diff options
| author | John Bowler <jbowler@acm.org> | 2012-03-18 14:39:41 -0500 |
|---|---|---|
| committer | Glenn Randers-Pehrson <glennrp@shaggy.simplesystems.org> | 2012-03-18 14:39:41 -0500 |
| commit | 0c11b5f8e72ca99cf0ab62483b8959c56a5c54bc (patch) | |
| tree | 588cc01e1a1ba1fbf8a344e862c927e4d2725d0e | |
| parent | f5dcba6b9bcd0495c544daea73e64bebfbe08faf (diff) | |
| download | libpng-0c11b5f8e72ca99cf0ab62483b8959c56a5c54bc.tar.gz | |
[libpng16] Work around for duplicate row start calls; added warning messages.
This turns on PNG_FLAG_DETECT_UNINITIALIZED to detect app code that
fails to call one of the 'start' routines (not enabled in libpng-1.5
because it is technically an API change, since it did normally work
before.) It also makes duplicate calls to png_read_start_row (an
internal function called at the start of the image read) benign, as
they were before changes to use png_inflate_claim. Somehow webkit is
causing this to happen; this is probably a mis-feature in the zlib
changes so this commit is only a work-round.
| -rw-r--r-- | ANNOUNCE | 13 | ||||
| -rw-r--r-- | CHANGES | 11 | ||||
| -rw-r--r-- | pngread.c | 5 | ||||
| -rw-r--r-- | pngrtran.c | 47 | ||||
| -rw-r--r-- | pngrutil.c | 11 |
5 files changed, 78 insertions, 9 deletions
@@ -1,5 +1,5 @@ -Libpng 1.6.0beta19 - March 17, 2012 +Libpng 1.6.0beta19 - March 18, 2012 This is not intended to be a public release. It will be replaced within a few weeks by a public version or by another test version. @@ -318,7 +318,16 @@ Version 1.6.0beta18 [March 16, 2012] read benign errors to warnings (regardless of the system default, unless this is disabled in which case the simplified API can't be built.) -Version 1.6.0beta19 [March 17, 2012] +Version 1.6.0beta19 [March 18, 2012] + Work around for duplicate row start calls; added warning messages. + This turns on PNG_FLAG_DETECT_UNINITIALIZED to detect app code that + fails to call one of the 'start' routines (not enabled in libpng-1.5 + because it is technically an API change, since it did normally work + before.) It also makes duplicate calls to png_read_start_row (an + internal function called at the start of the image read) benign, as + they were before changes to use png_inflate_claim. Somehow webkit is + causing this to happen; this is probably a mis-feature in the zlib + changes so this commit is only a work-round. Send comments/corrections/commendations to png-mng-implement at lists.sf.net (subscription required; visit @@ -4069,7 +4069,16 @@ Version 1.6.0beta18 [March 16, 2012] read benign errors to warnings (regardless of the system default, unless this is disabled in which case the simplified API can't be built.) -Version 1.6.0beta19 [March 17, 2012] +Version 1.6.0beta19 [March 18, 2012] + Work around for duplicate row start calls; added warning messages. + This turns on PNG_FLAG_DETECT_UNINITIALIZED to detect app code that + fails to call one of the 'start' routines (not enabled in libpng-1.5 + because it is technically an API change, since it did normally work + before.) It also makes duplicate calls to png_read_start_row (an + internal function called at the start of the image read) benign, as + they were before changes to use png_inflate_claim. Somehow webkit is + causing this to happen; this is probably a mis-feature in the zlib + changes so this commit is only a work-round. Send comments/corrections/commendations to png-mng-implement at lists.sf.net (subscription required; visit @@ -50,6 +50,11 @@ png_create_read_struct_2,(png_const_charp user_png_ver, png_voidp error_ptr, { png_ptr->mode = PNG_IS_READ_STRUCT; + /* Turn this on for all transforms in an attempt to detect failure to call + * the image reading start stuff. + */ + png_ptr->flags |= PNG_FLAG_DETECT_UNINITIALIZED; + /* Added in libpng-1.6.0; this can be used to detect a read structure if * required (it will be zero in a write structure.) */ diff --git a/pngrtran.c b/pngrtran.c index 1cc61c618..b9a744314 100644 --- a/pngrtran.c +++ b/pngrtran.c @@ -826,7 +826,12 @@ png_set_expand(png_structrp png_ptr) return; png_ptr->transformations |= (PNG_EXPAND | PNG_EXPAND_tRNS); - png_ptr->flags &= ~PNG_FLAG_ROW_INIT; + if (png_ptr->flags & PNG_FLAG_ROW_INIT) + { + /* TODO: should probably be an error */ + png_warning(png_ptr, "png_set_expand called after row initialization"); + png_ptr->flags &= ~PNG_FLAG_ROW_INIT; + } } /* GRR 19990627: the following three functions currently are identical @@ -857,7 +862,13 @@ png_set_palette_to_rgb(png_structrp png_ptr) return; png_ptr->transformations |= (PNG_EXPAND | PNG_EXPAND_tRNS); - png_ptr->flags &= ~PNG_FLAG_ROW_INIT; + if (png_ptr->flags & PNG_FLAG_ROW_INIT) + { + /* TODO: should probably be an error */ + png_warning(png_ptr, + "png_set_palette_to_rgb called after row initialization"); + png_ptr->flags &= ~PNG_FLAG_ROW_INIT; + } } /* Expand grayscale images of less than 8-bit depth to 8 bits. */ @@ -870,7 +881,13 @@ png_set_expand_gray_1_2_4_to_8(png_structrp png_ptr) return; png_ptr->transformations |= PNG_EXPAND; - png_ptr->flags &= ~PNG_FLAG_ROW_INIT; + if (png_ptr->flags & PNG_FLAG_ROW_INIT) + { + /* TODO: should probably be an error */ + png_warning(png_ptr, + "png_set_expand_gray_1_2_4_to_8 called after row initialization"); + png_ptr->flags &= ~PNG_FLAG_ROW_INIT; + } } @@ -882,7 +899,13 @@ png_set_tRNS_to_alpha(png_structrp png_ptr) png_debug(1, "in png_set_tRNS_to_alpha"); png_ptr->transformations |= (PNG_EXPAND | PNG_EXPAND_tRNS); - png_ptr->flags &= ~PNG_FLAG_ROW_INIT; + if (png_ptr->flags & PNG_FLAG_ROW_INIT) + { + /* TODO: should probably be an error */ + png_warning(png_ptr, + "png_set_tRNS_to_alpha called after row initialization"); + png_ptr->flags &= ~PNG_FLAG_ROW_INIT; + } } #endif /* defined(PNG_READ_EXPAND_SUPPORTED) */ @@ -899,7 +922,13 @@ png_set_expand_16(png_structrp png_ptr) return; png_ptr->transformations |= (PNG_EXPAND_16 | PNG_EXPAND | PNG_EXPAND_tRNS); - png_ptr->flags &= ~PNG_FLAG_ROW_INIT; + if (png_ptr->flags & PNG_FLAG_ROW_INIT) + { + /* TODO: should probably be an error */ + png_warning(png_ptr, + "png_set_expand_16 called after row initialization"); + png_ptr->flags &= ~PNG_FLAG_ROW_INIT; + } /* New API, make sure apps call the correct initializers: */ png_ptr->flags |= PNG_FLAG_DETECT_UNINITIALIZED; @@ -917,7 +946,13 @@ png_set_gray_to_rgb(png_structrp png_ptr) /* Because rgb must be 8 bits or more: */ png_set_expand_gray_1_2_4_to_8(png_ptr); png_ptr->transformations |= PNG_GRAY_TO_RGB; - png_ptr->flags &= ~PNG_FLAG_ROW_INIT; + if (png_ptr->flags & PNG_FLAG_ROW_INIT) + { + /* TODO: should probably be an error */ + png_warning(png_ptr, + "png_set_gray_to_rgb called after row initialization"); + png_ptr->flags &= ~PNG_FLAG_ROW_INIT; + } } } #endif diff --git a/pngrutil.c b/pngrutil.c index 6d7eec45d..3a8924795 100644 --- a/pngrutil.c +++ b/pngrutil.c @@ -4105,6 +4105,17 @@ png_read_start_row(png_structrp png_ptr) png_debug(1, "in png_read_start_row"); + /* Because init_read_transformations, below, modifies values in png_struct + * it will not always work correctly if called twice. This error detects + * that condition but just warns, because it does tend to work most of the + * time. + */ + if (png_ptr->flags & PNG_FLAG_ROW_INIT) + { + png_warning(png_ptr, "unexpected duplicate call to png_read_start_row"); + png_ptr->zowner = 0; /* release previous claim */ + } + #ifdef PNG_READ_TRANSFORMS_SUPPORTED png_init_read_transformations(png_ptr); #endif |