mewin/libpng
1
0
Fork 0
mirror of https://git.code.sf.net/p/libpng/code.git synced 2025-07-10 18:04:09 +02:00
Code Issues Projects Releases Wiki Activity

[libpng17] Quieted Coverity issues in pngfix.c, png-fix-itxt.c, pngvalid.c,

Browse Source 
pngstest.c, and pngimage.c. Most seem harmless, but png-fix-itxt
would only work with iTXt chunks with length 255 or less.
This commit is contained in:
Glenn Randers-Pehrson 2015-06-03 16:21:57 -05:00
parent f32c657fc7
commit a671f8baea
7 changed files with 43 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
ANNOUNCE
View File

@ -1,5 +1,5 @@
Libpng 1.7.0beta63 - June 1, 2015 Libpng 1.7.0beta63 - June 3, 2015
This is not intended to be a public release. It will be replaced This is not intended to be a public release. It will be replaced
within a few weeks by a public version or by another test version. within a few weeks by a public version or by another test version.
@ -809,12 +809,15 @@ Version 1.7.0beta61 [May 31, 2015]
pngwutil.c, introduced in libpng-0.95, March 1997. pngwutil.c, introduced in libpng-0.95, March 1997.
Version 1.7.0beta62 [June 1, 2015] Version 1.7.0beta62 [June 1, 2015]
Removed WRITE_WEIGHTED_FILTERED code, to save a few kbytes of the Removed the experimental WRITE_WEIGHTED_FILTERED code, to save a few
compiled library size. It never worked properly and as far as we can kbytes of the compiled library size. It never worked properly and as
tell, no one uses it. The png_set_filter_heuristics() and far as we can tell, no one uses it. The png_set_filter_heuristics() and
png_set_filter_heuristics_fixed(). APIs are retained but deprecated. png_set_filter_heuristics_fixed() APIs are retained but deprecated.
Version 1.7.0beta63 [June 1, 2015] Version 1.7.0beta63 [June 3, 2015]
Quieted Coverity issues in pngfix.c, png-fix-itxt.c, pngvalid.c,
pngstest.c, and pngimage.c. Most seem harmless, but png-fix-itxt
would only work with iTXt chunks with length 255 or less.
Send comments/corrections/commendations to png-mng-implement at lists.sf.net Send comments/corrections/commendations to png-mng-implement at lists.sf.net
(subscription required; visit (subscription required; visit

13
CHANGES
View File

@ -5104,12 +5104,15 @@ Version 1.7.0beta61 [May 31, 2015]
pngwutil.c, introduced in libpng-0.95, March 1997. pngwutil.c, introduced in libpng-0.95, March 1997.
Version 1.7.0beta62 [June 1, 2015] Version 1.7.0beta62 [June 1, 2015]
Removed WRITE_WEIGHTED_FILTERED code, to save a few kbytes of the Removed the experimental WRITE_WEIGHTED_FILTERED code, to save a few
compiled library size. It never worked properly and as far as we can kbytes of the compiled library size. It never worked properly and as
tell, no one uses it. The png_set_filter_heuristics() and far as we can tell, no one uses it. The png_set_filter_heuristics() and
png_set_filter_heuristics_fixed(). APIs are retained but deprecated. png_set_filter_heuristics_fixed() APIs are retained but deprecated.
Version 1.7.0beta63 [June 1, 2015] Version 1.7.0beta63 [June 3, 2015]
Quieted Coverity issues in pngfix.c, png-fix-itxt.c, pngvalid.c,
pngstest.c, and pngimage.c. Most seem harmless, but png-fix-itxt
would only work with iTXt chunks with length 255 or less.
Send comments/corrections/commendations to png-mng-implement at lists.sf.net Send comments/corrections/commendations to png-mng-implement at lists.sf.net
(subscription required; visit (subscription required; visit

8
contrib/libtests/pngimage.c
View File

@ -1,8 +1,8 @@
/* pngimage.c /* pngimage.c
* *
* Copyright (c) 2014 John Cunningham Bowler * Copyright (c) 2015 John Cunningham Bowler
* *
* Last changed in libpng 1.6.10 [March 6, 2014] * Last changed in libpng 1.6.18 [(PENDING RELEASE)]
* *
* This code is released under the libpng license. * This code is released under the libpng license.
* For conditions of distribution and use, see the disclaimer * For conditions of distribution and use, see the disclaimer
@ -1120,8 +1120,8 @@ compare_read(struct display *dp, int applied_transforms)
{ {
int b; int b;
case 16: /* Two bytes per component, bit-endian */ case 16: /* Two bytes per component, big-endian */
for (b = (bpp >> 4); b > 0; ) for (b = (bpp >> 4); b > 0; --b)
{ {
unsigned int sig = (unsigned int)(0xffff0000 >> sig_bits[b]); unsigned int sig = (unsigned int)(0xffff0000 >> sig_bits[b]);

12
contrib/libtests/pngstest.c
View File

@ -1,9 +1,9 @@
/*- /*-
* pngstest.c * pngstest.c
* *
* Copyright (c) 2013-2014 John Cunningham Bowler * Copyright (c) 2013-2015 John Cunningham Bowler
* *
* Last changed in libpng 1.6.16 [December 22, 2014] * Last changed in libpng 1.6.18 [(PENDING RELEASE)]
* *
* This code is released under the libpng license. * This code is released under the libpng license.
* For conditions of distribution and use, see the disclaimer * For conditions of distribution and use, see the disclaimer
@ -615,7 +615,7 @@ freeimage(Image *image)
if (image->tmpfile_name[0] != 0 && (image->opts & KEEP_TMPFILES) == 0) if (image->tmpfile_name[0] != 0 && (image->opts & KEEP_TMPFILES) == 0)
{ {
remove(image->tmpfile_name); (void)remove(image->tmpfile_name);
image->tmpfile_name[0] = 0; image->tmpfile_name[0] = 0;
} }
} }
@ -2828,7 +2828,7 @@ compare_two_images(Image *a, Image *b, int via_linear,
else if (y >= b->image.colormap_entries) else if (y >= b->image.colormap_entries)
{ {
if ((a->opts & ACCUMULATE) == 0) if ((b->opts & ACCUMULATE) == 0)
{ {
char pindex[9]; char pindex[9];
sprintf(pindex, "%lu[%lu]", (unsigned long)y, sprintf(pindex, "%lu[%lu]", (unsigned long)y,
@ -3175,7 +3175,9 @@ read_one_file(Image *image)
if (cb > 0) if (cb > 0)
{ {
#ifndef __COVERITY__
if ((unsigned long int)cb <= (size_t)~(size_t)0) if ((unsigned long int)cb <= (size_t)~(size_t)0)
#endif
{ {
png_bytep b = voidcast(png_bytep, malloc((size_t)cb)); png_bytep b = voidcast(png_bytep, malloc((size_t)cb));
@ -3588,7 +3590,7 @@ main(int argc, char **argv)
} }
/* Safe: checked above */ /* Safe: checked above */
strcpy(tmpf, argv[c]); strncpy(tmpf, argv[c], sizeof (tmpf)-1);
} }
else else

5
contrib/libtests/pngvalid.c
View File

@ -1,7 +1,7 @@
/* pngvalid.c - validate libpng by constructing then reading png files. /* pngvalid.c - validate libpng by constructing then reading png files.
* *
* Last changed in libpng 1.6.17 [(PENDING RELEASE)] * Last changed in libpng 1.6.18 [(PENDING RELEASE)]
* Copyright (c) 2014-2015 Glenn Randers-Pehrson * Copyright (c) 2014-2015 Glenn Randers-Pehrson
* Written by John Cunningham Bowler * Written by John Cunningham Bowler
* *
@ -1319,7 +1319,10 @@ store_current_palette(png_store *ps, int *npalette)
* operation.) * operation.)
*/ */
if (ps->current == NULL) if (ps->current == NULL)
{
store_log(ps, ps->pread, "no current stream for palette", 1); store_log(ps, ps->pread, "no current stream for palette", 1);
return NULL;
}
/* The result may be null if there is no palette. */ /* The result may be null if there is no palette. */
*npalette = ps->current->npalette; *npalette = ps->current->npalette;

18
contrib/tools/png-fix-itxt.c
View File

@ -1,8 +1,8 @@
/* png-fix-itxt version 1.0.0 /* png-fix-itxt version 1.0.0
* *
* Copyright 2013 Glenn Randers-Pehrson * Copyright 2015 Glenn Randers-Pehrson
* Last changed in libpng 1.6.3 [July 18, 2013] * Last changed in libpng 1.6.18 [(PENDING RELEASE)]
* *
* This code is released under the libpng license. * This code is released under the libpng license.
* For conditions of distribution and use, see the disclaimer * For conditions of distribution and use, see the disclaimer
@ -57,10 +57,10 @@ for (;;)
{ {
/* Read the length */ /* Read the length */
unsigned long length; /* must be 32 bits! */ unsigned long length; /* must be 32 bits! */
c=GETBREAK; buf[0] = c; length = c; length <<= 8; c=GETBREAK; buf[0] = c; length = (c % 0xff); length <<= 8;
c=GETBREAK; buf[1] = c; length += c; length <<= 8; c=GETBREAK; buf[1] = c; length += (c % 0xff); length <<= 8;
c=GETBREAK; buf[2] = c; length += c; length <<= 8; c=GETBREAK; buf[2] = c; length += (c % 0xff); length <<= 8;
c=GETBREAK; buf[3] = c; length += c; c=GETBREAK; buf[3] = c; length += (c % 0xff);
/* Read the chunkname */ /* Read the chunkname */
c=GETBREAK; buf[4] = c; c=GETBREAK; buf[4] = c;
@ -109,9 +109,9 @@ for (;;)
} }
/* Update length bytes */ /* Update length bytes */
buf[0] = (unsigned char)((length << 24) & 0xff); buf[0] = (unsigned char)((length >> 24) & 0xff);
buf[1] = (unsigned char)((length << 16) & 0xff); buf[1] = (unsigned char)((length >> 16) & 0xff);
buf[2] = (unsigned char)((length << 8) & 0xff); buf[2] = (unsigned char)((length >> 8) & 0xff);
buf[3] = (unsigned char)((length ) & 0xff); buf[3] = (unsigned char)((length ) & 0xff);
/* Write the fixed iTXt chunk (length, name, data, crc) */ /* Write the fixed iTXt chunk (length, name, data, crc) */

4
contrib/tools/pngfix.c
View File

@ -2,7 +2,7 @@
* *
* Copyright (c) 2014-2015 John Cunningham Bowler * Copyright (c) 2014-2015 John Cunningham Bowler
* *
* Last changed in libpng 1.6.17 [(PENDING RELEASE)] * Last changed in libpng 1.6.18 [(PENDING RELEASE)]
* *
* This code is released under the libpng license. * This code is released under the libpng license.
* For conditions of distribution and use, see the disclaimer * For conditions of distribution and use, see the disclaimer
@ -3853,6 +3853,7 @@ usage(const char *prog)
int int
main(int argc, const char **argv) main(int argc, const char **argv)
{ {
char temp_name[FILENAME_MAX+1];
const char * prog = *argv; const char * prog = *argv;
const char * outfile = NULL; const char * outfile = NULL;
const char * suffix = NULL; const char * suffix = NULL;
@ -3955,7 +3956,6 @@ main(int argc, const char **argv)
else else
{ {
size_t outlen = strlen(*argv); size_t outlen = strlen(*argv);
char temp_name[FILENAME_MAX+1];
if (outfile == NULL) /* else this takes precedence */ if (outfile == NULL) /* else this takes precedence */
{ {