mirror of
https://git.code.sf.net/p/libpng/code.git
synced 2025-07-10 18:04:09 +02:00
[libpng16] Added PNG_SAFE_LIMITS feature to pnglibconf.dfa, pngpriv.h, and new pngusr.dfa
to reset the user limits to safe ones if PNG_SAFE_LIMITS is defined. To enable, use CPPFLAGS=-DPNG_SAFE_LIMITS on the configure command or put #define PNG_SAFE_LIMITS_SUPPORTED in pnglibconf.h.prebuilt. (Reverted previous implementation of PNG_SECURE.)
This commit is contained in:
Glenn Randers-Pehrson
parent
10c0693210
commit
4690b89eaa
6
ANNOUNCE
6
ANNOUNCE
@ -224,8 +224,10 @@ Version 1.6.0beta13 [February 24, 2012]
|
|||||||
pngpread.c and use the sequential png_handle_tEXt, etc., in pngrutil.c;
|
pngpread.c and use the sequential png_handle_tEXt, etc., in pngrutil.c;
|
||||||
now that png_ptr->buffer is inaccessible to applications, the special
|
now that png_ptr->buffer is inaccessible to applications, the special
|
||||||
handling is no longer useful.
|
handling is no longer useful.
|
||||||
Added PNG_SECURE feature to pnglibconf.dfa and new pngusr.dfa file
|
Added PNG_SAFE_LIMITS feature to pnglibconf.dfa, pngpriv.h, and new pngusr.dfa
|
||||||
to reset the user limits to safe ones if PNG_SECURE is defined.
|
to reset the user limits to safe ones if PNG_SAFE_LIMITS is defined.
|
||||||
|
To enable, use CPPFLAGS=-DPNG_SAFE_LIMITS on the configure command
|
||||||
|
or put #define PNG_SAFE_LIMITS_SUPPORTED in pnglibconf.h.prebuilt.
|
||||||
|
|
||||||
Send comments/corrections/commendations to png-mng-implement at lists.sf.net
|
Send comments/corrections/commendations to png-mng-implement at lists.sf.net
|
||||||
(subscription required; visit
|
(subscription required; visit
|
||||||
|
|||||||
6
CHANGES
6
CHANGES
@ -3976,8 +3976,10 @@ Version 1.6.0beta13 [February 24, 2012]
|
|||||||
pngpread.c and use the sequential png_handle_tEXt, etc., in pngrutil.c;
|
pngpread.c and use the sequential png_handle_tEXt, etc., in pngrutil.c;
|
||||||
now that png_ptr->buffer is inaccessible to applications, the special
|
now that png_ptr->buffer is inaccessible to applications, the special
|
||||||
handling is no longer useful.
|
handling is no longer useful.
|
||||||
Added PNG_SECURE feature to pnglibconf.dfa and new pngusr.dfa file
|
Added PNG_SAFE_LIMITS feature to pnglibconf.dfa, pngpriv.h, and new pngusr.dfa
|
||||||
to reset the user limits to safe ones if PNG_SECURE is defined.
|
to reset the user limits to safe ones if PNG_SAFE_LIMITS is defined.
|
||||||
|
To enable, use CPPFLAGS=-DPNG_SAFE_LIMITS on the configure command
|
||||||
|
or put #define PNG_SAFE_LIMITS_SUPPORTED in pnglibconf.h.prebuilt.
|
||||||
|
|
||||||
Send comments/corrections/commendations to png-mng-implement at lists.sf.net
|
Send comments/corrections/commendations to png-mng-implement at lists.sf.net
|
||||||
(subscription required; visit
|
(subscription required; visit
|
||||||
|
|||||||
22
pngconf.h
22
pngconf.h
@ -1,7 +1,7 @@
|
|||||||
|
|
||||||
/* pngconf.h - machine configurable file for libpng
|
/* pngconf.h - machine configurable file for libpng
|
||||||
*
|
*
|
||||||
* libpng version 1.6.0beta13 - February 19, 2012
|
* libpng version 1.6.0beta13 - February 24, 2012
|
||||||
*
|
*
|
||||||
* Copyright (c) 1998-2012 Glenn Randers-Pehrson
|
* Copyright (c) 1998-2012 Glenn Randers-Pehrson
|
||||||
* (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger)
|
* (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger)
|
||||||
@ -22,6 +22,26 @@
|
|||||||
#ifndef PNGCONF_H
|
#ifndef PNGCONF_H
|
||||||
#define PNGCONF_H
|
#define PNGCONF_H
|
||||||
|
|
||||||
|
/* To do: Do all of this in scripts/pnglibconf.dfa */
|
||||||
|
#ifdef PNG_SAFE_LIMITS_SUPPORTED
|
||||||
|
# ifdef PNG_USER_WIDTH_MAX
|
||||||
|
# undef PNG_USER_WIDTH_MAX
|
||||||
|
# define PNG_USER_WIDTH_MAX 1000000L
|
||||||
|
# endif
|
||||||
|
# ifdef PNG_USER_HEIGHT_MAX
|
||||||
|
# undef PNG_USER_HEIGHT_MAX
|
||||||
|
# define PNG_USER_HEIGHT_MAX 1000000L
|
||||||
|
# endif
|
||||||
|
# ifdef PNG_USER_CHUNK_MALLOC_MAX
|
||||||
|
# undef PNG_USER_CHUNK_MALLOC_MAX
|
||||||
|
# define PNG_USER_CHUNK_MALLOC_MAX 4000000L
|
||||||
|
# endif
|
||||||
|
# ifdef PNG_USER_CHUNK_CACHE_MAX
|
||||||
|
# undef PNG_USER_CHUNK_CACHE_MAX
|
||||||
|
# define PNG_USER_CHUNK_CACHE_MAX 128
|
||||||
|
# endif
|
||||||
|
#endif
|
||||||
|
|
||||||
#ifndef PNG_BUILDING_SYMBOL_TABLE /* else includes may cause problems */
|
#ifndef PNG_BUILDING_SYMBOL_TABLE /* else includes may cause problems */
|
||||||
|
|
||||||
/* From libpng 1.6.0 libpng requires an ANSI X3.159-1989 ("ISOC90") compliant C
|
/* From libpng 1.6.0 libpng requires an ANSI X3.159-1989 ("ISOC90") compliant C
|
||||||
|
|||||||
39
pngpriv.h
39
pngpriv.h
@ -194,6 +194,45 @@
|
|||||||
# define PNG_DLL_EXPORT
|
# define PNG_DLL_EXPORT
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
/* SECURITY and SAFETY:
|
||||||
|
*
|
||||||
|
* By default libpng is built without any internal limits on image size,
|
||||||
|
* individual heap (png_malloc) allocations or the total amount of memory used.
|
||||||
|
* If PNG_SAFE_LIMITS_SUPPORTED is defined, however, the limits below are used
|
||||||
|
* (unless individually overridden). These limits are believed to be fairly
|
||||||
|
* safe, but builders of secure systems should verify the values against the
|
||||||
|
* real system capabilities.
|
||||||
|
*/
|
||||||
|
#ifdef PNG_SAFE_LIMITS_SUPPORTED
|
||||||
|
/* 'safe' limits */
|
||||||
|
# ifndef PNG_USER_WIDTH_MAX
|
||||||
|
# define PNG_USER_WIDTH_MAX 1000000
|
||||||
|
# endif
|
||||||
|
# ifndef PNG_USER_HEIGHT_MAX
|
||||||
|
# define PNG_USER_HEIGHT_MAX 1000000
|
||||||
|
# endif
|
||||||
|
# ifndef PNG_USER_CHUNK_CACHE_MAX
|
||||||
|
# define PNG_USER_CHUNK_CACHE_MAX 128
|
||||||
|
# endif
|
||||||
|
# ifndef PNG_USER_CHUNK_MALLOC_MAX
|
||||||
|
# define PNG_USER_CHUNK_MALLOC_MAX 8000000
|
||||||
|
# endif
|
||||||
|
#else
|
||||||
|
/* values for no limits */
|
||||||
|
# ifndef PNG_USER_WIDTH_MAX
|
||||||
|
# define PNG_USER_WIDTH_MAX 0x7fffffff
|
||||||
|
# endif
|
||||||
|
# ifndef PNG_USER_HEIGHT_MAX
|
||||||
|
# define PNG_USER_HEIGHT_MAX 0x7fffffff
|
||||||
|
# endif
|
||||||
|
# ifndef PNG_USER_CHUNK_CACHE_MAX
|
||||||
|
# define PNG_USER_CHUNK_CACHE_MAX 0
|
||||||
|
# endif
|
||||||
|
# ifndef PNG_USER_CHUNK_MALLOC_MAX
|
||||||
|
# define PNG_USER_CHUNK_MALLOC_MAX 0
|
||||||
|
# endif
|
||||||
|
#endif
|
||||||
|
|
||||||
/* This is used for 16 bit gamma tables -- only the top level pointers are
|
/* This is used for 16 bit gamma tables -- only the top level pointers are
|
||||||
* const; this could be changed:
|
* const; this could be changed:
|
||||||
*/
|
*/
|
||||||
|
|||||||
@ -27,7 +27,7 @@ file pnglibconf.h scripts/pnglibconf.dfa PNGLCONF_H
|
|||||||
# The syntax is detailed in scripts/options.awk, this is a summary
|
# The syntax is detailed in scripts/options.awk, this is a summary
|
||||||
# only:
|
# only:
|
||||||
#
|
#
|
||||||
# setting <name> [requires ...] [default]
|
# setting <name> [default]
|
||||||
# #define PNG_<name> <value> /* value comes from current setting */
|
# #define PNG_<name> <value> /* value comes from current setting */
|
||||||
# option <name> [requires ...] [if ...] [enables ...] [disabled]
|
# option <name> [requires ...] [if ...] [enables ...] [disabled]
|
||||||
# #define PNG_<name>_SUPPORTED if the requirements are met and
|
# #define PNG_<name>_SUPPORTED if the requirements are met and
|
||||||
@ -273,20 +273,22 @@ option SET_USER_LIMITS enables SET_CHUNK_CACHE_LIMIT
|
|||||||
|
|
||||||
option SET_USER_LIMITS enables SET_CHUNK_MALLOC_LIMIT
|
option SET_USER_LIMITS enables SET_CHUNK_MALLOC_LIMIT
|
||||||
|
|
||||||
# Added at libpng-1.0.16 and 1.2.6. To accept all valid PNGs no matter
|
# Libpng limits.
|
||||||
# how large, set these two limits to 0x7fffffff
|
#
|
||||||
|
# If these settings are *not* set libpng will not limit the size of
|
||||||
|
# images or the size of data in ancilliary chunks. This does lead to
|
||||||
|
# security issues if PNG files come from untrusted sources.
|
||||||
|
setting USER_WIDTH_MAX
|
||||||
|
setting USER_HEIGHT_MAX
|
||||||
|
setting USER_CHUNK_CACHE_MAX
|
||||||
|
setting USER_CHUNK_MALLOC_MAX
|
||||||
|
|
||||||
setting USER_WIDTH_MAX default 0x7fffffff
|
# To default all these settings to values that are large but probably
|
||||||
setting USER_HEIGHT_MAX default 0x7fffffff
|
# safe turn the SAFE_LIMITS option on; this will cause the value in
|
||||||
|
# pngpriv.h to be used. Individual values can also be set, simply set
|
||||||
# Added at libpng-1.2.43. To accept all valid PNGs no matter
|
# them in pngusr.dfa with '@#define PNG_setting value' lines.
|
||||||
# how large, set these two limits to 0.
|
option SAFE_LIMITS enables USER_LIMITS disabled
|
||||||
|
= SAFE_LIMITS SAFE_LIMITS
|
||||||
setting USER_CHUNK_CACHE_MAX default 0
|
|
||||||
|
|
||||||
# Added at libpng-1.2.43
|
|
||||||
|
|
||||||
setting USER_CHUNK_MALLOC_MAX default 0
|
|
||||||
|
|
||||||
# All of the following options relate to code capabilities for
|
# All of the following options relate to code capabilities for
|
||||||
# processing image data before creating a PNG or after reading one.
|
# processing image data before creating a PNG or after reading one.
|
||||||
|
|||||||
@ -31,10 +31,6 @@
|
|||||||
#define PNG_QUANTIZE_GREEN_BITS 5
|
#define PNG_QUANTIZE_GREEN_BITS 5
|
||||||
#define PNG_QUANTIZE_RED_BITS 5
|
#define PNG_QUANTIZE_RED_BITS 5
|
||||||
#define PNG_sCAL_PRECISION 5
|
#define PNG_sCAL_PRECISION 5
|
||||||
#define PNG_USER_CHUNK_CACHE_MAX 0
|
|
||||||
#define PNG_USER_CHUNK_MALLOC_MAX 0
|
|
||||||
#define PNG_USER_HEIGHT_MAX 0x7fffffff
|
|
||||||
#define PNG_USER_WIDTH_MAX 0x7fffffff
|
|
||||||
#define PNG_WEIGHT_SHIFT 8
|
#define PNG_WEIGHT_SHIFT 8
|
||||||
#define PNG_ZBUF_SIZE 8192
|
#define PNG_ZBUF_SIZE 8192
|
||||||
/* end of settings */
|
/* end of settings */
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user