From 0207529f275bf1524aa60f2ea58f522ed6c1e26c Mon Sep 17 00:00:00 2001 From: Glenn Randers-Pehrson Date: Fri, 17 Feb 2012 13:30:33 -0600 Subject: [libpng15] Imported from libpng-1.5.9rc01.tar --- ANNOUNCE | 25 +++++++++++++++---------- CHANGES | 9 +++++++-- CMakeLists.txt | 2 +- LICENSE | 4 ++-- README | 2 +- configure | 22 +++++++++++----------- configure.ac | 4 ++-- depcomp | 0 libpng-manual.txt | 8 ++++---- libpng.3 | 21 +++++++++++---------- libpngpf.3 | 4 ++-- png.5 | 2 +- png.c | 6 +++--- png.h | 19 ++++++++++--------- pngconf.h | 2 +- pngpread.c | 17 ++++++----------- pngrutil.c | 30 ++++++++++++++---------------- pngstruct.h | 2 +- pngtest.c | 4 ++-- projects/vstudio/readme.txt | 2 +- projects/vstudio/zlib.props | 2 +- scripts/README.txt | 12 ++++++------ scripts/libpng-config-head.in | 2 +- scripts/libpng.pc.in | 2 +- scripts/makefile.ne12bsd | 2 +- scripts/makefile.netbsd | 2 +- scripts/makefile.openbsd | 2 +- scripts/pnglibconf.h.prebuilt | 2 +- scripts/symbols.def | 2 +- 29 files changed, 109 insertions(+), 104 deletions(-) mode change 100644 => 100755 depcomp diff --git a/ANNOUNCE b/ANNOUNCE index bbc7cb569..3e24abd71 100644 --- a/ANNOUNCE +++ b/ANNOUNCE @@ -1,5 +1,5 @@ -Libpng 1.5.9beta02 - February 11, 2012 +Libpng 1.5.9rc01 - February 17, 2012 This is not intended to be a public release. It will be replaced within a few weeks by a public version or by another test version. @@ -9,30 +9,35 @@ Files available for download: Source files with LF line endings (for Unix/Linux) and with a "configure" script - 1.5.9beta02.tar.xz (LZMA-compressed, recommended) - 1.5.9beta02.tar.gz - 1.5.9beta02.tar.bz2 + 1.5.9rc01.tar.xz (LZMA-compressed, recommended) + 1.5.9rc01.tar.gz + 1.5.9rc01.tar.bz2 Source files with CRLF line endings (for Windows), without the "configure" script - lp159b02.7z (LZMA-compressed, recommended) - lp159b02.zip + lp159r01.7z (LZMA-compressed, recommended) + lp159r01.zip Other information: - 1.5.9beta02-README.txt - 1.5.9beta02-LICENSE.txt + 1.5.9rc01-README.txt + 1.5.9rc01-LICENSE.txt Changes since the last public release (1.5.8): Version 1.5.9beta01 [February 3, 2012] Rebuilt configure scripts in the tar distributions. -Version 1.5.9beta02 [February 11, 2012] +Version 1.5.9beta02 [February 16, 2012] Removed two unused definitions from scripts/pnglibconf.h.prebuilt Removed some unused arrays (with #ifdef) from png_read_push_finish_row(). - Removed tests for no-longer-used *_EMPTY_PLTE_SUPPORTED in pngstruct.h + Removed tests for no-longer-used *_EMPTY_PLTE_SUPPORTED from pngstruct.h + +Version 1.5.9rc01 [February 17, 2012] + Fixed CVE-2011-3026 buffer overrun bug. Deal more correctly with the test + on iCCP chunk length. Also removed spurious casts that may hide problems + on 16-bit systems. Send comments/corrections/commendations to png-mng-implement at lists.sf.net: (subscription required; visit diff --git a/CHANGES b/CHANGES index 4b6062d25..b7bc51ed9 100644 --- a/CHANGES +++ b/CHANGES @@ -3797,10 +3797,15 @@ Version 1.5.8 [February 1, 2012] Version 1.5.9beta01 [February 3, 2012] Rebuilt configure scripts in the tar distributions. -Version 1.5.9beta02 [February 11, 2012] +Version 1.5.9beta02 [February 16, 2012] Removed two unused definitions from scripts/pnglibconf.h.prebuilt Removed some unused arrays (with #ifdef) from png_read_push_finish_row(). - Removed tests for no-longer-used *_EMPTY_PLTE_SUPPORTED in pngstruct.h + Removed tests for no-longer-used *_EMPTY_PLTE_SUPPORTED from pngstruct.h + +Version 1.5.9rc01 [February 17, 2012] + Fixed CVE-2011-3026 buffer overrun bug. Deal more correctly with the test + on iCCP chunk length. Also removed spurious casts that may hide problems + on 16-bit systems. Send comments/corrections/commendations to png-mng-implement at lists.sf.net (subscription required; visit diff --git a/CMakeLists.txt b/CMakeLists.txt index 7e4f0adae..8ee50b609 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -229,7 +229,7 @@ endif(NOT WIN32 OR CYGWIN OR MINGW) # SET UP LINKS if(PNG_SHARED) set_target_properties(${PNG_LIB_NAME} PROPERTIES -# VERSION 15.${PNGLIB_RELEASE}.1.5.9beta01 +# VERSION 15.${PNGLIB_RELEASE}.1.5.9rc01 VERSION 15.${PNGLIB_RELEASE}.0 SOVERSION 15 CLEAN_DIRECT_OUTPUT 1) diff --git a/LICENSE b/LICENSE index e3ec99ca1..f4a0edac6 100644 --- a/LICENSE +++ b/LICENSE @@ -10,7 +10,7 @@ this sentence. This code is released under the libpng license. -libpng versions 1.2.6, August 15, 2004, through 1.5.9beta01, February 3, 2012, are +libpng versions 1.2.6, August 15, 2004, through 1.5.9rc01, February 17, 2012, are Copyright (c) 2004, 2006-2011 Glenn Randers-Pehrson, and are distributed according to the same disclaimer and license as libpng-1.2.5 with the following individual added to the list of Contributing Authors @@ -108,4 +108,4 @@ certification mark of the Open Source Initiative. Glenn Randers-Pehrson glennrp at users.sourceforge.net -February 3, 2012 +February 17, 2012 diff --git a/README b/README index 3f2104468..96f9f1b6b 100644 --- a/README +++ b/README @@ -1,4 +1,4 @@ -README for libpng version 1.5.9beta01 - February 3, 2012 (shared library 15.0) +README for libpng version 1.5.9rc01 - February 17, 2012 (shared library 15.0) See the note about version numbers near the top of png.h See INSTALL for instructions on how to install libpng. diff --git a/configure b/configure index 6ea74d589..bd745ec80 100755 --- a/configure +++ b/configure @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.68 for libpng 1.5.9beta01. +# Generated by GNU Autoconf 2.68 for libpng 1.5.9rc01. # # Report bugs to . # @@ -570,8 +570,8 @@ MAKEFLAGS= # Identity of this package. PACKAGE_NAME='libpng' PACKAGE_TARNAME='libpng' -PACKAGE_VERSION='1.5.9beta01' -PACKAGE_STRING='libpng 1.5.9beta01' +PACKAGE_VERSION='1.5.9rc01' +PACKAGE_STRING='libpng 1.5.9rc01' PACKAGE_BUGREPORT='png-mng-implement@lists.sourceforge.net' PACKAGE_URL='' @@ -1321,7 +1321,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures libpng 1.5.9beta01 to adapt to many kinds of systems. +\`configure' configures libpng 1.5.9rc01 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1391,7 +1391,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of libpng 1.5.9beta01:";; + short | recursive ) echo "Configuration of libpng 1.5.9rc01:";; esac cat <<\_ACEOF @@ -1502,7 +1502,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -libpng configure 1.5.9beta01 +libpng configure 1.5.9rc01 generated by GNU Autoconf 2.68 Copyright (C) 2010 Free Software Foundation, Inc. @@ -1925,7 +1925,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by libpng $as_me 1.5.9beta01, which was +It was created by libpng $as_me 1.5.9rc01, which was generated by GNU Autoconf 2.68. Invocation command line was $ $0 $@ @@ -2740,7 +2740,7 @@ fi # Define the identity of the package. PACKAGE='libpng' - VERSION='1.5.9beta01' + VERSION='1.5.9rc01' cat >>confdefs.h <<_ACEOF @@ -2804,7 +2804,7 @@ fi -PNGLIB_VERSION=1.5.9beta01 +PNGLIB_VERSION=1.5.9rc01 PNGLIB_MAJOR=1 PNGLIB_MINOR=5 PNGLIB_RELEASE=9 @@ -13417,7 +13417,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by libpng $as_me 1.5.9beta01, which was +This file was extended by libpng $as_me 1.5.9rc01, which was generated by GNU Autoconf 2.68. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -13483,7 +13483,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -libpng config.status 1.5.9beta01 +libpng config.status 1.5.9rc01 configured by $0, generated by GNU Autoconf 2.68, with options \\"\$ac_cs_config\\" diff --git a/configure.ac b/configure.ac index 466fb1ec1..ac2f3865e 100644 --- a/configure.ac +++ b/configure.ac @@ -18,12 +18,12 @@ AC_PREREQ(2.59) dnl Version number stuff here: -AC_INIT([libpng], [1.5.9beta01], [png-mng-implement@lists.sourceforge.net]) +AC_INIT([libpng], [1.5.9rc01], [png-mng-implement@lists.sourceforge.net]) AM_INIT_AUTOMAKE dnl stop configure from automagically running automake AM_MAINTAINER_MODE -PNGLIB_VERSION=1.5.9beta01 +PNGLIB_VERSION=1.5.9rc01 PNGLIB_MAJOR=1 PNGLIB_MINOR=5 PNGLIB_RELEASE=9 diff --git a/depcomp b/depcomp old mode 100644 new mode 100755 diff --git a/libpng-manual.txt b/libpng-manual.txt index f5592f980..f7add1fd9 100644 --- a/libpng-manual.txt +++ b/libpng-manual.txt @@ -1,6 +1,6 @@ libpng-manual.txt - A description on how to use and modify libpng - libpng version 1.5.9beta01 - February 3, 2012 + libpng version 1.5.9rc01 - February 17, 2012 Updated and distributed by Glenn Randers-Pehrson Copyright (c) 1998-2011 Glenn Randers-Pehrson @@ -11,7 +11,7 @@ libpng-manual.txt - A description on how to use and modify libpng Based on: - libpng versions 0.97, January 1998, through 1.5.9beta01 - February 3, 2012 + libpng versions 0.97, January 1998, through 1.5.9rc01 - February 17, 2012 Updated and distributed by Glenn Randers-Pehrson Copyright (c) 1998-2011 Glenn Randers-Pehrson @@ -4573,13 +4573,13 @@ Other rules can be inferred by inspecting the libpng source. XIV. Y2K Compliance in libpng -February 3, 2012 +February 17, 2012 Since the PNG Development group is an ad-hoc body, we can't make an official declaration. This is your unofficial assurance that libpng from version 0.71 and -upward through 1.5.9beta01 are Y2K compliant. It is my belief that earlier +upward through 1.5.9rc01 are Y2K compliant. It is my belief that earlier versions were also Y2K compliant. Libpng only has three year fields. One is a 2-byte unsigned integer that diff --git a/libpng.3 b/libpng.3 index d51c3e6b9..bc5169f14 100644 --- a/libpng.3 +++ b/libpng.3 @@ -1,6 +1,6 @@ -.TH LIBPNG 3 "February 3, 2012" +.TH LIBPNG 3 "February 17, 2012" .SH NAME -libpng \- Portable Network Graphics (PNG) Reference Library 1.5.9beta01 +libpng \- Portable Network Graphics (PNG) Reference Library 1.5.9rc01 .SH SYNOPSIS \fI\fB @@ -977,7 +977,7 @@ Following is a copy of the libpng-manual.txt file that accompanies libpng. .SH LIBPNG.TXT libpng-manual.txt - A description on how to use and modify libpng - libpng version 1.5.9beta01 - February 3, 2012 + libpng version 1.5.9rc01 - February 17, 2012 Updated and distributed by Glenn Randers-Pehrson Copyright (c) 1998-2011 Glenn Randers-Pehrson @@ -988,7 +988,7 @@ libpng-manual.txt - A description on how to use and modify libpng Based on: - libpng versions 0.97, January 1998, through 1.5.9beta01 - February 3, 2012 + libpng versions 0.97, January 1998, through 1.5.9rc01 - February 17, 2012 Updated and distributed by Glenn Randers-Pehrson Copyright (c) 1998-2011 Glenn Randers-Pehrson @@ -5551,13 +5551,13 @@ Other rules can be inferred by inspecting the libpng source. .SH XIV. Y2K Compliance in libpng -February 3, 2012 +February 17, 2012 Since the PNG Development group is an ad-hoc body, we can't make an official declaration. This is your unofficial assurance that libpng from version 0.71 and -upward through 1.5.9beta01 are Y2K compliant. It is my belief that earlier +upward through 1.5.9rc01 are Y2K compliant. It is my belief that earlier versions were also Y2K compliant. Libpng only has three year fields. One is a 2-byte unsigned integer that @@ -5765,7 +5765,8 @@ the first widely used release: 1.5.8beta01 15 10508 15.so.15.8[.0] 1.5.8rc01 15 10508 15.so.15.8[.0] 1.5.8 15 10508 15.so.15.8[.0] - 1.5.9beta01 15 10509 15.so.15.9[.0] + 1.5.9beta01-02 15 10509 15.so.15.9[.0] + 1.5.9rc01 15 10509 15.so.15.9[.0] Henceforth the source version will match the shared-library minor and patch numbers; the shared-library major version number will be @@ -5822,7 +5823,7 @@ possible without all of you. Thanks to Frank J. T. Wojcik for helping with the documentation. -Libpng version 1.5.9beta01 - February 3, 2012: +Libpng version 1.5.9rc01 - February 17, 2012: Initially created in 1995 by Guy Eric Schalnat, then of Group 42, Inc. Currently maintained by Glenn Randers-Pehrson (glennrp at users.sourceforge.net). @@ -5845,7 +5846,7 @@ this sentence. This code is released under the libpng license. -libpng versions 1.2.6, August 15, 2004, through 1.5.9beta01, February 3, 2012, are +libpng versions 1.2.6, August 15, 2004, through 1.5.9rc01, February 17, 2012, are Copyright (c) 2004,2006-2007 Glenn Randers-Pehrson, and are distributed according to the same disclaimer and license as libpng-1.2.5 with the following individual added to the list of Contributing Authors @@ -5944,7 +5945,7 @@ certification mark of the Open Source Initiative. Glenn Randers-Pehrson glennrp at users.sourceforge.net -February 3, 2012 +February 17, 2012 .\" end of man page diff --git a/libpngpf.3 b/libpngpf.3 index fcafce43d..c95e2aa05 100644 --- a/libpngpf.3 +++ b/libpngpf.3 @@ -1,6 +1,6 @@ -.TH LIBPNGPF 3 "February 3, 2012" +.TH LIBPNGPF 3 "February 17, 2012" .SH NAME -libpng \- Portable Network Graphics (PNG) Reference Library 1.5.9beta01 +libpng \- Portable Network Graphics (PNG) Reference Library 1.5.9rc01 (private functions) .SH SYNOPSIS \fB#include \fI"pngpriv.h" diff --git a/png.5 b/png.5 index c60b57868..8d8c6a168 100644 --- a/png.5 +++ b/png.5 @@ -1,4 +1,4 @@ -.TH PNG 5 "February 3, 2012" +.TH PNG 5 "February 17, 2012" .SH NAME png \- Portable Network Graphics (PNG) format .SH DESCRIPTION diff --git a/png.c b/png.c index af5bfb378..babb8b865 100644 --- a/png.c +++ b/png.c @@ -14,7 +14,7 @@ #include "pngpriv.h" /* Generate a compiler error if there is an old png.h in the search path. */ -typedef png_libpng_version_1_5_9beta01 Your_png_h_is_not_version_1_5_9beta01; +typedef png_libpng_version_1_5_9rc01 Your_png_h_is_not_version_1_5_9rc01; /* Tells libpng that we have already handled the first "num_bytes" bytes * of the PNG file signature. If the PNG data is embedded into another @@ -655,13 +655,13 @@ png_get_copyright(png_const_structp png_ptr) #else # ifdef __STDC__ return PNG_STRING_NEWLINE \ - "libpng version 1.5.9beta01 - February 3, 2012" PNG_STRING_NEWLINE \ + "libpng version 1.5.9rc01 - February 17, 2012" PNG_STRING_NEWLINE \ "Copyright (c) 1998-2011 Glenn Randers-Pehrson" PNG_STRING_NEWLINE \ "Copyright (c) 1996-1997 Andreas Dilger" PNG_STRING_NEWLINE \ "Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc." \ PNG_STRING_NEWLINE; # else - return "libpng version 1.5.9beta01 - February 3, 2012\ + return "libpng version 1.5.9rc01 - February 17, 2012\ Copyright (c) 1998-2011 Glenn Randers-Pehrson\ Copyright (c) 1996-1997 Andreas Dilger\ Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc."; diff --git a/png.h b/png.h index 809efeffc..b0b0b3d1f 100644 --- a/png.h +++ b/png.h @@ -1,7 +1,7 @@ /* png.h - header file for PNG reference library * - * libpng version 1.5.9beta01 - February 3, 2012 + * libpng version 1.5.9rc01 - February 17, 2012 * Copyright (c) 1998-2012 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) @@ -11,7 +11,7 @@ * Authors and maintainers: * libpng versions 0.71, May 1995, through 0.88, January 1996: Guy Schalnat * libpng versions 0.89c, June 1996, through 0.96, May 1997: Andreas Dilger - * libpng versions 0.97, January 1998, through 1.5.9beta01 - February 3, 2012: Glenn + * libpng versions 0.97, January 1998, through 1.5.9rc01 - February 17, 2012: Glenn * See also "Contributing Authors", below. * * Note about libpng version numbers: @@ -169,7 +169,8 @@ * 1.5.8beta01 15 10508 15.so.15.8[.0] * 1.5.8rc01 15 10508 15.so.15.8[.0] * 1.5.8 15 10508 15.so.15.8[.0] - * 1.5.9beta01 15 10509 15.so.15.9[.0] + * 1.5.9beta01-02 15 10509 15.so.15.9[.0] + * 1.5.9rc01 15 10509 15.so.15.9[.0] * * Henceforth the source version will match the shared-library major * and minor numbers; the shared-library major version number will be @@ -201,7 +202,7 @@ * * This code is released under the libpng license. * - * libpng versions 1.2.6, August 15, 2004, through 1.5.9beta01, February 3, 2012, are + * libpng versions 1.2.6, August 15, 2004, through 1.5.9rc01, February 17, 2012, are * Copyright (c) 2004, 2006-2012 Glenn Randers-Pehrson, and are * distributed according to the same disclaimer and license as libpng-1.2.5 * with the following individual added to the list of Contributing Authors: @@ -313,13 +314,13 @@ * Y2K compliance in libpng: * ========================= * - * February 3, 2012 + * February 17, 2012 * * Since the PNG Development group is an ad-hoc body, we can't make * an official declaration. * * This is your unofficial assurance that libpng from version 0.71 and - * upward through 1.5.9beta01 are Y2K compliant. It is my belief that + * upward through 1.5.9rc01 are Y2K compliant. It is my belief that * earlier versions were also Y2K compliant. * * Libpng only has two year fields. One is a 2-byte unsigned integer @@ -377,9 +378,9 @@ */ /* Version information for png.h - this should match the version in png.c */ -#define PNG_LIBPNG_VER_STRING "1.5.9beta01" +#define PNG_LIBPNG_VER_STRING "1.5.9rc01" #define PNG_HEADER_VERSION_STRING \ - " libpng version 1.5.9beta01 - February 3, 2012\n" + " libpng version 1.5.9rc01 - February 17, 2012\n" #define PNG_LIBPNG_VER_SONUM 15 #define PNG_LIBPNG_VER_DLLNUM 15 @@ -540,7 +541,7 @@ extern "C" { /* This triggers a compiler error in png.c, if png.c and png.h * do not agree upon the version number. */ -typedef char* png_libpng_version_1_5_9beta01; +typedef char* png_libpng_version_1_5_9rc01; /* Three color definitions. The order of the red, green, and blue, (and the * exact size) is not important, although the size of the fields need to diff --git a/pngconf.h b/pngconf.h index ea716e70f..bbd1a51cc 100644 --- a/pngconf.h +++ b/pngconf.h @@ -1,7 +1,7 @@ /* pngconf.h - machine configurable file for libpng * - * libpng version 1.5.9beta01 - February 3, 2012 + * libpng version 1.5.9rc01 - February 17, 2012 * * Copyright (c) 1998-2012 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) diff --git a/pngpread.c b/pngpread.c index e9d6cca6f..b3b6f693a 100644 --- a/pngpread.c +++ b/pngpread.c @@ -1,7 +1,7 @@ /* pngpread.c - read a png file in push mode * - * Last changed in libpng 1.5.7 [December 15, 2011] + * Last changed in libpng 1.5.9 [(PENDING RELEASE)] * Copyright (c) 1998-2011 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) @@ -730,8 +730,7 @@ png_push_save_buffer(png_structp png_ptr) new_max = png_ptr->save_buffer_size + png_ptr->current_buffer_size + 256; old_buffer = png_ptr->save_buffer; - png_ptr->save_buffer = (png_bytep)png_malloc_warn(png_ptr, - (png_size_t)new_max); + png_ptr->save_buffer = (png_bytep)png_malloc_warn(png_ptr, new_max); if (png_ptr->save_buffer == NULL) { @@ -1287,8 +1286,7 @@ png_push_handle_tEXt(png_structp png_ptr, png_infop info_ptr, png_uint_32 } #endif - png_ptr->current_text = (png_charp)png_malloc(png_ptr, - (png_size_t)(length + 1)); + png_ptr->current_text = (png_charp)png_malloc(png_ptr, length + 1); png_ptr->current_text[length] = '\0'; png_ptr->current_text_ptr = png_ptr->current_text; png_ptr->current_text_size = (png_size_t)length; @@ -1386,8 +1384,7 @@ png_push_handle_zTXt(png_structp png_ptr, png_infop info_ptr, png_uint_32 } #endif - png_ptr->current_text = (png_charp)png_malloc(png_ptr, - (png_size_t)(length + 1)); + png_ptr->current_text = (png_charp)png_malloc(png_ptr, length + 1); png_ptr->current_text[length] = '\0'; png_ptr->current_text_ptr = png_ptr->current_text; png_ptr->current_text_size = (png_size_t)length; @@ -1588,8 +1585,7 @@ png_push_handle_iTXt(png_structp png_ptr, png_infop info_ptr, png_uint_32 } #endif - png_ptr->current_text = (png_charp)png_malloc(png_ptr, - (png_size_t)(length + 1)); + png_ptr->current_text = (png_charp)png_malloc(png_ptr, length + 1); png_ptr->current_text[length] = '\0'; png_ptr->current_text_ptr = png_ptr->current_text; png_ptr->current_text_size = (png_size_t)length; @@ -1734,8 +1730,7 @@ png_push_handle_unknown(png_structp png_ptr, png_infop info_ptr, png_uint_32 */ PNG_CSTRING_FROM_CHUNK(png_ptr->unknown_chunk.name, png_ptr->chunk_name); - /* The following cast should be safe because of the check above. */ - png_ptr->unknown_chunk.size = (png_size_t)length; + png_ptr->unknown_chunk.size = length; if (length == 0) png_ptr->unknown_chunk.data = NULL; diff --git a/pngrutil.c b/pngrutil.c index 52a73cfc3..c706ad69e 100644 --- a/pngrutil.c +++ b/pngrutil.c @@ -1,8 +1,8 @@ /* pngrutil.c - utilities to read a PNG file * - * Last changed in libpng 1.5.7 [December 15, 2011] - * Copyright (c) 1998-2011 Glenn Randers-Pehrson + * Last changed in libpng 1.5.9 [(PENDING RELEASE)] + * Copyright (c) 1998-2012 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * @@ -432,15 +432,18 @@ png_decompress_chunk(png_structp png_ptr, int comp_type, /* Now check the limits on this chunk - if the limit fails the * compressed data will be removed, the prefix will remain. */ + if (prefix_size >= (~(png_size_t)0) - 1 || + expanded_size >= (~(png_size_t)0) - 1 - prefix_size #ifdef PNG_SET_CHUNK_MALLOC_LIMIT_SUPPORTED - if (png_ptr->user_chunk_malloc_max && + || (png_ptr->user_chunk_malloc_max && (prefix_size + expanded_size >= png_ptr->user_chunk_malloc_max - 1)) #else # ifdef PNG_USER_CHUNK_MALLOC_MAX - if ((PNG_USER_CHUNK_MALLOC_MAX > 0) && + || ((PNG_USER_CHUNK_MALLOC_MAX > 0) && prefix_size + expanded_size >= PNG_USER_CHUNK_MALLOC_MAX - 1) # endif #endif + ) png_warning(png_ptr, "Exceeded size limit while expanding chunk"); /* If the size is zero either there was an error and a message @@ -448,12 +451,7 @@ png_decompress_chunk(png_structp png_ptr, int comp_type, * and we have nothing to do - the code will exit through the * error case below. */ -#if defined(PNG_SET_CHUNK_MALLOC_LIMIT_SUPPORTED) || \ - defined(PNG_USER_CHUNK_MALLOC_MAX) else if (expanded_size > 0) -#else - if (expanded_size > 0) -#endif { /* Success (maybe) - really uncompress the chunk. */ png_size_t new_size = 0; @@ -1279,7 +1277,7 @@ png_handle_iCCP(png_structp png_ptr, png_infop info_ptr, png_uint_32 length) png_free(png_ptr, png_ptr->chunkdata); png_ptr->chunkdata = (png_charp)png_malloc(png_ptr, length + 1); - slength = (png_size_t)length; + slength = length; png_crc_read(png_ptr, (png_bytep)png_ptr->chunkdata, slength); if (png_crc_finish(png_ptr, skip)) @@ -1429,7 +1427,7 @@ png_handle_sPLT(png_structp png_ptr, png_infop info_ptr, png_uint_32 length) * that the PNG_MAX_MALLOC_64K test is enabled in this case, but this is a * potential breakage point if the types in pngconf.h aren't exactly right. */ - slength = (png_size_t)length; + slength = length; png_crc_read(png_ptr, (png_bytep)png_ptr->chunkdata, slength); if (png_crc_finish(png_ptr, skip)) @@ -1956,7 +1954,7 @@ png_handle_pCAL(png_structp png_ptr, png_infop info_ptr, png_uint_32 length) return; } - slength = (png_size_t)length; + slength = length; png_crc_read(png_ptr, (png_bytep)png_ptr->chunkdata, slength); if (png_crc_finish(png_ptr, 0)) @@ -2105,7 +2103,7 @@ png_handle_sCAL(png_structp png_ptr, png_infop info_ptr, png_uint_32 length) return; } - slength = (png_size_t)length; + slength = length; png_crc_read(png_ptr, (png_bytep)png_ptr->chunkdata, slength); png_ptr->chunkdata[slength] = 0x00; /* Null terminate the last string */ @@ -2265,7 +2263,7 @@ png_handle_tEXt(png_structp png_ptr, png_infop info_ptr, png_uint_32 length) return; } - slength = (png_size_t)length; + slength = length; png_crc_read(png_ptr, (png_bytep)png_ptr->chunkdata, slength); if (png_crc_finish(png_ptr, skip)) @@ -2373,7 +2371,7 @@ png_handle_zTXt(png_structp png_ptr, png_infop info_ptr, png_uint_32 length) return; } - slength = (png_size_t)length; + slength = length; png_crc_read(png_ptr, (png_bytep)png_ptr->chunkdata, slength); if (png_crc_finish(png_ptr, 0)) @@ -2504,7 +2502,7 @@ png_handle_iTXt(png_structp png_ptr, png_infop info_ptr, png_uint_32 length) return; } - slength = (png_size_t)length; + slength = length; png_crc_read(png_ptr, (png_bytep)png_ptr->chunkdata, slength); if (png_crc_finish(png_ptr, 0)) diff --git a/pngstruct.h b/pngstruct.h index 6a7dc2033..3425ff24f 100644 --- a/pngstruct.h +++ b/pngstruct.h @@ -5,7 +5,7 @@ * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * - * Last changed in libpng 1.5.5 [September 22, 2011] + * Last changed in libpng 1.5.9 [(PENDING RELEASE)] * * This code is released under the libpng license. * For conditions of distribution and use, see the disclaimer diff --git a/pngtest.c b/pngtest.c index 9b9066b4c..cd6f02946 100644 --- a/pngtest.c +++ b/pngtest.c @@ -1165,7 +1165,7 @@ test_one_file(PNG_CONST char *inname, PNG_CONST char *outname) pngtest_debug1("Handling %d iTXt/tEXt/zTXt chunks", num_text); if (verbose) - printf("\nText compression=%d\n", text_ptr->compression); + printf("\n Text compression=%d\n", text_ptr->compression); png_set_text(write_ptr, write_info_ptr, text_ptr, num_text); } @@ -1817,4 +1817,4 @@ main(int argc, char *argv[]) } /* Generate a compiler error if there is an old png.h in the search path. */ -typedef png_libpng_version_1_5_9beta01 Your_png_h_is_not_version_1_5_9beta01; +typedef png_libpng_version_1_5_9rc01 Your_png_h_is_not_version_1_5_9rc01; diff --git a/projects/vstudio/readme.txt b/projects/vstudio/readme.txt index 62316f003..f9e9a9a6f 100644 --- a/projects/vstudio/readme.txt +++ b/projects/vstudio/readme.txt @@ -1,7 +1,7 @@ VisualStudio instructions -libpng version 1.5.9beta01 - February 3, 2012 +libpng version 1.5.9rc01 - February 17, 2012 Copyright (c) 1998-2010 Glenn Randers-Pehrson diff --git a/projects/vstudio/zlib.props b/projects/vstudio/zlib.props index e95e48430..987de4386 100644 --- a/projects/vstudio/zlib.props +++ b/projects/vstudio/zlib.props @@ -2,7 +2,7 @@