From f911c1146a86a005f1a075de1f9a307cf4a8a4ad Mon Sep 17 00:00:00 2001 From: Glenn Randers-Pehrson Date: Sun, 25 Sep 2016 22:22:47 -0500 Subject: [PATCH] [libpng17] Warn about ADLER32 checksum mismatch instead of issuing png_error(). Add tests/badcrc.png and tests/badadler.png to tests/pngtest. --- ANNOUNCE | 8 +++- CHANGES | 6 ++- pngrutil.c | 98 ++++++++++++++++++++++++++------------------- pngtest.c | 4 ++ tests/badadler.png | Bin 0 -> 67 bytes tests/badcrc.png | Bin 0 -> 67 bytes tests/pngtest | 2 + 7 files changed, 74 insertions(+), 44 deletions(-) create mode 100644 tests/badadler.png create mode 100644 tests/badcrc.png diff --git a/ANNOUNCE b/ANNOUNCE index 0ad6092bc..35eb15fef 100644 --- a/ANNOUNCE +++ b/ANNOUNCE @@ -1,5 +1,5 @@ -Libpng 1.7.0beta84 - September 19, 2016 +Libpng 1.7.0beta84 - September 26, 2016 This is not intended to be a public release. It will be replaced within a few weeks by a public version or by another test version. @@ -1396,13 +1396,17 @@ Version 1.7.0beta83 [July 23, 2016] in reading. Fixed debug test of output gamma. -Version 1.7.0beta84 [September 19, 2016] +Version 1.7.0beta84 [September 26, 2016] Minor editing of INSTALL, (whitespace, added copyright line) Don't install pngcp; it conflicts with pngcp in the pngtools package. Fixed handling zero length IDAT in pngfix (bug report by Agostino Sarubbo, bugfix by John Bowler). Conditionally compile png_set_benign_errors() in pngread.c and pngtest.c Changed PNG_ZLIB_VERNUM to ZLIB_VERNUM in pngrutil.c. + If CRC handling of critical chunks has been set to PNG_CRC_QUIET_USE, + ignore the ADLER32 checksum in the IDAT chunk as well as the chunk CRCs. + Warn about ADLER32 checksum mismatch instead of issuing a png_error(). + Add tests/badcrc.png and tests/badadler.png to tests/pngtest. Send comments/corrections/commendations to png-mng-implement at lists.sf.net (subscription required; visit diff --git a/CHANGES b/CHANGES index 0640c994f..cfd473bc2 100644 --- a/CHANGES +++ b/CHANGES @@ -5696,13 +5696,17 @@ Version 1.7.0beta83 [July 23, 2016] in reading. Fixed debug test of output gamma. -Version 1.7.0beta84 [September 19, 2016] +Version 1.7.0beta84 [September 26, 2016] Minor editing of INSTALL, (whitespace, added copyright line) Don't install pngcp; it conflicts with pngcp in the pngtools package. Fixed handling zero length IDAT in pngfix (bug report by Agostino Sarubbo, bugfix by John Bowler). Conditionally compile png_set_benign_errors() in pngread.c and pngtest.c Changed PNG_ZLIB_VERNUM to ZLIB_VERNUM in pngrutil.c. + If CRC handling of critical chunks has been set to PNG_CRC_QUIET_USE, + ignore the ADLER32 checksum in the IDAT chunk as well as the chunk CRCs. + Warn about ADLER32 checksum mismatch instead of issuing a png_error(). + Add tests/badcrc.png and tests/badadler.png to tests/pngtest. Send comments/corrections/commendations to png-mng-implement at lists.sf.net (subscription required; visit diff --git a/pngrutil.c b/pngrutil.c index b29bf2007..bbed2a4d6 100644 --- a/pngrutil.c +++ b/pngrutil.c @@ -260,12 +260,12 @@ png_inflate_claim(png_structrp png_ptr, png_uint_32 owner) * are minimal. */ (void)png_safecat(msg, (sizeof msg), 4, " using zstream"); -# if PNG_RELEASE_BUILD - png_chunk_warning(png_ptr, msg); - png_ptr->zowner = 0; -# else - png_chunk_error(png_ptr, msg); -# endif +#if PNG_RELEASE_BUILD + png_chunk_warning(png_ptr, msg); + png_ptr->zowner = 0; +#else + png_chunk_error(png_ptr, msg); +#endif } /* Implementation note: unlike 'png_deflate_claim' this internal function @@ -283,21 +283,17 @@ png_inflate_claim(png_structrp png_ptr, png_uint_32 owner) */ { int ret; /* zlib return code */ -# if ZLIB_VERNUM >= 0x1240 +#if ZLIB_VERNUM >= 0x1240 + int window_bits = 0; -# if defined(PNG_SET_OPTION_SUPPORTED) && \ - defined(PNG_MAXIMUM_INFLATE_WINDOW) - int window_bits; +# if defined(PNG_SET_OPTION_SUPPORTED) && \ + defined(PNG_MAXIMUM_INFLATE_WINDOW) if (png_ptr->maximum_inflate_window) window_bits = 15; - else - window_bits = 0; -# else -# define window_bits 0 -# endif -# endif +# endif +#endif /* ZLIB_VERNUM >= 0x1240 */ /* Initialize the alloc/free callbacks every time: */ png_ptr->zstream.zalloc = png_zalloc; @@ -317,22 +313,28 @@ png_inflate_claim(png_structrp png_ptr, png_uint_32 owner) */ if (png_ptr->zstream.state != NULL) { -# if ZLIB_VERNUM < 0x1240 - ret = inflateReset(&png_ptr->zstream); -# else - ret = inflateReset2(&png_ptr->zstream, window_bits); -# endif +#if ZLIB_VERNUM >= 0x1240 + ret = inflateReset2(&png_ptr->zstream, window_bits); +#else + ret = inflateReset(&png_ptr->zstream); +#endif } else { -# if ZLIB_VERNUM < 0x1240 - ret = inflateInit(&png_ptr->zstream); -# else - ret = inflateInit2(&png_ptr->zstream, window_bits); -# endif +#if ZLIB_VERNUM >= 0x1240 + ret = inflateInit2(&png_ptr->zstream, window_bits); +#else + ret = inflateInit(&png_ptr->zstream); +#endif } +#if ZLIB_VERNUM >= 0x1240 + /* Turn off validation of the ADLER32 checksum */ + if (png_ptr->current_crc == crc_quiet_use) + ret = inflateReset2(&png_ptr->zstream, -window_bits); +#endif + if (ret == Z_OK && png_ptr->zstream.state != NULL) { png_ptr->zowner = owner; @@ -3770,24 +3772,38 @@ png_inflate_IDAT(png_structrp png_ptr, int finish, */ if (!png_ptr->zstream_error) /* first time */ { -# ifdef PNG_BENIGN_READ_ERRORS_SUPPORTED - switch (png_ptr->IDAT_error_action) - { - case PNG_ERROR: +#ifdef PNG_BENIGN_READ_ERRORS_SUPPORTED + switch (png_ptr->IDAT_error_action) + { + case PNG_ERROR: + if(!strncmp(png_ptr->zstream.msg,"incorrect data check",20)) + { + if (png_ptr->current_crc != crc_quiet_use) + png_chunk_warning(png_ptr, "ADLER32 checksum mismatch"); + } + + else + { png_chunk_error(png_ptr, png_ptr->zstream.msg); - break; + } + break; - case PNG_WARN: - png_chunk_warning(png_ptr, png_ptr->zstream.msg); - break; + case PNG_WARN: + png_chunk_warning(png_ptr, png_ptr->zstream.msg); + break; - default: /* ignore */ - /* Keep going */ - break; - } -# else - png_chunk_error(png_ptr, png_ptr->zstream.msg); -# endif /* !BENIGN_ERRORS */ + default: /* ignore */ + /* Keep going */ + break; + } +#else + { + if(!strncmp(png_ptr->zstream.msg,"incorrect data check",20)) + png_chunk_warning(png_ptr, "ADLER32 checksum mismatch"); + else + png_chunk_error(png_ptr, png_ptr->zstream.msg); + } +#endif /* !BENIGN_ERRORS */ /* And prevent the report about too many IDATs on streams with internal * LZ errors: diff --git a/pngtest.c b/pngtest.c index 9bde30d83..4c6e4421c 100644 --- a/pngtest.c +++ b/pngtest.c @@ -986,9 +986,13 @@ test_one_file(PNG_CONST char *inname, PNG_CONST char *outname) /* Allow application (pngtest) errors and warnings to pass */ png_set_benign_errors(read_ptr, 1); + /* Turn off CRC and ADLER32 checking while reading */ + png_set_crc_action(read_ptr, PNG_CRC_QUIET_USE, PNG_CRC_QUIET_USE); + # ifdef PNG_WRITE_SUPPORTED png_set_benign_errors(write_ptr, 1); # endif + } #endif /* BENIGN_ERRORS */ diff --git a/tests/badadler.png b/tests/badadler.png new file mode 100644 index 0000000000000000000000000000000000000000..e3ade3d34f400b67e7fdf1dd6a57a209ea429108 GIT binary patch literal 67 zcmeAS@N?(olHy`uVBq!ia0vp^j35jm7|ip2ssJf2PZ!4!j_b(@KsFNt!&J4Nr9c*g Mr>mdKI;Vst0A6tnQ2+n{ literal 0 HcmV?d00001 diff --git a/tests/badcrc.png b/tests/badcrc.png new file mode 100644 index 0000000000000000000000000000000000000000..14a8439cecfa4539de4790fd2507c37cc3478451 GIT binary patch literal 67 zcmeAS@N?(olHy`uVBq!ia0vp^j35jm7|ip2ssJf2PZ!4!j_b(@KsFOt8pvQ^@O1Ta JS?83{1OP(s3T6NR literal 0 HcmV?d00001 diff --git a/tests/pngtest b/tests/pngtest index 813973b23..d33f93616 100755 --- a/tests/pngtest +++ b/tests/pngtest @@ -1,2 +1,4 @@ #!/bin/sh +./pngtest --relaxed ${srcdir}/tests/badcrc.png +./pngtest --relaxed ${srcdir}/tests/badadler.png exec ./pngtest --strict ${srcdir}/pngtest.png