AuroraMiddleware/libpng
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
2,741 Commits 1 Branch 0 Tags 22 MiB
2705f55221
Commit Graph

1787 Commits

Author SHA1 Message Date
Glenn Randers-Pehrson
2705f55221 [libpng16] Bump version to 1.6.25beta02 2016-08-12 07:05:46 -05:00
Glenn Randers-Pehrson
8ff2ed2fe1 [libng16] Conditionally compile png_inflate(). It's not needed for iCCP 
chunk reading.
 2016-08-11 20:13:33 -05:00
Glenn Randers-Pehrson
6bdaf38d12 [libpng16] Revert change to png_malloc_array(). It's not needed 
now that iCCP profile_length honors PNG_USER_CHUNK_MALLOC_MAX.
 2016-08-10 22:26:12 -05:00
Glenn Randers-Pehrson
e018ab98be Merge branch 'libpng16' of git://github.com/jbowler/libpng into libpng16 2016-08-10 20:49:48 -05:00
John Bowler
92a7c79db2 [libpng16] Reject oversized iCCP profile length 
The code now validates the ICC profile length against the user chunk limit
before the buffer is allocated, as opposed to doing it while the buffer is read.

This removes the potential to consume virtual address space with a carefully
crafted ICC profile; only an issue on 32-bit systems where a valid profile can
be up to 2^32-4 bytes in length.  libpng never writes beyond the application
supplied limit, but previously it did allocate a buffer of the size specified in
the profile header.  The exploitability of this is almost zero; the address
space is released as soon as the PNG read completes.

Also clean up PNG_DEBUG compile of pngtest.c.

Signed-off-by: John Bowler <jbowler@acm.org>
 2016-08-10 15:35:09 -07:00
Glenn Randers-Pehrson
19fefd3a4b [libpng16] Return NULL from png_malloc_array() with a warning instead of calling 
png_error() on failure.  Reject oversized iCCP profile immediately.
 2016-08-10 12:09:22 -05:00
Glenn Randers-Pehrson
cdc0e74ee6 [libpng16] Bump version to 1.6.25beta01 2016-08-03 21:59:27 -05:00
Glenn Randers-Pehrson
b50d5cea2b [libpng16] Imported from libpng-1.6.24.tar 2016-08-03 21:32:26 -05:00
Glenn Randers-Pehrson
3d3c23b39f [libpng16] Bump version to 1.6.24rc04 2016-08-02 12:58:15 -05:00
Glenn Randers-Pehrson
96db0fff50 [libpng16] Conditionally compile ARM_NEON headers in pngpriv.h 
Updated contrib/intel/intel_sse.patch
 2016-08-02 09:31:05 -05:00
Glenn Randers-Pehrson
99663e95f8 [libpng16] Bump version to 1.6.24rc03 2016-08-01 18:00:51 -05:00
Glenn Randers-Pehrson
8d091a640b [libpng16] Conditionally compile png_decompress_chunk(). 2016-08-01 17:50:42 -05:00
Glenn Randers-Pehrson
2c0b7a8ff6 [libpng16] Conditionally compile SSE2 headers in contrib/intel/intel_sse.patch 2016-07-31 21:22:06 -05:00
Glenn Randers-Pehrson
faa3e537e1 [libpng16] Imported from libpng-1.6.24rc01.tar 2016-07-25 07:53:38 -05:00
Glenn Randers-Pehrson
d1f9149d8a [libpng16] Bump version to 1.6.24beta07 2016-07-19 17:01:50 -05:00
Glenn Randers-Pehrson
ee079481c9 [libpng16] Imported from libpng-1.6.24beta06.tar 2016-07-19 17:00:00 -05:00
Glenn Randers-Pehrson
639b48625f [libpng16] Eliminated unnecessary tests of boolean png_isaligned() vs 0. 2016-07-15 17:22:10 -05:00
Glenn Randers-Pehrson
dd70604cec [libpng16] Fixed more indentation 2016-07-15 11:20:46 -05:00
Glenn Randers-Pehrson
34c783e2fe [libpng16] Fix permission on reindent; add license info to contrib/tools/chkfmt 2016-07-14 18:53:30 -05:00
Glenn Randers-Pehrson
baed0e32f9 [libpng16] Bump version to 1.6.24beta06 2016-07-14 09:55:45 -05:00
Glenn Randers-Pehrson
192e92d681 [libpng16] Fixed some indentation to comply with our coding style. 2016-07-13 14:43:42 -05:00
Glenn Randers-Pehrson
1b9f4817c8 [libpng16] Bump version to 1.6.24beta05 2016-07-08 10:14:50 -05:00
Glenn Randers-Pehrson
d9940f6207 [libpng16] Imported from libpng-1.6.24beta04.tar 2016-07-08 10:14:42 -05:00
Glenn Randers-Pehrson
f7d5419816 [libpng16] Avoid filter-selection heuristic sum calculations in cases where 
only one filter is a candidate for selection. This trades off code size (added
png_setup_*_row_only() functions) for speed.
 2016-07-08 10:09:25 -05:00
Glenn Randers-Pehrson
66f796e74c [libpng16] Imported from libpng-1.6.24beta03.tar 2016-07-04 09:55:12 -05:00
Glenn Randers-Pehrson
a3eac818d5 [libpng16] Update CHANGES and ANNOUNCE 2016-07-03 18:10:21 -05:00
Glenn Randers-Pehrson
2c21a4778d [libpng16] Relocated misplaced #endif in png.c sRGB profile checking. 2016-07-02 21:17:56 -05:00
Glenn Randers-Pehrson
11c88033d4 [libpng16] Added "Common linking failures" section to INSTALL 2016-07-02 14:29:29 -05:00
Glenn Randers-Pehrson
b733c50bc0 [libpng16] Updated CHANGES and ANNOUNCE 2016-07-01 18:42:07 -05:00
Glenn Randers-Pehrson
d9779744f9 [libpng16] Optimized absolute value calculation in filter selection, similar to 
code in the PAETH decoder in pngrutil.c. Build with PNG_USE_ABS to use this.
 2016-06-29 21:53:57 -05:00
Glenn Randers-Pehrson
d43f93ff93 [libpng16] Bump version to 1.6.24beta03 2016-06-23 11:27:12 -05:00
Glenn Randers-Pehrson
3f2879bf60 [libpng16] Imported from libpng-1.6.24beta02.tar 2016-06-23 11:26:59 -05:00
Glenn Randers-Pehrson
ee1e535298 [libpng16] Bump version to 1.6.24beta03 2016-06-23 11:08:14 -05:00
John Bowler
da2ba024a5 [libpng16] Update CHANGES and ANNOUNCE 2016-06-23 10:51:44 -05:00
Glenn Randers-Pehrson
6c7c5a04b8 [libpng16] More efficient absolute value calculation on SSE2 (Matthieu Darbois). 2016-06-20 08:28:34 -05:00
Glenn Randers-Pehrson
147dc568da [libpng16] Backed out previous optimization; the compiler should handle that. 2016-06-19 22:20:52 -05:00
Glenn Randers-Pehrson
29135161d7 [libpng16] Avoid filter-selection heuristic sum calculations in cases where 
only one filter is a candidate for selection. This trades off code size (added
png_setup_*_row_only() functions) for speed.
 2016-06-19 18:43:35 -05:00
John Bowler
9c04f57cab [libpng15] Corrected filter heuristic overflow handling. 2016-06-19 18:01:33 -05:00
Glenn Randers-Pehrson
4a8105e925 [libpng16] Bump version to 1.6.24beta02 2016-06-11 18:07:44 -05:00
John Bowler
5c6b7e177c [libpng16] Avoid potential overflow of the PNG_IMAGE_SIZE macro. This macro 
is not used within libpng, but is used in some of the examples.
 2016-06-11 14:11:09 -05:00
Glenn Randers-Pehrson
428f5ddabd [libpng16] Bump version to 1.6.24beta01 2016-06-11 14:10:03 -05:00
Glenn Randers-Pehrson
ed6db9d86b [libpng16] Imported from libpng-1.6.23.tar 2016-06-09 06:49:42 -05:00
Glenn Randers-Pehrson
ee3c4e43ae [libpng16] Fixed bad link to RFC2083 in png.5 (Nikola Forro). 2016-06-07 08:22:18 -05:00
Glenn Randers-Pehrson
89158b9ad1 [libpng16] Fixed undefined behavior in png_push_save_buffer(). Do not call 
memcpy() with a null source, even if count is zero (Leon Scroggins III).
 2016-06-03 18:40:42 -05:00
Glenn Randers-Pehrson
1fdac25f66 [libpng16] Imported from libpng-1.6.23rc01.tar 2016-06-01 19:17:57 -05:00
Glenn Randers-Pehrson
1017744c94 [libpng16] Added missing ")" in pngerror.c (Matt Sarrett). 2016-06-01 08:59:48 -05:00
Glenn Randers-Pehrson
f757d74898 [libpng16] Moved sse2 prototype from pngpriv.h to contrib/intel/intel_sse.patch. 2016-05-31 09:45:17 -05:00
Glenn Randers-Pehrson
dbfd68ae3a [libpng16] Update CHANGES, ANNOUNCE, and change date in pngvalid.c 2016-05-29 15:47:57 -05:00
Glenn Randers-Pehrson
a201f859cd [libpng16] Bump version to 1.6.23beta02 2016-05-29 09:52:31 -05:00
John Bowler
81f0273d54 [libpng16] Added tests in pngvalid.c to check zero-length IDAT chunks in various 
positions.  Fixed the sequential reader to handle these more robustly
(John Bowler).
 2016-05-29 09:45:33 -05:00