cheng/libpng
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[libpng16] Simplified and future-proofed png_user_version_check().

Browse Source
This commit is contained in:
Glenn Randers-Pehrson 2014-11-05 12:00:32 -06:00
parent 97dd654ba4
commit a2fe24d186
3 changed files with 11 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
ANNOUNCE
View File

@ -44,6 +44,7 @@ Version 1.6.15beta05 [November 5, 2014]
Use png_get_libpng_ver(NULL) instead of PNG_LIBPNG_VER_STRING in Use png_get_libpng_ver(NULL) instead of PNG_LIBPNG_VER_STRING in
example.c, pngtest.c, and applications in the contrib directory. example.c, pngtest.c, and applications in the contrib directory.
Avoid out-of-bounds memory access in png_user_version_check(). Avoid out-of-bounds memory access in png_user_version_check().
Simplified and future-proofed png_user_version_check().
Send comments/corrections/commendations to png-mng-implement at lists.sf.net Send comments/corrections/commendations to png-mng-implement at lists.sf.net
(subscription required; visit (subscription required; visit

1
CHANGES
View File

@ -5052,6 +5052,7 @@ Version 1.6.15beta05 [November 5, 2014]
Use png_get_libpng_ver(NULL) instead of PNG_LIBPNG_VER_STRING in Use png_get_libpng_ver(NULL) instead of PNG_LIBPNG_VER_STRING in
example.c, pngtest.c, and applications in the contrib directory. example.c, pngtest.c, and applications in the contrib directory.
Avoid out-of-bounds memory access in png_user_version_check(). Avoid out-of-bounds memory access in png_user_version_check().
Simplified and future-proofed png_user_version_check().
Send comments/corrections/commendations to png-mng-implement at lists.sf.net Send comments/corrections/commendations to png-mng-implement at lists.sf.net
(subscription required; visit (subscription required; visit

22
png.c
View File

@ -165,16 +165,24 @@ png_calculate_crc(png_structrp png_ptr, png_const_bytep ptr, png_size_t length)
int int
png_user_version_check(png_structrp png_ptr, png_const_charp user_png_ver) png_user_version_check(png_structrp png_ptr, png_const_charp user_png_ver)
{ {
/* Libpng versions 1.0.0 and later are binary compatible if the version
* string matches through the second '.'; we must recompile any
* applications that use any older library version.
*/
if (user_png_ver != NULL) if (user_png_ver != NULL)
{ {
int i = -1; int i = -1;
int found_dots = 0;
do do
{ {
i++; i++;
if (user_png_ver[i] != png_libpng_ver[i]) if (user_png_ver[i] != png_libpng_ver[i])
png_ptr->flags |= PNG_FLAG_LIBRARY_MISMATCH; png_ptr->flags |= PNG_FLAG_LIBRARY_MISMATCH;
} while (png_libpng_ver[i] != 0 && user_png_ver[i] != 0); if (user_png_ver[i] == '.')
found_dots++;
} while (found_dots < 2 && png_libpng_ver[i] != 0 && user_png_ver[i] != 0);
} }
else else
@ -182,17 +190,6 @@ png_user_version_check(png_structrp png_ptr, png_const_charp user_png_ver)
if ((png_ptr->flags & PNG_FLAG_LIBRARY_MISMATCH) != 0) if ((png_ptr->flags & PNG_FLAG_LIBRARY_MISMATCH) != 0)
{ {
/* Libpng 0.90 and later are binary incompatible with libpng 0.89, so
* we must recompile any applications that use any older library version.
* For versions after libpng 1.0, we will be compatible, so we need
* only check the first and third digits (note that when we reach version
* 1.10 we will need to check the fourth symbol, namely user_png_ver[3]).
*/
if (user_png_ver == NULL || user_png_ver[0] != png_libpng_ver[0] ||
(user_png_ver[0] == '1' && (user_png_ver[2] != png_libpng_ver[2] ||
user_png_ver[3] != png_libpng_ver[3])) ||
(user_png_ver[0] == '0' && user_png_ver[2] < '9'))
{
#ifdef PNG_WARNINGS_SUPPORTED #ifdef PNG_WARNINGS_SUPPORTED
size_t pos = 0; size_t pos = 0;
char m[128]; char m[128];
@ -213,7 +210,6 @@ png_user_version_check(png_structrp png_ptr, png_const_charp user_png_ver)
return 0; return 0;
} }
}
/* Success return. */ /* Success return. */
return 1; return 1;