[libpng16] Undo failed attempt to prevent UMR in png_icc_check_table().

ANNOUNCE

@@ -1,4 +1,4 @@
-Libpng 1.6.33beta03 - September 12, 2017
+Libpng 1.6.33beta03 - September 14, 2017
 
 This is not intended to be a public release. It will be replaced
 within a few weeks by a public version or by another test version.
@@ -39,16 +39,12 @@ Version 1.6.33beta02 [September 3, 2017]
     changed date of contrib/oss-fuzz files.
   Enabled ARM support in CMakeLists.txt (Bernd Kuhls).
 
-Version 1.6.33beta03 [September 12, 2017]
+Version 1.6.33beta03 [September 14, 2017]
   Fixed incorrect typecast of some arguments to png_malloc() and
     png_calloc() that were png_uint_32 instead of png_alloc_size_t
     (Bug report by "irwir" in Github libpng issue #175).
   Use pnglibconf.h.prebuilt when building for ANDROID with cmake (Github
     issue 162, by rcdailey).
-  Guard against Uninitialized Memory Read in png_icc_check_tag_table(),
-    detected by the oss-fuzz project.
-  Attempt to debug Uninitialized Memory Read in png_set_text_2(),
-    detected by the oss-fuzz project.
 
 Send comments/corrections/commendations to png-mng-implement at lists.sf.net
 (subscription required; visit

CHANGES

@@ -6009,16 +6009,12 @@ Version 1.6.33beta02 [September 3, 2017]
     changed date of contrib/oss-fuzz files.
   Enabled ARM support in CMakeLists.txt (Bernd Kuhls).
 
-Version 1.6.33beta03 [September 12, 2017]
+Version 1.6.33beta03 [September 14, 2017]
   Fixed incorrect typecast of some arguments to png_malloc() and
     png_calloc() that were png_uint_32 instead of png_alloc_size_t
     (Bug report by "irwir" in Github libpng issue #175).
   Use pnglibconf.h.prebuilt when building for ANDROID with cmake (Github
     issue 162, by rcdailey).
-  Guard against Uninitialized Memory Read in png_icc_check_tag_table(),
-    detected by the oss-fuzz project.
-  Attempt to debug Uninitialized Memory Read in png_set_text_2(),
-    detected by the oss-fuzz project.
 
 Send comments/corrections/commendations to png-mng-implement at lists.sf.net
 (subscription required; visit

png.c

@@ -816,14 +816,14 @@ png_get_copyright(png_const_structrp png_ptr)
 #else
 #  ifdef __STDC__
    return PNG_STRING_NEWLINE \
-      "libpng version 1.6.33beta03 - September 13, 2017" PNG_STRING_NEWLINE \
+      "libpng version 1.6.33beta03 - September 14, 2017" PNG_STRING_NEWLINE \
       "Copyright (c) 1998-2002,2004,2006-2017 Glenn Randers-Pehrson" \
       PNG_STRING_NEWLINE \
       "Copyright (c) 1996-1997 Andreas Dilger" PNG_STRING_NEWLINE \
       "Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc." \
       PNG_STRING_NEWLINE;
 #  else
-   return "libpng version 1.6.33beta03 - September 13, 2017\
+   return "libpng version 1.6.33beta03 - September 14, 2017\
       Copyright (c) 1998-2002,2004,2006-2017 Glenn Randers-Pehrson\
       Copyright (c) 1996-1997 Andreas Dilger\
       Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc.";
@@ -2228,9 +2228,6 @@ png_icc_check_tag_table(png_const_structrp png_ptr, png_colorspacerp colorspace,
       /* This is a hard error; potentially it can cause read outside the
        * profile.
        */
-      if (tag > profile + 11)
-         png_chunk_report(png_ptr,"ICC profile tag table truncated",
-             PNG_CHUNK_ERROR);
       if (tag_start > profile_length || tag_length > profile_length - tag_start)
          return png_icc_profile_error(png_ptr, colorspace, name, tag_id,
              "ICC profile tag outside profile");