mewin/libpng
1
0
Fork 0
mirror of https://git.code.sf.net/p/libpng/code.git synced 2025-07-10 18:04:09 +02:00
Code Issues Projects Releases Wiki Activity

[master] Revised png_decompress_chunk() to improve speed and memory

Browse Source 
usage when decoding large chunks.
This commit is contained in:
Glenn Randers-Pehrson
2010-01-22 22:50:46 -06:00
parent 610e7b5bd6
commit 1a86bd2a09
3 changed files with 53 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

78
pngrutil.c
View File

@@ -210,8 +210,8 @@ png_crc_error(png_structp png_ptr)
*/
void /* PRIVATE */
png_decompress_chunk(png_structp png_ptr, int comp_type,
png_size_t chunklength,
png_size_t prefix_size, png_size_t *newlength)
png_size_t chunklength,
png_size_t prefix_size, png_size_t *newlength)
{
static PNG_CONST char msg[] = "Error decoding compressed chunk";
png_charp text;
@@ -248,12 +248,12 @@ png_decompress_chunk(png_structp png_ptr, int comp_type,
text_size = prefix_size + png_sizeof(msg) + 1;
text = (png_charp)png_malloc_warn(png_ptr, text_size);
if (text == NULL)
{
png_error(png_ptr,
"Not enough memory to decompress chunk");
text_size = 0;
break;
}
{
png_error(png_ptr,
"Not enough memory to decompress chunk");
text_size = 0;
break;
}
png_memcpy(text, png_ptr->chunkdata, prefix_size);
}
@@ -261,9 +261,11 @@ png_decompress_chunk(png_structp png_ptr, int comp_type,
/* Copy what we can of the error message into the text chunk */
text_size = (png_size_t)(chunklength -
(text - png_ptr->chunkdata) - 1);
(text - png_ptr->chunkdata) - 1);
if (text_size > png_sizeof(msg))
text_size = png_sizeof(msg);
png_memcpy(text + prefix_size, msg, text_size);
buffer_size = text_size;
break;
@@ -283,9 +285,9 @@ png_decompress_chunk(png_structp png_ptr, int comp_type,
text_size = 0;
break;
}
png_memcpy(text, png_ptr->chunkdata, prefix_size);
png_memcpy(text + prefix_size, png_ptr->zbuf,
text_size - prefix_size);
png_memcpy(text, png_ptr->chunkdata, prefix_size);
*(text + text_size) = 0x00;
buffer_size = text_size;
}
@@ -303,33 +305,49 @@ png_decompress_chunk(png_structp png_ptr, int comp_type,
buffer_size = new_text_size;
else
buffer_size += buffer_size;
}
#ifdef PNG_CHUNK_MALLOC_LIMIT_SUPPORTED
if (png_ptr->user_chunk_malloc_max <= buffer_size)
{
png_free(png_ptr, tmp);
png_warning(png_ptr, "No space for decompressed chunk");
text = NULL;
}
if (buffer_size >= png_ptr->user_chunk_malloc_max - 1)
{
if (new_text_size >=
png_ptr->user_chunk_malloc_max - 1)
{
png_free(png_ptr, tmp);
png_warning(png_ptr,
"No space for decompressed chunk");
text = NULL;
}
else
{
buffer_size = png_ptr->user_chunk_malloc_max - 1;
text = (png_charp)png_malloc_warn(png_ptr,
buffer_size + 1);
}
}
else
text = (png_charp)png_malloc_warn(png_ptr,
buffer_size + 1);
else
text = (png_charp)png_malloc_warn(png_ptr,
buffer_size + 1);
#else
text = (png_charp)png_malloc_warn(png_ptr,
buffer_size + 1);
text = (png_charp)png_malloc_warn(png_ptr,
buffer_size + 1);
#endif
if (text == NULL)
{
png_warning(png_ptr,
"Not enough memory to decompress chunk");
break;
}
if (text == NULL)
{
png_warning(png_ptr,
"Not enough memory to decompress chunk");
break;
}
png_memcpy(text, tmp, text_size);
png_free(png_ptr, tmp);
png_memcpy(text, tmp, text_size);
png_free(png_ptr, tmp);
}
/* FIX ME: zTXt chunk written by pngtest is 6 bytes too large */
png_memcpy(text + text_size, png_ptr->zbuf,
(png_ptr->zbuf_size - png_ptr->zstream.avail_out));
text_size += png_ptr->zbuf_size - png_ptr->zstream.avail_out;
*(text + text_size) = 0x00;
}
}
if (ret == Z_STREAM_END)