Libpng 1.6.24beta03 - July 1, 2016 This is not intended to be a public release. It will be replaced within a few weeks by a public version or by another test version. Files available for download: Source files with LF line endings (for Unix/Linux) and with a "configure" script 1.6.24beta03.tar.xz (LZMA-compressed, recommended) 1.6.24beta03.tar.gz Source files with CRLF line endings (for Windows), without the "configure" script lp1624b03.7z (LZMA-compressed, recommended) lp1624b03.zip Other information: 1.6.24beta03-README.txt 1.6.24beta03-LICENSE.txt libpng-1.6.24beta03-*.asc (armored detached GPG signatures) Changes since the last public release (1.6.23): Version 1.6.24beta01 [June 11, 2016] Avoid potential overflow of the PNG_IMAGE_SIZE macro. This macro is not used within libpng, but is used in some of the examples. Version 1.6.24beta02 [June 23, 2016] Correct filter heuristic overflow handling. This was broken when the write filter code was moved out-of-line; if there is a single filter and the heuristic sum overflows the calculation of the filtered line is not completed. In versions prior to 1.6 the code was duplicated in-line and the check not performed, so the filter operation completed; however, in the multi-filter case where the sum is performed the 'none' filter would be selected if all the sums overflowed, even if it wasn't in the filter list. The fix to the first problem is simply to provide PNG_SIZE_MAX as the current lmins sum value; this means the sum can never exceed it and overflows silently. A reasonable compiler that does choose to inline the code will simply eliminate the sum check. The fix to the second problem is to use high precision arithmetic (this is implemented in 1.7), however a simple safe fix here is to chose the lowest numbered filter in the list from png_set_filter (this only works if the first problem is also fixed) (John Bowler). Use a more efficient absolute value calculation on SSE2 (Matthieu Darbois). Fixed the case where PNG_IMAGE_BUFFER_SIZE can overflow in the application as a result of the application using an increased 'row_stride'; previously png_image_finish_read only checked for overflow on the base calculation of components. (I.e. it checked for overflow of a 32-bit number on the total number of pixel components in the output format, not the possibly padded row length and not the number of bytes, which for linear formats is twice the number of components.) MSVC does not like '-(unsigned)', so replaced it with 0U-(unsigned) MSVC does not like (uInt) = -(unsigned) (i.e. as an initializer), unless the conversion is explicitly invoked by a cast. Put the SKIP definition in the correct place. It needs to come after the png.h include (see all the other .c files in contrib/libtests) because it depends on PNG_LIBPNG_VER. Removed the three compile warning options from the individual project files into the zlib.props globals. It increases the warning level from 4 to All and adds a list of the warnings that need to be turned off. This is semi-documentary; the intent is to tell libpng users which warnings have been examined and judged non-fixable at present. The warning about structure padding is fixable, but it would be a signficant change (moving structure members around). Version 1.6.24beta03 [July 1, 2016] Optimized absolute value calculation in filter selection, similar to code in the PAETH decoder in pngrutil.c. Build with PNG_USE_ABS to use this. Added pngcp to the build together with a pngcp.dfa configuration test. Added high resolution timing to pngcp. Send comments/corrections/commendations to png-mng-implement at lists.sf.net (subscription required; visit https://lists.sourceforge.net/lists/listinfo/png-mng-implement to subscribe) or to glennrp at users.sourceforge.net Glenn R-P