diff options
| author | Glenn Randers-Pehrson <glennrp at users.sourceforge.net> | 2017-08-24 14:44:52 -0500 |
|---|---|---|
| committer | Glenn Randers-Pehrson <glennrp at users.sourceforge.net> | 2017-08-24 16:39:24 -0500 |
| commit | f8110669f0c14c411214823743ecc655fd5262eb (patch) | |
| tree | f9036fdb9fd55c234c09b239f7dfebeeb15406d1 | |
| parent | fbff8986e7428dba3c77b3bf4866a7cb39ac475c (diff) | |
| download | libpng-f8110669f0c14c411214823743ecc655fd5262eb.tar.gz | |
[master] Imported from libpng-1.6.32.tar
75 files changed, 895 insertions, 249 deletions
@@ -1,4 +1,4 @@ -Libpng 1.6.31 - July 27, 2017 +Libpng 1.6.32 - August 24, 2017 This is a public release of libpng, intended for use in production codes. @@ -7,51 +7,79 @@ Files available for download: Source files with LF line endings (for Unix/Linux) and with a "configure" script - libpng-1.6.31.tar.xz (LZMA-compressed, recommended) - libpng-1.6.31.tar.gz + libpng-1.6.32.tar.xz (LZMA-compressed, recommended) + libpng-1.6.32.tar.gz Source files with CRLF line endings (for Windows), without the "configure" script - lpng1631.7z (LZMA-compressed, recommended) - lpng1631.zip + lpng1632.7z (LZMA-compressed, recommended) + lpng1632.zip Other information: - libpng-1.6.31-README.txt - libpng-1.6.31-LICENSE.txt - libpng-1.6.31-*.asc (armored detached GPG signatures) - -Changes since the last public release (1.6.30): - - Guard the definition of _POSIX_SOURCE in pngpriv.h (AIX already defines it; - bug report by Michael Felt). - Revised pngpriv.h to work around failure to compile arm/filter_neon.S - ("typedef" directive is unrecognized by the assembler). The problem - was introduced in libpng-1.6.30beta01. - Added "Requires: zlib" to libpng.pc.in (Pieter Neerincx). - Added special case for FreeBSD in arm/filter_neon.S (Maya Rashish). - Added instructions for disabling hardware optimizations in INSTALL. - Added "--enable-hardware-optimizations" configuration flag to enable - or disable all hardware optimizations with one flag. - Updated CMakeLists.txt to add INTEL_SSE and MIPS_MSA platforms. - Changed "int" to "png_size_t" in intel/filter_sse2.c to prevent - possible integer overflow (Bug report by John Bowler). - Quieted "declaration after statement" warnings in intel/filter_sse2.c. - Added scripts/makefile-linux-opt, which has hardware optimizations enabled. - Removed one of the GCC-7.1.0 'strict-overflow' warnings that result when - integers appear on both sides of a compare. Worked around the others by - forcing the strict-overflow setting in the relevant functions to a level - where they are not reported (John Bowler). - Changed "FALL THROUGH" comments to "FALLTHROUGH" because GCC doesn't like - the space. - Worked around some C-style casts from (void*) because g++ 5.4.0 objects - to them. - Increased the buffer size for 'sprint' to pass the gcc 7.1.0 'sprint - overflow' check that is on by default with -Wall -Wextra. - Added eXIf chunk support. - Added a minimal eXIf chunk (with Orientation and FocalLengthIn35mmFilm - tags) to pngtest.png. + libpng-1.6.32-README.txt + libpng-1.6.32-LICENSE.txt + libpng-1.6.32-*.asc (armored detached GPG signatures) + +Changes since the last public release (1.6.31): + Avoid possible NULL dereference in png_handle_eXIf when benign_errors + are allowed. Avoid leaking the input buffer "eXIf_buf". + Eliminated png_ptr->num_exif member from pngstruct.h and added num_exif + to arguments for png_get_eXIf() and png_set_eXIf(). + Added calls to png_handle_eXIf(() in pngread.c and png_write_eXIf() in + pngwrite.c, and made various other fixes to png_write_eXIf(). + Changed name of png_get_eXIF and png_set_eXIf() to png_get_eXIf_1() and + png_set_eXIf_1(), respectively, to avoid breaking API compatibility + with libpng-1.6.31. + Updated contrib/libtests/pngunknown.c with eXIf chunk. + Initialized btoa[] in pngstest.c + Stop memory leak when returning from png_handle_eXIf() with an error + (Bug report from the OSS-fuzz project). + Replaced local eXIf_buf with info_ptr-eXIf_buf in png_handle_eXIf(). + Update libpng.3 and libpng-manual.txt about eXIf functions. + Restored png_get_eXIf() and png_set_eXIf() to maintain API compatability. + Removed png_get_eXIf_1() and png_set_eXIf_1(). + Check length of all chunks except IDAT against user limit to fix an + OSS-fuzz issue. + Check length of IDAT against maximum possible IDAT size, accounting + for height, rowbytes, interlacing and zlib/deflate overhead. + Restored png_get_eXIf_1() and png_set_eXIf_1(), because strlen(eXIf_buf) + does not work (the eXIf chunk data can contain zeroes). + Require cmake-2.8.8 in CMakeLists.txt. Revised symlink creation, + no longer using deprecated cmake LOCATION feature (Clifford Yapp). + Fixed five-byte error in the calculation of IDAT maximum possible size. + Moved chunk-length check into a png_check_chunk_length() private + function (Suggested by Max Stepin). + Moved bad pngs from tests to contrib/libtests/crashers + Moved testing of bad pngs into a separate tests/pngtest-badpngs script + Added the --xfail (expected FAIL) option to pngtest.c. It writes XFAIL + in the output but PASS for the libpng test. + Require cmake-3.0.2 in CMakeLists.txt (Clifford Yapp). + Fix "const" declaration info_ptr argument to png_get_eXIf_1() and the + num_exif argument to png_get_eXIf_1() (Github Issue 171). + Added "eXIf" to "chunks_to_ignore[]" in png_set_keep_unknown_chunks(). + Added huge_IDAT.png and empty_ancillary_chunks.png to testpngs/crashers. + Make pngtest --strict, --relax, --xfail options imply -m (multiple). + Removed unused chunk_name parameter from png_check_chunk_length(). + Relocated setting free_me for eXIf data, to stop an OSS-fuzz leak. + Initialize profile_header[] in png_handle_iCCP() to fix OSS-fuzz issue. + Initialize png_ptr->row_buf[0] to 255 in png_read_row() to fix OSS-fuzz UMR. + Attempt to fix a UMR in png_set_text_2() to fix OSS-fuzz issue. + Increase minimum zlib stream from 9 to 14 in png_handle_iCCP(), to account + for the minimum 'deflate' stream, and relocate the test to a point + after the keyword has been read. + Check that the eXIf chunk has at least 2 bytes and begins with "II" or "MM". + Added a set of "huge_xxxx_chunk.png" files to contrib/testpngs/crashers, + one for each known chunk type, with length = 2GB-1. + Check for 0 return from png_get_rowbytes() and added some (size_t) typecasts + in contrib/pngminus/*.c to stop some Coverity issues (162705, 162706, + and 162707). + Renamed chunks in contrib/testpngs/crashers to avoid having files whose + names differ only in case; this causes problems with some platforms + (github issue #172). + Added contrib/oss-fuzz directory which contains files used by the oss-fuzz + project (https://github.com/google/oss-fuzz/tree/master/projects/libpng). Send comments/corrections/commendations to png-mng-implement at lists.sf.net (subscription required; visit @@ -5908,6 +5908,92 @@ Version 1.6.31rc02 [July 25, 2017] Version 1.6.31 [July 27, 2017] No changes. +Version 1.6.32beta01 [July 31, 2017] + Avoid possible NULL dereference in png_handle_eXIf when benign_errors + are allowed. Avoid leaking the input buffer "eXIf_buf". + Eliminated png_ptr->num_exif member from pngstruct.h and added num_exif + to arguments for png_get_eXIf() and png_set_eXIf(). + Added calls to png_handle_eXIf(() in pngread.c and png_write_eXIf() in + pngwrite.c, and made various other fixes to png_write_eXIf(). + Changed name of png_get_eXIF and png_set_eXIf() to png_get_eXIf_1() and + png_set_eXIf_1(), respectively, to avoid breaking API compatibility + with libpng-1.6.31. + +Version 1.6.32beta02 [August 1, 2017] + Updated contrib/libtests/pngunknown.c with eXIf chunk. + +Version 1.6.32beta03 [August 2, 2017] + Initialized btoa[] in pngstest.c + Stop memory leak when returning from png_handle_eXIf() with an error + (Bug report from the OSS-fuzz project). + +Version 1.6.32beta04 [August 2, 2017] + Replaced local eXIf_buf with info_ptr-eXIf_buf in png_handle_eXIf(). + Update libpng.3 and libpng-manual.txt about eXIf functions. + +Version 1.6.32beta05 [August 2, 2017] + Restored png_get_eXIf() and png_set_eXIf() to maintain API compatability. + +Version 1.6.32beta06 [August 2, 2017] + Removed png_get_eXIf_1() and png_set_eXIf_1(). + +Version 1.6.32beta07 [August 3, 2017] + Check length of all chunks except IDAT against user limit to fix an + OSS-fuzz issue. + +Version 1.6.32beta08 [August 3, 2017] + Check length of IDAT against maximum possible IDAT size, accounting + for height, rowbytes, interlacing and zlib/deflate overhead. + Restored png_get_eXIf_1() and png_set_eXIf_1(), because strlen(eXIf_buf) + does not work (the eXIf chunk data can contain zeroes). + +Version 1.6.32beta09 [August 3, 2017] + Require cmake-2.8.8 in CMakeLists.txt. Revised symlink creation, + no longer using deprecated cmake LOCATION feature (Clifford Yapp). + Fixed five-byte error in the calculation of IDAT maximum possible size. + +Version 1.6.32beta10 [August 5, 2017] + Moved chunk-length check into a png_check_chunk_length() private + function (Suggested by Max Stepin). + Moved bad pngs from tests to contrib/libtests/crashers + Moved testing of bad pngs into a separate tests/pngtest-badpngs script + Added the --xfail (expected FAIL) option to pngtest.c. It writes XFAIL + in the output but PASS for the libpng test. + Require cmake-3.0.2 in CMakeLists.txt (Clifford Yapp). + Fix "const" declaration info_ptr argument to png_get_eXIf_1() and the + num_exif argument to png_get_eXIf_1() (Github Issue 171). + +Version 1.6.32beta11 [August 7, 2017] + Added "eXIf" to "chunks_to_ignore[]" in png_set_keep_unknown_chunks(). + Added huge_IDAT.png and empty_ancillary_chunks.png to testpngs/crashers. + Make pngtest --strict, --relax, --xfail options imply -m (multiple). + Removed unused chunk_name parameter from png_check_chunk_length(). + Relocated setting free_me for eXIf data, to stop an OSS-fuzz leak. + Initialize profile_header[] in png_handle_iCCP() to fix OSS-fuzz issue. + Initialize png_ptr->row_buf[0] to 255 in png_read_row() to fix OSS-fuzz UMR. + Attempt to fix a UMR in png_set_text_2() to fix OSS-fuzz issue. + Increase minimum zlib stream from 9 to 14 in png_handle_iCCP(), to account + for the minimum 'deflate' stream, and relocate the test to a point + after the keyword has been read. + Check that the eXIf chunk has at least 2 bytes and begins with "II" or "MM". + +Version 1.6.32rc01 [August 18, 2017] + Added a set of "huge_xxxx_chunk.png" files to contrib/testpngs/crashers, + one for each known chunk type, with length = 2GB-1. + Check for 0 return from png_get_rowbytes() and added some (size_t) typecasts + in contrib/pngminus/*.c to stop some Coverity issues (162705, 162706, + and 162707). + Renamed chunks in contrib/testpngs/crashers to avoid having files whose + names differ only in case; this causes problems with some platforms + (github issue #172). + +Version 1.6.32rc02 [August 22, 2017] + Added contrib/oss-fuzz directory which contains files used by the oss-fuzz + project (https://github.com/google/oss-fuzz/tree/master/projects/libpng). + +Version 1.6.32 [August 24, 2017] + No changes. + Send comments/corrections/commendations to png-mng-implement at lists.sf.net (subscription required; visit https://lists.sourceforge.net/lists/listinfo/png-mng-implement diff --git a/CMakeLists.txt b/CMakeLists.txt index 0c72c36dd..7a51f0064 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -11,8 +11,8 @@ # For conditions of distribution and use, see the disclaimer # and license in png.h -cmake_minimum_required(VERSION 2.8.3) -cmake_policy(VERSION 2.8.3) +cmake_minimum_required(VERSION 3.0.2) +cmake_policy(VERSION 3.0.2) # Set MacOSX @rpath usage globally. if (POLICY CMP0020) @@ -36,7 +36,7 @@ enable_testing() set(PNGLIB_MAJOR 1) set(PNGLIB_MINOR 6) -set(PNGLIB_RELEASE 31) +set(PNGLIB_RELEASE 32) set(PNGLIB_NAME libpng${PNGLIB_MAJOR}${PNGLIB_MINOR}) set(PNGLIB_VERSION ${PNGLIB_MAJOR}.${PNGLIB_MINOR}.${PNGLIB_RELEASE}) @@ -755,31 +755,58 @@ if(PNG_SHARED) list(APPEND PNG_BIN_TARGETS png-fix-itxt) endif() -# Ensure the CMAKE_LIBRARY_OUTPUT_DIRECTORY is set -IF(NOT CMAKE_LIBRARY_OUTPUT_DIRECTORY) - SET(CMAKE_LIBRARY_OUTPUT_DIRECTORY "lib") -ENDIF(NOT CMAKE_LIBRARY_OUTPUT_DIRECTORY) - # Set a variable with CMake code which: # Creates a symlink from src to dest (if possible) or alternatively # copies if different. -macro(CREATE_SYMLINK SRC_FILE DEST_FILE) - FILE(REMOVE ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}/${DEST_FILE}) - if(CMAKE_HOST_WIN32 AND NOT CYGWIN AND NOT MSYS) - ADD_CUSTOM_COMMAND( - OUTPUT ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}/${DEST_FILE} ${CMAKE_CURRENT_BINARY_DIR}/${DEST_FILE} - COMMAND ${CMAKE_COMMAND} -E copy_if_different "${SRC_FILE}" ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}/${DEST_FILE} - COMMAND ${CMAKE_COMMAND} -E copy_if_different "${SRC_FILE}" ${CMAKE_CURRENT_BINARY_DIR}/${DEST_FILE} - DEPENDS ${PNG_LIB_TARGETS} - ) - ADD_CUSTOM_TARGET(${DEST_FILE}_COPY ALL DEPENDS ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}/${DEST_FILE}) - else(CMAKE_HOST_WIN32 AND NOT CYGWIN AND NOT MSYS) - get_filename_component(LINK_TARGET "${SRC_FILE}" NAME) - execute_process(COMMAND ${CMAKE_COMMAND} -E make_directory ${CMAKE_CURRENT_BINARY_DIR}/${CMAKE_LIBRARY_OUTPUT_DIRECTORY}) - execute_process(COMMAND ${CMAKE_COMMAND} -E create_symlink "${LINK_TARGET}" ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}/${DEST_FILE} WORKING_DIRECTORY ${CMAKE_CURRENT_BINARY_DIR}) - execute_process(COMMAND ${CMAKE_COMMAND} -E create_symlink "${LINK_TARGET}" ${DEST_FILE} WORKING_DIRECTORY ${CMAKE_CURRENT_BINARY_DIR}) - endif(CMAKE_HOST_WIN32 AND NOT CYGWIN AND NOT MSYS) -endmacro() +include(CMakeParseArguments) + +function(CREATE_SYMLINK DEST_FILE) + + cmake_parse_arguments(S "" "FILE;TARGET" "" ${ARGN}) + + if(NOT S_TARGET AND NOT S_FILE) + message(FATAL_ERROR "Specify either a TARGET or a FILE for CREATE_SYMLINK to link to.") + endif(NOT S_TARGET AND NOT S_FILE) + + if(S_TARGET AND S_FILE) + message(FATAL_ERROR "CREATE_SYMLINK called with both source file ${S_FILE} and build target ${S_TARGET} arguments - can only handle 1 type per call.") + endif(S_TARGET AND S_FILE) + + if(S_FILE) + # If we don't need to symlink something that's coming from a build target, + # we can go ahead and symlink/copy at configure time. + + if(CMAKE_HOST_WIN32 AND NOT CYGWIN AND NOT MSYS) + execute_process( + COMMAND "${CMAKE_COMMAND}" -E copy_if_different ${S_FILE} ${DEST_FILE} + WORKING_DIRECTORY "${CMAKE_CURRENT_BINARY_DIR}" + ) + else(CMAKE_HOST_WIN32 AND NOT CYGWIN AND NOT MSYS) + execute_process( + COMMAND ${CMAKE_COMMAND} -E create_symlink ${S_FILE} ${DEST_FILE} + WORKING_DIRECTORY "${CMAKE_CURRENT_BINARY_DIR}" + ) + endif(CMAKE_HOST_WIN32 AND NOT CYGWIN AND NOT MSYS) + endif(S_FILE) + + if(S_TARGET) + # We need to use generator expressions, which can be a bit tricky, so for + # simplicity make the symlink a POST_BUILD step and use the TARGET + # signature of add_custom_command. + + if(CMAKE_HOST_WIN32 AND NOT CYGWIN AND NOT MSYS) + add_custom_command(TARGET ${S_TARGET} POST_BUILD + COMMAND "${CMAKE_COMMAND}" -E copy_if_different $<TARGET_LINKER_FILE_NAME:${S_TARGET}> $<TARGET_LINKER_FILE_DIR:${S_TARGET}>/${DEST_FILE} + ) + else(CMAKE_HOST_WIN32 AND NOT CYGWIN AND NOT MSYS) + add_custom_command(TARGET ${S_TARGET} POST_BUILD + COMMAND "${CMAKE_COMMAND}" -E create_symlink $<TARGET_LINKER_FILE_NAME:${S_TARGET}> $<TARGET_LINKER_FILE_DIR:${S_TARGET}>/${DEST_FILE} + ) + endif(CMAKE_HOST_WIN32 AND NOT CYGWIN AND NOT MSYS) + + endif(S_TARGET) + +endfunction() # Create source generation scripts. configure_file(${CMAKE_CURRENT_SOURCE_DIR}/scripts/genchk.cmake.in @@ -807,17 +834,17 @@ if(NOT WIN32 OR CYGWIN OR MINGW) set(LIBS "-lz -lm") configure_file(${CMAKE_CURRENT_SOURCE_DIR}/libpng.pc.in ${CMAKE_CURRENT_BINARY_DIR}/${PNGLIB_NAME}.pc @ONLY) - CREATE_SYMLINK(${PNGLIB_NAME}.pc libpng.pc) + CREATE_SYMLINK(libpng.pc FILE ${PNGLIB_NAME}.pc) configure_file(${CMAKE_CURRENT_SOURCE_DIR}/libpng-config.in ${CMAKE_CURRENT_BINARY_DIR}/${PNGLIB_NAME}-config @ONLY) - CREATE_SYMLINK(${PNGLIB_NAME}-config libpng-config) + CREATE_SYMLINK(libpng-config FILE ${PNGLIB_NAME}-config) endif(NOT WIN32 OR CYGWIN OR MINGW) # SET UP LINKS if(PNG_SHARED) set_target_properties(png PROPERTIES -# VERSION 16.${PNGLIB_RELEASE}.1.6.31 +# VERSION 16.${PNGLIB_RELEASE}.1.6.32 VERSION 16.${PNGLIB_RELEASE}.0 SOVERSION 16 CLEAN_DIRECT_OUTPUT 1) @@ -844,26 +871,20 @@ if(NOT SKIP_INSTALL_LIBRARIES AND NOT SKIP_INSTALL_ALL ) if(PNG_SHARED) # Create a symlink for libpng.dll.a => libpng16.dll.a on Cygwin if(CYGWIN OR MINGW) - get_target_property(BUILD_TARGET_LOCATION png LOCATION_${CMAKE_BUILD_TYPE}) - CREATE_SYMLINK(${BUILD_TARGET_LOCATION} libpng${CMAKE_IMPORT_LIBRARY_SUFFIX}) - install(FILES ${CMAKE_CURRENT_BINARY_DIR}/libpng${CMAKE_IMPORT_LIBRARY_SUFFIX} - DESTINATION ${CMAKE_INSTALL_LIBDIR}) + CREATE_SYMLINK(libpng${CMAKE_IMPORT_LIBRARY_SUFFIX} TARGET png) + install(FILES $<TARGET_LINKER_FILE_DIR:png>/libpng${CMAKE_IMPORT_LIBRARY_SUFFIX} DESTINATION ${CMAKE_INSTALL_LIBDIR}) endif(CYGWIN OR MINGW) if(NOT WIN32) - get_target_property(BUILD_TARGET_LOCATION png LOCATION_${CMAKE_BUILD_TYPE}) - CREATE_SYMLINK(${BUILD_TARGET_LOCATION} libpng${CMAKE_SHARED_LIBRARY_SUFFIX}) - install(FILES ${CMAKE_CURRENT_BINARY_DIR}/libpng${CMAKE_SHARED_LIBRARY_SUFFIX} - DESTINATION ${CMAKE_INSTALL_LIBDIR}) + CREATE_SYMLINK(libpng${CMAKE_SHARED_LIBRARY_SUFFIX} TARGET png) + install(FILES $<TARGET_LINKER_FILE_DIR:png>/libpng${CMAKE_SHARED_LIBRARY_SUFFIX} DESTINATION ${CMAKE_INSTALL_LIBDIR}) endif(NOT WIN32) endif(PNG_SHARED) if(PNG_STATIC) if(NOT WIN32 OR CYGWIN OR MINGW) - get_target_property(BUILD_TARGET_LOCATION png_static LOCATION_${CMAKE_BUILD_TYPE}) - CREATE_SYMLINK(${BUILD_TARGET_LOCATION} libpng${CMAKE_STATIC_LIBRARY_SUFFIX}) - install(FILES ${CMAKE_CURRENT_BINARY_DIR}/libpng${CMAKE_STATIC_LIBRARY_SUFFIX} - DESTINATION ${CMAKE_INSTALL_LIBDIR}) + CREATE_SYMLINK( libpng${CMAKE_STATIC_LIBRARY_SUFFIX} TARGET png_static) + install(FILES $<TARGET_LINKER_FILE_DIR:png_static>/libpng${CMAKE_STATIC_LIBRARY_SUFFIX} DESTINATION ${CMAKE_INSTALL_LIBDIR}) endif(NOT WIN32 OR CYGWIN OR MINGW) endif() endif() @@ -10,7 +10,7 @@ this sentence. This code is released under the libpng license. -libpng versions 1.0.7, July 1, 2000 through 1.6.31, July 27, 2017 are +libpng versions 1.0.7, July 1, 2000 through 1.6.32, August 24, 2017 are Copyright (c) 2000-2002, 2004, 2006-2017 Glenn Randers-Pehrson, are derived from libpng-1.0.6, and are distributed according to the same disclaimer and license as libpng-1.0.6 with the following individuals diff --git a/Makefile.am b/Makefile.am index 18ac74866..08db3e599 100644 --- a/Makefile.am +++ b/Makefile.am @@ -60,6 +60,7 @@ pngcp_LDADD = libpng@PNGLIB_MAJOR@@PNGLIB_MINOR@.la # set of parameters: TESTS =\ tests/pngtest\ + tests/pngtest-badpngs\ tests/pngvalid-gamma-16-to-8 tests/pngvalid-gamma-alpha-mode\ tests/pngvalid-gamma-background tests/pngvalid-gamma-expand16-alpha-mode\ tests/pngvalid-gamma-expand16-background\ @@ -1,4 +1,4 @@ -README for libpng version 1.6.31 - July 27, 2017 (shared library 16.0) +README for libpng version 1.6.32 - August 24, 2017 (shared library 16.0) See the note about version numbers near the top of png.h See INSTALL for instructions on how to install libpng. diff --git a/configure.ac b/configure.ac index b1fd1585d..4f0eed439 100644 --- a/configure.ac +++ b/configure.ac @@ -25,7 +25,7 @@ AC_PREREQ([2.68]) dnl Version number stuff here: -AC_INIT([libpng],[1.6.31],[png-mng-implement@lists.sourceforge.net]) +AC_INIT([libpng],[1.6.32],[png-mng-implement@lists.sourceforge.net]) AC_CONFIG_MACRO_DIR([scripts]) # libpng does not follow GNU file name conventions (hence 'foreign') @@ -46,10 +46,10 @@ dnl automake, so the following is not necessary (and is not defined anyway): dnl AM_PREREQ([1.11.2]) dnl stop configure from automagically running automake -PNGLIB_VERSION=1.6.31 +PNGLIB_VERSION=1.6.32 PNGLIB_MAJOR=1 PNGLIB_MINOR=6 -PNGLIB_RELEASE=31 +PNGLIB_RELEASE=32 dnl End of version number stuff diff --git a/contrib/libtests/pngstest.c b/contrib/libtests/pngstest.c index 0617dbb04..ab4508930 100644 --- a/contrib/libtests/pngstest.c +++ b/contrib/libtests/pngstest.c @@ -2610,9 +2610,9 @@ compare_two_images(Image *a, Image *b, int via_linear, const unsigned int b_sample = PNG_IMAGE_SAMPLE_SIZE(formatb); int alpha_added, alpha_removed; int bchannels; - int btoa[4]; png_uint_32 y; Transform tr; + int btoa[4]={0,0,0,0}; /* This should never happen: */ if (width != b->image.width || height != b->image.height) diff --git a/contrib/libtests/pngunknown.c b/contrib/libtests/pngunknown.c index 7bb33f829..12eab7258 100644 --- a/contrib/libtests/pngunknown.c +++ b/contrib/libtests/pngunknown.c @@ -1,7 +1,7 @@ /* pngunknown.c - test the read side unknown chunk handling * - * Last changed in libpng 1.6.31 [July 27, 2017] + * Last changed in libpng 1.6.32 [August 24, 2017] * Copyright (c) 2015,2017 Glenn Randers-Pehrson * Written by John Cunningham Bowler * @@ -114,6 +114,7 @@ typedef png_byte *png_const_bytep; #define png_PLTE PNG_U32( 80, 76, 84, 69) #define png_bKGD PNG_U32( 98, 75, 71, 68) #define png_cHRM PNG_U32( 99, 72, 82, 77) +#define png_eXIf PNG_U32(101, 88, 73, 102) /* registered July 2017 */ #define png_fRAc PNG_U32(102, 82, 65, 99) /* registered, not defined */ #define png_gAMA PNG_U32(103, 65, 77, 65) #define png_gIFg PNG_U32(103, 73, 70, 103) @@ -210,6 +211,13 @@ static struct 1, # endif 1, START, 0 }, + { "eXIf", PNG_INFO_eXIf, png_eXIf, +# ifdef PNG_READ_eXIf_SUPPORTED + 0, +# else + 1, +# endif + 1, END, 0 }, { "gAMA", PNG_INFO_gAMA, png_gAMA, # ifdef PNG_READ_gAMA_SUPPORTED 0, @@ -1090,7 +1098,7 @@ static const char *standard_tests[] = "sTER", "sTER=if-safe", 0, "IDAT", "default=discard", "IDAT=save", 0, "sAPI", "bKGD=save", "cHRM=save", "gAMA=save", "all=discard", "iCCP=save", - "sBIT=save", "sRGB=save", 0, + "sBIT=save", "sRGB=save", "eXIf=save", 0, 0/*end*/ }; diff --git a/contrib/oss-fuzz/README.txt b/contrib/oss-fuzz/README.txt new file mode 100644 index 000000000..a75cba487 --- /dev/null +++ b/contrib/oss-fuzz/README.txt @@ -0,0 +1,32 @@ +Last changed in libpng 1.6.32 [August 24, 2017] +Copyright (c) 2017 Glenn Randers-Pehrson + +This code is released under the libpng license. +For conditions of distribution and use, see the disclaimer +and license in png.h + +Files in this directory are used by the oss-fuzz project +(https://github.com/google/oss-fuzz/tree/master/projects/libpng). +for "fuzzing" libpng. + +They were licensed by Google Inc, using the BSD-like Chromium license, +which may be found at https://cs.chromium.org/chromium/src/LICENSE, or, if +noted in the source, under the Apache-2.0 license, which may +be found at http://www.apache.org/licenses/LICENSE-2.0 . +If they have been modified, the derivatives are copyright Glenn Randers-Pehson +and are released under the same licenses as the originals. Several of +the original files (libpng_read_fuzzer.options, png.dict, project.yaml) +had no licensing information; we assumed that these were under the Chromium +license. Any new files are released under the libpng license (see png.h). + +The files are + Original + Filename or derived Copyright License + ========================= ========== ================ ========== + build.sh derived 2017, Glenn R-P Apache 2.0 + libpng_read_fuzzer.cc derived 2017, Glenn R-P Chromium + libpng_read_fuzzer.options original 2015, Chrome Devs Chromium + png.dict original 2015, Chrome Devs Chromium + README.txt (this file) original 2017, GLenn R-P libpng + +To do: exercise the progressive reader. diff --git a/contrib/oss-fuzz/build.sh b/contrib/oss-fuzz/build.sh new file mode 100755 index 000000000..cf5a9dad5 --- /dev/null +++ b/contrib/oss-fuzz/build.sh @@ -0,0 +1,47 @@ +#!/bin/bash -eu +# Copyright 2017 Glenn Randers-Pehrson +# Copyright 2016 Google Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Last changed in libpng 1.6.32 [August 24, 2017] +# +# Revisions by Glenn Randers-Pehson, 2017: +# 1. Build only the library, not the tools (changed "make -j$(nproc) all" to +# "make -j$(nproc) libpng16.la"). +# 2. Disabled WARNING and WRITE options in pnglibconf.dfa. +################################################################################ + +# Disable logging via library build configuration control. +cat scripts/pnglibconf.dfa | \ + sed -e "s/option STDIO/option STDIO disabled/" \ + -e "s/option WARNING /option WARNING disabled/" \ + -e "s/option WRITE enables WRITE_INT_FUNCTIONS/option WRITE disabled/" \ +> scripts/pnglibconf.dfa.temp +mv scripts/pnglibconf.dfa.temp scripts/pnglibconf.dfa + +# build the library. +autoreconf -f -i +./configure +make -j$(nproc) clean +make -j$(nproc) libpng16.la + +# build libpng_read_fuzzer. +$CXX $CXXFLAGS -std=c++11 -I. \ + $SRC/libpng_read_fuzzer.cc -o $OUT/libpng_read_fuzzer \ + -lFuzzingEngine .libs/libpng16.a -lz + +# add seed corpus. +find $SRC/libpng/contrib/pngsuite -name "*.png" | xargs zip $OUT/libpng_read_fuzzer_seed_corpus.zip + +cp $SRC/*.dict $SRC/*.options $OUT/ diff --git a/contrib/oss-fuzz/libpng_read_fuzzer.cc b/contrib/oss-fuzz/libpng_read_fuzzer.cc new file mode 100644 index 000000000..c1b16249d --- /dev/null +++ b/contrib/oss-fuzz/libpng_read_fuzzer.cc @@ -0,0 +1,154 @@ + +// libpng_read_fuzzer.cc +// Copyright 2017 Glenn Randers-Pehrson +// Copyright 2015 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that may +// be found in the LICENSE file https://cs.chromium.org/chromium/src/LICENSE + +// Last changed in libpng 1.6.32 [August 24, 2017] + +// The modifications in 2017 by Glenn Randers-Pehrson include +// 1. addition of a PNG_CLEANUP macro, +// 2. setting the option to ignore ADLER32 checksums, +// 3. adding "#include <string.h>" which is needed on some platforms +// to provide memcpy(). + +#include <stddef.h> +#include <stdint.h> +#include <string.h> + +#include <vector> + +#define PNG_INTERNAL +#include "png.h" + +#define PNG_CLEANUP \ + if(png_handler.png_ptr) \ + { \ + if (png_handler.info_ptr) \ + png_destroy_read_struct(&png_handler.png_ptr, &png_handler.info_ptr,\ + nullptr); \ + else \ + png_destroy_read_struct(&png_handler.png_ptr, nullptr, nullptr); \ + } + +struct BufState { + const uint8_t* data; + size_t bytes_left; +}; + +struct PngObjectHandler { + png_infop info_ptr = nullptr; + png_structp png_ptr = nullptr; + png_voidp row_ptr = nullptr; + BufState* buf_state = nullptr; + + ~PngObjectHandler() { + if (row_ptr && png_ptr) { + png_free(png_ptr, row_ptr); + } + if (png_ptr && info_ptr) { + png_destroy_read_struct(&png_ptr, &info_ptr, nullptr); + } + delete buf_state; + } +}; + +void user_read_data(png_structp png_ptr, png_bytep data, png_size_t length) { + BufState* buf_state = static_cast<BufState*>(png_get_io_ptr(png_ptr)); + if (length > buf_state->bytes_left) { + png_error(png_ptr, "read error"); + } + memcpy(data, buf_state->data, length); + buf_state->bytes_left -= length; + buf_state->data += length; +} + +static const int kPngHeaderSize = 8; + +// Entry point for LibFuzzer. +// Roughly follows the libpng book example: +// http://www.libpng.org/pub/png/book/chapter13.html +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { + if (size < kPngHeaderSize) { + return 0; + } + + std::vector<unsigned char> v(data, data + size); + if (png_sig_cmp(v.data(), 0, kPngHeaderSize)) { + // not a PNG. + return 0; + } + + PngObjectHandler png_handler; + png_handler.png_ptr = png_create_read_struct + (PNG_LIBPNG_VER_STRING, nullptr, nullptr, nullptr); + if (!png_handler.png_ptr) { + return 0; + } + + png_handler.info_ptr = png_create_info_struct(png_handler.png_ptr); + if (!png_handler.info_ptr) { + PNG_CLEANUP + return 0; + } + + png_set_crc_action(png_handler.png_ptr, PNG_CRC_QUIET_USE, PNG_CRC_QUIET_USE); +#ifdef PNG_IGNORE_ADLER32 + png_set_option(png_handler.png_ptr, PNG_IGNORE_ADLER32, PNG_OPTION_ON); +#endif + + // Setting up reading from buffer. + png_handler.buf_state = new BufState(); + png_handler.buf_state->data = data + kPngHeaderSize; + png_handler.buf_state->bytes_left = size - kPngHeaderSize; + png_set_read_fn(png_handler.png_ptr, png_handler.buf_state, user_read_data); + png_set_sig_bytes(png_handler.png_ptr, kPngHeaderSize); + + if (setjmp(png_jmpbuf(png_handler.png_ptr))) { + PNG_CLEANUP + return 0; + } + + // Reading. + png_read_info(png_handler.png_ptr, png_handler.info_ptr); + png_handler.row_ptr = png_malloc( + png_handler.png_ptr, png_get_rowbytes(png_handler.png_ptr, + png_handler.info_ptr)); + + // reset error handler to put png_deleter into scope. + if (setjmp(png_jmpbuf(png_handler.png_ptr))) { + PNG_CLEANUP + return 0; + } + + png_uint_32 width, height; + int bit_depth, color_type, interlace_type, compression_type; + int filter_type; + + if (!png_get_IHDR(png_handler.png_ptr, png_handler.info_ptr, &width, + &height, &bit_depth, &color_type, &interlace_type, + &compression_type, &filter_type)) { + PNG_CLEANUP + return 0; + } + + // This is going to be too slow. + if (width && height > 100000000 / width) { + PNG_CLEANUP + return 0; + } + + int passes = png_set_interlace_handling(png_handler.png_ptr); + png_start_read_image(png_handler.png_ptr); + + for (int pass = 0; pass < passes; ++pass) { + for (png_uint_32 y = 0; y < height; ++y) { + png_read_row(png_handler.png_ptr, + static_cast<png_bytep>(png_handler.row_ptr), nullptr); + } + } + + PNG_CLEANUP + return 0; +} diff --git a/contrib/oss-fuzz/libpng_read_fuzzer.options b/contrib/oss-fuzz/libpng_read_fuzzer.options new file mode 100644 index 000000000..2005291a0 --- /dev/null +++ b/contrib/oss-fuzz/libpng_read_fuzzer.options @@ -0,0 +1,2 @@ +[libfuzzer] +dict = png.dict diff --git a/contrib/oss-fuzz/png.dict b/contrib/oss-fuzz/png.dict new file mode 100644 index 000000000..3a8a11383 --- /dev/null +++ b/contrib/oss-fuzz/png.dict @@ -0,0 +1,39 @@ +# +# AFL dictionary for PNG images +# ----------------------------- +# +# Just the basic, standard-originating sections; does not include vendor +# extensions. +# +# Created by Michal Zalewski <lcamtuf@google.com> +# + +header_png="\x89PNG\x0d\x0a\x1a\x0a" + +section_IDAT="IDAT" +section_IEND="IEND" +section_IHDR="IHDR" +section_PLTE="PLTE" +section_bKGD="bKGD" +section_cHRM="cHRM" +section_eXIf="eXIf" +section_fRAc="fRAc" +section_gAMA="gAMA" +section_gIFg="gIFg" +section_gIFt="gIFt" +section_gIFx="gIFx" +section_hIST="hIST" +section_iCCP="iCCP" +section_iTXt="iTXt" +section_oFFs="oFFs" +section_pCAL="pCAL" +section_pHYs="pHYs" +section_sBIT="sBIT" +section_sCAL="sCAL" +section_sPLT="sPLT" +section_sRGB="sRGB" +section_sTER="sTER" +section_tEXt="tEXt" +section_tIME="tIME" +section_tRNS="tRNS" +section_zTXt="zTXt" diff --git a/contrib/pngminus/png2pnm.c b/contrib/pngminus/png2pnm.c index c9f16237d..39a9f4673 100644 --- a/contrib/pngminus/png2pnm.c +++ b/contrib/pngminus/png2pnm.c @@ -1,9 +1,11 @@ /* * png2pnm.c --- conversion from PNG-file to PGM/PPM-file - * copyright (C) 1999 by Willem van Schaik <willem at schaik.com> + * copyright (C) 1999,2017 by Willem van Schaik <willem at schaik.com> * * version 1.0 - 1999.10.15 - First version. * 1.1 - 2017.04.22 - Add buffer-size check (Glenn Randers-Pehrson) + * 1.2 - 2017.08.24 - Fix potential overflow in buffer-size check + (Glenn Randers-Pehrson) * * Permission to use, copy, modify, and distribute this software and * its documentation for any purpose and without fee is hereby granted, @@ -321,18 +323,21 @@ BOOL png2pnm (FILE *png_file, FILE *pnm_file, FILE *alpha_file, /* row_bytes is the width x number of channels x (bit-depth / 8) */ row_bytes = png_get_rowbytes (png_ptr, info_ptr); - if (height > ((size_t)(-1))/row_bytes) /* too big */ { + if ((row_bytes == 0 || (size_t)height > ((size_t)(-1))/(size_t)row_bytes)) + { + /* too big */ png_destroy_read_struct (&png_ptr, &info_ptr, NULL); return FALSE; } if ((png_pixels = (png_byte *) - malloc (row_bytes * height * sizeof (png_byte))) == NULL) { + malloc ((size_t)row_bytes * (size_t)height * sizeof (png_byte))) == NULL) + { png_destroy_read_struct (&png_ptr, &info_ptr, NULL); return FALSE; } if ((row_pointers = (png_byte **) - malloc (height * sizeof (png_bytep))) == NULL) + malloc ((size_t)height * sizeof (png_bytep))) == NULL) { png_destroy_read_struct (&png_ptr, &info_ptr, NULL); free (png_pixels); @@ -413,7 +418,8 @@ BOOL png2pnm (FILE *png_file, FILE *pnm_file, FILE *alpha_file, if (raw) fputc ((int) *pix_ptr++ , alpha_file); else - if (bit_depth == 16){ + if (bit_depth == 16) + { dep_16 = (long) *pix_ptr++; fprintf (alpha_file, "%ld ", (dep_16 << 8) + (long) *pix_ptr++); } @@ -437,6 +443,7 @@ BOOL png2pnm (FILE *png_file, FILE *pnm_file, FILE *alpha_file, if (png_pixels != (unsigned char*) NULL) free (png_pixels); + PNG_UNUSED(raw) /* to quiet a Coverity defect */ return TRUE; } /* end of source */ diff --git a/contrib/pngminus/pnm2png.c b/contrib/pngminus/pnm2png.c index adc32069d..1b550b8cf 100644 --- a/contrib/pngminus/pnm2png.c +++ b/contrib/pngminus/pnm2png.c @@ -1,10 +1,12 @@ /* * pnm2png.c --- conversion from PBM/PGM/PPM-file to PNG-file - * copyright (C) 1999 by Willem van Schaik <willem at schaik.com> + * copyright (C) 1999,2015,2017 by Willem van Schaik <willem at schaik.com> * * version 1.0 - 1999.10.15 - First version. * version 1.1 - 2015.07.29 - Fixed leaks (Glenn Randers-Pehrson) * version 1.2 - 2017.04.22 - Add buffer-size check + * 1.3 - 2017.08.24 - Fix potential overflow in buffer-size check + * (Glenn Randers-Pehrson) * * Permission to use, copy, modify, and distribute this software and * its documentation for any purpose and without fee is hereby granted, @@ -371,10 +373,12 @@ BOOL pnm2png (FILE *pnm_file, FILE *png_file, FILE *alpha_file, BOOL interlace, row_bytes = (width * channels * bit_depth + 7) / 8; else #endif - /* row_bytes is the width x number of channels x (bit-depth / 8) */ + /* row_bytes is the width x number of channels x (bit-depth / 8) */ row_bytes = width * channels * ((bit_depth <= 8) ? 1 : 2); - if (height > ((size_t)(-1))/row_bytes) /* too big */ { + if ((row_bytes == 0 || (size_t)height > ((size_t)(-1))/(size_t)row_bytes) + { + /* too big */ return FALSE; } if ((png_pixels = (png_byte *) @@ -387,7 +391,8 @@ BOOL pnm2png (FILE *pnm_file, FILE *png_file, FILE *alpha_file, BOOL interlace, for (row = 0; row < (int) height; row++) { #if defined(PNG_WRITE_INVERT_SUPPORTED) || defined(PNG_WRITE_PACK_SUPPORTED) - if (packed_bitmap) { + if (packed_bitmap) + { for (i = 0; i < (int) row_bytes; i++) /* png supports this format natively so no conversion is needed */ *pix_ptr++ = get_data (pnm_file, 8); @@ -508,6 +513,8 @@ BOOL pnm2png (FILE *pnm_file, FILE *png_file, FILE *alpha_file, BOOL interlace, if (png_pixels != (unsigned char*) NULL) free (png_pixels); + PNG_UNUSED(raw) /* Quiet a Coverity defect */ + return TRUE; } /* end of pnm2png */ @@ -524,7 +531,8 @@ void get_token(FILE *pnm_file, char *token) do { ret = fgetc(pnm_file); - if (ret == '#') { + if (ret == '#') + { /* the rest of this line is a comment */ do { diff --git a/contrib/testpngs/crashers/bad_iCCP.png b/contrib/testpngs/crashers/bad_iCCP.png Binary files differnew file mode 100644 index 000000000..0b7b86379 --- /dev/null +++ b/contrib/testpngs/crashers/bad_iCCP.png diff --git a/tests/badadler.png b/contrib/testpngs/crashers/badadler.png Binary files differindex 2bcbcc926..2bcbcc926 100644 --- a/tests/badadler.png +++ b/contrib/testpngs/crashers/badadler.png diff --git a/tests/badcrc.png b/contrib/testpngs/crashers/badcrc.png Binary files differindex 45d026804..45d026804 100644 --- a/tests/badcrc.png +++ b/contrib/testpngs/crashers/badcrc.png diff --git a/contrib/testpngs/crashers/empty_ancillary_chunks.png b/contrib/testpngs/crashers/empty_ancillary_chunks.png Binary files differnew file mode 100644 index 000000000..d76477c6a --- /dev/null +++ b/contrib/testpngs/crashers/empty_ancillary_chunks.png diff --git a/contrib/testpngs/crashers/huge_IDAT.png b/contrib/testpngs/crashers/huge_IDAT.png Binary files differnew file mode 100644 index 000000000..efee66cf3 --- /dev/null +++ b/contrib/testpngs/crashers/huge_IDAT.png diff --git a/contrib/testpngs/crashers/huge_bKGD_chunk.png b/contrib/testpngs/crashers/huge_bKGD_chunk.png Binary files differnew file mode 100644 index 000000000..fd571fd2c --- /dev/null +++ b/contrib/testpngs/crashers/huge_bKGD_chunk.png diff --git a/contrib/testpngs/crashers/huge_cHRM_chunk.png b/contrib/testpngs/crashers/huge_cHRM_chunk.png Binary files differnew file mode 100644 index 000000000..698e7c46d --- /dev/null +++ b/contrib/testpngs/crashers/huge_cHRM_chunk.png diff --git a/contrib/testpngs/crashers/huge_eXIf_chunk.png b/contrib/testpngs/crashers/huge_eXIf_chunk.png Binary files differnew file mode 100644 index 000000000..7d4160196 --- /dev/null +++ b/contrib/testpngs/crashers/huge_eXIf_chunk.png diff --git a/contrib/testpngs/crashers/huge_gAMA_chunk.png b/contrib/testpngs/crashers/huge_gAMA_chunk.png Binary files differnew file mode 100644 index 000000000..b089c1859 --- /dev/null +++ b/contrib/testpngs/crashers/huge_gAMA_chunk.png diff --git a/contrib/testpngs/crashers/huge_hIST_chunk.png b/contrib/testpngs/crashers/huge_hIST_chunk.png Binary files differnew file mode 100644 index 000000000..6d6fcb533 --- /dev/null +++ b/contrib/testpngs/crashers/huge_hIST_chunk.png diff --git a/contrib/testpngs/crashers/huge_iCCP_chunk.png b/contrib/testpngs/crashers/huge_iCCP_chunk.png Binary files differnew file mode 100644 index 000000000..fbcb76153 --- /dev/null +++ b/contrib/testpngs/crashers/huge_iCCP_chunk.png diff --git a/contrib/testpngs/crashers/huge_iTXt_chunk.png b/contrib/testpngs/crashers/huge_iTXt_chunk.png Binary files differnew file mode 100644 index 000000000..098262017 --- /dev/null +++ b/contrib/testpngs/crashers/huge_iTXt_chunk.png diff --git a/contrib/testpngs/crashers/huge_juNK_unsafe_to_copy.png b/contrib/testpngs/crashers/huge_juNK_unsafe_to_copy.png Binary files differnew file mode 100644 index 000000000..0cb106f4a --- /dev/null +++ b/contrib/testpngs/crashers/huge_juNK_unsafe_to_copy.png diff --git a/contrib/testpngs/crashers/huge_juNk_safe_to_copy.png b/contrib/testpngs/crashers/huge_juNk_safe_to_copy.png Binary files differnew file mode 100644 index 000000000..85252b7dc --- /dev/null +++ b/contrib/testpngs/crashers/huge_juNk_safe_to_copy.png diff --git a/contrib/testpngs/crashers/huge_pCAL_chunk.png b/contrib/testpngs/crashers/huge_pCAL_chunk.png Binary files differnew file mode 100644 index 000000000..bc12a8f24 --- /dev/null +++ b/contrib/testpngs/crashers/huge_pCAL_chunk.png diff --git a/contrib/testpngs/crashers/huge_pHYs_chunk.png b/contrib/testpngs/crashers/huge_pHYs_chunk.png Binary files differnew file mode 100644 index 000000000..343b977e9 --- /dev/null +++ b/contrib/testpngs/crashers/huge_pHYs_chunk.png diff --git a/contrib/testpngs/crashers/huge_sCAL_chunk.png b/contrib/testpngs/crashers/huge_sCAL_chunk.png Binary files differnew file mode 100644 index 000000000..61f2f824d --- /dev/null +++ b/contrib/testpngs/crashers/huge_sCAL_chunk.png diff --git a/contrib/testpngs/crashers/huge_sPLT_chunk.png b/contrib/testpngs/crashers/huge_sPLT_chunk.png Binary files differnew file mode 100644 index 000000000..75d383a2e --- /dev/null +++ b/contrib/testpngs/crashers/huge_sPLT_chunk.png diff --git a/contrib/testpngs/crashers/huge_sRGB_chunk.png b/contrib/testpngs/crashers/huge_sRGB_chunk.png Binary files differnew file mode 100644 index 000000000..bc1db3363 --- /dev/null +++ b/contrib/testpngs/crashers/huge_sRGB_chunk.png diff --git a/contrib/testpngs/crashers/huge_sTER_chunk.png b/contrib/testpngs/crashers/huge_sTER_chunk.png Binary files differnew file mode 100644 index 000000000..39219fed7 --- /dev/null +++ b/contrib/testpngs/crashers/huge_sTER_chunk.png diff --git a/contrib/testpngs/crashers/huge_tEXt_chunk.png b/contrib/testpngs/crashers/huge_tEXt_chunk.png Binary files differnew file mode 100644 index 000000000..947fc373e --- /dev/null +++ b/contrib/testpngs/crashers/huge_tEXt_chunk.png diff --git a/contrib/testpngs/crashers/huge_tIME_chunk.png b/contrib/testpngs/crashers/huge_tIME_chunk.png Binary files differnew file mode 100644 index 000000000..16452fba2 --- /dev/null +++ b/contrib/testpngs/crashers/huge_tIME_chunk.png diff --git a/contrib/testpngs/crashers/huge_zTXt_chunk.png b/contrib/testpngs/crashers/huge_zTXt_chunk.png Binary files differnew file mode 100644 index 000000000..52f095308 --- /dev/null +++ b/contrib/testpngs/crashers/huge_zTXt_chunk.png diff --git a/libpng-manual.txt b/libpng-manual.txt index b81d2a680..e34b1436f 100644 --- a/libpng-manual.txt +++ b/libpng-manual.txt @@ -1,6 +1,6 @@ libpng-manual.txt - A description on how to use and modify libpng - libpng version 1.6.31 - July 27, 2017 + libpng version 1.6.32 - August 24, 2017 Updated and distributed by Glenn Randers-Pehrson <glennrp at users.sourceforge.net> Copyright (c) 1998-2017 Glenn Randers-Pehrson @@ -11,7 +11,7 @@ libpng-manual.txt - A description on how to use and modify libpng Based on: - libpng versions 0.97, January 1998, through 1.6.31 - July 27, 2017 + libpng versions 0.97, January 1998, through 1.6.32 - August 24, 2017 Updated and distributed by Glenn Randers-Pehrson Copyright (c) 1998-2017 Glenn Randers-Pehrson @@ -688,8 +688,9 @@ where 0x7fffffffL means unlimited. You can retrieve this limit with chunk_cache_max = png_get_chunk_cache_max(png_ptr); Libpng imposes a limit of 8 Megabytes (8,000,000 bytes) on the amount of -memory that a compressed chunk other than IDAT can occupy, when decompressed. -You can change this limit with +memory that any chunk other than IDAT can occupy, originally or when +decompressed (prior to libpng-1.6.32 the limit was only applied to compressed +chunks after decompression). You can change this limit with png_set_chunk_malloc_max(png_ptr, user_chunk_malloc_max); @@ -1453,7 +1454,7 @@ png_set_rgb_to_gray()). the single transparent color for non-paletted images (PNG_INFO_tRNS) - png_get_eXIf(png_ptr, info_ptr, &exif); + png_get_eXIf_1(png_ptr, info_ptr, &num_exif, &exif); (PNG_INFO_eXIf) exif - Exif profile (array of png_byte) @@ -3103,9 +3104,9 @@ width, height, bit_depth, and color_type must be the same in each call. single transparent color for non-paletted images (PNG_INFO_tRNS) - png_set_eXIf(png_ptr, info_ptr, exif); + png_set_eXIf_1(png_ptr, info_ptr, num_exif, exif); - hist - Exif profile (array of + exif - Exif profile (array of png_byte) (PNG_INFO_eXIf) png_set_hIST(png_ptr, info_ptr, hist); @@ -5404,7 +5405,7 @@ Since the PNG Development group is an ad-hoc body, we can't make an official declaration. This is your unofficial assurance that libpng from version 0.71 and -upward through 1.6.31 are Y2K compliant. It is my belief that earlier +upward through 1.6.32 are Y2K compliant. It is my belief that earlier versions were also Y2K compliant. Libpng only has two year fields. One is a 2-byte unsigned integer @@ -1,6 +1,6 @@ -.TH LIBPNG 3 "July 27, 2017" +.TH LIBPNG 3 "August 24, 2017" .SH NAME -libpng \- Portable Network Graphics (PNG) Reference Library 1.6.31 +libpng \- Portable Network Graphics (PNG) Reference Library 1.6.32 .SH SYNOPSIS \fB #include <png.h>\fP @@ -99,6 +99,8 @@ libpng \- Portable Network Graphics (PNG) Reference Library 1.6.31 \fBpng_uint_32 png_get_eXIf (png_const_structp \fP\fIpng_ptr\fP\fB, png_const_infop \fP\fIinfo_ptr\fP\fB, png_bytep \fI*exif\fP\fB);\fP +\fBpng_uint_32 png_get_eXIf_1 (png_const_structp \fP\fIpng_ptr\fP\fB, png_const_infop \fP\fIinfo_ptr\fP\fB, png_unit_32 \fP\fI*num_exif\fP\fB, png_bytep \fI*exif\fP\fB);\fP + \fBpng_uint_32 png_get_hIST (png_const_structp \fP\fIpng_ptr\fP\fB, png_const_infop \fP\fIinfo_ptr\fP\fB, png_uint_16p \fI*hist\fP\fB);\fP \fBpng_uint_32 png_get_iCCP (png_const_structp \fP\fIpng_ptr\fP\fB, png_const_infop \fP\fIinfo_ptr\fP\fB, png_charpp \fP\fIname\fP\fB, int \fP\fI*compression_type\fP\fB, png_bytepp \fP\fIprofile\fP\fB, png_uint_32 \fI*proflen\fP\fB);\fP @@ -351,6 +353,8 @@ libpng \- Portable Network Graphics (PNG) Reference Library 1.6.31 \fBvoid png_set_eXIf (png_structp \fP\fIpng_ptr\fP\fB, png_infop \fP\fIinfo_ptr\fP\fB, png_bytep \fIexif\fP\fB);\fP +\fBvoid png_set_eXIf_1 (png_structp \fP\fIpng_ptr\fP\fB, png_infop \fP\fIinfo_ptr\fP\fB, const png_uint_32 \fP\fInum_exif\fP\fB, png_bytep \fIexif\fP\fB);\fP + \fBvoid png_set_hIST (png_structp \fP\fIpng_ptr\fP\fB, png_infop \fP\fIinfo_ptr\fP\fB, png_uint_16p \fIhist\fP\fB);\fP \fBvoid png_set_iCCP (png_structp \fP\fIpng_ptr\fP\fB, png_infop \fP\fIinfo_ptr\fP\fB, png_const_charp \fP\fIname\fP\fB, int \fP\fIcompression_type\fP\fB, png_const_bytep \fP\fIprofile\fP\fB, png_uint_32 \fIproflen\fP\fB);\fP @@ -514,7 +518,7 @@ Following is a copy of the libpng-manual.txt file that accompanies libpng. .SH LIBPNG.TXT libpng-manual.txt - A description on how to use and modify libpng - libpng version 1.6.31 - July 27, 2017 + libpng version 1.6.32 - August 24, 2017 Updated and distributed by Glenn Randers-Pehrson <glennrp at users.sourceforge.net> Copyright (c) 1998-2017 Glenn Randers-Pehrson @@ -525,7 +529,7 @@ libpng-manual.txt - A description on how to use and modify libpng Based on: - libpng versions 0.97, January 1998, through 1.6.31 - July 27, 2017 + libpng versions 0.97, January 1998, through 1.6.32 - August 24, 2017 Updated and distributed by Glenn Randers-Pehrson Copyright (c) 1998-2017 Glenn Randers-Pehrson @@ -1202,8 +1206,9 @@ where 0x7fffffffL means unlimited. You can retrieve this limit with chunk_cache_max = png_get_chunk_cache_max(png_ptr); Libpng imposes a limit of 8 Megabytes (8,000,000 bytes) on the amount of -memory that a compressed chunk other than IDAT can occupy, when decompressed. -You can change this limit with +memory that any chunk other than IDAT can occupy, originally or when +decompressed (prior to libpng-1.6.32 the limit was only applied to compressed +chunks after decompression). You can change this limit with png_set_chunk_malloc_max(png_ptr, user_chunk_malloc_max); @@ -1967,7 +1972,7 @@ png_set_rgb_to_gray()). the single transparent color for non-paletted images (PNG_INFO_tRNS) - png_get_eXIf(png_ptr, info_ptr, &exif); + png_get_eXIf_1(png_ptr, info_ptr, &num_exif, &exif); (PNG_INFO_eXIf) exif - Exif profile (array of png_byte) @@ -3617,9 +3622,9 @@ width, height, bit_depth, and color_type must be the same in each call. single transparent color for non-paletted images (PNG_INFO_tRNS) - png_set_eXIf(png_ptr, info_ptr, exif); + png_set_eXIf_1(png_ptr, info_ptr, num_exif, exif); - hist - Exif profile (array of + exif - Exif profile (array of png_byte) (PNG_INFO_eXIf) png_set_hIST(png_ptr, info_ptr, hist); @@ -5918,7 +5923,7 @@ Since the PNG Development group is an ad-hoc body, we can't make an official declaration. This is your unofficial assurance that libpng from version 0.71 and -upward through 1.6.31 are Y2K compliant. It is my belief that earlier +upward through 1.6.32 are Y2K compliant. It is my belief that earlier versions were also Y2K compliant. Libpng only has two year fields. One is a 2-byte unsigned integer @@ -6020,7 +6025,7 @@ the first widely used release: ... 1.5.28 15 10528 15.so.15.28[.0] ... - 1.6.31 16 10631 16.so.16.31[.0] + 1.6.32 16 10632 16.so.16.32[.0] Henceforth the source version will match the shared-library minor and patch numbers; the shared-library major version number will be @@ -6076,7 +6081,7 @@ possible without all of you. Thanks to Frank J. T. Wojcik for helping with the documentation. -Libpng version 1.6.31 - July 27, 2017: +Libpng version 1.6.32 - August 24, 2017: Initially created in 1995 by Guy Eric Schalnat, then of Group 42, Inc. Currently maintained by Glenn Randers-Pehrson (glennrp at users.sourceforge.net). @@ -6101,7 +6106,7 @@ this sentence. This code is released under the libpng license. -libpng versions 1.0.7, July 1, 2000 through 1.6.31, July 27, 2017 are +libpng versions 1.0.7, July 1, 2000 through 1.6.32, August 24, 2017 are Copyright (c) 2000-2002, 2004, 2006-2017 Glenn Randers-Pehrson, are derived from libpng-1.0.6, and are distributed according to the same disclaimer and license as libpng-1.0.6 with the following individuals @@ -6229,7 +6234,7 @@ files "pngbar.png" and "pngbar.jpg (88x31) and "pngnow.png" (98x31). Glenn Randers-Pehrson glennrp at users.sourceforge.net -July 27, 2017 +August 24, 2017 .\" end of man page diff --git a/libpngpf.3 b/libpngpf.3 index 70992ab6e..ab84577e4 100644 --- a/libpngpf.3 +++ b/libpngpf.3 @@ -1,6 +1,6 @@ .TH LIBPNGPF 3 "April 1, 2017" .SH NAME -libpng \- Portable Network Graphics (PNG) Reference Library 1.6.31 +libpng \- Portable Network Graphics (PNG) Reference Library 1.6.32 (private functions) .SH SYNOPSIS \fB\fB#include \fI\fI"pngpriv.h" @@ -1,7 +1,7 @@ /* png.c - location for general purpose libpng functions * - * Last changed in libpng 1.6.31 [July 27, 2017] + * Last changed in libpng 1.6.32 [August 24, 2017] * Copyright (c) 1998-2002,2004,2006-2017 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) @@ -14,7 +14,7 @@ #include "pngpriv.h" /* Generate a compiler error if there is an old png.h in the search path. */ -typedef png_libpng_version_1_6_31 Your_png_h_is_not_version_1_6_31; +typedef png_libpng_version_1_6_32 Your_png_h_is_not_version_1_6_32; #ifdef __GNUC__ /* The version tests may need to be added to, but the problem warning has @@ -619,8 +619,18 @@ png_free_data(png_const_structrp png_ptr, png_inforp info_ptr, png_uint_32 mask, /* Free any eXIf entry */ if (((mask & PNG_FREE_EXIF) & info_ptr->free_me) != 0) { - png_free(png_ptr, info_ptr->exif); - info_ptr->exif = NULL; +# ifdef PNG_READ_eXIf_SUPPORTED + if (info_ptr->eXIf_buf) + { + png_free(png_ptr, info_ptr->eXIf_buf); + info_ptr->eXIf_buf = NULL; + } +# endif + if (info_ptr->exif) + { + png_free(png_ptr, info_ptr->exif); + info_ptr->exif = NULL; + } info_ptr->valid &= ~PNG_INFO_eXIf; } #endif @@ -806,14 +816,14 @@ png_get_copyright(png_const_structrp png_ptr) #else # ifdef __STDC__ return PNG_STRING_NEWLINE \ - "libpng version 1.6.31 - July 27, 2017" PNG_STRING_NEWLINE \ + "libpng version 1.6.32 - August 24, 2017" PNG_STRING_NEWLINE \ "Copyright (c) 1998-2002,2004,2006-2017 Glenn Randers-Pehrson" \ PNG_STRING_NEWLINE \ "Copyright (c) 1996-1997 Andreas Dilger" PNG_STRING_NEWLINE \ "Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc." \ PNG_STRING_NEWLINE; # else - return "libpng version 1.6.31 - July 27, 2017\ + return "libpng version 1.6.32 - August 24, 2017\ Copyright (c) 1998-2002,2004,2006-2017 Glenn Randers-Pehrson\ Copyright (c) 1996-1997 Andreas Dilger\ Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc."; @@ -1,7 +1,7 @@ /* png.h - header file for PNG reference library * - * libpng version 1.6.31, July 27, 2017 + * libpng version 1.6.32, August 24, 2017 * * Copyright (c) 1998-2002,2004,2006-2017 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) @@ -12,7 +12,7 @@ * Authors and maintainers: * libpng versions 0.71, May 1995, through 0.88, January 1996: Guy Schalnat * libpng versions 0.89, June 1996, through 0.96, May 1997: Andreas Dilger - * libpng versions 0.97, January 1998, through 1.6.31, July 27, 2017: + * libpng versions 0.97, January 1998, through 1.6.32, August 24, 2017: * Glenn Randers-Pehrson. * See also "Contributing Authors", below. */ @@ -25,7 +25,7 @@ * * This code is released under the libpng license. * - * libpng versions 1.0.7, July 1, 2000 through 1.6.31, July 27, 2017 are + * libpng versions 1.0.7, July 1, 2000 through 1.6.32, August 24, 2017 are * Copyright (c) 2000-2002, 2004, 2006-2017 Glenn Randers-Pehrson, are * derived from libpng-1.0.6, and are distributed according to the same * disclaimer and license as libpng-1.0.6 with the following individuals @@ -213,7 +213,7 @@ * ... * 1.5.28 15 10527 15.so.15.28[.0] * ... - * 1.6.31 16 10631 16.so.16.31[.0] + * 1.6.32 16 10632 16.so.16.32[.0] * * Henceforth the source version will match the shared-library major * and minor numbers; the shared-library major version number will be @@ -241,13 +241,13 @@ * Y2K compliance in libpng: * ========================= * - * July 27, 2017 + * August 24, 2017 * * Since the PNG Development group is an ad-hoc body, we can't make * an official declaration. * * This is your unofficial assurance that libpng from version 0.71 and - * upward through 1.6.31 are Y2K compliant. It is my belief that + * upward through 1.6.32 are Y2K compliant. It is my belief that * earlier versions were also Y2K compliant. * * Libpng only has two year fields. One is a 2-byte unsigned integer @@ -309,8 +309,8 @@ */ /* Version information for png.h - this should match the version in png.c */ -#define PNG_LIBPNG_VER_STRING "1.6.31" -#define PNG_HEADER_VERSION_STRING " libpng version 1.6.31 - July 27, 2017\n" +#define PNG_LIBPNG_VER_STRING "1.6.32" +#define PNG_HEADER_VERSION_STRING " libpng version 1.6.32 - August 24, 2017\n" #define PNG_LIBPNG_VER_SONUM 16 #define PNG_LIBPNG_VER_DLLNUM 16 @@ -318,7 +318,7 @@ /* These should match the first 3 components of PNG_LIBPNG_VER_STRING: */ #define PNG_LIBPNG_VER_MAJOR 1 #define PNG_LIBPNG_VER_MINOR 6 -#define PNG_LIBPNG_VER_RELEASE 31 +#define PNG_LIBPNG_VER_RELEASE 32 /* This should match the numeric part of the final component of * PNG_LIBPNG_VER_STRING, omitting any leading zero: @@ -349,7 +349,7 @@ * version 1.0.0 was mis-numbered 100 instead of 10000). From * version 1.0.1 it's xxyyzz, where x=major, y=minor, z=release */ -#define PNG_LIBPNG_VER 10631 /* 1.6.31 */ +#define PNG_LIBPNG_VER 10632 /* 1.6.32 */ /* Library configuration: these options cannot be changed after * the library has been built. @@ -459,7 +459,7 @@ extern "C" { /* This triggers a compiler error in png.c, if png.c and png.h * do not agree upon the version number. */ -typedef char* png_libpng_version_1_6_31; +typedef char* png_libpng_version_1_6_32; /* Basic control structions. Read libpng-manual.txt or libpng.3 for more info. * @@ -2014,6 +2014,11 @@ PNG_EXPORT(246, png_uint_32, png_get_eXIf, (png_const_structrp png_ptr, png_inforp info_ptr, png_bytep *exif)); PNG_EXPORT(247, void, png_set_eXIf, (png_const_structrp png_ptr, png_inforp info_ptr, const png_bytep exif)); + +PNG_EXPORT(248, png_uint_32, png_get_eXIf_1, (png_const_structrp png_ptr, + png_const_inforp info_ptr, png_uint_32 *num_exif, png_bytep *exif)); +PNG_EXPORT(249, void, png_set_eXIf_1, (png_const_structrp png_ptr, + png_inforp info_ptr, const png_uint_32 num_exif, const png_bytep exif)); #endif #ifdef PNG_gAMA_SUPPORTED @@ -3259,7 +3264,7 @@ PNG_EXPORT(244, int, png_set_option, (png_structrp png_ptr, int option, * one to use is one more than this.) */ #ifdef PNG_EXPORT_LAST_ORDINAL - PNG_EXPORT_LAST_ORDINAL(247); + PNG_EXPORT_LAST_ORDINAL(249); #endif #ifdef __cplusplus @@ -1,7 +1,7 @@ /* pngconf.h - machine configurable file for libpng * - * libpng version 1.6.31, July 27, 2017 + * libpng version 1.6.32, August 24, 2017 * * Copyright (c) 1998-2002,2004,2006-2016 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) @@ -1,8 +1,8 @@ /* pngget.c - retrieval of values from info struct * - * Last changed in libpng 1.6.26 [October 20, 2016] - * Copyright (c) 1998-2002,2004,2006-2016 Glenn Randers-Pehrson + * Last changed in libpng 1.6.32 [August 24, 2017] + * Copyright (c) 1998-2002,2004,2006-2017 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * @@ -778,11 +778,22 @@ png_uint_32 PNGAPI png_get_eXIf(png_const_structrp png_ptr, png_inforp info_ptr, png_bytep *exif) { + png_warning(png_ptr, "png_get_eXIf does not work; use png_get_eXIf_1"); + PNG_UNUSED(info_ptr) + PNG_UNUSED(exif) + return 0; +} + +png_uint_32 PNGAPI +png_get_eXIf_1(png_const_structrp png_ptr, png_const_inforp info_ptr, + png_uint_32 *num_exif, png_bytep *exif) +{ png_debug1(1, "in %s retrieval function", "eXIf"); if (png_ptr != NULL && info_ptr != NULL && (info_ptr->valid & PNG_INFO_eXIf) != 0 && exif != NULL) { + *num_exif = info_ptr->num_exif; *exif = info_ptr->exif; return (PNG_INFO_eXIf); } @@ -186,8 +186,11 @@ defined(PNG_READ_BACKGROUND_SUPPORTED) #endif #ifdef PNG_eXIf_SUPPORTED - int num_exif; + int num_exif; /* Added at libpng-1.6.31 */ png_bytep exif; +# ifdef PNG_READ_eXIf_SUPPORTED + png_bytep eXIf_buf; /* Added at libpng-1.6.32 */ +# endif #endif #ifdef PNG_hIST_SUPPORTED diff --git a/pngpread.c b/pngpread.c index 650ba1e23..fbe361dc3 100644 --- a/pngpread.c +++ b/pngpread.c @@ -1,8 +1,8 @@ /* pngpread.c - read a png file in push mode * - * Last changed in libpng 1.6.24 [August 4, 2016] - * Copyright (c) 1998-2002,2004,2006-2016 Glenn Randers-Pehrson + * Last changed in libpng 1.6.32 [August 24, 2017] + * Copyright (c) 1998-2002,2004,2006-2017 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * @@ -189,6 +189,7 @@ png_push_read_chunk(png_structrp png_ptr, png_inforp info_ptr) png_crc_read(png_ptr, chunk_tag, 4); png_ptr->chunk_name = PNG_CHUNK_FROM_STRING(chunk_tag); png_check_chunk_name(png_ptr, png_ptr->chunk_name); + png_check_chunk_length(png_ptr, png_ptr->push_length); png_ptr->mode |= PNG_HAVE_CHUNK_HEADER; } @@ -1,7 +1,7 @@ /* pngpriv.h - private declarations for use inside libpng * - * Last changed in libpng 1.6.31 [July 27, 2017] + * Last changed in libpng 1.6.32 [August 24, 2017] * Copyright (c) 1998-2002,2004,2006-2017 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) @@ -1143,6 +1143,11 @@ PNG_INTERNAL_FUNCTION(void,png_write_sRGB,(png_structrp png_ptr, int intent),PNG_EMPTY); #endif +#ifdef PNG_WRITE_eXIf_SUPPORTED +PNG_INTERNAL_FUNCTION(void,png_write_eXIf,(png_structrp png_ptr, + png_bytep exif, int num_exif),PNG_EMPTY); +#endif + #ifdef PNG_WRITE_iCCP_SUPPORTED PNG_INTERNAL_FUNCTION(void,png_write_iCCP,(png_structrp png_ptr, png_const_charp name, png_const_bytep profile), PNG_EMPTY); @@ -1522,8 +1527,11 @@ PNG_INTERNAL_FUNCTION(void,png_handle_zTXt,(png_structrp png_ptr, png_inforp info_ptr, png_uint_32 length),PNG_EMPTY); #endif -PNG_INTERNAL_FUNCTION(void,png_check_chunk_name,(png_structrp png_ptr, - png_uint_32 chunk_name),PNG_EMPTY); +PNG_INTERNAL_FUNCTION(void,png_check_chunk_name,(png_const_structrp png_ptr, + const png_uint_32 chunk_name),PNG_EMPTY); + +PNG_INTERNAL_FUNCTION(void,png_check_chunk_length,(png_const_structrp png_ptr, + const png_uint_32 chunk_length),PNG_EMPTY); PNG_INTERNAL_FUNCTION(void,png_handle_unknown,(png_structrp png_ptr, png_inforp info_ptr, png_uint_32 length, int keep),PNG_EMPTY); @@ -1,7 +1,7 @@ /* pngread.c - read a PNG file * - * Last changed in libpng 1.6.31 [July 27, 2017] + * Last changed in libpng 1.6.32 [August 24, 2017] * Copyright (c) 1998-2002,2004,2006-2017 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) @@ -175,6 +175,11 @@ png_read_info(png_structrp png_ptr, png_inforp info_ptr) png_handle_cHRM(png_ptr, info_ptr, length); #endif +#ifdef PNG_READ_eXIf_SUPPORTED + else if (chunk_name == png_eXIf) + png_handle_eXIf(png_ptr, info_ptr, length); +#endif + #ifdef PNG_READ_gAMA_SUPPORTED else if (chunk_name == png_gAMA) png_handle_gAMA(png_ptr, info_ptr, length); @@ -534,6 +539,7 @@ png_read_row(png_structrp png_ptr, png_bytep row, png_bytep dsp_row) png_error(png_ptr, "Invalid attempt to read row data"); /* Fill the row with IDAT data: */ + png_ptr->row_buf[0]=255; /* to force error if no data was found */ png_read_IDAT_data(png_ptr, png_ptr->row_buf, row_info.rowbytes + 1); if (png_ptr->row_buf[0] > PNG_FILTER_VALUE_NONE) @@ -842,6 +848,11 @@ png_read_end(png_structrp png_ptr, png_inforp info_ptr) png_handle_cHRM(png_ptr, info_ptr, length); #endif +#ifdef PNG_READ_eXIf_SUPPORTED + else if (chunk_name == png_eXIf) + png_handle_eXIf(png_ptr, info_ptr, length); +#endif + #ifdef PNG_READ_gAMA_SUPPORTED else if (chunk_name == png_gAMA) png_handle_gAMA(png_ptr, info_ptr, length); diff --git a/pngrutil.c b/pngrutil.c index 7fe5cd1de..a4fa71457 100644 --- a/pngrutil.c +++ b/pngrutil.c @@ -1,7 +1,7 @@ /* pngrutil.c - utilities to read a PNG file * - * Last changed in libpng 1.6.31 [July 27, 2017] + * Last changed in libpng 1.6.32 [August 24, 2017] * Copyright (c) 1998-2002,2004,2006-2017 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) @@ -181,6 +181,9 @@ png_read_chunk_header(png_structrp png_ptr) /* Check to see if chunk name is valid. */ png_check_chunk_name(png_ptr, png_ptr->chunk_name); + /* Check for too-large chunk length */ + png_check_chunk_length(png_ptr, length); + #ifdef PNG_IO_STATE_SUPPORTED png_ptr->io_state = PNG_IO_READING | PNG_IO_CHUNK_DATA; #endif @@ -1377,11 +1380,13 @@ png_handle_iCCP(png_structrp png_ptr, png_inforp info_ptr, png_uint_32 length) * chunk is just ignored, so does not invalidate the color space. An * alternative is to set the 'invalid' flags at the start of this routine * and only clear them in they were not set before and all the tests pass. - * The minimum 'deflate' stream is assumed to be just the 2 byte header and - * 4 byte checksum. The keyword must be at least one character and there is - * a terminator (0) byte and the compression method. */ - if (length < 9) + + /* The keyword must be at least one character and there is a + * terminator (0) byte and the compression method byte, and the + * 'zlib' datastream is at least 11 bytes. + */ + if (length < 14) { png_crc_finish(png_ptr, length); png_chunk_benign_error(png_ptr, "too short"); @@ -1413,6 +1418,16 @@ png_handle_iCCP(png_structrp png_ptr, png_inforp info_ptr, png_uint_32 length) png_crc_read(png_ptr, (png_bytep)keyword, read_length); length -= read_length; + /* The minimum 'zlib' stream is assumed to be just the 2 byte header, + * 5 bytes minimum 'deflate' stream, and the 4 byte checksum. + */ + if (length < 11) + { + png_crc_finish(png_ptr, length); + png_chunk_benign_error(png_ptr, "too short"); + return; + } + keyword_length = 0; while (keyword_length < 80 && keyword_length < read_length && keyword[keyword_length] != 0) @@ -1431,7 +1446,7 @@ png_handle_iCCP(png_structrp png_ptr, png_inforp info_ptr, png_uint_32 length) if (png_inflate_claim(png_ptr, png_iCCP) == Z_OK) { - Byte profile_header[132]; + Byte profile_header[132]={0}; Byte local_buffer[PNG_INFLATE_BUF_SIZE]; png_alloc_size_t size = (sizeof profile_header); @@ -2014,36 +2029,61 @@ void /* PRIVATE */ png_handle_eXIf(png_structrp png_ptr, png_inforp info_ptr, png_uint_32 length) { unsigned int i; - png_bytep eXIf_buf; png_debug(1, "in png_handle_eXIf"); if ((png_ptr->mode & PNG_HAVE_IHDR) == 0) png_chunk_error(png_ptr, "missing IHDR"); - else if (info_ptr != NULL && (info_ptr->valid & PNG_INFO_eXIf) != 0) + if (length < 2) + { + png_crc_finish(png_ptr, length); + png_chunk_benign_error(png_ptr, "too short"); + return; + } + + else if (info_ptr == NULL || (info_ptr->valid & PNG_INFO_eXIf) != 0) { png_crc_finish(png_ptr, length); png_chunk_benign_error(png_ptr, "duplicate"); return; } - eXIf_buf = png_voidcast(png_bytep, + info_ptr->free_me |= PNG_FREE_EXIF; + + info_ptr->eXIf_buf = png_voidcast(png_bytep, png_malloc_warn(png_ptr, length)); + if (info_ptr->eXIf_buf == NULL) + { + png_crc_finish(png_ptr, length); + png_chunk_benign_error(png_ptr, "out of memory"); + return; + } + for (i = 0; i < length; i++) { png_byte buf[1]; png_crc_read(png_ptr, buf, 1); - eXIf_buf[i] = buf[0]; + info_ptr->eXIf_buf[i] = buf[0]; + if (i == 1 && buf[0] != 'M' && buf[0] != 'I' + && info_ptr->eXIf_buf[0] != buf[0]) + { + png_crc_finish(png_ptr, length); + png_chunk_benign_error(png_ptr, "incorrect byte-order specifier"); + png_free(png_ptr, info_ptr->eXIf_buf); + info_ptr->eXIf_buf = NULL; + return; + } } if (png_crc_finish(png_ptr, 0) != 0) return; - info_ptr->num_exif = length; + png_set_eXIf_1(png_ptr, info_ptr, length, info_ptr->eXIf_buf); - png_set_eXIf(png_ptr, info_ptr, eXIf_buf); + png_free(png_ptr, info_ptr->eXIf_buf); + info_ptr->eXIf_buf = NULL; } #endif @@ -2624,23 +2664,28 @@ png_handle_zTXt(png_structrp png_ptr, png_inforp info_ptr, png_uint_32 length) { png_text text; - /* It worked; png_ptr->read_buffer now looks like a tEXt chunk except - * for the extra compression type byte and the fact that it isn't - * necessarily '\0' terminated. - */ - buffer = png_ptr->read_buffer; - buffer[uncompressed_length+(keyword_length+2)] = 0; - - text.compression = PNG_TEXT_COMPRESSION_zTXt; - text.key = (png_charp)buffer; - text.text = (png_charp)(buffer + keyword_length+2); - text.text_length = uncompressed_length; - text.itxt_length = 0; - text.lang = NULL; - text.lang_key = NULL; - - if (png_set_text_2(png_ptr, info_ptr, &text, 1) != 0) - errmsg = "insufficient memory"; + if (png_ptr->read_buffer == NULL) + errmsg="Read failure in png_handle_zTXt"; + else + { + /* It worked; png_ptr->read_buffer now looks like a tEXt chunk + * except for the extra compression type byte and the fact that + * it isn't necessarily '\0' terminated. + */ + buffer = png_ptr->read_buffer; + buffer[uncompressed_length+(keyword_length+2)] = 0; + + text.compression = PNG_TEXT_COMPRESSION_zTXt; + text.key = (png_charp)buffer; + text.text = (png_charp)(buffer + keyword_length+2); + text.text_length = uncompressed_length; + text.itxt_length = 0; + text.lang = NULL; + text.lang_key = NULL; + + if (png_set_text_2(png_ptr, info_ptr, &text, 1) != 0) + errmsg = "insufficient memory"; + } } else @@ -3076,20 +3121,58 @@ png_handle_unknown(png_structrp png_ptr, png_inforp info_ptr, */ void /* PRIVATE */ -png_check_chunk_name(png_structrp png_ptr, png_uint_32 chunk_name) +png_check_chunk_name(png_const_structrp png_ptr, const png_uint_32 chunk_name) { int i; + png_uint_32 cn=chunk_name; png_debug(1, "in png_check_chunk_name"); for (i=1; i<=4; ++i) { - int c = chunk_name & 0xff; + int c = cn & 0xff; if (c < 65 || c > 122 || (c > 90 && c < 97)) png_chunk_error(png_ptr, "invalid chunk type"); - chunk_name >>= 8; + cn >>= 8; + } +} + +void /* PRIVATE */ +png_check_chunk_length(png_const_structrp png_ptr, const png_uint_32 length) +{ + png_alloc_size_t limit = PNG_UINT_31_MAX; + + if (png_ptr->chunk_name != png_IDAT) + { +# ifdef PNG_SET_USER_LIMITS_SUPPORTED + if (png_ptr->user_chunk_malloc_max > 0 && + png_ptr->user_chunk_malloc_max < limit) + limit = png_ptr->user_chunk_malloc_max; +# elif PNG_USER_CHUNK_MALLOC_MAX > 0 + if (PNG_USER_CHUNK_MALLOC_MAX < limit) + limit = PNG_USER_CHUNK_MALLOC_MAX; +# endif + } + else + { + size_t row_factor = + (png_ptr->width * png_ptr->channels * (png_ptr->bit_depth > 8? 2: 1) + + 1 + (png_ptr->interlaced? 6: 0)); + if (png_ptr->height > PNG_UINT_32_MAX/row_factor) + limit=PNG_UINT_31_MAX; + else + limit = png_ptr->height * row_factor; + limit += 6 + 5*(limit/32566+1); /* zlib+deflate overhead */ + limit=limit < PNG_UINT_31_MAX? limit : PNG_UINT_31_MAX; + } + + if (length > limit) + { + png_debug2(0," length = %lu, limit = %lu", + (unsigned long)length,(unsigned long)limit); + png_chunk_error(png_ptr, "chunk data is too large"); } } @@ -1,7 +1,7 @@ /* pngset.c - storage of image information into info struct * - * Last changed in libpng 1.6.30 [June 28, 2017] + * Last changed in libpng 1.6.32 [August 24, 2017] * Copyright (c) 1998-2017 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) @@ -139,6 +139,15 @@ void PNGAPI png_set_eXIf(png_const_structrp png_ptr, png_inforp info_ptr, const png_bytep eXIf_buf) { + png_warning(png_ptr, "png_set_eXIf does not work; use png_set_eXIf_1"); + PNG_UNUSED(info_ptr) + PNG_UNUSED(eXIf_buf) +} + +void PNGAPI +png_set_eXIf_1(png_const_structrp png_ptr, png_inforp info_ptr, + const png_uint_32 num_exif, const png_bytep eXIf_buf) +{ int i; png_debug1(1, "in %s storage function", "eXIf"); @@ -146,7 +155,13 @@ png_set_eXIf(png_const_structrp png_ptr, png_inforp info_ptr, if (png_ptr == NULL || info_ptr == NULL) return; - png_free_data(png_ptr, info_ptr, PNG_FREE_EXIF, 0); + if (info_ptr->exif) + { + png_free(png_ptr, info_ptr->exif); + info_ptr->exif = NULL; + } + + info_ptr->num_exif = num_exif; info_ptr->exif = png_voidcast(png_bytep, png_malloc_warn(png_ptr, info_ptr->num_exif)); @@ -154,13 +169,12 @@ png_set_eXIf(png_const_structrp png_ptr, png_inforp info_ptr, if (info_ptr->exif == NULL) { png_warning(png_ptr, "Insufficient memory for eXIf chunk data"); - return; } info_ptr->free_me |= PNG_FREE_EXIF; - for (i = 0; i < info_ptr->num_exif; i++) + for (i = 0; i < (int) info_ptr->num_exif; i++) info_ptr->exif[i] = eXIf_buf[i]; info_ptr->valid |= PNG_INFO_eXIf; @@ -1388,6 +1402,7 @@ png_set_keep_unknown_chunks(png_structrp png_ptr, int keep, static PNG_CONST png_byte chunks_to_ignore[] = { 98, 75, 71, 68, '\0', /* bKGD */ 99, 72, 82, 77, '\0', /* cHRM */ + 101, 88, 73, 102, '\0', /* eXIf */ 103, 65, 77, 65, '\0', /* gAMA */ 104, 73, 83, 84, '\0', /* hIST */ 105, 67, 67, 80, '\0', /* iCCP */ diff --git a/pngstruct.h b/pngstruct.h index 44b79dea7..d83f97125 100644 --- a/pngstruct.h +++ b/pngstruct.h @@ -1,7 +1,7 @@ /* pngstruct.h - header file for PNG reference library * - * Last changed in libpng 1.6.28 [January 5, 2017] + * Last changed in libpng 1.6.32 [August 24, 2017] * Copyright (c) 1998-2002,2004,2006-2017 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) @@ -479,8 +479,5 @@ struct png_struct_def png_colorspace colorspace; #endif #endif - -/* New member added in libpng-1.6.31 */ - int num_exif; }; #endif /* PNGSTRUCT_H */ @@ -1,8 +1,8 @@ /* pngtest.c - a simple test program to test libpng * - * Last changed in libpng 1.6.26 [October 20, 2016] - * Copyright (c) 1998-2002,2004,2006-2016 Glenn Randers-Pehrson + * Last changed in libpng 1.6.32 [August 24, 2017] + * Copyright (c) 1998-2002,2004,2006-2017 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * @@ -144,6 +144,7 @@ tIME_to_str(png_structp png_ptr, png_charp ts, png_const_timep t) static int verbose = 0; static int strict = 0; static int relaxed = 0; +static int xfail = 0; static int unsupported_chunks = 0; /* chunk unsupported by libpng in input */ static int error_count = 0; /* count calls to png_error */ static int warning_count = 0; /* count calls to png_warning */ @@ -463,7 +464,7 @@ pngtest_warning(png_structp png_ptr, png_const_charp message) if (test != NULL && test->file_name != NULL) name = test->file_name; - fprintf(STDERR, "%s: libpng warning: %s\n", name, message); + fprintf(STDERR, "\n%s: libpng warning: %s\n", name, message); } /* This is the default error handling function. Note that replacements for @@ -936,8 +937,12 @@ test_one_file(PNG_CONST char *inname, PNG_CONST char *outname) fprintf(STDERR, "%s -> %s: libpng read error\n", inname, outname); png_free(read_ptr, row_buf); row_buf = NULL; + if (verbose != 0) + fprintf(STDERR, " destroy read structs\n"); png_destroy_read_struct(&read_ptr, &read_info_ptr, &end_info_ptr); #ifdef PNG_WRITE_SUPPORTED + if (verbose != 0) + fprintf(STDERR, " destroy write structs\n"); png_destroy_info_struct(write_ptr, &write_end_info_ptr); png_destroy_write_struct(&write_ptr, &write_info_ptr); #endif @@ -952,11 +957,13 @@ test_one_file(PNG_CONST char *inname, PNG_CONST char *outname) if (setjmp(png_jmpbuf(write_ptr))) { fprintf(STDERR, "%s -> %s: libpng write error\n", inname, outname); + if (verbose != 0) + fprintf(STDERR, " destroying read structs\n"); png_destroy_read_struct(&read_ptr, &read_info_ptr, &end_info_ptr); + if (verbose != 0) + fprintf(STDERR, " destroying write structs\n"); png_destroy_info_struct(write_ptr, &write_end_info_ptr); -#ifdef PNG_WRITE_SUPPORTED png_destroy_write_struct(&write_ptr, &write_info_ptr); -#endif FCLOSE(fpin); FCLOSE(fpout); return (1); @@ -1192,12 +1199,20 @@ test_one_file(PNG_CONST char *inname, PNG_CONST char *outname) } } #endif -#ifdef PNG_eXIf_SUPPORTED +#ifdef PNG_READ_eXIf_SUPPORTED { - png_bytep exif; + png_bytep exif=NULL; + png_uint_32 exif_length; - if (png_get_eXIf(read_ptr, read_info_ptr, &exif) != 0) - png_set_eXIf(write_ptr, write_info_ptr, exif); + if (png_get_eXIf_1(read_ptr, read_info_ptr, &exif_length, &exif) != 0) + { + if (exif_length > 1) + fprintf(STDERR," eXIf type %c%c, %lu bytes\n",exif[0],exif[1], + (unsigned long)exif_length); +# ifdef PNG_WRITE_eXIf_SUPPORTED + png_set_eXIf_1(write_ptr, write_info_ptr, exif_length, exif); +# endif + } } #endif #ifdef PNG_hIST_SUPPORTED @@ -1310,10 +1325,10 @@ test_one_file(PNG_CONST char *inname, PNG_CONST char *outname) { int i; - printf("\n"); + fprintf(STDERR,"\n"); for (i=0; i<num_text; i++) { - printf(" Text compression[%d]=%d\n", + fprintf(STDERR," Text compression[%d]=%d\n", i, text_ptr[i].compression); } } @@ -1406,6 +1421,10 @@ test_one_file(PNG_CONST char *inname, PNG_CONST char *outname) write_chunks(write_ptr, before_IDAT); /* after PLTE */ + png_write_info(write_ptr, write_end_info_ptr); + + write_chunks(write_ptr, after_IDAT); /* after IDAT */ + #ifdef PNG_COMPRESSION_COMPAT /* Test the 'compatibility' setting here, if it is available. */ png_set_compression(write_ptr, PNG_COMPRESSION_COMPAT); @@ -1526,10 +1545,10 @@ test_one_file(PNG_CONST char *inname, PNG_CONST char *outname) { int i; - printf("\n"); + fprintf(STDERR,"\n"); for (i=0; i<num_text; i++) { - printf(" Text compression[%d]=%d\n", + fprintf(STDERR," Text compression[%d]=%d\n", i, text_ptr[i].compression); } } @@ -1538,12 +1557,20 @@ test_one_file(PNG_CONST char *inname, PNG_CONST char *outname) } } #endif -#ifdef PNG_eXIf_SUPPORTED +#ifdef PNG_READ_eXIf_SUPPORTED { - png_bytep exif; + png_bytep exif=NULL; + png_uint_32 exif_length; - if (png_get_eXIf(read_ptr, end_info_ptr, &exif) != 0) - png_set_eXIf(write_ptr, write_end_info_ptr, exif); + if (png_get_eXIf_1(read_ptr, end_info_ptr, &exif_length, &exif) != 0) + { + if (exif_length > 1) + fprintf(STDERR," eXIf type %c%c, %lu bytes\n",exif[0],exif[1], + (unsigned long)exif_length); +# ifdef PNG_WRITE_eXIf_SUPPORTED + png_set_eXIf_1(write_ptr, write_end_info_ptr, exif_length, exif); +# endif + } } #endif #ifdef PNG_tIME_SUPPORTED @@ -1861,6 +1888,7 @@ main(int argc, char *argv[]) inname = argv[2]; strict++; relaxed = 0; + multiple=1; } else if (strcmp(argv[1], "--relaxed") == 0) @@ -1870,6 +1898,17 @@ main(int argc, char *argv[]) inname = argv[2]; strict = 0; relaxed++; + multiple=1; + } + else if (strcmp(argv[1], "--xfail") == 0) + { + status_dots_requested = 0; + verbose = 1; + inname = argv[2]; + strict = 0; + xfail++; + relaxed++; + multiple=1; } else @@ -1927,8 +1966,13 @@ main(int argc, char *argv[]) else { - fprintf(STDERR, " FAIL\n"); - ierror += kerror; + if (xfail) + fprintf(STDERR, " XFAIL\n"); + else + { + fprintf(STDERR, " FAIL\n"); + ierror += kerror; + } } #if defined(PNG_USER_MEM_SUPPORTED) && PNG_DEBUG if (allocation_now != current_allocation) @@ -2016,8 +2060,13 @@ main(int argc, char *argv[]) #endif } - fprintf(STDERR, " FAIL\n"); - ierror += kerror; + if (xfail) + fprintf(STDERR, " XFAIL\n"); + else + { + fprintf(STDERR, " FAIL\n"); + ierror += kerror; + } } #if defined(PNG_USER_MEM_SUPPORTED) && PNG_DEBUG if (allocation_now != current_allocation) @@ -2104,4 +2153,4 @@ main(void) #endif /* Generate a compiler error if there is an old png.h in the search path. */ -typedef png_libpng_version_1_6_31 Your_png_h_is_not_version_1_6_31; +typedef png_libpng_version_1_6_32 Your_png_h_is_not_version_1_6_32; diff --git a/pngwrite.c b/pngwrite.c index 70d47c4ca..a7662acb7 100644 --- a/pngwrite.c +++ b/pngwrite.c @@ -1,7 +1,7 @@ /* pngwrite.c - general routines to write a PNG file * - * Last changed in libpng 1.6.31 [July 27, 2017] + * Last changed in libpng 1.6.32 [August 24, 2017] * Copyright (c) 1998-2002,2004,2006-2017 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) @@ -237,6 +237,11 @@ png_write_info(png_structrp png_ptr, png_const_inforp info_ptr) png_write_bKGD(png_ptr, &(info_ptr->background), info_ptr->color_type); #endif +#ifdef PNG_WRITE_eXIf_SUPPORTED + if ((info_ptr->valid & PNG_INFO_eXIf) != 0) + png_write_eXIf(png_ptr, info_ptr->exif, info_ptr->num_exif); +#endif + #ifdef PNG_WRITE_hIST_SUPPORTED if ((info_ptr->valid & PNG_INFO_hIST) != 0) png_write_hIST(png_ptr, info_ptr->hist, info_ptr->num_palette); @@ -432,6 +437,12 @@ png_write_end(png_structrp png_ptr, png_inforp info_ptr) } } #endif + +#ifdef PNG_WRITE_eXIf_SUPPORTED + if ((info_ptr->valid & PNG_INFO_eXIf) != 0) + png_write_eXIf(png_ptr, info_ptr->exif, info_ptr->num_exif); +#endif + #ifdef PNG_WRITE_UNKNOWN_CHUNKS_SUPPORTED write_unknown_chunks(png_ptr, info_ptr, PNG_AFTER_IDAT); #endif diff --git a/pngwutil.c b/pngwutil.c index 348bb524d..0d4fb1336 100644 --- a/pngwutil.c +++ b/pngwutil.c @@ -1,8 +1,8 @@ /* pngwutil.c - utilities to write a PNG file * - * Last changed in libpng 1.6.26 [October 20, 2016] - * Copyright (c) 1998-2002,2004,2006-2016 Glenn Randers-Pehrson + * Last changed in libpng 1.6.32 [August 24, 2017] + * Copyright (c) 1998-2002,2004,2006-2017 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * @@ -1479,24 +1479,15 @@ void /* PRIVATE */ png_write_eXIf(png_structrp png_ptr, png_bytep exif, int num_exif) { int i; - png_byte buf[3]; + png_byte buf[1]; png_debug(1, "in png_write_eXIf"); - if (num_exif > (int)png_ptr->num_exif) - { - png_debug2(3, "num_exif = %d, png_ptr->num_exif = %d", num_exif, - png_ptr->num_exif); - - png_warning(png_ptr, "Invalid number of exif bytes specified"); - return; - } - png_write_chunk_header(png_ptr, png_eXIf, (png_uint_32)(num_exif)); for (i = 0; i < num_exif; i++) { - buf[i] = exif[i]; + buf[0] = exif[i]; png_write_chunk_data(png_ptr, buf, (png_size_t)1); } diff --git a/projects/vstudio/README.txt b/projects/vstudio/README.txt index 38c159cce..e68f242da 100644 --- a/projects/vstudio/README.txt +++ b/projects/vstudio/README.txt @@ -1,7 +1,7 @@ VisualStudio instructions -libpng version 1.6.31 - July 27, 2017 +libpng version 1.6.32 - August 24, 2017 Copyright (c) 2010,2013,2015 Glenn Randers-Pehrson diff --git a/projects/vstudio/zlib.props b/projects/vstudio/zlib.props index f3fa10110..2b2d69088 100644 --- a/projects/vstudio/zlib.props +++ b/projects/vstudio/zlib.props @@ -2,7 +2,7 @@ <!-- * zlib.props - location of zlib source * - * libpng version 1.6.31 - July 27, 2017 + * libpng version 1.6.32 - August 24, 2017 * * Copyright (c) 1998-2011 Glenn Randers-Pehrson * diff --git a/scripts/README.txt b/scripts/README.txt index 76e70e644..fdc767a6d 100644 --- a/scripts/README.txt +++ b/scripts/README.txt @@ -1,11 +1,11 @@ -Makefiles for libpng version 1.6.31 - July 27, 2017 +Makefiles for libpng version 1.6.32 - August 24, 2017 pnglibconf.h.prebuilt => Stores configuration settings makefile.linux => Linux/ELF makefile - (gcc, creates libpng16.so.16.1.6.31) + (gcc, creates libpng16.so.16.1.6.32) makefile.linux-opt=> Linux/ELF makefile with hardware optimizations on - (gcc, creates libpng16.so.16.1.6.31) + (gcc, creates libpng16.so.16.1.6.32) makefile.gcc => Generic makefile (gcc, creates static libpng.a) makefile.knr => Archaic UNIX Makefile that converts files with ansi2knr (Requires ansi2knr.c from @@ -35,12 +35,12 @@ pnglibconf.h.prebuilt => Stores configuration settings makefile.os2 => OS/2 Makefile (gcc and emx, requires libpng.def) makefile.sco => For SCO OSr5 ELF and Unixware 7 with Native cc makefile.sggcc => Silicon Graphics (gcc, - creates libpng16.so.16.1.6.31) + creates libpng16.so.16.1.6.32) makefile.sgi => Silicon Graphics IRIX makefile (cc, creates static lib) makefile.solaris => Solaris 2.X makefile (gcc, - creates libpng16.so.16.1.6.31) + creates libpng16.so.16.1.6.32) makefile.so9 => Solaris 9 makefile (gcc, - creates libpng16.so.16.1.6.31) + creates libpng16.so.16.1.6.32) makefile.std => Generic UNIX makefile (cc, creates static libpng.a) makefile.sunos => Sun makefile makefile.32sunu => Sun Ultra 32-bit makefile diff --git a/scripts/def.c b/scripts/def.c index aedaec8b8..d5c4075eb 100644 --- a/scripts/def.c +++ b/scripts/def.c @@ -21,7 +21,7 @@ PNG_DFN "OS2 DESCRIPTION "PNG image compression library"" PNG_DFN "OS2 CODE PRELOAD MOVEABLE DISCARDABLE" PNG_DFN "" PNG_DFN "EXPORTS" -PNG_DFN ";Version 1.6.31" +PNG_DFN ";Version 1.6.32" #define PNG_EXPORTA(ordinal, type, name, args, attributes)\ PNG_DFN "@" SYMBOL_PREFIX "@@" name "@" diff --git a/scripts/libpng-config-head.in b/scripts/libpng-config-head.in index 9e7d952ba..2198c523c 100644 --- a/scripts/libpng-config-head.in +++ b/scripts/libpng-config-head.in @@ -11,7 +11,7 @@ # Modeled after libxml-config. -version=1.6.31 +version=1.6.32 prefix="" libdir="" libs="" diff --git a/scripts/libpng.pc.in b/scripts/libpng.pc.in index 8210520e0..ef506246d 100644 --- a/scripts/libpng.pc.in +++ b/scripts/libpng.pc.in @@ -5,6 +5,6 @@ includedir=@includedir@/libpng16 Name: libpng Description: Loads and saves PNG files -Version: 1.6.31 +Version: 1.6.32 Libs: -L${libdir} -lpng16 Cflags: -I${includedir} diff --git a/scripts/makefile.cegcc b/scripts/makefile.cegcc index ef17dab71..4a3e925f5 100644 --- a/scripts/makefile.cegcc +++ b/scripts/makefile.cegcc @@ -23,7 +23,7 @@ VERMAJ = 1 VERMIN = 6 -VERMIC = 31 +VERMIC = 32 VER = $(VERMAJ).$(VERMIN).$(VERMIC) NAME = libpng PACKAGE = $(NAME)-$(VER) diff --git a/scripts/makefile.linux b/scripts/makefile.linux index 8bb5ba70c..618cb2f1e 100644 --- a/scripts/makefile.linux +++ b/scripts/makefile.linux @@ -10,7 +10,7 @@ # Library name: LIBNAME = libpng16 PNGMAJ = 16 -RELEASE = 31 +RELEASE = 32 # Shared library names: LIBSO=$(LIBNAME).so diff --git a/scripts/makefile.linux-opt b/scripts/makefile.linux-opt index f93c5457f..f75a787a4 100644 --- a/scripts/makefile.linux-opt +++ b/scripts/makefile.linux-opt @@ -10,7 +10,7 @@ # Library name: LIBNAME = libpng16 PNGMAJ = 16 -RELEASE = 31 +RELEASE = 32 # Shared library names: LIBSO=$(LIBNAME).so diff --git a/scripts/makefile.msys b/scripts/makefile.msys index 305654298..84a894931 100644 --- a/scripts/makefile.msys +++ b/scripts/makefile.msys @@ -18,7 +18,7 @@ exec_prefix=$(prefix) # Library name: LIBNAME = libpng16 PNGMAJ = 16 -RELEASE = 31 +RELEASE = 32 # Shared library names: LIBSO=$(LIBNAME).dll diff --git a/scripts/makefile.ne12bsd b/scripts/makefile.ne12bsd index 01d972705..c04993fad 100644 --- a/scripts/makefile.ne12bsd +++ b/scripts/makefile.ne12bsd @@ -17,7 +17,7 @@ INCSDIR=${LOCALBASE}/include/libpng16 LIB= png16 SHLIB_MAJOR= 0 -SHLIB_MINOR= 1.6.31 +SHLIB_MINOR= 1.6.32 SRCS= png.c pngset.c pngget.c pngrutil.c pngtrans.c pngwutil.c \ pngread.c pngrio.c pngwio.c pngwrite.c pngrtran.c \ pngwtran.c pngmem.c pngerror.c pngpread.c diff --git a/scripts/makefile.netbsd b/scripts/makefile.netbsd index 7e393444e..b52b94204 100644 --- a/scripts/makefile.netbsd +++ b/scripts/makefile.netbsd @@ -17,7 +17,7 @@ INCSDIR=${LOCALBASE}/include LIB= png SHLIB_MAJOR= 16 -SHLIB_MINOR= 1.6.31 +SHLIB_MINOR= 1.6.32 SRCS= png.c pngset.c pngget.c pngrutil.c pngtrans.c pngwutil.c \ pngread.c pngrio.c pngwio.c pngwrite.c pngrtran.c \ pngwtran.c pngmem.c pngerror.c pngpread.c diff --git a/scripts/makefile.openbsd b/scripts/makefile.openbsd index f3f810565..daec1096b 100644 --- a/scripts/makefile.openbsd +++ b/scripts/makefile.openbsd @@ -11,7 +11,7 @@ LIBDIR= ${PREFIX}/lib MANDIR= ${PREFIX}/man/cat SHLIB_MAJOR= 16 -SHLIB_MINOR= 1.6.31 +SHLIB_MINOR= 1.6.32 LIB= png SRCS= png.c pngerror.c pngget.c pngmem.c pngpread.c \ diff --git a/scripts/pnglibconf.dfa b/scripts/pnglibconf.dfa index cd7aaafd9..52c0c742e 100644 --- a/scripts/pnglibconf.dfa +++ b/scripts/pnglibconf.dfa @@ -741,7 +741,6 @@ setting IDAT_READ_SIZE default PNG_ZBUF_SIZE # Ancillary chunks chunk bKGD chunk cHRM enables COLORSPACE -# enable eXIf only after chunk is approved chunk eXIf chunk gAMA enables GAMMA chunk hIST diff --git a/scripts/pnglibconf.h.prebuilt b/scripts/pnglibconf.h.prebuilt index 9b9bbcea1..9e45f7312 100644 --- a/scripts/pnglibconf.h.prebuilt +++ b/scripts/pnglibconf.h.prebuilt @@ -1,8 +1,8 @@ -/* libpng 1.6.31 STANDARD API DEFINITION */ +/* libpng 1.6.32 STANDARD API DEFINITION */ /* pnglibconf.h - library build configuration */ -/* Libpng version 1.6.31 - July 27, 2017 */ +/* Libpng version 1.6.32 - August 24, 2017 */ /* Copyright (c) 1998-2017 Glenn Randers-Pehrson */ diff --git a/scripts/symbols.def b/scripts/symbols.def index d714cf6ce..45bcf8912 100644 --- a/scripts/symbols.def +++ b/scripts/symbols.def @@ -1,4 +1,4 @@ -;Version 1.6.31 +;Version 1.6.32 ;-------------------------------------------------------------- ; LIBPNG symbol list as a Win32 DEF file ; Contains all the symbols that can be exported from libpng @@ -252,3 +252,5 @@ EXPORTS png_image_write_to_memory @245 png_get_eXIf @246 png_set_eXIf @247 + png_get_eXIf_1 @248 + png_set_eXIf_1 @249 diff --git a/tests/pngtest b/tests/pngtest index d33f93616..813973b23 100755 --- a/tests/pngtest +++ b/tests/pngtest @@ -1,4 +1,2 @@ #!/bin/sh -./pngtest --relaxed ${srcdir}/tests/badcrc.png -./pngtest --relaxed ${srcdir}/tests/badadler.png exec ./pngtest --strict ${srcdir}/pngtest.png diff --git a/tests/pngtest-badpngs b/tests/pngtest-badpngs new file mode 100755 index 000000000..77775232b --- /dev/null +++ b/tests/pngtest-badpngs @@ -0,0 +1,13 @@ +#!/bin/sh + +# various crashers +# using --relaxed because some come from fuzzers that don't maintain CRC's + +./pngtest --relaxed ${srcdir}/contrib/testpngs/crashers/badcrc.png +./pngtest --relaxed ${srcdir}/contrib/testpngs/crashers/badadler.png +./pngtest --xfail ${srcdir}/contrib/testpngs/crashers/bad_iCCP.png +./pngtest --xfail ${srcdir}/contrib/testpngs/crashers/empty_ancillary_chunks.png +./pngtest --xfail ${srcdir}/contrib/testpngs/crashers/huge_*_chunk.png \ + ${srcdir}/contrib/testpngs/crashers/huge_*safe_to_copy.png + +exec ./pngtest --xfail ${srcdir}/contrib/testpngs/crashers/huge_IDAT.png diff --git a/tests/pngunknown-sAPI b/tests/pngunknown-sAPI index 4317b1847..88a1f6be2 100755 --- a/tests/pngunknown-sAPI +++ b/tests/pngunknown-sAPI @@ -1,2 +1,2 @@ #!/bin/sh -exec ./pngunknown --strict bKGD=save cHRM=save gAMA=save all=discard iCCP=save sBIT=save sRGB=save "${srcdir}/pngtest.png" +exec ./pngunknown --strict bKGD=save cHRM=save gAMA=save all=discard iCCP=save sBIT=save sRGB=save eXIf=save "${srcdir}/pngtest.png" |
