diff options
author | Glenn Randers-Pehrson <glennrp at users.sourceforge.net> | 2016-12-26 19:28:24 -0600 |
---|---|---|
committer | Glenn Randers-Pehrson <glennrp at users.sourceforge.net> | 2016-12-26 19:28:24 -0600 |
commit | daa97ebf4256bb4be82dbc774b178b7ac0ca8fd6 (patch) | |
tree | 4781315004753219a413a94495a167cdc24b5f44 | |
parent | 80d36775d4829fe18e19ac3e459028b386d141d2 (diff) | |
download | libpng-daa97ebf4256bb4be82dbc774b178b7ac0ca8fd6.tar.gz |
[libpng15] Update CHANGES and ANNOUNCE
-rw-r--r-- | ANNOUNCE | 17 | ||||
-rw-r--r-- | CHANGES | 23 |
2 files changed, 40 insertions, 0 deletions
@@ -34,6 +34,23 @@ version 1.5.28beta01 [December 27, 2016] Added "Common linking failures" section to INSTALL. Merge contrib/pngminim/*/makefile with libpng-1.6.24 Minor editing of INSTALL, (whitespace, added copyright line) + Removed the use of a macro containing the pre-processor 'defined' + operator. It is unclear whether this is valid; a macro that + "generates" 'defined' is not permitted, but the use of the word + "generates" within the C90 standard seems to imply more than simple + substitution of an expression itself containing a well-formed defined + operation. + Previously the pngtrans.c code always resulted in an unsigned arithmetic + overflow. This is well defined but produces errors from clang with the + option to detect unsigned overflow. As the expression only gets + evaluated once per row in this version of libpng it is easier just + to rewrite it. + The previous version of png.c produced a signed overflow as a result of + both the "& 0xffff" on the most significant bits of a negative argument; + this converted (-1) into 65535 which resulted in a subsequent overflow. + Since signed overflow is undefined in C90 the code has been modified to + correctly calculate a signed result. This requires changing the 'hi' + result parameter to a signed value. Send comments/corrections/commendations to png-mng-implement at lists.sf.net (subscription required; visit @@ -4504,6 +4504,29 @@ version 1.5.28beta01 [December 27, 2016] Added "Common linking failures" section to INSTALL. Merge contrib/pngminim/*/makefile with libpng-1.6.24 Minor editing of INSTALL, (whitespace, added copyright line) + Removed the use of a macro containing the pre-processor 'defined' + operator. It is unclear whether this is valid; a macro that + "generates" 'defined' is not permitted, but the use of the word + "generates" within the C90 standard seems to imply more than simple + substitution of an expression itself containing a well-formed defined + operation. + Previously the pngtrans.c code always resulted in an unsigned arithmetic + overflow. This is well defined but produces errors from clang with the + option to detect unsigned overflow. As the expression only gets + evaluated once per row in this version of libpng it is easier just + to rewrite it. + The previous version of png.c produced a signed overflow as a result of + both the "& 0xffff" on the most significant bits of a negative argument; + this converted (-1) into 65535 which resulted in a subsequent overflow. + Since signed overflow is undefined in C90 the code has been modified to + correctly calculate a signed result. This requires changing the 'hi' + result parameter to a signed value. + +This has been code reviewed solely by the author. A further code review +is highly desireable. Nevertheless the code compiles without warnings +from clang and without the prior detection of an overflow. Since it no +longer truncates any of the intermediate values this should be enough to +ensure that it is correct. Send comments/corrections/commendations to png-mng-implement at lists.sf.net (subscription required; visit |