Most of these are back-portable to earlier versions (contrib/libtests
should just work with earlier versions), however the 1.7 specific
changes in pngvalid mean that it probably won't work against 1.7 without
the commits following this one.
Signed-off-by: John Bowler <jbowler@acm.org>
handling in contrib/libtests/pngstest.c; possible overflow of
unsigned char in contrib/tools/png-fix-itxt.c). To use the "secure"
file handling, define PNG_USE_MKSTEMP, otherwise "tmpfile()" will
be used.
pngstest.c, and pngimage.c. Most seem harmless, but png-fix-itxt
would only work with iTXt chunks with length 255 or less.
Fixed cexcept.h in which GCC 5 reported that one of the auto
variables in the Try macro needs to be volatile to prevent value
being lost over the setjmp, and fixed g++ build breaks (John Bowler).
internal struct (png_transform_control) to replace row_info and uses
that to implement affirms correctly. The change also adds checks on
the rowbytes calculation and additional checks on most transform
implementations.
Added png_uint_16 range checking, pngvalid tRNS, fixed png_uint_16:
review of previous checks, removal of some where SAFE. pngvalid: add
testing of tRNS for better code coverage pngvalid: correct rgb-to-gray
error calculations. Code coverage is still incomplete: see /*UNTESTED*/
in pngrtran.c
seem to generate warnings when an unsigned value is implicitly
converted to double. This is probably a GCC bug but this change
avoids the issue by explicitly converting to (int) where safe.
Free all allocated memory in pngimage. The file buffer cache was left
allocated at the end of the program, harmless but it causes memory
leak reports from clang.
Fixed array size calculations to avoid warnings. At various points
in the code the number of elements in an array is calculated using
sizeof. This generates a compile time constant of type (size_t) which
is then typically assigned to an (unsigned int) or (int). Some versions
of GCC on 64-bit systems warn about the apparent narrowing, even though
the same compiler does apparently generate the correct, in-range,
numeric constant. This adds appropriate, safe, casts to make the
warnings go away.
scripts. Fixed combination of ~alpha with shift. On read invert alpha,
processing occurred after shift processing, which causes the final values to be
outside the range that should be produced by the shift. Reversing the
order on read makes the two transforms work together correctly and mirrors
the order used on write.
This is a work-in-progress; no tests are run automatically at present and
the program by virtue of exhaustively testing all the transforms is
very slow.
Fixed 'minimal' builds. Various obviously useful minimal configurations
don't build because of missing contrib/libtests test programs and overly
complex dependencies in scripts/pnglibconf.dfa. This change adds
contrib/conftest/*.dfa files that can be used in automatic build
scripts to ensure that these configurations continue to build.
Enabled WRITE_INVERT and WRITE_PACK in contrib/pngminim/encoder.
the useful side effect of avoiding a bogus warning generated by the latest
version of the Intel C compiler (it objects to
condition ? string-literal : string-literal).
a flag to change default. In 1.6.0 when the simplified API was used
to produce color-mapped output from an input image with no gamma
information the gamma assumed for the input could be different from
that assumed for non-color-mapped output. In particular 16-bit depth
input files were assumed to be sRGB encoded, whereas in the 'direct'
case they were assumed to have linear data. This was an error. The
fix makes the simplified API treat all input files the same way and
adds a new flag to the png_image::flags member to allow the
application/user to specify that 16-bit files contain sRGB data
rather than the default linear.
Fixed bugs in the pngpixel and makepng test programs.
the massive speed improvements use a make capable of parallel builds
on a multi-CPU machine and pass the right arguments to make (-j10000
for GNU make) to get the build to run in parallel.
