Fix potential PNG decompression DOS

[wiredfool]

@hugovk @aclark4life

Two outstanding bits:

1. interface for the developer -- It behaves a little differently than the decompression bomb warning in that this just tosses a value error. But it's less likely to have false positives.
2. It doesn't defend against images that have many just under the limit text segments.

Opinions?

(note that I had to change the test to pass -- I believe that the new version is also a reasonable representation of an invalid iTXt segment)

[aclark4life]

Thanks @wiredfool. Re: 1, Right now I'm more concerned about preventing a DOS than providing a consistent API and re: 2, can we reasonably defend against images with many-just-under-the-limit text segments?

[wiredfool]

That was less invasive than I'd thought. Implementation allowing 64 * maxsize total memory usage for text chunks, and a test attempting to save 128 of them. ( ~8k or so of compressed text chunks in the image would expand to ~128M)

[landscape-bot]

Repository health increased by 0.01% when pulling 0b75526 on wiredfool:Pillow into 967247d on python-pillow:Pillow.

• 1 new problem were found (including 0 errors and 1 code smell).
• No problems were fixed.

[hugovk]

assertTrue is a bit clearer (for me) than assert_ here.

[hugovk]

👍 in general, with minor review notes.

Did you want test_dos_total_memory() and test_dos_total_memory() to run on Travis CI? I'm guessing not, as they're in a file named check_... and not test_.... Are they terribly slow to run? If not, can they be moved under Travis?

[wiredfool]

They're not especially slow, and as most of the DOS ones go, it's not a problem once we've solved the issue. They may be a bit more of an issue running the tests in a resource constrained environment, so I'd rather not run them by default.

[landscape-bot]

Code quality remained the same when pulling 6696b78 on wiredfool:png-dos into 967247d on python-pillow:master.

[coveralls]

Changes Unknown when pulling 6696b78 on wiredfool:png-dos into * on python-pillow:master*.

[landscape-bot]

Code quality remained the same when pulling a59eb39 on wiredfool:png-dos into 967247d on python-pillow:master.

[wiredfool]

Note that this has had a CVE assigned: CVE-2014-9601 (http://www.cvedetails.com/cve/CVE-2014-9601/)