Imported from libpng-1.2.11beta2cos.tar
diff --git a/CHANGES b/CHANGES
index f51e30c..eec7669 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1576,10 +1576,14 @@
buffer overflow.
Fixed bug in example.c (png_set_palette_rgb -> png_set_palette_to_rgb))
-Send comments/corrections/commendations to png-mng-implement at lists.sf.net
-(subscription required; visit
-https://lists.sourceforge.net/lists/listinfo/png-mng-implement
-to subscribe)
-or to glennrp at users.sourceforge.net
-
-Glenn R-P
+version 1.2.11beta2-cos [June 4, 2006]
+ Prepended "#! /bin/sh" to ltmail.sh and contrib/pngminus/*.sh (Cosmin).
+ Removed the accidental leftover Makefile.in~ (Cosmin).
+ Removed the include directories and libraries from CFLAGS and LDFLAGS
+ in scripts/makefile.gcc (Nelson A. de Oliveira, Cosmin).
+ Exported png_write_sig (Cosmin).
+ Optimized buffer in png_handle_cHRM() (Cosmin).
+ Avoided potential buffer overflow and optimized buffer in
+ png_write_sCAL(), png_write_sCAL_s() (Cosmin).
+ Set pHYs = 2835 x 2835 pixels per meter, and added
+ sCAL = 0.352778e-3 x 0.352778e-3 meters, in pngtest.png (Cosmin).
diff --git a/contrib/gregbook/makevms.com b/contrib/gregbook/makevms.com
old mode 100644
new mode 100755
diff --git a/contrib/pngminus/makevms.com b/contrib/pngminus/makevms.com
old mode 100644
new mode 100755
diff --git a/contrib/pngminus/png2pnm.bat b/contrib/pngminus/png2pnm.bat
old mode 100644
new mode 100755
diff --git a/contrib/pngminus/png2pnm.sh b/contrib/pngminus/png2pnm.sh
old mode 100644
new mode 100755
index 854313b..b1c0537
--- a/contrib/pngminus/png2pnm.sh
+++ b/contrib/pngminus/png2pnm.sh
@@ -1,3 +1,4 @@
+#!/bin/sh
# -- grayscale
./png2pnm -noraw ../pngsuite/basn0g01.png basn0g01.pgm
./png2pnm -noraw ../pngsuite/basn0g02.png basn0g02.pgm
diff --git a/contrib/pngminus/pngminus.bat b/contrib/pngminus/pngminus.bat
old mode 100644
new mode 100755
diff --git a/contrib/pngminus/pngminus.sh b/contrib/pngminus/pngminus.sh
old mode 100644
new mode 100755
index 6b2d8c5..2a0a9d8
--- a/contrib/pngminus/pngminus.sh
+++ b/contrib/pngminus/pngminus.sh
@@ -1,3 +1,4 @@
+#!/bin/sh
make -f makefile.std
sh png2pnm.sh
sh pnm2png.sh
diff --git a/contrib/pngminus/pnm2png.bat b/contrib/pngminus/pnm2png.bat
old mode 100644
new mode 100755
diff --git a/contrib/pngminus/pnm2png.sh b/contrib/pngminus/pnm2png.sh
old mode 100644
new mode 100755
index 5afda9f..d79df2f
--- a/contrib/pngminus/pnm2png.sh
+++ b/contrib/pngminus/pnm2png.sh
@@ -1,3 +1,4 @@
+#!/bin/sh
# -- grayscale
./pnm2png basn0g01.pgm basn0g01.png
./pnm2png basn0g02.pgm basn0g02.png
diff --git a/libpng.3 b/libpng.3
index 2827160..99824a6 100644
--- a/libpng.3
+++ b/libpng.3
@@ -802,6 +802,10 @@
\fI\fB
+\fBvoid png_write_sig (png_structp \fIpng_ptr\fP\fB);\fP
+
+\fI\fB
+
\fBvoidpf png_zalloc (voidpf \fP\fIpng_ptr\fP\fB, uInt \fP\fIitems\fP\fB, uInt \fIsize\fP\fB);\fP
\fI\fB
diff --git a/libpngpf.3 b/libpngpf.3
index f31ec28..0618cc7 100644
--- a/libpngpf.3
+++ b/libpngpf.3
@@ -711,12 +711,6 @@
\fI\fB
-\fBvoid png_write_sig (png_structp \fIpng_ptr\fP\fB);\fP
-
-\fI\fB
-
-\fI\fB
-
\fBvoid png_write_sRGB (png_structp \fP\fIpng_ptr\fP\fB, int \fIintent\fP\fB);\fP
\fI\fB
diff --git a/ltmain.sh b/ltmain.sh
old mode 100644
new mode 100755
index f7a83f4..3ff0776
--- a/ltmain.sh
+++ b/ltmain.sh
@@ -1,3 +1,4 @@
+#! /bin/sh
# ltmain.sh - Provide generalized library-building support services.
# NOTE: Changing this file will not affect anything until you rerun configure.
#
diff --git a/png.h b/png.h
index 6c362a0..c1b005c 100644
--- a/png.h
+++ b/png.h
@@ -1434,6 +1434,9 @@
png_malloc_ptr malloc_fn, png_free_ptr free_fn));
#endif
+/* Write the PNG file signature. */
+extern PNG_EXPORT(void,png_write_sig) PNGARG((png_structp png_ptr));
+
/* Write a PNG chunk - size, type, (optional) data, CRC. */
extern PNG_EXPORT(void,png_write_chunk) PNGARG((png_structp png_ptr,
png_bytep chunk_name, png_bytep data, png_size_t length));
@@ -2955,9 +2958,6 @@
PNG_EXTERN void png_flush PNGARG((png_structp png_ptr));
#endif
-/* simple function to write the signature */
-PNG_EXTERN void png_write_sig PNGARG((png_structp png_ptr));
-
/* write various chunks */
/* Write the IHDR chunk, and update the png_struct with the necessary
diff --git a/pngrutil.c b/pngrutil.c
index b5286e4..b486ad2 100644
--- a/pngrutil.c
+++ b/pngrutil.c
@@ -715,7 +715,7 @@
void /* PRIVATE */
png_handle_cHRM(png_structp png_ptr, png_infop info_ptr, png_uint_32 length)
{
- png_byte buf[4];
+ png_byte buf[32];
#ifdef PNG_FLOATING_POINT_SUPPORTED
float white_x, white_y, red_x, red_y, green_x, green_y, blue_x, blue_y;
#endif
@@ -756,62 +756,46 @@
return;
}
- png_crc_read(png_ptr, buf, 4);
+ png_crc_read(png_ptr, buf, 32);
+ if (png_crc_finish(png_ptr, 0))
+ return;
+
uint_x = png_get_uint_32(buf);
-
- png_crc_read(png_ptr, buf, 4);
- uint_y = png_get_uint_32(buf);
-
+ uint_y = png_get_uint_32(buf + 4);
if (uint_x > 80000L || uint_y > 80000L ||
uint_x + uint_y > 100000L)
{
png_warning(png_ptr, "Invalid cHRM white point");
- png_crc_finish(png_ptr, 24);
return;
}
int_x_white = (png_fixed_point)uint_x;
int_y_white = (png_fixed_point)uint_y;
- png_crc_read(png_ptr, buf, 4);
- uint_x = png_get_uint_32(buf);
-
- png_crc_read(png_ptr, buf, 4);
- uint_y = png_get_uint_32(buf);
-
+ uint_x = png_get_uint_32(buf + 8);
+ uint_y = png_get_uint_32(buf + 12);
if (uint_x + uint_y > 100000L)
{
png_warning(png_ptr, "Invalid cHRM red point");
- png_crc_finish(png_ptr, 16);
return;
}
int_x_red = (png_fixed_point)uint_x;
int_y_red = (png_fixed_point)uint_y;
- png_crc_read(png_ptr, buf, 4);
- uint_x = png_get_uint_32(buf);
-
- png_crc_read(png_ptr, buf, 4);
- uint_y = png_get_uint_32(buf);
-
+ uint_x = png_get_uint_32(buf + 16);
+ uint_y = png_get_uint_32(buf + 20);
if (uint_x + uint_y > 100000L)
{
png_warning(png_ptr, "Invalid cHRM green point");
- png_crc_finish(png_ptr, 8);
return;
}
int_x_green = (png_fixed_point)uint_x;
int_y_green = (png_fixed_point)uint_y;
- png_crc_read(png_ptr, buf, 4);
- uint_x = png_get_uint_32(buf);
-
- png_crc_read(png_ptr, buf, 4);
- uint_y = png_get_uint_32(buf);
-
+ uint_x = png_get_uint_32(buf + 24);
+ uint_y = png_get_uint_32(buf + 28);
if (uint_x + uint_y > 100000L)
{
png_warning(png_ptr, "Invalid cHRM blue point");
- png_crc_finish(png_ptr, 0);
return;
}
int_x_blue = (png_fixed_point)uint_x;
@@ -829,7 +813,7 @@
#endif
#if defined(PNG_READ_sRGB_SUPPORTED)
- if (info_ptr != NULL && (info_ptr->valid & PNG_INFO_sRGB))
+ if ((info_ptr != NULL) && (info_ptr->valid & PNG_INFO_sRGB))
{
if (PNG_OUT_OF_RANGE(int_x_white, 31270, 1000) ||
PNG_OUT_OF_RANGE(int_y_white, 32900, 1000) ||
@@ -840,7 +824,6 @@
PNG_OUT_OF_RANGE(int_x_blue, 15000, 1000) ||
PNG_OUT_OF_RANGE(int_y_blue, 6000, 1000))
{
-
png_warning(png_ptr,
"Ignoring incorrect cHRM value when sRGB is also present");
#ifndef PNG_NO_CONSOLE_IO
@@ -857,7 +840,6 @@
#endif
#endif /* PNG_NO_CONSOLE_IO */
}
- png_crc_finish(png_ptr, 0);
return;
}
#endif /* PNG_READ_sRGB_SUPPORTED */
@@ -871,8 +853,6 @@
int_x_white, int_y_white, int_x_red, int_y_red, int_x_green,
int_y_green, int_x_blue, int_y_blue);
#endif
- if (png_crc_finish(png_ptr, 0))
- return;
}
#endif
diff --git a/pngtest.png b/pngtest.png
index f3a6df4..3776e6c 100644
--- a/pngtest.png
+++ b/pngtest.png
Binary files differ
diff --git a/pngwutil.c b/pngwutil.c
index 82bf58a..d989aa8 100644
--- a/pngwutil.c
+++ b/pngwutil.c
@@ -49,6 +49,23 @@
buf[1] = (png_byte)(i & 0xff);
}
+/* Simple function to write the signature. If we have already written
+ * the magic bytes of the signature, or more likely, the PNG stream is
+ * being embedded into another stream and doesn't need its own signature,
+ * we should call png_set_sig_bytes() to tell libpng how many of the
+ * bytes have already been written.
+ */
+void PNGAPI
+png_write_sig(png_structp png_ptr)
+{
+ png_byte png_signature[8] = {137, 80, 78, 71, 13, 10, 26, 10};
+ /* write the rest of the 8 byte signature */
+ png_write_data(png_ptr, &png_signature[png_ptr->sig_bytes],
+ (png_size_t)8 - png_ptr->sig_bytes);
+ if(png_ptr->sig_bytes < 3)
+ png_ptr->mode |= PNG_HAVE_PNG_SIGNATURE;
+}
+
/* Write a PNG chunk all at once. The type is an array of ASCII characters
* representing the chunk name. The array must be at least 4 bytes in
* length, and does not need to be null terminated. To be safe, pass the
@@ -117,23 +134,6 @@
png_write_data(png_ptr, buf, (png_size_t)4);
}
-/* Simple function to write the signature. If we have already written
- * the magic bytes of the signature, or more likely, the PNG stream is
- * being embedded into another stream and doesn't need its own signature,
- * we should call png_set_sig_bytes() to tell libpng how many of the
- * bytes have already been written.
- */
-void /* PRIVATE */
-png_write_sig(png_structp png_ptr)
-{
- png_byte png_signature[8] = {137, 80, 78, 71, 13, 10, 26, 10};
- /* write the rest of the 8 byte signature */
- png_write_data(png_ptr, &png_signature[png_ptr->sig_bytes],
- (png_size_t)8 - png_ptr->sig_bytes);
- if(png_ptr->sig_bytes < 3)
- png_ptr->mode |= PNG_HAVE_PNG_SIGNATURE;
-}
-
#if defined(PNG_WRITE_TEXT_SUPPORTED) || defined(PNG_WRITE_iCCP_SUPPORTED)
/*
* This pair of functions encapsulates the operation of (a) compressing a
@@ -1567,39 +1567,41 @@
/* write the sCAL chunk */
#if defined(PNG_FLOATING_POINT_SUPPORTED) && !defined(PNG_NO_STDIO)
void /* PRIVATE */
-png_write_sCAL(png_structp png_ptr, int unit, double width,double height)
+png_write_sCAL(png_structp png_ptr, int unit, double width, double height)
{
#ifdef PNG_USE_LOCAL_ARRAYS
PNG_sCAL;
#endif
+ char buf[64];
png_size_t total_len;
- char wbuf[32], hbuf[32];
- png_byte bunit = (png_byte)unit;
png_debug(1, "in png_write_sCAL\n");
+ buf[0] = (char)unit;
#if defined(_WIN32_WCE)
/* sprintf() function is not supported on WindowsCE */
{
wchar_t wc_buf[32];
+ size_t wc_len;
swprintf(wc_buf, TEXT("%12.12e"), width);
- WideCharToMultiByte(CP_ACP, 0, wc_buf, -1, wbuf, 32, NULL, NULL);
+ wc_len = wcslen(wc_buf);
+ WideCharToMultiByte(CP_ACP, 0, wc_buf, -1, buf + 1, wc_len, NULL, NULL);
+ total_len = wc_len + 2;
swprintf(wc_buf, TEXT("%12.12e"), height);
- WideCharToMultiByte(CP_ACP, 0, wc_buf, -1, hbuf, 32, NULL, NULL);
+ wc_len = wcslen(wc_buf);
+ WideCharToMultiByte(CP_ACP, 0, wc_buf, -1, buf + total_len, wc_len,
+ NULL, NULL);
+ total_len += wc_len;
}
#else
- sprintf(wbuf, "%12.12e", width);
- sprintf(hbuf, "%12.12e", height);
+ sprintf(buf + 1, "%12.12e", width);
+ total_len = 1 + png_strlen(buf + 1) + 1;
+ sprintf(buf + total_len, "%12.12e", height);
+ total_len += png_strlen(buf + total_len);
#endif
- total_len = 1 + png_strlen(wbuf)+1 + png_strlen(hbuf);
- png_debug1(3, "sCAL total length = %d\n", (int)total_len);
- png_write_chunk_start(png_ptr, (png_bytep)png_sCAL, (png_uint_32)total_len);
- png_write_chunk_data(png_ptr, (png_bytep)&bunit, 1);
- png_write_chunk_data(png_ptr, (png_bytep)wbuf, png_strlen(wbuf)+1);
- png_write_chunk_data(png_ptr, (png_bytep)hbuf, png_strlen(hbuf));
-
- png_write_chunk_end(png_ptr);
+ png_debug1(3, "sCAL total length = %u\n", (unsigned int)total_len);
+ png_write_chunk(png_ptr, (png_bytep)png_sCAL, (png_bytep)buf, total_len);
}
#else
#ifdef PNG_FIXED_POINT_SUPPORTED
@@ -1610,23 +1612,26 @@
#ifdef PNG_USE_LOCAL_ARRAYS
PNG_sCAL;
#endif
- png_size_t total_len;
- char wbuf[32], hbuf[32];
- png_byte bunit = unit;
+ png_byte buf[64];
+ png_size_t wlen, hlen, total_len;
png_debug(1, "in png_write_sCAL_s\n");
- png_strcpy(wbuf,(const char *)width);
- png_strcpy(hbuf,(const char *)height);
- total_len = 1 + png_strlen(wbuf)+1 + png_strlen(hbuf);
+ wlen = png_strlen(width);
+ hlen = png_strlen(height);
+ total_len = wlen + hlen + 2;
+ if (total_len > 64)
+ {
+ png_warning(png_ptr, "Can't write sCAL (buffer too small)");
+ return;
+ }
- png_debug1(3, "sCAL total length = %d\n", total_len);
- png_write_chunk_start(png_ptr, (png_bytep)png_sCAL, (png_uint_32)total_len);
- png_write_chunk_data(png_ptr, (png_bytep)&bunit, 1);
- png_write_chunk_data(png_ptr, (png_bytep)wbuf, png_strlen(wbuf)+1);
- png_write_chunk_data(png_ptr, (png_bytep)hbuf, png_strlen(hbuf));
+ buf[0] = (png_byte)unit;
+ png_memcpy(buf + 1, width, wlen + 1); /* append the '\0' here */
+ png_memcpy(buf + wlen + 2, height, hlen); /* do NOT append the '\0' here */
- png_write_chunk_end(png_ptr);
+ png_debug1(3, "sCAL total length = %u\n", (unsigned int)total_len);
+ png_write_chunk(png_ptr, (png_bytep)png_sCAL, buf, total_len);
}
#endif
#endif
diff --git a/scripts/libpng-config-body.in b/scripts/libpng-config-body.in
old mode 100755
new mode 100644
diff --git a/scripts/makefile.gcc b/scripts/makefile.gcc
index 22daedd..e899b10 100644
--- a/scripts/makefile.gcc
+++ b/scripts/makefile.gcc
@@ -18,34 +18,47 @@
LDDEBUG =
CRELEASE = -O2
LDRELEASE = -s
-CFLAGS = -I$(ZLIBINC) -Wall $(CRELEASE)
-LDFLAGS = -L. -L$(ZLIBLIB) -lpng -lz -lm $(LDRELEASE)
+#CFLAGS = -Wall $(CDEBUG)
+CFLAGS = -Wall $(CRELEASE)
+#LDFLAGS = $(LDDEBUG)
+LDFLAGS = $(LDRELEASE)
+LIBS = -lz -lm
# File extensions
O=.o
A=.a
-E=
+EXE=
# Variables
OBJS = png$(O) pngerror$(O) pngget$(O) pngmem$(O) pngpread$(O) \
- pngread$(O) pngrio$(O) pngrtran$(O) pngrutil$(O) pngset$(O) \
- pngtrans$(O) pngwio$(O) pngwrite$(O) pngwtran$(O) pngwutil$(O)
+ pngread$(O) pngrio$(O) pngrtran$(O) pngrutil$(O) pngset$(O) \
+ pngtrans$(O) pngwio$(O) pngwrite$(O) pngwtran$(O) pngwutil$(O)
# Targets
-all: libpng$(A) pngtest$(E)
+all: static
+
+.c$(O):
+ $(CC) -c $(CFLAGS) -I$(ZLIBINC) $<
+
+static: libpng$(A) pngtest$(EXE)
+
+shared:
+ @echo This is a generic makefile that cannot create shared libraries.
+ @echo Please use a configuration that is specific to your platform.
+ @false
libpng$(A): $(OBJS)
$(AR_RC) $@ $(OBJS)
$(RANLIB) $@
-test: pngtest$(E)
- ./pngtest$(E)
+test: pngtest$(EXE)
+ ./pngtest$(EXE)
-pngtest$(E): pngtest$(O) libpng$(A)
- $(LD) -o $@ pngtest$(O) $(LDFLAGS)
+pngtest$(EXE): pngtest$(O) libpng$(A)
+ $(LD) $(LDFLAGS) -L$(ZLIBLIB) -o $@ pngtest$(O) libpng$(A) $(LIBS)
clean:
- $(RM_F) *$(O) libpng$(A) pngtest$(E) pngout.png
+ $(RM_F) *$(O) libpng$(A) pngtest$(EXE) pngout.png
png$(O): png.h pngconf.h
pngerror$(O): png.h pngconf.h
diff --git a/scripts/makevms.com b/scripts/makevms.com
old mode 100644
new mode 100755
diff --git a/scripts/pngos2.def b/scripts/pngos2.def
index 228b18c..69af507 100644
--- a/scripts/pngos2.def
+++ b/scripts/pngos2.def
@@ -223,6 +223,9 @@
png_get_uint_31
png_set_expand_gray_1_2_4_to_8
+; Added at version 1.2.11
+ png_write_sig
+
; These are not present when libpng is compiled with PNG_NO_GLOBAL_ARRAYS
png_libpng_ver
png_pass_start
diff --git a/scripts/pngw32.def b/scripts/pngw32.def
index c0569c6..f999d3b 100644
--- a/scripts/pngw32.def
+++ b/scripts/pngw32.def
@@ -234,3 +234,5 @@
png_save_int_32 @205
png_get_uint_31 @206
png_set_expand_gray_1_2_4_to_8 @207
+; Added at version 1.2.11
+ png_write_sig @208
