diff options
Diffstat (limited to 'contrib')
165 files changed, 1051 insertions, 109 deletions
diff --git a/contrib/arm-neon/android-ndk.c b/contrib/arm-neon/android-ndk.c index 724012348..fb3a4898d 100644 --- a/contrib/arm-neon/android-ndk.c +++ b/contrib/arm-neon/android-ndk.c @@ -17,7 +17,7 @@ * * Documentation: * http://www.kandroid.org/ndk/docs/CPU-ARM-NEON.html - * http://code.google.com/p/android/issues/detail?id=49065 + * https://code.google.com/p/android/issues/detail?id=49065 * * NOTE: this requires that libpng is built against the Android NDK and linked * with an implementation of the Android ARM 'cpu-features' library. The code diff --git a/contrib/arm-neon/linux.c b/contrib/arm-neon/linux.c index 94f9bb1e0..a9bc360dd 100644 --- a/contrib/arm-neon/linux.c +++ b/contrib/arm-neon/linux.c @@ -1,8 +1,8 @@ /* contrib/arm-neon/linux.c * - * Copyright (c) 2014 Glenn Randers-Pehrson - * Written by John Bowler, 2014. - * Last changed in libpng 1.6.16 [December 22, 2014] + * Last changed in libpng 1.6.31 [July 27, 2017] + * Copyright (c) 2014, 2017 Glenn Randers-Pehrson + * Written by John Bowler, 2014, 2017. * * This code is released under the libpng license. * For conditions of distribution and use, see the disclaimer @@ -62,7 +62,7 @@ png_have_neon(png_structp png_ptr) counter=0; state = Feature; - /* FALL THROUGH */ + /* FALLTHROUGH */ case Feature: /* Match 'FEATURE', ASCII case insensitive. */ @@ -75,7 +75,7 @@ png_have_neon(png_structp png_ptr) /* did not match 'feature' */ state = SkipLine; - /* FALL THROUGH */ + /* FALLTHROUGH */ case SkipLine: skipLine: @@ -110,7 +110,7 @@ png_have_neon(png_structp png_ptr) state = Neon; counter = 0; - /* FALL THROUGH */ + /* FALLTHROUGH */ case Neon: /* Look for 'neon' tag */ @@ -122,7 +122,7 @@ png_have_neon(png_structp png_ptr) } state = SkipTag; - /* FALL THROUGH */ + /* FALLTHROUGH */ case SkipTag: /* Skip non-space characters */ diff --git a/contrib/examples/README.txt b/contrib/examples/README.txt index 0525c9d36..48dab4f0f 100644 --- a/contrib/examples/README.txt +++ b/contrib/examples/README.txt @@ -21,4 +21,4 @@ ORIGINAL AUTHORS of the people below claim any rights with regard to the contents of this directory. - John Bowler <jbowler@acm.org> + John Bowler <jbowler at acm.org> diff --git a/contrib/examples/pngtopng.c b/contrib/examples/pngtopng.c index 4acf6b3ad..904b97238 100644 --- a/contrib/examples/pngtopng.c +++ b/contrib/examples/pngtopng.c @@ -1,10 +1,12 @@ /*- pngtopng * - * COPYRIGHT: Written by John Cunningham Bowler, 2011. + * COPYRIGHT: Written by John Cunningham Bowler, 2011, 2017. * To the extent possible under law, the author has waived all copyright and * related or neighboring rights to this work. This work is published from: * United States. * + * Last changed in libpng 1.6.29 [March 16, 2017] + * * Read a PNG and write it out in a fixed format, using the 'simplified API' * that was introduced in libpng-1.6.0. * @@ -59,26 +61,27 @@ int main(int argc, const char **argv) else fprintf(stderr, "pngtopng: write %s: %s\n", argv[2], image.message); - - free(buffer); } else - { fprintf(stderr, "pngtopng: read %s: %s\n", argv[1], image.message); - /* This is the only place where a 'free' is required; libpng does - * the cleanup on error and success, but in this case we couldn't - * complete the read because of running out of memory. - */ - png_image_free(&image); - } + free(buffer); } else + { fprintf(stderr, "pngtopng: out of memory: %lu bytes\n", (unsigned long)PNG_IMAGE_SIZE(image)); + + /* This is the only place where a 'free' is required; libpng does + * the cleanup on error and success, but in this case we couldn't + * complete the read because of running out of memory and so libpng + * has not got to the point where it can do cleanup. + */ + png_image_free(&image); + } } else diff --git a/contrib/gregbook/README b/contrib/gregbook/README index 7b1f6a3ea..90e28f7ce 100644 --- a/contrib/gregbook/README +++ b/contrib/gregbook/README @@ -15,7 +15,7 @@ of PBMPLUS/NetPBM) and converts them to PNG. The source code for all three demo programs currently compiles under Unix, OpenVMS, and 32-bit Windows. (Special thanks to Martin Zinser, -zinser@decus.de, for making the necessary changes for OpenVMS and for +zinser at decus.de, for making the necessary changes for OpenVMS and for providing an appropriate build script.) Build instructions can be found below. @@ -55,7 +55,7 @@ mation and links to the latest version of the source code, and Chapters 13-15 of the book for detailed discussion of the three programs. Greg Roelofs -http://pobox.com/~newt/greg_contact.html +https://pobox.com/~newt/greg_contact.html 16 March 2008 @@ -63,7 +63,7 @@ BUILD INSTRUCTIONS - Prerequisites (in order of compilation): - - zlib http://zlib.net/ + - zlib https://zlib.net/ - libpng http://www.libpng.org/pub/png/libpng.html - pngbook http://www.libpng.org/pub/png/book/sources.html diff --git a/contrib/gregbook/readpng.c b/contrib/gregbook/readpng.c index 9167403e5..fad9b536a 100644 --- a/contrib/gregbook/readpng.c +++ b/contrib/gregbook/readpng.c @@ -4,7 +4,7 @@ --------------------------------------------------------------------------- - Copyright (c) 1998-2007 Greg Roelofs. All rights reserved. + Copyright (c) 1998-2007,2017 Greg Roelofs. All rights reserved. This software is provided "as is," without warranty of any kind, express or implied. In no event shall the author or contributors @@ -264,6 +264,12 @@ uch *readpng_get_image(double display_exponent, int *pChannels, ulg *pRowbytes) *pRowbytes = rowbytes = png_get_rowbytes(png_ptr, info_ptr); *pChannels = (int)png_get_channels(png_ptr, info_ptr); + /* Guard against integer overflow */ + if (height > ((size_t)(-1))/rowbytes) { + fprintf(stderr, "readpng: image_data buffer would be too large\n", + return NULL; + } + if ((image_data = (uch *)malloc(rowbytes*height)) == NULL) { png_destroy_read_struct(&png_ptr, &info_ptr, NULL); return NULL; diff --git a/contrib/gregbook/readpng2.c b/contrib/gregbook/readpng2.c index 4d5e38fe2..5d13e1530 100644 --- a/contrib/gregbook/readpng2.c +++ b/contrib/gregbook/readpng2.c @@ -55,6 +55,7 @@ Changelog: 2015-11-12 - Check return value of png_get_bKGD() (Glenn R-P) + 2017-04-22 - Guard against integer overflow (Glenn R-P) ---------------------------------------------------------------------------*/ diff --git a/contrib/gregbook/readppm.c b/contrib/gregbook/readppm.c index 7fefc3943..52e702777 100644 --- a/contrib/gregbook/readppm.c +++ b/contrib/gregbook/readppm.c @@ -9,7 +9,7 @@ --------------------------------------------------------------------------- - Copyright (c) 1998-2007 Greg Roelofs. All rights reserved. + Copyright (c) 1998-2007,2017 Greg Roelofs. All rights reserved. This software is provided "as is," without warranty of any kind, express or implied. In no event shall the author or contributors @@ -154,12 +154,17 @@ uch *readpng_get_image(double display_exponent, int *pChannels, ulg *pRowbytes) *pRowbytes = rowbytes = channels*width; *pChannels = channels; - if ((image_data = (uch *)malloc(rowbytes*height)) == NULL) { + Trace((stderr, "readpng_get_image: rowbytes = %ld, height = %ld\n", rowbytes, height)); + + /* Guard against integer overflow */ + if (height > ((size_t)(-1))/rowbytes) { + fprintf(stderr, PROGNAME ": image_data buffer would be too large\n", return NULL; } - Trace((stderr, "readpng_get_image: rowbytes = %ld, height = %ld\n", rowbytes, height)); - + if ((image_data = (uch *)malloc(rowbytes*height)) == NULL) { + return NULL; + } /* now we can go ahead and just read the whole image */ diff --git a/contrib/gregbook/rpng-win.c b/contrib/gregbook/rpng-win.c index f53ddc8ec..1a6f87615 100644 --- a/contrib/gregbook/rpng-win.c +++ b/contrib/gregbook/rpng-win.c @@ -24,10 +24,11 @@ - 1.10: enabled "message window"/console (thanks to David Geldreich) - 2.00: dual-licensed (added GNU GPL) - 2.01: fixed improper display of usage screen on PNG error(s) + - 2.02: check for integer overflow (Glenn R-P) --------------------------------------------------------------------------- - Copyright (c) 1998-2008 Greg Roelofs. All rights reserved. + Copyright (c) 1998-2008, 2017 Greg Roelofs. All rights reserved. This software is provided "as is," without warranty of any kind, express or implied. In no event shall the author or contributors @@ -182,7 +183,7 @@ int WINAPI WinMain(HINSTANCE hInst, HINSTANCE hPrevInst, PSTR cmd, int showmode) #ifndef __CYGWIN__ /* First reenable console output, which normally goes to the bit bucket * for windowed apps. Closing the console window will terminate the - * app. Thanks to David.Geldreich@realviz.com for supplying the magical + * app. Thanks to David.Geldreich at realviz.com for supplying the magical * incantation. */ AllocConsole(); @@ -496,6 +497,12 @@ static int rpng_win_create_window(HINSTANCE hInst, int showmode) wimage_rowbytes = ((3*image_width + 3L) >> 2) << 2; + /* Guard against integer overflow */ + if (image_height > ((size_t)(-1))/wimage_rowbytes) { + fprintf(stderr, PROGNAME ": image_data buffer would be too large\n"); + return 4; /* fail */ + } + if (!(dib = (uch *)malloc(sizeof(BITMAPINFOHEADER) + wimage_rowbytes*image_height))) { diff --git a/contrib/gregbook/rpng-x.c b/contrib/gregbook/rpng-x.c index ddd7c58d6..92effaa6d 100644 --- a/contrib/gregbook/rpng-x.c +++ b/contrib/gregbook/rpng-x.c @@ -28,10 +28,11 @@ - 2.01: fixed improper display of usage screen on PNG error(s) - 2.02: Added "void(argc);" statement to quiet pedantic compiler warnings about unused variable (GR-P) + - 2.03: check for integer overflow (Glenn R-P) --------------------------------------------------------------------------- - Copyright (c) 1998-2008 Greg Roelofs. All rights reserved. + Copyright (c) 1998-2008, 2017 Greg Roelofs. All rights reserved. This software is provided "as is," without warranty of any kind, express or implied. In no event shall the author or contributors diff --git a/contrib/gregbook/rpng2-win.c b/contrib/gregbook/rpng2-win.c index a7b9dfaaf..ed6b526ec 100644 --- a/contrib/gregbook/rpng2-win.c +++ b/contrib/gregbook/rpng2-win.c @@ -33,12 +33,11 @@ - 2.02: fixed improper display of usage screen on PNG error(s); fixed unexpected-EOF and file-read-error cases - 2.03: removed runtime MMX-enabling/disabling and obsolete -mmx* options - - 2.04: - (GR-P) + - 2.04: check for integer overflow (Glenn R-P) --------------------------------------------------------------------------- - Copyright (c) 1998-2008 Greg Roelofs. All rights reserved. + Copyright (c) 1998-2008, 2017 Greg Roelofs. All rights reserved. This software is provided "as is," without warranty of any kind, express or implied. In no event shall the author or contributors @@ -301,7 +300,7 @@ int WINAPI WinMain(HINSTANCE hInst, HINSTANCE hPrevInst, PSTR cmd, int showmode) #ifndef __CYGWIN__ /* Next reenable console output, which normally goes to the bit bucket * for windowed apps. Closing the console window will terminate the - * app. Thanks to David.Geldreich@realviz.com for supplying the magical + * app. Thanks to David.Geldreich at realviz.com for supplying the magical * incantation. */ AllocConsole(); @@ -650,6 +649,13 @@ static void rpng2_win_init() Trace((stderr, " width = %ld\n", rpng2_info.width)) Trace((stderr, " height = %ld\n", rpng2_info.height)) + /* Guard against integer overflow */ + if (rpng2_info.height > ((size_t)(-1))/rowbytes) { + fprintf(stderr, PROGNAME ": image_data buffer would be too large\n", + readpng2_cleanup(&rpng2_info); + return; + } + rpng2_info.image_data = (uch *)malloc(rowbytes * rpng2_info.height); if (!rpng2_info.image_data) { readpng2_cleanup(&rpng2_info); diff --git a/contrib/gregbook/rpng2-x.c b/contrib/gregbook/rpng2-x.c index 0c8ddeba2..af944c0f2 100644 --- a/contrib/gregbook/rpng2-x.c +++ b/contrib/gregbook/rpng2-x.c @@ -44,9 +44,11 @@ - 2.04: Added "void(foo);" statements to quiet pedantic compiler warnings about unused variables (GR-P) - 2.05: Use nanosleep() instead of usleep(), which is deprecated (GR-P). + - 2.06: check for integer overflow (Glenn R-P) --------------------------------------------------------------------------- - Copyright (c) 1998-2010, 2014-2015 Greg Roelofs. All rights reserved. + Copyright (c) 1998-2010, 2014-2015, 2017 Greg Roelofs. All rights + reserved. This software is provided "as is," without warranty of any kind, express or implied. In no event shall the author or contributors @@ -780,6 +782,13 @@ static void rpng2_x_init(void) Trace((stderr, " width = %ld\n", rpng2_info.width)) Trace((stderr, " height = %ld\n", rpng2_info.height)) + /* Guard against integer overflow */ + if (rpng2_info.height > ((size_t)(-1))/rpng2_info.rowbytes) { + fprintf(stderr, PROGNAME ": image_data buffer would be too large\n"); + readpng2_cleanup(&rpng2_info); + return; + } + rpng2_info.image_data = (uch *)malloc(rowbytes * rpng2_info.height); if (!rpng2_info.image_data) { readpng2_cleanup(&rpng2_info); diff --git a/contrib/gregbook/wpng.c b/contrib/gregbook/wpng.c index a06e3529e..a8f367fb8 100644 --- a/contrib/gregbook/wpng.c +++ b/contrib/gregbook/wpng.c @@ -29,6 +29,7 @@ - 1.04: fixed DOS/OS2/Win32 detection, including partial Cygwin fix (see http://home.att.net/~perlspinr/diffs/GregBook_cygwin.diff) - 2.00: dual-licensed (added GNU GPL) + - 2.01: check for integer overflow (Glenn R-P) [REPORTED BUG (win32 only): "contrib/gregbook/wpng.c - cmd line dose not work! In order to do something useful I needed to redirect @@ -38,7 +39,7 @@ --------------------------------------------------------------------------- - Copyright (c) 1998-2007 Greg Roelofs. All rights reserved. + Copyright (c) 1998-2007, 2017 Greg Roelofs. All rights reserved. This software is provided "as is," without warranty of any kind, express or implied. In no event shall the author or contributors @@ -702,7 +703,18 @@ int main(int argc, char **argv) if (wpng_info.interlaced) { long i; ulg bytes; - ulg image_bytes = rowbytes * wpng_info.height; /* overflow? */ + ulg image_bytes; + + /* Guard against integer overflow */ + if (wpng_info_height > ((size_t)(-1)/rowbytes || + wpng_info_height > ((ulg)(-1)/rowbytes) { + fprintf(stderr, PROGNAME ": image_data buffer too large\n"); + writepng_cleanup(&wpng_info); + wpng_cleanup(); + exit(5); + } + + image_bytes = rowbytes * wpng_info.height; wpng_info.image_data = (uch *)malloc(image_bytes); wpng_info.row_pointers = (uch **)malloc(wpng_info.height*sizeof(uch *)); diff --git a/contrib/gregbook/writepng.c b/contrib/gregbook/writepng.c index c5c953479..055c74374 100644 --- a/contrib/gregbook/writepng.c +++ b/contrib/gregbook/writepng.c @@ -4,7 +4,7 @@ --------------------------------------------------------------------------- - Copyright (c) 1998-2007 Greg Roelofs. All rights reserved. + Copyright (c) 1998-2007, 2017 Greg Roelofs. All rights reserved. This software is provided "as is," without warranty of any kind, express or implied. In no event shall the author or contributors diff --git a/contrib/libtests/pngstest.c b/contrib/libtests/pngstest.c index 30f57a966..ab4508930 100644 --- a/contrib/libtests/pngstest.c +++ b/contrib/libtests/pngstest.c @@ -1,9 +1,8 @@ /*- * pngstest.c * - * Copyright (c) 2013-2016 John Cunningham Bowler - * - * Last changed in libpng 1.6.24 [August 4, 2016] + * Last changed in libpng 1.6.31 [July 27, 2017] + * Copyright (c) 2013-2017 John Cunningham Bowler * * This code is released under the libpng license. * For conditions of distribution and use, see the disclaimer @@ -2611,9 +2610,9 @@ compare_two_images(Image *a, Image *b, int via_linear, const unsigned int b_sample = PNG_IMAGE_SAMPLE_SIZE(formatb); int alpha_added, alpha_removed; int bchannels; - int btoa[4]; png_uint_32 y; Transform tr; + int btoa[4]={0,0,0,0}; /* This should never happen: */ if (width != b->image.width || height != b->image.height) @@ -2746,22 +2745,27 @@ compare_two_images(Image *a, Image *b, int via_linear, */ else if ((a->opts & ACCUMULATE) == 0) { +# ifdef __GNUC__ +# define BYTE_CHARS 20 /* 2^32: GCC sprintf warning */ +# else +# define BYTE_CHARS 3 /* 2^8: real maximum value */ +# endif /* Check the original image first, * TODO: deal with input images with bad pixel values? */ if (amax >= a->image.colormap_entries) { - char pindex[9]; - sprintf(pindex, "%d[%lu]", amax, - (unsigned long)a->image.colormap_entries); + char pindex[3+2*BYTE_CHARS]; + sprintf(pindex, "%d[%u]", amax, + (png_byte)/*SAFE*/a->image.colormap_entries); return logerror(a, a->file_name, ": bad pixel index: ", pindex); } else if (bmax >= b->image.colormap_entries) { - char pindex[9]; - sprintf(pindex, "%d[%lu]", bmax, - (unsigned long)b->image.colormap_entries); + char pindex[3+2*BYTE_CHARS]; + sprintf(pindex, "%d[%u]", bmax, + (png_byte)/*SAFE*/b->image.colormap_entries); return logerror(b, b->file_name, ": bad pixel index: ", pindex); } } @@ -2881,10 +2885,13 @@ compare_two_images(Image *a, Image *b, int via_linear, { case 4: if (pua[btoa[3]] != pub[3]) break; + /* FALLTHROUGH */ case 3: if (pua[btoa[2]] != pub[2]) break; + /* FALLTHROUGH */ case 2: if (pua[btoa[1]] != pub[1]) break; + /* FALLTHROUGH */ case 1: if (pua[btoa[0]] != pub[0]) break; if (alpha_added != 4 && pub[alpha_added] != 65535) break; @@ -2900,10 +2907,13 @@ compare_two_images(Image *a, Image *b, int via_linear, { case 4: if (psa[btoa[3]] != psb[3]) break; + /* FALLTHROUGH */ case 3: if (psa[btoa[2]] != psb[2]) break; + /* FALLTHROUGH */ case 2: if (psa[btoa[1]] != psb[1]) break; + /* FALLTHROUGH */ case 1: if (psa[btoa[0]] != psb[0]) break; if (alpha_added != 4 && psb[alpha_added] != 255) break; diff --git a/contrib/libtests/pngunknown.c b/contrib/libtests/pngunknown.c index 8b1528296..12eab7258 100644 --- a/contrib/libtests/pngunknown.c +++ b/contrib/libtests/pngunknown.c @@ -1,8 +1,8 @@ /* pngunknown.c - test the read side unknown chunk handling * - * Last changed in libpng 1.6.22 [May 26, 2016] - * Copyright (c) 2015,2016 Glenn Randers-Pehrson + * Last changed in libpng 1.6.32 [August 24, 2017] + * Copyright (c) 2015,2017 Glenn Randers-Pehrson * Written by John Cunningham Bowler * * This code is released under the libpng license. @@ -114,6 +114,7 @@ typedef png_byte *png_const_bytep; #define png_PLTE PNG_U32( 80, 76, 84, 69) #define png_bKGD PNG_U32( 98, 75, 71, 68) #define png_cHRM PNG_U32( 99, 72, 82, 77) +#define png_eXIf PNG_U32(101, 88, 73, 102) /* registered July 2017 */ #define png_fRAc PNG_U32(102, 82, 65, 99) /* registered, not defined */ #define png_gAMA PNG_U32(103, 65, 77, 65) #define png_gIFg PNG_U32(103, 73, 70, 103) @@ -210,6 +211,13 @@ static struct 1, # endif 1, START, 0 }, + { "eXIf", PNG_INFO_eXIf, png_eXIf, +# ifdef PNG_READ_eXIf_SUPPORTED + 0, +# else + 1, +# endif + 1, END, 0 }, { "gAMA", PNG_INFO_gAMA, png_gAMA, # ifdef PNG_READ_gAMA_SUPPORTED 0, @@ -478,7 +486,7 @@ get_valid(display *d, png_infop info_ptr) png_textp text; png_uint_32 ntext = png_get_text(d->png_ptr, info_ptr, &text, NULL); - while (ntext-- > 0) switch (text[ntext].compression) + while (ntext > 0) switch (text[--ntext].compression) { case -1: flags |= PNG_INFO_tEXt; @@ -614,7 +622,7 @@ get_unknown(display *d, png_infop info_ptr, int after_IDAT) ++(d->error_count); break; } - /* FALL THROUGH (safe) */ + /* FALLTHROUGH */ /* (safe) */ case PNG_HANDLE_CHUNK_ALWAYS: break; } @@ -1090,7 +1098,7 @@ static const char *standard_tests[] = "sTER", "sTER=if-safe", 0, "IDAT", "default=discard", "IDAT=save", 0, "sAPI", "bKGD=save", "cHRM=save", "gAMA=save", "all=discard", "iCCP=save", - "sBIT=save", "sRGB=save", 0, + "sBIT=save", "sRGB=save", "eXIf=save", 0, 0/*end*/ }; diff --git a/contrib/libtests/pngvalid.c b/contrib/libtests/pngvalid.c index 9d3beb5fa..4dc4f8447 100644 --- a/contrib/libtests/pngvalid.c +++ b/contrib/libtests/pngvalid.c @@ -1,9 +1,8 @@ /* pngvalid.c - validate libpng by constructing then reading png files. * - * Last changed in libpng 1.6.24 [August 4, 2016] - * Copyright (c) 2014-2016 Glenn Randers-Pehrson - * Written by John Cunningham Bowler + * Last changed in libpng 1.6.31 [July 27, 2017] + * Copyright (c) 2014-2017 John Cunningham Bowler * * This code is released under the libpng license. * For conditions of distribution and use, see the disclaimer @@ -1242,7 +1241,7 @@ store_image_check(const png_store* ps, png_const_structp pp, int iImage) image += 2; /* skip image first row markers */ - while (rows-- > 0) + for (; rows > 0; --rows) { if (image[-2] != 190 || image[-1] != 239) png_error(pp, "row start overwritten"); @@ -4011,8 +4010,11 @@ check_interlace_type(int const interlace_type) # define do_own_interlace 1 #endif /* WRITE_INTERLACING tests */ -#define CAN_WRITE_INTERLACE\ - PNG_LIBPNG_VER >= 10700 || defined PNG_WRITE_INTERLACING_SUPPORTED +#if PNG_LIBPNG_VER >= 10700 || defined PNG_WRITE_INTERLACING_SUPPORTED +# define CAN_WRITE_INTERLACE 1 +#else +# define CAN_WRITE_INTERLACE 0 +#endif /* Do the same thing for read interlacing; this controls whether read tests do * their own de-interlace or use libpng. @@ -6582,16 +6584,16 @@ transform_info_imp(transform_display *dp, png_structp pp, png_infop pi) { case PNG_COLOR_TYPE_PALETTE: if (dp->output_bit_depth > 8) goto error; - /*FALL THROUGH*/ + /* FALLTHROUGH */ case PNG_COLOR_TYPE_GRAY: if (dp->output_bit_depth == 1 || dp->output_bit_depth == 2 || dp->output_bit_depth == 4) break; - /*FALL THROUGH*/ + /* FALLTHROUGH */ default: if (dp->output_bit_depth == 8 || dp->output_bit_depth == 16) break; - /*FALL THROUGH*/ + /* FALLTHROUGH */ error: { char message[128]; @@ -7740,13 +7742,11 @@ image_transform_png_set_rgb_to_gray_ini(const image_transform *this, * NOTE: this number only affects the internal limit check in pngvalid, * it has no effect on the limits applied to the libpng values. */ - that->pm->limit += pow( -# if DIGITIZE - 2.0 -# else - 1.0 -# endif - /255, data.gamma); +#if DIGITIZE + that->pm->limit += pow( 2.0/255, data.gamma); +#else + that->pm->limit += pow( 1.0/255, data.gamma); +#endif } } @@ -9994,9 +9994,9 @@ gamma_component_validate(const char *name, const validate_info *vi, case PNG_BACKGROUND_GAMMA_FILE: case PNG_BACKGROUND_GAMMA_UNIQUE: use_background = (alpha >= 0 && alpha < 1); - /*FALL THROUGH*/ # endif # ifdef PNG_READ_ALPHA_MODE_SUPPORTED + /* FALLTHROUGH */ case ALPHA_MODE_OFFSET + PNG_ALPHA_STANDARD: case ALPHA_MODE_OFFSET + PNG_ALPHA_BROKEN: case ALPHA_MODE_OFFSET + PNG_ALPHA_OPTIMIZED: @@ -11427,23 +11427,36 @@ perform_interlace_macro_validation(void) */ for (v=0;;) { + /* The first two tests overflow if the pass row or column is outside + * the possible range for a 32-bit result. In fact the values should + * never be outside the range for a 31-bit result, but checking for 32 + * bits here ensures that if an app uses a bogus pass row or column + * (just so long as it fits in a 32 bit integer) it won't get a + * possibly dangerous overflow. + */ /* First the base 0 stuff: */ - m = PNG_ROW_FROM_PASS_ROW(v, pass); - f = png_row_from_pass_row(v, pass); - if (m != f) + if (v < png_pass_rows(0xFFFFFFFFU, pass)) { - fprintf(stderr, "PNG_ROW_FROM_PASS_ROW(%u, %d) = %u != %x\n", - v, pass, m, f); - exit(99); + m = PNG_ROW_FROM_PASS_ROW(v, pass); + f = png_row_from_pass_row(v, pass); + if (m != f) + { + fprintf(stderr, "PNG_ROW_FROM_PASS_ROW(%u, %d) = %u != %x\n", + v, pass, m, f); + exit(99); + } } - m = PNG_COL_FROM_PASS_COL(v, pass); - f = png_col_from_pass_col(v, pass); - if (m != f) + if (v < png_pass_cols(0xFFFFFFFFU, pass)) { - fprintf(stderr, "PNG_COL_FROM_PASS_COL(%u, %d) = %u != %x\n", - v, pass, m, f); - exit(99); + m = PNG_COL_FROM_PASS_COL(v, pass); + f = png_col_from_pass_col(v, pass); + if (m != f) + { + fprintf(stderr, "PNG_COL_FROM_PASS_COL(%u, %d) = %u != %x\n", + v, pass, m, f); + exit(99); + } } m = PNG_ROW_IN_INTERLACE_PASS(v, pass); diff --git a/contrib/oss-fuzz/Dockerfile b/contrib/oss-fuzz/Dockerfile new file mode 100644 index 000000000..7e4d1ebff --- /dev/null +++ b/contrib/oss-fuzz/Dockerfile @@ -0,0 +1,24 @@ +# Copyright 2016 Google Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +################################################################################ + +FROM gcr.io/oss-fuzz-base/base-builder +MAINTAINER glennrp@gmail.com +RUN apt-get update && apt-get install -y make autoconf automake libtool zlib1g-dev + +RUN git clone --depth 1 https://github.com/glennrp/libpng.git +RUN (cd libpng; git log | head -1) +WORKDIR libpng +COPY build.sh $SRC/ diff --git a/contrib/oss-fuzz/README.txt b/contrib/oss-fuzz/README.txt new file mode 100644 index 000000000..a2b673665 --- /dev/null +++ b/contrib/oss-fuzz/README.txt @@ -0,0 +1,37 @@ +Last changed in libpng 1.6.33 [September 28, 2017] +Copyright (c) 2017 Glenn Randers-Pehrson + +This code is released under the libpng license. +For conditions of distribution and use, see the disclaimer +and license in png.h + +Files in this directory are used by the oss-fuzz project +(https://github.com/google/oss-fuzz/tree/master/projects/libpng). +for "fuzzing" libpng. + +They were licensed by Google Inc, using the BSD-like Chromium license, +which may be found at https://cs.chromium.org/chromium/src/LICENSE, or, if +noted in the source, under the Apache-2.0 license, which may +be found at http://www.apache.org/licenses/LICENSE-2.0 . +If they have been modified, the derivatives are copyright Glenn Randers-Pehrson +and are released under the same licenses as the originals. Several of +the original files (libpng_read_fuzzer.options, png.dict, project.yaml) +had no licensing information; we assumed that these were under the Chromium +license. Any new files are released under the libpng license (see png.h). + +The files are + Original + Filename or derived Copyright License + ========================= ========== ================ ========== + Dockerfile* derived 2017, Glenn R-P Apache 2.0 + build.sh* derived 2017, Glenn R-P Apache 2.0 + libpng_read_fuzzer.cc derived 2017, Glenn R-P Chromium + libpng_read_fuzzer.options original 2015, Chrome Devs Chromium + png.dict original 2015, Chrome Devs Chromium + README.txt (this file) original 2017, Glenn R-P libpng + + * Dockerfile and build.sh are copies of the files used by oss-fuzz. + png.dict and libpng_read_fuzzer.* are the actual files used by oss-fuzz, + which retrieves them from the libpng repository at Github. + +To do: exercise the progressive reader and the png encoder. diff --git a/contrib/oss-fuzz/build.sh b/contrib/oss-fuzz/build.sh new file mode 100755 index 000000000..d2137b13e --- /dev/null +++ b/contrib/oss-fuzz/build.sh @@ -0,0 +1,50 @@ +#!/bin/bash -eu +# Copyright 2017 Glenn Randers-Pehrson +# Copyright 2016 Google Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Last changed in libpng 1.6.33 [September 28, 2017] +# +# Revisions by Glenn Randers-Pehson, 2017: +# 1. Build only the library, not the tools (changed "make -j$(nproc) all" to +# "make -j$(nproc) libpng16.la"). +# 2. Disabled WARNING and WRITE options in pnglibconf.dfa. +################################################################################ + +# Disable logging via library build configuration control. +cat scripts/pnglibconf.dfa | \ + sed -e "s/option STDIO/option STDIO disabled/" \ + -e "s/option WARNING /option WARNING disabled/" \ + -e "s/option WRITE enables WRITE_INT_FUNCTIONS/option WRITE disabled/" \ +> scripts/pnglibconf.dfa.temp +mv scripts/pnglibconf.dfa.temp scripts/pnglibconf.dfa + +# build the library. +autoreconf -f -i +./configure +make -j$(nproc) clean +make -j$(nproc) libpng16.la + +# build libpng_read_fuzzer. +$CXX $CXXFLAGS -std=c++11 -I. \ + $SRC/libpng/contrib/oss-fuzz/libpng_read_fuzzer.cc \ + -o $OUT/libpng_read_fuzzer \ + -lFuzzingEngine .libs/libpng16.a -lz + +# add seed corpus. +find $SRC/libpng -name "*.png" | grep -v crashers | \ + xargs zip $OUT/libpng_read_fuzzer_seed_corpus.zip + +cp $SRC/libpng/contrib/oss-fuzz/*.dict \ + $SRC/libpng/contrib/oss-fuzz/*.options $OUT/ diff --git a/contrib/oss-fuzz/libpng_read_fuzzer.cc b/contrib/oss-fuzz/libpng_read_fuzzer.cc new file mode 100644 index 000000000..78c7c9ff0 --- /dev/null +++ b/contrib/oss-fuzz/libpng_read_fuzzer.cc @@ -0,0 +1,180 @@ + +// libpng_read_fuzzer.cc +// Copyright 2017 Glenn Randers-Pehrson +// Copyright 2015 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that may +// be found in the LICENSE file https://cs.chromium.org/chromium/src/LICENSE + +// Last changed in libpng 1.6.32 [August 24, 2017] + +// The modifications in 2017 by Glenn Randers-Pehrson include +// 1. addition of a PNG_CLEANUP macro, +// 2. setting the option to ignore ADLER32 checksums, +// 3. adding "#include <string.h>" which is needed on some platforms +// to provide memcpy(). +// 4. adding read_end_info() and creating an end_info structure. + +#include <stddef.h> +#include <stdint.h> +#include <string.h> + +#include <vector> + +#define PNG_INTERNAL +#include "png.h" + +#define PNG_CLEANUP \ + if(png_handler.png_ptr) \ + { \ + if (png_handler.row_ptr) \ + png_free(png_handler.png_ptr, png_handler.row_ptr); \ + if (png_handler.end_info_ptr) \ + png_destroy_read_struct(&png_handler.png_ptr, &png_handler.info_ptr,\ + &png_handler.end_info_ptr); \ + else if (png_handler.info_ptr) \ + png_destroy_read_struct(&png_handler.png_ptr, &png_handler.info_ptr,\ + nullptr); \ + else \ + png_destroy_read_struct(&png_handler.png_ptr, nullptr, nullptr); \ + png_handler.png_ptr = nullptr; \ + png_handler.row_ptr = nullptr; \ + png_handler.info_ptr = nullptr; \ + png_handler.end_info_ptr = nullptr; \ + } + +struct BufState { + const uint8_t* data; + size_t bytes_left; +}; + +struct PngObjectHandler { + png_infop info_ptr = nullptr; + png_structp png_ptr = nullptr; + png_infop end_info_ptr = nullptr; + png_voidp row_ptr = nullptr; + BufState* buf_state = nullptr; + + ~PngObjectHandler() { + if (row_ptr) + png_free(png_ptr, row_ptr); + if (end_info_ptr) + png_destroy_read_struct(&png_ptr, &info_ptr, &end_info_ptr); + else if (info_ptr) + png_destroy_read_struct(&png_ptr, &info_ptr, nullptr); + else + png_destroy_read_struct(&png_ptr, nullptr, nullptr); + delete buf_state; + } +}; + +void user_read_data(png_structp png_ptr, png_bytep data, png_size_t length) { + BufState* buf_state = static_cast<BufState*>(png_get_io_ptr(png_ptr)); + if (length > buf_state->bytes_left) { + png_error(png_ptr, "read error"); + } + memcpy(data, buf_state->data, length); + buf_state->bytes_left -= length; + buf_state->data += length; +} + +static const int kPngHeaderSize = 8; + +// Entry point for LibFuzzer. +// Roughly follows the libpng book example: +// http://www.libpng.org/pub/png/book/chapter13.html +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { + if (size < kPngHeaderSize) { + return 0; + } + + std::vector<unsigned char> v(data, data + size); + if (png_sig_cmp(v.data(), 0, kPngHeaderSize)) { + // not a PNG. + return 0; + } + + PngObjectHandler png_handler; + png_handler.png_ptr = nullptr; + png_handler.row_ptr = nullptr; + png_handler.info_ptr = nullptr; + png_handler.end_info_ptr = nullptr; + + png_handler.png_ptr = png_create_read_struct + (PNG_LIBPNG_VER_STRING, nullptr, nullptr, nullptr); + if (!png_handler.png_ptr) { + return 0; + } + + png_handler.info_ptr = png_create_info_struct(png_handler.png_ptr); + if (!png_handler.info_ptr) { + PNG_CLEANUP + return 0; + } + + png_handler.end_info_ptr = png_create_info_struct(png_handler.png_ptr); + if (!png_handler.end_info_ptr) { + PNG_CLEANUP + return 0; + } + + png_set_crc_action(png_handler.png_ptr, PNG_CRC_QUIET_USE, PNG_CRC_QUIET_USE); +#ifdef PNG_IGNORE_ADLER32 + png_set_option(png_handler.png_ptr, PNG_IGNORE_ADLER32, PNG_OPTION_ON); +#endif + + // Setting up reading from buffer. + png_handler.buf_state = new BufState(); + png_handler.buf_state->data = data + kPngHeaderSize; + png_handler.buf_state->bytes_left = size - kPngHeaderSize; + png_set_read_fn(png_handler.png_ptr, png_handler.buf_state, user_read_data); + png_set_sig_bytes(png_handler.png_ptr, kPngHeaderSize); + + if (setjmp(png_jmpbuf(png_handler.png_ptr))) { + PNG_CLEANUP + return 0; + } + + // Reading. + png_read_info(png_handler.png_ptr, png_handler.info_ptr); + png_handler.row_ptr = png_malloc( + png_handler.png_ptr, png_get_rowbytes(png_handler.png_ptr, + png_handler.info_ptr)); + + // reset error handler to put png_deleter into scope. + if (setjmp(png_jmpbuf(png_handler.png_ptr))) { + PNG_CLEANUP + return 0; + } + + png_uint_32 width, height; + int bit_depth, color_type, interlace_type, compression_type; + int filter_type; + + if (!png_get_IHDR(png_handler.png_ptr, png_handler.info_ptr, &width, + &height, &bit_depth, &color_type, &interlace_type, + &compression_type, &filter_type)) { + PNG_CLEANUP + return 0; + } + + // This is going to be too slow. + if (width && height > 100000000 / width) { + PNG_CLEANUP + return 0; + } + + int passes = png_set_interlace_handling(png_handler.png_ptr); + png_start_read_image(png_handler.png_ptr); + + for (int pass = 0; pass < passes; ++pass) { + for (png_uint_32 y = 0; y < height; ++y) { + png_read_row(png_handler.png_ptr, + static_cast<png_bytep>(png_handler.row_ptr), nullptr); + } + } + + png_read_end(png_handler.png_ptr, png_handler.end_info_ptr); + + PNG_CLEANUP + return 0; +} diff --git a/contrib/oss-fuzz/libpng_read_fuzzer.options b/contrib/oss-fuzz/libpng_read_fuzzer.options new file mode 100644 index 000000000..2005291a0 --- /dev/null +++ b/contrib/oss-fuzz/libpng_read_fuzzer.options @@ -0,0 +1,2 @@ +[libfuzzer] +dict = png.dict diff --git a/contrib/oss-fuzz/newcc b/contrib/oss-fuzz/newcc new file mode 100644 index 000000000..0fc9e206c --- /dev/null +++ b/contrib/oss-fuzz/newcc @@ -0,0 +1,190 @@ + +// libpng_read_fuzzer.cc +// Copyright 2017 Glenn Randers-Pehrson +// Copyright 2015 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that may +// be found in the LICENSE file https://cs.chromium.org/chromium/src/LICENSE + +// Last changed in libpng 1.6.33beta03 [September 27, 2017] + +// The modifications in 2017 by Glenn Randers-Pehrson include +// 1. addition of a PNG_CLEANUP macro, +// 2. setting the option to ignore ADLER32 checksums, +// 3. adding "#include <string.h>" which is needed on some platforms +// to provide memcpy(). +// 4. adding read_end_info() and creating an end_info structure. + +#include <stddef.h> +#include <stdint.h> +#include <string.h> + +#include <vector> + +#define PNG_INTERNAL +#include "png.h" + +struct BufState { + const uint8_t* data; + size_t bytes_left; +}; + +struct PngObjectHandler { + png_infop info_ptr = nullptr; + png_structp png_ptr = nullptr; + png_infop end_info_ptr = nullptr; + png_voidp row_ptr = nullptr; + BufState* buf_state = nullptr; + + ~PngObjectHandler() { + if (row_ptr) + png_free(png_ptr, row_ptr); + if (end_info_ptr) + png_destroy_read_struct(&png_ptr, &info_ptr, &end_info_ptr); + else if (info_ptr) + png_destroy_read_struct(&png_ptr, &info_ptr, nullptr); + else + png_destroy_read_struct(&png_ptr, nullptr, nullptr); + delete buf_state; + } +}; + +void user_read_data(png_structp png_ptr, png_bytep data, png_size_t length) { + BufState* buf_state = static_cast<BufState*>(png_get_io_ptr(png_ptr)); + if (length > buf_state->bytes_left) { + png_error(png_ptr, "read error"); + } + memcpy(data, buf_state->data, length); + buf_state->bytes_left -= length; + buf_state->data += length; +} + +static const int kPngHeaderSize = 8; + +// Entry point for LibFuzzer. +// Roughly follows the libpng book example: +// http://www.libpng.org/pub/png/book/chapter13.html + +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { + if (size < kPngHeaderSize) { + return 0; + } + + std::vector<unsigned char> v(data, data + size); + if (png_sig_cmp(v.data(), 0, kPngHeaderSize)) { + // not a PNG. + return 0; + } + + PngObjectHandler png_handler; + png_handler.png_ptr = nullptr; + png_handler.row_ptr = nullptr; + png_handler.info_ptr = nullptr; + png_handler.end_info_ptr = nullptr; + + png_handler.png_ptr = png_create_read_struct + (PNG_LIBPNG_VER_STRING, nullptr, nullptr, nullptr); + if (!png_handler.png_ptr) { + return 0; + } + +#define PNG_CLEANUP \ + if(png_handler.png_ptr) \ + { \ + if (png_handler.row_ptr) \ + png_free(png_handler.png_ptr, png_handler.row_ptr); \ + if (png_handler.end_info_ptr) \ + png_destroy_read_struct(&png_handler.png_ptr, &png_handler.info_ptr,\ + &png_handler.end_info_ptr); \ + else if (png_handler.info_ptr) \ + png_destroy_read_struct(&png_handler.png_ptr, &png_handler.info_ptr,\ + nullptr); \ + else \ + png_destroy_read_struct(&png_handler.png_ptr, nullptr, nullptr); \ + png_handler.png_ptr = nullptr; \ + png_handler.row_ptr = nullptr; \ + png_handler.info_ptr = nullptr; \ + png_handler.end_info_ptr = nullptr; \ + } + + png_handler.info_ptr = png_create_info_struct(png_handler.png_ptr); + if (!png_handler.info_ptr) { + PNG_CLEANUP + return 0; + } + + png_handler.end_info_ptr = png_create_info_struct(png_handler.png_ptr); + if (!png_handler.end_info_ptr) { + PNG_CLEANUP + return 0; + } + + /* Treat benign errors as warnings */ + png_set_benign_errors(png_handler.png_ptr, 1); + + png_set_crc_action(png_handler.png_ptr, PNG_CRC_QUIET_USE, PNG_CRC_QUIET_USE); + +#ifdef PNG_IGNORE_ADLER32 + png_set_option(png_handler.png_ptr, PNG_IGNORE_ADLER32, PNG_OPTION_ON); +#endif + + // Setting up reading from buffer. + png_handler.buf_state = new BufState(); + png_handler.buf_state->data = data + kPngHeaderSize; + png_handler.buf_state->bytes_left = size - kPngHeaderSize; + png_set_read_fn(png_handler.png_ptr, png_handler.buf_state, user_read_data); + png_set_sig_bytes(png_handler.png_ptr, kPngHeaderSize); + + if (setjmp(png_jmpbuf(png_handler.png_ptr))) { + PNG_CLEANUP + return 0; + } + + // Reading. + png_read_info(png_handler.png_ptr, png_handler.info_ptr); + png_read_update_info(png_handler.png_ptr, png_handler.info_ptr); + png_handler.row_ptr = png_malloc( + png_handler.png_ptr, png_get_rowbytes(png_handler.png_ptr, + png_handler.info_ptr)); + + // reset error handler to put png_deleter into scope. + if (setjmp(png_jmpbuf(png_handler.png_ptr))) { + PNG_CLEANUP + return 0; + } + + png_uint_32 width, height; + int bit_depth, color_type, interlace_type, compression_type; + int filter_type; + + if (!png_get_IHDR(png_handler.png_ptr, png_handler.info_ptr, &width, + &height, &bit_depth, &color_type, &interlace_type, + &compression_type, &filter_type)) { + PNG_CLEANUP + return 0; + } + + // This is going to be too slow. + if (width && height > 100000000 / width) { + PNG_CLEANUP + return 0; + } + + int passes = png_set_interlace_handling(png_handler.png_ptr); + png_start_read_image(png_handler.png_ptr); + + /* To do: prevent the optimizer from removing this code entirely */ + for (int pass = 0; pass < passes; ++pass) { + for (png_uint_32 y = 0; y < height; ++y) { + png_read_row(png_handler.png_ptr, + static_cast<png_bytep>(png_handler.row_ptr), nullptr); + } + } + + png_read_end(png_handler.png_ptr, png_handler.end_info_ptr); + + PNG_CLEANUP + + /* TO do: exercise the progressive reader here */ + + return 0; +} diff --git a/contrib/oss-fuzz/png.dict b/contrib/oss-fuzz/png.dict new file mode 100644 index 000000000..3a8a11383 --- /dev/null +++ b/contrib/oss-fuzz/png.dict @@ -0,0 +1,39 @@ +# +# AFL dictionary for PNG images +# ----------------------------- +# +# Just the basic, standard-originating sections; does not include vendor +# extensions. +# +# Created by Michal Zalewski <lcamtuf@google.com> +# + +header_png="\x89PNG\x0d\x0a\x1a\x0a" + +section_IDAT="IDAT" +section_IEND="IEND" +section_IHDR="IHDR" +section_PLTE="PLTE" +section_bKGD="bKGD" +section_cHRM="cHRM" +section_eXIf="eXIf" +section_fRAc="fRAc" +section_gAMA="gAMA" +section_gIFg="gIFg" +section_gIFt="gIFt" +section_gIFx="gIFx" +section_hIST="hIST" +section_iCCP="iCCP" +section_iTXt="iTXt" +section_oFFs="oFFs" +section_pCAL="pCAL" +section_pHYs="pHYs" +section_sBIT="sBIT" +section_sCAL="sCAL" +section_sPLT="sPLT" +section_sRGB="sRGB" +section_sTER="sTER" +section_tEXt="tEXt" +section_tIME="tIME" +section_tRNS="tRNS" +section_zTXt="zTXt" diff --git a/contrib/pngminus/README b/contrib/pngminus/README index bbe7407ec..fbcfc9861 100644 --- a/contrib/pngminus/README +++ b/contrib/pngminus/README @@ -146,7 +146,7 @@ The Turbo bug The end ------- Willem van Schaik -mailto:willem@schaik.com +mailto:willem at schaik.com http://www.schaik.com/png/ ------- Oct 1999 diff --git a/contrib/pngminus/png2pnm.c b/contrib/pngminus/png2pnm.c index f68d7ff72..1420a783b 100644 --- a/contrib/pngminus/png2pnm.c +++ b/contrib/pngminus/png2pnm.c @@ -1,8 +1,12 @@ /* * png2pnm.c --- conversion from PNG-file to PGM/PPM-file - * copyright (C) 1999 by Willem van Schaik <willem@schaik.com> + * copyright (C) 1999,2017 by Willem van Schaik <willem at schaik.com> * * version 1.0 - 1999.10.15 - First version. + * 1.1 - 2017.04.22 - Add buffer-size check (Glenn Randers-Pehrson) + * 1.2 - 2017.08.24 - Fix potential overflow in buffer-size check + * (Glenn Randers-Pehrson) + * 1.3 - 2017.08.28 - Add PNGMINUS_UNUSED (Christian Hesse) * * Permission to use, copy, modify, and distribute this software and * its documentation for any purpose and without fee is hereby granted, @@ -41,6 +45,7 @@ #define PNG_DEBUG 0 #endif + #include "png.h" /* Define png_jmpbuf() in case we are using a pre-1.0.6 version of libpng */ @@ -48,6 +53,14 @@ # define png_jmpbuf(png_ptr) ((png_ptr)->jmpbuf) #endif +#ifndef PNGMINUS_UNUSED +/* Unused formal parameter warnings are silenced using the following macro + * which is expected to have no bad effects on performance (optimizing + * compilers will probably remove it entirely). + */ +# define PNGMINUS_UNUSED(param) (void)param +#endif + /* function prototypes */ int main (int argc, char *argv[]); @@ -320,14 +333,21 @@ BOOL png2pnm (FILE *png_file, FILE *pnm_file, FILE *alpha_file, /* row_bytes is the width x number of channels x (bit-depth / 8) */ row_bytes = png_get_rowbytes (png_ptr, info_ptr); + if ((row_bytes == 0 || (size_t)height > ((size_t)(-1))/(size_t)row_bytes)) + { + /* too big */ + png_destroy_read_struct (&png_ptr, &info_ptr, NULL); + return FALSE; + } if ((png_pixels = (png_byte *) - malloc (row_bytes * height * sizeof (png_byte))) == NULL) { + malloc ((size_t)row_bytes * (size_t)height * sizeof (png_byte))) == NULL) + { png_destroy_read_struct (&png_ptr, &info_ptr, NULL); return FALSE; } if ((row_pointers = (png_byte **) - malloc (height * sizeof (png_bytep))) == NULL) + malloc ((size_t)height * sizeof (png_bytep))) == NULL) { png_destroy_read_struct (&png_ptr, &info_ptr, NULL); free (png_pixels); @@ -408,7 +428,8 @@ BOOL png2pnm (FILE *png_file, FILE *pnm_file, FILE *alpha_file, if (raw) fputc ((int) *pix_ptr++ , alpha_file); else - if (bit_depth == 16){ + if (bit_depth == 16) + { dep_16 = (long) *pix_ptr++; fprintf (alpha_file, "%ld ", (dep_16 << 8) + (long) *pix_ptr++); } @@ -432,6 +453,7 @@ BOOL png2pnm (FILE *png_file, FILE *pnm_file, FILE *alpha_file, if (png_pixels != (unsigned char*) NULL) free (png_pixels); + PNGMINUS_UNUSED(raw); /* to quiet a Coverity defect */ return TRUE; } /* end of source */ diff --git a/contrib/pngminus/pnm2png.c b/contrib/pngminus/pnm2png.c index 8fa64cd1f..0d2caef96 100644 --- a/contrib/pngminus/pnm2png.c +++ b/contrib/pngminus/pnm2png.c @@ -1,9 +1,13 @@ /* * pnm2png.c --- conversion from PBM/PGM/PPM-file to PNG-file - * copyright (C) 1999 by Willem van Schaik <willem@schaik.com> + * copyright (C) 1999,2015,2017 by Willem van Schaik <willem at schaik.com> * * version 1.0 - 1999.10.15 - First version. * version 1.1 - 2015.07.29 - Fixed leaks (Glenn Randers-Pehrson) + * version 1.2 - 2017.04.22 - Add buffer-size check + * 1.3 - 2017.08.24 - Fix potential overflow in buffer-size check + * (Glenn Randers-Pehrson) + * 1.4 - 2017.08.28 - Add PNGMINUS_UNUSED (Christian Hesse) * * Permission to use, copy, modify, and distribute this software and * its documentation for any purpose and without fee is hereby granted, @@ -47,6 +51,15 @@ # define png_jmpbuf(png_ptr) ((png_ptr)->jmpbuf) #endif +#ifndef PNGMINUS_UNUSED +/* Unused formal parameter warnings are silenced using the following macro + * which is expected to have no bad effects on performance (optimizing + * compilers will probably remove it entirely). + */ +# define PNGMINUS_UNUSED(param) (void)param +#endif + + /* function prototypes */ int main (int argc, char *argv[]); @@ -370,11 +383,16 @@ BOOL pnm2png (FILE *pnm_file, FILE *png_file, FILE *alpha_file, BOOL interlace, row_bytes = (width * channels * bit_depth + 7) / 8; else #endif - /* row_bytes is the width x number of channels x (bit-depth / 8) */ + /* row_bytes is the width x number of channels x (bit-depth / 8) */ row_bytes = width * channels * ((bit_depth <= 8) ? 1 : 2); + if ((row_bytes == 0 || (size_t)height > ((size_t)(-1))/(size_t)row_bytes)) + { + /* too big */ + return FALSE; + } if ((png_pixels = (png_byte *) - malloc (row_bytes * height * sizeof (png_byte))) == NULL) + malloc ((size_t)row_bytes * (size_t)height * sizeof (png_byte))) == NULL) return FALSE; /* read data from PNM file */ @@ -383,7 +401,8 @@ BOOL pnm2png (FILE *pnm_file, FILE *png_file, FILE *alpha_file, BOOL interlace, for (row = 0; row < (int) height; row++) { #if defined(PNG_WRITE_INVERT_SUPPORTED) || defined(PNG_WRITE_PACK_SUPPORTED) - if (packed_bitmap) { + if (packed_bitmap) + { for (i = 0; i < (int) row_bytes; i++) /* png supports this format natively so no conversion is needed */ *pix_ptr++ = get_data (pnm_file, 8); @@ -504,6 +523,8 @@ BOOL pnm2png (FILE *pnm_file, FILE *png_file, FILE *alpha_file, BOOL interlace, if (png_pixels != (unsigned char*) NULL) free (png_pixels); + PNGMINUS_UNUSED(raw); /* Quiet a Coverity defect */ + return TRUE; } /* end of pnm2png */ @@ -520,7 +541,8 @@ void get_token(FILE *pnm_file, char *token) do { ret = fgetc(pnm_file); - if (ret == '#') { + if (ret == '#') + { /* the rest of this line is a comment */ do { diff --git a/contrib/pngsuite/README b/contrib/pngsuite/README index a7fde8f36..53ba5c8f7 100644 --- a/contrib/pngsuite/README +++ b/contrib/pngsuite/README @@ -101,5 +101,5 @@ Testing basn6a16.png: PASS (1072 zero samples) libpng passes test Willem van Schaik -<willem@schaik.com> +<willem at schaik.com> October 1999 diff --git a/contrib/powerpc-vsx/README b/contrib/powerpc-vsx/README new file mode 100644 index 000000000..e566147ea --- /dev/null +++ b/contrib/powerpc-vsx/README @@ -0,0 +1,81 @@ +OPERATING SYSTEM SPECIFIC POWERPC DETECTION +-------------------------------------------- + +Detection of the ability to execute POWERPC on processor requires +operating system support. (The information is not available in user mode.) + +Currently only this feature is supported only for linux platform. + +HOW TO USE THIS +--------------- + +This directory contains C code fragments that can be included in powerpc/powerpc_init.c +by setting the macro PNG_POWERPC_VSX_FILE to the file name in "" or <> at build +time. This setting is not recorded in pnglibconf.h and can be changed simply by +rebuilding arm/arm_init.o with the required macro definition. + +For any of this code to be used the POWERPC code must be enabled and run time +checks must be supported. I.e.: + +#if PNG_POWERPC_VSX_OPT > 0 +#ifdef PNG_POWERPC_VSX_CHECK_SUPPORTED + +This is done in a 'configure' build by passing configure the argument: + + --enable-powerpc-vsx=check + +FILE FORMAT +----------- + +Each file documents its testing status as of the last time it was tested (which +may have been a long time ago): + +STATUS: one of: + SUPPORTED: This indicates that the file is included in the regularly + performed test builds and bugs are fixed when discovered. + COMPILED: This indicates that the code did compile at least once. See the + more detailed description for the extent to which the result was + successful. + TESTED: This means the code was fully compiled into the libpng test programs + and these were run at least once. + +BUG REPORTS: an email address to which to send reports of problems + +The file is a fragment of C code. It should not define any 'extern' symbols; +everything should be static. It must define the function: + +static int png_have_vsx(png_structp png_ptr); + +That function must return 1 if ARM NEON instructions are supported, 0 if not. +It must not execute png_error unless it detects a bug. A png_error will prevent +the reading of the PNG and in the future, writing too. + +BUG REPORTS +----------- + +If you mail a bug report for any file that is not SUPPORTED there may only be +limited response. Consider fixing it and sending a patch to fix the problem - +this is more likely to result in action. + +CONTRIBUTIONS +------------- + +You may send contributions of new implementations to +png-mng-implement@sourceforge.net. Please write code in strict C90 C where +possible. Obviously OS dependencies are to be expected. If you submit code you +must have the authors permission and it must have a license that is acceptable +to the current maintainer; in particular that license must permit modification +and redistribution. + +Please try to make the contribution a single file and give the file a clear and +unambiguous name that identifies the target OS. If multiple files really are +required put them all in a sub-directory. + +You must also be prepared to handle bug reports from users of the code, either +by joining the png-mng-implement mailing list or by providing an email for the +"BUG REPORTS" entry or both. Please make sure that the header of the file +contains the STATUS and BUG REPORTS fields as above. + +Please list the OS requirements as precisely as possible. Ideally you should +also list the environment in which the code has been tested and certainly list +any environments where you suspect it might not work. diff --git a/contrib/powerpc-vsx/linux.c b/contrib/powerpc-vsx/linux.c new file mode 100644 index 000000000..32ed9d749 --- /dev/null +++ b/contrib/powerpc-vsx/linux.c @@ -0,0 +1,57 @@ +/* contrib/powerpc-vsx/linux.c + * + * Copyright (c) 2017 Glenn Randers-Pehrson + * Written by Vadim Barkov, 2017. + * Last changed in libpng 1.6.29 [March 16, 2017] + * + * This code is released under the libpng license. + * For conditions of distribution and use, see the disclaimer + * and license in png.h + * + * STATUS: TESTED + * BUG REPORTS: png-mng-implement@sourceforge.net + * + * png_have_vsx implemented for Linux by reading the widely available + * pseudo-file /proc/cpuinfo. + * + * This code is strict ANSI-C and is probably moderately portable; it does + * however use <stdio.h> and it assumes that /proc/cpuinfo is never localized. + */ + +#include <stdio.h> +#include <string.h> +#include <stdlib.h> +#include "png.h" + +#ifndef MAXLINE +# define MAXLINE 1024 +#endif + +static int +png_have_vsx(png_structp png_ptr) +{ + FILE *f; + + const char *string = "altivec supported"; + char input[MAXLINE]; + char *token = NULL; + + PNG_UNUSED(png_ptr) + + f = fopen("/proc/cpuinfo", "r"); + if (f != NULL) + { + memset(input,0,MAXLINE); + while(fgets(input,MAXLINE,f) != NULL) + { + token = strstr(input,string); + if(token != NULL) + return 1; + } + } +#ifdef PNG_WARNINGS_SUPPORTED + else + png_warning(png_ptr, "/proc/cpuinfo open failed"); +#endif + return 0; +} diff --git a/contrib/powerpc-vsx/linux_aux.c b/contrib/powerpc-vsx/linux_aux.c new file mode 100644 index 000000000..796922d77 --- /dev/null +++ b/contrib/powerpc-vsx/linux_aux.c @@ -0,0 +1,36 @@ +/* contrib/powerpc-vsx/linux_aux.c + * + * Copyright (c) 2017 Glenn Randers-Pehrson + * Written by Vadim Barkov, 2017. + * Last changed in libpng 1.6.29 [March 16, 2017] + * + * This code is released under the libpng license. + * For conditions of distribution and use, see the disclaimer + * and license in png.h + * + * STATUS: TESTED + * BUG REPORTS: png-mng-implement@sourceforge.net + * + * png_have_vsx implemented for Linux by using the auxiliary vector mechanism. + * + * This code is strict ANSI-C and is probably moderately portable; it does + * however use <stdio.h> and it assumes that /proc/cpuinfo is never localized. + */ + +#include "sys/auxv.h" +#include "png.h" + +static int +png_have_vsx(png_structp png_ptr) +{ + + const unsigned long auxv = getauxval( AT_HWCAP ); + + PNG_UNUSED(png_ptr) + + if(auxv & (PPC_FEATURE_HAS_ALTIVEC|PPC_FEATURE_HAS_VSX )) + return 1; + else + return 0; +} + diff --git a/contrib/testpngs/crashers/bad_iCCP.png b/contrib/testpngs/crashers/bad_iCCP.png Binary files differnew file mode 100644 index 000000000..0b7b86379 --- /dev/null +++ b/contrib/testpngs/crashers/bad_iCCP.png diff --git a/contrib/testpngs/crashers/badadler.png b/contrib/testpngs/crashers/badadler.png Binary files differnew file mode 100644 index 000000000..2bcbcc926 --- /dev/null +++ b/contrib/testpngs/crashers/badadler.png diff --git a/contrib/testpngs/crashers/badcrc.png b/contrib/testpngs/crashers/badcrc.png Binary files differnew file mode 100644 index 000000000..45d026804 --- /dev/null +++ b/contrib/testpngs/crashers/badcrc.png diff --git a/contrib/testpngs/crashers/empty_ancillary_chunks.png b/contrib/testpngs/crashers/empty_ancillary_chunks.png Binary files differnew file mode 100644 index 000000000..d76477c6a --- /dev/null +++ b/contrib/testpngs/crashers/empty_ancillary_chunks.png diff --git a/contrib/testpngs/crashers/huge_IDAT.png b/contrib/testpngs/crashers/huge_IDAT.png Binary files differnew file mode 100644 index 000000000..efee66cf3 --- /dev/null +++ b/contrib/testpngs/crashers/huge_IDAT.png diff --git a/contrib/testpngs/crashers/huge_bKGD_chunk.png b/contrib/testpngs/crashers/huge_bKGD_chunk.png Binary files differnew file mode 100644 index 000000000..fd571fd2c --- /dev/null +++ b/contrib/testpngs/crashers/huge_bKGD_chunk.png diff --git a/contrib/testpngs/crashers/huge_cHRM_chunk.png b/contrib/testpngs/crashers/huge_cHRM_chunk.png Binary files differnew file mode 100644 index 000000000..698e7c46d --- /dev/null +++ b/contrib/testpngs/crashers/huge_cHRM_chunk.png diff --git a/contrib/testpngs/crashers/huge_eXIf_chunk.png b/contrib/testpngs/crashers/huge_eXIf_chunk.png Binary files differnew file mode 100644 index 000000000..7d4160196 --- /dev/null +++ b/contrib/testpngs/crashers/huge_eXIf_chunk.png diff --git a/contrib/testpngs/crashers/huge_gAMA_chunk.png b/contrib/testpngs/crashers/huge_gAMA_chunk.png Binary files differnew file mode 100644 index 000000000..b089c1859 --- /dev/null +++ b/contrib/testpngs/crashers/huge_gAMA_chunk.png diff --git a/contrib/testpngs/crashers/huge_hIST_chunk.png b/contrib/testpngs/crashers/huge_hIST_chunk.png Binary files differnew file mode 100644 index 000000000..6d6fcb533 --- /dev/null +++ b/contrib/testpngs/crashers/huge_hIST_chunk.png diff --git a/contrib/testpngs/crashers/huge_iCCP_chunk.png b/contrib/testpngs/crashers/huge_iCCP_chunk.png Binary files differnew file mode 100644 index 000000000..fbcb76153 --- /dev/null +++ b/contrib/testpngs/crashers/huge_iCCP_chunk.png diff --git a/contrib/testpngs/crashers/huge_iTXt_chunk.png b/contrib/testpngs/crashers/huge_iTXt_chunk.png Binary files differnew file mode 100644 index 000000000..098262017 --- /dev/null +++ b/contrib/testpngs/crashers/huge_iTXt_chunk.png diff --git a/contrib/testpngs/crashers/huge_juNK_unsafe_to_copy.png b/contrib/testpngs/crashers/huge_juNK_unsafe_to_copy.png Binary files differnew file mode 100644 index 000000000..0cb106f4a --- /dev/null +++ b/contrib/testpngs/crashers/huge_juNK_unsafe_to_copy.png diff --git a/contrib/testpngs/crashers/huge_juNk_safe_to_copy.png b/contrib/testpngs/crashers/huge_juNk_safe_to_copy.png Binary files differnew file mode 100644 index 000000000..85252b7dc --- /dev/null +++ b/contrib/testpngs/crashers/huge_juNk_safe_to_copy.png diff --git a/contrib/testpngs/crashers/huge_pCAL_chunk.png b/contrib/testpngs/crashers/huge_pCAL_chunk.png Binary files differnew file mode 100644 index 000000000..bc12a8f24 --- /dev/null +++ b/contrib/testpngs/crashers/huge_pCAL_chunk.png diff --git a/contrib/testpngs/crashers/huge_pHYs_chunk.png b/contrib/testpngs/crashers/huge_pHYs_chunk.png Binary files differnew file mode 100644 index 000000000..343b977e9 --- /dev/null +++ b/contrib/testpngs/crashers/huge_pHYs_chunk.png diff --git a/contrib/testpngs/crashers/huge_sCAL_chunk.png b/contrib/testpngs/crashers/huge_sCAL_chunk.png Binary files differnew file mode 100644 index 000000000..61f2f824d --- /dev/null +++ b/contrib/testpngs/crashers/huge_sCAL_chunk.png diff --git a/contrib/testpngs/crashers/huge_sPLT_chunk.png b/contrib/testpngs/crashers/huge_sPLT_chunk.png Binary files differnew file mode 100644 index 000000000..75d383a2e --- /dev/null +++ b/contrib/testpngs/crashers/huge_sPLT_chunk.png diff --git a/contrib/testpngs/crashers/huge_sRGB_chunk.png b/contrib/testpngs/crashers/huge_sRGB_chunk.png Binary files differnew file mode 100644 index 000000000..bc1db3363 --- /dev/null +++ b/contrib/testpngs/crashers/huge_sRGB_chunk.png diff --git a/contrib/testpngs/crashers/huge_sTER_chunk.png b/contrib/testpngs/crashers/huge_sTER_chunk.png Binary files differnew file mode 100644 index 000000000..39219fed7 --- /dev/null +++ b/contrib/testpngs/crashers/huge_sTER_chunk.png diff --git a/contrib/testpngs/crashers/huge_tEXt_chunk.png b/contrib/testpngs/crashers/huge_tEXt_chunk.png Binary files differnew file mode 100644 index 000000000..947fc373e --- /dev/null +++ b/contrib/testpngs/crashers/huge_tEXt_chunk.png diff --git a/contrib/testpngs/crashers/huge_tIME_chunk.png b/contrib/testpngs/crashers/huge_tIME_chunk.png Binary files differnew file mode 100644 index 000000000..16452fba2 --- /dev/null +++ b/contrib/testpngs/crashers/huge_tIME_chunk.png diff --git a/contrib/testpngs/crashers/huge_zTXt_chunk.png b/contrib/testpngs/crashers/huge_zTXt_chunk.png Binary files differnew file mode 100644 index 000000000..52f095308 --- /dev/null +++ b/contrib/testpngs/crashers/huge_zTXt_chunk.png diff --git a/contrib/testpngs/gray-1-1.8-tRNS.png b/contrib/testpngs/gray-1-1.8-tRNS.png Binary files differnew file mode 100644 index 000000000..0fc6cb7db --- /dev/null +++ b/contrib/testpngs/gray-1-1.8-tRNS.png diff --git a/contrib/testpngs/gray-1-1.8.png b/contrib/testpngs/gray-1-1.8.png Binary files differnew file mode 100644 index 000000000..5db4d7915 --- /dev/null +++ b/contrib/testpngs/gray-1-1.8.png diff --git a/contrib/testpngs/gray-1-linear-tRNS.png b/contrib/testpngs/gray-1-linear-tRNS.png Binary files differnew file mode 100644 index 000000000..5beb9d1df --- /dev/null +++ b/contrib/testpngs/gray-1-linear-tRNS.png diff --git a/contrib/testpngs/gray-1-linear.png b/contrib/testpngs/gray-1-linear.png Binary files differnew file mode 100644 index 000000000..36a89a5ab --- /dev/null +++ b/contrib/testpngs/gray-1-linear.png diff --git a/contrib/testpngs/gray-1-sRGB-tRNS.png b/contrib/testpngs/gray-1-sRGB-tRNS.png Binary files differnew file mode 100644 index 000000000..80cec4b5e --- /dev/null +++ b/contrib/testpngs/gray-1-sRGB-tRNS.png diff --git a/contrib/testpngs/gray-1-sRGB.png b/contrib/testpngs/gray-1-sRGB.png Binary files differnew file mode 100644 index 000000000..484fd18c4 --- /dev/null +++ b/contrib/testpngs/gray-1-sRGB.png diff --git a/contrib/testpngs/gray-1-tRNS.png b/contrib/testpngs/gray-1-tRNS.png Binary files differnew file mode 100644 index 000000000..a988db968 --- /dev/null +++ b/contrib/testpngs/gray-1-tRNS.png diff --git a/contrib/testpngs/gray-1.png b/contrib/testpngs/gray-1.png Binary files differnew file mode 100644 index 000000000..71e37a336 --- /dev/null +++ b/contrib/testpngs/gray-1.png diff --git a/contrib/testpngs/gray-16-1.8-tRNS.png b/contrib/testpngs/gray-16-1.8-tRNS.png Binary files differnew file mode 100644 index 000000000..06cc0c138 --- /dev/null +++ b/contrib/testpngs/gray-16-1.8-tRNS.png diff --git a/contrib/testpngs/gray-16-1.8.png b/contrib/testpngs/gray-16-1.8.png Binary files differnew file mode 100644 index 000000000..06cc0c138 --- /dev/null +++ b/contrib/testpngs/gray-16-1.8.png diff --git a/contrib/testpngs/gray-16-linear-tRNS.png b/contrib/testpngs/gray-16-linear-tRNS.png Binary files differnew file mode 100644 index 000000000..beb4e96e2 --- /dev/null +++ b/contrib/testpngs/gray-16-linear-tRNS.png diff --git a/contrib/testpngs/gray-16-linear.png b/contrib/testpngs/gray-16-linear.png Binary files differnew file mode 100644 index 000000000..beb4e96e2 --- /dev/null +++ b/contrib/testpngs/gray-16-linear.png diff --git a/contrib/testpngs/gray-16-sRGB-tRNS.png b/contrib/testpngs/gray-16-sRGB-tRNS.png Binary files differnew file mode 100644 index 000000000..315db86a6 --- /dev/null +++ b/contrib/testpngs/gray-16-sRGB-tRNS.png diff --git a/contrib/testpngs/gray-16-sRGB.png b/contrib/testpngs/gray-16-sRGB.png Binary files differnew file mode 100644 index 000000000..315db86a6 --- /dev/null +++ b/contrib/testpngs/gray-16-sRGB.png diff --git a/contrib/testpngs/gray-16-tRNS.png b/contrib/testpngs/gray-16-tRNS.png Binary files differnew file mode 100644 index 000000000..4826d61eb --- /dev/null +++ b/contrib/testpngs/gray-16-tRNS.png diff --git a/contrib/testpngs/gray-16.png b/contrib/testpngs/gray-16.png Binary files differnew file mode 100644 index 000000000..4826d61eb --- /dev/null +++ b/contrib/testpngs/gray-16.png diff --git a/contrib/testpngs/gray-2-1.8-tRNS.png b/contrib/testpngs/gray-2-1.8-tRNS.png Binary files differnew file mode 100644 index 000000000..a1c6854c9 --- /dev/null +++ b/contrib/testpngs/gray-2-1.8-tRNS.png diff --git a/contrib/testpngs/gray-2-1.8.png b/contrib/testpngs/gray-2-1.8.png Binary files differnew file mode 100644 index 000000000..4cc811cdf --- /dev/null +++ b/contrib/testpngs/gray-2-1.8.png diff --git a/contrib/testpngs/gray-2-linear-tRNS.png b/contrib/testpngs/gray-2-linear-tRNS.png Binary files differnew file mode 100644 index 000000000..3c29ec6d9 --- /dev/null +++ b/contrib/testpngs/gray-2-linear-tRNS.png diff --git a/contrib/testpngs/gray-2-linear.png b/contrib/testpngs/gray-2-linear.png Binary files differnew file mode 100644 index 000000000..6ca6fb74d --- /dev/null +++ b/contrib/testpngs/gray-2-linear.png diff --git a/contrib/testpngs/gray-2-sRGB-tRNS.png b/contrib/testpngs/gray-2-sRGB-tRNS.png Binary files differnew file mode 100644 index 000000000..b418c8fbb --- /dev/null +++ b/contrib/testpngs/gray-2-sRGB-tRNS.png diff --git a/contrib/testpngs/gray-2-sRGB.png b/contrib/testpngs/gray-2-sRGB.png Binary files differnew file mode 100644 index 000000000..a6bde60af --- /dev/null +++ b/contrib/testpngs/gray-2-sRGB.png diff --git a/contrib/testpngs/gray-2-tRNS.png b/contrib/testpngs/gray-2-tRNS.png Binary files differnew file mode 100644 index 000000000..8e04cb502 --- /dev/null +++ b/contrib/testpngs/gray-2-tRNS.png diff --git a/contrib/testpngs/gray-2.png b/contrib/testpngs/gray-2.png Binary files differnew file mode 100644 index 000000000..9d85a2ace --- /dev/null +++ b/contrib/testpngs/gray-2.png diff --git a/contrib/testpngs/gray-4-1.8-tRNS.png b/contrib/testpngs/gray-4-1.8-tRNS.png Binary files differnew file mode 100644 index 000000000..402d699fb --- /dev/null +++ b/contrib/testpngs/gray-4-1.8-tRNS.png diff --git a/contrib/testpngs/gray-4-1.8.png b/contrib/testpngs/gray-4-1.8.png Binary files differnew file mode 100644 index 000000000..bc8da9876 --- /dev/null +++ b/contrib/testpngs/gray-4-1.8.png diff --git a/contrib/testpngs/gray-4-linear-tRNS.png b/contrib/testpngs/gray-4-linear-tRNS.png Binary files differnew file mode 100644 index 000000000..45c063d85 --- /dev/null +++ b/contrib/testpngs/gray-4-linear-tRNS.png diff --git a/contrib/testpngs/gray-4-linear.png b/contrib/testpngs/gray-4-linear.png Binary files differnew file mode 100644 index 000000000..0bd068d73 --- /dev/null +++ b/contrib/testpngs/gray-4-linear.png diff --git a/contrib/testpngs/gray-4-sRGB-tRNS.png b/contrib/testpngs/gray-4-sRGB-tRNS.png Binary files differnew file mode 100644 index 000000000..be8521049 --- /dev/null +++ b/contrib/testpngs/gray-4-sRGB-tRNS.png diff --git a/contrib/testpngs/gray-4-sRGB.png b/contrib/testpngs/gray-4-sRGB.png Binary files differnew file mode 100644 index 000000000..38a79228d --- /dev/null +++ b/contrib/testpngs/gray-4-sRGB.png diff --git a/contrib/testpngs/gray-4-tRNS.png b/contrib/testpngs/gray-4-tRNS.png Binary files differnew file mode 100644 index 000000000..14c4f1fb3 --- /dev/null +++ b/contrib/testpngs/gray-4-tRNS.png diff --git a/contrib/testpngs/gray-4.png b/contrib/testpngs/gray-4.png Binary files differnew file mode 100644 index 000000000..16bcada82 --- /dev/null +++ b/contrib/testpngs/gray-4.png diff --git a/contrib/testpngs/gray-8-1.8-tRNS.png b/contrib/testpngs/gray-8-1.8-tRNS.png Binary files differnew file mode 100644 index 000000000..2b3892458 --- /dev/null +++ b/contrib/testpngs/gray-8-1.8-tRNS.png diff --git a/contrib/testpngs/gray-8-1.8.png b/contrib/testpngs/gray-8-1.8.png Binary files differnew file mode 100644 index 000000000..4bba74cfa --- /dev/null +++ b/contrib/testpngs/gray-8-1.8.png diff --git a/contrib/testpngs/gray-8-linear-tRNS.png b/contrib/testpngs/gray-8-linear-tRNS.png Binary files differnew file mode 100644 index 000000000..a801abdaa --- /dev/null +++ b/contrib/testpngs/gray-8-linear-tRNS.png diff --git a/contrib/testpngs/gray-8-linear.png b/contrib/testpngs/gray-8-linear.png Binary files differnew file mode 100644 index 000000000..91be367ee --- /dev/null +++ b/contrib/testpngs/gray-8-linear.png diff --git a/contrib/testpngs/gray-8-sRGB-tRNS.png b/contrib/testpngs/gray-8-sRGB-tRNS.png Binary files differnew file mode 100644 index 000000000..f54f23d6b --- /dev/null +++ b/contrib/testpngs/gray-8-sRGB-tRNS.png diff --git a/contrib/testpngs/gray-8-sRGB.png b/contrib/testpngs/gray-8-sRGB.png Binary files differnew file mode 100644 index 000000000..2ae6377ff --- /dev/null +++ b/contrib/testpngs/gray-8-sRGB.png diff --git a/contrib/testpngs/gray-8-tRNS.png b/contrib/testpngs/gray-8-tRNS.png Binary files differnew file mode 100644 index 000000000..842245f1d --- /dev/null +++ b/contrib/testpngs/gray-8-tRNS.png diff --git a/contrib/testpngs/gray-8.png b/contrib/testpngs/gray-8.png Binary files differnew file mode 100644 index 000000000..23af27e14 --- /dev/null +++ b/contrib/testpngs/gray-8.png diff --git a/contrib/testpngs/gray-alpha-16-1.8.png b/contrib/testpngs/gray-alpha-16-1.8.png Binary files differnew file mode 100644 index 000000000..e0d36b7f0 --- /dev/null +++ b/contrib/testpngs/gray-alpha-16-1.8.png diff --git a/contrib/testpngs/gray-alpha-16-linear.png b/contrib/testpngs/gray-alpha-16-linear.png Binary files differnew file mode 100644 index 000000000..26aa32cee --- /dev/null +++ b/contrib/testpngs/gray-alpha-16-linear.png diff --git a/contrib/testpngs/gray-alpha-16-sRGB.png b/contrib/testpngs/gray-alpha-16-sRGB.png Binary files differnew file mode 100644 index 000000000..f1e811ba3 --- /dev/null +++ b/contrib/testpngs/gray-alpha-16-sRGB.png diff --git a/contrib/testpngs/gray-alpha-16.png b/contrib/testpngs/gray-alpha-16.png Binary files differnew file mode 100644 index 000000000..689879737 --- /dev/null +++ b/contrib/testpngs/gray-alpha-16.png diff --git a/contrib/testpngs/gray-alpha-8-1.8.png b/contrib/testpngs/gray-alpha-8-1.8.png Binary files differnew file mode 100644 index 000000000..68883a52d --- /dev/null +++ b/contrib/testpngs/gray-alpha-8-1.8.png diff --git a/contrib/testpngs/gray-alpha-8-linear.png b/contrib/testpngs/gray-alpha-8-linear.png Binary files differnew file mode 100644 index 000000000..cdc07031d --- /dev/null +++ b/contrib/testpngs/gray-alpha-8-linear.png diff --git a/contrib/testpngs/gray-alpha-8-sRGB.png b/contrib/testpngs/gray-alpha-8-sRGB.png Binary files differnew file mode 100644 index 000000000..7c37c8883 --- /dev/null +++ b/contrib/testpngs/gray-alpha-8-sRGB.png diff --git a/contrib/testpngs/gray-alpha-8.png b/contrib/testpngs/gray-alpha-8.png Binary files differnew file mode 100644 index 000000000..eb0a92499 --- /dev/null +++ b/contrib/testpngs/gray-alpha-8.png diff --git a/contrib/testpngs/makepngs.sh b/contrib/testpngs/makepngs.sh new file mode 100755 index 000000000..059503e23 --- /dev/null +++ b/contrib/testpngs/makepngs.sh @@ -0,0 +1,94 @@ +#!/bin/sh +# +# Make a set of test PNG files, MAKEPNG is the name of the makepng executable +# built from contrib/libtests/makepng.c + +# Copyright (c) 2015 John Cunningham Bowler + +# Last changed in libpng 1.6.20 [December 3, 2015] + +# This code is released under the libpng license. +# For conditions of distribution and use, see the disclaimer +# and license in png.h + +# The arguments say whether to build all the files or whether just to build the +# ones that extend the code-coverage of libpng from the existing test files in +# contrib/pngsuite. +test -n "$MAKEPNG" || MAKEPNG=./makepng +opts= + +mp(){ + ${MAKEPNG} $opts $1 "$3" "$4" "$3-$4$2.png" +} + +mpg(){ + if test "$1" = "none" + then + mp "" "" "$2" "$3" + else + mp "--$1" "-$1" "$2" "$3" + fi +} + +mptrans(){ + if test "$1" = "none" + then + mp "--tRNS" "-tRNS" "$2" "$3" + else + mp "--tRNS --$1" "-$1-tRNS" "$2" "$3" + fi +} + +case "$1" in + --small) + opts="--small";;& + + --all|--small) + for g in none sRGB linear 1.8 + do + for c in gray palette + do + for b in 1 2 4 + do + mpg "$g" "$c" "$b" + mptrans "$g" "$c" "$b" + done + done + + mpg "$g" palette 8 + mptrans "$g" palette 8 + + for b in 8 16 + do + for c in gray gray-alpha rgb rgb-alpha + do + mpg "$g" "$c" "$b" + done + for c in gray rgb + do + mptrans "$g" "$c" "$b" + done + done + done;; + + --coverage) + # Comments below indicate cases known to be required and not duplicated + # in other (required) cases; the aim is to get a minimal set that gives + # the maxium code coverage. + mpg none gray-alpha 8 # required: code coverage, sRGB opaque component + mpg none palette 8 # required: basic palette read + mpg 1.8 gray 2 # required: tests gamma threshold code + mpg 1.8 palette 2 # required: code coverage + mpg 1.8 palette 4 # required: code coverage + mpg 1.8 palette 8 # error limits only + mpg linear palette 8 # error limits only + mpg linear rgb-alpha 16 # error limits only + mpg sRGB palette 1 # required: code coverage + mpg sRGB rgb-alpha 16 # required: code coverage: pngread.c:2422 untested + :;; + + *) + echo "$0 $1: unknown argument, usage:" >&2 + echo " $0 [--all|--coverage|--small]" >&2 + exit 1 +esac diff --git a/contrib/testpngs/palette-1-1.8-tRNS.png b/contrib/testpngs/palette-1-1.8-tRNS.png Binary files differnew file mode 100644 index 000000000..7bf60410d --- /dev/null +++ b/contrib/testpngs/palette-1-1.8-tRNS.png diff --git a/contrib/testpngs/palette-1-1.8.png b/contrib/testpngs/palette-1-1.8.png Binary files differnew file mode 100644 index 000000000..73965b724 --- /dev/null +++ b/contrib/testpngs/palette-1-1.8.png diff --git a/contrib/testpngs/palette-1-linear-tRNS.png b/contrib/testpngs/palette-1-linear-tRNS.png Binary files differnew file mode 100644 index 000000000..9b0133dc9 --- /dev/null +++ b/contrib/testpngs/palette-1-linear-tRNS.png diff --git a/contrib/testpngs/palette-1-linear.png b/contrib/testpngs/palette-1-linear.png Binary files differnew file mode 100644 index 000000000..bf232fd33 --- /dev/null +++ b/contrib/testpngs/palette-1-linear.png diff --git a/contrib/testpngs/palette-1-sRGB-tRNS.png b/contrib/testpngs/palette-1-sRGB-tRNS.png Binary files differnew file mode 100644 index 000000000..1c6f262b3 --- /dev/null +++ b/contrib/testpngs/palette-1-sRGB-tRNS.png diff --git a/contrib/testpngs/palette-1-sRGB.png b/contrib/testpngs/palette-1-sRGB.png Binary files differnew file mode 100644 index 000000000..fbadc097f --- /dev/null +++ b/contrib/testpngs/palette-1-sRGB.png diff --git a/contrib/testpngs/palette-1-tRNS.png b/contrib/testpngs/palette-1-tRNS.png Binary files differnew file mode 100644 index 000000000..8f1642b7b --- /dev/null +++ b/contrib/testpngs/palette-1-tRNS.png diff --git a/contrib/testpngs/palette-1.png b/contrib/testpngs/palette-1.png Binary files differnew file mode 100644 index 000000000..a27d1362a --- /dev/null +++ b/contrib/testpngs/palette-1.png diff --git a/contrib/testpngs/palette-2-1.8-tRNS.png b/contrib/testpngs/palette-2-1.8-tRNS.png Binary files differnew file mode 100644 index 000000000..9d2ab1656 --- /dev/null +++ b/contrib/testpngs/palette-2-1.8-tRNS.png diff --git a/contrib/testpngs/palette-2-1.8.png b/contrib/testpngs/palette-2-1.8.png Binary files differnew file mode 100644 index 000000000..cdcf28329 --- /dev/null +++ b/contrib/testpngs/palette-2-1.8.png diff --git a/contrib/testpngs/palette-2-linear-tRNS.png b/contrib/testpngs/palette-2-linear-tRNS.png Binary files differnew file mode 100644 index 000000000..d346d4007 --- /dev/null +++ b/contrib/testpngs/palette-2-linear-tRNS.png diff --git a/contrib/testpngs/palette-2-linear.png b/contrib/testpngs/palette-2-linear.png Binary files differnew file mode 100644 index 000000000..5c2f6d335 --- /dev/null +++ b/contrib/testpngs/palette-2-linear.png diff --git a/contrib/testpngs/palette-2-sRGB-tRNS.png b/contrib/testpngs/palette-2-sRGB-tRNS.png Binary files differnew file mode 100644 index 000000000..e5a491a71 --- /dev/null +++ b/contrib/testpngs/palette-2-sRGB-tRNS.png diff --git a/contrib/testpngs/palette-2-sRGB.png b/contrib/testpngs/palette-2-sRGB.png Binary files differnew file mode 100644 index 000000000..a3bf9a2f3 --- /dev/null +++ b/contrib/testpngs/palette-2-sRGB.png diff --git a/contrib/testpngs/palette-2-tRNS.png b/contrib/testpngs/palette-2-tRNS.png Binary files differnew file mode 100644 index 000000000..c34a6986d --- /dev/null +++ b/contrib/testpngs/palette-2-tRNS.png diff --git a/contrib/testpngs/palette-2.png b/contrib/testpngs/palette-2.png Binary files differnew file mode 100644 index 000000000..eaf4536e0 --- /dev/null +++ b/contrib/testpngs/palette-2.png diff --git a/contrib/testpngs/palette-4-1.8-tRNS.png b/contrib/testpngs/palette-4-1.8-tRNS.png Binary files differnew file mode 100644 index 000000000..20cb465ce --- /dev/null +++ b/contrib/testpngs/palette-4-1.8-tRNS.png diff --git a/contrib/testpngs/palette-4-1.8.png b/contrib/testpngs/palette-4-1.8.png Binary files differnew file mode 100644 index 000000000..c2318ff82 --- /dev/null +++ b/contrib/testpngs/palette-4-1.8.png diff --git a/contrib/testpngs/palette-4-linear-tRNS.png b/contrib/testpngs/palette-4-linear-tRNS.png Binary files differnew file mode 100644 index 000000000..4d96a4724 --- /dev/null +++ b/contrib/testpngs/palette-4-linear-tRNS.png diff --git a/contrib/testpngs/palette-4-linear.png b/contrib/testpngs/palette-4-linear.png Binary files differnew file mode 100644 index 000000000..dfc5a868e --- /dev/null +++ b/contrib/testpngs/palette-4-linear.png diff --git a/contrib/testpngs/palette-4-sRGB-tRNS.png b/contrib/testpngs/palette-4-sRGB-tRNS.png Binary files differnew file mode 100644 index 000000000..92d23e7dd --- /dev/null +++ b/contrib/testpngs/palette-4-sRGB-tRNS.png diff --git a/contrib/testpngs/palette-4-sRGB.png b/contrib/testpngs/palette-4-sRGB.png Binary files differnew file mode 100644 index 000000000..26ea9e5ab --- /dev/null +++ b/contrib/testpngs/palette-4-sRGB.png diff --git a/contrib/testpngs/palette-4-tRNS.png b/contrib/testpngs/palette-4-tRNS.png Binary files differnew file mode 100644 index 000000000..429f6b953 --- /dev/null +++ b/contrib/testpngs/palette-4-tRNS.png diff --git a/contrib/testpngs/palette-4.png b/contrib/testpngs/palette-4.png Binary files differnew file mode 100644 index 000000000..82f348994 --- /dev/null +++ b/contrib/testpngs/palette-4.png diff --git a/contrib/testpngs/palette-8-1.8-tRNS.png b/contrib/testpngs/palette-8-1.8-tRNS.png Binary files differnew file mode 100644 index 000000000..c10bb5697 --- /dev/null +++ b/contrib/testpngs/palette-8-1.8-tRNS.png diff --git a/contrib/testpngs/palette-8-1.8.png b/contrib/testpngs/palette-8-1.8.png Binary files differnew file mode 100644 index 000000000..cc09ee60f --- /dev/null +++ b/contrib/testpngs/palette-8-1.8.png diff --git a/contrib/testpngs/palette-8-linear-tRNS.png b/contrib/testpngs/palette-8-linear-tRNS.png Binary files differnew file mode 100644 index 000000000..27f5a3336 --- /dev/null +++ b/contrib/testpngs/palette-8-linear-tRNS.png diff --git a/contrib/testpngs/palette-8-linear.png b/contrib/testpngs/palette-8-linear.png Binary files differnew file mode 100644 index 000000000..40d413cd6 --- /dev/null +++ b/contrib/testpngs/palette-8-linear.png diff --git a/contrib/testpngs/palette-8-sRGB-tRNS.png b/contrib/testpngs/palette-8-sRGB-tRNS.png Binary files differnew file mode 100644 index 000000000..b8863ec2b --- /dev/null +++ b/contrib/testpngs/palette-8-sRGB-tRNS.png diff --git a/contrib/testpngs/palette-8-sRGB.png b/contrib/testpngs/palette-8-sRGB.png Binary files differnew file mode 100644 index 000000000..90f891204 --- /dev/null +++ b/contrib/testpngs/palette-8-sRGB.png diff --git a/contrib/testpngs/palette-8-tRNS.png b/contrib/testpngs/palette-8-tRNS.png Binary files differnew file mode 100644 index 000000000..9660e6776 --- /dev/null +++ b/contrib/testpngs/palette-8-tRNS.png diff --git a/contrib/testpngs/palette-8.png b/contrib/testpngs/palette-8.png Binary files differnew file mode 100644 index 000000000..2502d305b --- /dev/null +++ b/contrib/testpngs/palette-8.png diff --git a/contrib/testpngs/rgb-16-1.8-tRNS.png b/contrib/testpngs/rgb-16-1.8-tRNS.png Binary files differnew file mode 100644 index 000000000..03251b12e --- /dev/null +++ b/contrib/testpngs/rgb-16-1.8-tRNS.png diff --git a/contrib/testpngs/rgb-16-1.8.png b/contrib/testpngs/rgb-16-1.8.png Binary files differnew file mode 100644 index 000000000..03251b12e --- /dev/null +++ b/contrib/testpngs/rgb-16-1.8.png diff --git a/contrib/testpngs/rgb-16-linear-tRNS.png b/contrib/testpngs/rgb-16-linear-tRNS.png Binary files differnew file mode 100644 index 000000000..3dfa6a6ad --- /dev/null +++ b/contrib/testpngs/rgb-16-linear-tRNS.png diff --git a/contrib/testpngs/rgb-16-linear.png b/contrib/testpngs/rgb-16-linear.png Binary files differnew file mode 100644 index 000000000..3dfa6a6ad --- /dev/null +++ b/contrib/testpngs/rgb-16-linear.png diff --git a/contrib/testpngs/rgb-16-sRGB-tRNS.png b/contrib/testpngs/rgb-16-sRGB-tRNS.png Binary files differnew file mode 100644 index 000000000..2cf2209e0 --- /dev/null +++ b/contrib/testpngs/rgb-16-sRGB-tRNS.png diff --git a/contrib/testpngs/rgb-16-sRGB.png b/contrib/testpngs/rgb-16-sRGB.png Binary files differnew file mode 100644 index 000000000..2cf2209e0 --- /dev/null +++ b/contrib/testpngs/rgb-16-sRGB.png diff --git a/contrib/testpngs/rgb-16-tRNS.png b/contrib/testpngs/rgb-16-tRNS.png Binary files differnew file mode 100644 index 000000000..28643528d --- /dev/null +++ b/contrib/testpngs/rgb-16-tRNS.png diff --git a/contrib/testpngs/rgb-16.png b/contrib/testpngs/rgb-16.png Binary files differnew file mode 100644 index 000000000..28643528d --- /dev/null +++ b/contrib/testpngs/rgb-16.png diff --git a/contrib/testpngs/rgb-8-1.8-tRNS.png b/contrib/testpngs/rgb-8-1.8-tRNS.png Binary files differnew file mode 100644 index 000000000..afff9df22 --- /dev/null +++ b/contrib/testpngs/rgb-8-1.8-tRNS.png diff --git a/contrib/testpngs/rgb-8-1.8.png b/contrib/testpngs/rgb-8-1.8.png Binary files differnew file mode 100644 index 000000000..d4bb12afa --- /dev/null +++ b/contrib/testpngs/rgb-8-1.8.png diff --git a/contrib/testpngs/rgb-8-linear-tRNS.png b/contrib/testpngs/rgb-8-linear-tRNS.png Binary files differnew file mode 100644 index 000000000..5a2ed9f00 --- /dev/null +++ b/contrib/testpngs/rgb-8-linear-tRNS.png diff --git a/contrib/testpngs/rgb-8-linear.png b/contrib/testpngs/rgb-8-linear.png Binary files differnew file mode 100644 index 000000000..7c42b0840 --- /dev/null +++ b/contrib/testpngs/rgb-8-linear.png diff --git a/contrib/testpngs/rgb-8-sRGB-tRNS.png b/contrib/testpngs/rgb-8-sRGB-tRNS.png Binary files differnew file mode 100644 index 000000000..f8b4ecbdc --- /dev/null +++ b/contrib/testpngs/rgb-8-sRGB-tRNS.png diff --git a/contrib/testpngs/rgb-8-sRGB.png b/contrib/testpngs/rgb-8-sRGB.png Binary files differnew file mode 100644 index 000000000..4acae649d --- /dev/null +++ b/contrib/testpngs/rgb-8-sRGB.png diff --git a/contrib/testpngs/rgb-8-tRNS.png b/contrib/testpngs/rgb-8-tRNS.png Binary files differnew file mode 100644 index 000000000..cdb1642eb --- /dev/null +++ b/contrib/testpngs/rgb-8-tRNS.png diff --git a/contrib/testpngs/rgb-8.png b/contrib/testpngs/rgb-8.png Binary files differnew file mode 100644 index 000000000..e69c71bfd --- /dev/null +++ b/contrib/testpngs/rgb-8.png diff --git a/contrib/testpngs/rgb-alpha-16-1.8.png b/contrib/testpngs/rgb-alpha-16-1.8.png Binary files differnew file mode 100644 index 000000000..ad65d150e --- /dev/null +++ b/contrib/testpngs/rgb-alpha-16-1.8.png diff --git a/contrib/testpngs/rgb-alpha-16-linear.png b/contrib/testpngs/rgb-alpha-16-linear.png Binary files differnew file mode 100644 index 000000000..1f3990031 --- /dev/null +++ b/contrib/testpngs/rgb-alpha-16-linear.png diff --git a/contrib/testpngs/rgb-alpha-16-sRGB.png b/contrib/testpngs/rgb-alpha-16-sRGB.png Binary files differnew file mode 100644 index 000000000..d9cea633a --- /dev/null +++ b/contrib/testpngs/rgb-alpha-16-sRGB.png diff --git a/contrib/testpngs/rgb-alpha-16.png b/contrib/testpngs/rgb-alpha-16.png Binary files differnew file mode 100644 index 000000000..59262397e --- /dev/null +++ b/contrib/testpngs/rgb-alpha-16.png diff --git a/contrib/testpngs/rgb-alpha-8-1.8.png b/contrib/testpngs/rgb-alpha-8-1.8.png Binary files differnew file mode 100644 index 000000000..f4d08ec04 --- /dev/null +++ b/contrib/testpngs/rgb-alpha-8-1.8.png diff --git a/contrib/testpngs/rgb-alpha-8-linear.png b/contrib/testpngs/rgb-alpha-8-linear.png Binary files differnew file mode 100644 index 000000000..b4f8bc829 --- /dev/null +++ b/contrib/testpngs/rgb-alpha-8-linear.png diff --git a/contrib/testpngs/rgb-alpha-8-sRGB.png b/contrib/testpngs/rgb-alpha-8-sRGB.png Binary files differnew file mode 100644 index 000000000..f06e7f837 --- /dev/null +++ b/contrib/testpngs/rgb-alpha-8-sRGB.png diff --git a/contrib/testpngs/rgb-alpha-8.png b/contrib/testpngs/rgb-alpha-8.png Binary files differnew file mode 100644 index 000000000..e15d4913f --- /dev/null +++ b/contrib/testpngs/rgb-alpha-8.png diff --git a/contrib/tools/README.txt b/contrib/tools/README.txt index 5ddae02ce..f53be6df9 100644 --- a/contrib/tools/README.txt +++ b/contrib/tools/README.txt @@ -23,4 +23,5 @@ ORIGINAL AUTHORS of the people below claim any rights with regard to the contents of this directory. - John Bowler <jbowler@acm.org> + John Bowler <jbowler at acm.org> + Glenn Randers-Pehrson <glennrp at users.sourceforge.net> diff --git a/contrib/tools/genpng.c b/contrib/tools/genpng.c index ce43260cb..0b3f98196 100644 --- a/contrib/tools/genpng.c +++ b/contrib/tools/genpng.c @@ -1,7 +1,8 @@ /*- genpng * * COPYRIGHT: Written by John Cunningham Bowler, 2015. - * To the extent possible under law, the author has waived all copyright and + * Revised by Glenn Randers-Pehrson, 2017, to add buffer-size check. + * To the extent possible under law, the authors have waived all copyright and * related or neighboring rights to this work. This work is published from: * United States. * @@ -783,6 +784,19 @@ main(int argc, const char **argv) return 1; } +#if 1 + /* TO do: determine whether this guard against overflow is necessary. + * This comment in png.h indicates that it should be safe: "libpng will + * refuse to process an image where such an overflow would occur", but + * I don't see where the image gets rejected when the buffer is too + * large before the malloc is attempted. + */ + if (image.height > ((size_t)(-1))/(8*image.width)) { + fprintf(stderr, "genpng: image buffer would be too big"); + return 1; + } +#endif + /* Create the buffer: */ buffer = malloc(PNG_IMAGE_SIZE(image)); diff --git a/contrib/tools/pngfix.c b/contrib/tools/pngfix.c index b2043e3fb..69ffc170e 100644 --- a/contrib/tools/pngfix.c +++ b/contrib/tools/pngfix.c @@ -1,8 +1,7 @@ /* pngfix.c * - * Copyright (c) 2014-2016 John Cunningham Bowler - * - * Last changed in libpng 1.6.21 [January 15, 2016] + * Last changed in libpng 1.6.31 [July 27, 2017] + * Copyright (c) 2014-2017 John Cunningham Bowler * * This code is released under the libpng license. * For conditions of distribution and use, see the disclaimer @@ -1824,7 +1823,7 @@ IDAT_init(struct IDAT * const idat, struct file * const file) } static png_uint_32 -rechunk_length(struct IDAT *idat) +rechunk_length(struct IDAT *idat, int start) /* Return the length for the next IDAT chunk, taking into account * rechunking. */ @@ -1836,7 +1835,7 @@ rechunk_length(struct IDAT *idat) const struct IDAT_list *cur; unsigned int count; - if (idat->idat_index == 0) /* at the new chunk (first time) */ + if (start) return idat->idat_length; /* use the cache */ /* Otherwise rechunk_length is called at the end of a chunk for the length @@ -1995,7 +1994,7 @@ process_IDAT(struct file *file) idat->idat_index = 0; /* Index into chunk data */ /* Update the chunk length to the correct value for the IDAT chunk: */ - file->chunk->chunk_length = rechunk_length(idat); + file->chunk->chunk_length = rechunk_length(idat, 1/*start*/); /* Change the state to writing IDAT chunks */ file->state = STATE_IDAT; @@ -2416,7 +2415,7 @@ zlib_advance(struct zlib *zlib, png_uint_32 nbytes) endrc = ZLIB_TOO_FAR_BACK; break; } - /* FALL THROUGH */ + /* FALLTHROUGH */ default: zlib_message(zlib, 0/*stream error*/); @@ -2570,7 +2569,7 @@ zlib_run(struct zlib *zlib) list->lengths[i] -= zlib->extra_bytes; list->count = i+1; zlib->idat->idat_list_tail = list; - /* FALL THROUGH */ + /* FALLTHROUGH */ default: return rc; @@ -2673,7 +2672,7 @@ zlib_check(struct file *file, png_uint_32 offset) /* Truncated stream; unrecoverable, gets converted to ZLIB_FATAL */ zlib.z.msg = PNGZ_MSG_CAST("[truncated]"); zlib_message(&zlib, 0/*expected*/); - /* FALL THROUGH */ + /* FALLTHROUGH */ default: /* Unrecoverable error; skip the chunk; a zlib_message has already @@ -3341,7 +3340,7 @@ read_callback(png_structp png_ptr, png_bytep buffer, size_t count) if (file->state != STATE_IDAT && length > 0) setpos(chunk); } - /* FALL THROUGH */ + /* FALLTHROUGH */ default: assert(chunk != NULL); @@ -3473,7 +3472,8 @@ read_callback(png_structp png_ptr, png_bytep buffer, size_t count) /* Write another IDAT chunk. Call rechunk_length to * calculate the length required. */ - length = chunk->chunk_length = rechunk_length(file->idat); + length = chunk->chunk_length = + rechunk_length(file->idat, 0/*end*/); assert(type == png_IDAT); file->write_count = 0; /* for the new chunk */ --(file->write_count); /* fake out the increment below */ diff --git a/contrib/tools/sRGB.h b/contrib/tools/sRGB.h index 22c8f7c0e..d1ece5129 100644 --- a/contrib/tools/sRGB.h +++ b/contrib/tools/sRGB.h @@ -14,7 +14,7 @@ * All routines take and return a floating point value in the range * 0 to 1.0, doing a calculation according to the sRGB specification * (in fact the source of the numbers is the wikipedia article at - * http://en.wikipedia.org/wiki/SRGB). + * https://en.wikipedia.org/wiki/SRGB). */ static double sRGB_from_linear(double l) diff --git a/contrib/visupng/PngFile.c b/contrib/visupng/PngFile.c index dcde18a3a..d46318f44 100644 --- a/contrib/visupng/PngFile.c +++ b/contrib/visupng/PngFile.c @@ -2,7 +2,7 @@ * PNGFILE.C -- Image File Functions *------------------------------------- * - * Copyright 2000, Willem van Schaik. + * Copyright 2000,2017 Willem van Schaik. * * This code is released under the libpng license. * For conditions of distribution and use, see the disclaimer @@ -236,6 +236,10 @@ BOOL PngLoadImage (PTSTR pstrFileName, png_byte **ppbImageData, free (pbImageData); pbImageData = NULL; } + if ((*piHeight) > ((size_t)(-1))/ulRowBytes) { + { + png_error(png_ptr, "Visual PNG: image is too big"); + } if ((pbImageData = (png_byte *) malloc(ulRowBytes * (*piHeight) * sizeof(png_byte))) == NULL) { diff --git a/contrib/visupng/VisualPng.c b/contrib/visupng/VisualPng.c index 236525a59..20e1625fa 100644 --- a/contrib/visupng/VisualPng.c +++ b/contrib/visupng/VisualPng.c @@ -2,7 +2,7 @@ * VisualPng.C -- Shows a PNG image *------------------------------------ * - * Copyright 2000, Willem van Schaik. + * Copyright 2000,2017 Willem van Schaik. * * This code is released under the libpng license. * For conditions of distribution and use, see the disclaimer @@ -726,6 +726,10 @@ BOOL DisplayImage (HWND hwnd, BYTE **ppDib, pDib = NULL; } + if (cyWinSize > ((size_t)(-1))/wDIRowBytes) { + { + MessageBox (hwnd, TEXT ("Visual PNG: image is too big"); + } if (!(pDib = (BYTE *) malloc (sizeof(BITMAPINFOHEADER) + wDIRowBytes * cyWinSize))) { @@ -847,6 +851,10 @@ BOOL FillBitmap ( cxImgPos = (cxWinSize - cxNewSize) / 2; } + if (cyNewSize > ((size_t)(-1))/(cImgChannels * cxNewSize)) { + { + MessageBox (hwnd, TEXT ("Visual PNG: stretched image is too big"); + } pStretchedImage = malloc (cImgChannels * cxNewSize * cyNewSize); pImg = pStretchedImage; |