] - GHA: Cache libavif and webp builds for Ubuntu [#​9437](python-pillow/Pillow#9437) \[[@​hugovk](https://github.com/hugovk)] - Update macOS tested Pillow versions [#​9431](python-pillow/Pillow#9431) \[[@​radarhere](https://github.com/radarhere)] #### Other changes - Check calloc return value [#​9527](python-pillow/Pillow#9527) \[[@​radarhere](https://github.com/radarhere)] - Check all allocs in the Arrow tree [#​9488](python-pillow/Pillow#9488) \[[@​wiredfool](https://github.com/wiredfool)] - Reject non-numeric elements inside list coords [#​9526](python-pillow/Pillow#9526) \[[@​hugovk](https://github.com/hugovk)] - Move variable declaration inside define [#​9525](python-pillow/Pillow#9525) \[[@​radarhere](https://github.com/radarhere)] - Resize tall images vertically first [#​9524](python-pillow/Pillow#9524) \[[@​radarhere](https://github.com/radarhere)] - Avoid overflow by not adding extents together [#​9520](python-pillow/Pillow#9520) \[[@​hugovk](https://github.com/hugovk)] - Use long for glyph position [#​9518](python-pillow/Pillow#9518) \[[@​hugovk](https://github.com/hugovk)] - Raise an error if the trailer chain loops back on itself [#​9519](python-pillow/Pillow#9519) \[[@​hugovk](https://github.com/hugovk)] - Only read as much data from gzip-decompressed data as necessary [#​9521](python-pillow/Pillow#9521) \[[@​hugovk](https://github.com/hugovk)] - Allow None extents in C setimage() [#​9504](python-pillow/Pillow#9504) \[[@​radarhere](https://github.com/radarhere)] - Use critical sections to protect FontObject [#​9498](python-pillow/Pillow#9498) \[[@​colesbury](https://github.com/colesbury)] - Add ImageText.Text.wrap() to wrap text [#​9286](python-pillow/Pillow#9286) \[[@​radarhere](https://github.com/radarhere)] - Always call StubHandler open() when opening StubImageFile [#​9412](python-pillow/Pillow#9412) \[[@​radarhere](https://github.com/radarhere)] - Improved BCn overflow check [#​9043](python-pillow/Pillow#9043) \[[@​radarhere](https://github.com/radarhere)] - Image will never be None [#​9512](python-pillow/Pillow#9512) \[[@​radarhere](https://github.com/radarhere)] - Raise EOFError when seeking too far in PSD [#​9388](python-pillow/Pillow#9388) \[[@​radarhere](https://github.com/radarhere)] - Raise error if ImageGrab subprocess gives non-zero returncode [#​9321](python-pillow/Pillow#9321) \[[@​radarhere](https://github.com/radarhere)] - Allow for different palette entry sizes when correcting BMP pixel data offset [#​9472](python-pillow/Pillow#9472) \[[@​radarhere](https://github.com/radarhere)] - Ignore unspecified extra samples for TIFF separate planar configuration [#​9514](python-pillow/Pillow#9514) \[[@​radarhere](https://github.com/radarhere)] - Add PERF to lint and fix findings [#​9510](python-pillow/Pillow#9510) \[[@​hugovk](https://github.com/hugovk)] - Switch iOS back to macos-15-intel [#​9509](python-pillow/Pillow#9509) \[[@​radarhere](https://github.com/radarhere)] - Catch struct.error [#​9505](python-pillow/Pillow#9505) \[[@​radarhere](https://github.com/radarhere)] - Check PyCapsule\_GetPointer and PyBytes\_FromStringAndSize return values [#​9508](python-pillow/Pillow#9508) \[[@​radarhere](https://github.com/radarhere)] - Fix missing null dereference checks [#​9489](python-pillow/Pillow#9489) \[[@​wiredfool](https://github.com/wiredfool)] - CI: Retry failed downloads [#​9506](python-pillow/Pillow#9506) \[[@​hugovk](https://github.com/hugovk)] - Use PyModule\_AddObjectRef [#​9503](python-pillow/Pillow#9503) \[[@​radarhere](https://github.com/radarhere)] - Release reference to encoder on error [#​9500](python-pillow/Pillow#9500) \[[@​radarhere](https://github.com/radarhere)] - Fixed AVIF and WEBP dealloc [#​9501](python-pillow/Pillow#9501) \[[@​radarhere](https://github.com/radarhere)] - Check PyType\_Ready return values [#​9502](python-pillow/Pillow#9502) \[[@​radarhere](https://github.com/radarhere)] - Check if PyObject\_CallMethod result is NULL [#​9494](python-pillow/Pillow#9494) \[[@​radarhere](https://github.com/radarhere)] - Do not use palette from grayscale or bilevel colorspace when reading JPEG2000 images [#​9468](python-pillow/Pillow#9468) \[[@​radarhere](https://github.com/radarhere)] - If TGA v2 extension area specifies no alpha, fill alpha channel [#​9478](python-pillow/Pillow#9478) \[[@​radarhere](https://github.com/radarhere)] - Set image pixels individually on 32-bit Windows [#​9492](python-pillow/Pillow#9492) \[[@​radarhere](https://github.com/radarhere)] - Add error messages before returning NULL when encoding [#​9493](python-pillow/Pillow#9493) \[[@​radarhere](https://github.com/radarhere)] - Fix `_getxy` refcount leaks [#​9487](python-pillow/Pillow#9487) \[[@​hugovk](https://github.com/hugovk)] - Fix invalid test font [#​9483](python-pillow/Pillow#9483) \[[@​radarhere](https://github.com/radarhere)] - Add Exif tag "FrameRate" [#​9470](python-pillow/Pillow#9470) \[[@​zhiyuanouyang](https://github.com/zhiyuanouyang)] - Support reading JPEG2000 images with CMYK palettes [#​9456](python-pillow/Pillow#9456) \[[@​radarhere](https://github.com/radarhere)] - Simplify `setimage()` by always passing extents [#​9395](python-pillow/Pillow#9395) \[[@​radarhere](https://github.com/radarhere)] - If bitmap buffer is empty, do not render anything [#​8324](python-pillow/Pillow#8324) \[[@​radarhere](https://github.com/radarhere)] - Change to ValueError when encoding an empty image [#​9394](python-pillow/Pillow#9394) \[[@​radarhere](https://github.com/radarhere)] - Add FontFile.to\_imagefont() [#​9419](python-pillow/Pillow#9419) \[[@​fjhenigman](https://github.com/fjhenigman)] - \[pre-commit.ci] pre-commit autoupdate [#​9450](python-pillow/Pillow#9450) \[@​[pre-commit-ci\[bot\]](https://github.com/apps/pre-commit-ci)] - Use walrus operator [#​9448](python-pillow/Pillow#9448) \[[@​radarhere](https://github.com/radarhere)] - Only close file handle in ImagePalette.save() if it was opened internally [#​9444](python-pillow/Pillow#9444) \[[@​bysiber](https://github.com/bysiber)] - Fix `self.decode` typo [#​9445](python-pillow/Pillow#9445) \[[@​bysiber](https://github.com/bysiber)] - Fix BMP RLE delta escape reading from wrong file position [#​9443](python-pillow/Pillow#9443) \[[@​bysiber](https://github.com/bysiber)] - Correct error check when encoding AVIF images [#​9442](python-pillow/Pillow#9442) \[[@​radarhere](https://github.com/radarhere)] - Fix unexpected error when saving zero dimension images [#​9391](python-pillow/Pillow#9391) \[[@​radarhere](https://github.com/radarhere)] - Use uppercase format ID for PALM [#​9435](python-pillow/Pillow#9435) \[[@​radarhere](https://github.com/radarhere)] </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMDIuNiIsInVwZGF0ZWRJblZlciI6IjQzLjEwMi42IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJ0eXBlL2RlcGVuZGVuY2llcyJdfQ==--> Reviewed-on: https://git.tainton.uk/repos/webexmemebot/pulls/579 Reviewed-by: Luke Tainton <luke@tainton.uk> Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Resolves #8272
#6846 added an error if the bitmap buffer is empty.
Pillow/src/_imagingft.c
Lines 1028 to 1032 in d6cfebd
However, this new issue found the buffer is empty for a space character in a particular font, which seems like a realistic scenario, and has been confirmed as valid by one of the FreeType maintainers - #8272 (comment)
So if the bitmap buffer is empty, this PR just doesn't draw anything, uses the
advances to update the position for the next character, and moves on.