[libpng16] Fixed array size calculations to avoid warnings. At various points
in the code the number of elements in an array is calculated using
sizeof. This generates a compile time constant of type (size_t) which
is then typically assigned to an (unsigned int) or (int). Some versions
of GCC on 64-bit systems warn about the apparent narrowing, even though
the same compiler does apparently generate the correct, in-range,
numeric constant. This adds appropriate, safe, casts to make the
warnings go away.
diff --git a/ANNOUNCE b/ANNOUNCE
index 72c02c2..1507ea4 100644
--- a/ANNOUNCE
+++ b/ANNOUNCE
@@ -45,6 +45,21 @@
example.c, pngtest.c, and applications in the contrib directory.
Avoid out-of-bounds memory access in png_user_version_check().
Simplified and future-proofed png_user_version_check().
+ Fixed GCC unsigned int->float warnings. Various versions of GCC
+ seem to generate warnings when an unsigned value is implicitly
+ converted to double. This is probably a GCC bug but this change
+ avoids the issue by explicitly converting to (int) where safe.
+ Free all allocated memory in pngimage. The file buffer cache was left
+ allocated at the end of the program, harmless but it causes memory
+ leak reports from clang.
+ Fixed array size calculations to avoid warnings. At various points
+ in the code the number of elements in an array is calculated using
+ sizeof. This generates a compile time constant of type (size_t) which
+ is then typically assigned to an (unsigned int) or (int). Some versions
+ of GCC on 64-bit systems warn about the apparent narrowing, even though
+ the same compiler does apparently generate the correct, in-range,
+ numeric constant. This adds appropriate, safe, casts to make the
+ warnings go away.
Send comments/corrections/commendations to png-mng-implement at lists.sf.net
(subscription required; visit
diff --git a/CHANGES b/CHANGES
index d96b1d8..8cddc7d 100644
--- a/CHANGES
+++ b/CHANGES
@@ -5060,6 +5060,14 @@
Free all allocated memory in pngimage. The file buffer cache was left
allocated at the end of the program, harmless but it causes memory
leak reports from clang.
+ Fixed array size calculations to avoid warnings. At various points
+ in the code the number of elements in an array is calculated using
+ sizeof. This generates a compile time constant of type (size_t) which
+ is then typically assigned to an (unsigned int) or (int). Some versions
+ of GCC on 64-bit systems warn about the apparent narrowing, even though
+ the same compiler does apparently generate the correct, in-range,
+ numeric constant. This adds appropriate, safe, casts to make the
+ warnings go away.
Send comments/corrections/commendations to png-mng-implement at lists.sf.net
(subscription required; visit
diff --git a/contrib/libtests/pngvalid.c b/contrib/libtests/pngvalid.c
index c3fe7b8..d6a50c8 100644
--- a/contrib/libtests/pngvalid.c
+++ b/contrib/libtests/pngvalid.c
@@ -157,6 +157,13 @@
&(ps)->exception_context
#define context(ps,fault) anon_context(ps); png_store *fault
+/* This macro returns the number of elements in an array as an (unsigned int),
+ * it is necessary to avoid the inability of certain versions of GCC to use
+ * the value of a compile-time constant when performing range checks. It must
+ * be passed an array name.
+ */
+#define ARRAY_SIZE(a) ((unsigned int)((sizeof (a))/(sizeof (a)[0])))
+
/******************************* UTILITIES ************************************/
/* Error handling is particularly problematic in production code - error
* handlers often themselves have bugs which lead to programs that detect
@@ -4106,7 +4113,7 @@
standard_name(name, sizeof name, 0, colour_type, 1<<bdlo, 0,
interlace_type, 0, 0, 0);
- for (test=0; test<(sizeof error_test)/(sizeof error_test[0]); ++test)
+ for (test=0; test<ARRAY_SIZE(error_test); ++test)
{
make_error(&pm->this, colour_type, DEPTH(bdlo), interlace_type,
test, name);
@@ -10098,12 +10105,12 @@
/* Store the test gammas */
pm.gammas = gammas;
- pm.ngammas = (sizeof gammas) / (sizeof gammas[0]);
+ pm.ngammas = ARRAY_SIZE(gammas);
pm.ngamma_tests = 0; /* default to off */
/* And the test encodings */
pm.encodings = test_encodings;
- pm.nencodings = (sizeof test_encodings) / (sizeof test_encodings[0]);
+ pm.nencodings = ARRAY_SIZE(test_encodings);
pm.sbitlow = 8U; /* because libpng doesn't do sBIT below 8! */
diff --git a/pngread.c b/pngread.c
index f5ea01e..61077e9 100644
--- a/pngread.c
+++ b/pngread.c
@@ -1619,7 +1619,7 @@
/* But do not ignore image data handling chunks */
png_set_keep_unknown_chunks(png_ptr, PNG_HANDLE_CHUNK_AS_DEFAULT,
- chunks_to_process, (sizeof chunks_to_process)/5);
+ chunks_to_process, (int)/*SAFE*/(sizeof chunks_to_process)/5);
}
}
diff --git a/pngset.c b/pngset.c
index 502f4db..07d5eee 100644
--- a/pngset.c
+++ b/pngset.c
@@ -1329,7 +1329,7 @@
};
chunk_list = chunks_to_ignore;
- num_chunks = (sizeof chunks_to_ignore)/5;
+ num_chunks = (unsigned int)/*SAFE*/(sizeof chunks_to_ignore)/5U;
}
else /* num_chunks_in > 0 */