mirror of
https://git.code.sf.net/p/libpng/code.git
synced 2025-07-10 18:04:09 +02:00
[libpng16] Eliminated PNG_SAFE_LIMITS macro and restored the 1-million-column
and 1-million-row default limits in pnglibconf.dfa, that can be reset by the user at build time or run time. This provides a more robust defense against DOS and as-yet undiscovered overflows. Display user limits in the output from pngtest.
This commit is contained in:
Glenn Randers-Pehrson
@@ -350,36 +350,15 @@ option USER_MEM
|
||||
|
||||
option IO_STATE
|
||||
|
||||
# This is only for PowerPC big-endian and 680x0 systems
|
||||
# some testing, not enabled by default.
|
||||
# NO LONGER USED
|
||||
|
||||
#option READ_BIG_ENDIAN disabled
|
||||
|
||||
# Allow users to control limits on what the READ code will
|
||||
# read:
|
||||
|
||||
# Added at libpng-1.2.43; adds limit fields to png_struct,
|
||||
# allows some usages of these fields
|
||||
|
||||
option USER_LIMITS
|
||||
|
||||
# Added at libpng-1.2.6; adds setting APIs, allows additional
|
||||
# usage of this field (UTSL)
|
||||
|
||||
option SET_USER_LIMITS requires USER_LIMITS
|
||||
|
||||
# Feature added at libpng-1.4.0, this flag added at 1.4.1
|
||||
option SET_USER_LIMITS enables SET_CHUNK_CACHE_LIMIT
|
||||
# Feature added at libpng-1.4.1, this flag added at 1.4.1
|
||||
|
||||
option SET_USER_LIMITS enables SET_CHUNK_MALLOC_LIMIT
|
||||
|
||||
# Libpng limits.
|
||||
# Libpng limits: limit the size of images and data on read.
|
||||
#
|
||||
# If these settings are *not* set libpng will not limit the size of
|
||||
# images or the size of data in ancilliary chunks. This does lead to
|
||||
# security issues if PNG files come from untrusted sources. Settings have the
|
||||
# If this option is disabled all the limit checking code will be disabled:
|
||||
|
||||
option USER_LIMITS requires READ
|
||||
|
||||
# The default settings given below for the limits mean that libpng will
|
||||
# limit the size of images or the size of data in ancilliary chunks to less
|
||||
# than the specification or implementation limits. Settings have the
|
||||
# following interpretations:
|
||||
#
|
||||
# USER_WIDTH_MAX: maximum width of an image that will be read
|
||||
@@ -389,17 +368,14 @@ option SET_USER_LIMITS enables SET_CHUNK_MALLOC_LIMIT
|
||||
#
|
||||
# Only chunks that are variable in number are counted towards the
|
||||
# USER_CHUNK_CACHE_MAX limit
|
||||
setting USER_WIDTH_MAX
|
||||
setting USER_HEIGHT_MAX
|
||||
setting USER_CHUNK_CACHE_MAX
|
||||
setting USER_CHUNK_MALLOC_MAX
|
||||
setting USER_WIDTH_MAX default 1000000 /* Use 0x7fffffff for unlimited */
|
||||
setting USER_HEIGHT_MAX default 1000000 /* Use 0x7fffffff for unlimited */
|
||||
setting USER_CHUNK_CACHE_MAX default 1000 /* Use 0 for unlimited */
|
||||
setting USER_CHUNK_MALLOC_MAX default 8000000 /* Use 0 for unlimited */
|
||||
|
||||
# To default all these settings to values that are large but probably
|
||||
# safe turn the SAFE_LIMITS option on; this will cause the value in
|
||||
# pngpriv.h to be used. Individual values can also be set, simply set
|
||||
# them in pngusr.dfa with '@#define PNG_setting value' lines.
|
||||
option SAFE_LIMITS enables USER_LIMITS disabled
|
||||
= SAFE_LIMITS SAFE_LIMITS
|
||||
# If this option is enabled APIs to set the above limits at run time are added;
|
||||
# without this the hardwired (compile time) limits will be used.
|
||||
option SET_USER_LIMITS requires USER_LIMITS
|
||||
|
||||
# All of the following options relate to code capabilities for
|
||||
# processing image data before creating a PNG or after reading one.
|
||||
@@ -541,6 +517,7 @@ option USER_TRANSFORM_INFO if READ_USER_TRANSFORM, WRITE_USER_TRANSFORM
|
||||
# non-IDAT chunks (zTXt, iTXt, iCCP, and unknown chunks). This feature
|
||||
# was added at libpng-1.5.3.
|
||||
option WRITE_CUSTOMIZE_ZTXT_COMPRESSION requires WRITE
|
||||
option WRITE_CUSTOMIZE_COMPRESSION requires WRITE
|
||||
|
||||
# Any chunks you are not interested in, you can undef here. The
|
||||
# ones that allocate memory may be expecially important (hIST,
|
||||
|
||||
@@ -2,7 +2,7 @@
|
||||
|
||||
/* pnglibconf.h - library build configuration */
|
||||
|
||||
/* Libpng version 1.6.17beta03 - February 7, 2015 */
|
||||
/* Libpng version 1.6.17beta03 - February 17, 2015 */
|
||||
|
||||
/* Copyright (c) 1998-2014 Glenn Randers-Pehrson */
|
||||
|
||||
@@ -97,7 +97,6 @@
|
||||
#define PNG_READ_tIME_SUPPORTED
|
||||
#define PNG_READ_tRNS_SUPPORTED
|
||||
#define PNG_READ_zTXt_SUPPORTED
|
||||
/*#undef PNG_SAFE_LIMITS_SUPPORTED*/
|
||||
#define PNG_SAVE_INT_32_SUPPORTED
|
||||
#define PNG_SAVE_UNKNOWN_CHUNKS_SUPPORTED
|
||||
#define PNG_SEQUENTIAL_READ_SUPPORTED
|
||||
@@ -129,6 +128,7 @@
|
||||
#define PNG_WRITE_BGR_SUPPORTED
|
||||
#define PNG_WRITE_CHECK_FOR_INVALID_INDEX_SUPPORTED
|
||||
#define PNG_WRITE_COMPRESSED_TEXT_SUPPORTED
|
||||
#define PNG_WRITE_CUSTOMIZE_COMPRESSION_SUPPORTED
|
||||
#define PNG_WRITE_CUSTOMIZE_ZTXT_COMPRESSION_SUPPORTED
|
||||
#define PNG_WRITE_FILLER_SUPPORTED
|
||||
#define PNG_WRITE_FILTER_SUPPORTED
|
||||
@@ -198,6 +198,10 @@
|
||||
#define PNG_QUANTIZE_RED_BITS 5
|
||||
#define PNG_TEXT_Z_DEFAULT_COMPRESSION (-1)
|
||||
#define PNG_TEXT_Z_DEFAULT_STRATEGY 0
|
||||
#define PNG_USER_CHUNK_CACHE_MAX 1000 /* Use 0 for unlimited */
|
||||
#define PNG_USER_CHUNK_MALLOC_MAX 8000000 /* Use 0 for unlimited */
|
||||
#define PNG_USER_HEIGHT_MAX 1000000 /* Use 0x7fffffff for unlimited */
|
||||
#define PNG_USER_WIDTH_MAX 1000000 /* Use 0x7fffffff for unlimited */
|
||||
#define PNG_WEIGHT_SHIFT 8
|
||||
#define PNG_ZBUF_SIZE 8192
|
||||
#define PNG_ZLIB_VERNUM 0 /* unknown */
|
||||
|
||||
Reference in New Issue
Block a user