diff -ru4NwbB libpng-1.4.4/configure.ac libpng-1.4.5beta05/configure.ac --- libpng-1.4.4/configure.ac 2010-09-23 07:18:40.435665492 -0500 +++ libpng-1.4.5beta05/configure.ac 2010-11-20 17:30:23.153998406 -0600 @@ -15,20 +15,20 @@ dnl should not be necessary to regenerate configure if the time dnl stamps are correct AC_PREREQ(2.59) +AC_INIT([libpng], [1.4.5beta05], [png-mng-implement@lists.sourceforge.net]) +AM_INIT_AUTOMAKE +dnl stop configure from automagically running automake +AM_MAINTAINER_MODE + dnl Version number stuff here: PNGLIB_VERSION=1.4.5beta05 PNGLIB_MAJOR=1 -PNGLIB_MINOR=%RELEASE% +PNGLIB_MINOR=4 PNGLIB_RELEASE=%RELEASE% -AC_INIT([libpng], [1.4.5beta05], [png-mng-implement@lists.sourceforge.net]) -AM_INIT_AUTOMAKE -dnl stop configure from automagically running automake -AM_MAINTAINER_MODE - dnl End of version number stuff AC_CONFIG_SRCDIR([pngget.c]) AM_CONFIG_HEADER(config.h) diff -ru4NwbB libpng-1.4.4/contrib/pngminim/decoder/gather.sh libpng-1.4.5beta05/contrib/pngminim/decoder/gather.sh --- libpng-1.4.4/contrib/pngminim/decoder/gather.sh 2010-09-23 07:18:34.847974509 -0500 +++ libpng-1.4.5beta05/contrib/pngminim/decoder/gather.sh 2010-11-20 17:30:17.146244737 -0600 @@ -1,4 +1,6 @@ +#!/bin/sh + cp ../../pngminus/png2pnm.c pngm2pnm.c cp ../../../*.h . cp ../../../*.c . rm example.c pngtest.c pngpread.c pngw*.c diff -ru4NwbB libpng-1.4.4/contrib/pngminim/encoder/gather.sh libpng-1.4.5beta05/contrib/pngminim/encoder/gather.sh --- libpng-1.4.4/contrib/pngminim/encoder/gather.sh 2010-09-23 07:18:34.883308073 -0500 +++ libpng-1.4.5beta05/contrib/pngminim/encoder/gather.sh 2010-11-20 17:30:17.181254164 -0600 @@ -1,4 +1,6 @@ +#!/bin/sh + cp ../../pngminus/pnm2png.c pnm2pngm.c cp ../../../*.h . cp ../../../*.c . rm example.c pngtest.c pngr*.c pngpread.c diff -ru4NwbB libpng-1.4.4/contrib/pngminim/preader/gather.sh libpng-1.4.5beta05/contrib/pngminim/preader/gather.sh --- libpng-1.4.4/contrib/pngminim/preader/gather.sh 2010-09-23 07:18:34.918412952 -0500 +++ libpng-1.4.5beta05/contrib/pngminim/preader/gather.sh 2010-11-20 17:30:17.216201461 -0600 @@ -1,4 +1,6 @@ +#!/bin/sh + cp ../../gregbook/rpng2-x.c ../../gregbook/readpng2.[ch] . cp ../../gregbook/COPYING ../../gregbook/LICENSE . cp ../../../*.h . cp ../../../*.c . diff -ru4NwbB libpng-1.4.4/png.c libpng-1.4.5beta05/png.c --- libpng-1.4.4/png.c 2010-09-23 07:18:34.010735709 -0500 +++ libpng-1.4.5beta05/png.c 2010-11-20 17:30:16.286716146 -0600 @@ -18,12 +18,8 @@ /* Generate a compiler error if there is an old png.h in the search path. */ typedef version_%_VER_% Your_png_h_is_not_version_%_VER_%; -/* Version information for C files. This had better match the version - * string defined in png.h. - */ - /* Tells libpng that we have already handled the first "num_bytes" bytes * of the PNG file signature. If the PNG data is embedded into another * stream we can set num_bytes = 8 so that libpng will not attempt to read * or write any of the magic bytes before it starts on the IHDR. diff -ru4NwbB libpng-1.4.4/png.h libpng-1.4.5beta05/png.h --- libpng-1.4.4/png.h 2010-09-23 07:18:33.979216289 -0500 +++ libpng-1.4.5beta05/png.h 2010-11-20 17:30:16.252359440 -0600 @@ -145,9 +145,13 @@ * 1.4.3beta01-05 14 10403 14.so.14.3[.0] * 1.4.3rc01-03 14 10403 14.so.14.3[.0] * 1.4.3 14 10403 14.so.14.3[.0] * 1.4.4beta01-08 14 10404 14.so.14.4[.0] - * 1.4.4rc01-06 14 10404 14.so.14.4[.0] + * 1.4.4rc01-05 14 10404 14.so.14.4[.0] + * 1.4.4 14 10404 14.so.14.4[.0] + * 1.4.5beta01-04 14 10405 14.so.14.5[.0] + * 1.4.5rc01 14 10405 14.so.14.5[.0] + * 1.4.5beta05 14 10405 14.so.14.5[.0] * * Henceforth the source version will match the shared-library major * and minor numbers; the shared-library major version number will be * used for changes in backward compatibility, as it is intended. The @@ -2645,13 +2649,14 @@ ((png_uint_32)(*((buf) + 1)) << 16) + \ ((png_uint_32)(*((buf) + 2)) << 8) + \ ((png_uint_32)(*((buf) + 3)))) # define png_get_uint_16(buf) \ - (((png_uint_32)(*(buf)) << 8) + \ - ((png_uint_32)(*((buf) + 1)))) + ((png_uint_16) \ + (((unsigned int)(*(buf)) << 8) + \ + ((unsigned int)(*((buf) + 1))))) # define png_get_int_32(buf) \ ((png_int_32)((*(buf) & 0x80) \ - ? -((png_int_32)((png_get_uint_32(buf) ^ 0xffffffff)+1)) \ + ? -((png_int_32)((png_get_uint_32(buf) ^ 0xffffffffL) + 1)) \ : (png_int_32)png_get_uint_32(buf))) #else PNG_EXPORT(png_uint_32,png_get_uint_32) PNGARG((png_bytep buf)); PNG_EXPORT(png_uint_16,png_get_uint_16) PNGARG((png_bytep buf)); diff -ru4NwbB libpng-1.4.4/pngpriv.h libpng-1.4.5beta05/pngpriv.h --- libpng-1.4.4/pngpriv.h 2010-09-23 07:18:33.995408230 -0500 +++ libpng-1.4.5beta05/pngpriv.h 2010-11-20 17:30:16.270382722 -0600 @@ -289,8 +289,11 @@ /* Write the "data" buffer to whatever output you are using */ PNG_EXTERN void png_write_data PNGARG((png_structp png_ptr, png_bytep data, png_size_t length)); +/* Read and check the PNG file signature */ +PNG_EXTERN void png_read_sig PNGARG((png_structp png_ptr, png_infop info_ptr)); + /* Read the chunk header (length + type name) */ PNG_EXTERN png_uint_32 png_read_chunk_header PNGARG((png_structp png_ptr)); /* Read data from whatever input you are using into the "data" buffer */ diff -ru4NwbB libpng-1.4.4/pngread.c libpng-1.4.5beta05/pngread.c --- libpng-1.4.4/pngread.c 2010-09-23 07:18:34.048584617 -0500 +++ libpng-1.4.5beta05/pngread.c 2010-11-20 17:30:16.326896726 -0600 @@ -1,8 +1,8 @@ /* pngread.c - read a PNG file * - * Last changed in libpng 1.4.1 [February 25, 2010] + * Last changed in libpng 1.4.5 [November 20, 2010] * Copyright (c) 1998-2010 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * @@ -217,32 +217,10 @@ if (png_ptr == NULL || info_ptr == NULL) return; - /* If we haven't checked all of the PNG signature bytes, do so now. */ - if (png_ptr->sig_bytes < 8) - { - png_size_t num_checked = png_ptr->sig_bytes, - num_to_check = 8 - num_checked; - -#ifdef PNG_IO_STATE_SUPPORTED - png_ptr->io_state = PNG_IO_READING | PNG_IO_SIGNATURE; -#endif - - png_read_data(png_ptr, &(info_ptr->signature[num_checked]), num_to_check); - png_ptr->sig_bytes = 8; - - if (png_sig_cmp(info_ptr->signature, num_checked, num_to_check)) - { - if (num_checked < 4 && - png_sig_cmp(info_ptr->signature, num_checked, num_to_check - 4)) - png_error(png_ptr, "Not a PNG file"); - else - png_error(png_ptr, "PNG file corrupted by ASCII conversion"); - } - if (num_checked < 3) - png_ptr->mode |= PNG_HAVE_PNG_SIGNATURE; - } + /* Read and check the PNG file signature. */ + png_read_sig(png_ptr, info_ptr); for (;;) { PNG_IHDR; diff -ru4NwbB libpng-1.4.4/pngrio.c libpng-1.4.5beta05/pngrio.c --- libpng-1.4.4/pngrio.c 2010-09-23 07:18:34.053580443 -0500 +++ libpng-1.4.5beta05/pngrio.c 2010-11-20 17:30:16.332212287 -0600 @@ -1,8 +1,8 @@ /* pngrio.c - functions for data input * - * Last changed in libpng 1.4.1 [February 25, 2010] + * Last changed in libpng 1.4.5 [November 20, 2010] * Copyright (c) 1998-2010 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * diff -ru4NwbB libpng-1.4.4/pngrtran.c libpng-1.4.5beta05/pngrtran.c --- libpng-1.4.4/pngrtran.c 2010-09-23 07:18:34.068972033 -0500 +++ libpng-1.4.5beta05/pngrtran.c 2010-11-20 17:30:16.349332760 -0600 @@ -1,8 +1,8 @@ /* pngrtran.c - transforms the data in a row for PNG readers * - * Last changed in libpng 1.4.2 [May 6, 2010] + * Last changed in libpng 1.4.5 [November 20, 2010] * Copyright (c) 1998-2010 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * diff -ru4NwbB libpng-1.4.4/pngrutil.c libpng-1.4.5beta05/pngrutil.c --- libpng-1.4.4/pngrutil.c 2010-09-23 07:18:34.082843266 -0500 +++ libpng-1.4.5beta05/pngrutil.c 2010-11-20 17:30:16.364771552 -0600 @@ -1,8 +1,8 @@ /* pngrutil.c - utilities to read a PNG file * - * Last changed in libpng 1.4.4 [August 26, 2010] + * Last changed in libpng 1.4.5 [November 20, 2010] * Copyright (c) 1998-2010 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * @@ -29,48 +29,80 @@ return (i); } #ifndef PNG_USE_READ_MACROS /* Grab an unsigned 32-bit integer from a buffer in big-endian format. */ -png_uint_32 (PNGAPI -png_get_uint_32)(png_bytep buf) +png_uint_32 PNGAPI +png_get_uint_32(png_bytep buf) { - png_uint_32 i = - ((png_uint_32)(*(buf )) << 24) + - ((png_uint_32)(*(buf + 1)) << 16) + - ((png_uint_32)(*(buf + 2)) << 8) + - ((png_uint_32)(*(buf + 3)) ) ; + png_uint_32 uval = png_get_uint_32(buf); + if ((uval & 0x80000000L) == 0) /* non-negative */ + return uval; - return (i); + uval = (uval ^ 0xffffffffL) + 1; /* 2's complement: -x = ~x+1 */ + return -(png_int_32)uval; } /* Grab a signed 32-bit integer from a buffer in big-endian format. The * data is stored in the PNG file in two's complement format and there * is no guarantee that a 'png_int_32' is exactly 32 bits, therefore * the following code does a two's complement to native conversion. */ -png_int_32 (PNGAPI -png_get_int_32)(png_bytep buf) +png_int_32 PNGAPI +png_get_int_32(png_bytep buf) { - png_uint_32 u = png_get_uint_32(buf); - if ((u & 0x80000000) == 0) /* non-negative */ - return u; + png_uint_32 uval = png_get_uint_32(buf); + if ((uval & 0x80000000L) == 0) /* non-negative */ + return uval; - u = (u ^ 0xffffffff) + 1; /* 2's complement: -x = ~x+1 */ - return -(png_int_32)u; + uval = (uval ^ 0xffffffffL) + 1; /* 2's complement: -x = ~x+1 */ + return -(png_int_32)uval; } /* Grab an unsigned 16-bit integer from a buffer in big-endian format. */ -png_uint_16 (PNGAPI -png_get_uint_16)(png_bytep buf) +png_uint_16 PNGAPI +png_get_uint_16 (png_bytep buf) { - png_uint_16 i = - ((png_uint_32)(*buf) << 8) + - ((png_uint_32)(*(buf + 1))); + unsigned int val = + ((unsigned int)(*buf) << 8) + + ((unsigned int)(*(buf + 1))); - return (i); + return (png_uint_16)val; } #endif /* PNG_USE_READ_MACROS */ +/* Read and check the PNG file signature */ +void /* PRIVATE */ +png_read_sig(png_structp png_ptr, png_infop info_ptr) +{ + png_size_t num_checked, num_to_check; + + /* Exit if the user application does not expect a signature. */ + if (png_ptr->sig_bytes >= 8) + return; + + num_checked = png_ptr->sig_bytes; + num_to_check = 8 - num_checked; + +#ifdef PNG_IO_STATE_SUPPORTED + png_ptr->io_state = PNG_IO_READING | PNG_IO_SIGNATURE; +#endif + + /* The signature must be serialized in a single I/O call. */ + png_read_data(png_ptr, &(info_ptr->signature[num_checked]), num_to_check); + png_ptr->sig_bytes = 8; + + if (png_sig_cmp(info_ptr->signature, num_checked, num_to_check)) + { + if (num_checked < 4 && + png_sig_cmp(info_ptr->signature, num_checked, num_to_check - 4)) + png_error(png_ptr, "Not a PNG file"); + else + png_error(png_ptr, "PNG file corrupted by ASCII conversion"); + } + if (num_checked < 3) + png_ptr->mode |= PNG_HAVE_PNG_SIGNATURE; +} + /* Read the chunk header (length + type name). * Put the type name into png_ptr->chunk_name, and return the length. */ png_uint_32 /* PRIVATE */ @@ -79,34 +111,33 @@ png_byte buf[8]; png_uint_32 length; #ifdef PNG_IO_STATE_SUPPORTED - /* Inform the I/O callback that the chunk header is being read. - * PNG_IO_CHUNK_HDR requires a single I/O call. - */ png_ptr->io_state = PNG_IO_READING | PNG_IO_CHUNK_HDR; #endif - /* Read the length and the chunk name */ + /* Read the length and the chunk name. + * This must be performed in a single I/O call. + */ png_read_data(png_ptr, buf, 8); length = png_get_uint_31(png_ptr, buf); - /* Put the chunk name into png_ptr->chunk_name */ + /* Put the chunk name into png_ptr->chunk_name. */ png_memcpy(png_ptr->chunk_name, buf + 4, 4); png_debug2(0, "Reading %s chunk, length = %lu", png_ptr->chunk_name, length); - /* Reset the crc and run it over the chunk name */ + /* Reset the crc and run it over the chunk name. */ png_reset_crc(png_ptr); png_calculate_crc(png_ptr, png_ptr->chunk_name, 4); - /* Check to see if chunk name is valid */ + /* Check to see if chunk name is valid. */ png_check_chunk_name(png_ptr, png_ptr->chunk_name); #ifdef PNG_IO_STATE_SUPPORTED - /* Inform the I/O callback that chunk data will (possibly) be read. - * PNG_IO_CHUNK_DATA does NOT require a specific number of I/O calls. + /* It is unspecified how many I/O calls will be performed + * during the serialization of the chunk data. */ png_ptr->io_state = PNG_IO_READING | PNG_IO_CHUNK_DATA; #endif @@ -185,13 +216,12 @@ need_crc = 0; } #ifdef PNG_IO_STATE_SUPPORTED - /* Inform the I/O callback that the chunk CRC is being read */ - /* PNG_IO_CHUNK_CRC requires the I/O to be done at once */ png_ptr->io_state = PNG_IO_READING | PNG_IO_CHUNK_CRC; #endif + /* The chunk CRC must be serialized in a single I/O call. */ png_read_data(png_ptr, crc_bytes, 4); if (need_crc) { @@ -3108,19 +3138,12 @@ if (!(png_ptr->zstream.avail_in)) { while (!png_ptr->idat_size) { - png_byte chunk_length[4]; - png_crc_finish(png_ptr, 0); - - png_read_data(png_ptr, chunk_length, 4); - png_ptr->idat_size = png_get_uint_31(png_ptr, chunk_length); - png_reset_crc(png_ptr); - png_crc_read(png_ptr, png_ptr->chunk_name, 4); + png_ptr->idat_size = png_read_chunk_header(png_ptr); if (png_memcmp(png_ptr->chunk_name, png_IDAT, 4)) png_error(png_ptr, "Not enough image data"); - } png_ptr->zstream.avail_in = (uInt)png_ptr->zbuf_size; png_ptr->zstream.next_in = png_ptr->zbuf; if (png_ptr->zbuf_size > png_ptr->idat_size) diff -ru4NwbB libpng-1.4.4/pngset.c libpng-1.4.5beta05/pngset.c --- libpng-1.4.4/pngset.c 2010-09-23 07:18:34.091076135 -0500 +++ libpng-1.4.5beta05/pngset.c 2010-11-20 17:30:16.374001380 -0600 @@ -1,8 +1,8 @@ /* pngset.c - storage of image information into info struct * - * Last changed in libpng 1.4.1 [February 25, 2010] + * Last changed in libpng 1.4.5 [November 20, 2010] * Copyright (c) 1998-2010 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * @@ -689,8 +689,15 @@ if (text_ptr[i].key == NULL) continue; + if (text_ptr[i].compression < PNG_TEXT_COMPRESSION_NONE || + text_ptr[i].compression >= PNG_TEXT_COMPRESSION_LAST) + { + png_warning(png_ptr, "text compression mode is out of range"); + continue; + } + key_len = png_strlen(text_ptr[i].key); if (text_ptr[i].compression <= 0) { diff -ru4NwbB libpng-1.4.4/pngtest.c libpng-1.4.5beta05/pngtest.c --- libpng-1.4.4/pngtest.c 2010-09-23 07:18:34.100112193 -0500 +++ libpng-1.4.5beta05/pngtest.c 2010-11-20 17:30:16.383820392 -0600 @@ -1,8 +1,8 @@ /* pngtest.c - a simple test program to test libpng * - * Last changed in libpng 1.4.1 [February 25, 2010] + * Last changed in libpng 1.4.5 [November 20, 2010] * Copyright (c) 1998-2010 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * @@ -262,8 +262,50 @@ * read_data function and use it at run time with png_set_read_fn(), rather * than changing the library. */ +#ifdef PNG_IO_STATE_SUPPORTED +void +pngtest_check_io_state(png_structp png_ptr, png_size_t data_length, + png_uint_32 io_op); +void +pngtest_check_io_state(png_structp png_ptr, png_size_t data_length, + png_uint_32 io_op) +{ + png_uint_32 io_state = png_get_io_state(png_ptr); + int err = 0; + + /* Check if the current operation (reading / writing) is as expected. */ + if ((io_state & PNG_IO_MASK_OP) != io_op) + png_error(png_ptr, "Incorrect operation in I/O state"); + + /* Check if the buffer size specific to the current location + * (file signature / header / data / crc) is as expected. + */ + switch (io_state & PNG_IO_MASK_LOC) + { + case PNG_IO_SIGNATURE: + if (data_length > 8) + err = 1; + break; + case PNG_IO_CHUNK_HDR: + if (data_length != 8) + err = 1; + break; + case PNG_IO_CHUNK_DATA: + break; /* no restrictions here */ + case PNG_IO_CHUNK_CRC: + if (data_length != 4) + err = 1; + break; + default: + err = 1; /* uninitialized */ + } + if (err) + png_error(png_ptr, "Bad I/O state or buffer size"); +} +#endif + #ifndef USE_FAR_KEYWORD static void pngtest_read_data(png_structp png_ptr, png_bytep data, png_size_t length) { @@ -280,10 +322,14 @@ } if (check != length) { - png_error(png_ptr, "Read Error!"); + png_error(png_ptr, "Read Error"); } + +#ifdef PNG_IO_STATE_SUPPORTED + pngtest_check_io_state(png_ptr, length, PNG_IO_READING); +#endif } #else /* This is the model-independent version. Since the standard I/O library can't handle far buffers in the medium and small models, we have to copy @@ -327,9 +373,13 @@ } while (remaining != 0); } if (check != length) - png_error(png_ptr, "read Error"); + png_error(png_ptr, "Read Error"); + +#ifdef PNG_IO_STATE_SUPPORTED + pngtest_check_io_state(png_ptr, length, PNG_IO_READING); +#endif } #endif /* USE_FAR_KEYWORD */ #ifdef PNG_WRITE_FLUSH_SUPPORTED @@ -358,8 +408,12 @@ if (check != length) { png_error(png_ptr, "Write Error"); } + +#ifdef PNG_IO_STATE_SUPPORTED + pngtest_check_io_state(png_ptr, length, PNG_IO_WRITING); +#endif } #else /* This is the model-independent version. Since the standard I/O library can't handle far buffers in the medium and small models, we have to copy @@ -406,8 +460,12 @@ if (check != length) { png_error(png_ptr, "Write Error"); } + +#ifdef PNG_IO_STATE_SUPPORTED + pngtest_check_io_state(png_ptr, length, PNG_IO_WRITING); +#endif } #endif /* USE_FAR_KEYWORD */ /* This function is called when there is a warning, but the library thinks