summaryrefslogtreecommitdiff
path: root/pngset.c
diff options
context:
space:
mode:
authorGlenn Randers-Pehrson <glennrp at users.sourceforge.net>2017-10-15 11:04:53 -0500
committerGlenn Randers-Pehrson <glennrp at users.sourceforge.net>2017-10-15 11:04:53 -0500
commit2be0f33e7cce04e568d679e557329ad81919372f (patch)
tree96749adcc564a016b62e3ebf9ccec41912dc739b /pngset.c
parentccc77d2a8dee28815873d8dfff3c8d66e28d196b (diff)
downloadlibpng-2be0f33e7cce04e568d679e557329ad81919372f.tar.gz
[libpng16] Nullify trans_color with out-of-range value, to stop oss-fuzz issue.
Diffstat (limited to 'pngset.c')
-rw-r--r--pngset.c7
1 files changed, 4 insertions, 3 deletions
diff --git a/pngset.c b/pngset.c
index 6f3a1ee11..d2ee44f18 100644
--- a/pngset.c
+++ b/pngset.c
@@ -1025,7 +1025,6 @@ png_set_tRNS(png_structrp png_ptr, png_inforp info_ptr,
if (trans_color != NULL)
{
-#ifdef PNG_WARNINGS_SUPPORTED
if (info_ptr->bit_depth < 16)
{
int sample_max = (1 << info_ptr->bit_depth) - 1;
@@ -1036,14 +1035,16 @@ png_set_tRNS(png_structrp png_ptr, png_inforp info_ptr,
(trans_color->red > sample_max ||
trans_color->green > sample_max ||
trans_color->blue > sample_max)))
+ {
png_warning(png_ptr,
"tRNS chunk has out-of-range samples for bit_depth");
+ trans_color = NULL;
+ }
}
-#endif
info_ptr->trans_color = *trans_color;
- if (num_trans == 0)
+ if (num_trans == 0 && trans_color != NULL)
num_trans = 1;
}
View Lorry Controller Status