From b35a74556178a1a09444976244e74f5e011de2b6 Mon Sep 17 00:00:00 2001 From: Glenn Randers-Pehrson Date: Wed, 30 Sep 2009 23:12:13 -0500 Subject: [PATCH] [devel] Revised png_check_IHDR() again to check info_ptr members instead of the contents of the returned parameters. --- ANNOUNCE | 6 ++++-- CHANGES | 4 +++- libpng-1.4.0beta85.txt | 48 ++++++++++++++++++++++++------------------ png.c | 14 +++--------- pngget.c | 26 ++++++++--------------- pngset.c | 12 ++++++----- 6 files changed, 53 insertions(+), 57 deletions(-) diff --git a/ANNOUNCE b/ANNOUNCE index f83ee0ee5..6429ae079 100644 --- a/ANNOUNCE +++ b/ANNOUNCE @@ -1,5 +1,5 @@ -Libpng 1.4.0beta85 - September 30, 2009 +Libpng 1.4.0beta85 - October 1, 2009 This is not intended to be a public release. It will be replaced within a few weeks by a public version or by another test version. @@ -570,7 +570,9 @@ version 1.4.0beta84 [September 30, 2009] Fixed some inconsistent indentation in pngconf.h Revised png_check_IHDR() to add a test for width variable less than 32-bit. -version 1.4.0beta85 [September 30, 2009] +version 1.4.0beta85 [October 1, 2009] + Revised png_check_IHDR() again, to check info_ptr members instead of + the contents of the returned parameters. version 1.4.0betaN [future] Build shared libraries with -lz and sometimes -lm. diff --git a/CHANGES b/CHANGES index 9cfea814c..0e8902525 100644 --- a/CHANGES +++ b/CHANGES @@ -2256,7 +2256,9 @@ version 1.4.0beta84 [September 30, 2009] Fixed some inconsistent indentation in pngconf.h Revised png_check_IHDR() to add a test for width variable less than 32-bit. -version 1.4.0beta85 [September 30, 2009] +version 1.4.0beta85 [October 1, 2009] + Revised png_check_IHDR() again, to check info_ptr members instead of + the contents of the returned parameters. version 1.4.0betaN [future] Build shared libraries with -lz and sometimes -lm. diff --git a/libpng-1.4.0beta85.txt b/libpng-1.4.0beta85.txt index 33d18f915..1e29fd97c 100644 --- a/libpng-1.4.0beta85.txt +++ b/libpng-1.4.0beta85.txt @@ -1,6 +1,6 @@ libpng.txt - A description on how to use and modify libpng - libpng version 1.4.0beta85 - September 30, 2009 + libpng version 1.4.0beta85 - October 1, 2009 Updated and distributed by Glenn Randers-Pehrson Copyright (c) 1998-2009 Glenn Randers-Pehrson @@ -11,7 +11,7 @@ libpng.txt - A description on how to use and modify libpng Based on: - libpng versions 0.97, January 1998, through 1.4.0beta85 - September 30, 2009 + libpng versions 0.97, January 1998, through 1.4.0beta85 - October 1, 2009 Updated and distributed by Glenn Randers-Pehrson Copyright (c) 1998-2009 Glenn Randers-Pehrson @@ -557,10 +557,33 @@ in until png_read_end() has read the chunk data following the image. for PNG 1.0) interlace_type - (PNG_INTERLACE_NONE or PNG_INTERLACE_ADAM7) - Any or all of interlace_type, compression_type, of + + Any or all of interlace_type, compression_type, or filter_method can be NULL if you are not interested in their values. + Note that png_get_IHDR() returns 32-bit data into + the application's width and height variables. + This is an unsafe situation if these are 16-bit + variables. In such situations, the + png_get_image_width() and png_get_image_height() + functions described below are safer. + + width = png_get_image_width(png_ptr, + info_ptr); + height = png_get_image_height(png_ptr, + info_ptr); + bit_depth = png_get_bit_depth(png_ptr, + info_ptr); + color_type = png_get_color_type(png_ptr, + info_ptr); + filter_method = png_get_filter_type(png_ptr, + info_ptr); + compression_type = png_get_compression_type(png_ptr, + info_ptr); + interlace_type = png_get_interlace_type(png_ptr, + info_ptr); + channels = png_get_channels(png_ptr, info_ptr); channels - number of channels of info for the color type (valid values are 1 (GRAY, @@ -580,23 +603,6 @@ in until png_read_end() has read the chunk data following the image. be in signature[4] through signature[7] (see png_set_sig_bytes())). - - width = png_get_image_width(png_ptr, - info_ptr); - height = png_get_image_height(png_ptr, - info_ptr); - bit_depth = png_get_bit_depth(png_ptr, - info_ptr); - color_type = png_get_color_type(png_ptr, - info_ptr); - filter_method = png_get_filter_type(png_ptr, - info_ptr); - compression_type = png_get_compression_type(png_ptr, - info_ptr); - interlace_type = png_get_interlace_type(png_ptr, - info_ptr); - - These are also important, but their validity depends on whether the chunk has been read. The png_get_valid(png_ptr, info_ptr, PNG_INFO_) and png_get_(png_ptr, info_ptr, ...) functions return non-zero if the @@ -3205,7 +3211,7 @@ source. XIII. Y2K Compliance in libpng -September 30, 2009 +October 1, 2009 Since the PNG Development group is an ad-hoc body, we can't make an official declaration. diff --git a/png.c b/png.c index 37802fe98..a24f59832 100644 --- a/png.c +++ b/png.c @@ -1,7 +1,7 @@ /* png.c - location for general purpose libpng functions * - * Last changed in libpng 1.4.0 [September 30, 2009] + * Last changed in libpng 1.4.0 [October 1, 2009] * Copyright (c) 1998-2009 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) @@ -547,13 +547,13 @@ png_get_copyright(png_structp png_ptr) #else #ifdef __STDC__ return ((png_charp) PNG_STRING_NEWLINE \ - "libpng version x 1.4.0beta85 - September 30, 2009" PNG_STRING_NEWLINE \ + "libpng version x 1.4.0beta85 - October 1, 2009" PNG_STRING_NEWLINE \ "Copyright (c) 1998-2009 Glenn Randers-Pehrson" PNG_STRING_NEWLINE \ "Copyright (c) 1996-1997 Andreas Dilger" PNG_STRING_NEWLINE \ "Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc." \ PNG_STRING_NEWLINE); #else - return ((png_charp) "libpng version 1.4.0beta85 - September 30, 2009\ + return ((png_charp) "libpng version 1.4.0beta85 - October 1, 2009\ Copyright (c) 1998-2009 Glenn Randers-Pehrson\ Copyright (c) 1996-1997 Andreas Dilger\ Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc."); @@ -796,14 +796,6 @@ png_check_IHDR(png_structp png_ptr, #endif { png_warning(png_ptr, "Image width exceeds user limit in IHDR"); - if ((width >> 16) == height) - { - /* This is likely to be caused by passing consecutive addresses - * of 16-bit width and height variables to png_get_IHDR(), which - * overflowed when we tried to fill them with 31-bit data. - */ - png_warning(png_ptr, "High bytes of width == low bytes of height"); - } error = 1; } diff --git a/pngget.c b/pngget.c index cd9d62e3b..556b43ddb 100644 --- a/pngget.c +++ b/pngget.c @@ -1,7 +1,7 @@ /* pngget.c - retrieval of values from info struct * - * Last changed in libpng 1.4.0 [September 30, 2009] + * Last changed in libpng 1.4.0 [October 1, 2009] * Copyright (c) 1998-2009 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) @@ -579,10 +579,6 @@ png_get_IHDR(png_structp png_ptr, png_infop info_ptr, int *filter_type) { - int test_interlace_type = 0; - int test_compression_type = 0; - int test_filter_type = 0; - png_debug1(1, "in %s retrieval function", "IHDR"); if (png_ptr == NULL || info_ptr == NULL || width == NULL || @@ -595,26 +591,22 @@ png_get_IHDR(png_structp png_ptr, png_infop info_ptr, *color_type = info_ptr->color_type; if (compression_type != NULL) - { *compression_type = info_ptr->compression_type; - test_compression_type=*compression_type; - } if (filter_type != NULL) - { *filter_type = info_ptr->filter_type; - test_filter_type=*filter_type; - } if (interlace_type != NULL) - { *interlace_type = info_ptr->interlace_type; - test_interlace_type=*interlace_type; - } - png_check_IHDR (png_ptr, *width, *height, *bit_depth, *color_type, - info_ptr->interlace_type, info_ptr->compression_type, - info_ptr->filter_type); + /* This is redundant if we can be sure that the info_ptr values were all + * assigned in png_set_IHDR(). We do the check anyhow in case an + * application has ignored our advice not to mess with the members + * of info_ptr directly. + */ + png_check_IHDR (png_ptr, info_ptr->width, info_ptr->height, + info_ptr->bit_depth, info_ptr->color_type, info_ptr->interlace_type, + info_ptr->compression_type, info_ptr->filter_type); return (1); } diff --git a/pngset.c b/pngset.c index bd1f496e6..b494cd5b1 100644 --- a/pngset.c +++ b/pngset.c @@ -1,7 +1,7 @@ /* pngset.c - storage of image information into info struct * - * Last changed in libpng 1.4.0 [September 30, 2009] + * Last changed in libpng 1.4.0 [October 1, 2009] * Copyright (c) 1998-2009 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) @@ -227,16 +227,18 @@ png_set_IHDR(png_structp png_ptr, png_infop info_ptr, if (png_ptr == NULL || info_ptr == NULL) return; - png_check_IHDR (png_ptr, width, height, bit_depth, color_type, - interlace_type, compression_type, filter_type); - info_ptr->width = width; info_ptr->height = height; info_ptr->bit_depth = (png_byte)bit_depth; - info_ptr->color_type =(png_byte) color_type; + info_ptr->color_type = (png_byte)color_type; info_ptr->compression_type = (png_byte)compression_type; info_ptr->filter_type = (png_byte)filter_type; info_ptr->interlace_type = (png_byte)interlace_type; + + png_check_IHDR (png_ptr, info_ptr->width, info_ptr->height, + info_ptr->bit_depth, info_ptr->color_type, info_ptr->interlace_type, + info_ptr->compression_type, info_ptr->filter_type); + if (info_ptr->color_type == PNG_COLOR_TYPE_PALETTE) info_ptr->channels = 1; else if (info_ptr->color_type & PNG_COLOR_MASK_COLOR)