From a671f8baead92bc64d14b6c757211f9882400630 Mon Sep 17 00:00:00 2001 From: Glenn Randers-Pehrson Date: Wed, 3 Jun 2015 16:21:57 -0500 Subject: [PATCH] [libpng17] Quieted Coverity issues in pngfix.c, png-fix-itxt.c, pngvalid.c, pngstest.c, and pngimage.c. Most seem harmless, but png-fix-itxt would only work with iTXt chunks with length 255 or less. --- ANNOUNCE | 15 +++++++++------ CHANGES | 13 ++++++++----- contrib/libtests/pngimage.c | 8 ++++---- contrib/libtests/pngstest.c | 12 +++++++----- contrib/libtests/pngvalid.c | 5 ++++- contrib/tools/png-fix-itxt.c | 18 +++++++++--------- contrib/tools/pngfix.c | 4 ++-- 7 files changed, 43 insertions(+), 32 deletions(-) diff --git a/ANNOUNCE b/ANNOUNCE index 7a68cc8d4..0dbd6ffdf 100644 --- a/ANNOUNCE +++ b/ANNOUNCE @@ -1,5 +1,5 @@ -Libpng 1.7.0beta63 - June 1, 2015 +Libpng 1.7.0beta63 - June 3, 2015 This is not intended to be a public release. It will be replaced within a few weeks by a public version or by another test version. @@ -809,12 +809,15 @@ Version 1.7.0beta61 [May 31, 2015] pngwutil.c, introduced in libpng-0.95, March 1997. Version 1.7.0beta62 [June 1, 2015] - Removed WRITE_WEIGHTED_FILTERED code, to save a few kbytes of the - compiled library size. It never worked properly and as far as we can - tell, no one uses it. The png_set_filter_heuristics() and - png_set_filter_heuristics_fixed(). APIs are retained but deprecated. + Removed the experimental WRITE_WEIGHTED_FILTERED code, to save a few + kbytes of the compiled library size. It never worked properly and as + far as we can tell, no one uses it. The png_set_filter_heuristics() and + png_set_filter_heuristics_fixed() APIs are retained but deprecated. -Version 1.7.0beta63 [June 1, 2015] +Version 1.7.0beta63 [June 3, 2015] + Quieted Coverity issues in pngfix.c, png-fix-itxt.c, pngvalid.c, + pngstest.c, and pngimage.c. Most seem harmless, but png-fix-itxt + would only work with iTXt chunks with length 255 or less. Send comments/corrections/commendations to png-mng-implement at lists.sf.net (subscription required; visit diff --git a/CHANGES b/CHANGES index 15bdb7fb5..8cf48a8de 100644 --- a/CHANGES +++ b/CHANGES @@ -5104,12 +5104,15 @@ Version 1.7.0beta61 [May 31, 2015] pngwutil.c, introduced in libpng-0.95, March 1997. Version 1.7.0beta62 [June 1, 2015] - Removed WRITE_WEIGHTED_FILTERED code, to save a few kbytes of the - compiled library size. It never worked properly and as far as we can - tell, no one uses it. The png_set_filter_heuristics() and - png_set_filter_heuristics_fixed(). APIs are retained but deprecated. + Removed the experimental WRITE_WEIGHTED_FILTERED code, to save a few + kbytes of the compiled library size. It never worked properly and as + far as we can tell, no one uses it. The png_set_filter_heuristics() and + png_set_filter_heuristics_fixed() APIs are retained but deprecated. -Version 1.7.0beta63 [June 1, 2015] +Version 1.7.0beta63 [June 3, 2015] + Quieted Coverity issues in pngfix.c, png-fix-itxt.c, pngvalid.c, + pngstest.c, and pngimage.c. Most seem harmless, but png-fix-itxt + would only work with iTXt chunks with length 255 or less. Send comments/corrections/commendations to png-mng-implement at lists.sf.net (subscription required; visit diff --git a/contrib/libtests/pngimage.c b/contrib/libtests/pngimage.c index dccfbce12..0ee0a2e5e 100644 --- a/contrib/libtests/pngimage.c +++ b/contrib/libtests/pngimage.c @@ -1,8 +1,8 @@ /* pngimage.c * - * Copyright (c) 2014 John Cunningham Bowler + * Copyright (c) 2015 John Cunningham Bowler * - * Last changed in libpng 1.6.10 [March 6, 2014] + * Last changed in libpng 1.6.18 [(PENDING RELEASE)] * * This code is released under the libpng license. * For conditions of distribution and use, see the disclaimer @@ -1120,8 +1120,8 @@ compare_read(struct display *dp, int applied_transforms) { int b; - case 16: /* Two bytes per component, bit-endian */ - for (b = (bpp >> 4); b > 0; ) + case 16: /* Two bytes per component, big-endian */ + for (b = (bpp >> 4); b > 0; --b) { unsigned int sig = (unsigned int)(0xffff0000 >> sig_bits[b]); diff --git a/contrib/libtests/pngstest.c b/contrib/libtests/pngstest.c index d7c1c1e79..d92292c5c 100644 --- a/contrib/libtests/pngstest.c +++ b/contrib/libtests/pngstest.c @@ -1,9 +1,9 @@ /*- * pngstest.c * - * Copyright (c) 2013-2014 John Cunningham Bowler + * Copyright (c) 2013-2015 John Cunningham Bowler * - * Last changed in libpng 1.6.16 [December 22, 2014] + * Last changed in libpng 1.6.18 [(PENDING RELEASE)] * * This code is released under the libpng license. * For conditions of distribution and use, see the disclaimer @@ -615,7 +615,7 @@ freeimage(Image *image) if (image->tmpfile_name[0] != 0 && (image->opts & KEEP_TMPFILES) == 0) { - remove(image->tmpfile_name); + (void)remove(image->tmpfile_name); image->tmpfile_name[0] = 0; } } @@ -2828,7 +2828,7 @@ compare_two_images(Image *a, Image *b, int via_linear, else if (y >= b->image.colormap_entries) { - if ((a->opts & ACCUMULATE) == 0) + if ((b->opts & ACCUMULATE) == 0) { char pindex[9]; sprintf(pindex, "%lu[%lu]", (unsigned long)y, @@ -3175,7 +3175,9 @@ read_one_file(Image *image) if (cb > 0) { +#ifndef __COVERITY__ if ((unsigned long int)cb <= (size_t)~(size_t)0) +#endif { png_bytep b = voidcast(png_bytep, malloc((size_t)cb)); @@ -3588,7 +3590,7 @@ main(int argc, char **argv) } /* Safe: checked above */ - strcpy(tmpf, argv[c]); + strncpy(tmpf, argv[c], sizeof (tmpf)-1); } else diff --git a/contrib/libtests/pngvalid.c b/contrib/libtests/pngvalid.c index 60f23dc16..0786d8d05 100644 --- a/contrib/libtests/pngvalid.c +++ b/contrib/libtests/pngvalid.c @@ -1,7 +1,7 @@ /* pngvalid.c - validate libpng by constructing then reading png files. * - * Last changed in libpng 1.6.17 [(PENDING RELEASE)] + * Last changed in libpng 1.6.18 [(PENDING RELEASE)] * Copyright (c) 2014-2015 Glenn Randers-Pehrson * Written by John Cunningham Bowler * @@ -1319,7 +1319,10 @@ store_current_palette(png_store *ps, int *npalette) * operation.) */ if (ps->current == NULL) + { store_log(ps, ps->pread, "no current stream for palette", 1); + return NULL; + } /* The result may be null if there is no palette. */ *npalette = ps->current->npalette; diff --git a/contrib/tools/png-fix-itxt.c b/contrib/tools/png-fix-itxt.c index 1210bd9c8..71d9ea5d2 100644 --- a/contrib/tools/png-fix-itxt.c +++ b/contrib/tools/png-fix-itxt.c @@ -1,8 +1,8 @@ /* png-fix-itxt version 1.0.0 * - * Copyright 2013 Glenn Randers-Pehrson - * Last changed in libpng 1.6.3 [July 18, 2013] + * Copyright 2015 Glenn Randers-Pehrson + * Last changed in libpng 1.6.18 [(PENDING RELEASE)] * * This code is released under the libpng license. * For conditions of distribution and use, see the disclaimer @@ -57,10 +57,10 @@ for (;;) { /* Read the length */ unsigned long length; /* must be 32 bits! */ - c=GETBREAK; buf[0] = c; length = c; length <<= 8; - c=GETBREAK; buf[1] = c; length += c; length <<= 8; - c=GETBREAK; buf[2] = c; length += c; length <<= 8; - c=GETBREAK; buf[3] = c; length += c; + c=GETBREAK; buf[0] = c; length = (c % 0xff); length <<= 8; + c=GETBREAK; buf[1] = c; length += (c % 0xff); length <<= 8; + c=GETBREAK; buf[2] = c; length += (c % 0xff); length <<= 8; + c=GETBREAK; buf[3] = c; length += (c % 0xff); /* Read the chunkname */ c=GETBREAK; buf[4] = c; @@ -109,9 +109,9 @@ for (;;) } /* Update length bytes */ - buf[0] = (unsigned char)((length << 24) & 0xff); - buf[1] = (unsigned char)((length << 16) & 0xff); - buf[2] = (unsigned char)((length << 8) & 0xff); + buf[0] = (unsigned char)((length >> 24) & 0xff); + buf[1] = (unsigned char)((length >> 16) & 0xff); + buf[2] = (unsigned char)((length >> 8) & 0xff); buf[3] = (unsigned char)((length ) & 0xff); /* Write the fixed iTXt chunk (length, name, data, crc) */ diff --git a/contrib/tools/pngfix.c b/contrib/tools/pngfix.c index 00942627c..96c27f618 100644 --- a/contrib/tools/pngfix.c +++ b/contrib/tools/pngfix.c @@ -2,7 +2,7 @@ * * Copyright (c) 2014-2015 John Cunningham Bowler * - * Last changed in libpng 1.6.17 [(PENDING RELEASE)] + * Last changed in libpng 1.6.18 [(PENDING RELEASE)] * * This code is released under the libpng license. * For conditions of distribution and use, see the disclaimer @@ -3853,6 +3853,7 @@ usage(const char *prog) int main(int argc, const char **argv) { + char temp_name[FILENAME_MAX+1]; const char * prog = *argv; const char * outfile = NULL; const char * suffix = NULL; @@ -3955,7 +3956,6 @@ main(int argc, const char **argv) else { size_t outlen = strlen(*argv); - char temp_name[FILENAME_MAX+1]; if (outfile == NULL) /* else this takes precedence */ {