[libpng15] Safely convert num_bytes to a png_byte in png_set_sig_bytes() (Robert

Seacord).

ANNOUNCE

@@ -1,5 +1,5 @@
 
-Libpng 1.5.24beta01 - July 30, 2015
+Libpng 1.5.24beta01 - August 18, 2015
 
 This is not intended to be a public release.  It will be replaced
 within a few weeks by a public version or by another test version.
@@ -27,12 +27,15 @@ Other information:
 
 Changes since the last public release (1.5.23):
 
-Version 1.5.24beta01 [July 30, 2015]
+Version 1.5.24beta01 [August 18, 2015]
   Avoid potentially dereferencing NULL info_ptr in png_info_init_3().
   Eliminated unused PNG_COST_SHIFT, PNG_WEIGHT_SHIFT, PNG_COST_FACTOR, and
     PNG_WEIGHT_FACTOR macros.
   Fixed potential leak of png_pixels in contrib/pngminus/pnm2png.c
   Fixed uninitialized variable in contrib/gregbook/rpng2-x.c
+  Fixed some bad links in the man page.
+  Safely convert num_bytes to a png_byte in png_set_sig_bytes() (Robert
+    Seacord).
 
 Send comments/corrections/commendations to png-mng-implement at lists.sf.net
 (subscription required; visit

CHANGES

@@ -4373,12 +4373,15 @@ Version 1.5.23rc03 [July 15, 2015]
 Version 1.5.23 [July 23, 2015]
   No changes.
 
-Version 1.5.24beta01 [July 30, 2015]
+Version 1.5.24beta01 [August 18, 2015]
   Avoid potentially dereferencing NULL info_ptr in png_info_init_3().
   Eliminated unused PNG_COST_SHIFT, PNG_WEIGHT_SHIFT, PNG_COST_FACTOR, and
     PNG_WEIGHT_FACTOR macros.
   Fixed potential leak of png_pixels in contrib/pngminus/pnm2png.c
   Fixed uninitialized variable in contrib/gregbook/rpng2-x.c
+  Fixed some bad links in the man page.
+  Safely convert num_bytes to a png_byte in png_set_sig_bytes() (Robert
+    Seacord).
 
 Send comments/corrections/commendations to png-mng-implement at lists.sf.net
 (subscription required; visit

example.c

@@ -89,7 +89,7 @@ void read_png(char *file_name)  /* We need to open the file */
 {
    png_structp png_ptr;
    png_infop info_ptr;
-   unsigned int sig_read = 0;
+   int sig_read = 0;
    png_uint_32 width, height;
    int bit_depth, color_type, interlace_type;
    FILE *fp;
@@ -98,7 +98,7 @@ void read_png(char *file_name)  /* We need to open the file */
       return (ERROR);
 
 #else no_open_file /* prototype 2 */
-void read_png(FILE *fp, unsigned int sig_read)  /* File is already open */
+void read_png(FILE *fp, int sig_read)  /* File is already open */
 {
    png_structp png_ptr;
    png_infop info_ptr;
@@ -188,7 +188,7 @@ void read_png(FILE *fp, unsigned int sig_read)  /* File is already open */
     * are mutually exclusive.
     */
 
-   /* Tell libpng to strip 16 bit/color files down to 8 bits/color.
+   /* Tell libpng to strip 16 bits/color files down to 8 bits/color.
     * Use accurate scaling if it's available, otherwise just chop off the
     * low byte.
     */
@@ -284,7 +284,7 @@ void read_png(FILE *fp, unsigned int sig_read)  /* File is already open */
    }
 
 #ifdef PNG_READ_QUANTIZE_SUPPORTED
-   /* Quantize RGB files down to 8 bit palette or reduce palettes
+   /* Quantize RGB files down to 8-bit palette or reduce palettes
     * to the number of colors available on your screen.
     */
    if (color_type & PNG_COLOR_MASK_COLOR)
@@ -336,7 +336,7 @@ void read_png(FILE *fp, unsigned int sig_read)  /* File is already open */
    /* Swap the RGBA or GA data to ARGB or AG (or BGRA to ABGR) */
    png_set_swap_alpha(png_ptr);
 
-   /* Swap bytes of 16 bit files to least significant byte first */
+   /* Swap bytes of 16-bit files to least significant byte first */
    png_set_swap(png_ptr);
 
    /* Add filler (or alpha) byte (before/after each RGB triplet) */
@@ -784,7 +784,7 @@ void write_png(char *file_name /* , ... other image information ... */)
    /* Swap bytes of 16-bit files to most significant byte first */
    png_set_swap(png_ptr);
 
-   /* Swap bits of 1, 2, 4 bit packed pixel formats */
+   /* Swap bits of 1-bit, 2-bit, 4-bit packed pixel formats */
    png_set_packswap(png_ptr);
 
    /* Turn on interlace handling if you are not using png_write_image() */

libpng-manual.txt

@@ -1,6 +1,6 @@
 Libpng-manual.txt - A description on how to use and modify libpng
 
- libpng version 1.5.24beta01 - August 11, 2015
+ libpng version 1.5.24beta01 - August 18, 2015
  Updated and distributed by Glenn Randers-Pehrson
  <glennrp at users.sourceforge.net>
  Copyright (c) 1998-2014 Glenn Randers-Pehrson
@@ -11,7 +11,7 @@ Libpng-manual.txt - A description on how to use and modify libpng
 
  Based on:
 
- libpng versions 0.97, January 1998, through 1.5.24beta01 - August 11, 2015
+ libpng versions 0.97, January 1998, through 1.5.24beta01 - August 18, 2015
  Updated and distributed by Glenn Randers-Pehrson
  Copyright (c) 1998-2014 Glenn Randers-Pehrson
 
@@ -4501,7 +4501,7 @@ Other rules can be inferred by inspecting the libpng source.
 
 XIV. Y2K Compliance in libpng
 
-August 11, 2015
+August 18, 2015
 
 Since the PNG Development group is an ad-hoc body, we can't make
 an official declaration.

libpng.3

@@ -1,4 +1,4 @@
-.TH LIBPNG 3 "August 11, 2015"
+.TH LIBPNG 3 "August 18, 2015"
 .SH NAME
 libpng \- Portable Network Graphics (PNG) Reference Library 1.5.24beta01
 .SH SYNOPSIS
@@ -496,7 +496,7 @@ Following is a copy of the libpng-manual.txt file that accompanies libpng.
 .SH LIBPNG.TXT
 Libpng-manual.txt - A description on how to use and modify libpng
 
- libpng version 1.5.24beta01 - August 11, 2015
+ libpng version 1.5.24beta01 - August 18, 2015
  Updated and distributed by Glenn Randers-Pehrson
  <glennrp at users.sourceforge.net>
  Copyright (c) 1998-2014 Glenn Randers-Pehrson
@@ -507,7 +507,7 @@ Libpng-manual.txt - A description on how to use and modify libpng
 
  Based on:
 
- libpng versions 0.97, January 1998, through 1.5.24beta01 - August 11, 2015
+ libpng versions 0.97, January 1998, through 1.5.24beta01 - August 18, 2015
  Updated and distributed by Glenn Randers-Pehrson
  Copyright (c) 1998-2014 Glenn Randers-Pehrson
 
@@ -4997,7 +4997,7 @@ Other rules can be inferred by inspecting the libpng source.
 
 .SH XIV. Y2K Compliance in libpng
 
-August 11, 2015
+August 18, 2015
 
 Since the PNG Development group is an ad-hoc body, we can't make
 an official declaration.
@@ -5310,7 +5310,7 @@ possible without all of you.
 
 Thanks to Frank J. T. Wojcik for helping with the documentation.
 
-Libpng version 1.5.24beta01 - August 11, 2015:
+Libpng version 1.5.24beta01 - August 18, 2015:
 Initially created in 1995 by Guy Eric Schalnat, then of Group 42, Inc.
 Currently maintained by Glenn Randers-Pehrson (glennrp at users.sourceforge.net).
 
@@ -5333,7 +5333,7 @@ this sentence.
 
 This code is released under the libpng license.
 
-libpng versions 1.0.7, July 1, 2000, through 1.5.24beta01, August 11, 2015, are
+libpng versions 1.0.7, July 1, 2000, through 1.5.24beta01, August 18, 2015, are
 Copyright (c) 2000-2002, 2004, 2006-2015 Glenn Randers-Pehrson, and are
 distributed according to the same disclaimer and license as libpng-1.0.6
 with the following individuals added to the list of Contributing Authors:
@@ -5426,7 +5426,7 @@ the additional disclaimers inserted at version 1.0.7.
 
 Glenn Randers-Pehrson
 glennrp at users.sourceforge.net
-August 11, 2015
+August 18, 2015
 
 .\" end of man page
 

png.c

@@ -26,15 +26,20 @@ typedef png_libpng_version_1_5_24beta01 Your_png_h_is_not_version_1_5_24beta01;
 void PNGAPI
 png_set_sig_bytes(png_structp png_ptr, int num_bytes)
 {
+   unsigned int nb = (unsigned int)num_bytes;
+
    png_debug(1, "in png_set_sig_bytes");
 
    if (png_ptr == NULL)
       return;
 
-   if (num_bytes > 8)
+   if (num_bytes < 0)
+      nb = 0;
+
+   if (nb > 8)
       png_error(png_ptr, "Too many bytes for PNG signature");
 
-   png_ptr->sig_bytes = (png_byte)(num_bytes < 0 ? 0 : num_bytes);
+   png_ptr->sig_bytes = (png_byte)nb;
 }
 
 /* Checks whether the supplied bytes match the PNG signature.  We allow
@@ -306,6 +311,8 @@ png_info_init_3(png_infopp ptr_ptr, png_size_t png_info_struct_size)
       png_destroy_struct(info_ptr);
       info_ptr = (png_infop)png_create_struct(PNG_STRUCT_INFO);
       *ptr_ptr = info_ptr;
+      if (info_ptr == NULL)
+         return;
    }
 
    /* Set everything to 0 */
@@ -648,13 +655,13 @@ png_get_copyright(png_const_structp png_ptr)
 #else
 #  ifdef __STDC__
    return PNG_STRING_NEWLINE \
-     "libpng version 1.5.24beta01 - July 24, 2015" PNG_STRING_NEWLINE \
+     "libpng version 1.5.24beta01 - August 18, 2015" PNG_STRING_NEWLINE \
      "Copyright (c) 1998-2015 Glenn Randers-Pehrson" PNG_STRING_NEWLINE \
      "Copyright (c) 1996-1997 Andreas Dilger" PNG_STRING_NEWLINE \
      "Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc." \
      PNG_STRING_NEWLINE;
 #  else
-      return "libpng version 1.5.24beta01 - July 24, 2015\
+      return "libpng version 1.5.24beta01 - August 18, 2015\
       Copyright (c) 1998-2015 Glenn Randers-Pehrson\
       Copyright (c) 1996-1997 Andreas Dilger\
       Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc.";