diff -ru4NwbB libpng-1.4.12/configure.ac libpng-1.4.13beta03/configure.ac --- libpng-1.4.12/configure.ac 2012-07-09 19:38:27.680297736 -0500 +++ libpng-1.4.13beta03/configure.ac 2013-06-18 12:36:03.967122234 -0500 @@ -30,9 +30,9 @@ dnl End of version number stuff AC_CONFIG_SRCDIR([pngget.c]) -AM_CONFIG_HEADER(config.h) +AC_CONFIG_HEADERS([config.h]) # Checks for programs. AC_PROG_CC AC_PROG_LD diff -ru4NwbB libpng-1.4.12/contrib/gregbook/readpng.c libpng-1.4.13beta03/contrib/gregbook/readpng.c --- libpng-1.4.12/contrib/gregbook/readpng.c 2012-07-09 19:38:21.865278567 -0500 +++ libpng-1.4.13beta03/contrib/gregbook/readpng.c 2013-06-18 12:35:57.479785194 -0500 @@ -213,8 +213,12 @@ /* setjmp() must be called in every function that calls a PNG-reading * libpng function */ if (setjmp(png_jmpbuf(png_ptr))) { + free(image_data); + image_data = NULL; + free(row_pointers); + row_pointers = NULL; png_destroy_read_struct(&png_ptr, &info_ptr, NULL); return NULL; } diff -ru4NwbB libpng-1.4.12/contrib/pngminim/encoder/README libpng-1.4.13beta03/contrib/pngminim/encoder/README --- libpng-1.4.12/contrib/pngminim/encoder/README 2012-07-09 19:38:22.457063684 -0500 +++ libpng-1.4.13beta03/contrib/pngminim/encoder/README 2013-06-18 12:35:58.207409671 -0500 @@ -1,9 +1,10 @@ This demonstrates the use of PNG_USER_CONFIG and pngusr.h -To build a minimal write-only decoder with embedded libpng and zlib, run +The makefile builds a minimal write-only encoder with embedded libpng +and zlib. - gather.sh # to collect needed files from pngminus, libpng, and zlib - make +Specify the location of the zlib source (1.2.1 or later) as ZLIBSRC +on the make command line. If you prefer to use the shared libraries, go to contrib/pngminus and build the pnm2png application there. diff -ru4NwbB libpng-1.4.12/png.h libpng-1.4.13beta03/png.h --- libpng-1.4.12/png.h 2012-07-09 19:38:21.563699618 -0500 +++ libpng-1.4.13beta03/png.h 2013-06-18 12:35:57.102137546 -0500 @@ -169,8 +169,9 @@ * 1.4.10 14 10410 14.so.14.10[.0] * 1.4.11rc01 14 10411 14.so.14.11[.0] * 1.4.11 14 10411 14.so.14.11[.0] * 1.4.12 14 10412 14.so.14.12[.0] + * 1.4.13beta01-03 14 10413 14.so.14.13[.0] * * Henceforth the source version will match the shared-library major * and minor numbers; the shared-library major version number will be * used for changes in backward compatibility, as it is intended. The diff -ru4NwbB libpng-1.4.12/pngconf.h libpng-1.4.13beta03/pngconf.h --- libpng-1.4.12/pngconf.h 2012-07-09 19:38:21.573644597 -0500 +++ libpng-1.4.13beta03/pngconf.h 2013-06-18 12:35:57.112482133 -0500 @@ -745,9 +745,9 @@ /* Added at libpng-1.2.43. To accept all valid PNGs no matter * how large, set these two limits to 0. */ #ifndef PNG_USER_CHUNK_CACHE_MAX -# define PNG_USER_CHUNK_CACHE_MAX 0 +# define PNG_USER_CHUNK_CACHE_MAX 32767 #endif /* Added at libpng-1.2.43 */ #ifndef PNG_USER_CHUNK_MALLOC_MAX @@ -1388,31 +1388,25 @@ # endif # ifndef PNG_NORETURN # define PNG_NORETURN __attribute__((__noreturn__)) # endif +# if __GNUC__ >= 3 # ifndef PNG_ALLOCATED # define PNG_ALLOCATED __attribute__((__malloc__)) # endif # ifndef PNG_DEPRECATED # define PNG_DEPRECATED __attribute__((__deprecated__)) # endif - - /* This specifically protects structure members that should only be - * accessed from within the library, therefore should be empty during - * a library build. - */ -# ifndef PNG_DEPSTRUCT -# define PNG_DEPSTRUCT __attribute__((__deprecated__)) -# endif # ifndef PNG_PRIVATE # if 0 /* Doesn't work so we use deprecated instead*/ # define PNG_PRIVATE \ __attribute__((warning("This function is not exported by libpng."))) # else # define PNG_PRIVATE \ __attribute__((__deprecated__)) # endif -# endif /* PNG_PRIVATE */ +# endif +# endif /* __GNUC__ >= 3 */ # endif /* __GNUC__ */ #endif /* PNG_PEDANTIC_WARNINGS */ #ifndef PNG_DEPRECATED diff -ru4NwbB libpng-1.4.12/pngset.c libpng-1.4.13beta03/pngset.c --- libpng-1.4.12/pngset.c 2012-07-09 19:38:21.687333269 -0500 +++ libpng-1.4.13beta03/pngset.c 2013-06-18 12:35:57.230522934 -0500 @@ -1,9 +1,9 @@ /* pngset.c - storage of image information into info struct * - * Last changed in libpng 1.4.11 [March 29, 2012] - * Copyright (c) 1998-2012 Glenn Randers-Pehrson + * Last changed in libpng 1.4.13 [June 18, 2013] + * Copyright (c) 1998-2013 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * * This code is released under the libpng license. @@ -249,17 +249,8 @@ if (info_ptr->color_type & PNG_COLOR_MASK_ALPHA) info_ptr->channels++; info_ptr->pixel_depth = (png_byte)(info_ptr->channels * info_ptr->bit_depth); - /* Check for potential overflow */ - if (width > (PNG_UINT_32_MAX - >> 3) /* 8-byte RGBA pixels */ - - 64 /* bigrowbuf hack */ - - 1 /* filter byte */ - - 7*8 /* rounding of width to multiple of 8 pixels */ - - 8) /* extra max_pixel_depth pad */ - info_ptr->rowbytes = 0; - else info_ptr->rowbytes = PNG_ROWBYTES(info_ptr->pixel_depth, width); } #ifdef PNG_oFFs_SUPPORTED @@ -835,8 +826,14 @@ if (png_ptr == NULL || info_ptr == NULL) return; + if (num_trans < 0 || num_trans > PNG_MAX_PALETTE_LENGTH) + { + png_warning(png_ptr, "Ignoring invalid num_trans value"); + return; + } + if (trans_alpha != NULL) { /* It may not actually be necessary to set png_ptr->trans_alpha here; * we do it for backward compatibility with the way the png_handle_tRNS