2418 Commits

Author SHA1 Message Date
Glenn Randers-Pehrson
a8b45d9f7e [libpng17] Removed pngstest-pngsuite test from CMakeLists.txt 2016-01-30 09:31:33 -06:00
Roger Leigh
c39c5640b4 [libpng17] Updated CMakeLists.txt, added supporting scripts/gen*.cmake.in
and test.cmake.in (Roger Leigh).
2016-01-29 17:27:39 -06:00
Glenn Randers-Pehrson
eb5e71cc8c [libpng17] Update CHANGES, ANNOUNCE, and some "last changed" dates 2016-01-29 16:20:34 -06:00
John Bowler
85cb69aa82 Forward port libpng16 fixes
Batched fixes from libpng16: PNG_IMAGE_PNG_SIZE_MAX macro fix, contrib/libtests
exit(77) change to just do that for configure and changes to pngstest to
(by default) make random backgrounds on a per-file, not per-session, basis.

Signed-off-by: John Bowler <jbowler@acm.org>
2016-01-28 23:11:33 -08:00
Glenn Randers-Pehrson
dcb3f792d9 [libpng17] Bump version to 1.7.0beta79 2016-01-23 14:57:49 -06:00
Glenn Randers-Pehrson
9a6922896d [libpng17] Imported from libpng-1.7.0beta78.tar v1.7.0beta78 2016-01-23 14:06:48 -06:00
Glenn Randers-Pehrson
55d3b3226e [libpng17] Document new png_image_write_to_memory() API 2016-01-23 13:59:24 -06:00
Glenn Randers-Pehrson
443694d7ac [libpng17] Revised workaround for Coverity issue in pngvalid.c 2016-01-23 10:10:52 -06:00
Glenn Randers-Pehrson
f26fa77ef8 [libpng17] Updated CHANGES and ANNOUNCE, fixed typo in pngunknown.c comment. 2016-01-19 08:32:18 -06:00
John Bowler
e46cd2e6bc Simplified API: use system appropriate types
This is an API change for 1.7, albeit a quiet one; it may produce compiler
warnings but should not result in errors, unless warnings are treated as errors.

On 64-bit systems it widens the results of the various PNG_IMAGE_ macros that
return size values (component counts, byte sizes) to 64 bits.  It also changes
the row_stride parameter, which is the pointer difference between adjacent rows
of the image buffer, to ptrdiff_t which is the ANSI-C90 defined type of the
difference of two pointers.  The existing (1.6.22) checks for overflow are
preserved but now accomdate images that require more than 32 bits of address
space when size_t/ptrdiff_t are 64 bit types.

Signed-off-by: John Bowler <jbowler@acm.org>
2016-01-18 20:44:26 -08:00
John Bowler
f2a160299e pngunknown: update date 2016-01-18 12:02:40 -08:00
John Bowler
4697cbded6 Simplified API: write-to-memory, overflow handling
This implements an API and provides a number of assist macros to allow an
application which uses the simplified API write to bypass stdio and write
directly to memory.

It also includes some warnings (png.h) and some check code to detect *possible*
overflow in the ROW_STRIDE and simplified image SIZE macros.  This disallows
image width/height/format that *might* overflow.  A quiet API change that limits
in-memory image size (uncompressed) to less that 4GByte and image row size
(stride) to less than 2GByte.

Signed-off-by: John Bowler <jbowler@acm.org>
2016-01-18 11:50:30 -08:00
John Bowler
033a0d7b49 pngunknown: fix NO_STDIO build
pngunknown.c calls png_init_io (always), skip the test if there is no stdio.h
support.

Signed-off-by: John Bowler <jbowler@acm.org>
2016-01-18 11:34:13 -08:00
Glenn Randers-Pehrson
eacf6f9637 [libpng17] Changed PNG_USE_MKSTEMP to __COVERITY__ to select alternate
"tmpfile()" implementation in contrib/libtests/pngstest.c
2016-01-17 16:03:10 -06:00
Glenn Randers-Pehrson
7912bf3037 [libpng17] Bump version to 1.7.0beta78 2016-01-16 08:00:36 -06:00
Glenn Randers-Pehrson
e4fad63915 [libpng17] Imported from libpng-1.7.0beta77.tar v1.7.0beta77 2016-01-16 08:00:23 -06:00
Glenn Randers-Pehrson
89287f10b8 [libpng17] Worked around a false-positive Coverity issue in pngvalid.c. 2016-01-13 09:48:41 -06:00
Glenn Randers-Pehrson
6271b4fc78 [libpng17] Updated CHANGES and ANNOUNCE 2016-01-12 14:44:47 -06:00
John Bowler
3d024874a5 Recently introduced palette sharing bug
The internal read code change to stop sharing the palette was incompletely
implemented.  The result is that unless palette index checking is turned off and
there are no read transformations the png_info palette gets deleted when the
png_struct is deleted.  This is normally harmless (png_info gets deleted first)
but in the case of pngcp it results in use-after-free of the palette and,
therefore, palette corruption and maybe on some operating systems and access
violation.

This also updated pngcp 'search' mode to check a restricted range of memLevels;
there is an unrelated bug which means that lower zlib memLevels result in memory
corruption under some circumstances, probably less often than 1:1000.

Signed-off-by: John Bowler <jbowler@acm.org>
2016-01-12 09:36:10 -08:00
Glenn Randers-Pehrson
2fce16e5c4 [libpng17] Update CHANGES and ANNOUNCE, fix typo in png.h 2016-01-10 19:34:16 -06:00
John Bowler
fc322f6d48 Add pngcp IDAT size test
Also change the order of the 'level' and 'windowBits' searches to seach
windowBits first; this favours windowBits optimizations over compression level
ones on the basis that the latter should only affect the write code.

Signed-off-by: John Bowler <jbowler@acm.org>
2016-01-10 13:53:47 -08:00
John Bowler
1afbb57994 IDAT read buffering correction
The sequential read code failed to read to the end of the IDAT stream in about
1/820 cases, resulting in a spurious warning.  The
png_set_compression_buffer_size API also would not work (or do bad things) if
the size of a zlib uInt was less than 32 bits.

This includes a quiet API change to alter png_set_compression_buffer_size to use
a png_alloc_size_t, not png_size_t and implement the correct checks.

Signed-off-by: John Bowler <jbowler@acm.org>
2016-01-10 13:51:29 -08:00
John Bowler
e393f19527 Fix write problem with reduced size IDAT chunks
png_set_compression_buffer_size would result in a spurious debug assert if the
compression buffer size was set to something other than a multiple of
PNG_ROW_BUFFER_SIZE; the debug test failed to add the buffer 'start'

Signed-off-by: John Bowler <jbowler@acm.org>
2016-01-10 13:49:34 -08:00
John Bowler
79378d49b3 [libpng17] Changed copyright and license in pngcp.c to be nearly public domain
similar to the other files in the contrib/examples directory.
2016-01-10 12:09:38 -06:00
Glenn Randers-Pehrson
d9d6b6e361 [libpng17] Update CHANGES and ANNOUNCE 2016-01-10 08:00:00 -06:00
John Bowler
b9014ed336 contrib/examples/pngcp search mode
This is still a work-in-progress but it seems fairly stable (if not exactly 100%
optimal).  pngcp now allows 'all' for some options which iterates through all
possible settings (this reliably produces the smallest IDAT that libpng can
produce with those settings.)  It also contains a --search command line option
which attempts to optimize this by skipping pointless tests; it is close, most
of the time, but not perfect.

Signed-off-by: John Bowler <jbowler@acm.org>
2016-01-09 17:40:55 -08:00
John Bowler
faf68f8d57 Fix for serious write bugs in pngwutil.c
There are two separate problems.  The first is that the CMINFO optimization code
gets run twice on any PNG IDAT stream longer than 2048 bytes and the second time
can overwrite bytes 2048,2049 destroying the output.

The second is that one of the (debug) checks was slightly wrong (< when <=
should have been used) and this causes write to abort maybe 1/2048 times.

Signed-off-by: John Bowler <jbowler@acm.org>
2016-01-09 17:38:34 -08:00
Glenn Randers-Pehrson
09a1afbb3d [libpng17] Fixed another Coverity defect, NULL dereference "ps" in pngwutil.c 2016-01-08 18:59:36 -06:00
Glenn Randers-Pehrson
27e11dc8cf [libpng17] Bump version to 1.7.0beta77 2016-01-07 13:08:04 -06:00
Glenn Randers-Pehrson
df4568f84b [libpng17] Imported from libpng-1.7.0beta76.tar v1.7.0beta76 2016-01-07 13:06:57 -06:00
Glenn Randers-Pehrson
6d5f00571d [libpng17] Fixed new Coverity defect, potential NULL dereference of "ps"
in pngwutil.c; Added temporary workaround for Coverity "Dead code" defect.
2016-01-07 09:24:56 -06:00
Glenn Randers-Pehrson
4705951df1 [libpng17] Relocate assert() in pngfix.c, update CHANGES and ANNOUNCE. 2016-01-06 16:16:09 -06:00
John Bowler
f33fe44b9f Mark 'limit' UNUSED in transform_range_check
Only affects release builds

Signed-off-by: John Bowler <jbowler@acm.org>
2016-01-06 13:00:08 -08:00
Glenn Randers-Pehrson
43d0aa7218 [libpng17] Removed redundant "option WRITE" from scripts/pnglibconf.dfa 2016-01-02 14:13:49 -06:00
Glenn Randers-Pehrson
89ebb4dd52 [libpng17] Happy 2016! Updated copyright year 2016-01-02 13:51:52 -06:00
Glenn Randers-Pehrson
8d18e76f2b [libpng17] Updated the manpage (libpng.3 and libpng-manual.txt) 2015-12-29 20:39:28 -06:00
Glenn Randers-Pehrson
fafbc6a458 [libpng17] Update CHANGES and ANNOUNCE, fix two trivial typos in comments 2015-12-29 19:50:41 -06:00
John Bowler
4253c4d759 tIME and text position handling
The handling of tIME and text chunks on read now records the location of the
chunks relative to PLTE and IDAT.  Behavior on write is unchanged except that if
the position was recorded on read it will be re-used.

This involves an ABI change to the png_text_struct; a one byte location field is
added (with the same meaning as the one used to record unknown chunk location.)
Because this field is only used on read there is no API change unless a png_info
from a libpng read is passed to a subsequent libpng write (this did not work
very well before 1.7; the tIME chunk could get duplicated.)

png_set_text ignores the new field, resetting it to the current position in the
read or write stream.  On write the position is set to the next location to be
written unless the write has not started (the position is before the signature)
in which case the location is set to PNG_HAVE_PLTE|PNG_AFTER_IDAT.  When the
chunk is written the position is set to the actual write location (effectively
the position is frozen.)

Signed-off-by: John Bowler <jbowler@acm.org>
2015-12-29 15:30:31 -08:00
Glenn Randers-Pehrson
c90572ee77 [libpng17] Updated CHANGES and ANNOUNCE 2015-12-28 19:57:26 -06:00
John Bowler
ef26a3f0fb pngcp.c: code to test zlib options
This adds code to iterate through the command line options when non-list options
have the 'all' parameter.  Used to rapidly test the effect of different zlib
options.

Signed-off-by: John Bowler <jbowler@acm.org>
2015-12-28 16:17:12 -08:00
John Bowler
63ea57a796 Add NULL pz->list test to png_zlib_compress_validate
This seems safer; in fact a NULL dereference never happens because the test ends
up just doing arithmetic on NULL but it seems possible that the undefined
arithmetic can still happen if there is a bug elsewhere.

Signed-off-by: John Bowler <jbowler@acm.org>
2015-12-28 16:15:36 -08:00
John Bowler
07c60a383a Correct the options handling
Setting the new, higher, option bits triggered the byte check (which is no
longer necessary).

Signed-off-by: John Bowler <jbowler@acm.org>
2015-12-28 16:14:15 -08:00
Glenn Randers-Pehrson
8d124a250a [libpng17] In projects/vstudio, merged readme.txt and WARNING into README.txt 2015-12-28 08:50:52 -06:00
Glenn Randers-Pehrson
0340dcdcbd [libpng17] Indented tables in projects/vstudio/WARNING 2015-12-27 20:50:18 -06:00
Glenn Randers-Pehrson
ff57ec2126 [libpng17] Minor update to vstudio documentation 2015-12-27 20:35:29 -06:00
Glenn Randers-Pehrson
745a926a38 [libpng17] Bump version to 1.7.0beta76 2015-12-25 08:48:02 -06:00
Glenn Randers-Pehrson
4b1d9e8c2a [libpng17] Imported from libpng-1.7.0beta75.tar v1.7.0beta75 2015-12-25 08:31:37 -06:00
Glenn Randers-Pehrson
bb4bcecaa0 [libpng17] Updated CHANGES and ANNOUNCE 2015-12-21 09:21:31 -06:00
David Drysdale
28fa0d23c1 Reverse order of tests in png_zlib_compress_validate
Undefined behaviour sanitizer currently fires for this test
with an error about member access within null pointer to
struct; put the check that relies on pz->list being non-NULL
second.
2015-12-21 11:29:34 +00:00
Glenn Randers-Pehrson
1bfeb46881 [libpng17] Update CHANGES and ANNOUNCE 2015-12-19 14:49:48 -06:00