mewin/libpng
1
0
Fork 0
mirror of https://git.code.sf.net/p/libpng/code.git synced 2025-07-10 18:04:09 +02:00
Code Issues Projects Releases Wiki Activity

[libpng16] Attempt to isolate an oss-fuzz issue in png_set_text_2

Browse Source
This commit is contained in:
Glenn Randers-Pehrson 2017-09-08 09:34:08 -05:00
parent 8592873f24
commit 3789cba2f2
2 changed files with 11 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
png.c
View File

@ -1,7 +1,7 @@
/* png.c - location for general purpose libpng functions /* png.c - location for general purpose libpng functions
* *
* Last changed in libpng 1.6.32 [August 24, 2017] * Last changed in libpng 1.6.33 [(PENDING RELEASE)]
* Copyright (c) 1998-2002,2004,2006-2017 Glenn Randers-Pehrson * Copyright (c) 1998-2002,2004,2006-2017 Glenn Randers-Pehrson
* (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger)
* (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.)

12
pngset.c
View File

@ -1,7 +1,7 @@
/* pngset.c - storage of image information into info struct /* pngset.c - storage of image information into info struct
* *
* Last changed in libpng 1.6.32 [August 24, 2017] * Last changed in libpng 1.6.33 [(PENDING RELEASE)]
* Copyright (c) 1998-2017 Glenn Randers-Pehrson * Copyright (c) 1998-2017 Glenn Randers-Pehrson
* (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger)
* (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.)
@ -837,6 +837,9 @@ png_set_text_2(png_const_structrp png_ptr, png_inforp info_ptr,
size_t lang_len, lang_key_len; size_t lang_len, lang_key_len;
png_textp textp = &(info_ptr->text[info_ptr->num_text]); png_textp textp = &(info_ptr->text[info_ptr->num_text]);
int text_is_null=0;
int text_0_is_0=0;
if (text_ptr[i].key == NULL) if (text_ptr[i].key == NULL)
continue; continue;
@ -881,7 +884,12 @@ png_set_text_2(png_const_structrp png_ptr, png_inforp info_ptr,
} }
# endif # endif
if (text_ptr[i].text == NULL || text_ptr[i].text[0] == '\0') if (text_ptr[i].text == NULL)
text_is_null=1;
if (text_ptr[i].text[0] == '\0')
text_0_is_0=1;
if (text_is_null || text_0_is_0)
{ {
text_length = 0; text_length = 0;
# ifdef PNG_iTXt_SUPPORTED # ifdef PNG_iTXt_SUPPORTED