diff options
-rw-r--r-- | ChangeLog.html | 23 | ||||
-rw-r--r-- | png.c | 193 | ||||
-rw-r--r-- | png.h | 58 | ||||
-rw-r--r-- | pngconf.h | 35 | ||||
-rw-r--r-- | pngcrush.c | 11 | ||||
-rw-r--r-- | pngcrush.h | 2 | ||||
-rw-r--r-- | pngdebug.h | 3 | ||||
-rw-r--r-- | pngget.c | 36 | ||||
-rw-r--r-- | pnginfo.h | 3 | ||||
-rw-r--r-- | pnglibconf.h | 10 | ||||
-rw-r--r-- | pngmem.c | 2 | ||||
-rw-r--r-- | pngpread.c | 12 | ||||
-rw-r--r-- | pngpriv.h | 78 | ||||
-rw-r--r-- | pngread.c | 27 | ||||
-rw-r--r-- | pngrio.c | 6 | ||||
-rw-r--r-- | pngrtran.c | 57 | ||||
-rw-r--r-- | pngrutil.c | 8 | ||||
-rw-r--r-- | pngset.c | 71 | ||||
-rw-r--r-- | pngstruct.h | 5 | ||||
-rw-r--r-- | pngtrans.c | 4 | ||||
-rw-r--r-- | pngwrite.c | 28 | ||||
-rw-r--r-- | pngwtran.c | 4 | ||||
-rw-r--r-- | pngwutil.c | 52 |
23 files changed, 380 insertions, 348 deletions
diff --git a/ChangeLog.html b/ChangeLog.html index feeafcce5..b2a3099bf 100644 --- a/ChangeLog.html +++ b/ChangeLog.html @@ -3,8 +3,29 @@ Change log: +Version 1.7.86 (built with libpng-1.6.17 and zlib-1.2.8) + +Version 1.7.85 (built with libpng-1.6.16 and zlib-1.2.8) + Improved reporting of invalid chunk names. Does not try to put + non-printable characters in STDERR; displays hex numbers instead. + Fixed include path for utime.h on MSVC (Louis McLaughlin). + Eliminated "FAR" memory support (it was removed from libpng at version + 1.6.0). + Disabled the "-already_crushed" option which does not really work well. + +Version 1.7.84 (built with libpng-1.6.16 and zlib-1.2.8) + Cleaned up more Coverity-scan warnings. Fixing those also fixed + CVE-2015-2158. + +Version 1.7.83 (built with libpng-1.6.16 and zlib-1.2.8) + Cleaned up some Coverity-scan warnings. Unfortunately one of these + changes introduced the vulnerability reported in CVE-2015-2158. + +Version 1.7.82 (built with libpng-1.6.16 and zlib-1.2.8) + Version 1.7.81 (built with libpng-1.6.15 and zlib-1.2.8) - Fixed off-by-one error in calculation of plte_len. Bug report by Ivan Kuchin. + Fixed off-by-one error in calculation of plte_len. Bug reports by + Ivan Kuchin and Frederic Kayser. Version 1.7.80 (built with libpng-1.6.14 and zlib-1.2.8) Added "-reduce_palette" and "-noreduce_palette" options. Enable @@ -1,8 +1,8 @@ /* png.c - location for general purpose libpng functions * - * Last changed in libpng 1.6.16 [December 22, 2014] - * Copyright (c) 1998-2014 Glenn Randers-Pehrson + * Last changed in libpng 1.6.17 [March 26, 2015] + * Copyright (c) 1998-2015 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * @@ -14,7 +14,7 @@ #include "pngpriv.h" /* Generate a compiler error if there is an old png.h in the search path. */ -typedef png_libpng_version_1_6_16 Your_png_h_is_not_version_1_6_16; +typedef png_libpng_version_1_6_17 Your_png_h_is_not_version_1_6_17; /* Tells libpng that we have already handled the first "num_bytes" bytes * of the PNG file signature. If the PNG data is embedded into another @@ -34,7 +34,7 @@ png_set_sig_bytes(png_structrp png_ptr, int num_bytes) if (num_bytes > 8) png_error(png_ptr, "Too many bytes for PNG signature"); - png_ptr->sig_bytes = (png_byte)(num_bytes < 0 ? 0 : num_bytes); + png_ptr->sig_bytes = (png_byte)((num_bytes < 0 ? 0 : num_bytes) & 0xff); } /* Checks whether the supplied bytes match the PNG signature. We allow @@ -140,8 +140,10 @@ png_calculate_crc(png_structrp png_ptr, png_const_bytep ptr, png_size_t length) do { uInt safe_length = (uInt)length; +#ifndef __COVERITY__ if (safe_length == 0) safe_length = (uInt)-1; /* evil, but safe */ +#endif crc = crc32(crc, ptr, safe_length); @@ -476,9 +478,10 @@ png_free_data(png_const_structrp png_ptr, png_inforp info_ptr, png_uint_32 mask, /* Free any tRNS entry */ if (((mask & PNG_FREE_TRNS) & info_ptr->free_me) != 0) { + info_ptr->valid &= ~PNG_INFO_tRNS; png_free(png_ptr, info_ptr->trans_alpha); info_ptr->trans_alpha = NULL; - info_ptr->valid &= ~PNG_INFO_tRNS; + info_ptr->num_trans = 0; } #endif @@ -544,20 +547,17 @@ png_free_data(png_const_structrp png_ptr, png_inforp info_ptr, png_uint_32 mask, else { - if (info_ptr->splt_palettes_num != 0) - { - int i; - - for (i = 0; i < info_ptr->splt_palettes_num; i++) - { - png_free(png_ptr, info_ptr->splt_palettes[i].name); - png_free(png_ptr, info_ptr->splt_palettes[i].entries); - } + int i; - png_free(png_ptr, info_ptr->splt_palettes); - info_ptr->splt_palettes = NULL; - info_ptr->splt_palettes_num = 0; + for (i = 0; i < info_ptr->splt_palettes_num; i++) + { + png_free(png_ptr, info_ptr->splt_palettes[i].name); + png_free(png_ptr, info_ptr->splt_palettes[i].entries); } + + png_free(png_ptr, info_ptr->splt_palettes); + info_ptr->splt_palettes = NULL; + info_ptr->splt_palettes_num = 0; info_ptr->valid &= ~PNG_INFO_sPLT; } } @@ -577,15 +577,12 @@ png_free_data(png_const_structrp png_ptr, png_inforp info_ptr, png_uint_32 mask, { int i; - if (info_ptr->unknown_chunks_num != 0) - { - for (i = 0; i < info_ptr->unknown_chunks_num; i++) - png_free(png_ptr, info_ptr->unknown_chunks[i].data); + for (i = 0; i < info_ptr->unknown_chunks_num; i++) + png_free(png_ptr, info_ptr->unknown_chunks[i].data); - png_free(png_ptr, info_ptr->unknown_chunks); - info_ptr->unknown_chunks = NULL; - info_ptr->unknown_chunks_num = 0; - } + png_free(png_ptr, info_ptr->unknown_chunks); + info_ptr->unknown_chunks = NULL; + info_ptr->unknown_chunks_num = 0; } } #endif @@ -666,7 +663,7 @@ png_init_io(png_structrp png_ptr, png_FILE_p fp) } # endif -#ifdef PNG_SAVE_INT_32_SUPPORTED +# ifdef PNG_SAVE_INT_32_SUPPORTED /* The png_save_int_32 function assumes integers are stored in two's * complement format. If this isn't the case, then this routine needs to * be modified to write data in two's complement format. Note that, @@ -681,7 +678,7 @@ png_save_int_32(png_bytep buf, png_int_32 i) buf[2] = (png_byte)((i >> 8) & 0xff); buf[3] = (png_byte)(i & 0xff); } -#endif +# endif # ifdef PNG_TIME_RFC1123_SUPPORTED /* Convert the supplied time into an RFC 1123 string suitable for use in @@ -734,7 +731,7 @@ png_convert_to_rfc1123_buffer(char out[29], png_const_timep ptime) return 1; } -# if PNG_LIBPNG_VER < 10700 +# if PNG_LIBPNG_VER < 10700 /* To do: remove the following from libpng-1.7 */ /* Original API that uses a private buffer in png_struct. * Deprecated because it causes png_struct to carry a spurious temporary @@ -755,7 +752,7 @@ png_convert_to_rfc1123(png_structrp png_ptr, png_const_timep ptime) return NULL; } -# endif +# endif /* LIBPNG_VER < 10700 */ # endif /* TIME_RFC1123 */ #endif /* READ || WRITE */ @@ -769,14 +766,14 @@ png_get_copyright(png_const_structrp png_ptr) #else # ifdef __STDC__ return PNG_STRING_NEWLINE \ - "libpng version 1.6.16 - December 22, 2014" PNG_STRING_NEWLINE \ - "Copyright (c) 1998-2014 Glenn Randers-Pehrson" PNG_STRING_NEWLINE \ + "libpng version 1.6.17 - March 26, 2015" PNG_STRING_NEWLINE \ + "Copyright (c) 1998-2015 Glenn Randers-Pehrson" PNG_STRING_NEWLINE \ "Copyright (c) 1996-1997 Andreas Dilger" PNG_STRING_NEWLINE \ "Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc." \ PNG_STRING_NEWLINE; # else - return "libpng version 1.6.16 - December 22, 2014\ - Copyright (c) 1998-2014 Glenn Randers-Pehrson\ + return "libpng version 1.6.17 - March 26, 2015\ + Copyright (c) 1998-2015 Glenn Randers-Pehrson\ Copyright (c) 1996-1997 Andreas Dilger\ Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc."; # endif @@ -872,9 +869,9 @@ png_build_grayscale_palette(int bit_depth, png_colorp palette) for (i = 0, v = 0; i < num_palette; i++, v += color_inc) { - palette[i].red = (png_byte)v; - palette[i].green = (png_byte)v; - palette[i].blue = (png_byte)v; + palette[i].red = (png_byte)(v & 0xff); + palette[i].green = (png_byte)(v & 0xff); + palette[i].blue = (png_byte)(v & 0xff); } } #endif @@ -947,8 +944,6 @@ png_access_version_number(void) return((png_uint_32)PNG_LIBPNG_VER); } - - #if defined(PNG_READ_SUPPORTED) || defined(PNG_WRITE_SUPPORTED) /* Ensure that png_ptr->zstream.msg holds some appropriate error message string. * If it doesn't 'ret' is used to set it to something appropriate, even in cases @@ -1181,7 +1176,7 @@ png_colorspace_sync(png_const_structrp png_ptr, png_inforp info_ptr) png_colorspace_sync_info(png_ptr, info_ptr); } #endif -#endif +#endif /* GAMMA */ #ifdef PNG_COLORSPACE_SUPPORTED /* Added at libpng-1.5.5 to support read and write of true CIEXYZ values for @@ -2166,7 +2161,8 @@ png_icc_check_tag_table(png_const_structrp png_ptr, png_colorspacerp colorspace, return 1; /* success, maybe with warnings */ } -#if defined(PNG_sRGB_SUPPORTED) && PNG_sRGB_PROFILE_CHECKS >= 0 +#ifdef PNG_sRGB_SUPPORTED +#if PNG_sRGB_PROFILE_CHECKS >= 0 /* Information about the known ICC sRGB profiles */ static const struct { @@ -2324,8 +2320,8 @@ png_compare_ICC_profile_with_sRGB(png_const_structrp png_ptr, */ else if (png_sRGB_checks[i].have_md5 == 0) { - png_chunk_report(png_ptr, "out-of-date sRGB profile with" - " no signature", + png_chunk_report(png_ptr, + "out-of-date sRGB profile with no signature", PNG_CHUNK_WARNING); } @@ -2338,8 +2334,8 @@ png_compare_ICC_profile_with_sRGB(png_const_structrp png_ptr, * way. This probably indicates a data error or uninformed hacking. * Fall through to "no match". */ - png_chunk_report(png_ptr, "Not recognizing known sRGB profile that" - " has been edited", + png_chunk_report(png_ptr, + "Not recognizing known sRGB profile that has been edited", PNG_CHUNK_WARNING); break; # endif @@ -2349,9 +2345,8 @@ png_compare_ICC_profile_with_sRGB(png_const_structrp png_ptr, return 0; /* no match */ } -#endif +#endif /* PNG_sRGB_PROFILE_CHECKS >= 0 */ -#ifdef PNG_sRGB_SUPPORTED void /* PRIVATE */ png_icc_set_sRGB(png_const_structrp png_ptr, png_colorspacerp colorspace, png_const_bytep profile, uLong adler) @@ -2365,7 +2360,7 @@ png_icc_set_sRGB(png_const_structrp png_ptr, (void)png_colorspace_set_sRGB(png_ptr, colorspace, (int)/*already checked*/png_get_uint_32(profile+64)); } -#endif /* READ_sRGB */ +#endif /* sRGB */ int /* PRIVATE */ png_colorspace_set_ICC(png_const_structrp png_ptr, png_colorspacerp colorspace, @@ -2457,7 +2452,7 @@ png_colorspace_set_rgb_coefficients(png_structrp png_ptr) png_error(png_ptr, "internal error handling cHRM->XYZ"); } } -#endif +#endif /* READ_RGB_TO_GRAY */ #endif /* COLORSPACE */ @@ -2486,18 +2481,19 @@ png_check_IHDR(png_const_structrp png_ptr, png_warning(png_ptr, "Image width is zero in IHDR"); error = 1; } - else if (width > PNG_UINT_31_MAX) + + if (width > PNG_UINT_31_MAX) { png_warning(png_ptr, "Invalid image width in IHDR"); error = 1; } - else if (png_gt(width, - (PNG_SIZE_MAX >> 3) /* 8-byte RGBA pixels */ - - 48 /* big_row_buf hack */ - - 1 /* filter byte */ - - 7*8 /* rounding width to multiple of 8 pix */ - - 8)) /* extra max_pixel_depth pad */ + if (png_gt(((width + 7) & (~7)), + ((PNG_SIZE_MAX + - 48 /* big_row_buf hack */ + - 1) /* filter byte */ + / 8) /* 8-byte RGBA pixels */ + - 1)) /* extra max_pixel_depth pad */ { /* The size of the row must be within the limits of this architecture. * Because the read code can perform arbitrary transformations the @@ -2513,17 +2509,15 @@ png_check_IHDR(png_const_structrp png_ptr, png_warning(png_ptr, "Image width is too large for this architecture"); error = 1; } - else + +#ifdef PNG_SET_USER_LIMITS_SUPPORTED + if (width > png_ptr->user_width_max) +#else + if (width > PNG_USER_WIDTH_MAX) +#endif { -# ifdef PNG_SET_USER_LIMITS_SUPPORTED - if (width > png_ptr->user_width_max) -# else - if (width > PNG_USER_WIDTH_MAX) -# endif - { - png_warning(png_ptr, "Image width exceeds user limit in IHDR"); - error = 1; - } + png_warning(png_ptr, "Image width exceeds user limit in IHDR"); + error = 1; } if (height == 0) @@ -2531,22 +2525,21 @@ png_check_IHDR(png_const_structrp png_ptr, png_warning(png_ptr, "Image height is zero in IHDR"); error = 1; } - else if (height > PNG_UINT_31_MAX) + + if (height > PNG_UINT_31_MAX) { png_warning(png_ptr, "Invalid image height in IHDR"); error = 1; } - else + +#ifdef PNG_SET_USER_LIMITS_SUPPORTED + if (height > png_ptr->user_height_max) +#else + if (height > PNG_USER_HEIGHT_MAX) +#endif { -# ifdef PNG_SET_USER_LIMITS_SUPPORTED - if (height > png_ptr->user_height_max) -# else - if (height > PNG_USER_HEIGHT_MAX) -# endif - { - png_warning(png_ptr, "Image height exceeds user limit in IHDR"); - error = 1; - } + png_warning(png_ptr, "Image height exceeds user limit in IHDR"); + error = 1; } /* Check other values */ @@ -2585,7 +2578,7 @@ png_check_IHDR(png_const_structrp png_ptr, error = 1; } -# ifdef PNG_MNG_FEATURES_SUPPORTED +#ifdef PNG_MNG_FEATURES_SUPPORTED /* Accept filter_method 64 (intrapixel differencing) only if * 1. Libpng was compiled with PNG_MNG_FEATURES_SUPPORTED and * 2. Libpng did not read a PNG signature (this filter_method is only @@ -2618,13 +2611,13 @@ png_check_IHDR(png_const_structrp png_ptr, } } -# else +#else if (filter_type != PNG_FILTER_TYPE_BASE) { png_warning(png_ptr, "Unknown filter method in IHDR"); error = 1; } -# endif +#endif if (error == 1) png_error(png_ptr, "Invalid IHDR data"); @@ -3041,7 +3034,7 @@ png_ascii_from_fp(png_const_structrp png_ptr, png_charp ascii, png_size_t size, /* Check for an exponent, if we don't need one we are * done and just need to terminate the string. At * this point exp_b10==(-1) is effectively if flag - it got - * to '-1' because of the decrement after outputing + * to '-1' because of the decrement after outputting * the decimal point above (the exponent required is * *not* -1!) */ @@ -3049,7 +3042,7 @@ png_ascii_from_fp(png_const_structrp png_ptr, png_charp ascii, png_size_t size, { /* The following only happens if we didn't output the * leading zeros above for negative exponent, so this - * doest add to the digit requirement. Note that the + * doesn't add to the digit requirement. Note that the * two zeros here can only be output if the two leading * zeros were *not* output, so this doesn't increase * the output count. @@ -3206,7 +3199,7 @@ png_ascii_from_fixed(png_const_structrp png_ptr, png_charp ascii, png_error(png_ptr, "ASCII conversion buffer too small"); } # endif /* FIXED_POINT */ -#endif /* READ_SCAL */ +#endif /* SCAL */ #if defined(PNG_FLOATING_POINT_SUPPORTED) && \ !defined(PNG_FIXED_POINT_MACRO_SUPPORTED) && \ @@ -3224,7 +3217,7 @@ png_fixed(png_const_structrp png_ptr, double fp, png_const_charp text) png_fixed_error(png_ptr, text); # ifndef PNG_ERROR_TEXT_SUPPORTED - PNG_UNUSED(text) + PNG_UNUSED(text) # endif return (png_fixed_point)r; @@ -3405,29 +3398,29 @@ png_gamma_significant(png_fixed_point gamma_val) #endif #ifdef PNG_READ_GAMMA_SUPPORTED -#if defined(PNG_16BIT_SUPPORTED) || !defined(PNG_FLOATING_ARITHMETIC_SUPPORTED) +#ifdef PNG_16BIT_SUPPORTED /* A local convenience routine. */ static png_fixed_point png_product2(png_fixed_point a, png_fixed_point b) { /* The required result is 1/a * 1/b; the following preserves accuracy. */ -# ifdef PNG_FLOATING_ARITHMETIC_SUPPORTED +#ifdef PNG_FLOATING_ARITHMETIC_SUPPORTED double r = a * 1E-5; r *= b; r = floor(r+.5); if (r <= 2147483647. && r >= -2147483648.) return (png_fixed_point)r; -# else +#else png_fixed_point res; if (png_muldiv(&res, a, b, 100000) != 0) return res; -# endif +#endif return 0; /* overflow */ } -#endif /* 16BIT || !FLOATING_ARITHMETIC */ +#endif /* 16BIT */ /* The inverse of the above. */ png_fixed_point @@ -3435,12 +3428,15 @@ png_reciprocal2(png_fixed_point a, png_fixed_point b) { /* The required result is 1/a * 1/b; the following preserves accuracy. */ #ifdef PNG_FLOATING_ARITHMETIC_SUPPORTED - double r = 1E15/a; - r /= b; - r = floor(r+.5); + if (a != 0 && b != 0) + { + double r = 1E15/a; + r /= b; + r = floor(r+.5); - if (r <= 2147483647. && r >= -2147483648.) - return (png_fixed_point)r; + if (r <= 2147483647. && r >= -2147483648.) + return (png_fixed_point)r; + } #else /* This may overflow because the range of png_fixed_point isn't symmetric, * but this API is only used for the product of file and screen gamma so it @@ -3731,7 +3727,7 @@ png_exp8bit(png_fixed_point lg2) * step. */ x -= x >> 8; - return (png_byte)((x + 0x7fffffU) >> 24); + return (png_byte)(((x + 0x7fffffU) >> 24) & 0xff); } #ifdef PNG_16BIT_SUPPORTED @@ -3792,7 +3788,7 @@ png_gamma_8bit_correct(unsigned int value, png_fixed_point gamma_val) # endif } - return (png_byte)value; + return (png_byte)(value & 0xff); } #ifdef PNG_16BIT_SUPPORTED @@ -4014,7 +4010,7 @@ png_build_8bit_table(png_structrp png_ptr, png_bytepp ptable, else for (i=0; i<256; ++i) - table[i] = (png_byte)i; + table[i] = (png_byte)(i & 0xff); } /* Used from png_read_destroy and below to release the memory used by the gamma @@ -4154,7 +4150,8 @@ png_build_gamma_table(png_structrp png_ptr, int bit_depth) * */ if (sig_bit > 0 && sig_bit < 16U) - shift = (png_byte)(16U - sig_bit); /* shift == insignificant bits */ + /* shift == insignificant bits */ + shift = (png_byte)((16U - sig_bit) & 0xff); else shift = 0; /* keep all 16 bits */ @@ -4223,7 +4220,7 @@ png_set_option(png_structrp png_ptr, int option, int onoff) int setting = (2 + (onoff != 0)) << option; int current = png_ptr->options; - png_ptr->options = (png_byte)((current & ~mask) | setting); + png_ptr->options = (png_byte)(((current & ~mask) | setting) & 0xff); return (current & mask) >> option; } @@ -1,8 +1,9 @@ /* png.h - header file for PNG reference library * - * libpng version 1.6.16, December 22, 2014 - * Copyright (c) 1998-2014 Glenn Randers-Pehrson + * libpng version 1.6.17, March 26, 2015 + * + * Copyright (c) 1998-2015 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * @@ -11,7 +12,7 @@ * Authors and maintainers: * libpng versions 0.71, May 1995, through 0.88, January 1996: Guy Schalnat * libpng versions 0.89c, June 1996, through 0.96, May 1997: Andreas Dilger - * libpng versions 0.97, January 1998, through 1.6.16, December 22, 2014: Glenn + * libpng versions 0.97, January 1998, through 1.6.17, March 26, 2015: Glenn * See also "Contributing Authors", below. * * Note about libpng version numbers: @@ -212,6 +213,9 @@ * 1.6.16beta01-03 16 10616 16.so.16.16[.0] * 1.6.16rc01-02 16 10616 16.so.16.16[.0] * 1.6.16 16 10616 16.so.16.16[.0] + * 1.6.17beta01-06 16 10617 16.so.16.17[.0] + * 1.6.17rc01-06 16 10617 16.so.16.17[.0] + * 1.6.17 16 10617 16.so.16.17[.0] * * Henceforth the source version will match the shared-library major * and minor numbers; the shared-library major version number will be @@ -243,8 +247,8 @@ * * This code is released under the libpng license. * - * libpng versions 1.2.6, August 15, 2004, through 1.6.16, December 22, 2014, are - * Copyright (c) 2004, 2006-2014 Glenn Randers-Pehrson, and are + * libpng versions 1.2.6, August 15, 2004, through 1.6.17, March 26, 2015, are + * Copyright (c) 2004, 2006-2015 Glenn Randers-Pehrson, and are * distributed according to the same disclaimer and license as libpng-1.2.5 * with the following individual added to the list of Contributing Authors: * @@ -355,13 +359,13 @@ * Y2K compliance in libpng: * ========================= * - * December 22, 2014 + * March 26, 2015 * * Since the PNG Development group is an ad-hoc body, we can't make * an official declaration. * * This is your unofficial assurance that libpng from version 0.71 and - * upward through 1.6.16 are Y2K compliant. It is my belief that + * upward through 1.6.17 are Y2K compliant. It is my belief that * earlier versions were also Y2K compliant. * * Libpng only has two year fields. One is a 2-byte unsigned integer @@ -423,9 +427,9 @@ */ /* Version information for png.h - this should match the version in png.c */ -#define PNG_LIBPNG_VER_STRING "1.6.16" +#define PNG_LIBPNG_VER_STRING "1.6.17" #define PNG_HEADER_VERSION_STRING \ - " libpng version 1.6.16 - December 22, 2014\n" + " libpng version 1.6.17 - March 26, 2015\n" #define PNG_LIBPNG_VER_SONUM 16 #define PNG_LIBPNG_VER_DLLNUM 16 @@ -433,7 +437,7 @@ /* These should match the first 3 components of PNG_LIBPNG_VER_STRING: */ #define PNG_LIBPNG_VER_MAJOR 1 #define PNG_LIBPNG_VER_MINOR 6 -#define PNG_LIBPNG_VER_RELEASE 16 +#define PNG_LIBPNG_VER_RELEASE 17 /* This should match the numeric part of the final component of * PNG_LIBPNG_VER_STRING, omitting any leading zero: @@ -464,7 +468,7 @@ * version 1.0.0 was mis-numbered 100 instead of 10000). From * version 1.0.1 it's xxyyzz, where x=major, y=minor, z=release */ -#define PNG_LIBPNG_VER 10616 /* 1.6.16 */ +#define PNG_LIBPNG_VER 10617 /* 1.6.17 */ /* Library configuration: these options cannot be changed after * the library has been built. @@ -569,7 +573,7 @@ extern "C" { /* This triggers a compiler error in png.c, if png.c and png.h * do not agree upon the version number. */ -typedef char* png_libpng_version_1_6_16; +typedef char* png_libpng_version_1_6_17; /* Basic control structions. Read libpng-manual.txt or libpng.3 for more info. * @@ -1578,6 +1582,7 @@ PNG_EXPORT(66, void, png_set_crc_action, (png_structrp png_ptr, int crit_action, #define PNG_CRC_QUIET_USE 4 /* quiet/use data quiet/use data */ #define PNG_CRC_NO_CHANGE 5 /* use current value use current value */ +#ifdef PNG_WRITE_SUPPORTED /* These functions give the user control over the scan-line filtering in * libpng and the compression methods used by zlib. These functions are * mainly useful for testing, as the defaults should work with most users. @@ -1591,6 +1596,7 @@ PNG_EXPORT(66, void, png_set_crc_action, (png_structrp png_ptr, int crit_action, */ PNG_EXPORT(67, void, png_set_filter, (png_structrp png_ptr, int method, int filters)); +#endif /* WRITE */ /* Flags for png_set_filter() to say which filters to use. The flags * are chosen so that they don't conflict with real filter types @@ -1616,6 +1622,7 @@ PNG_EXPORT(67, void, png_set_filter, (png_structrp png_ptr, int method, #define PNG_FILTER_VALUE_PAETH 4 #define PNG_FILTER_VALUE_LAST 5 +#ifdef PNG_WRITE_SUPPORTED #ifdef PNG_WRITE_WEIGHTED_FILTER_SUPPORTED /* EXPERIMENTAL */ /* The "heuristic_method" is given by one of the PNG_FILTER_HEURISTIC_ * defines, either the default (minimum-sum-of-absolute-differences), or @@ -1662,7 +1669,6 @@ PNG_FIXED_EXPORT(209, void, png_set_filter_heuristics_fixed, #define PNG_FILTER_HEURISTIC_WEIGHTED 2 /* Experimental feature */ #define PNG_FILTER_HEURISTIC_LAST 3 /* Not a valid value */ -#ifdef PNG_WRITE_SUPPORTED /* Set the library compression level. Currently, valid values range from * 0 - 9, corresponding directly to the zlib compression levels 0 - 9 * (0 - no compression, 9 - "maximal" compression). Note that tests have @@ -1670,6 +1676,7 @@ PNG_FIXED_EXPORT(209, void, png_set_filter_heuristics_fixed, * for PNG images, and do considerably fewer caclulations. In the future, * these values may not correspond directly to the zlib compression levels. */ +#ifdef PNG_WRITE_CUSTOMIZE_COMPRESSION_SUPPORTED PNG_EXPORT(69, void, png_set_compression_level, (png_structrp png_ptr, int level)); @@ -1687,7 +1694,7 @@ PNG_EXPORT(72, void, png_set_compression_window_bits, (png_structrp png_ptr, PNG_EXPORT(73, void, png_set_compression_method, (png_structrp png_ptr, int method)); -#endif +#endif /* WRITE_CUSTOMIZE_COMPRESSION */ #ifdef PNG_WRITE_CUSTOMIZE_ZTXT_COMPRESSION_SUPPORTED /* Also set zlib parameters for compressing non-IDAT chunks */ @@ -1709,6 +1716,7 @@ PNG_EXPORT(225, void, png_set_text_compression_window_bits, PNG_EXPORT(226, void, png_set_text_compression_method, (png_structrp png_ptr, int method)); #endif /* WRITE_CUSTOMIZE_ZTXT_COMPRESSION */ +#endif /* WRITE */ /* These next functions are called for input/output, memory, and error * handling. They are in the file pngrio.c, pngwio.c, and pngerror.c, @@ -1819,7 +1827,7 @@ PNG_EXPORT(218, png_byte, png_get_current_pass_number, (png_const_structrp)); * * The integer return from the callback function is interpreted thus: * - * negative: An error occured, png_chunk_error will be called. + * negative: An error occurred; png_chunk_error will be called. * zero: The chunk was not handled, the chunk will be saved. A critical * chunk will cause an error at this point unless it is to be saved. * positive: The chunk was handled, libpng will ignore/discard it. @@ -2664,26 +2672,28 @@ PNG_EXPORT(216, png_uint_32, png_get_io_chunk_type, * (png_uint_16)(alpha) \ + (png_uint_16)(bg)*(png_uint_16)(255 \ - (png_uint_16)(alpha)) + 128); \ - (composite) = (png_byte)((temp + (temp >> 8)) >> 8); } + (composite) = (png_byte)(((temp + (temp >> 8)) >> 8) & 0xff); } # define png_composite_16(composite, fg, alpha, bg) \ { png_uint_32 temp = (png_uint_32)((png_uint_32)(fg) \ * (png_uint_32)(alpha) \ + (png_uint_32)(bg)*(65535 \ - (png_uint_32)(alpha)) + 32768); \ - (composite) = (png_uint_16)((temp + (temp >> 16)) >> 16); } + (composite) = (png_uint_16)(0xffff & ((temp + (temp >> 16)) >> 16)); } #else /* Standard method using integer division */ -# define png_composite(composite, fg, alpha, bg) \ - (composite) = (png_byte)(((png_uint_16)(fg) * (png_uint_16)(alpha) + \ - (png_uint_16)(bg) * (png_uint_16)(255 - (png_uint_16)(alpha)) + \ - 127) / 255) +# define png_composite(composite, fg, alpha, bg) \ + (composite) = \ + (png_byte)(0xff & (((png_uint_16)(fg) * (png_uint_16)(alpha) + \ + (png_uint_16)(bg) * (png_uint_16)(255 - (png_uint_16)(alpha)) + \ + 127) / 255)) # define png_composite_16(composite, fg, alpha, bg) \ - (composite) = (png_uint_16)(((png_uint_32)(fg) * (png_uint_32)(alpha) + \ - (png_uint_32)(bg)*(png_uint_32)(65535 - (png_uint_32)(alpha)) + \ - 32767) / 65535) + (composite) = \ + (png_uint_16)(0xffff & (((png_uint_32)(fg) * (png_uint_32)(alpha) + \ + (png_uint_32)(bg)*(png_uint_32)(65535 - (png_uint_32)(alpha)) + \ + 32767) / 65535)) #endif /* READ_COMPOSITE_NODIV */ #ifdef PNG_READ_INT_FUNCTIONS_SUPPORTED @@ -1,9 +1,9 @@ /* pngconf.h - machine configurable file for libpng * - * libpng version 1.6.16,December 22, 2014 + * libpng version 1.6.17, March 26, 2015 * - * Copyright (c) 1998-2014 Glenn Randers-Pehrson + * Copyright (c) 1998-2015 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * @@ -11,15 +11,14 @@ * For conditions of distribution and use, see the disclaimer * and license in png.h * - * This file has been modified, by Glenn Randers-Pehrson, from the original - * libpng distribution by adding a line reading - * #include "pngcrush.h" - */ - -/* Any machine specific code is near the front of this file, so if you + * Any machine specific code is near the front of this file, so if you * are configuring libpng for a machine, you may want to read the section * starting here down to where it starts to typedef png_color, png_text, * and png_info. + * + * This file has been modified, by Glenn Randers-Pehrson, from the original + * libpng distribution by adding a line reading + * #include "pngcrush.h" */ #ifndef PNGCONF_H @@ -27,26 +26,6 @@ #include "pngcrush.h" -/* To do: Do all of this in scripts/pnglibconf.dfa */ -#ifdef PNG_SAFE_LIMITS_SUPPORTED -# ifdef PNG_USER_WIDTH_MAX -# undef PNG_USER_WIDTH_MAX -# define PNG_USER_WIDTH_MAX 1000000L -# endif -# ifdef PNG_USER_HEIGHT_MAX -# undef PNG_USER_HEIGHT_MAX -# define PNG_USER_HEIGHT_MAX 1000000L -# endif -# ifdef PNG_USER_CHUNK_MALLOC_MAX -# undef PNG_USER_CHUNK_MALLOC_MAX -# define PNG_USER_CHUNK_MALLOC_MAX 4000000L -# endif -# ifdef PNG_USER_CHUNK_CACHE_MAX -# undef PNG_USER_CHUNK_CACHE_MAX -# define PNG_USER_CHUNK_CACHE_MAX 128 -# endif -#endif - #ifndef PNG_BUILDING_SYMBOL_TABLE /* else includes may cause problems */ /* From libpng 1.6.0 libpng requires an ANSI X3.159-1989 ("ISOC90") compliant C diff --git a/pngcrush.c b/pngcrush.c index 05dbfdb24..e91266470 100644 --- a/pngcrush.c +++ b/pngcrush.c @@ -77,7 +77,7 @@ * */ -#define PNGCRUSH_VERSION "1.7.85" +#define PNGCRUSH_VERSION "1.7.86" /* Experimental: define these if you wish, but, good luck. #define PNGCRUSH_COUNT_COLORS @@ -311,6 +311,8 @@ Change log: +Version 1.7.86 (built with libpng-1.6.17 and zlib-1.2.8) + Version 1.7.85 (built with libpng-1.6.16 and zlib-1.2.8) Improved reporting of invalid chunk names. Does not try to put non-printable characters in STDERR; displays hex numbers instead. @@ -6492,15 +6494,8 @@ defined(PNG_READ_STRIP_16_TO_8_SUPPORTED) max_possible_size); } -#ifdef WBITS_8_OK - if (required_window <= 256) - compression_window = 8; - else if (required_window <= 512) - compression_window = 9; -#else if (required_window <= 512) compression_window = 9; -#endif else if (required_window <= 1024) compression_window = 10; else if (required_window <= 2048) diff --git a/pngcrush.h b/pngcrush.h index e4cb43d20..d2bf74426 100644 --- a/pngcrush.h +++ b/pngcrush.h @@ -5,7 +5,7 @@ * license (see LICENSE, in pngcrush.c). */ -/* Special defines for pngcrush version 1.7.85 */ +/* Special defines for pngcrush version 1.7.86 */ #ifndef PNGCRUSH_H #define PNGCRUSH_H diff --git a/pngdebug.h b/pngdebug.h index b43c59cde..6a01b106e 100644 --- a/pngdebug.h +++ b/pngdebug.h @@ -1,12 +1,11 @@ /* pngdebug.h - Debugging macros for libpng, also used in pngtest.c * + * Last changed in libpng 1.6.8 [December 19, 2013] * Copyright (c) 1998-2013 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * - * Last changed in libpng 1.6.8 [December 19, 2013] - * * This code is released under the libpng license. * For conditions of distribution and use, see the disclaimer * and license in png.h @@ -1,8 +1,8 @@ /* pngget.c - retrieval of values from info struct * - * Last changed in libpng 1.6.15 [November 20, 2014] - * Copyright (c) 1998-2014 Glenn Randers-Pehrson + * Last changed in libpng 1.6.17 [March 26, 2015] + * Copyright (c) 1998-2015 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * @@ -799,14 +799,20 @@ png_get_IHDR(png_const_structrp png_ptr, png_const_inforp info_ptr, { png_debug1(1, "in %s retrieval function", "IHDR"); - if (png_ptr == NULL || info_ptr == NULL || width == NULL || - height == NULL || bit_depth == NULL || color_type == NULL) + if (png_ptr == NULL || info_ptr == NULL) return (0); - *width = info_ptr->width; - *height = info_ptr->height; - *bit_depth = info_ptr->bit_depth; - *color_type = info_ptr->color_type; + if (width != NULL) + *width = info_ptr->width; + + if (height != NULL) + *height = info_ptr->height; + + if (bit_depth != NULL) + *bit_depth = info_ptr->bit_depth; + + if (color_type != NULL) + *color_type = info_ptr->color_type; if (compression_type != NULL) *compression_type = info_ptr->compression_type; @@ -1135,21 +1141,21 @@ png_get_compression_buffer_size(png_const_structrp png_ptr) if (png_ptr == NULL) return 0; -# ifdef PNG_WRITE_SUPPORTED +#ifdef PNG_WRITE_SUPPORTED if ((png_ptr->mode & PNG_IS_READ_STRUCT) != 0) -# endif +#endif { -# ifdef PNG_SEQUENTIAL_READ_SUPPORTED +#ifdef PNG_SEQUENTIAL_READ_SUPPORTED return png_ptr->IDAT_read_size; -# else +#else return PNG_IDAT_READ_SIZE; -# endif +#endif } -# ifdef PNG_WRITE_SUPPORTED +#ifdef PNG_WRITE_SUPPORTED else return png_ptr->zbuffer_size; -# endif +#endif } #ifdef PNG_SET_USER_LIMITS_SUPPORTED @@ -1,12 +1,11 @@ /* pnginfo.h - header file for PNG reference library * + * Last changed in libpng 1.6.1 [March 28, 2013] * Copyright (c) 1998-2013 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * - * Last changed in libpng 1.6.1 [March 28, 2013] - * * This code is released under the libpng license. * For conditions of distribution and use, see the disclaimer * and license in png.h diff --git a/pnglibconf.h b/pnglibconf.h index da3b22921..b4ec3c31e 100644 --- a/pnglibconf.h +++ b/pnglibconf.h @@ -1,8 +1,8 @@ -/* libpng 1.6.16 STANDARD API DEFINITION */ +/* libpng 1.6.17 STANDARD API DEFINITION */ /* pnglibconf.h - library build configuration */ -/* Libpng version 1.6.16 - December 22, 2014 */ +/* Libpng version 1.6.17 - March 26, 2015 */ /* Copyright (c) 1998-2014 Glenn Randers-Pehrson */ @@ -97,7 +97,6 @@ #define PNG_READ_tIME_SUPPORTED #define PNG_READ_tRNS_SUPPORTED #define PNG_READ_zTXt_SUPPORTED -/*#undef PNG_SAFE_LIMITS_SUPPORTED*/ #define PNG_SAVE_INT_32_SUPPORTED #define PNG_SAVE_UNKNOWN_CHUNKS_SUPPORTED #define PNG_SEQUENTIAL_READ_SUPPORTED @@ -129,6 +128,7 @@ #define PNG_WRITE_BGR_SUPPORTED #define PNG_WRITE_CHECK_FOR_INVALID_INDEX_SUPPORTED #define PNG_WRITE_COMPRESSED_TEXT_SUPPORTED +#define PNG_WRITE_CUSTOMIZE_COMPRESSION_SUPPORTED #define PNG_WRITE_CUSTOMIZE_ZTXT_COMPRESSION_SUPPORTED #define PNG_WRITE_FILLER_SUPPORTED #define PNG_WRITE_FILTER_SUPPORTED @@ -198,6 +198,10 @@ #define PNG_QUANTIZE_RED_BITS 5 #define PNG_TEXT_Z_DEFAULT_COMPRESSION (-1) #define PNG_TEXT_Z_DEFAULT_STRATEGY 0 +#define PNG_USER_CHUNK_CACHE_MAX 1000 +#define PNG_USER_CHUNK_MALLOC_MAX 8000000 +#define PNG_USER_HEIGHT_MAX 1000000 +#define PNG_USER_WIDTH_MAX 1000000 #define PNG_WEIGHT_SHIFT 8 #define PNG_ZBUF_SIZE 8192 #define PNG_ZLIB_VERNUM 0 /* unknown */ @@ -41,7 +41,7 @@ png_destroy_png_struct(png_structrp png_ptr) } /* Allocate memory. For reasonable files, size should never exceed - * 64K. However, zlib may allocate more then 64K if you don't tell + * 64K. However, zlib may allocate more than 64K if you don't tell * it not to. See zconf.h and png.h for more information. zlib does * need to allocate exactly 64K, so whatever you call here must * have the ability to do that. diff --git a/pngpread.c b/pngpread.c index fb40e7db3..823dcad8c 100644 --- a/pngpread.c +++ b/pngpread.c @@ -1,8 +1,8 @@ /* pngpread.c - read a png file in push mode * - * Last changed in libpng 1.6.15 [November 20, 2014] - * Copyright (c) 1998-2014 Glenn Randers-Pehrson + * Last changed in libpng 1.6.17 [March 26, 2015] + * Copyright (c) 1998-2015 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * @@ -726,7 +726,7 @@ png_process_IDAT_data(png_structrp png_ptr, png_bytep buffer, * or the stream marked as finished. */ while (png_ptr->zstream.avail_in > 0 && - !(png_ptr->flags & PNG_FLAG_ZSTREAM_ENDED)) + (png_ptr->flags & PNG_FLAG_ZSTREAM_ENDED) == 0) { int ret; @@ -1036,6 +1036,7 @@ png_push_process_row(png_structrp png_ptr) } } else +#endif { png_push_have_row(png_ptr, png_ptr->row_buf + 1); png_read_push_finish_row(png_ptr); @@ -1045,6 +1046,7 @@ png_push_process_row(png_structrp png_ptr) void /* PRIVATE */ png_read_push_finish_row(png_structrp png_ptr) { +#ifdef PNG_READ_INTERLACING_SUPPORTED /* Arrays to facilitate easy interlacing - use pass (0 - 6) as index */ /* Start of interlace block */ @@ -1069,6 +1071,7 @@ png_read_push_finish_row(png_structrp png_ptr) if (png_ptr->row_number < png_ptr->num_rows) return; +#ifdef PNG_READ_INTERLACING_SUPPORTED if (png_ptr->interlaced != 0) { png_ptr->row_number = 0; @@ -1103,6 +1106,7 @@ png_read_push_finish_row(png_structrp png_ptr) } while (png_ptr->iwidth == 0 || png_ptr->num_rows == 0); } +#endif /* READ_INTERLACING */ } void /* PRIVATE */ @@ -1127,6 +1131,7 @@ png_push_have_row(png_structrp png_ptr, png_bytep row) (int)png_ptr->pass); } +#ifdef PNG_READ_INTERLACING_SUPPORTED void PNGAPI png_progressive_combine_row(png_const_structrp png_ptr, png_bytep old_row, png_const_bytep new_row) @@ -1141,6 +1146,7 @@ png_progressive_combine_row(png_const_structrp png_ptr, png_bytep old_row, if (new_row != NULL) png_combine_row(png_ptr, old_row, 1/*blocky display*/); } +#endif /* READ_INTERLACING */ void PNGAPI png_set_progressive_read_fn(png_structrp png_ptr, png_voidp progressive_ptr, @@ -1,13 +1,11 @@ /* pngpriv.h - private declarations for use inside libpng * - * For conditions of distribution and use, see copyright notice in png.h - * Copyright (c) 1998-2014 Glenn Randers-Pehrson + * Last changed in libpng 1.6.17 [March 26, 2015] + * Copyright (c) 1998-2015 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * - * Last changed in libpng 1.6.10 [March 6, 1014]] - * * This code is released under the libpng license. * For conditions of distribution and use, see the disclaimer * and license in png.h @@ -300,46 +298,9 @@ /* SECURITY and SAFETY: * - * By default libpng is built without any internal limits on image size, - * individual heap (png_malloc) allocations or the total amount of memory used. - * If PNG_SAFE_LIMITS_SUPPORTED is defined, however, the limits below are used - * (unless individually overridden). These limits are believed to be fairly - * safe, but builders of secure systems should verify the values against the - * real system capabilities. - */ -#ifdef PNG_SAFE_LIMITS_SUPPORTED - /* 'safe' limits */ -# ifndef PNG_USER_WIDTH_MAX -# define PNG_USER_WIDTH_MAX 1000000 -# endif -# ifndef PNG_USER_HEIGHT_MAX -# define PNG_USER_HEIGHT_MAX 1000000 -# endif -# ifndef PNG_USER_CHUNK_CACHE_MAX -# define PNG_USER_CHUNK_CACHE_MAX 128 -# endif -# ifndef PNG_USER_CHUNK_MALLOC_MAX -# define PNG_USER_CHUNK_MALLOC_MAX 8000000 -# endif -#else - /* values for no limits */ -# ifndef PNG_USER_WIDTH_MAX -# define PNG_USER_WIDTH_MAX 0x7fffffff -# endif -# ifndef PNG_USER_HEIGHT_MAX -# define PNG_USER_HEIGHT_MAX 0x7fffffff -# endif -# ifndef PNG_USER_CHUNK_CACHE_MAX -# define PNG_USER_CHUNK_CACHE_MAX 0 -# endif -# ifndef PNG_USER_CHUNK_MALLOC_MAX -# define PNG_USER_CHUNK_MALLOC_MAX 0 -# endif -#endif - -/* Moved to pngpriv.h at libpng-1.5.0 */ -/* NOTE: some of these may have been used in external applications as - * these definitions were exposed in pngconf.h prior to 1.5. + * libpng is built with support for internal limits on image dimensions and + * memory usage. These are documented in scripts/pnglibconf.dfa of the + * source and recorded in the machine generated header file pnglibconf.h. */ /* If you are running on a machine where you cannot allocate more @@ -582,13 +543,13 @@ #define PNG_RGB_TO_GRAY_WARN 0x400000 #define PNG_RGB_TO_GRAY 0x600000 /* two bits, RGB_TO_GRAY_ERR|WARN */ #define PNG_ENCODE_ALPHA 0x800000 /* Added to libpng-1.5.4 */ -#define PNG_ADD_ALPHA 0x1000000 /* Added to libpng-1.2.7 */ -#define PNG_EXPAND_tRNS 0x2000000 /* Added to libpng-1.2.9 */ -#define PNG_SCALE_16_TO_8 0x4000000 /* Added to libpng-1.5.4 */ - /* 0x8000000 unused */ - /* 0x10000000 unused */ - /* 0x20000000 unused */ - /* 0x40000000 unused */ +#define PNG_ADD_ALPHA 0x1000000 /* Added to libpng-1.2.7 */ +#define PNG_EXPAND_tRNS 0x2000000 /* Added to libpng-1.2.9 */ +#define PNG_SCALE_16_TO_8 0x4000000 /* Added to libpng-1.5.4 */ + /* 0x8000000 unused */ + /* 0x10000000 unused */ + /* 0x20000000 unused */ + /* 0x40000000 unused */ /* Flags for png_create_struct */ #define PNG_STRUCT_PNG 0x0001 #define PNG_STRUCT_INFO 0x0002 @@ -780,15 +741,17 @@ * macro will fail on top-bit-set values because of the sign extension. */ #define PNG_CHUNK_FROM_STRING(s)\ - PNG_U32(0xff&(s)[0], 0xff&(s)[1], 0xff&(s)[2], 0xff&(s)[3]) + PNG_U32(0xff & (s)[0], 0xff & (s)[1], 0xff & (s)[2], 0xff & (s)[3]) /* This uses (char), not (png_byte) to avoid warnings on systems where (char) is * signed and the argument is a (char[]) This macro will fail miserably on * systems where (char) is more than 8 bits. */ #define PNG_STRING_FROM_CHUNK(s,c)\ - (void)(((char*)(s))[0]=(char)((c)>>24), ((char*)(s))[1]=(char)((c)>>16),\ - ((char*)(s))[2]=(char)((c)>>8), ((char*)(s))[3]=(char)((c))) + (void)(((char*)(s))[0]=(char)(((c)>>24) & 0xff), \ + ((char*)(s))[1]=(char)(((c)>>16) & 0xff),\ + ((char*)(s))[2]=(char)(((c)>>8) & 0xff), \ + ((char*)(s))[3]=(char)((c & 0xff))) /* Do the same but terminate with a null character. */ #define PNG_CSTRING_FROM_CHUNK(s,c)\ @@ -850,8 +813,9 @@ PNG_INTERNAL_DATA(const png_uint_16, png_sRGB_table, [256]); PNG_INTERNAL_DATA(const png_uint_16, png_sRGB_base, [512]); PNG_INTERNAL_DATA(const png_byte, png_sRGB_delta, [512]); -#define PNG_sRGB_FROM_LINEAR(linear) ((png_byte)((png_sRGB_base[(linear)>>15] +\ - ((((linear)&0x7fff)*png_sRGB_delta[(linear)>>15])>>12)) >> 8)) +#define PNG_sRGB_FROM_LINEAR(linear) \ + ((png_byte)(0xff & ((png_sRGB_base[(linear)>>15] \ + + ((((linear) & 0x7fff)*png_sRGB_delta[(linear)>>15])>>12)) >> 8))) /* Given a value 'linear' in the range 0..255*65535 calculate the 8-bit sRGB * encoded value with maximum error 0.646365. Note that the input is not a * 16-bit value; it has been multiplied by 255! */ @@ -910,7 +874,7 @@ PNG_INTERNAL_FUNCTION(png_voidp,png_malloc_base,(png_const_structrp png_ptr, #if defined(PNG_TEXT_SUPPORTED) || defined(PNG_sPLT_SUPPORTED) ||\ defined(PNG_STORE_UNKNOWN_CHUNKS_SUPPORTED) /* Internal array allocator, outputs no error or warning messages on failure, - * just returns NULL. + * just returns NULL. */ PNG_INTERNAL_FUNCTION(png_voidp,png_malloc_array,(png_const_structrp png_ptr, int nelements, size_t element_size),PNG_ALLOCATED); @@ -1,8 +1,8 @@ /* pngread.c - read a PNG file * - * Last changed in libpng 1.6.15 [November 20, 2014] - * Copyright (c) 1998-2014 Glenn Randers-Pehrson + * Last changed in libpng 1.6.17 [March 26, 2015] + * Copyright (c) 1998-2015 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * @@ -814,8 +814,7 @@ png_read_end(png_structrp png_ptr, png_inforp info_ptr) /* Zero length IDATs are legal after the last IDAT has been * read, but not after other chunks have been read. */ - if ((length > 0) || - (png_ptr->mode & PNG_HAVE_CHUNK_AFTER_IDAT) != 0) + if ((length > 0) || (png_ptr->mode & PNG_HAVE_CHUNK_AFTER_IDAT) != 0) png_benign_error(png_ptr, "Too many IDATs found"); png_crc_finish(png_ptr, length); @@ -1824,6 +1823,7 @@ png_create_colormap_entry(png_image_read_control *display, y = (y + 128) >> 8; y *= 255; y = PNG_sRGB_FROM_LINEAR((y + 64) >> 7); + alpha = PNG_DIV257(alpha); encoding = P_sRGB; } @@ -2286,8 +2286,14 @@ png_image_read_colormap(png_voidp argument) output_processing = PNG_CMAP_NONE; break; } - +#ifdef __COVERITY__ + /* Coverity claims that output_encoding cannot be 2 (P_LINEAR) + * here. + */ + back_alpha = 255; +#else back_alpha = output_encoding == P_LINEAR ? 65535 : 255; +#endif } /* output_processing means that the libpng-processed row will be @@ -2412,7 +2418,14 @@ png_image_read_colormap(png_voidp argument) */ background_index = i; png_create_colormap_entry(display, i++, back_r, back_g, back_b, - output_encoding == P_LINEAR ? 65535U : 255U, output_encoding); +#ifdef __COVERITY__ + /* Coverity claims that output_encoding cannot be 2 (P_LINEAR) + * here. + */ 255U, +#else + output_encoding == P_LINEAR ? 65535U : 255U, +#endif + output_encoding); /* For non-opaque input composite on the sRGB background - this * requires inverting the encoding for each component. The input @@ -3246,7 +3259,7 @@ png_image_read_composite(png_voidp argument) png_uint_32 width = image->width; ptrdiff_t step_row = display->row_bytes; unsigned int channels = - (image->format & PNG_FORMAT_FLAG_COLOR) != 0 ? 3 : 1; + (image->format & PNG_FORMAT_FLAG_COLOR) != 0 ? 3 : 1; int pass; for (pass = 0; pass < passes; ++pass) @@ -1,8 +1,8 @@ /* pngrio.c - functions for data input * - * Last changed in libpng 1.6.15 [November 20, 2014] - * Copyright (c) 1998-2014 Glenn Randers-Pehrson + * Last changed in libpng 1.6.17 [March 26, 2015] + * Copyright (c) 1998-2015 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * @@ -26,7 +26,7 @@ * reads from a file pointer. Note that this routine sometimes gets called * with very small lengths, so you should implement some kind of simple * buffering if you are using unbuffered reads. This should never be asked - * to read more then 64K on a 16 bit machine. + * to read more than 64K on a 16 bit machine. */ void /* PRIVATE */ png_read_data(png_structrp png_ptr, png_bytep data, png_size_t length) diff --git a/pngrtran.c b/pngrtran.c index e6fe9fdbf..cad7a8daa 100644 --- a/pngrtran.c +++ b/pngrtran.c @@ -1,8 +1,8 @@ /* pngrtran.c - transforms the data in a row for PNG readers * - * Last changed in libpng 1.6.15 [November 20, 2014] - * Copyright (c) 1998-2014 Glenn Randers-Pehrson + * Last changed in libpng 1.6.17 [March 26, 2015] + * Copyright (c) 1998-2015 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * @@ -394,7 +394,7 @@ png_set_alpha_mode(png_structrp png_ptr, int mode, double output_gamma) /* Dither file to 8-bit. Supply a palette, the current number * of elements in the palette, the maximum number of elements * allowed, and a histogram if possible. If the current number - * of colors is greater then the maximum number, the palette will be + * of colors is greater than the maximum number, the palette will be * modified to fit in the maximum number. "full_quantize" indicates * whether we need a quantizing cube set up for RGB images, or if we * simply are reducing the number of colors in a paletted image. @@ -2357,7 +2357,7 @@ png_do_unshift(png_row_infop row_info, png_bytep row, if (++channel >= channels) channel = 0; *bp++ = (png_byte)(value >> 8); - *bp++ = (png_byte)(value & 0xff); + *bp++ = (png_byte)value; } break; } @@ -2662,9 +2662,9 @@ png_do_read_filler(png_row_infop row_info, png_bytep row, png_uint_32 row_width = row_info->width; #ifdef PNG_READ_16BIT_SUPPORTED - png_byte hi_filler = (png_byte)((filler>>8) & 0xff); + png_byte hi_filler = (png_byte)(filler>>8); #endif - png_byte lo_filler = (png_byte)(filler & 0xff); + png_byte lo_filler = (png_byte)filler; png_debug(1, "in png_do_read_filler"); @@ -2715,13 +2715,13 @@ png_do_read_filler(png_row_infop row_info, png_bytep row, png_bytep dp = sp + (png_size_t)row_width * 2; for (i = 1; i < row_width; i++) { - *(--dp) = hi_filler; *(--dp) = lo_filler; + *(--dp) = hi_filler; *(--dp) = *(--sp); *(--dp) = *(--sp); } - *(--dp) = hi_filler; *(--dp) = lo_filler; + *(--dp) = hi_filler; row_info->channels = 2; row_info->pixel_depth = 32; row_info->rowbytes = row_width * 4; @@ -2736,8 +2736,8 @@ png_do_read_filler(png_row_infop row_info, png_bytep row, { *(--dp) = *(--sp); *(--dp) = *(--sp); - *(--dp) = hi_filler; *(--dp) = lo_filler; + *(--dp) = hi_filler; } row_info->channels = 2; row_info->pixel_depth = 32; @@ -2796,8 +2796,8 @@ png_do_read_filler(png_row_infop row_info, png_bytep row, png_bytep dp = sp + (png_size_t)row_width * 2; for (i = 1; i < row_width; i++) { - *(--dp) = hi_filler; *(--dp) = lo_filler; + *(--dp) = hi_filler; *(--dp) = *(--sp); *(--dp) = *(--sp); *(--dp) = *(--sp); @@ -2805,8 +2805,8 @@ png_do_read_filler(png_row_infop row_info, png_bytep row, *(--dp) = *(--sp); *(--dp) = *(--sp); } - *(--dp) = hi_filler; *(--dp) = lo_filler; + *(--dp) = hi_filler; row_info->channels = 4; row_info->pixel_depth = 64; row_info->rowbytes = row_width * 8; @@ -2825,8 +2825,8 @@ png_do_read_filler(png_row_infop row_info, png_bytep row, *(--dp) = *(--sp); *(--dp) = *(--sp); *(--dp) = *(--sp); - *(--dp) = hi_filler; *(--dp) = lo_filler; + *(--dp) = hi_filler; } row_info->channels = 4; @@ -3087,10 +3087,11 @@ png_do_rgb_to_gray(png_structrp png_ptr, png_row_infop row_info, png_bytep row) for (i = 0; i < row_width; i++) { png_uint_16 red, green, blue, w; + png_byte hi,lo; - red = (png_uint_16)(((*(sp)) << 8) | *(sp + 1)); sp += 2; - green = (png_uint_16)(((*(sp)) << 8) | *(sp + 1)); sp += 2; - blue = (png_uint_16)(((*(sp)) << 8) | *(sp + 1)); sp += 2; + hi=*(sp)++; lo=*(sp)++; red = (png_uint_16)((hi << 8) | (lo)); + hi=*(sp)++; lo=*(sp)++; green = (png_uint_16)((hi << 8) | (lo)); + hi=*(sp)++; lo=*(sp)++; blue = (png_uint_16)((hi << 8) | (lo)); if (red == green && red == blue) { @@ -3104,16 +3105,16 @@ png_do_rgb_to_gray(png_structrp png_ptr, png_row_infop row_info, png_bytep row) else { - png_uint_16 red_1 = png_ptr->gamma_16_to_1[(red&0xff) + png_uint_16 red_1 = png_ptr->gamma_16_to_1[(red & 0xff) >> png_ptr->gamma_shift][red>>8]; png_uint_16 green_1 = - png_ptr->gamma_16_to_1[(green&0xff) >> + png_ptr->gamma_16_to_1[(green & 0xff) >> png_ptr->gamma_shift][green>>8]; - png_uint_16 blue_1 = png_ptr->gamma_16_to_1[(blue&0xff) + png_uint_16 blue_1 = png_ptr->gamma_16_to_1[(blue & 0xff) >> png_ptr->gamma_shift][blue>>8]; png_uint_16 gray16 = (png_uint_16)((rc*red_1 + gc*green_1 + bc*blue_1 + 16384)>>15); - w = png_ptr->gamma_16_from_1[(gray16&0xff) >> + w = png_ptr->gamma_16_from_1[(gray16 & 0xff) >> png_ptr->gamma_shift][gray16 >> 8]; rgb_error |= 1; } @@ -3138,10 +3139,11 @@ png_do_rgb_to_gray(png_structrp png_ptr, png_row_infop row_info, png_bytep row) for (i = 0; i < row_width; i++) { png_uint_16 red, green, blue, gray16; + png_byte hi,lo; - red = (png_uint_16)(((*(sp)) << 8) | *(sp + 1)); sp += 2; - green = (png_uint_16)(((*(sp)) << 8) | *(sp + 1)); sp += 2; - blue = (png_uint_16)(((*(sp)) << 8) | *(sp + 1)); sp += 2; + hi=*(sp)++; lo=*(sp)++; red = (png_uint_16)((hi << 8) | (lo)); + hi=*(sp)++; lo=*(sp)++; green = (png_uint_16)((hi << 8) | (lo)); + hi=*(sp)++; lo=*(sp)++; blue = (png_uint_16)((hi << 8) | (lo)); if (red != green || red != blue) rgb_error |= 1; @@ -3667,7 +3669,8 @@ png_do_compose(png_row_infop row_info, png_bytep row, png_structrp png_ptr) if (optimize != 0) w = v; else - w = gamma_16_from_1[(v&0xff) >> gamma_shift][v >> 8]; + w = gamma_16_from_1[(v & 0xff) >> + gamma_shift][v >> 8]; *sp = (png_byte)((w >> 8) & 0xff); *(sp + 1) = (png_byte)(w & 0xff); } @@ -3831,7 +3834,7 @@ png_do_compose(png_row_infop row_info, png_bytep row, png_structrp png_ptr) v = gamma_16_to_1[*(sp + 1) >> gamma_shift][*sp]; png_composite_16(w, v, a, png_ptr->background_1.red); if (optimize == 0) - w = gamma_16_from_1[((w&0xff) >> gamma_shift)][w >> + w = gamma_16_from_1[((w & 0xff) >> gamma_shift)][w >> 8]; *sp = (png_byte)((w >> 8) & 0xff); *(sp + 1) = (png_byte)(w & 0xff); @@ -3839,7 +3842,7 @@ png_do_compose(png_row_infop row_info, png_bytep row, png_structrp png_ptr) v = gamma_16_to_1[*(sp + 3) >> gamma_shift][*(sp + 2)]; png_composite_16(w, v, a, png_ptr->background_1.green); if (optimize == 0) - w = gamma_16_from_1[((w&0xff) >> gamma_shift)][w >> + w = gamma_16_from_1[((w & 0xff) >> gamma_shift)][w >> 8]; *(sp + 2) = (png_byte)((w >> 8) & 0xff); @@ -3848,7 +3851,7 @@ png_do_compose(png_row_infop row_info, png_bytep row, png_structrp png_ptr) v = gamma_16_to_1[*(sp + 5) >> gamma_shift][*(sp + 4)]; png_composite_16(w, v, a, png_ptr->background_1.blue); if (optimize == 0) - w = gamma_16_from_1[((w&0xff) >> gamma_shift)][w >> + w = gamma_16_from_1[((w & 0xff) >> gamma_shift)][w >> 8]; *(sp + 4) = (png_byte)((w >> 8) & 0xff); @@ -4837,7 +4840,7 @@ png_do_read_transformations(png_structrp png_ptr, png_row_infop row_info) /* Because PNG_COMPOSE does the gamma transform if there is something to * do (if there is an alpha channel or transparency.) */ - !((png_ptr->transformations & PNG_COMPOSE) && + !((png_ptr->transformations & PNG_COMPOSE) != 0 && ((png_ptr->num_trans != 0) || (png_ptr->color_type & PNG_COLOR_MASK_ALPHA) != 0)) && #endif diff --git a/pngrutil.c b/pngrutil.c index 4c26be48c..6c5c37526 100644 --- a/pngrutil.c +++ b/pngrutil.c @@ -1,8 +1,8 @@ /* pngrutil.c - utilities to read a PNG file * - * Last changed in libpng 1.6.15 [November 20, 2014] - * Copyright (c) 1998-2014 Glenn Randers-Pehrson + * Last changed in libpng 1.6.17 [March 26, 2015] + * Copyright (c) 1998-2015 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * @@ -1515,8 +1515,10 @@ png_handle_iCCP(png_structrp png_ptr, png_inforp info_ptr, png_uint_32 length) else if (size > 0) errmsg = "truncated"; +#ifndef __COVERITY__ else errmsg = png_ptr->zstream.msg; +#endif } /* else png_icc_check_tag_table output an error */ @@ -2804,7 +2806,7 @@ png_handle_unknown(png_structrp png_ptr, png_inforp info_ptr, &png_ptr->unknown_chunk); /* ret is: - * negative: An error occured, png_chunk_error will be called. + * negative: An error occurred; png_chunk_error will be called. * zero: The chunk was not handled, the chunk will be discarded * unless png_set_keep_unknown_chunks has been used to set * a 'keep' behavior for this particular chunk, in which @@ -1,8 +1,8 @@ /* pngset.c - storage of image information into info struct * - * Last changed in libpng 1.6.15 [November 20, 2014] - * Copyright (c) 1998-2014 Glenn Randers-Pehrson + * Last changed in libpng 1.6.17 [March 26, 2015] + * Copyright (c) 1998-2015 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * @@ -190,6 +190,7 @@ png_set_hIST(png_const_structrp png_ptr, png_inforp info_ptr, if (info_ptr->hist == NULL) { png_warning(png_ptr, "Insufficient memory for hIST chunk data"); + return; } @@ -271,7 +272,7 @@ png_set_pCAL(png_const_structrp png_ptr, png_inforp info_ptr, png_debug1(1, "in %s storage function", "pCAL"); if (png_ptr == NULL || info_ptr == NULL || purpose == NULL || units == NULL - || (nparams > 0 && params == NULL)) + || (nparams > 0 && params == NULL)) return; length = strlen(purpose) + 1; @@ -301,6 +302,7 @@ png_set_pCAL(png_const_structrp png_ptr, png_inforp info_ptr, if (info_ptr->pcal_purpose == NULL) { png_warning(png_ptr, "Insufficient memory for pCAL purpose"); + return; } @@ -322,6 +324,7 @@ png_set_pCAL(png_const_structrp png_ptr, png_inforp info_ptr, if (info_ptr->pcal_units == NULL) { png_warning(png_ptr, "Insufficient memory for pCAL units"); + return; } @@ -333,6 +336,7 @@ png_set_pCAL(png_const_structrp png_ptr, png_inforp info_ptr, if (info_ptr->pcal_params == NULL) { png_warning(png_ptr, "Insufficient memory for pCAL params"); + return; } @@ -349,6 +353,7 @@ png_set_pCAL(png_const_structrp png_ptr, png_inforp info_ptr, if (info_ptr->pcal_params[i] == NULL) { png_warning(png_ptr, "Insufficient memory for pCAL parameter"); + return; } @@ -398,6 +403,7 @@ png_set_sCAL_s(png_const_structrp png_ptr, png_inforp info_ptr, if (info_ptr->scal_s_width == NULL) { png_warning(png_ptr, "Memory allocation failed while processing sCAL"); + return; } @@ -416,6 +422,7 @@ png_set_sCAL_s(png_const_structrp png_ptr, png_inforp info_ptr, info_ptr->scal_s_width = NULL; png_warning(png_ptr, "Memory allocation failed while processing sCAL"); + return; } @@ -519,6 +526,7 @@ png_set_PLTE(png_structrp png_ptr, png_inforp info_ptr, else { png_warning(png_ptr, "Invalid palette length"); + return; } } @@ -531,7 +539,6 @@ png_set_PLTE(png_structrp png_ptr, png_inforp info_ptr, )) { png_error(png_ptr, "Invalid palette"); - return; } /* It may not actually be necessary to set png_ptr->palette here; @@ -655,6 +662,7 @@ png_set_iCCP(png_const_structrp png_ptr, png_inforp info_ptr, if (new_iccp_name == NULL) { png_benign_error(png_ptr, "Insufficient memory to process iCCP chunk"); + return; } @@ -668,6 +676,7 @@ png_set_iCCP(png_const_structrp png_ptr, png_inforp info_ptr, new_iccp_name = NULL; png_benign_error(png_ptr, "Insufficient memory to process iCCP profile"); + return; } @@ -743,6 +752,7 @@ png_set_text_2(png_const_structrp png_ptr, png_inforp info_ptr, { png_chunk_report(png_ptr, "too many text chunks", PNG_CHUNK_WRITE_ERROR); + return 1; } @@ -798,7 +808,7 @@ png_set_text_2(png_const_structrp png_ptr, png_inforp info_ptr, else lang_key_len = 0; } -# else /* PNG_iTXt_SUPPORTED */ +# else /* iTXt */ { png_chunk_report(png_ptr, "iTXt chunk not supported", PNG_CHUNK_WRITE_ERROR); @@ -831,6 +841,7 @@ png_set_text_2(png_const_structrp png_ptr, png_inforp info_ptr, { png_chunk_report(png_ptr, "text chunk: out of memory", PNG_CHUNK_WRITE_ERROR); + return 1; } @@ -904,6 +915,7 @@ png_set_tIME(png_const_structrp png_ptr, png_inforp info_ptr, mod_time->second > 60) { png_warning(png_ptr, "Ignoring invalid time value"); + return; } @@ -920,6 +932,7 @@ png_set_tRNS(png_structrp png_ptr, png_inforp info_ptr, png_debug1(1, "in %s storage function", "tRNS"); if (png_ptr == NULL || info_ptr == NULL) + return; if (trans_alpha != NULL) @@ -945,16 +958,21 @@ png_set_tRNS(png_structrp png_ptr, png_inforp info_ptr, if (trans_color != NULL) { - int sample_max = (1 << info_ptr->bit_depth); - - if ((info_ptr->color_type == PNG_COLOR_TYPE_GRAY && - trans_color->gray > sample_max) || - (info_ptr->color_type == PNG_COLOR_TYPE_RGB && - (trans_color->red > sample_max || - trans_color->green > sample_max || - trans_color->blue > sample_max))) - png_warning(png_ptr, - "tRNS chunk has out-of-range samples for bit_depth"); +#ifdef PNG_WARNINGS_SUPPORTED + if (info_ptr->bit_depth < 16) + { + int sample_max = (1 << info_ptr->bit_depth) - 1; + + if ((info_ptr->color_type == PNG_COLOR_TYPE_GRAY && + trans_color->gray > sample_max) || + (info_ptr->color_type == PNG_COLOR_TYPE_RGB && + (trans_color->red > sample_max || + trans_color->green > sample_max || + trans_color->blue > sample_max))) + png_warning(png_ptr, + "tRNS chunk has out-of-range samples for bit_depth"); + } +#endif info_ptr->trans_color = *trans_color; @@ -1001,6 +1019,7 @@ png_set_sPLT(png_const_structrp png_ptr, { /* Out of memory or too many chunks */ png_chunk_report(png_ptr, "too many sPLT chunks", PNG_CHUNK_WRITE_ERROR); + return; } @@ -1116,7 +1135,7 @@ png_set_unknown_chunks(png_const_structrp png_ptr, png_unknown_chunkp np; if (png_ptr == NULL || info_ptr == NULL || num_unknowns <= 0 || - unknowns == NULL) + unknowns == NULL) return; /* Check for the failure cases where support has been disabled at compile @@ -1130,6 +1149,7 @@ png_set_unknown_chunks(png_const_structrp png_ptr, if ((png_ptr->mode & PNG_IS_READ_STRUCT) != 0) { png_app_error(png_ptr, "no unknown chunk support on read"); + return; } # endif @@ -1138,6 +1158,7 @@ png_set_unknown_chunks(png_const_structrp png_ptr, if ((png_ptr->mode & PNG_IS_READ_STRUCT) == 0) { png_app_error(png_ptr, "no unknown chunk support on write"); + return; } # endif @@ -1155,6 +1176,7 @@ png_set_unknown_chunks(png_const_structrp png_ptr, { png_chunk_report(png_ptr, "too many unknown chunks", PNG_CHUNK_WRITE_ERROR); + return; } @@ -1232,8 +1254,7 @@ png_set_unknown_chunk_location(png_const_structrp png_ptr, png_inforp info_ptr, check_location(png_ptr, location); } } -#endif - +#endif /* STORE_UNKNOWN_CHUNKS */ #ifdef PNG_MNG_FEATURES_SUPPORTED png_uint_32 PNGAPI @@ -1264,6 +1285,7 @@ add_one_chunk(png_bytep list, unsigned int count, png_const_bytep add, int keep) if (memcmp(list, add, 4) == 0) { list[4] = (png_byte)keep; + return count; } } @@ -1291,6 +1313,7 @@ png_set_keep_unknown_chunks(png_structrp png_ptr, int keep, if (keep < 0 || keep >= PNG_HANDLE_CHUNK_LAST) { png_app_error(png_ptr, "png_set_keep_unknown_chunks: invalid keep"); + return; } @@ -1340,6 +1363,7 @@ png_set_keep_unknown_chunks(png_structrp png_ptr, int keep, * which can be switched off. */ png_app_error(png_ptr, "png_set_keep_unknown_chunks: no chunk list"); + return; } @@ -1355,6 +1379,7 @@ png_set_keep_unknown_chunks(png_structrp png_ptr, int keep, if (num_chunks + old_num_chunks > UINT_MAX/5) { png_app_error(png_ptr, "png_set_keep_unknown_chunks: too many chunks"); + return; } @@ -1492,23 +1517,27 @@ png_set_compression_buffer_size(png_structrp png_ptr, png_size_t size) { png_warning(png_ptr, "Compression buffer size cannot be changed because it is in use"); + return; } +#ifndef __COVERITY__ if (size > ZLIB_IO_MAX) { png_warning(png_ptr, "Compression buffer size limited to system maximum"); size = ZLIB_IO_MAX; /* must fit */ } +#endif - else if (size < 6) + if (size < 6) { /* Deflate will potentially go into an infinite loop on a SYNC_FLUSH * if this is permitted. */ png_warning(png_ptr, "Compression buffer size cannot be reduced below 6"); + return; } @@ -1550,8 +1579,8 @@ png_set_user_limits (png_structrp png_ptr, png_uint_32 user_width_max, void PNGAPI png_set_chunk_cache_max (png_structrp png_ptr, png_uint_32 user_chunk_cache_max) { - if (png_ptr != NULL) - png_ptr->user_chunk_cache_max = user_chunk_cache_max; + if (png_ptr != NULL) + png_ptr->user_chunk_cache_max = user_chunk_cache_max; } /* This function was added to libpng 1.4.1 */ diff --git a/pngstruct.h b/pngstruct.h index c1dd026a9..8420d0997 100644 --- a/pngstruct.h +++ b/pngstruct.h @@ -1,12 +1,11 @@ /* pngstruct.h - header file for PNG reference library * + * Last changed in libpng 1.6.1 [March 28, 2013] * Copyright (c) 1998-2013 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * - * Last changed in libpng 1.6.1 [March 28, 2013] - * * This code is released under the libpng license. * For conditions of distribution and use, see the disclaimer * and license in png.h @@ -101,7 +100,7 @@ typedef struct png_XYZ #endif /* COLORSPACE */ #if defined(PNG_COLORSPACE_SUPPORTED) || defined(PNG_GAMMA_SUPPORTED) -/* A colorspace is all the above plus, potentially, profile information, +/* A colorspace is all the above plus, potentially, profile information; * however at present libpng does not use the profile internally so it is only * stored in the png_info struct (if iCCP is supported.) The rendering intent * is retained here and is checked. diff --git a/pngtrans.c b/pngtrans.c index 56856b480..cd3a79b6f 100644 --- a/pngtrans.c +++ b/pngtrans.c @@ -1,8 +1,8 @@ /* pngtrans.c - transforms the data in a row (used by both readers and writers) * - * Last changed in libpng 1.6.15 [November 20, 2014] - * Copyright (c) 1998-2014 Glenn Randers-Pehrson + * Last changed in libpng 1.6.17 [March 26, 2015] + * Copyright (c) 1998-2015 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * diff --git a/pngwrite.c b/pngwrite.c index 94548877b..e3c203496 100644 --- a/pngwrite.c +++ b/pngwrite.c @@ -1,8 +1,8 @@ /* pngwrite.c - general routines to write a PNG file * - * Last changed in libpng 1.6.15 [November 20, 2014] - * Copyright (c) 1998-2014 Glenn Randers-Pehrson + * Last changed in libpng 1.6.17 [March 26, 2015] + * Copyright (c) 1998-2015 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * @@ -638,8 +638,8 @@ png_do_write_intrapixel(png_row_infop row_info, png_bytep row) for (i = 0, rp = row; i < row_width; i++, rp += bytes_per_pixel) { - *(rp) = (png_byte)((*rp - *(rp + 1)) & 0xff); - *(rp + 2) = (png_byte)((*(rp + 2) - *(rp + 1)) & 0xff); + *(rp) = (png_byte)(*rp - *(rp + 1)); + *(rp + 2) = (png_byte)(*(rp + 2) - *(rp + 1)); } } @@ -665,10 +665,10 @@ png_do_write_intrapixel(png_row_infop row_info, png_bytep row) png_uint_32 s2 = (*(rp + 4) << 8) | *(rp + 5); png_uint_32 red = (png_uint_32)((s0 - s1) & 0xffffL); png_uint_32 blue = (png_uint_32)((s2 - s1) & 0xffffL); - *(rp ) = (png_byte)((red >> 8) & 0xff); - *(rp + 1) = (png_byte)(red & 0xff); - *(rp + 4) = (png_byte)((blue >> 8) & 0xff); - *(rp + 5) = (png_byte)(blue & 0xff); + *(rp ) = (png_byte)(red >> 8); + *(rp + 1) = (png_byte)red; + *(rp + 4) = (png_byte)(blue >> 8); + *(rp + 5) = (png_byte)blue; } } #endif /* WRITE_16BIT */ @@ -1050,8 +1050,8 @@ png_set_filter(png_structrp png_ptr, int method, int filters) * it is too late to start using the filters that need it, since we * will be missing the data in the previous row. If an application * wants to start and stop using particular filters during compression, - * it should start out with all of the filters, and then add and - * remove them after the start of compression. + * it should start out with all of the filters, and then remove them + * or add them back after the start of compression. */ if (png_ptr->row_buf != NULL) { @@ -1372,6 +1372,7 @@ png_set_filter_heuristics_fixed(png_structrp png_ptr, int heuristic_method, #endif /* FIXED_POINT */ #endif /* WRITE_WEIGHTED_FILTER */ +#ifdef PNG_WRITE_CUSTOMIZE_COMPRESSION_SUPPORTED void PNGAPI png_set_compression_level(png_structrp png_ptr, int level) { @@ -1417,8 +1418,8 @@ png_set_compression_window_bits(png_structrp png_ptr, int window_bits) if (png_ptr == NULL) return; - /* Prior to 1.6.0 this would warn but then set the window_bits value, this - * meant that negative window bits values could be selected which would cause + /* Prior to 1.6.0 this would warn but then set the window_bits value. This + * meant that negative window bits values could be selected that would cause * libpng to write a non-standard PNG file with raw deflate or gzip * compressed IDAT or ancillary chunks. Such files can be read and there is * no warning on read, so this seems like a very bad idea. @@ -1454,6 +1455,7 @@ png_set_compression_method(png_structrp png_ptr, int method) png_ptr->zlib_method = method; } +#endif /* WRITE_CUSTOMIZE_COMPRESSION */ /* The following were added to libpng-1.5.4 */ #ifdef PNG_WRITE_CUSTOMIZE_ZTXT_COMPRESSION_SUPPORTED @@ -2287,7 +2289,9 @@ png_image_write_main(png_voidp argument) * it about 50 times. The speed-up in pngstest was about 10-20% of the * total (user) time on a heavily loaded system. */ +#ifdef PNG_WRITE_CUSTOMIZE_COMPRESSION_SUPPORTED png_set_compression_level(png_ptr, 3); +#endif } /* Check for the cases that currently require a pre-transform on the row diff --git a/pngwtran.c b/pngwtran.c index 09562a787..db82e27bc 100644 --- a/pngwtran.c +++ b/pngwtran.c @@ -1,8 +1,8 @@ /* pngwtran.c - transforms the data in a row for PNG writers * - * Last changed in libpng 1.6.15 [November 20, 2014] - * Copyright (c) 1998-2014 Glenn Randers-Pehrson + * Last changed in libpng 1.6.17 [March 26, 2015] + * Copyright (c) 1998-2015 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * diff --git a/pngwutil.c b/pngwutil.c index 10c1edffa..b289671d1 100644 --- a/pngwutil.c +++ b/pngwutil.c @@ -1,8 +1,8 @@ /* pngwutil.c - utilities to write a PNG file * - * Last changed in libpng 1.6.15 [November 20, 2014] - * Copyright (c) 1998-2014 Glenn Randers-Pehrson + * Last changed in libpng 1.6.17 [March 26, 2015] + * Copyright (c) 1998-2015 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * @@ -23,10 +23,10 @@ void PNGAPI png_save_uint_32(png_bytep buf, png_uint_32 i) { - buf[0] = (png_byte)((i >> 24) & 0xff); - buf[1] = (png_byte)((i >> 16) & 0xff); - buf[2] = (png_byte)((i >> 8) & 0xff); - buf[3] = (png_byte)(i & 0xff); + buf[0] = (png_byte)(i >> 24); + buf[1] = (png_byte)(i >> 16); + buf[2] = (png_byte)(i >> 8); + buf[3] = (png_byte)(i ); } /* Place a 16-bit number into a buffer in PNG byte order. @@ -36,8 +36,8 @@ png_save_uint_32(png_bytep buf, png_uint_32 i) void PNGAPI png_save_uint_16(png_bytep buf, unsigned int i) { - buf[0] = (png_byte)((i >> 8) & 0xff); - buf[1] = (png_byte)(i & 0xff); + buf[0] = (png_byte)(i >> 8); + buf[1] = (png_byte)(i ); } #endif @@ -695,7 +695,7 @@ png_check_keyword(png_structrp png_ptr, png_const_charp key, png_bytep new_key) while (*key && key_len < 79) { - png_byte ch = (png_byte)(0xff & *key++); + png_byte ch = (png_byte)*key++; if ((ch > 32 && ch <= 126) || (ch >= 161 /*&& ch <= 255*/)) *new_key++ = ch, ++key_len, space = 0; @@ -871,7 +871,7 @@ png_write_IHDR(png_structrp png_ptr, png_uint_32 width, png_uint_32 height, interlace_type=PNG_INTERLACE_NONE; #endif - /* Save the relevent information */ + /* Save the relevant information */ png_ptr->bit_depth = (png_byte)bit_depth; png_ptr->color_type = (png_byte)color_type; png_ptr->interlaced = (png_byte)interlace_type; @@ -1765,7 +1765,7 @@ png_write_iTXt(png_structrp png_ptr, int compression, png_const_charp key, png_write_compressed_data_out(png_ptr, &comp); else - png_write_chunk_data(png_ptr, (png_const_bytep)text, comp.input_len); + png_write_chunk_data(png_ptr, (png_const_bytep)text, comp.output_len); png_write_chunk_end(png_ptr); } @@ -2314,7 +2314,7 @@ png_do_write_interlace(png_row_infop row_info, png_bytep row, int pass) * been specified by the application, and then writes the row out with the * chosen filter. */ -static void +static void /* PRIVATE */ png_write_filtered_row(png_structrp png_ptr, png_bytep filtered_row, png_size_t row_bytes); @@ -2453,7 +2453,7 @@ png_write_find_filter(png_structrp png_ptr, png_row_infop row_info) for (lp = row_buf + 1; i < row_bytes; i++, rp++, lp++, dp++) { - *dp = (png_byte)(((int)*rp - (int)*lp) & 0xff); + *dp = (png_byte)((int)*rp - (int)*lp); } best_row = png_ptr->sub_row; @@ -2515,7 +2515,7 @@ png_write_find_filter(png_structrp png_ptr, png_row_infop row_info) for (lp = row_buf + 1; i < row_bytes; i++, rp++, lp++, dp++) { - v = *dp = (png_byte)(((int)*rp - (int)*lp) & 0xff); + v = *dp = (png_byte)((int)*rp - (int)*lp); sum += (v < 128) ? v : 256 - v; @@ -2574,7 +2574,7 @@ png_write_find_filter(png_structrp png_ptr, png_row_infop row_info) pp = prev_row + 1; i < row_bytes; i++, rp++, pp++, dp++) { - *dp = (png_byte)(((int)*rp - (int)*pp) & 0xff); + *dp = (png_byte)((int)*rp - (int)*pp); } best_row = png_ptr->up_row; @@ -2625,7 +2625,7 @@ png_write_find_filter(png_structrp png_ptr, png_row_infop row_info) for (i = 0, rp = row_buf + 1, dp = png_ptr->up_row + 1, pp = prev_row + 1; i < row_bytes; i++) { - v = *dp++ = (png_byte)(((int)*rp++ - (int)*pp++) & 0xff); + v = *dp++ = (png_byte)((int)*rp++ - (int)*pp++); sum += (v < 128) ? v : 256 - v; @@ -2683,13 +2683,13 @@ png_write_find_filter(png_structrp png_ptr, png_row_infop row_info) for (i = 0, rp = row_buf + 1, dp = png_ptr->avg_row + 1, pp = prev_row + 1; i < bpp; i++) { - *dp++ = (png_byte)(((int)*rp++ - ((int)*pp++ / 2)) & 0xff); + *dp++ = (png_byte)((int)*rp++ - ((int)*pp++ / 2)); } for (lp = row_buf + 1; i < row_bytes; i++) { - *dp++ = (png_byte)(((int)*rp++ - (((int)*pp++ + (int)*lp++) / 2)) - & 0xff); + *dp++ = + (png_byte)((int)*rp++ - (((int)*pp++ + (int)*lp++) / 2)); } best_row = png_ptr->avg_row; } @@ -2738,7 +2738,7 @@ png_write_find_filter(png_structrp png_ptr, png_row_infop row_info) for (i = 0, rp = row_buf + 1, dp = png_ptr->avg_row + 1, pp = prev_row + 1; i < bpp; i++) { - v = *dp++ = (png_byte)(((int)*rp++ - ((int)*pp++ / 2)) & 0xff); + v = *dp++ = (png_byte)((int)*rp++ - ((int)*pp++ / 2)); sum += (v < 128) ? v : 256 - v; } @@ -2746,7 +2746,7 @@ png_write_find_filter(png_structrp png_ptr, png_row_infop row_info) for (lp = row_buf + 1; i < row_bytes; i++) { v = *dp++ = - (png_byte)(((int)*rp++ - (((int)*pp++ + (int)*lp++) / 2)) & 0xff); + (png_byte)(((int)*rp++ - ((int)*pp++ + (int)*lp++) / 2)); sum += (v < 128) ? v : 256 - v; @@ -2804,7 +2804,7 @@ png_write_find_filter(png_structrp png_ptr, png_row_infop row_info) for (i = 0, rp = row_buf + 1, dp = png_ptr->paeth_row + 1, pp = prev_row + 1; i < bpp; i++) { - *dp++ = (png_byte)(((int)*rp++ - (int)*pp++) & 0xff); + *dp++ = (png_byte)((int)*rp++ - (int)*pp++); } for (lp = row_buf + 1, cp = prev_row + 1; i < row_bytes; i++) @@ -2830,7 +2830,7 @@ png_write_find_filter(png_structrp png_ptr, png_row_infop row_info) p = (pa <= pb && pa <=pc) ? a : (pb <= pc) ? b : c; - *dp++ = (png_byte)(((int)*rp++ - p) & 0xff); + *dp++ = (png_byte)((int)*rp++ - p); } best_row = png_ptr->paeth_row; } @@ -2879,7 +2879,7 @@ png_write_find_filter(png_structrp png_ptr, png_row_infop row_info) for (i = 0, rp = row_buf + 1, dp = png_ptr->paeth_row + 1, pp = prev_row + 1; i < bpp; i++) { - v = *dp++ = (png_byte)(((int)*rp++ - (int)*pp++) & 0xff); + v = *dp++ = (png_byte)((int)*rp++ - (int)*pp++); sum += (v < 128) ? v : 256 - v; } @@ -2921,7 +2921,7 @@ png_write_find_filter(png_structrp png_ptr, png_row_infop row_info) p = c; #endif /* SLOW_PAETH */ - v = *dp++ = (png_byte)(((int)*rp++ - p) & 0xff); + v = *dp++ = (png_byte)((int)*rp++ - p); sum += (v < 128) ? v : 256 - v; @@ -3003,6 +3003,7 @@ png_write_filtered_row(png_structrp png_ptr, png_bytep filtered_row, png_compress_IDAT(png_ptr, filtered_row, full_row_length, Z_NO_FLUSH); +#ifdef PNG_WRITE_FILTER_SUPPORTED /* Swap the current and previous rows */ if (png_ptr->prev_row != NULL) { @@ -3012,6 +3013,7 @@ png_write_filtered_row(png_structrp png_ptr, png_bytep filtered_row, png_ptr->prev_row = png_ptr->row_buf; png_ptr->row_buf = tptr; } +#endif /* WRITE_FILTER */ /* Finish row - updates counters and flushes zlib if last row */ png_write_finish_row(png_ptr); |