diff options
| author | Glenn Randers-Pehrson <glennrp at users.sourceforge.net> | 2012-03-04 22:25:10 -0600 |
|---|---|---|
| committer | Glenn Randers-Pehrson <glennrp at users.sourceforge.net> | 2012-03-06 12:26:33 -0600 |
| commit | 187694b9ec393421fec8d1e39a16cf405b856fa9 (patch) | |
| tree | e5faeaa7e73c0730deec2887d8b5d52ec8072079 | |
| parent | 3484a760f45e89a586514e2d4078938aac36c244 (diff) | |
| download | libpng-187694b9ec393421fec8d1e39a16cf405b856fa9.tar.gz | |
[master] Imported from libpng-1.5.10beta03.tar
| -rw-r--r-- | ANNOUNCE | 32 | ||||
| -rw-r--r-- | CHANGES | 23 | ||||
| -rw-r--r-- | CMakeLists.txt | 2 | ||||
| -rw-r--r-- | LICENSE | 4 | ||||
| -rw-r--r-- | Makefile.am | 6 | ||||
| -rw-r--r-- | Makefile.in | 8 | ||||
| -rw-r--r-- | README | 2 | ||||
| -rwxr-xr-x | configure | 22 | ||||
| -rw-r--r-- | configure.ac | 4 | ||||
| -rw-r--r-- | libpng-manual.txt | 31 | ||||
| -rw-r--r-- | libpng.3 | 47 | ||||
| -rw-r--r-- | libpngpf.3 | 4 | ||||
| -rw-r--r-- | png.5 | 2 | ||||
| -rw-r--r-- | png.c | 30 | ||||
| -rw-r--r-- | png.h | 28 | ||||
| -rw-r--r-- | pngconf.h | 2 | ||||
| -rw-r--r-- | pngpriv.h | 51 | ||||
| -rw-r--r-- | pngread.c | 17 | ||||
| -rw-r--r-- | pngrtran.c | 10 | ||||
| -rw-r--r-- | pngrutil.c | 2 | ||||
| -rw-r--r-- | pngset.c | 20 | ||||
| -rw-r--r-- | pngstruct.h | 13 | ||||
| -rw-r--r-- | pngtest.c | 2 | ||||
| -rw-r--r-- | pngtrans.c | 107 | ||||
| -rw-r--r-- | pngusr.dfa | 14 | ||||
| -rw-r--r-- | pngwrite.c | 16 | ||||
| -rw-r--r-- | projects/vstudio/readme.txt | 2 | ||||
| -rw-r--r-- | projects/vstudio/zlib.props | 2 | ||||
| -rw-r--r-- | scripts/README.txt | 12 | ||||
| -rwxr-xr-x | scripts/libpng-config-head.in | 2 | ||||
| -rw-r--r-- | scripts/libpng.pc.in | 2 | ||||
| -rw-r--r-- | scripts/makefile.ne12bsd | 2 | ||||
| -rw-r--r-- | scripts/makefile.netbsd | 2 | ||||
| -rw-r--r-- | scripts/makefile.openbsd | 2 | ||||
| -rwxr-xr-x | scripts/options.awk | 2 | ||||
| -rw-r--r-- | scripts/pnglibconf.dfa | 42 | ||||
| -rw-r--r-- | scripts/pnglibconf.h.prebuilt | 11 | ||||
| -rw-r--r-- | scripts/symbols.def | 3 |
38 files changed, 441 insertions, 142 deletions
@@ -1,5 +1,5 @@ -Libpng 1.5.10beta01 - February 21, 2012 +Libpng 1.5.10beta03 - March 5, 2012 This is not intended to be a public release. It will be replaced within a few weeks by a public version or by another test version. @@ -9,24 +9,24 @@ Files available for download: Source files with LF line endings (for Unix/Linux) and with a "configure" script - 1.5.10beta01.tar.xz (LZMA-compressed, recommended) - 1.5.10beta01.tar.gz - 1.5.10beta01.tar.bz2 + 1.5.10beta03.tar.xz (LZMA-compressed, recommended) + 1.5.10beta03.tar.gz + 1.5.10beta03.tar.bz2 Source files with CRLF line endings (for Windows), without the "configure" script - lp1510b01.7z (LZMA-compressed, recommended) - lp1510b01.zip + lp1510b03.7z (LZMA-compressed, recommended) + lp1510b03.zip Other information: - 1.5.10beta01-README.txt - 1.5.10beta01-LICENSE.txt + 1.5.10beta03-README.txt + 1.5.10beta03-LICENSE.txt Changes since the last public release (1.5.9): -Version 1.5.10beta01 [February 21, 2012] +Version 1.5.10beta01 [February 24, 2012] Removed two useless #ifdef directives from pngread.c and one from pngrutil.c Always put the CMAKE_LIBRARY in "lib" (removed special WIN32 case). Removed empty vstudio/pngstest directory (Clifford Yapp). @@ -35,6 +35,20 @@ Version 1.5.10beta01 [February 21, 2012] now that png_ptr->buffer is inaccessible to applications, the special handling is no longer useful. Fixed bug with png_handle_hIST with odd chunk length (Frank Busse). + Added PNG_SAFE_LIMITS feature to pnglibconf.dfa and code in pngconf.h + to reset the user limits to safe ones if PNG_SAFE_LIMITS is defined. + To enable, use "CPPFLAGS=-DPNG_SAFE_LIMITS_SUPPORTED" on the configure + command or put "#define PNG_SAFE_LIMITS_SUPPORTED" in pnglibconf.h. + Revised the SAFE_LIMITS feature to be the same as the feature in libpng16. + Added information about the new limits in the manual. + +Version 1.5.10beta02 [February 27, 2012] + Updated Makefile.in + +Version 1.5.10beta03 [March 5, 2012] + Removed unused "current_text" members of png_struct and the png_free() + of png_ptr->current_text from pngread.c + Added palette-index checking. Send comments/corrections/commendations to png-mng-implement at lists.sf.net: (subscription required; visit @@ -3803,14 +3803,15 @@ Version 1.5.9beta02 [February 16, 2012] Removed tests for no-longer-used *_EMPTY_PLTE_SUPPORTED from pngstruct.h Version 1.5.9rc01 [February 17, 2012] - Fixed CVE-2011-3026 buffer overrun bug. Deal more correctly with the test - on iCCP chunk length. Also removed spurious casts that may hide problems - on 16-bit systems. + Fixed CVE-2011-3026 buffer overrun bug. This bug was introduced when + iCCP chunk support was added at libpng-1.0.6. Deal more correctly with the + test on iCCP chunk length. Also removed spurious casts that may hide + problems on 16-bit systems. Version 1.5.9 [February 18, 2012] No changes. -Version 1.5.10beta01 [February 21, 2012] +Version 1.5.10beta01 [February 24, 2012] Removed two useless #ifdef directives from pngread.c and one from pngrutil.c Always put the CMAKE_LIBRARY in "lib" (removed special WIN32 case). Removed empty vstudio/pngstest directory (Clifford Yapp). @@ -3819,6 +3820,20 @@ Version 1.5.10beta01 [February 21, 2012] now that png_ptr->buffer is inaccessible to applications, the special handling is no longer useful. Fixed bug with png_handle_hIST with odd chunk length (Frank Busse). + Added PNG_SAFE_LIMITS feature to pnglibconf.dfa and code in pngconf.h + to reset the user limits to safe ones if PNG_SAFE_LIMITS is defined. + To enable, use "CPPFLAGS=-DPNG_SAFE_LIMITS_SUPPORTED" on the configure + command or put "#define PNG_SAFE_LIMITS_SUPPORTED" in pnglibconf.h. + Revised the SAFE_LIMITS feature to be the same as the feature in libpng16. + Added information about the new limits in the manual. + +Version 1.5.10beta02 [February 27, 2012] + Updated Makefile.in + +Version 1.5.10beta03 [March 5, 2012] + Removed unused "current_text" members of png_struct and the png_free() + of png_ptr->current_text from pngread.c + Added palette-index checking. Send comments/corrections/commendations to png-mng-implement at lists.sf.net (subscription required; visit diff --git a/CMakeLists.txt b/CMakeLists.txt index c1b1d988a..dd1831980 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -225,7 +225,7 @@ endif(NOT WIN32 OR CYGWIN OR MINGW) # SET UP LINKS if(PNG_SHARED) set_target_properties(${PNG_LIB_NAME} PROPERTIES -# VERSION 15.${PNGLIB_RELEASE}.1.5.10beta01 +# VERSION 15.${PNGLIB_RELEASE}.1.5.10beta03 VERSION 15.${PNGLIB_RELEASE}.0 SOVERSION 15 CLEAN_DIRECT_OUTPUT 1) @@ -10,7 +10,7 @@ this sentence. This code is released under the libpng license. -libpng versions 1.2.6, August 15, 2004, through 1.5.10beta01, February 21, 2012, are +libpng versions 1.2.6, August 15, 2004, through 1.5.10beta03, March 5, 2012, are Copyright (c) 2004, 2006-2011 Glenn Randers-Pehrson, and are distributed according to the same disclaimer and license as libpng-1.2.5 with the following individual added to the list of Contributing Authors @@ -108,4 +108,4 @@ certification mark of the Open Source Initiative. Glenn Randers-Pehrson glennrp at users.sourceforge.net -February 21, 2012 +March 5, 2012 diff --git a/Makefile.am b/Makefile.am index 822811576..19652c4bd 100644 --- a/Makefile.am +++ b/Makefile.am @@ -38,7 +38,7 @@ lib_LTLIBRARIES=libpng@PNGLIB_MAJOR@@PNGLIB_MINOR@.la libpng@PNGLIB_MAJOR@@PNGLIB_MINOR@_la_SOURCES = png.c pngerror.c\ pngget.c pngmem.c pngpread.c pngread.c pngrio.c pngrtran.c pngrutil.c\ pngset.c pngtrans.c pngwio.c pngwrite.c pngwtran.c pngwutil.c\ - png.h pngconf.h pngdebug.h pnginfo.h pngpriv.h pngstruct.h + png.h pngconf.h pngdebug.h pnginfo.h pngpriv.h pngstruct.h pngusr.dfa if PNG_ARM_NEON libpng@PNGLIB_MAJOR@@PNGLIB_MINOR@_la_SOURCES += arm/filter_neon.S @@ -153,11 +153,11 @@ SYMBOL_CFLAGS = -DPNGLIB_LIBNAME='PNG@PNGLIB_MAJOR@@PNGLIB_MINOR@_0'\ mv dfn3.out $@ # The .dfn file for pnglibconf.h is machine generated -pnglibconf.dfn: scripts/pnglibconf.dfa scripts/options.awk pngconf.h +pnglibconf.dfn: scripts/pnglibconf.dfa scripts/options.awk pngconf.h pngusr.dfa $(DFA_XTRA) rm -f $@ dfn?.out $(AWK) -f ${srcdir}/scripts/options.awk out=dfn1.out version=search\ ${srcdir}/pngconf.h ${srcdir}/scripts/pnglibconf.dfa\ - $(DFA_XTRA) 1>&2 + ${srcdir}/pngusr.dfa $(DFA_XTRA) 1>&2 $(AWK) -f ${srcdir}/scripts/options.awk out=dfn2.out dfn1.out 1>&2 rm dfn1.out mv dfn2.out $@ diff --git a/Makefile.in b/Makefile.in index ebc8bc61c..2ff35f74a 100644 --- a/Makefile.in +++ b/Makefile.in @@ -102,7 +102,7 @@ am__libpng@PNGLIB_MAJOR@@PNGLIB_MINOR@_la_SOURCES_DIST = png.c \ pngerror.c pngget.c pngmem.c pngpread.c pngread.c pngrio.c \ pngrtran.c pngrutil.c pngset.c pngtrans.c pngwio.c pngwrite.c \ pngwtran.c pngwutil.c png.h pngconf.h pngdebug.h pnginfo.h \ - pngpriv.h pngstruct.h arm/filter_neon.S + pngpriv.h pngstruct.h arm/filter_neon.S pngusr.dfa @PNG_ARM_NEON_TRUE@am__objects_1 = libpng@PNGLIB_MAJOR@@PNGLIB_MINOR@_la-filter_neon.lo am_libpng@PNGLIB_MAJOR@@PNGLIB_MINOR@_la_OBJECTS = \ libpng@PNGLIB_MAJOR@@PNGLIB_MINOR@_la-png.lo \ @@ -356,7 +356,7 @@ libpng@PNGLIB_MAJOR@@PNGLIB_MINOR@_la_SOURCES = png.c pngerror.c \ pngget.c pngmem.c pngpread.c pngread.c pngrio.c pngrtran.c \ pngrutil.c pngset.c pngtrans.c pngwio.c pngwrite.c pngwtran.c \ pngwutil.c png.h pngconf.h pngdebug.h pnginfo.h pngpriv.h \ - pngstruct.h $(am__append_1) + pngstruct.h pngusr.dfa $(am__append_1) nodist_libpng@PNGLIB_MAJOR@@PNGLIB_MINOR@_la_SOURCES = pnglibconf.h libpng@PNGLIB_MAJOR@@PNGLIB_MINOR@_la_CPPFLAGS = @LIBPNG_DEFINES@ libpng@PNGLIB_MAJOR@@PNGLIB_MINOR@_la_LDFLAGS = -no-undefined \ @@ -1373,11 +1373,11 @@ contrib/libtests/pngvalid.o pngtest.o: pnglibconf.h mv dfn3.out $@ # The .dfn file for pnglibconf.h is machine generated -pnglibconf.dfn: scripts/pnglibconf.dfa scripts/options.awk pngconf.h +pnglibconf.dfn: scripts/pnglibconf.dfa scripts/options.awk pngconf.h pngusr.dfa $(DFA_XTRA) rm -f $@ dfn?.out $(AWK) -f ${srcdir}/scripts/options.awk out=dfn1.out version=search\ ${srcdir}/pngconf.h ${srcdir}/scripts/pnglibconf.dfa\ - $(DFA_XTRA) 1>&2 + ${srcdir}/pngusr.dfa $(DFA_XTRA) 1>&2 $(AWK) -f ${srcdir}/scripts/options.awk out=dfn2.out dfn1.out 1>&2 rm dfn1.out mv dfn2.out $@ @@ -1,4 +1,4 @@ -README for libpng version 1.5.10beta01 - February 21, 2012 (shared library 15.0) +README for libpng version 1.5.10beta03 - March 5, 2012 (shared library 15.0) See the note about version numbers near the top of png.h See INSTALL for instructions on how to install libpng. @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.68 for libpng 1.5.10beta01. +# Generated by GNU Autoconf 2.68 for libpng 1.5.10beta03. # # Report bugs to <png-mng-implement@lists.sourceforge.net>. # @@ -570,8 +570,8 @@ MAKEFLAGS= # Identity of this package. PACKAGE_NAME='libpng' PACKAGE_TARNAME='libpng' -PACKAGE_VERSION='1.5.10beta01' -PACKAGE_STRING='libpng 1.5.10beta01' +PACKAGE_VERSION='1.5.10beta03' +PACKAGE_STRING='libpng 1.5.10beta03' PACKAGE_BUGREPORT='png-mng-implement@lists.sourceforge.net' PACKAGE_URL='' @@ -1321,7 +1321,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures libpng 1.5.10beta01 to adapt to many kinds of systems. +\`configure' configures libpng 1.5.10beta03 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1391,7 +1391,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of libpng 1.5.10beta01:";; + short | recursive ) echo "Configuration of libpng 1.5.10beta03:";; esac cat <<\_ACEOF @@ -1502,7 +1502,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -libpng configure 1.5.10beta01 +libpng configure 1.5.10beta03 generated by GNU Autoconf 2.68 Copyright (C) 2010 Free Software Foundation, Inc. @@ -1925,7 +1925,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by libpng $as_me 1.5.10beta01, which was +It was created by libpng $as_me 1.5.10beta03, which was generated by GNU Autoconf 2.68. Invocation command line was $ $0 $@ @@ -2740,7 +2740,7 @@ fi # Define the identity of the package. PACKAGE='libpng' - VERSION='1.5.10beta01' + VERSION='1.5.10beta03' cat >>confdefs.h <<_ACEOF @@ -2804,7 +2804,7 @@ fi -PNGLIB_VERSION=1.5.10beta01 +PNGLIB_VERSION=1.5.10beta03 PNGLIB_MAJOR=1 PNGLIB_MINOR=5 PNGLIB_RELEASE=10 @@ -13417,7 +13417,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by libpng $as_me 1.5.10beta01, which was +This file was extended by libpng $as_me 1.5.10beta03, which was generated by GNU Autoconf 2.68. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -13483,7 +13483,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -libpng config.status 1.5.10beta01 +libpng config.status 1.5.10beta03 configured by $0, generated by GNU Autoconf 2.68, with options \\"\$ac_cs_config\\" diff --git a/configure.ac b/configure.ac index a099857e9..b2d52c44e 100644 --- a/configure.ac +++ b/configure.ac @@ -18,12 +18,12 @@ AC_PREREQ(2.59) dnl Version number stuff here: -AC_INIT([libpng], [1.5.10beta01], [png-mng-implement@lists.sourceforge.net]) +AC_INIT([libpng], [1.5.10beta03], [png-mng-implement@lists.sourceforge.net]) AM_INIT_AUTOMAKE dnl stop configure from automagically running automake AM_MAINTAINER_MODE -PNGLIB_VERSION=1.5.10beta01 +PNGLIB_VERSION=1.5.10beta03 PNGLIB_MAJOR=1 PNGLIB_MINOR=5 PNGLIB_RELEASE=10 diff --git a/libpng-manual.txt b/libpng-manual.txt index 1163cb075..b6942f4fb 100644 --- a/libpng-manual.txt +++ b/libpng-manual.txt @@ -1,6 +1,6 @@ libpng-manual.txt - A description on how to use and modify libpng - libpng version 1.5.10beta01 - February 21, 2012 + libpng version 1.5.10beta03 - March 5, 2012 Updated and distributed by Glenn Randers-Pehrson <glennrp at users.sourceforge.net> Copyright (c) 1998-2011 Glenn Randers-Pehrson @@ -11,7 +11,7 @@ libpng-manual.txt - A description on how to use and modify libpng Based on: - libpng versions 0.97, January 1998, through 1.5.10beta01 - February 21, 2012 + libpng versions 0.97, January 1998, through 1.5.10beta03 - March 5, 2012 Updated and distributed by Glenn Randers-Pehrson Copyright (c) 1998-2011 Glenn Randers-Pehrson @@ -4142,6 +4142,15 @@ X. Changes to Libpng from version 1.4.x to 1.5.x From libpng-1.4.0 until 1.4.4, the png_get_uint_16 macro (but not the function) incorrectly returned a value of type png_uint_32. +Checking for invalid palette index on read or write was added at libpng +1.5.10. This is enabled by default but can be disabled in each png_ptr with + + png_set_check_for_invalid_index(png_ptr, allowed); + + allowed - one of + 0: disable + 1: enable + A. Changes that affect users of libpng There are no substantial API changes between the non-deprecated parts of @@ -4260,6 +4269,20 @@ PNG_USER_WIDTH_MAX and PNG_USER_HEIGHT_MAX, although this document said that it could be used to override them. Now this function will reduce or increase the limits. +Starting in libpng-1.5.10, the user limits can be set en masse with the +configuration option PNG_SAFE_LIMITS_SUPPORTED. If this option is enabled, +a set of "safe" limits is applied in pngpriv.h. These can be overridden by +application calls to png_set_user_limits(), png_set_user_chunk_cache_max(), +and/or png_set_user_malloc_max() that increase or decrease the limits. Also, +in libpng-1.5.10 the default width and height limits were increased +from 1,000,000 to 0x7ffffff (i.e., made unlimited). Therefore, the +limits are now + default safe + png_user_width_max 0x7fffffff 1,000,000 + png_user_height_max 0x7fffffff 1,000,000 + png_user_chunk_cache_max 0 (unlimited) 128 + png_user_chunk_malloc_max 0 (unlimited) 8,000,000 + B. Changes to the build and configuration of libpng Details of internal changes to the library code can be found in the CHANGES @@ -4573,13 +4596,13 @@ Other rules can be inferred by inspecting the libpng source. XIV. Y2K Compliance in libpng -February 21, 2012 +March 5, 2012 Since the PNG Development group is an ad-hoc body, we can't make an official declaration. This is your unofficial assurance that libpng from version 0.71 and -upward through 1.5.10beta01 are Y2K compliant. It is my belief that earlier +upward through 1.5.10beta03 are Y2K compliant. It is my belief that earlier versions were also Y2K compliant. Libpng only has three year fields. One is a 2-byte unsigned integer that @@ -1,6 +1,6 @@ -.TH LIBPNG 3 "February 21, 2012" +.TH LIBPNG 3 "March 5, 2012" .SH NAME -libpng \- Portable Network Graphics (PNG) Reference Library 1.5.10beta01 +libpng \- Portable Network Graphics (PNG) Reference Library 1.5.10beta03 .SH SYNOPSIS \fI\fB @@ -552,6 +552,10 @@ libpng \- Portable Network Graphics (PNG) Reference Library 1.5.10beta01 \fI\fB +\fBvoid png_set_check_for_invalid_index(png_structrp \fP\fIpng_ptr\fP\fB, int \fIallowed\fP\fB);\fP + +\fI\fB + \fBvoid png_set_cHRM (png_structp \fP\fIpng_ptr\fP\fB, png_infop \fP\fIinfo_ptr\fP\fB, double \fP\fIwhite_x\fP\fB, double \fP\fIwhite_y\fP\fB, double \fP\fIred_x\fP\fB, double \fP\fIred_y\fP\fB, double \fP\fIgreen_x\fP\fB, double \fP\fIgreen_y\fP\fB, double \fP\fIblue_x\fP\fB, double \fIblue_y\fP\fB);\fP \fI\fB @@ -977,7 +981,7 @@ Following is a copy of the libpng-manual.txt file that accompanies libpng. .SH LIBPNG.TXT libpng-manual.txt - A description on how to use and modify libpng - libpng version 1.5.10beta01 - February 21, 2012 + libpng version 1.5.10beta03 - March 5, 2012 Updated and distributed by Glenn Randers-Pehrson <glennrp at users.sourceforge.net> Copyright (c) 1998-2011 Glenn Randers-Pehrson @@ -988,7 +992,7 @@ libpng-manual.txt - A description on how to use and modify libpng Based on: - libpng versions 0.97, January 1998, through 1.5.10beta01 - February 21, 2012 + libpng versions 0.97, January 1998, through 1.5.10beta03 - March 5, 2012 Updated and distributed by Glenn Randers-Pehrson Copyright (c) 1998-2011 Glenn Randers-Pehrson @@ -5120,6 +5124,15 @@ We removed the trailing '.' from the warning and error messages. From libpng-1.4.0 until 1.4.4, the png_get_uint_16 macro (but not the function) incorrectly returned a value of type png_uint_32. +Checking for invalid palette index on read or write was added at libpng +1.5.10. This is enabled by default but can be disabled in each png_ptr with + + png_set_check_for_invalid_index(png_ptr, allowed); + + allowed - one of + 0: disable + 1: enable + A. Changes that affect users of libpng There are no substantial API changes between the non-deprecated parts of @@ -5238,6 +5251,20 @@ PNG_USER_WIDTH_MAX and PNG_USER_HEIGHT_MAX, although this document said that it could be used to override them. Now this function will reduce or increase the limits. +Starting in libpng-1.5.10, the user limits can be set en masse with the +configuration option PNG_SAFE_LIMITS_SUPPORTED. If this option is enabled, +a set of "safe" limits is applied in pngpriv.h. These can be overridden by +application calls to png_set_user_limits(), png_set_user_chunk_cache_max(), +and/or png_set_user_malloc_max() that increase or decrease the limits. Also, +in libpng-1.5.10 the default width and height limits were increased +from 1,000,000 to 0x7ffffff (i.e., made unlimited). Therefore, the +limits are now + default safe + png_user_width_max 0x7fffffff 1,000,000 + png_user_height_max 0x7fffffff 1,000,000 + png_user_chunk_cache_max 0 (unlimited) 128 + png_user_chunk_malloc_max 0 (unlimited) 8,000,000 + B. Changes to the build and configuration of libpng Details of internal changes to the library code can be found in the CHANGES @@ -5551,13 +5578,13 @@ Other rules can be inferred by inspecting the libpng source. .SH XIV. Y2K Compliance in libpng -February 21, 2012 +March 5, 2012 Since the PNG Development group is an ad-hoc body, we can't make an official declaration. This is your unofficial assurance that libpng from version 0.71 and -upward through 1.5.10beta01 are Y2K compliant. It is my belief that earlier +upward through 1.5.10beta03 are Y2K compliant. It is my belief that earlier versions were also Y2K compliant. Libpng only has three year fields. One is a 2-byte unsigned integer that @@ -5768,7 +5795,7 @@ the first widely used release: 1.5.9beta01-02 15 10509 15.so.15.9[.0] 1.5.9rc01 15 10509 15.so.15.9[.0] 1.5.9 15 10509 15.so.15.9[.0] - 1.5.10beta01 15 10510 15.so.15.10[.0] + 1.5.10beta01-03 15 10510 15.so.15.10[.0] Henceforth the source version will match the shared-library minor and patch numbers; the shared-library major version number will be @@ -5825,7 +5852,7 @@ possible without all of you. Thanks to Frank J. T. Wojcik for helping with the documentation. -Libpng version 1.5.10beta01 - February 21, 2012: +Libpng version 1.5.10beta03 - March 5, 2012: Initially created in 1995 by Guy Eric Schalnat, then of Group 42, Inc. Currently maintained by Glenn Randers-Pehrson (glennrp at users.sourceforge.net). @@ -5848,7 +5875,7 @@ this sentence. This code is released under the libpng license. -libpng versions 1.2.6, August 15, 2004, through 1.5.10beta01, February 21, 2012, are +libpng versions 1.2.6, August 15, 2004, through 1.5.10beta03, March 5, 2012, are Copyright (c) 2004,2006-2007 Glenn Randers-Pehrson, and are distributed according to the same disclaimer and license as libpng-1.2.5 with the following individual added to the list of Contributing Authors @@ -5947,7 +5974,7 @@ certification mark of the Open Source Initiative. Glenn Randers-Pehrson glennrp at users.sourceforge.net -February 21, 2012 +March 5, 2012 .\" end of man page diff --git a/libpngpf.3 b/libpngpf.3 index 7722c281a..a9317b392 100644 --- a/libpngpf.3 +++ b/libpngpf.3 @@ -1,6 +1,6 @@ -.TH LIBPNGPF 3 "February 21, 2012" +.TH LIBPNGPF 3 "March 5, 2012" .SH NAME -libpng \- Portable Network Graphics (PNG) Reference Library 1.5.10beta01 +libpng \- Portable Network Graphics (PNG) Reference Library 1.5.10beta03 (private functions) .SH SYNOPSIS \fB#include \fI"pngpriv.h" @@ -1,4 +1,4 @@ -.TH PNG 5 "February 21, 2012" +.TH PNG 5 "March 5, 2012" .SH NAME png \- Portable Network Graphics (PNG) format .SH DESCRIPTION @@ -1,8 +1,8 @@ /* png.c - location for general purpose libpng functions * - * Last changed in libpng 1.5.7 [December 15, 2011] - * Copyright (c) 1998-2011 Glenn Randers-Pehrson + * Last changed in libpng 1.5.10 [(PENDING RELEASE)] + * Copyright (c) 1998-2012 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * @@ -14,7 +14,7 @@ #include "pngpriv.h" /* Generate a compiler error if there is an old png.h in the search path. */ -typedef png_libpng_version_1_5_10beta01 Your_png_h_is_not_version_1_5_10beta01; +typedef png_libpng_version_1_5_10beta03 Your_png_h_is_not_version_1_5_10beta03; /* Tells libpng that we have already handled the first "num_bytes" bytes * of the PNG file signature. If the PNG data is embedded into another @@ -655,13 +655,13 @@ png_get_copyright(png_const_structp png_ptr) #else # ifdef __STDC__ return PNG_STRING_NEWLINE \ - "libpng version 1.5.10beta01 - February 21, 2012" PNG_STRING_NEWLINE \ + "libpng version 1.5.10beta03 - March 5, 2012" PNG_STRING_NEWLINE \ "Copyright (c) 1998-2011 Glenn Randers-Pehrson" PNG_STRING_NEWLINE \ "Copyright (c) 1996-1997 Andreas Dilger" PNG_STRING_NEWLINE \ "Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc." \ PNG_STRING_NEWLINE; # else - return "libpng version 1.5.10beta01 - February 21, 2012\ + return "libpng version 1.5.10beta03 - March 5, 2012\ Copyright (c) 1998-2011 Glenn Randers-Pehrson\ Copyright (c) 1996-1997 Andreas Dilger\ Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc."; @@ -1467,7 +1467,7 @@ static double png_pow10(int power) { int recip = 0; - double d = 1; + double d = 1.0; /* Handle negative exponent with a reciprocal at the end because * 10 is exact whereas .1 is inexact in base 2 @@ -1481,7 +1481,7 @@ png_pow10(int power) if (power > 0) { /* Decompose power bitwise. */ - double mult = 10; + double mult = 10.0; do { if (power & 1) d *= mult; @@ -1600,7 +1600,8 @@ png_ascii_from_fp(png_structp png_ptr, png_charp ascii, png_size_t size, { double d; - fp *= 10; + fp *= 10.0; + /* Use modf here, not floor and subtract, so that * the separation is done in one step. At the end * of the loop don't break the number into parts so @@ -1613,7 +1614,7 @@ png_ascii_from_fp(png_structp png_ptr, png_charp ascii, png_size_t size, { d = floor(fp + .5); - if (d > 9) + if (d > 9.0) { /* Rounding up to 10, handle that here. */ if (czero > 0) @@ -1621,9 +1622,10 @@ png_ascii_from_fp(png_structp png_ptr, png_charp ascii, png_size_t size, --czero, d = 1; if (cdigits == 0) --clead; } + else { - while (cdigits > 0 && d > 9) + while (cdigits > 0 && d > 9.0) { int ch = *--ascii; @@ -1648,7 +1650,7 @@ png_ascii_from_fp(png_structp png_ptr, png_charp ascii, png_size_t size, * exponent but take into account the leading * decimal point. */ - if (d > 9) /* cdigits == 0 */ + if (d > 9.0) /* cdigits == 0 */ { if (exp_b10 == (-1)) { @@ -1669,18 +1671,19 @@ png_ascii_from_fp(png_structp png_ptr, png_charp ascii, png_size_t size, ++exp_b10; /* In all cases we output a '1' */ - d = 1; + d = 1.0; } } } fp = 0; /* Guarantees termination below. */ } - if (d == 0) + if (d == 0.0) { ++czero; if (cdigits == 0) ++clead; } + else { /* Included embedded zeros in the digit count. */ @@ -1708,6 +1711,7 @@ png_ascii_from_fp(png_structp png_ptr, png_charp ascii, png_size_t size, above */ --exp_b10; } + *ascii++ = (char)(48 + (int)d), ++cdigits; } } @@ -1,7 +1,7 @@ /* png.h - header file for PNG reference library * - * libpng version 1.5.10beta01 - February 21, 2012 + * libpng version 1.5.10beta03 - March 5, 2012 * Copyright (c) 1998-2012 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) @@ -11,7 +11,7 @@ * Authors and maintainers: * libpng versions 0.71, May 1995, through 0.88, January 1996: Guy Schalnat * libpng versions 0.89c, June 1996, through 0.96, May 1997: Andreas Dilger - * libpng versions 0.97, January 1998, through 1.5.10beta01 - February 21, 2012: Glenn + * libpng versions 0.97, January 1998, through 1.5.10beta03 - March 5, 2012: Glenn * See also "Contributing Authors", below. * * Note about libpng version numbers: @@ -172,7 +172,7 @@ * 1.5.9beta01-02 15 10509 15.so.15.9[.0] * 1.5.9rc01 15 10509 15.so.15.9[.0] * 1.5.9 15 10509 15.so.15.9[.0] - * 1.5.10beta01 15 10510 15.so.15.10[.0] + * 1.5.10beta01-03 15 10510 15.so.15.10[.0] * * Henceforth the source version will match the shared-library major * and minor numbers; the shared-library major version number will be @@ -204,7 +204,7 @@ * * This code is released under the libpng license. * - * libpng versions 1.2.6, August 15, 2004, through 1.5.10beta01, February 21, 2012, are + * libpng versions 1.2.6, August 15, 2004, through 1.5.10beta03, March 5, 2012, are * Copyright (c) 2004, 2006-2012 Glenn Randers-Pehrson, and are * distributed according to the same disclaimer and license as libpng-1.2.5 * with the following individual added to the list of Contributing Authors: @@ -316,13 +316,13 @@ * Y2K compliance in libpng: * ========================= * - * February 21, 2012 + * March 5, 2012 * * Since the PNG Development group is an ad-hoc body, we can't make * an official declaration. * * This is your unofficial assurance that libpng from version 0.71 and - * upward through 1.5.10beta01 are Y2K compliant. It is my belief that + * upward through 1.5.10beta03 are Y2K compliant. It is my belief that * earlier versions were also Y2K compliant. * * Libpng only has two year fields. One is a 2-byte unsigned integer @@ -380,9 +380,9 @@ */ /* Version information for png.h - this should match the version in png.c */ -#define PNG_LIBPNG_VER_STRING "1.5.10beta01" +#define PNG_LIBPNG_VER_STRING "1.5.10beta03" #define PNG_HEADER_VERSION_STRING \ - " libpng version 1.5.10beta01 - February 21, 2012\n" + " libpng version 1.5.10beta03 - March 5, 2012\n" #define PNG_LIBPNG_VER_SONUM 15 #define PNG_LIBPNG_VER_DLLNUM 15 @@ -396,7 +396,7 @@ * PNG_LIBPNG_VER_STRING, omitting any leading zero: */ -#define PNG_LIBPNG_VER_BUILD 01 +#define PNG_LIBPNG_VER_BUILD 03 /* Release Status */ #define PNG_LIBPNG_BUILD_ALPHA 1 @@ -543,7 +543,7 @@ extern "C" { /* This triggers a compiler error in png.c, if png.c and png.h * do not agree upon the version number. */ -typedef char* png_libpng_version_1_5_10beta01; +typedef char* png_libpng_version_1_5_10beta03; /* Three color definitions. The order of the red, green, and blue, (and the * exact size) is not important, although the size of the fields need to @@ -2638,6 +2638,12 @@ PNG_EXPORT(207, void, png_save_uint_16, (png_bytep buf, unsigned int i)); : (png_int_32)png_get_uint_32(buf))) #endif +#if defined(PNG_READ_CHECK_FOR_INVALID_INDEX_SUPPORTED) || \ + defined(PNG_WRITE_CHECK_FOR_INVALID_INDEX_SUPPORTED) +PNG_EXPORT(234, void, png_set_check_for_invalid_index, (png_structp png_ptr, + int allowed)); +#endif + /* Maintainer: Put new public prototypes here ^, in libpng.3, and project * defs */ @@ -2647,7 +2653,7 @@ PNG_EXPORT(207, void, png_save_uint_16, (png_bytep buf, unsigned int i)); * scripts/symbols.def as well. */ #ifdef PNG_EXPORT_LAST_ORDINAL - PNG_EXPORT_LAST_ORDINAL(233); + PNG_EXPORT_LAST_ORDINAL(234); #endif #ifdef __cplusplus @@ -1,7 +1,7 @@ /* pngconf.h - machine configurable file for libpng * - * libpng version 1.5.10beta01 - February 21, 2012 + * libpng version 1.5.10beta03 - March 5, 2012 * * Copyright (c) 1998-2012 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) @@ -2,11 +2,11 @@ /* pngpriv.h - private declarations for use inside libpng * * For conditions of distribution and use, see copyright notice in png.h - * Copyright (c) 1998-2011 Glenn Randers-Pehrson + * Copyright (c) 1998-2012 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * - * Last changed in libpng 1.5.7 [December 15, 2011] + * Last changed in libpng 1.5.10 [(PENDING RELEASE)] * * This code is released under the libpng license. * For conditions of distribution and use, see the disclaimer @@ -133,6 +133,46 @@ # define PNG_DLL_EXPORT #endif +/* SECURITY and SAFETY: + * + * By default libpng is built without any internal limits on image size, + * individual heap (png_malloc) allocations or the total amount of memory used. + * If PNG_SAFE_LIMITS_SUPPORTED is defined, however, the limits below are used + * (unless individually overridden). These limits are believed to be fairly + * safe, but builders of secure systems should verify the values against the + * real system capabilities. + */ + +#ifdef PNG_SAFE_LIMITS_SUPPORTED + /* 'safe' limits */ +# ifndef PNG_USER_WIDTH_MAX +# define PNG_USER_WIDTH_MAX 1000000 +# endif +# ifndef PNG_USER_HEIGHT_MAX +# define PNG_USER_HEIGHT_MAX 1000000 +# endif +# ifndef PNG_USER_CHUNK_CACHE_MAX +# define PNG_USER_CHUNK_CACHE_MAX 128 +# endif +# ifndef PNG_USER_CHUNK_MALLOC_MAX +# define PNG_USER_CHUNK_MALLOC_MAX 8000000 +# endif +#else + /* values for no limits */ +# ifndef PNG_USER_WIDTH_MAX +# define PNG_USER_WIDTH_MAX 0x7fffffff +# endif +# ifndef PNG_USER_HEIGHT_MAX +# define PNG_USER_HEIGHT_MAX 0x7fffffff +# endif +# ifndef PNG_USER_CHUNK_CACHE_MAX +# define PNG_USER_CHUNK_CACHE_MAX 0 +# endif +# ifndef PNG_USER_CHUNK_MALLOC_MAX +# define PNG_USER_CHUNK_MALLOC_MAX 0 +# endif +#endif + /* This is used for 16 bit gamma tables - only the top level pointers are const, * this could be changed: */ @@ -1355,6 +1395,13 @@ PNG_EXTERN void png_check_IHDR PNGARG((png_structp png_ptr, int color_type, int interlace_type, int compression_type, int filter_type)); +/* Added at libpng version 1.5.10 */ +#if defined(PNG_READ_CHECK_FOR_INVALID_INDEX_SUPPORTED) || \ + defined(PNG_WRITE_CHECK_FOR_INVALID_INDEX_SUPPORTED) +PNG_EXTERN void png_do_check_palette_indexes PNGARG((png_structp png_ptr, + png_row_infop row_info)); +#endif + /* Free all memory used by the read (old method - NOT DLL EXPORTED) */ PNG_EXTERN void png_read_destroy PNGARG((png_structp png_ptr, png_infop info_ptr, png_infop end_info_ptr)); @@ -1,8 +1,8 @@ /* pngread.c - read a PNG file * - * Last changed in libpng 1.5.7 [December 15, 2011] - * Copyright (c) 1998-2011 Glenn Randers-Pehrson + * Last changed in libpng 1.5.10 [(PENDING RELEASE)] + * Copyright (c) 1998-2012 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * @@ -801,6 +801,13 @@ png_read_end(png_structp png_ptr, png_infop info_ptr) png_crc_finish(png_ptr, 0); /* Finish off CRC from last IDAT chunk */ +#ifdef PNG_READ_CHECK_FOR_INVALID_INDEX_SUPPORTED + /* Report invalid palette index; added at libng-1.5.10 */ + if (png_ptr->color_type == PNG_COLOR_TYPE_PALETTE && + png_ptr->num_palette_max > png_ptr->num_palette) + png_warning(png_ptr, "Read palette index exceeding num_palette"); +#endif + do { png_uint_32 length = png_read_chunk_header(png_ptr); @@ -1066,12 +1073,6 @@ png_read_destroy(png_structp png_ptr, png_infop info_ptr, png_free(png_ptr, png_ptr->save_buffer); #endif -#ifdef PNG_PROGRESSIVE_READ_SUPPORTED -#ifdef PNG_TEXT_SUPPORTED - png_free(png_ptr, png_ptr->current_text); -#endif /* PNG_TEXT_SUPPORTED */ -#endif /* PNG_PROGRESSIVE_READ_SUPPORTED */ - /* Save the important info out of the png_struct, in case it is * being used again. */ diff --git a/pngrtran.c b/pngrtran.c index 1079595f0..6102987dc 100644 --- a/pngrtran.c +++ b/pngrtran.c @@ -1,8 +1,8 @@ /* pngrtran.c - transforms the data in a row for PNG readers * - * Last changed in libpng 1.5.7 [December 15, 2011] - * Copyright (c) 1998-2011 Glenn Randers-Pehrson + * Last changed in libpng 1.5.10 [(PENDING RELEASE)] + * Copyright (c) 1998-2012 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * @@ -2296,6 +2296,12 @@ png_do_read_transformations(png_structp png_ptr, png_row_infop row_info) png_do_unpack(row_info, png_ptr->row_buf + 1); #endif +#ifdef PNG_READ_CHECK_FOR_INVALID_INDEX_SUPPORTED + /* Added at libpng-1.5.10 */ + if (row_info->color_type == PNG_COLOR_TYPE_PALETTE) + png_do_check_palette_indexes(png_ptr, row_info); +#endif + #ifdef PNG_READ_BGR_SUPPORTED if (png_ptr->transformations & PNG_BGR) png_do_bgr(row_info, png_ptr->row_buf + 1); diff --git a/pngrutil.c b/pngrutil.c index 629c33ad0..74822a92b 100644 --- a/pngrutil.c +++ b/pngrutil.c @@ -1,7 +1,7 @@ /* pngrutil.c - utilities to read a PNG file * - * Last changed in libpng 1.5.9 [(PENDING RELEASE)] + * Last changed in libpng 1.5.10 [(PENDING RELEASE)] * Copyright (c) 1998-2012 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) @@ -1,8 +1,8 @@ /* pngset.c - storage of image information into info struct * - * Last changed in libpng 1.5.7 [December 15, 2011] - * Copyright (c) 1998-2011 Glenn Randers-Pehrson + * Last changed in libpng 1.5.10 [(PENDING RELEASE)] + * Copyright (c) 1998-2012 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * @@ -1281,4 +1281,20 @@ png_set_benign_errors(png_structp png_ptr, int allowed) png_ptr->flags &= ~PNG_FLAG_BENIGN_ERRORS_WARN; } #endif /* PNG_BENIGN_ERRORS_SUPPORTED */ + +#ifdef PNG_READ_CHECK_FOR_INVALID_INDEX_SUPPORTED + /* Do not report invalid palette index; added at libng-1.5.10 */ +void PNGAPI +png_set_check_for_invalid_index(png_structp png_ptr, int allowed) +{ + png_debug(1, "in png_set_check_for_invalid_index"); + + if (allowed) + png_ptr->num_palette_max = 0; + + else + png_ptr->num_palette_max = -1; +} +#endif + #endif /* PNG_READ_SUPPORTED || PNG_WRITE_SUPPORTED */ diff --git a/pngstruct.h b/pngstruct.h index 3425ff24f..e062738f0 100644 --- a/pngstruct.h +++ b/pngstruct.h @@ -121,6 +121,12 @@ struct png_struct_def png_uint_32 crc; /* current chunk CRC value */ png_colorp palette; /* palette from the input file */ png_uint_16 num_palette; /* number of color entries in palette */ + +/* Added at libpng-1.5.10 */ +#ifdef PNG_CHECK_FOR_INVALID_INDEX_SUPPORTED + int num_palette_max; /* maximum palette index found in IDAT */ +#endif + png_uint_16 num_trans; /* number of transparency values */ png_byte compression; /* file compression type (always 0) */ png_byte filter; /* file filter type (always 0) */ @@ -211,13 +217,6 @@ struct png_struct_def int process_mode; /* what push library is currently doing */ int cur_palette; /* current push library palette index */ -# ifdef PNG_TEXT_SUPPORTED - png_size_t current_text_size; /* current size of text input data */ - png_size_t current_text_left; /* how much text left to read in input */ - png_charp current_text; /* current text chunk buffer */ - png_charp current_text_ptr; /* current location in current_text */ -# endif /* PNG_PROGRESSIVE_READ_SUPPORTED && PNG_TEXT_SUPPORTED */ - #endif /* PNG_PROGRESSIVE_READ_SUPPORTED */ #if defined(__TURBOC__) && !defined(_Windows) && !defined(__FLAT__) @@ -1817,4 +1817,4 @@ main(int argc, char *argv[]) } /* Generate a compiler error if there is an old png.h in the search path. */ -typedef png_libpng_version_1_5_10beta01 Your_png_h_is_not_version_1_5_10beta01; +typedef png_libpng_version_1_5_10beta03 Your_png_h_is_not_version_1_5_10beta03; diff --git a/pngtrans.c b/pngtrans.c index 6a6908dcd..9ea952ce7 100644 --- a/pngtrans.c +++ b/pngtrans.c @@ -1,8 +1,8 @@ /* pngtrans.c - transforms the data in a row (used by both readers and writers) * - * Last changed in libpng 1.5.4 [July 7, 2011] - * Copyright (c) 1998-2011 Glenn Randers-Pehrson + * Last changed in libpng 1.5.10 [(PENDING RELEASE)] + * Copyright (c) 1998-2012 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * @@ -619,6 +619,109 @@ png_do_bgr(png_row_infop row_info, png_bytep row) } #endif /* PNG_READ_BGR_SUPPORTED or PNG_WRITE_BGR_SUPPORTED */ +#if defined(PNG_READ_CHECK_FOR_INVALID_INDEX_SUPPORTED) || \ + defined(PNG_WRITE_CHECK_FOR_INVALID_INDEX_SUPPORTED) +/* Added at libpng-1.5.10 */ +void /* PRIVATE */ +png_do_check_palette_indexes(png_structp png_ptr, png_row_infop row_info) +{ + if (png_ptr->num_palette < (1 << row_info->bit_depth) && + png_ptr->num_palette_max >= 0) + { + /* Calculations moved outside switch in an attempt to stop different + * compiler warnings. 'padding' is in *bits* within the last byte, it is + * an 'int' because pixel_depth becomes an 'int' in the expression below, + * and this calculation is used because it avoids warnings that other + * forms produced on either GCC or MSVC. + */ + int padding = (-row_info->pixel_depth * row_info->width) & 7; + png_bytep rp = png_ptr->row_buf + 1 + row_info->rowbytes; + + switch (row_info->bit_depth) + { + case 1: + { + /* in this case, all bytes must be 0 so we don't need + * to unpack the pixels except for the rightmost one. + */ + for (; rp > png_ptr->row_buf; rp--) + { + if (*rp >> padding != 0) + png_ptr->num_palette_max = 1; + padding = 0; + } + + break; + } + + case 2: + { + for (; rp > png_ptr->row_buf; rp--) + { + int i = ((*rp >> padding) & 0x03); + + if (i > png_ptr->num_palette_max) + png_ptr->num_palette_max = i; + + i = (((*rp >> padding) >> 2) & 0x03); + + if (i > png_ptr->num_palette_max) + png_ptr->num_palette_max = i; + + i = (((*rp >> padding) >> 4) & 0x03); + + if (i > png_ptr->num_palette_max) + png_ptr->num_palette_max = i; + + i = (((*rp >> padding) >> 6) & 0x03); + + if (i > png_ptr->num_palette_max) + png_ptr->num_palette_max = i; + + padding = 0; + } + + break; + } + + case 4: + { + for (; rp > png_ptr->row_buf; rp--) + { + int i = ((*rp >> padding) & 0x0f); + + if (i > png_ptr->num_palette_max) + png_ptr->num_palette_max = i; + + i = (((*rp >> padding) >> 4) & 0x0f); + + if (i > png_ptr->num_palette_max) + png_ptr->num_palette_max = i; + + padding = 0; + } + + break; + } + + case 8: + { + for (; rp > png_ptr->row_buf; rp--) + { + if (*rp >= png_ptr->num_palette_max) + png_ptr->num_palette_max = (int) *rp; + } + + break; + } + + default: + break; + } + } +} +#endif /* PNG_CHECK_FOR_INVALID_INDEX_SUPPORTED */ + #if defined(PNG_READ_USER_TRANSFORM_SUPPORTED) || \ defined(PNG_WRITE_USER_TRANSFORM_SUPPORTED) #ifdef PNG_USER_TRANSFORM_PTR_SUPPORTED diff --git a/pngusr.dfa b/pngusr.dfa new file mode 100644 index 000000000..9d39564b5 --- /dev/null +++ b/pngusr.dfa @@ -0,0 +1,14 @@ +# pngusr.dfa +# +# Build time configuration of libpng +# +# Enter build configuration options in this file +# +# Security settings: by default these limits are unset, you can change them +# here by entering the appropriate values as #defines preceded by '@' (to cause, +# them to be passed through to the build of pnglibconf.h), for example: +# +# @# define PNG_USER_WIDTH_MAX 1000000 +# @# define PNG_USER_HEIGHT_MAX 1000000 +# @# define PNG_USER_CHUNK_CACHE_MAX 128 +# @# define PNG_USER_CHUNK_MALLOC_MAX 8000000 diff --git a/pngwrite.c b/pngwrite.c index 6d3fd4c38..74aa7368e 100644 --- a/pngwrite.c +++ b/pngwrite.c @@ -1,8 +1,8 @@ /* pngwrite.c - general routines to write a PNG file * - * Last changed in libpng 1.5.7 [December 15, 2011] - * Copyright (c) 1998-2011 Glenn Randers-Pehrson + * Last changed in libpng 1.5.10 [(PENDING RELEASE)] + * Copyright (c) 1998-2012 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * @@ -305,6 +305,11 @@ png_write_end(png_structp png_ptr, png_infop info_ptr) if (!(png_ptr->mode & PNG_HAVE_IDAT)) png_error(png_ptr, "No IDATs written into file"); +#ifdef PNG_WRITE_CHECK_FOR_INVALID_INDEX_SUPPORTED + if (png_ptr->num_palette_max > png_ptr->num_palette) + png_warning(png_ptr, "Wrote palette index exceeding num_palette"); +#endif + /* See if user wants us to write information chunks */ if (info_ptr != NULL) { @@ -798,6 +803,13 @@ png_write_row(png_structp png_ptr, png_const_bytep row) } #endif +/* Added at libpng-1.5.10 */ +#ifdef PNG_WRITE_CHECK_FOR_INVALID_INDEX_SUPPORTED + /* Check for out-of-range palette index */ + if(row_info.color_type == PNG_COLOR_TYPE_PALETTE) + png_do_check_palette_indexes(png_ptr, &row_info); +#endif + /* Find a filter if necessary, filter the row and write it out. */ png_write_find_filter(png_ptr, &row_info); diff --git a/projects/vstudio/readme.txt b/projects/vstudio/readme.txt index abbbafa35..b78286d24 100644 --- a/projects/vstudio/readme.txt +++ b/projects/vstudio/readme.txt @@ -1,7 +1,7 @@ VisualStudio instructions -libpng version 1.5.10beta01 - February 21, 2012 +libpng version 1.5.10beta03 - March 5, 2012 Copyright (c) 1998-2010 Glenn Randers-Pehrson diff --git a/projects/vstudio/zlib.props b/projects/vstudio/zlib.props index 0456bda0f..3a6ff6d4d 100644 --- a/projects/vstudio/zlib.props +++ b/projects/vstudio/zlib.props @@ -2,7 +2,7 @@ <!-- * zlib.props - location of zlib source * - * libpng version 1.5.10beta01 - February 21, 2012 + * libpng version 1.5.10beta03 - March 5, 2012 * * Copyright (c) 1998-2011 Glenn Randers-Pehrson * diff --git a/scripts/README.txt b/scripts/README.txt index c46f7743b..b1f795079 100644 --- a/scripts/README.txt +++ b/scripts/README.txt @@ -1,9 +1,9 @@ -Makefiles for libpng version 1.5.10beta01 - February 21, 2012 +Makefiles for libpng version 1.5.10beta03 - March 5, 2012 pnglibconf.h.prebuilt => Stores configuration settings makefile.linux => Linux/ELF makefile - (gcc, creates libpng15.so.15.1.5.10beta01) + (gcc, creates libpng15.so.15.1.5.10beta03) makefile.gcc => Generic makefile (gcc, creates static libpng.a) makefile.knr => Archaic UNIX Makefile that converts files with ansi2knr (Requires ansi2knr.c from @@ -20,7 +20,7 @@ pnglibconf.h.prebuilt => Stores configuration settings makefile.dec => DEC Alpha UNIX makefile makefile.dj2 => DJGPP 2 makefile makefile.elf => Linux/ELF makefile symbol versioning, - (gcc, creates libpng15.so.15.1.5.10beta01) + (gcc, creates libpng15.so.15.1.5.10beta03) makefile.freebsd => FreeBSD makefile makefile.gcc => Generic gcc makefile makefile.hpgcc => HPUX makefile using gcc @@ -35,12 +35,12 @@ pnglibconf.h.prebuilt => Stores configuration settings makefile.os2 => OS/2 Makefile (gcc and emx, requires libpng.def) makefile.sco => For SCO OSr5 ELF and Unixware 7 with Native cc makefile.sggcc => Silicon Graphics (gcc, - creates libpng15.so.15.1.5.10beta01) + creates libpng15.so.15.1.5.10beta03) makefile.sgi => Silicon Graphics IRIX makefile (cc, creates static lib) makefile.solaris => Solaris 2.X makefile (gcc, - creates libpng15.so.15.1.5.10beta01) + creates libpng15.so.15.1.5.10beta03) makefile.so9 => Solaris 9 makefile (gcc, - creates libpng15.so.15.1.5.10beta01) + creates libpng15.so.15.1.5.10beta03) makefile.std => Generic UNIX makefile (cc, creates static libpng.a) makefile.sunos => Sun makefile makefile.32sunu => Sun Ultra 32-bit makefile diff --git a/scripts/libpng-config-head.in b/scripts/libpng-config-head.in index 44c47f9d7..75554475e 100755 --- a/scripts/libpng-config-head.in +++ b/scripts/libpng-config-head.in @@ -11,7 +11,7 @@ # Modeled after libxml-config. -version=1.5.10beta01 +version=1.5.10beta03 prefix="" libdir="" libs="" diff --git a/scripts/libpng.pc.in b/scripts/libpng.pc.in index 32123afcf..583ab0da3 100644 --- a/scripts/libpng.pc.in +++ b/scripts/libpng.pc.in @@ -5,6 +5,6 @@ includedir=@includedir@/libpng15 Name: libpng Description: Loads and saves PNG files -Version: 1.5.10beta01 +Version: 1.5.10beta03 Libs: -L${libdir} -lpng15 Cflags: -I${includedir} diff --git a/scripts/makefile.ne12bsd b/scripts/makefile.ne12bsd index dfa5b3f12..cc3fe99c4 100644 --- a/scripts/makefile.ne12bsd +++ b/scripts/makefile.ne12bsd @@ -17,7 +17,7 @@ INCSDIR=${LOCALBASE}/include/libpng15 LIB= png15 SHLIB_MAJOR= 0 -SHLIB_MINOR= 1.5.10beta01 +SHLIB_MINOR= 1.5.10beta03 SRCS= png.c pngset.c pngget.c pngrutil.c pngtrans.c pngwutil.c \ pngread.c pngrio.c pngwio.c pngwrite.c pngrtran.c \ pngwtran.c pngmem.c pngerror.c pngpread.c diff --git a/scripts/makefile.netbsd b/scripts/makefile.netbsd index c34e1d39b..bdc086378 100644 --- a/scripts/makefile.netbsd +++ b/scripts/makefile.netbsd @@ -17,7 +17,7 @@ INCSDIR=${LOCALBASE}/include LIB= png SHLIB_MAJOR= 15 -SHLIB_MINOR= 1.5.10beta01 +SHLIB_MINOR= 1.5.10beta03 SRCS= png.c pngset.c pngget.c pngrutil.c pngtrans.c pngwutil.c \ pngread.c pngrio.c pngwio.c pngwrite.c pngrtran.c \ pngwtran.c pngmem.c pngerror.c pngpread.c diff --git a/scripts/makefile.openbsd b/scripts/makefile.openbsd index 44a3062a2..9b824af0b 100644 --- a/scripts/makefile.openbsd +++ b/scripts/makefile.openbsd @@ -11,7 +11,7 @@ LIBDIR= ${PREFIX}/lib MANDIR= ${PREFIX}/man/cat SHLIB_MAJOR= 15 -SHLIB_MINOR= 1.5.10beta01 +SHLIB_MINOR= 1.5.10beta03 LIB= png SRCS= png.c pngerror.c pngget.c pngmem.c pngpread.c \ diff --git a/scripts/options.awk b/scripts/options.awk index a8dff044a..9ef98bc8e 100755 --- a/scripts/options.awk +++ b/scripts/options.awk @@ -42,7 +42,7 @@ BEGIN{ comment=start cx # Comment start cend="*/" end # Comment end def=start "#define PNG_" ct # Arbitrary define - sup=ct "_SUPPORTED" end # end supported option + sup=ct "_SUPPORTED 1" end # end supported option und=comment "#undef PNG_" ct # Unsupported option une=ct "_SUPPORTED" cend # end unsupported option error=start "ERROR:" # error message diff --git a/scripts/pnglibconf.dfa b/scripts/pnglibconf.dfa index a740d6827..f06eb6685 100644 --- a/scripts/pnglibconf.dfa +++ b/scripts/pnglibconf.dfa @@ -27,7 +27,7 @@ file pnglibconf.h scripts/pnglibconf.dfa PNGLCONF_H # The syntax is detailed in scripts/options.awk, this is a summary # only: # -# setting <name> [requires ...] [default] +# setting <name> [default] # #define PNG_<name> <value> /* value comes from current setting */ # option <name> [requires ...] [if ...] [enables ...] [disabled] # #define PNG_<name>_SUPPORTED if the requirements are met and @@ -266,20 +266,22 @@ option SET_USER_LIMITS enables SET_CHUNK_CACHE_LIMIT option SET_USER_LIMITS enables SET_CHUNK_MALLOC_LIMIT -# Added at libpng-1.0.16 and 1.2.6. To accept all valid PNGs no matter -# how large, set these two limits to 0x7fffffff - -setting USER_WIDTH_MAX default 1000000 -setting USER_HEIGHT_MAX default 1000000 - -# Added at libpng-1.2.43. To accept all valid PNGs no matter -# how large, set these two limits to 0. - -setting USER_CHUNK_CACHE_MAX default 0 - -# Added at libpng-1.2.43 - -setting USER_CHUNK_MALLOC_MAX default 0 +# Libpng limits. +# +# If these settings are *not* set libpng will not limit the size of +# images or the size of data in ancilliary chunks. This does lead to +# security issues if PNG files come from untrusted sources. +setting USER_WIDTH_MAX +setting USER_HEIGHT_MAX +setting USER_CHUNK_CACHE_MAX +setting USER_CHUNK_MALLOC_MAX + +# To default all these settings to values that are large but probably +# safe turn the SAFE_LIMITS option on; this will cause the value in +# pngpriv.h to be used. Individual values can also be set, simply set +# them in pngusr.dfa with '@#define PNG_setting value' lines. +option SAFE_LIMITS enables USER_LIMITS disabled += SAFE_LIMITS SAFE_LIMITS # All of the following options relate to code capabilities for # processing image data before creating a PNG or after reading one. @@ -576,3 +578,13 @@ option WRITE_COMPRESSED_TEXT enables WRITE_TEXT # leave the row_pointers member out of the info structure. option INFO_IMAGE + +# added at libpng-1.5.10 +# Turn this off to disable warning about invalid palette index and +# leave the num_palette_max member out of the png structure. + +option CHECK_FOR_INVALID_INDEX enables READ_CHECK_FOR_INVALID_INDEX +option CHECK_FOR_INVALID_INDEX enables WRITE_CHECK_FOR_INVALID_INDEX +option READ_CHECK_FOR_INVALID_INDEX requires READ CHECK_FOR_INVALID_INDEX +option WRITE_CHECK_FOR_INVALID_INDEX requires WRITE CHECK_FOR_INVALID_INDEX + diff --git a/scripts/pnglibconf.h.prebuilt b/scripts/pnglibconf.h.prebuilt index 411a1ba5c..6528db099 100644 --- a/scripts/pnglibconf.h.prebuilt +++ b/scripts/pnglibconf.h.prebuilt @@ -3,9 +3,9 @@ /* pnglibconf.h - library build configuration */ -/* Libpng 1.5.10beta01 - February 21, 2012 */ +/* Libpng 1.5.10beta03 - March 5, 2012 */ -/* Copyright (c) 1998-2011 Glenn Randers-Pehrson */ +/* Copyright (c) 1998-2012 Glenn Randers-Pehrson */ /* This code is released under the libpng license. */ /* For conditions of distribution and use, see the disclaimer */ @@ -31,10 +31,6 @@ #define PNG_QUANTIZE_GREEN_BITS 5 #define PNG_QUANTIZE_RED_BITS 5 #define PNG_sCAL_PRECISION 5 -#define PNG_USER_CHUNK_CACHE_MAX 0 -#define PNG_USER_CHUNK_MALLOC_MAX 0 -#define PNG_USER_HEIGHT_MAX 1000000 -#define PNG_USER_WIDTH_MAX 1000000 #define PNG_WEIGHT_SHIFT 8 #define PNG_ZBUF_SIZE 8192 /* end of settings */ @@ -45,6 +41,7 @@ #define PNG_bKGD_SUPPORTED #define PNG_BUILD_GRAYSCALE_PALETTE_SUPPORTED #define PNG_CHECK_cHRM_SUPPORTED +#define PNG_CHECK_FOR_INVALID_INDEX_SUPPORTED #define PNG_cHRM_SUPPORTED #define PNG_CONSOLE_IO_SUPPORTED #define PNG_CONVERT_tIME_SUPPORTED @@ -74,6 +71,7 @@ #define PNG_READ_BACKGROUND_SUPPORTED #define PNG_READ_BGR_SUPPORTED #define PNG_READ_bKGD_SUPPORTED +#define PNG_READ_CHECK_FOR_INVALID_INDEX_SUPPORTED #define PNG_READ_cHRM_SUPPORTED #define PNG_READ_COMPOSITE_NODIV_SUPPORTED #define PNG_READ_COMPRESSED_TEXT_SUPPORTED @@ -145,6 +143,7 @@ #define PNG_WRITE_ANCILLARY_CHUNKS_SUPPORTED #define PNG_WRITE_BGR_SUPPORTED #define PNG_WRITE_bKGD_SUPPORTED +#define PNG_WRITE_CHECK_FOR_INVALID_INDEX_SUPPORTED #define PNG_WRITE_cHRM_SUPPORTED #define PNG_WRITE_COMPRESSED_TEXT_SUPPORTED #define PNG_WRITE_CUSTOMIZE_ZTXT_COMPRESSION_SUPPORTED diff --git a/scripts/symbols.def b/scripts/symbols.def index f3801f47f..826c2ee3f 100644 --- a/scripts/symbols.def +++ b/scripts/symbols.def @@ -5,7 +5,7 @@ LIBRARY EXPORTS -;Version 1.5.10beta01 +;Version 1.5.10beta03 png_access_version_number @1 png_set_sig_bytes @2 png_sig_cmp @3 @@ -239,3 +239,4 @@ EXPORTS png_get_cHRM_XYZ_fixed @231 png_set_cHRM_XYZ @232 png_set_cHRM_XYZ_fixed @233 + png_set_check_for_invalid_index @234 |