commit 7cecdcae0715bbf7a4b643071e0d39f05d5e7f52
author Cosmin Truta <ctruta@gmail.com> Thu Jul 03 22:42:11 2025 +0300
committer Cosmin Truta <ctruta@gmail.com> Thu Jul 03 22:42:11 2025 +0300
tree e5268d3cf6351786e29e350cdcfe260ee3c6e002
parent cf59edd364b28de01fa6089a46e6ff8efe677074

Harden a vestigial check against overflow inside `png_zalloc`

Reported-by: Sergio Atienza Pastor, MTP Métodos y Tecnología

png.c

diff --git a/png.c b/png.c
index d96c30a..673ddca 100644
--- a/png.c
+++ b/png.c
@@ -108,10 +108,16 @@
    if (png_ptr == NULL)
       return NULL;
 
-   if (items >= (~(png_alloc_size_t)0)/size)
+   /* This check against overflow is vestigial, dating back from
+    * the old times when png_zalloc used to be an exported function.
+    * We're still keeping it here for now, as an extra-cautious
+    * prevention against programming errors inside zlib, although it
+    * should rather be a debug-time assertion instead.
+    */
+   if (size != 0 && items >= (~(png_alloc_size_t)0) / size)
    {
-      png_warning (png_voidcast(png_structrp, png_ptr),
-          "Potential overflow in png_zalloc()");
+      png_warning(png_voidcast(png_structrp, png_ptr),
+                  "Potential overflow in png_zalloc()");
       return NULL;
    }