diff options
| author | ManoloFLTK <41016272+ManoloFLTK@users.noreply.github.com> | 2023-01-17 09:38:53 +0100 |
|---|---|---|
| committer | ManoloFLTK <41016272+ManoloFLTK@users.noreply.github.com> | 2023-01-17 09:38:53 +0100 |
| commit | 39eba133de302f393cc2dabfa5c1d933239cd1ce (patch) | |
| tree | 0aacb7bfd9d2b30350f8a601515f7f0126a797ad /png | |
| parent | b804c4b72c96630d57166d4d7b94fb104122e95e (diff) | |
Update bundled libpng to version 1.6.39 (20 nov 2022)
Diffstat (limited to 'png')
| -rw-r--r-- | png/CHANGES | 32 | ||||
| -rw-r--r-- | png/arm/arm_init.c | 31 | ||||
| -rw-r--r-- | png/arm/filter_neon_intrinsics.c | 2 | ||||
| -rw-r--r-- | png/arm/palette_neon_intrinsics.c | 14 | ||||
| -rw-r--r-- | png/makedepend | 16 | ||||
| -rw-r--r-- | png/png.c | 18 | ||||
| -rw-r--r-- | png/pngget.c | 14 | ||||
| -rw-r--r-- | png/pnglibconf.h | 6 | ||||
| -rw-r--r-- | png/pngprefix.h | 11 | ||||
| -rw-r--r-- | png/pngread.c | 8 | ||||
| -rw-r--r-- | png/pngrtran.c | 2 | ||||
| -rw-r--r-- | png/pngrutil.c | 38 | ||||
| -rw-r--r-- | png/pngset.c | 13 | ||||
| -rw-r--r-- | png/pngwrite.c | 20 | ||||
| -rw-r--r-- | png/pngwutil.c | 6 |
15 files changed, 145 insertions, 86 deletions
diff --git a/png/CHANGES b/png/CHANGES index f0b0a9342..366e0f6a7 100644 --- a/png/CHANGES +++ b/png/CHANGES @@ -2295,7 +2295,7 @@ Version 1.4.0beta58 [May 14, 2009] Clarified usage of sig_bit versus sig_bit_p in example.c (Vincent Torri) Version 1.4.0beta59 [May 15, 2009] - Reformated sources in libpng style (3-space intentation, comment format) + Reformated sources in libpng style (3-space indentation, comment format) Fixed typo in libpng docs (PNG_FILTER_AVE should be PNG_FILTER_AVG) Added sections about the git repository and our coding style to the documentation @@ -3886,7 +3886,7 @@ Version 1.6.0beta06 [January 24, 2012] Version 1.6.0beta07 [January 28, 2012] Eliminated Intel icc/icl compiler warnings. The Intel (GCC derived) compiler issues slightly different warnings from those issued by the - current vesions of GCC. This eliminates those warnings by + current versions of GCC. This eliminates those warnings by adding/removing casts and small code rewrites. Updated configure.ac from autoupdate: added --enable-werror option. Also some layout regularization and removal of introduced tab characters @@ -4052,7 +4052,7 @@ Version 1.6.0beta16 [March 6, 2012] (in fact this is harmless, but the PNG data produced may be sub-optimal). Version 1.6.0beta17 [March 10, 2012] - Fixed PNG_LIBPNG_BUILD_BASE_TYPE definition. + Fixed PNG_LIBPNG_BUILD_BASE_TYPE definition. Reject all iCCP chunks after the first, even if the first one is invalid. Deflate/inflate was reworked to move common zlib calls into single functions [rw]util.c. A new shared keyword check routine was also added @@ -4962,7 +4962,7 @@ Version 1.6.13beta01 [July 4, 2014] Changed "if defined(__ARM_NEON__)" to "if (defined(__ARM_NEON__) || defined(__ARM_NEON))" (James Wu). Fixed clang no-warning builds: png_digit was defined but never used. - + Version 1.6.13beta02 [July 21, 2014] Fixed an incorrect separator ("/" should be "\") in scripts/makefile.vcwin32 (bug report from Wolfgang S. Kechel). Bug was introduced in libpng-1.6.11. @@ -5453,7 +5453,7 @@ Version 1.6.21beta01 [December 11, 2015] Version 1.6.21beta02 [December 14, 2015] Moved png_check_keyword() from pngwutil.c to pngset.c Removed LE/BE dependencies in pngvalid, to 'fix' the current problem - in the BigEndian tests by not testing it, making the BE code the same + in the BigEndian tests by not testing it, making the BE code the same as the LE version. Fixes to pngvalid for various reduced build configurations (eliminate unused statics) and a fix for the case in rgb_to_gray when the digitize option @@ -5517,7 +5517,7 @@ Version 1.6.22beta03 [March 9, 2016] Added a common-law trademark notice and export control information to the LICENSE file, png.h, and the man page. Restored "& 0xff" in png_save_uint_16() and png_save_uint_32() that - were accidentally removed from libpng-1.6.17. + were accidentally removed from libpng-1.6.17. Changed PNG_INFO_cHNK and PNG_FREE_cHNK from 0xnnnn to 0xnnnnU in png.h (Robert C. Seacord). Removed dubious "#if INT_MAX" test from png.h that was added to @@ -5950,7 +5950,7 @@ Version 1.6.32beta09 [August 3, 2017] Require cmake-2.8.8 in CMakeLists.txt. Revised symlink creation, no longer using deprecated cmake LOCATION feature (Clifford Yapp). Fixed five-byte error in the calculation of IDAT maximum possible size. - + Version 1.6.32beta10 [August 5, 2017] Moved chunk-length check into a png_check_chunk_length() private function (Suggested by Max Stepin). @@ -6103,6 +6103,24 @@ Version 1.6.37 [April 14, 2019] Added makefiles for AddressSanitizer-enabled builds. Cleaned up various makefiles. +Version 1.6.38 [September 14, 2022] + Added configurations and scripts for continuous integration. + Fixed various errors in the handling of tRNS, hIST and eXIf. + Implemented many stability improvements across all platforms. + Updated the internal documentation. + +Version 1.6.39 [November 20, 2022] + Changed the error handler of oversized chunks (i.e. larger than + PNG_USER_CHUNK_MALLOC_MAX) from png_chunk_error to png_benign_error. + Fixed a buffer overflow error in contrib/tools/pngfix. + Fixed a memory leak (CVE-2019-6129) in contrib/tools/pngcp. + Disabled the ARM Neon optimizations by default in the CMake file, + following the default behavior of the configure script. + Allowed configure.ac to work with the trunk version of autoconf. + Removed the support for "install" targets from the legacy makefiles; + removed the obsolete makefile.cegcc. + Cleaned up the code and updated the internal documentation. + Send comments/corrections/commendations to png-mng-implement at lists.sf.net. Subscription is required; visit https://lists.sourceforge.net/lists/listinfo/png-mng-implement diff --git a/png/arm/arm_init.c b/png/arm/arm_init.c index a34ecdbef..84d05556f 100644 --- a/png/arm/arm_init.c +++ b/png/arm/arm_init.c @@ -1,7 +1,7 @@ /* arm_init.c - NEON optimised filter functions * - * Copyright (c) 2018 Cosmin Truta + * Copyright (c) 2018-2022 Cosmin Truta * Copyright (c) 2014,2016 Glenn Randers-Pehrson * Written by Mans Rullgard, 2011. * @@ -10,9 +10,7 @@ * and license in png.h */ -/* Below, after checking __linux__, various non-C90 POSIX 1003.1 functions are - * called. - */ +/* This module requires POSIX 1003.1 functions. */ #define _POSIX_SOURCE 1 #include "../pngpriv.h" @@ -33,21 +31,26 @@ * has partial support is contrib/arm-neon/linux.c - a generic Linux * implementation which reads /proc/cpufino. */ +#include <signal.h> /* for sig_atomic_t */ + #ifndef PNG_ARM_NEON_FILE -# ifdef __linux__ -# define PNG_ARM_NEON_FILE "contrib/arm-neon/linux.c" +# if defined(__aarch64__) || defined(_M_ARM64) + /* ARM Neon is expected to be unconditionally available on ARM64. */ +# error "PNG_ARM_NEON_CHECK_SUPPORTED must not be defined on ARM64" +# elif defined(__ARM_NEON__) || defined(__ARM_NEON) + /* ARM Neon is expected to be available on the target CPU architecture. */ +# error "PNG_ARM_NEON_CHECK_SUPPORTED must not be defined on this CPU arch" +# elif defined(__linux__) +# define PNG_ARM_NEON_FILE "contrib/arm-neon/linux.c" +# else +# error "No support for run-time ARM Neon checking; use compile-time options" # endif #endif -#ifdef PNG_ARM_NEON_FILE - -#include <signal.h> /* for sig_atomic_t */ static int png_have_neon(png_structp png_ptr); -#include PNG_ARM_NEON_FILE - -#else /* PNG_ARM_NEON_FILE */ -# error "PNG_ARM_NEON_FILE undefined: no support for run-time ARM NEON checks" -#endif /* PNG_ARM_NEON_FILE */ +#ifdef PNG_ARM_NEON_FILE +# include PNG_ARM_NEON_FILE +#endif #endif /* PNG_ARM_NEON_CHECK_SUPPORTED */ #ifndef PNG_ALIGNED_MEMORY_SUPPORTED diff --git a/png/arm/filter_neon_intrinsics.c b/png/arm/filter_neon_intrinsics.c index 553c0be21..4466d48b2 100644 --- a/png/arm/filter_neon_intrinsics.c +++ b/png/arm/filter_neon_intrinsics.c @@ -18,7 +18,7 @@ /* This code requires -mfpu=neon on the command line: */ #if PNG_ARM_NEON_IMPLEMENTATION == 1 /* intrinsics code from pngpriv.h */ -#if defined(_MSC_VER) && defined(_M_ARM64) +#if defined(_MSC_VER) && !defined(__clang__) && defined(_M_ARM64) # include <arm64_neon.h> #else # include <arm_neon.h> diff --git a/png/arm/palette_neon_intrinsics.c b/png/arm/palette_neon_intrinsics.c index b4d1fd2ab..92c7d6f9f 100644 --- a/png/arm/palette_neon_intrinsics.c +++ b/png/arm/palette_neon_intrinsics.c @@ -14,7 +14,7 @@ #if PNG_ARM_NEON_IMPLEMENTATION == 1 -#if defined(_MSC_VER) && defined(_M_ARM64) +#if defined(_MSC_VER) && !defined(__clang__) && defined(_M_ARM64) # include <arm64_neon.h> #else # include <arm_neon.h> @@ -30,8 +30,6 @@ png_riffle_palette_neon(png_structrp png_ptr) int num_trans = png_ptr->num_trans; int i; - png_debug(1, "in png_riffle_palette_neon"); - /* Initially black, opaque. */ uint8x16x4_t w = {{ vdupq_n_u8(0x00), @@ -40,6 +38,8 @@ png_riffle_palette_neon(png_structrp png_ptr) vdupq_n_u8(0xff), }}; + png_debug(1, "in png_riffle_palette_neon"); + /* First, riffle the RGB colours into an RGBA8 palette. * The alpha component is set to opaque for now. */ @@ -65,11 +65,12 @@ png_do_expand_palette_rgba8_neon(png_structrp png_ptr, png_row_infop row_info, png_uint_32 row_width = row_info->width; const png_uint_32 *riffled_palette = (const png_uint_32 *)png_ptr->riffled_palette; - const png_int_32 pixels_per_chunk = 4; - int i; + const png_uint_32 pixels_per_chunk = 4; + png_uint_32 i; png_debug(1, "in png_do_expand_palette_rgba8_neon"); + PNG_UNUSED(row) if (row_width < pixels_per_chunk) return 0; @@ -109,10 +110,11 @@ png_do_expand_palette_rgb8_neon(png_structrp png_ptr, png_row_infop row_info, png_uint_32 row_width = row_info->width; png_const_bytep palette = (png_const_bytep)png_ptr->palette; const png_uint_32 pixels_per_chunk = 8; - int i; + png_uint_32 i; png_debug(1, "in png_do_expand_palette_rgb8_neon"); + PNG_UNUSED(row) if (row_width <= pixels_per_chunk) return 0; diff --git a/png/makedepend b/png/makedepend index b623bccf6..be35a4f31 100644 --- a/png/makedepend +++ b/png/makedepend @@ -144,3 +144,19 @@ pngwutil.o: pnglibconf.h pngwutil.o: pngprefix.h pngwutil.o: pngpriv.h pngwutil.o: pngstruct.h +powerpc/filter_vsx_intrinsics.o: png.h +powerpc/filter_vsx_intrinsics.o: pngconf.h +powerpc/filter_vsx_intrinsics.o: pngdebug.h +powerpc/filter_vsx_intrinsics.o: pnginfo.h +powerpc/filter_vsx_intrinsics.o: pnglibconf.h +powerpc/filter_vsx_intrinsics.o: pngprefix.h +powerpc/filter_vsx_intrinsics.o: pngpriv.h +powerpc/filter_vsx_intrinsics.o: pngstruct.h +powerpc/powerpc_init.o: png.h +powerpc/powerpc_init.o: pngconf.h +powerpc/powerpc_init.o: pngdebug.h +powerpc/powerpc_init.o: pnginfo.h +powerpc/powerpc_init.o: pnglibconf.h +powerpc/powerpc_init.o: pngprefix.h +powerpc/powerpc_init.o: pngpriv.h +powerpc/powerpc_init.o: pngstruct.h @@ -1,7 +1,7 @@ /* png.c - location for general purpose libpng functions * - * Copyright (c) 2018-2019 Cosmin Truta + * Copyright (c) 2018-2022 Cosmin Truta * Copyright (c) 1998-2002,2004,2006-2018 Glenn Randers-Pehrson * Copyright (c) 1996-1997 Andreas Dilger * Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc. @@ -14,7 +14,7 @@ #include "pngpriv.h" /* Generate a compiler error if there is an old png.h in the search path. */ -typedef png_libpng_version_1_6_37 Your_png_h_is_not_version_1_6_37; +typedef png_libpng_version_1_6_39 Your_png_h_is_not_version_1_6_39; #ifdef __GNUC__ /* The version tests may need to be added to, but the problem warning has @@ -720,7 +720,7 @@ png_init_io(png_structrp png_ptr, png_FILE_p fp) * * Where UNSIGNED_MAX is the appropriate maximum unsigned value, so when the * negative integral value is added the result will be an unsigned value - * correspnding to the 2's complement representation. + * corresponding to the 2's complement representation. */ void PNGAPI png_save_int_32(png_bytep buf, png_int_32 i) @@ -752,7 +752,7 @@ png_convert_to_rfc1123_buffer(char out[29], png_const_timep ptime) { size_t pos = 0; - char number_buf[5] = ""; /* enough for a four-digit year */ /* FLTK Issue #296 */ + char number_buf[5]; /* enough for a four-digit year */ # define APPEND_STRING(string) pos = png_safecat(out, 29, pos, (string)) # define APPEND_NUMBER(format, value)\ @@ -815,8 +815,8 @@ png_get_copyright(png_const_structrp png_ptr) return PNG_STRING_COPYRIGHT #else return PNG_STRING_NEWLINE \ - "libpng version 1.6.37" PNG_STRING_NEWLINE \ - "Copyright (c) 2018-2019 Cosmin Truta" PNG_STRING_NEWLINE \ + "libpng version 1.6.39" PNG_STRING_NEWLINE \ + "Copyright (c) 2018-2022 Cosmin Truta" PNG_STRING_NEWLINE \ "Copyright (c) 1998-2002,2004,2006-2018 Glenn Randers-Pehrson" \ PNG_STRING_NEWLINE \ "Copyright (c) 1996-1997 Andreas Dilger" PNG_STRING_NEWLINE \ @@ -1843,12 +1843,12 @@ png_icc_profile_error(png_const_structrp png_ptr, png_colorspacerp colorspace, # ifdef PNG_WARNINGS_SUPPORTED else { - char number[PNG_NUMBER_BUFFER_SIZE]; /* +24 = 114*/ + char number[PNG_NUMBER_BUFFER_SIZE]; /* +24 = 114 */ pos = png_safecat(message, (sizeof message), pos, png_format_number(number, number+(sizeof number), PNG_NUMBER_FORMAT_x, value)); - pos = png_safecat(message, (sizeof message), pos, "h: "); /*+2 = 116*/ + pos = png_safecat(message, (sizeof message), pos, "h: "); /* +2 = 116 */ } # endif /* The 'reason' is an arbitrary message, allow +79 maximum 195 */ @@ -2710,7 +2710,7 @@ png_check_IHDR(png_const_structrp png_ptr, int /* PRIVATE */ png_check_fp_number(png_const_charp string, size_t size, int *statep, - png_size_tp whereami) + size_t *whereami) { int state = *statep; size_t i = *whereami; diff --git a/png/pngget.c b/png/pngget.c index 5abf1efd9..e44933c0d 100644 --- a/png/pngget.c +++ b/png/pngget.c @@ -1151,7 +1151,7 @@ png_get_unknown_chunks(png_const_structrp png_ptr, png_inforp info_ptr, #ifdef PNG_READ_RGB_TO_GRAY_SUPPORTED png_byte PNGAPI -png_get_rgb_to_gray_status (png_const_structrp png_ptr) +png_get_rgb_to_gray_status(png_const_structrp png_ptr) { return (png_byte)(png_ptr ? png_ptr->rgb_to_gray_status : 0); } @@ -1192,27 +1192,27 @@ png_get_compression_buffer_size(png_const_structrp png_ptr) /* These functions were added to libpng 1.2.6 and were enabled * by default in libpng-1.4.0 */ png_uint_32 PNGAPI -png_get_user_width_max (png_const_structrp png_ptr) +png_get_user_width_max(png_const_structrp png_ptr) { return (png_ptr ? png_ptr->user_width_max : 0); } png_uint_32 PNGAPI -png_get_user_height_max (png_const_structrp png_ptr) +png_get_user_height_max(png_const_structrp png_ptr) { return (png_ptr ? png_ptr->user_height_max : 0); } /* This function was added to libpng 1.4.0 */ png_uint_32 PNGAPI -png_get_chunk_cache_max (png_const_structrp png_ptr) +png_get_chunk_cache_max(png_const_structrp png_ptr) { return (png_ptr ? png_ptr->user_chunk_cache_max : 0); } /* This function was added to libpng 1.4.1 */ png_alloc_size_t PNGAPI -png_get_chunk_malloc_max (png_const_structrp png_ptr) +png_get_chunk_malloc_max(png_const_structrp png_ptr) { return (png_ptr ? png_ptr->user_chunk_malloc_max : 0); } @@ -1221,13 +1221,13 @@ png_get_chunk_malloc_max (png_const_structrp png_ptr) /* These functions were added to libpng 1.4.0 */ #ifdef PNG_IO_STATE_SUPPORTED png_uint_32 PNGAPI -png_get_io_state (png_const_structrp png_ptr) +png_get_io_state(png_const_structrp png_ptr) { return png_ptr->io_state; } png_uint_32 PNGAPI -png_get_io_chunk_type (png_const_structrp png_ptr) +png_get_io_chunk_type(png_const_structrp png_ptr) { return png_ptr->chunk_name; } diff --git a/png/pnglibconf.h b/png/pnglibconf.h index 8e879b314..661929f0e 100644 --- a/png/pnglibconf.h +++ b/png/pnglibconf.h @@ -3,15 +3,15 @@ ** ** This file must be generated on Linux in a libpng distribution using: ** $ ./configure --with-libpng-prefix=fltk_ -** +** $ make ** All lines including the 'fltk_' prefix must be upgraded with libpng. */ /* pnglibconf.h - library build configuration */ -/* libpng version 1.6.37 */ +/* libpng version 1.6.39 */ -/* Copyright (c) 2018-2019 Cosmin Truta */ +/* Copyright (c) 2018-2022 Cosmin Truta */ /* Copyright (c) 1998-2002,2004,2006-2018 Glenn Randers-Pehrson */ /* This code is released under the libpng license. */ diff --git a/png/pngprefix.h b/png/pngprefix.h index 7d69b1219..c6d171913 100644 --- a/png/pngprefix.h +++ b/png/pngprefix.h @@ -60,6 +60,13 @@ #define png_do_read_interlace fltk_png_do_read_interlace #define png_do_write_interlace fltk_png_do_write_interlace #define png_read_filter_row fltk_png_read_filter_row +#define png_read_filter_row_up_neon fltk_png_read_filter_row_up_neon +#define png_read_filter_row_sub3_neon fltk_png_read_filter_row_sub3_neon +#define png_read_filter_row_sub4_neon fltk_png_read_filter_row_sub4_neon +#define png_read_filter_row_avg3_neon fltk_png_read_filter_row_avg3_neon +#define png_read_filter_row_avg4_neon fltk_png_read_filter_row_avg4_neon +#define png_read_filter_row_paeth3_neon fltk_png_read_filter_row_paeth3_neon +#define png_read_filter_row_paeth4_neon fltk_png_read_filter_row_paeth4_neon #define png_write_find_filter fltk_png_write_find_filter #define png_read_IDAT_data fltk_png_read_IDAT_data #define png_read_finish_IDAT fltk_png_read_finish_IDAT @@ -163,4 +170,8 @@ #define png_safe_warning fltk_png_safe_warning #define png_safe_execute fltk_png_safe_execute #define png_image_error fltk_png_image_error +#define png_init_filter_functions_neon fltk_png_init_filter_functions_neon #define png_check_keyword fltk_png_check_keyword +#define png_riffle_palette_neon fltk_png_riffle_palette_neon +#define png_do_expand_palette_rgba8_neon fltk_png_do_expand_palette_rgba8_neon +#define png_do_expand_palette_rgb8_neon fltk_png_do_expand_palette_rgb8_neon diff --git a/png/pngread.c b/png/pngread.c index bf3c4fb89..96996ced5 100644 --- a/png/pngread.c +++ b/png/pngread.c @@ -3452,7 +3452,6 @@ png_image_read_background(png_voidp argument) for (pass = 0; pass < passes; ++pass) { - png_bytep row = png_voidcast(png_bytep, display->first_row); unsigned int startx, stepx, stepy; png_uint_32 y; @@ -3557,9 +3556,6 @@ png_image_read_background(png_voidp argument) inrow += 2; /* gray and alpha channel */ } - - row += display->row_bytes; - (void)row; // FLTK: silence warning: FIXME - remove variable 'row'? } } } @@ -3766,13 +3762,13 @@ png_image_read_direct(png_voidp argument) mode = PNG_ALPHA_PNG; output_gamma = PNG_DEFAULT_sRGB; } - + if ((change & PNG_FORMAT_FLAG_ASSOCIATED_ALPHA) != 0) { mode = PNG_ALPHA_OPTIMIZED; change &= ~PNG_FORMAT_FLAG_ASSOCIATED_ALPHA; } - + /* If 'do_local_background' is set check for the presence of gamma * correction; this is part of the work-round for the libpng bug * described above. diff --git a/png/pngrtran.c b/png/pngrtran.c index 9a8fad9f4..238f5afe7 100644 --- a/png/pngrtran.c +++ b/png/pngrtran.c @@ -21,7 +21,7 @@ #ifdef PNG_ARM_NEON_IMPLEMENTATION # if PNG_ARM_NEON_IMPLEMENTATION == 1 # define PNG_ARM_NEON_INTRINSICS_AVAILABLE -# if defined(_MSC_VER) && defined(_M_ARM64) +# if defined(_MSC_VER) && !defined(__clang__) && defined(_M_ARM64) # include <arm64_neon.h> # else # include <arm_neon.h> diff --git a/png/pngrutil.c b/png/pngrutil.c index d5fa08c39..068ab193a 100644 --- a/png/pngrutil.c +++ b/png/pngrutil.c @@ -1,7 +1,7 @@ /* pngrutil.c - utilities to read a PNG file * - * Copyright (c) 2018 Cosmin Truta + * Copyright (c) 2018-2022 Cosmin Truta * Copyright (c) 1998-2002,2004,2006-2018 Glenn Randers-Pehrson * Copyright (c) 1996-1997 Andreas Dilger * Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc. @@ -302,7 +302,6 @@ png_read_buffer(png_structrp png_ptr, png_alloc_size_t new_size, int warn) if (buffer != NULL && new_size > png_ptr->read_buffer_size) { png_ptr->read_buffer = NULL; - png_ptr->read_buffer = NULL; png_ptr->read_buffer_size = 0; png_free(png_ptr, buffer); buffer = NULL; @@ -2076,21 +2075,22 @@ png_handle_eXIf(png_structrp png_ptr, png_inforp info_ptr, png_uint_32 length) png_byte buf[1]; png_crc_read(png_ptr, buf, 1); info_ptr->eXIf_buf[i] = buf[0]; - if (i == 1 && buf[0] != 'M' && buf[0] != 'I' - && info_ptr->eXIf_buf[0] != buf[0]) + if (i == 1) { - png_crc_finish(png_ptr, length); - png_chunk_benign_error(png_ptr, "incorrect byte-order specifier"); - png_free(png_ptr, info_ptr->eXIf_buf); - info_ptr->eXIf_buf = NULL; - return; + if ((buf[0] != 'M' && buf[0] != 'I') || + (info_ptr->eXIf_buf[0] != buf[0])) + { + png_crc_finish(png_ptr, length - 2); + png_chunk_benign_error(png_ptr, "incorrect byte-order specifier"); + png_free(png_ptr, info_ptr->eXIf_buf); + info_ptr->eXIf_buf = NULL; + return; + } } } - if (png_crc_finish(png_ptr, 0) != 0) - return; - - png_set_eXIf_1(png_ptr, info_ptr, length, info_ptr->eXIf_buf); + if (png_crc_finish(png_ptr, 0) == 0) + png_set_eXIf_1(png_ptr, info_ptr, length, info_ptr->eXIf_buf); png_free(png_ptr, info_ptr->eXIf_buf); info_ptr->eXIf_buf = NULL; @@ -2126,8 +2126,9 @@ png_handle_hIST(png_structrp png_ptr, png_inforp info_ptr, png_uint_32 length) num = length / 2 ; - if (num != (unsigned int) png_ptr->num_palette || - num > (unsigned int) PNG_MAX_PALETTE_LENGTH) + if (length != num * 2 || + num != (unsigned int)png_ptr->num_palette || + num > (unsigned int)PNG_MAX_PALETTE_LENGTH) { png_crc_finish(png_ptr, length); png_chunk_benign_error(png_ptr, "invalid"); @@ -3185,7 +3186,7 @@ png_check_chunk_length(png_const_structrp png_ptr, png_uint_32 length) { png_debug2(0," length = %lu, limit = %lu", (unsigned long)length,(unsigned long)limit); - png_chunk_error(png_ptr, "chunk data is too large"); + png_benign_error(png_ptr, "chunk data is too large"); } } @@ -4621,14 +4622,13 @@ defined(PNG_USER_TRANSFORM_PTR_SUPPORTED) */ { png_bytep temp = png_ptr->big_row_buf + 32; - int extra = (int)((temp - (png_bytep)0) & 0x0f); + size_t extra = (size_t)temp & 0x0f; png_ptr->row_buf = temp - extra - 1/*filter byte*/; temp = png_ptr->big_prev_row + 32; - extra = (int)((temp - (png_bytep)0) & 0x0f); + extra = (size_t)temp & 0x0f; png_ptr->prev_row = temp - extra - 1/*filter byte*/; } - #else /* Use 31 bytes of padding before and 17 bytes after row_buf. */ png_ptr->row_buf = png_ptr->big_row_buf + 31; diff --git a/png/pngset.c b/png/pngset.c index ec75dbe36..8c372cf41 100644 --- a/png/pngset.c +++ b/png/pngset.c @@ -1,7 +1,7 @@ /* pngset.c - storage of image information into info struct * - * Copyright (c) 2018 Cosmin Truta + * Copyright (c) 2018-2022 Cosmin Truta * Copyright (c) 1998-2018 Glenn Randers-Pehrson * Copyright (c) 1996-1997 Andreas Dilger * Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc. @@ -1019,6 +1019,9 @@ png_set_tRNS(png_structrp png_ptr, png_inforp info_ptr, info_ptr->trans_alpha = png_voidcast(png_bytep, png_malloc(png_ptr, PNG_MAX_PALETTE_LENGTH)); memcpy(info_ptr->trans_alpha, trans_alpha, (size_t)num_trans); + + info_ptr->valid |= PNG_INFO_tRNS; + info_ptr->free_me |= PNG_FREE_TRNS; } png_ptr->trans_alpha = info_ptr->trans_alpha; } @@ -1326,7 +1329,7 @@ png_set_unknown_chunk_location(png_const_structrp png_ptr, png_inforp info_ptr, #ifdef PNG_MNG_FEATURES_SUPPORTED png_uint_32 PNGAPI -png_permit_mng_features (png_structrp png_ptr, png_uint_32 mng_features) +png_permit_mng_features(png_structrp png_ptr, png_uint_32 mng_features) { png_debug(1, "in png_permit_mng_features"); @@ -1633,7 +1636,7 @@ png_set_invalid(png_const_structrp png_ptr, png_inforp info_ptr, int mask) #ifdef PNG_SET_USER_LIMITS_SUPPORTED /* This function was added to libpng 1.2.6 */ void PNGAPI -png_set_user_limits (png_structrp png_ptr, png_uint_32 user_width_max, +png_set_user_limits(png_structrp png_ptr, png_uint_32 user_width_max, png_uint_32 user_height_max) { /* Images with dimensions larger than these limits will be @@ -1649,7 +1652,7 @@ png_set_user_limits (png_structrp png_ptr, png_uint_32 user_width_max, /* This function was added to libpng 1.4.0 */ void PNGAPI -png_set_chunk_cache_max (png_structrp png_ptr, png_uint_32 user_chunk_cache_max) +png_set_chunk_cache_max(png_structrp png_ptr, png_uint_32 user_chunk_cache_max) { if (png_ptr != NULL) png_ptr->user_chunk_cache_max = user_chunk_cache_max; @@ -1657,7 +1660,7 @@ png_set_chunk_cache_max (png_structrp png_ptr, png_uint_32 user_chunk_cache_max) /* This function was added to libpng 1.4.1 */ void PNGAPI -png_set_chunk_malloc_max (png_structrp png_ptr, +png_set_chunk_malloc_max(png_structrp png_ptr, png_alloc_size_t user_chunk_malloc_max) { if (png_ptr != NULL) diff --git a/png/pngwrite.c b/png/pngwrite.c index 59377a4dd..4e58d776a 100644 --- a/png/pngwrite.c +++ b/png/pngwrite.c @@ -1,7 +1,7 @@ /* pngwrite.c - general routines to write a PNG file * - * Copyright (c) 2018-2019 Cosmin Truta + * Copyright (c) 2018-2022 Cosmin Truta * Copyright (c) 1998-2002,2004,2006-2018 Glenn Randers-Pehrson * Copyright (c) 1996-1997 Andreas Dilger * Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc. @@ -75,10 +75,10 @@ write_unknown_chunks(png_structrp png_ptr, png_const_inforp info_ptr, * library. If you have a new chunk to add, make a function to write it, * and put it in the correct location here. If you want the chunk written * after the image data, put it in png_write_end(). I strongly encourage - * you to supply a PNG_INFO_ flag, and check info_ptr->valid before writing - * the chunk, as that will keep the code from breaking if you want to just - * write a plain PNG file. If you have long comments, I suggest writing - * them in png_write_end(), and compressing them. + * you to supply a PNG_INFO_<chunk> flag, and check info_ptr->valid before + * writing the chunk, as that will keep the code from breaking if you want + * to just write a plain PNG file. If you have long comments, I suggest + * writing them in png_write_end(), and compressing them. */ void PNGAPI png_write_info_before_PLTE(png_structrp png_ptr, png_const_inforp info_ptr) @@ -489,6 +489,16 @@ png_convert_from_time_t(png_timep ptime, time_t ttime) png_debug(1, "in png_convert_from_time_t"); tbuf = gmtime(&ttime); + if (tbuf == NULL) + { + /* TODO: add a safe function which takes a png_ptr argument and raises + * a png_error if the ttime argument is invalid and the call to gmtime + * fails as a consequence. + */ + memset(ptime, 0, sizeof(*ptime)); + return; + } + png_convert_from_struct_tm(ptime, tbuf); } #endif diff --git a/png/pngwutil.c b/png/pngwutil.c index 16345e4c0..01f0607c7 100644 --- a/png/pngwutil.c +++ b/png/pngwutil.c @@ -1,7 +1,7 @@ /* pngwutil.c - utilities to write a PNG file * - * Copyright (c) 2018 Cosmin Truta + * Copyright (c) 2018-2022 Cosmin Truta * Copyright (c) 1998-2002,2004,2006-2018 Glenn Randers-Pehrson * Copyright (c) 1996-1997 Andreas Dilger * Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc. @@ -1747,7 +1747,7 @@ png_write_pCAL(png_structrp png_ptr, png_charp purpose, png_int_32 X0, { png_uint_32 purpose_len; size_t units_len, total_len; - png_size_tp params_len; + size_t *params_len; png_byte buf[10]; png_byte new_purpose[80]; int i; @@ -1769,7 +1769,7 @@ png_write_pCAL(png_structrp png_ptr, png_charp purpose, png_int_32 X0, png_debug1(3, "pCAL units length = %d", (int)units_len); total_len = purpose_len + units_len + 10; - params_len = (png_size_tp)png_malloc(png_ptr, + params_len = (size_t *)png_malloc(png_ptr, (png_alloc_size_t)((png_alloc_size_t)nparams * (sizeof (size_t)))); /* Find the length of each parameter, making sure we don't count the |