diff options
| author | Glenn Randers-Pehrson <glennrp at users.sourceforge.net> | 2012-02-23 18:41:13 -0600 |
|---|---|---|
| committer | Glenn Randers-Pehrson <glennrp at users.sourceforge.net> | 2012-02-23 18:41:13 -0600 |
| commit | 10c0693210661c0dbc7817a0d40e14d5a6b0484f (patch) | |
| tree | a93ffacce70c01c220c190afe78a7f66a42075dc | |
| parent | 17ba5de88f557f03a90f313b444caf3403c848f6 (diff) | |
| download | libpng-10c0693210661c0dbc7817a0d40e14d5a6b0484f.tar.gz | |
[libpng16] Added PNG_SECURE feature to pnglibconf.dfa and new pngusr.dfa file
to reset the user limits to safe ones if PNG_SECURE is defined.
| -rw-r--r-- | ANNOUNCE | 6 | ||||
| -rw-r--r-- | CHANGES | 11 | ||||
| -rw-r--r-- | pngusr.dfa | 16 | ||||
| -rw-r--r-- | scripts/pnglibconf.dfa | 4 | ||||
| -rw-r--r-- | scripts/pnglibconf.h.prebuilt | 6 | ||||
| -rwxr-xr-x | scripts/pnglibconf.mak | 4 |
6 files changed, 34 insertions, 13 deletions
@@ -1,5 +1,5 @@ -Libpng 1.6.0beta13 - February 21, 2012 +Libpng 1.6.0beta13 - February 24, 2012 This is not intended to be a public release. It will be replaced within a few weeks by a public version or by another test version. @@ -219,11 +219,13 @@ Version 1.6.0beta12 [February 18, 2012] on iCCP chunk length. Also removed spurious casts that may hide problems on 16-bit systems. -Version 1.6.0beta13 [February 21, 2012] +Version 1.6.0beta13 [February 24, 2012] Eliminated redundant png_push_read_tEXt|zTXt|iTXt|unknown code from pngpread.c and use the sequential png_handle_tEXt, etc., in pngrutil.c; now that png_ptr->buffer is inaccessible to applications, the special handling is no longer useful. + Added PNG_SECURE feature to pnglibconf.dfa and new pngusr.dfa file + to reset the user limits to safe ones if PNG_SECURE is defined. Send comments/corrections/commendations to png-mng-implement at lists.sf.net (subscription required; visit @@ -3966,15 +3966,18 @@ Version 1.6.0beta12 [February 18, 2012] Do not increase num_palette on invalid_index. Relocated check for invalid palette index to pngrtran.c, after unpacking the sub-8-bit pixels. - Fixed CVE-2011-3026 buffer overrun bug. Deal more correctly with the test - on iCCP chunk length. Also removed spurious casts that may hide problems - on 16-bit systems. + Fixed CVE-2011-3026 buffer overrun bug. This bug was introduced when + iCCP chunk support was added at libpng-1.0.6. Deal more correctly with the + test on iCCP chunk length. Also removed spurious casts that may hide + problems on 16-bit systems. -Version 1.6.0beta13 [February 21, 2012] +Version 1.6.0beta13 [February 24, 2012] Eliminated redundant png_push_read_tEXt|zTXt|iTXt|unknown code from pngpread.c and use the sequential png_handle_tEXt, etc., in pngrutil.c; now that png_ptr->buffer is inaccessible to applications, the special handling is no longer useful. + Added PNG_SECURE feature to pnglibconf.dfa and new pngusr.dfa file + to reset the user limits to safe ones if PNG_SECURE is defined. Send comments/corrections/commendations to png-mng-implement at lists.sf.net (subscription required; visit diff --git a/pngusr.dfa b/pngusr.dfa new file mode 100644 index 000000000..f366cd6d6 --- /dev/null +++ b/pngusr.dfa @@ -0,0 +1,16 @@ +# pngusr.dfa +# +# Build time configuration of libpng +# +# Enter build configuration options in this file +# +# Security settings: by default these limits are unset, you can change them +# here by entering the appropriate values as #defines preceded by '@' (to cause +# them to be passed through to the build of pnglibconf.h) +@#ifdef PNG_SECURE +@ /* Relatively secure values */ +@# define PNG_USER_WIDTH_MAX 1000000 +@# define PNG_USER_HEIGHT_MAX 1000000 +@# define PNG_USER_CHUNK_CACHE_MAX 128 +@# define PNG_USER_CHUNK_MALLOC_MAX 8000000 +@#endif diff --git a/scripts/pnglibconf.dfa b/scripts/pnglibconf.dfa index 82cc9a726..9e4ea3eb6 100644 --- a/scripts/pnglibconf.dfa +++ b/scripts/pnglibconf.dfa @@ -276,8 +276,8 @@ option SET_USER_LIMITS enables SET_CHUNK_MALLOC_LIMIT # Added at libpng-1.0.16 and 1.2.6. To accept all valid PNGs no matter # how large, set these two limits to 0x7fffffff -setting USER_WIDTH_MAX default 1000000 -setting USER_HEIGHT_MAX default 1000000 +setting USER_WIDTH_MAX default 0x7fffffff +setting USER_HEIGHT_MAX default 0x7fffffff # Added at libpng-1.2.43. To accept all valid PNGs no matter # how large, set these two limits to 0. diff --git a/scripts/pnglibconf.h.prebuilt b/scripts/pnglibconf.h.prebuilt index 8708ddff9..a3e9cdd83 100644 --- a/scripts/pnglibconf.h.prebuilt +++ b/scripts/pnglibconf.h.prebuilt @@ -3,7 +3,7 @@ /* pnglibconf.h - library build configuration */ -/* Libpng 1.6.0beta13 - February 19, 2012 */ +/* Libpng 1.6.0beta13 - February 24, 2012 */ /* Copyright (c) 1998-2012 Glenn Randers-Pehrson */ @@ -33,8 +33,8 @@ #define PNG_sCAL_PRECISION 5 #define PNG_USER_CHUNK_CACHE_MAX 0 #define PNG_USER_CHUNK_MALLOC_MAX 0 -#define PNG_USER_HEIGHT_MAX 1000000 -#define PNG_USER_WIDTH_MAX 1000000 +#define PNG_USER_HEIGHT_MAX 0x7fffffff +#define PNG_USER_WIDTH_MAX 0x7fffffff #define PNG_WEIGHT_SHIFT 8 #define PNG_ZBUF_SIZE 8192 /* end of settings */ diff --git a/scripts/pnglibconf.mak b/scripts/pnglibconf.mak index d12c6ed7c..c799fb790 100755 --- a/scripts/pnglibconf.mak +++ b/scripts/pnglibconf.mak @@ -42,13 +42,13 @@ pnglibconf.h: pnglibconf.dfn $(COPY) dfn3.out $@ $(DELETE) dfn.c dfn1.out dfn2.out dfn3.out -pnglibconf.dfn: $(srcdir)/scripts/pnglibconf.dfa $(srcdir)/scripts/options.awk $(srcdir)/pngconf.h $(DFA_XTRA) +pnglibconf.dfn: $(srcdir)/scripts/pnglibconf.dfa $(srcdir)/scripts/options.awk $(srcdir)/pngconf.h $(srcdir)/pngusr.dfa $(DELETE) $@ dfn1.out dfn2.out $(ECHO) "Calling $(AWK) from scripts/pnglibconf.mak" >&2 $(ECHO) "If 'awk' crashes try a better awk (e.g. AWK='nawk')" >&2 $(AWK) -f $(srcdir)/scripts/options.awk out=dfn1.out version=search\ $(srcdir)/pngconf.h $(srcdir)/scripts/pnglibconf.dfa\ - $(DFA_XTRA) 1>&2 + $(srcdir)/pngusr.dfa $(DFA_XTRA) 1>&2 $(AWK) -f $(srcdir)/scripts/options.awk out=dfn2.out dfn1.out 1>&2 $(COPY) dfn2.out $@ $(DELETE) dfn1.out dfn2.out |