[libpng15] Added PNG_SAFE_LIMITS feature to pnglibconf.dfa

and code in pngconf.h to reset the user limits to safe ones if PNG_SAFE_LIMITS is defined.
2025-07-10 18:04:09 +02:00 · 2012-02-23 17:43:33 -06:00
parent d57dc304c4
commit 8ae616fa97
5 changed files with 38 additions and 10 deletions
--- a/11
+++ b/11
@@ -3803,14 +3803,15 @@ Version 1.5.9beta02 [February 16, 2012]
  Removed tests for no-longer-used *_EMPTY_PLTE_SUPPORTED from pngstruct.h

 Version 1.5.9rc01 [February 17, 2012]
-  Fixed CVE-2011-3026 buffer overrun bug.  Deal more correctly with the test
-    on iCCP chunk length. Also removed spurious casts that may hide problems
-    on 16-bit systems.
+  Fixed CVE-2011-3026 buffer overrun bug.  This bug was introduced when
+    iCCP chunk support was added at libpng-1.0.6. Deal more correctly with the
+    test on iCCP chunk length. Also removed spurious casts that may hide
+    problems on 16-bit systems.

 Version 1.5.9 [February 18, 2012]
  No changes.

-Version 1.5.10beta01 [February 21, 2012]
+Version 1.5.10beta01 [February 23, 2012]
  Removed two useless #ifdef directives from pngread.c and one from pngrutil.c
  Always put the CMAKE_LIBRARY in "lib" (removed special WIN32 case).
  Removed empty vstudio/pngstest directory (Clifford Yapp).
@@ -3819,6 +3820,8 @@ Version 1.5.10beta01 [February 21, 2012]
    now that png_ptr->buffer is inaccessible to applications, the special
    handling is no longer useful.
  Fixed bug with png_handle_hIST with odd chunk length (Frank Busse).
+  Added PNG_SAFE_LIMITS feature to pnglibconf.dfa and code in pngconf.h
+    to reset the user limits to safe ones if PNG_SAFE_LIMITS is defined.

 Send comments/corrections/commendations to png-mng-implement at lists.sf.net
 (subscription required; visit