Commit Graph

1610 Commits

Author SHA1 Message Date
Glenn Randers-Pehrson
f229d4df3a [libpng16] Bump version to 1.6.0beta21 2012-03-29 07:42:45 -05:00
Glenn Randers-Pehrson
96027d919f [libpng16] Imported from libpng-1.6.0beta20.tar 2012-03-29 06:38:51 -05:00
Glenn Randers-Pehrson
58f277c18e [libpng16] Revised png_set_text_2() to avoid potential memory corruption.
Fixes CVE-2011-3048.
2012-03-28 23:37:25 -05:00
John Bowler
921648a997 [libpng16] Recognize known sRGB ICC profiles while reading; prefer writing the
iCCP profile over writing the sRGB chunk, controlled by the
    PNG_sRGB_PROFILE_CHECKS option.
2012-03-28 23:36:12 -05:00
John Bowler
23a30f8583 [libpng16] Prevent PNG_EXPAND+PNG_SHIFT doing the shift twice. 2012-03-28 11:38:02 -05:00
Glenn Randers-Pehrson
48015617d3 [libpng16] Recognize known sRGB ICC profiles while reading and issue a warning
about it, if PNG_WARN_IF_iCCP_IS_sRGB_SUPPORTED is defined.
2012-03-28 10:58:01 -05:00
John Bowler
13a87d9682 [libpng16] Fixed ICC profile parsing and sRGB profile recognition
and moved checksum-icc.c from contrib/libtests to contrib/tools.
2012-03-28 09:51:43 -05:00
John Bowler
c1217ee280 [libpng16] Write the profile MD5s from checksum-icc (and the date) 2012-03-22 07:53:00 -05:00
John Bowler
51d1e2be1b [libng16] Added checksum-icc.c to contrib/libtests 2012-03-22 07:36:13 -05:00
John Bowler
f7677a348e [libpng16] Use uLong 64 bits for crc32 return in profile check 2012-03-21 23:52:41 -05:00
Glenn Randers-Pehrson
8fbd60ded2 [libpng16] Recognize known sRGB ICC profiles while reading and handle them as
if the sRGB chunk had appeared instead.
2012-03-21 09:18:15 -05:00
John Bowler
b11b31aea2 [libpng16] Changed chunk handler warnings into benign errors, incrementally
load iCCP
2012-03-21 07:55:46 -05:00
Glenn Randers-Pehrson
51624965e2 [libpng16] Bump version to 1.6.0beta20 2012-03-19 11:04:48 -05:00
Glenn Randers-Pehrson
ce9d8a3f48 [libpng16] Imported from libpng-1.6.0beta19.tar 2012-03-19 10:54:55 -05:00
John Bowler
eda53e5770 [libpng16] Avoid the double gamma correction warning in the simplified API.
This allows the --strict option to pass in the pngstest checks
2012-03-18 22:46:28 -05:00
John Bowler
2bc76ffaf1 [ibpng16] Added application error reporting and added chunk names to read
benign errors; also added --strict to pngstest - not enabled
yet because a warning is produced.
2012-03-18 22:37:25 -05:00
John Bowler
66efa24241 [libpng16] Removed erroneous setting of DETECT_UNINITIALIZED and added more
checks. The code now does a png_error if an attempt is made to do the
row initialization twice; this is an application error and it has
serious consequences because the transform data in png_struct is
changed by each call.
2012-03-18 21:10:29 -05:00
John Bowler
0c11b5f8e7 [libpng16] Work around for duplicate row start calls; added warning messages.
This turns on PNG_FLAG_DETECT_UNINITIALIZED to detect app code that
fails to call one of the 'start' routines (not enabled in libpng-1.5
because it is technically an API change, since it did normally work
before.)  It also makes duplicate calls to png_read_start_row (an
internal function called at the start of the image read) benign, as
they were before changes to use png_inflate_claim. Somehow webkit is
causing this to happen; this is probably a mis-feature in the zlib
changes so this commit is only a work-round.
2012-03-18 14:39:41 -05:00
Glenn Randers-Pehrson
f5dcba6b9b [libpng16] Never mind, undid previous change. 2012-03-17 00:21:45 -05:00
Glenn Randers-Pehrson
c26d6e9aac [libpng16] Revised png_set_text_2() to avoid possible memory corruption
when writing.
2012-03-16 23:19:02 -05:00
Glenn Randers-Pehrson
42ed02ed9a [libpng16] Reverted png_set_itxt(); it would not compile without warnings. 2012-03-16 23:17:27 -05:00
Glenn Randers-Pehrson
31d66245ea [libpng16] Added png_set_itxt() (work in progress) 2012-03-16 13:53:25 -05:00
Glenn Randers-Pehrson
d9d7a7e8f0 [libpng16] Fixed ANNOUNCE and CHANGES re simplified API and benign errors. 2012-03-16 11:04:30 -05:00
Glenn Randers-Pehrson
d15d124d6d [libpng16] Bump version to 1.6.0beta19 2012-03-16 08:35:36 -05:00
Glenn Randers-Pehrson
dd6ecbe688 [libpng16] Imported from libpng-1.6.0beta18.tar 2012-03-16 08:34:31 -05:00
John Bowler
aa816c4444 [libpng16] Added configuration support for benign errors and changed the read
default. Also changed some warnings in the iCCP and sRGB handling
from to benign errors. Configuration now makes read benign
errors warnings and write benign errors to errors by default (thus
changing the behavior on read).  The simplified API always forces
read benign errors to errors (regardless of the system default, unless
this is disabled in which case the simplified API can't be built.)
2012-03-16 07:39:49 -05:00
John Bowler
209b3e4b79 [libpng16] Added output flushing to aid debugging under Visual Studio.
This is necessary because the VS2010 output window otherwise simply loses
the error messages on error (they weren't flushed to the window before
the process exited, apparently!)
2012-03-16 07:14:01 -05:00
Glenn Randers-Pehrson
f2715a558a [libpng16] Revised example.c to put text strings in a temporary character array
instead of directly assigning string constants to png_textp members.
This avoids compiler warnings when -Wwrite-strings is enabled.
2012-03-15 19:52:03 -05:00
John Bowler
845ee6af72 [libpng16] Fixed a compiler warning under Cygwin (Windows-7, 32-bit system) 2012-03-10 21:05:19 -06:00
John Bowler
9ff37ea94f [libpng16] Fix an off-by-one error in the palette index checking function. 2012-03-10 20:03:06 -06:00
Glenn Randers-Pehrson
35f2e1768b [libpng16] In pngtest, treat benign errors as errors if "-strict" is present. 2012-03-10 19:42:03 -06:00
Glenn Randers-Pehrson
945cb1f9be [libpng16] Issue a png_benign_error() instead of png_warning() about bad
palette index.
2012-03-10 08:48:04 -06:00
Glenn Randers-Pehrson
71db131882 [libpng16] Bump version to 1.6.0beta18 2012-03-09 22:15:09 -06:00
Glenn Randers-Pehrson
bf7661f01b [libpng16] Imported from libpng-1.6.0beta17.tar 2012-03-09 22:15:01 -06:00
John Bowler
9066919600 [libpng16] If benign errors are disabled use maximum window on ancillary
inflate.  This works round a bug introduced in 1.5.4 where compressed ancillary
chunks could end up with a too-small windowBits value in the deflate
header.
2012-03-09 22:03:13 -06:00
John Bowler
1ffbe8c7c1 [libpng] Committed new contrib/libtests/makepng.c that was overlooked
in a recent patch.
2012-03-09 12:21:51 -06:00
Glenn Randers-Pehrson
8d0215928d [libpng16] Fixed manual assertion that all of our public macros begin with PNG_
Some such as PNGAPI begin with "PNG".
2012-03-09 12:18:18 -06:00
John Bowler
b5d0051dcb [libpng16] Deflate/inflate was reworked to move common zlib calls into single
functions [rw]util.c.  A new shared keyword check routine was also added
and the 'zbuf' is no longer allocated on progressive read.  It is now
possible to call png_inflate() incrementally.
2012-03-09 09:15:18 -06:00
Glenn Randers-Pehrson
6038b80277 [libpng16] Reject iCCP chunk after the first, even if the first one is invalid. 2012-03-08 10:40:07 -06:00
Glenn Randers-Pehrson
b57c1c9e6e [libpng16] Bump version to 1.6.0beta17 2012-03-05 21:35:40 -06:00
Glenn Randers-Pehrson
0c98cc7023 [libpng16] Imported from libpng-1.6.0beta16.tar 2012-03-05 21:28:03 -06:00
John Bowler
6225b0e61e [libpng16] Added code to validate the windowBits value passed to deflateInit2().
If the call to deflateInit2() is wrong a png_warning will be issued
(in fact this is harmless, but the PNG data produced may be sub-optimal).
2012-03-05 21:26:57 -06:00
John Bowler
d072048925 [libpng16] Correct pngvalid error message 2012-03-05 21:10:11 -06:00
John Bowler
7d4fbb2fbb [libpng16] Validate the zTXt strings in pngvalid. 2012-03-05 21:02:49 -06:00
John Bowler
42a2b556e9 [libpng16] Made read 'inflate' handling like write 'deflate' handling. The
read code now claims and releases png_ptr->zstream, like the write code.
The bug whereby the progressive reader failed to release the zstream
is now fixed, all initialization is delayed, and the code checks for
changed parameters on deflate rather than always calling
deflatedEnd/deflateInit.
2012-03-05 20:57:40 -06:00
John Bowler
e2ae0f2f2b [libpng16] Fix tarith argument parsing 2012-03-05 20:43:27 -06:00
John Bowler
d6cf3a3791 [libpng16] Added a print out of the maximum observed error to 'tarith ascii' 2012-03-05 20:41:19 -06:00
John Bowler
e741cd592e [libpng16] Added contrib/libtests/tarith.c to test internal arithmetic
functions from png.c. This is a libpng maintainer program used to validate
changes to the internal arithmetic functions.
2012-03-04 20:48:57 -06:00
John Bowler
0ae4f7b705 [libpng16] Changed png_inflate() and calling routines to avoid overflow
problems.  This is an intermediate check-in that solves the immediate problems
and introduces one performance improvement (avoiding a copy via png_ptr->zbuf.)
Further changes will be made to make ICC profile handling more secure.
2012-03-03 21:10:26 -06:00
John Bowler
29a6ba01a7 [libpng16] Fixed build warnings (MSVC, GCC, GCC v3). Cygwin GCC with default
options declares 'index' as a global, causing a warning if it is used as a
local variable.  GCC 64-bit warns about assigning a (size_t) (unsigned 64-bit)
to an (int) (signed 32-bit).  MSVC, however, warns about using the
unary '-' operator on an unsigned value (even though it is well defined
by ANSI-C to be ~x+1).  The padding calculation was changed to use a
different method.  Removed the tests on png_ptr->pass.
2012-03-03 20:49:03 -06:00