diff --git a/ANNOUNCE b/ANNOUNCE index 1b8bc1915..ea3efb65f 100644 --- a/ANNOUNCE +++ b/ANNOUNCE @@ -1,5 +1,5 @@ -Libpng 1.7.0beta88 - August 6, 2017 +Libpng 1.7.0beta88 - August 18, 2017 This is not intended to be a public release. It will be replaced within a few weeks by a public version or by another test version. @@ -1431,9 +1431,11 @@ Version 1.7.0beta87 [April 1, 2017] makefile.linux and makefile.solaris-x86 (Cosmin). Merged some recent changes from libpng-1.6.30beta01. -Version 1.7.0beta88 [August 6, 2017] +Version 1.7.0beta88 [August 18, 2017] Added private png_check_chunk_name() and png_check_chunk_length() functions. + Check for 0 return from png_get_rowbytes() in contrib/pngminus/*.c to stop + some Coverity issues (162705, 162706, and 162707). Send comments/corrections/commendations to png-mng-implement at lists.sf.net (subscription required; visit diff --git a/CHANGES b/CHANGES index 4538d0073..d59886524 100644 --- a/CHANGES +++ b/CHANGES @@ -5731,10 +5731,12 @@ Version 1.7.0beta87 [April 1, 2017] makefile.linux and makefile.solaris-x86 (Cosmin). Merged some recent changes from libpng-1.6.30beta01. -Version 1.7.0beta88 [August 6, 2017] +Version 1.7.0beta88 [August 18, 2017] Initialized btoa[] in pngstest.c Added private png_check_chunk_name() and png_check_chunk_length() functions. + Check for 0 return from png_get_rowbytes() in contrib/pngminus/*.c to stop + some Coverity issues (162705, 162706, and 162707). Send comments/corrections/commendations to png-mng-implement at lists.sf.net (subscription required; visit diff --git a/LICENSE b/LICENSE index 7735d655b..08b2e6f62 100644 --- a/LICENSE +++ b/LICENSE @@ -10,7 +10,7 @@ this sentence. This code is released under the libpng license. -libpng versions 1.0.7, July 1, 2000 through 1.7.0beta88, August 6, 2017 are +libpng versions 1.0.7, July 1, 2000 through 1.7.0beta88, August 18, 2017 are Copyright (c) 2000-2002, 2004, 2006-2017 Glenn Randers-Pehrson, are derived from libpng-1.0.6, and are distributed according to the same disclaimer and license as libpng-1.0.6 with the following individuals @@ -127,4 +127,4 @@ any encryption software. See the EAR, paragraphs 734.3(b)(3) and Glenn Randers-Pehrson glennrp at users.sourceforge.net -August 6, 2017 +August 18, 2017 diff --git a/README b/README index c33f5f6e2..954912e07 100644 --- a/README +++ b/README @@ -1,4 +1,4 @@ -README for libpng version 1.7.0beta88 - August 6, 2017 (shared library 17.0) +README for libpng version 1.7.0beta88 - August 18, 2017 (shared library 17.0) See the note about version numbers near the top of png.h See INSTALL for instructions on how to install libpng. diff --git a/contrib/pngminus/png2pnm.c b/contrib/pngminus/png2pnm.c index aa9513ddc..39a9f4673 100644 --- a/contrib/pngminus/png2pnm.c +++ b/contrib/pngminus/png2pnm.c @@ -1,8 +1,11 @@ /* * png2pnm.c --- conversion from PNG-file to PGM/PPM-file - * copyright (C) 1999 by Willem van Schaik + * copyright (C) 1999,2017 by Willem van Schaik * * version 1.0 - 1999.10.15 - First version. + * 1.1 - 2017.04.22 - Add buffer-size check (Glenn Randers-Pehrson) + * 1.2 - 2017.08.24 - Fix potential overflow in buffer-size check + (Glenn Randers-Pehrson) * * Permission to use, copy, modify, and distribute this software and * its documentation for any purpose and without fee is hereby granted, @@ -52,7 +55,8 @@ int main (int argc, char *argv[]); void usage (); -BOOL png2pnm (FILE *png_file, FILE *pnm_file, FILE *alpha_file, BOOL raw, BOOL alpha); +BOOL png2pnm (FILE *png_file, FILE *pnm_file, FILE *alpha_file, BOOL raw, + BOOL alpha); /* * main @@ -85,7 +89,8 @@ int main(int argc, char *argv[]) if ((fp_al = fopen (argv[argi], "wb")) == NULL) { fprintf (stderr, "PNM2PNG\n"); - fprintf (stderr, "Error: can not create alpha-channel file %s\n", argv[argi]); + fprintf (stderr, "Error: can not create alpha-channel file %s\n", + argv[argi]); exit (1); } break; @@ -176,9 +181,11 @@ void usage() fprintf (stderr, "Usage: png2pnm [options] .png [.pnm]\n"); fprintf (stderr, " or: ... | png2pnm [options]\n"); fprintf (stderr, "Options:\n"); - fprintf (stderr, " -r[aw] write pnm-file in binary format (P4/P5/P6) (default)\n"); + fprintf (stderr, + " -r[aw] write pnm-file in binary format (P4/P5/P6) (default)\n"); fprintf (stderr, " -n[oraw] write pnm-file in ascii format (P1/P2/P3)\n"); - fprintf (stderr, " -a[lpha] .pgm write PNG alpha channel as pgm-file\n"); + fprintf (stderr, + " -a[lpha] .pgm write PNG alpha channel as pgm-file\n"); fprintf (stderr, " -h | -? print this help-information\n"); } @@ -186,7 +193,8 @@ void usage() * png2pnm */ -BOOL png2pnm (FILE *png_file, FILE *pnm_file, FILE *alpha_file, BOOL raw, BOOL alpha) +BOOL png2pnm (FILE *png_file, FILE *pnm_file, FILE *alpha_file, + volatile BOOL raw, BOOL alpha) { png_struct *png_ptr = NULL; png_info *info_ptr = NULL; @@ -218,7 +226,7 @@ BOOL png2pnm (FILE *png_file, FILE *pnm_file, FILE *alpha_file, BOOL raw, BOOL a /* create png and info structures */ - png_ptr = png_create_read_struct (PNG_LIBPNG_VER_STRING, + png_ptr = png_create_read_struct (png_get_libpng_ver(NULL), NULL, NULL, NULL); if (!png_ptr) return FALSE; /* out of memory */ @@ -261,7 +269,7 @@ BOOL png2pnm (FILE *png_file, FILE *pnm_file, FILE *alpha_file, BOOL raw, BOOL a png_set_expand (png_ptr); #ifdef NJET - /* downgrade 16-bit images to 8 bit */ + /* downgrade 16-bit images to 8-bit */ if (bit_depth == 16) png_set_strip_16 (png_ptr); /* transform grayscale images into full-color */ @@ -315,12 +323,21 @@ BOOL png2pnm (FILE *png_file, FILE *pnm_file, FILE *alpha_file, BOOL raw, BOOL a /* row_bytes is the width x number of channels x (bit-depth / 8) */ row_bytes = png_get_rowbytes (png_ptr, info_ptr); - if ((png_pixels = (png_byte *) malloc (row_bytes * height * sizeof (png_byte))) == NULL) { + if ((row_bytes == 0 || (size_t)height > ((size_t)(-1))/(size_t)row_bytes)) + { + /* too big */ + png_destroy_read_struct (&png_ptr, &info_ptr, NULL); + return FALSE; + } + if ((png_pixels = (png_byte *) + malloc ((size_t)row_bytes * (size_t)height * sizeof (png_byte))) == NULL) + { png_destroy_read_struct (&png_ptr, &info_ptr, NULL); return FALSE; } - if ((row_pointers = (png_byte **) malloc (height * sizeof (png_bytep))) == NULL) + if ((row_pointers = (png_byte **) + malloc ((size_t)height * sizeof (png_bytep))) == NULL) { png_destroy_read_struct (&png_ptr, &info_ptr, NULL); free (png_pixels); @@ -329,7 +346,7 @@ BOOL png2pnm (FILE *png_file, FILE *pnm_file, FILE *alpha_file, BOOL raw, BOOL a } /* set the individual row_pointers to point at the correct offsets */ - for (i = 0; i < (height); i++) + for (i = 0; i < ((int) height); i++) row_pointers[i] = png_pixels + i * row_bytes; /* now we can go ahead and just read the whole image */ @@ -372,9 +389,9 @@ BOOL png2pnm (FILE *png_file, FILE *pnm_file, FILE *alpha_file, BOOL raw, BOOL a /* write data to PNM file */ pix_ptr = png_pixels; - for (row = 0; row < height; row++) + for (row = 0; row < (int) height; row++) { - for (col = 0; col < width; col++) + for (col = 0; col < (int) width; col++) { for (i = 0; i < (channels - alpha_present); i++) { @@ -401,7 +418,8 @@ BOOL png2pnm (FILE *png_file, FILE *pnm_file, FILE *alpha_file, BOOL raw, BOOL a if (raw) fputc ((int) *pix_ptr++ , alpha_file); else - if (bit_depth == 16){ + if (bit_depth == 16) + { dep_16 = (long) *pix_ptr++; fprintf (alpha_file, "%ld ", (dep_16 << 8) + (long) *pix_ptr++); } @@ -425,6 +443,7 @@ BOOL png2pnm (FILE *png_file, FILE *pnm_file, FILE *alpha_file, BOOL raw, BOOL a if (png_pixels != (unsigned char*) NULL) free (png_pixels); + PNG_UNUSED(raw) /* to quiet a Coverity defect */ return TRUE; } /* end of source */ diff --git a/contrib/pngminus/pnm2png.c b/contrib/pngminus/pnm2png.c index 2c4bdd88b..1b550b8cf 100644 --- a/contrib/pngminus/pnm2png.c +++ b/contrib/pngminus/pnm2png.c @@ -1,9 +1,12 @@ /* * pnm2png.c --- conversion from PBM/PGM/PPM-file to PNG-file - * copyright (C) 1999,2015 by Willem van Schaik + * copyright (C) 1999,2015,2017 by Willem van Schaik * * version 1.0 - 1999.10.15 - First version. * version 1.1 - 2015.07.29 - Fixed leaks (Glenn Randers-Pehrson) + * version 1.2 - 2017.04.22 - Add buffer-size check + * 1.3 - 2017.08.24 - Fix potential overflow in buffer-size check + * (Glenn Randers-Pehrson) * * Permission to use, copy, modify, and distribute this software and * its documentation for any purpose and without fee is hereby granted, @@ -370,9 +373,14 @@ BOOL pnm2png (FILE *pnm_file, FILE *png_file, FILE *alpha_file, BOOL interlace, row_bytes = (width * channels * bit_depth + 7) / 8; else #endif - /* row_bytes is the width x number of channels x (bit-depth / 8) */ + /* row_bytes is the width x number of channels x (bit-depth / 8) */ row_bytes = width * channels * ((bit_depth <= 8) ? 1 : 2); + if ((row_bytes == 0 || (size_t)height > ((size_t)(-1))/(size_t)row_bytes) + { + /* too big */ + return FALSE; + } if ((png_pixels = (png_byte *) malloc (row_bytes * height * sizeof (png_byte))) == NULL) return FALSE; @@ -383,7 +391,8 @@ BOOL pnm2png (FILE *pnm_file, FILE *png_file, FILE *alpha_file, BOOL interlace, for (row = 0; row < (int) height; row++) { #if defined(PNG_WRITE_INVERT_SUPPORTED) || defined(PNG_WRITE_PACK_SUPPORTED) - if (packed_bitmap) { + if (packed_bitmap) + { for (i = 0; i < (int) row_bytes; i++) /* png supports this format natively so no conversion is needed */ *pix_ptr++ = get_data (pnm_file, 8); @@ -504,6 +513,8 @@ BOOL pnm2png (FILE *pnm_file, FILE *png_file, FILE *alpha_file, BOOL interlace, if (png_pixels != (unsigned char*) NULL) free (png_pixels); + PNG_UNUSED(raw) /* Quiet a Coverity defect */ + return TRUE; } /* end of pnm2png */ @@ -520,7 +531,8 @@ void get_token(FILE *pnm_file, char *token) do { ret = fgetc(pnm_file); - if (ret == '#') { + if (ret == '#') + { /* the rest of this line is a comment */ do { diff --git a/libpng-manual.txt b/libpng-manual.txt index 5794f6557..ac7f1b4cf 100644 --- a/libpng-manual.txt +++ b/libpng-manual.txt @@ -1,6 +1,6 @@ libpng-manual.txt - A description on how to use and modify libpng - libpng version 1.7.0beta88 - August 6, 2017 + libpng version 1.7.0beta88 - August 18, 2017 Updated and distributed by Glenn Randers-Pehrson Copyright (c) 1998-2017 Glenn Randers-Pehrson @@ -11,7 +11,7 @@ libpng-manual.txt - A description on how to use and modify libpng Based on: - libpng versions 0.97, January 1998, through 1.7.0beta88 - August 6, 2017 + libpng versions 0.97, January 1998, through 1.7.0beta88 - August 18, 2017 Updated and distributed by Glenn Randers-Pehrson Copyright (c) 1998-2015 Glenn Randers-Pehrson diff --git a/libpng.3 b/libpng.3 index f33e5d2b2..fc7c17067 100644 --- a/libpng.3 +++ b/libpng.3 @@ -1,4 +1,4 @@ -.TH LIBPNG 3 "August 6, 2017" +.TH LIBPNG 3 "August 18, 2017" .SH NAME libpng \- Portable Network Graphics (PNG) Reference Library 1.7.0beta88 .SH SYNOPSIS @@ -500,7 +500,7 @@ Following is a copy of the libpng-manual.txt file that accompanies libpng. .SH LIBPNG.TXT libpng-manual.txt - A description on how to use and modify libpng - libpng version 1.7.0beta88 - August 6, 2017 + libpng version 1.7.0beta88 - August 18, 2017 Updated and distributed by Glenn Randers-Pehrson Copyright (c) 1998-2017 Glenn Randers-Pehrson @@ -511,7 +511,7 @@ libpng-manual.txt - A description on how to use and modify libpng Based on: - libpng versions 0.97, January 1998, through 1.7.0beta88 - August 6, 2017 + libpng versions 0.97, January 1998, through 1.7.0beta88 - August 18, 2017 Updated and distributed by Glenn Randers-Pehrson Copyright (c) 1998-2015 Glenn Randers-Pehrson @@ -6026,7 +6026,7 @@ possible without all of you. Thanks to Frank J. T. Wojcik for helping with the documentation. -Libpng version 1.7.0beta88 - August 6, 2017: +Libpng version 1.7.0beta88 - August 18, 2017: Initially created in 1995 by Guy Eric Schalnat, then of Group 42, Inc. Currently maintained by Glenn Randers-Pehrson (glennrp at users.sourceforge.net). @@ -6051,7 +6051,7 @@ this sentence. This code is released under the libpng license. -libpng versions 1.0.7, July 1, 2000 through 1.7.0beta88, August 6, 2017 are +libpng versions 1.0.7, July 1, 2000 through 1.7.0beta88, August 18, 2017 are Copyright (c) 2000-2002, 2004, 2006-2017 Glenn Randers-Pehrson, are derived from libpng-1.0.6, and are distributed according to the same disclaimer and license as libpng-1.0.6 with the following individuals @@ -6176,7 +6176,7 @@ files "pngbar.png" and "pngbar.jpg (88x31) and "pngnow.png" (98x31). Glenn Randers-Pehrson glennrp at users.sourceforge.net -August 6, 2017 +August 18, 2017 .\" end of man page diff --git a/libpngpf.3 b/libpngpf.3 index 4053c656d..8a6305110 100644 --- a/libpngpf.3 +++ b/libpngpf.3 @@ -1,4 +1,4 @@ -.TH LIBPNGPF 3 "August 6, 2017" +.TH LIBPNGPF 3 "August 18, 2017" .SH NAME libpng \- Portable Network Graphics (PNG) Reference Library 1.7.0beta88 (private functions) diff --git a/png.5 b/png.5 index 40a450f65..d71158688 100644 --- a/png.5 +++ b/png.5 @@ -1,4 +1,4 @@ -.TH PNG 5 "August 6, 2017" +.TH PNG 5 "August 18, 2017" .SH NAME png \- Portable Network Graphics (PNG) format .SH DESCRIPTION diff --git a/png.c b/png.c index 68f5bbd26..513a20544 100644 --- a/png.c +++ b/png.c @@ -705,14 +705,14 @@ png_get_copyright(png_const_structrp png_ptr) #else # ifdef __STDC__ return PNG_STRING_NEWLINE \ - "libpng version 1.7.0beta88 - August 6, 2017" PNG_STRING_NEWLINE \ + "libpng version 1.7.0beta88 - August 18, 2017" PNG_STRING_NEWLINE \ "Copyright (c) 1998-2002,2004,2006-2017 Glenn Randers-Pehrson" \ PNG_STRING_NEWLINE \ "Copyright (c) 1996-1997 Andreas Dilger" PNG_STRING_NEWLINE \ "Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc." \ PNG_STRING_NEWLINE; # else - return "libpng version 1.7.0beta88 - August 6, 2017\ + return "libpng version 1.7.0beta88 - August 18, 2017\ Copyright (c) 1998-2002,2004,2006-2017 Glenn Randers-Pehrson\ Copyright (c) 1996-1997 Andreas Dilger\ Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc."; diff --git a/png.h b/png.h index 7f3af6c4c..c6e49c3dd 100644 --- a/png.h +++ b/png.h @@ -1,7 +1,7 @@ /* png.h - header file for PNG reference library * - * libpng version 1.7.0beta88, August 6, 2017 + * libpng version 1.7.0beta88, August 18, 2017 * * Copyright (c) 1998-2002,2004,2006-2017 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) @@ -12,7 +12,7 @@ * Authors and maintainers: * libpng versions 0.71, May 1995, through 0.88, January 1996: Guy Schalnat * libpng versions 0.89, June 1996, through 0.96, May 1997: Andreas Dilger - * libpng versions 0.97, January 1998, through 1.7.0beta88, August 6, 2017: + * libpng versions 0.97, January 1998, through 1.7.0beta88, August 18, 2017: * Glenn Randers-Pehrson. * See also "Contributing Authors", below. */ @@ -25,7 +25,7 @@ * * This code is released under the libpng license. * - * libpng versions 1.0.7, July 1, 2000 through 1.7.0beta88, August 6, 2017 are + * libpng versions 1.0.7, July 1, 2000 through 1.7.0beta88, August 18, 2017 are * Copyright (c) 2000-2002, 2004, 2006-2017 Glenn Randers-Pehrson, are * derived from libpng-1.0.6, and are distributed according to the same * disclaimer and license as libpng-1.0.6 with the following individuals @@ -241,7 +241,7 @@ * Y2K compliance in libpng: * ========================= * - * August 6, 2017 + * August 18, 2017 * * Since the PNG Development group is an ad-hoc body, we can't make * an official declaration. @@ -310,7 +310,7 @@ /* Version information for png.h - this should match the version in png.c */ #define PNG_LIBPNG_VER_STRING "1.7.0beta88" -#define PNG_HEADER_VERSION_STRING " libpng version 1.7.0beta88 - August 6, 2017\n" +#define PNG_HEADER_VERSION_STRING " libpng version 1.7.0beta88 - August 18, 2017\n" #define PNG_LIBPNG_VER_SONUM 17 #define PNG_LIBPNG_VER_DLLNUM 17 diff --git a/pngconf.h b/pngconf.h index 21f15fe8d..dcd07a6a5 100644 --- a/pngconf.h +++ b/pngconf.h @@ -1,7 +1,7 @@ /* pngconf.h - machine configurable file for libpng * - * libpng version 1.7.0beta88, August 6, 2017 + * libpng version 1.7.0beta88, August 18, 2017 * * Copyright (c) 1998-2002,2004,2006-2016 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) diff --git a/pngrutil.c b/pngrutil.c index 0d41e715d..0190793b7 100644 --- a/pngrutil.c +++ b/pngrutil.c @@ -4432,7 +4432,7 @@ png_read_process_IDAT(png_structrp png_ptr, png_bytep transformed_row, impossible("bad row state"); } /* forever switch */ - PNG_UNUSED(save_row); /* May not be used above */ + PNG_UNUSED(save_row) /* May not be used above */ } void /* PRIVATE */ diff --git a/pngtrans.c b/pngtrans.c index 0aec804d9..3b6274983 100644 --- a/pngtrans.c +++ b/pngtrans.c @@ -2697,7 +2697,7 @@ png_do_invert_all(png_transformp *transform, png_transform_controlp tc) while (png_upcast(void*,dp) < dp_end) *dp++ = ~*sp++; - PNG_UNUSED(transform); + PNG_UNUSED(transform) } static void @@ -2748,7 +2748,7 @@ png_do_invert_channel(png_transformp *transform, png_transform_controlp tc) } } - PNG_UNUSED(transform); + PNG_UNUSED(transform) } static void diff --git a/pngwutil.c b/pngwutil.c index 4c312263d..b21a16ba3 100644 --- a/pngwutil.c +++ b/pngwutil.c @@ -4894,7 +4894,7 @@ png_write_png_data(png_structrp png_ptr, png_bytep prev_pixels, write_unfiltered_rowbits(png_ptr, unfiltered_row, row_bits, x == 0 ? PNG_FILTER_VALUE_NONE : PNG_FILTER_VALUE_LAST, flush); - PNG_UNUSED(prev_pixels); + PNG_UNUSED(prev_pixels) /* Handle end of row: */ if ((row_info_flags & png_row_end) != 0) diff --git a/projects/vstudio/README.txt b/projects/vstudio/README.txt index b3367d166..c4c4920d4 100644 --- a/projects/vstudio/README.txt +++ b/projects/vstudio/README.txt @@ -1,7 +1,7 @@ VisualStudio instructions -libpng version 1.7.0beta88 - August 6, 2017 +libpng version 1.7.0beta88 - August 18, 2017 Copyright (c) 2010,2013,2015 Glenn Randers-Pehrson diff --git a/projects/vstudio/zlib.props b/projects/vstudio/zlib.props index 78a035c54..af71df10b 100644 --- a/projects/vstudio/zlib.props +++ b/projects/vstudio/zlib.props @@ -2,7 +2,7 @@