diff --git a/ANNOUNCE b/ANNOUNCE index aad880e92..73271a6ea 100644 --- a/ANNOUNCE +++ b/ANNOUNCE @@ -1,5 +1,5 @@ -Libpng 1.5.24beta01 - July 30, 2015 +Libpng 1.5.24beta01 - August 18, 2015 This is not intended to be a public release. It will be replaced within a few weeks by a public version or by another test version. @@ -27,12 +27,15 @@ Other information: Changes since the last public release (1.5.23): -Version 1.5.24beta01 [July 30, 2015] +Version 1.5.24beta01 [August 18, 2015] Avoid potentially dereferencing NULL info_ptr in png_info_init_3(). Eliminated unused PNG_COST_SHIFT, PNG_WEIGHT_SHIFT, PNG_COST_FACTOR, and PNG_WEIGHT_FACTOR macros. Fixed potential leak of png_pixels in contrib/pngminus/pnm2png.c Fixed uninitialized variable in contrib/gregbook/rpng2-x.c + Fixed some bad links in the man page. + Safely convert num_bytes to a png_byte in png_set_sig_bytes() (Robert + Seacord). Send comments/corrections/commendations to png-mng-implement at lists.sf.net (subscription required; visit diff --git a/CHANGES b/CHANGES index 44cf8d6c6..64c0eb9cc 100644 --- a/CHANGES +++ b/CHANGES @@ -4373,12 +4373,15 @@ Version 1.5.23rc03 [July 15, 2015] Version 1.5.23 [July 23, 2015] No changes. -Version 1.5.24beta01 [July 30, 2015] +Version 1.5.24beta01 [August 18, 2015] Avoid potentially dereferencing NULL info_ptr in png_info_init_3(). Eliminated unused PNG_COST_SHIFT, PNG_WEIGHT_SHIFT, PNG_COST_FACTOR, and PNG_WEIGHT_FACTOR macros. Fixed potential leak of png_pixels in contrib/pngminus/pnm2png.c Fixed uninitialized variable in contrib/gregbook/rpng2-x.c + Fixed some bad links in the man page. + Safely convert num_bytes to a png_byte in png_set_sig_bytes() (Robert + Seacord). Send comments/corrections/commendations to png-mng-implement at lists.sf.net (subscription required; visit diff --git a/example.c b/example.c index e30ab5497..7171d9847 100644 --- a/example.c +++ b/example.c @@ -89,7 +89,7 @@ void read_png(char *file_name) /* We need to open the file */ { png_structp png_ptr; png_infop info_ptr; - unsigned int sig_read = 0; + int sig_read = 0; png_uint_32 width, height; int bit_depth, color_type, interlace_type; FILE *fp; @@ -98,7 +98,7 @@ void read_png(char *file_name) /* We need to open the file */ return (ERROR); #else no_open_file /* prototype 2 */ -void read_png(FILE *fp, unsigned int sig_read) /* File is already open */ +void read_png(FILE *fp, int sig_read) /* File is already open */ { png_structp png_ptr; png_infop info_ptr; @@ -188,7 +188,7 @@ void read_png(FILE *fp, unsigned int sig_read) /* File is already open */ * are mutually exclusive. */ - /* Tell libpng to strip 16 bit/color files down to 8 bits/color. + /* Tell libpng to strip 16 bits/color files down to 8 bits/color. * Use accurate scaling if it's available, otherwise just chop off the * low byte. */ @@ -284,7 +284,7 @@ void read_png(FILE *fp, unsigned int sig_read) /* File is already open */ } #ifdef PNG_READ_QUANTIZE_SUPPORTED - /* Quantize RGB files down to 8 bit palette or reduce palettes + /* Quantize RGB files down to 8-bit palette or reduce palettes * to the number of colors available on your screen. */ if (color_type & PNG_COLOR_MASK_COLOR) @@ -336,7 +336,7 @@ void read_png(FILE *fp, unsigned int sig_read) /* File is already open */ /* Swap the RGBA or GA data to ARGB or AG (or BGRA to ABGR) */ png_set_swap_alpha(png_ptr); - /* Swap bytes of 16 bit files to least significant byte first */ + /* Swap bytes of 16-bit files to least significant byte first */ png_set_swap(png_ptr); /* Add filler (or alpha) byte (before/after each RGB triplet) */ @@ -784,7 +784,7 @@ void write_png(char *file_name /* , ... other image information ... */) /* Swap bytes of 16-bit files to most significant byte first */ png_set_swap(png_ptr); - /* Swap bits of 1, 2, 4 bit packed pixel formats */ + /* Swap bits of 1-bit, 2-bit, 4-bit packed pixel formats */ png_set_packswap(png_ptr); /* Turn on interlace handling if you are not using png_write_image() */ diff --git a/libpng-manual.txt b/libpng-manual.txt index 964514c08..700ee2ee1 100644 --- a/libpng-manual.txt +++ b/libpng-manual.txt @@ -1,6 +1,6 @@ Libpng-manual.txt - A description on how to use and modify libpng - libpng version 1.5.24beta01 - August 11, 2015 + libpng version 1.5.24beta01 - August 18, 2015 Updated and distributed by Glenn Randers-Pehrson Copyright (c) 1998-2014 Glenn Randers-Pehrson @@ -11,7 +11,7 @@ Libpng-manual.txt - A description on how to use and modify libpng Based on: - libpng versions 0.97, January 1998, through 1.5.24beta01 - August 11, 2015 + libpng versions 0.97, January 1998, through 1.5.24beta01 - August 18, 2015 Updated and distributed by Glenn Randers-Pehrson Copyright (c) 1998-2014 Glenn Randers-Pehrson @@ -4501,7 +4501,7 @@ Other rules can be inferred by inspecting the libpng source. XIV. Y2K Compliance in libpng -August 11, 2015 +August 18, 2015 Since the PNG Development group is an ad-hoc body, we can't make an official declaration. diff --git a/libpng.3 b/libpng.3 index eba72bc50..1c3f6ae4e 100644 --- a/libpng.3 +++ b/libpng.3 @@ -1,4 +1,4 @@ -.TH LIBPNG 3 "August 11, 2015" +.TH LIBPNG 3 "August 18, 2015" .SH NAME libpng \- Portable Network Graphics (PNG) Reference Library 1.5.24beta01 .SH SYNOPSIS @@ -496,7 +496,7 @@ Following is a copy of the libpng-manual.txt file that accompanies libpng. .SH LIBPNG.TXT Libpng-manual.txt - A description on how to use and modify libpng - libpng version 1.5.24beta01 - August 11, 2015 + libpng version 1.5.24beta01 - August 18, 2015 Updated and distributed by Glenn Randers-Pehrson Copyright (c) 1998-2014 Glenn Randers-Pehrson @@ -507,7 +507,7 @@ Libpng-manual.txt - A description on how to use and modify libpng Based on: - libpng versions 0.97, January 1998, through 1.5.24beta01 - August 11, 2015 + libpng versions 0.97, January 1998, through 1.5.24beta01 - August 18, 2015 Updated and distributed by Glenn Randers-Pehrson Copyright (c) 1998-2014 Glenn Randers-Pehrson @@ -4997,7 +4997,7 @@ Other rules can be inferred by inspecting the libpng source. .SH XIV. Y2K Compliance in libpng -August 11, 2015 +August 18, 2015 Since the PNG Development group is an ad-hoc body, we can't make an official declaration. @@ -5310,7 +5310,7 @@ possible without all of you. Thanks to Frank J. T. Wojcik for helping with the documentation. -Libpng version 1.5.24beta01 - August 11, 2015: +Libpng version 1.5.24beta01 - August 18, 2015: Initially created in 1995 by Guy Eric Schalnat, then of Group 42, Inc. Currently maintained by Glenn Randers-Pehrson (glennrp at users.sourceforge.net). @@ -5333,7 +5333,7 @@ this sentence. This code is released under the libpng license. -libpng versions 1.0.7, July 1, 2000, through 1.5.24beta01, August 11, 2015, are +libpng versions 1.0.7, July 1, 2000, through 1.5.24beta01, August 18, 2015, are Copyright (c) 2000-2002, 2004, 2006-2015 Glenn Randers-Pehrson, and are distributed according to the same disclaimer and license as libpng-1.0.6 with the following individuals added to the list of Contributing Authors: @@ -5426,7 +5426,7 @@ the additional disclaimers inserted at version 1.0.7. Glenn Randers-Pehrson glennrp at users.sourceforge.net -August 11, 2015 +August 18, 2015 .\" end of man page diff --git a/png.c b/png.c index 68c90c6ca..7c3b90bb4 100644 --- a/png.c +++ b/png.c @@ -26,15 +26,20 @@ typedef png_libpng_version_1_5_24beta01 Your_png_h_is_not_version_1_5_24beta01; void PNGAPI png_set_sig_bytes(png_structp png_ptr, int num_bytes) { + unsigned int nb = (unsigned int)num_bytes; + png_debug(1, "in png_set_sig_bytes"); if (png_ptr == NULL) return; - if (num_bytes > 8) + if (num_bytes < 0) + nb = 0; + + if (nb > 8) png_error(png_ptr, "Too many bytes for PNG signature"); - png_ptr->sig_bytes = (png_byte)(num_bytes < 0 ? 0 : num_bytes); + png_ptr->sig_bytes = (png_byte)nb; } /* Checks whether the supplied bytes match the PNG signature. We allow @@ -306,6 +311,8 @@ png_info_init_3(png_infopp ptr_ptr, png_size_t png_info_struct_size) png_destroy_struct(info_ptr); info_ptr = (png_infop)png_create_struct(PNG_STRUCT_INFO); *ptr_ptr = info_ptr; + if (info_ptr == NULL) + return; } /* Set everything to 0 */ @@ -648,13 +655,13 @@ png_get_copyright(png_const_structp png_ptr) #else # ifdef __STDC__ return PNG_STRING_NEWLINE \ - "libpng version 1.5.24beta01 - July 24, 2015" PNG_STRING_NEWLINE \ + "libpng version 1.5.24beta01 - August 18, 2015" PNG_STRING_NEWLINE \ "Copyright (c) 1998-2015 Glenn Randers-Pehrson" PNG_STRING_NEWLINE \ "Copyright (c) 1996-1997 Andreas Dilger" PNG_STRING_NEWLINE \ "Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc." \ PNG_STRING_NEWLINE; # else - return "libpng version 1.5.24beta01 - July 24, 2015\ + return "libpng version 1.5.24beta01 - August 18, 2015\ Copyright (c) 1998-2015 Glenn Randers-Pehrson\ Copyright (c) 1996-1997 Andreas Dilger\ Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc.";