[libpng16] Added PNG_SECURE feature to pnglibconf.dfa and new pngusr.dfa file

to reset the user limits to safe ones if PNG_SECURE is defined.
This commit is contained in:
Glenn Randers-Pehrson 2012-02-23 18:41:13 -06:00
parent 17ba5de88f
commit 10c0693210
6 changed files with 34 additions and 13 deletions

View File

@ -1,5 +1,5 @@
Libpng 1.6.0beta13 - February 21, 2012
Libpng 1.6.0beta13 - February 24, 2012
This is not intended to be a public release. It will be replaced
within a few weeks by a public version or by another test version.
@ -219,11 +219,13 @@ Version 1.6.0beta12 [February 18, 2012]
on iCCP chunk length. Also removed spurious casts that may hide problems
on 16-bit systems.
Version 1.6.0beta13 [February 21, 2012]
Version 1.6.0beta13 [February 24, 2012]
Eliminated redundant png_push_read_tEXt|zTXt|iTXt|unknown code from
pngpread.c and use the sequential png_handle_tEXt, etc., in pngrutil.c;
now that png_ptr->buffer is inaccessible to applications, the special
handling is no longer useful.
Added PNG_SECURE feature to pnglibconf.dfa and new pngusr.dfa file
to reset the user limits to safe ones if PNG_SECURE is defined.
Send comments/corrections/commendations to png-mng-implement at lists.sf.net
(subscription required; visit

11
CHANGES
View File

@ -3966,15 +3966,18 @@ Version 1.6.0beta12 [February 18, 2012]
Do not increase num_palette on invalid_index.
Relocated check for invalid palette index to pngrtran.c, after unpacking
the sub-8-bit pixels.
Fixed CVE-2011-3026 buffer overrun bug. Deal more correctly with the test
on iCCP chunk length. Also removed spurious casts that may hide problems
on 16-bit systems.
Fixed CVE-2011-3026 buffer overrun bug. This bug was introduced when
iCCP chunk support was added at libpng-1.0.6. Deal more correctly with the
test on iCCP chunk length. Also removed spurious casts that may hide
problems on 16-bit systems.
Version 1.6.0beta13 [February 21, 2012]
Version 1.6.0beta13 [February 24, 2012]
Eliminated redundant png_push_read_tEXt|zTXt|iTXt|unknown code from
pngpread.c and use the sequential png_handle_tEXt, etc., in pngrutil.c;
now that png_ptr->buffer is inaccessible to applications, the special
handling is no longer useful.
Added PNG_SECURE feature to pnglibconf.dfa and new pngusr.dfa file
to reset the user limits to safe ones if PNG_SECURE is defined.
Send comments/corrections/commendations to png-mng-implement at lists.sf.net
(subscription required; visit

16
pngusr.dfa Normal file
View File

@ -0,0 +1,16 @@
# pngusr.dfa
#
# Build time configuration of libpng
#
# Enter build configuration options in this file
#
# Security settings: by default these limits are unset, you can change them
# here by entering the appropriate values as #defines preceded by '@' (to cause
# them to be passed through to the build of pnglibconf.h)
@#ifdef PNG_SECURE
@ /* Relatively secure values */
@# define PNG_USER_WIDTH_MAX 1000000
@# define PNG_USER_HEIGHT_MAX 1000000
@# define PNG_USER_CHUNK_CACHE_MAX 128
@# define PNG_USER_CHUNK_MALLOC_MAX 8000000
@#endif

View File

@ -276,8 +276,8 @@ option SET_USER_LIMITS enables SET_CHUNK_MALLOC_LIMIT
# Added at libpng-1.0.16 and 1.2.6. To accept all valid PNGs no matter
# how large, set these two limits to 0x7fffffff
setting USER_WIDTH_MAX default 1000000
setting USER_HEIGHT_MAX default 1000000
setting USER_WIDTH_MAX default 0x7fffffff
setting USER_HEIGHT_MAX default 0x7fffffff
# Added at libpng-1.2.43. To accept all valid PNGs no matter
# how large, set these two limits to 0.

View File

@ -3,7 +3,7 @@
/* pnglibconf.h - library build configuration */
/* Libpng 1.6.0beta13 - February 19, 2012 */
/* Libpng 1.6.0beta13 - February 24, 2012 */
/* Copyright (c) 1998-2012 Glenn Randers-Pehrson */
@ -33,8 +33,8 @@
#define PNG_sCAL_PRECISION 5
#define PNG_USER_CHUNK_CACHE_MAX 0
#define PNG_USER_CHUNK_MALLOC_MAX 0
#define PNG_USER_HEIGHT_MAX 1000000
#define PNG_USER_WIDTH_MAX 1000000
#define PNG_USER_HEIGHT_MAX 0x7fffffff
#define PNG_USER_WIDTH_MAX 0x7fffffff
#define PNG_WEIGHT_SHIFT 8
#define PNG_ZBUF_SIZE 8192
/* end of settings */

View File

@ -42,13 +42,13 @@ pnglibconf.h: pnglibconf.dfn
$(COPY) dfn3.out $@
$(DELETE) dfn.c dfn1.out dfn2.out dfn3.out
pnglibconf.dfn: $(srcdir)/scripts/pnglibconf.dfa $(srcdir)/scripts/options.awk $(srcdir)/pngconf.h $(DFA_XTRA)
pnglibconf.dfn: $(srcdir)/scripts/pnglibconf.dfa $(srcdir)/scripts/options.awk $(srcdir)/pngconf.h $(srcdir)/pngusr.dfa
$(DELETE) $@ dfn1.out dfn2.out
$(ECHO) "Calling $(AWK) from scripts/pnglibconf.mak" >&2
$(ECHO) "If 'awk' crashes try a better awk (e.g. AWK='nawk')" >&2
$(AWK) -f $(srcdir)/scripts/options.awk out=dfn1.out version=search\
$(srcdir)/pngconf.h $(srcdir)/scripts/pnglibconf.dfa\
$(DFA_XTRA) 1>&2
$(srcdir)/pngusr.dfa $(DFA_XTRA) 1>&2
$(AWK) -f $(srcdir)/scripts/options.awk out=dfn2.out dfn1.out 1>&2
$(COPY) dfn2.out $@
$(DELETE) dfn1.out dfn2.out