Improve _accept length check (#9170)

hugovk · web-flow · commit bde90757fa33 · 2025-08-27T17:41:40.000+03:00
diff --git a/src/PIL/FliImagePlugin.py b/src/PIL/FliImagePlugin.py
@@ -30,7 +30,7 @@
 
 def _accept(prefix: bytes) -> bool:
     return (
-        len(prefix) >= 6
+        len(prefix) >= 16
         and i16(prefix, 4) in [0xAF11, 0xAF12]
         and i16(prefix, 14) in [0, 3]  # flags
     )
diff --git a/src/PIL/GribStubImagePlugin.py b/src/PIL/GribStubImagePlugin.py
@@ -33,7 +33,7 @@ def register_handler(handler: ImageFile.StubHandler | None) -> None:
 
 
 def _accept(prefix: bytes) -> bool:
-    return prefix.startswith(b"GRIB") and prefix[7] == 1
+    return len(prefix) >= 8 and prefix.startswith(b"GRIB") and prefix[7] == 1
 
 
 class GribStubImageFile(ImageFile.StubImageFile):
diff --git a/src/PIL/PcxImagePlugin.py b/src/PIL/PcxImagePlugin.py
@@ -39,7 +39,7 @@
 
 
 def _accept(prefix: bytes) -> bool:
-    return prefix[0] == 10 and prefix[1] in [0, 2, 3, 5]
+    return len(prefix) >= 2 and prefix[0] == 10 and prefix[1] in [0, 2, 3, 5]
 
 
 ##
diff --git a/src/PIL/PpmImagePlugin.py b/src/PIL/PpmImagePlugin.py
@@ -47,7 +47,7 @@
 
 
 def _accept(prefix: bytes) -> bool:
-    return prefix.startswith(b"P") and prefix[1] in b"0123456fy"
+    return len(prefix) >= 2 and prefix.startswith(b"P") and prefix[1] in b"0123456fy"
 
 
 ##
