mewin/libpng
1
0
Fork 0
mirror of https://git.code.sf.net/p/libpng/code.git synced 2025-07-10 18:04:09 +02:00
Code Issues Projects Releases Wiki Activity

[libpng16] Added PNG_SAFE_LIMITS feature to pnglibconf.dfa, pngpriv.h, and new pngusr.dfa

Browse Source 
to reset the user limits to safe ones if PNG_SAFE_LIMITS is defined.
To enable, use CPPFLAGS=-DPNG_SAFE_LIMITS on the configure command
or put #define PNG_SAFE_LIMITS_SUPPORTED in pnglibconf.h.prebuilt.
(Reverted previous implementation of PNG_SECURE.)
This commit is contained in:
Glenn Randers-Pehrson
2012-02-24 11:43:31 -06:00
parent 10c0693210
commit 4690b89eaa
6 changed files with 84 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
scripts/pnglibconf.dfa
View File

@@ -27,7 +27,7 @@ file pnglibconf.h scripts/pnglibconf.dfa PNGLCONF_H
# The syntax is detailed in scripts/options.awk, this is a summary
# only:
#
# setting <name> [requires ...] [default]
# setting <name> [default]
# #define PNG_<name> <value> /* value comes from current setting */
# option <name> [requires ...] [if ...] [enables ...] [disabled]
# #define PNG_<name>_SUPPORTED if the requirements are met and
@@ -273,20 +273,22 @@ option SET_USER_LIMITS enables SET_CHUNK_CACHE_LIMIT
option SET_USER_LIMITS enables SET_CHUNK_MALLOC_LIMIT
# Added at libpng-1.0.16 and 1.2.6. To accept all valid PNGs no matter
# how large, set these two limits to 0x7fffffff
# Libpng limits.
#
# If these settings are *not* set libpng will not limit the size of
# images or the size of data in ancilliary chunks. This does lead to
# security issues if PNG files come from untrusted sources.
setting USER_WIDTH_MAX
setting USER_HEIGHT_MAX
setting USER_CHUNK_CACHE_MAX
setting USER_CHUNK_MALLOC_MAX
setting USER_WIDTH_MAX default 0x7fffffff
setting USER_HEIGHT_MAX default 0x7fffffff
# Added at libpng-1.2.43. To accept all valid PNGs no matter
# how large, set these two limits to 0.
setting USER_CHUNK_CACHE_MAX default 0
# Added at libpng-1.2.43
setting USER_CHUNK_MALLOC_MAX default 0
# To default all these settings to values that are large but probably
# safe turn the SAFE_LIMITS option on; this will cause the value in
# pngpriv.h to be used. Individual values can also be set, simply set
# them in pngusr.dfa with '@#define PNG_setting value' lines.
option SAFE_LIMITS enables USER_LIMITS disabled
= SAFE_LIMITS SAFE_LIMITS
# All of the following options relate to code capabilities for
# processing image data before creating a PNG or after reading one.