From 2f8b82ebca6fb921ea3b0ae00f0898b17d40ec1f Mon Sep 17 00:00:00 2001 From: Glenn Randers-Pehrson Date: Sun, 29 Oct 2017 10:30:42 -0500 Subject: [PATCH] [libpng16] Revert recent changes that did not help with oss-fuzz issues --- ANNOUNCE | 5 ++--- CHANGES | 3 +-- pngrutil.c | 10 +++++----- pngset.c | 2 +- 4 files changed, 9 insertions(+), 11 deletions(-) diff --git a/ANNOUNCE b/ANNOUNCE index 8c17a935a..ca529ad90 100644 --- a/ANNOUNCE +++ b/ANNOUNCE @@ -1,4 +1,4 @@ -Libpng 1.6.35beta01 - October 17, 2017 +Libpng 1.6.35beta01 - October 29, 2017 This is not intended to be a public release. It will be replaced within a few weeks by a public version or by another test version. @@ -24,12 +24,11 @@ Other information: Changes since the last public release (1.6.34): -Version 1.6.35beta01 [October 17, 2017] +Version 1.6.35beta01 [October 29, 2017] Restored 21 of the contrib/pngsuite/i*.png, which do not cause test failures. Placed the remainder in contrib/pngsuite/interlaced/i*.png. Added calls to png_set_*() transforms commonly used by browsers to the fuzzer. - Initialize entire palette array to zero in png_handle_PLTE(). Send comments/corrections/commendations to png-mng-implement at lists.sf.net (subscription required; visit diff --git a/CHANGES b/CHANGES index f5528de59..e34f2d91b 100644 --- a/CHANGES +++ b/CHANGES @@ -6040,12 +6040,11 @@ Version 1.6.33 [September 28, 2017] Version 1.6.34 [September 29, 2017] Removed contrib/pngsuite/i*.png; some of caused test failures. -Version 1.6.35beta01 [October 17, 2017] +Version 1.6.35beta01 [October 29, 2017] Restored 21 of the contrib/pngsuite/i*.png, which do not cause test failures. Placed the remainder in contrib/pngsuite/interlaced/i*.png. Added calls to png_set_*() transforms commonly used by browsers to the fuzzer. - Initialize entire palette array to zero in png_handle_PLTE(). Send comments/corrections/commendations to png-mng-implement at lists.sf.net (subscription required; visit diff --git a/pngrutil.c b/pngrutil.c index f5a23e6ec..8692933bd 100644 --- a/pngrutil.c +++ b/pngrutil.c @@ -1,7 +1,7 @@ /* pngrutil.c - utilities to read a PNG file * - * Last changed in libpng 1.6.35 [(PENDING RELEASE)] + * Last changed in libpng 1.6.33 [September 28, 2017] * Copyright (c) 1998-2002,2004,2006-2017 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) @@ -912,7 +912,7 @@ png_handle_IHDR(png_structrp png_ptr, png_inforp info_ptr, png_uint_32 length) void /* PRIVATE */ png_handle_PLTE(png_structrp png_ptr, png_inforp info_ptr, png_uint_32 length) { - png_color palette[PNG_MAX_PALETTE_LENGTH] = {0}; + png_color palette[PNG_MAX_PALETTE_LENGTH]; int max_palette_length, num, i; #ifdef PNG_POINTER_INDEXING_SUPPORTED png_colorp pal_ptr; @@ -1817,7 +1817,7 @@ png_handle_sPLT(png_structrp png_ptr, png_inforp info_ptr, png_uint_32 length) void /* PRIVATE */ png_handle_tRNS(png_structrp png_ptr, png_inforp info_ptr, png_uint_32 length) { - png_byte readbuf[PNG_MAX_PALETTE_LENGTH]={0}; + png_byte readbuf[PNG_MAX_PALETTE_LENGTH]; png_debug(1, "in png_handle_tRNS"); @@ -1840,7 +1840,7 @@ png_handle_tRNS(png_structrp png_ptr, png_inforp info_ptr, png_uint_32 length) if (png_ptr->color_type == PNG_COLOR_TYPE_GRAY) { - png_byte buf[2]={0}; + png_byte buf[2]; if (length != 2) { @@ -1856,7 +1856,7 @@ png_handle_tRNS(png_structrp png_ptr, png_inforp info_ptr, png_uint_32 length) else if (png_ptr->color_type == PNG_COLOR_TYPE_RGB) { - png_byte buf[6]={0}; + png_byte buf[6]; if (length != 6) { diff --git a/pngset.c b/pngset.c index 795a17633..6f3a1ee11 100644 --- a/pngset.c +++ b/pngset.c @@ -1017,7 +1017,7 @@ png_set_tRNS(png_structrp png_ptr, png_inforp info_ptr, { /* Changed from num_trans to PNG_MAX_PALETTE_LENGTH in version 1.2.1 */ info_ptr->trans_alpha = png_voidcast(png_bytep, - png_calloc(png_ptr, PNG_MAX_PALETTE_LENGTH)); + png_malloc(png_ptr, PNG_MAX_PALETTE_LENGTH)); memcpy(info_ptr->trans_alpha, trans_alpha, (png_size_t)num_trans); } png_ptr->trans_alpha = info_ptr->trans_alpha;