Commit graph

27 commits

Author SHA1 Message Date
fredb
d5cfb80689 Fix another bug in png_do_read_filler() regarding 16-big *grayscale*
images (and bump package to 1.2.5nb2). The following is taken directly
from the png-implement mailing list...


    Date: Fri, 20 Dec 2002 11:26:31 -0500
    From: Glenn Randers-Pehrson <glennrp@comcast.net>
    Reply-To: png-implement@ccrc.wustl.edu
    To: png-implement@ccrc.wustl.edu
    Subject: Re: [png-implement] bug in png_read_filler() with 16-bit  samples

    At 01:01 AM 12/5/02 -0500, Glenn Randers-Pehrson wrote:
    >A bug has turned up in png_read_filler() with 16-bit samples.
    >The starting offsets for the loops are calculated incorrectly
    >which causes a buffer overrun beyond the beginning of the row
    >buffer.
    >
    >To fix, at lines 1968 and 1990,
    >change "row_width * 3" to "row_width * 6"
    >and at lines 1969 and 1991,
    >change "row_width;" to "row_width * 2;"

    This is only half of the story.  Adding an alpha channel to
    16-bit *grayscale* images with png_do_read_filler() exhibits
    the same bug, and pngcrush crashes if I try to do it.

    To fix, at lines 1892, 1893, 1910, and 1911 of pngrtran.c
    change "row_width" to "row_width * 2"

    Note that applications that do not add an alpha channel via
    png_set_filler(), and any applications that do, but reduce 16-bit
    samples to 8 bit via png_set_strip_16() are invulnerable to
    the bug.  Pngcrush is the only application that I know of
    that uses png_set_filler() without also using png_set_strip_16().

    Glenn


    --
    Send the message body "help" to png-implement-request@ccrc.wustl.edu
2002-12-20 17:54:27 +00:00
fredb
ef1cddb8ab Fix a buffer overrun in png_do_read_filler() with 16-bit samples, as
reported to the png-implement mailing list by Glenn Randers-Pehrson:

ftp://swrinde.nde.swri.edu/pub/png-group/archives/png-implement.200212

[Glenn Randers-Pehrson is the original author and chief maintainer of
libpng.]

From the discussion in the archive, it appears to be unlikely that the
bug could be exploited by a malicious web-server, chiefly because the
operation that triggers it is more likely to be carried out by an image
manipulation program (i.e. pngcrush), than by a web browser.
2002-12-19 21:25:09 +00:00
cjep
e9dea94b6d NetBSD tag. 2002-11-26 21:35:35 +00:00
fredb
5c5c4303d6 Update to png 1.2.5:
* Changed png_error() to png_warning() about
  "Too much data" in pngpread.c and about
  "Extra compressed data" in pngrutil.c.
* Prevent png_ptr->pass from exceeding 7 in
  png_push_finish_row().
* Updated png.c and pnggccrd.c handling of return from
  png_mmx_support() [Doesn't apply to the package.]
* Only issue png_warning() about "Too much data" in
  pngpread.c when avail_in is nonzero.
* Relocated two misplaced PNGAPI lines in pngtest.c

Update submitted by Stefan Krüger in PR/18926.
2002-11-06 21:30:20 +00:00
jlam
e2afa97f51 Merge changes in packages from the buildlink2 branch that have
buildlink2.mk files back into the main trunk.  This provides sufficient
buildlink2 infrastructure to start merging other packages from the
buildlink2 branch that have already been converted to use the buildlink2
framework.
2002-08-25 18:38:05 +00:00
fredb
75f1730606 Update to version 1.2.4. Two new functions since 1.2.1, png_malloc_warn()
and png_set_text_2(), call for a minor version bump in the shared library.
Update "BUILDLINK_DEPENDS" to current level. Also make the shared library
versions visible in the top-level "Makefile", and add a top-level "test"
target to invoke "pngtest" in ${WRKSRC}.

The following is culled from the extensive "CHANGES" file, ommitting
all make system and doc changes, and some bug fixes for bugs that weren't
present in 1.2.1. See "CHANGES" for complete details:

  Added setjmp() at the end of png_create_*_struct_2() in case user forgets
    to put one in their application.
  Exported png_zalloc(), png_zfree(), png_default_read(), png_default_write(),
    png_default_flush(), and png_push_fill_buffer() and included them in
    module definition files.
  Revised prototype for png_default_flush()
  Typos in *.def files (png_default_read|write -> png_default_read|write_data)
  Once more restored png_zalloc and png_zfree to regular nonexported form.
  Restored png_default_read|write_data, png_default_flush, png_read_fill_buffer
    to nonexported form, but with PNGAPI, and removed them from module def files.
  Removed "PNGAPI" from png_zalloc() and png_zfree() in png.c
  Plugged various memory leaks; added png_malloc_warn() and png_set_text_2()
    functions.
  Plugged memory leak of png_ptr->current_text (Matt Holgate).
  Check for buffer overflow before reading CRC in pngpread.c (Warwick Allison)
  Plugged memory leak of row_buf in pngtest.c when there is a png_error().
  Detect buffer overflow in pngpread.c when IDAT is corrupted with extra data.
  Changed png_warning() to png_error() when width is too large to process.
2002-07-19 14:33:08 +00:00
mycroft
26b2b82afd Fix LP64 printf() problems. 2002-07-19 03:22:17 +00:00
fredb
5022d965b8 Update png to 1.2.1. Includes an ABI change and a concommittent bump in the
shared library version, and in the dependendency information for hundreds of
other packages. [Update to png itself was supplied by Thomas Wizner.]

Relevant changes since 1.0.12, extracted from the "CHANGES" file:

  Re-enabled PNG_MNG_FEATURES_SUPPORTED and enabled PNG_ASSEMBLER_CODE_SUPPORTED
    by default.
  Added runtime selection of MMX features.
  Added png_set_strip_error_numbers function and related macros.
  Added a check for attempts to read or write PLTE in grayscale PNG datastreams.
  Enabled user memory function by default.
  Modified png_create_struct so it passes user mem_ptr to user memory allocator.
  Increased png_mng_features flag from png_byte to png_uint_32.
  Check for missing profile length field in iCCP chunk and free chunk_data
     in case of truncated iCCP chunk.
  Revised contrib/gregbook/rpng*-x.c to avoid a memory leak and to exit cleanly
     if user attempts to run it on an 8-bit display.
  Updated contrib/gregbook
  Use png_malloc instead of png_zalloc to allocate palette in pngset.c
  Added some typecasts to eliminate gcc 3.0 warnings.  Changed prototypes
     of png_write_oFFS width and height from png_uint_32 to png_int_32.
  Updated example.c
  Revised prototypes for png_debug_malloc and png_debug_free in pngtest.c
  Revised contrib/gregbook
  Revised pnggccrd.c to conditionally compile some thread-unsafe code only
     when PNG_THREAD_UNSAFE_OK is defined.
  Added tests to prevent pngwutil.c from writing a bKGD or tRNS chunk with
     value exceeding 2^bit_depth-1
  Replaced calls to fprintf(stderr,...) with png_warning() in pnggccrd.c
  Removed restriction that do_invert_mono only operate on 1-bit opaque files
  Changed a png_warning() to png_debug() in pnggccrd.c
  Fixed contrib/gregbook/rpng-x.c, rpng2-x.c to avoid crash with XFreeGC().
  Include background_1 in png_struct regardless of gamma support.
  Revised example.c to provide more details about using row_callback().
  Added type cast to each NULL appearing in a function call, except for
    WINCE functions.
  Removed type casts from all NULLs.
  Simplified png_create_struct_2().
  Revised png_create_info_struct() and png_creat_struct_2().
  Added error message if png_write_info() was omitted.
  Type cast NULLs appearing in function calls when _NO_PROTO or
    PNG_TYPECAST_NULL is defined.
  Type cast NULLs appearing in function calls except when PNG_NO_TYPECAST_NULL
    is defined.
  Changed typecast of "size" argument to png_size_t in pngmem.c calls to
    the user malloc_fn, to agree with the prototype in png.h
  Added a pop/push operation to pnggccrd.c, to preserve Eflag (Maxim Sobolev)
  Added a pop/push operation to pngvcrd.c, to preserve Eflag.
  Always allocate 256-entry internal palette, hist, and trans arrays, to
    avoid out-of-bounds memory reference caused by invalid PNG datastreams.
  Added a check for prefix_length > data_length in iCCP chunk handler.
2002-03-13 17:43:38 +00:00
wiz
f0aca6ea72 Update to 1.0.12. Extract of changes since 1.0.11:
. Added some never-to-be-executed code in pnggccrd.c to quiet compiler
  warnings.
. Added a check for attempts to read or write PLTE in grayscale PNG
  datastreams.
. Eliminated the png_error about apps using png_read|write_init().  Instead,
  libpng will reallocate the png_struct and info_struct if they are too small.
  This achieves future binary compatibility for old applications written for
  libpng-0.88 and earlier.  Expanded the warnings about incompatible library
  and application.
. Modified png_create_struct so it passes user mem_ptr to user memory
  allocator.
. Check for missing profile length field in iCCP chunk and free the chunk_data
  in case of truncated iCCP chunk.
2001-08-03 23:19:25 +00:00
jlam
d0fb8a773f png depends on zlib, so add dependency on zlib for those platforms without
in the base system.  Make sure that libz.so is found during the build.
2001-05-28 02:41:54 +00:00
wiz
ff1f2b2d8e Update libpng to 1.0.11.
pkgsrc change: bump shared library major like it happened in libpng some
time ago -- our libtool'ified build didn't reflect this. Fixes pkg/12856
by Thor Simon. Note necessity of manual major/minor handling in Makefile,
to decrease chance that this will repeat in the future.
Changes since 1.0.10:
  Added type casts on several png_malloc() calls (Dimitri Papadapoulos).
  Removed a no-longer needed AIX work-around from pngconf.h
  Changed several "//" single-line comments to C-style in pnggccrd.c
  Removed PNGAPI from several functions whose prototypes did not have PNGAPI.
  Updated scripts/pngos2.def
  Added a check for NULL return from user's malloc_fn().
  Removed some useless type casts of the NULL pointer.
  Added makefile.netbsd [not used, since we're using libtool instead]
2001-05-21 21:39:13 +00:00
tron
dc1792c8f5 As point by Johnny C. Lam in private e-mail a new function was added in
this release of the PNG library. So increase the shared library minor
number and bump the package version to "1.0.9nb1".
2001-03-04 07:53:34 +00:00
wiz
8ed768d6ab Don't force '-O'. Noted by Adam Ciarcinski. 2001-01-18 18:05:52 +00:00
tron
e30dbaba42 Make this build if "${CC}" is not "cc". 2001-01-13 01:33:20 +00:00
jlam
2af0082fc4 Honor CFLAGS passed in from environment. 2000-10-06 01:38:50 +00:00
rh
e0b2cc8740 Update png to 1.0.7.
Changes are:
  Changed sprintf() to strcpy() in png_write_sCAL_s() to work without STDIO
  Added data_length parameter to png_decompress_chunk() function
  Revised documentation to remove reference to abandoned png_free_chnk functions
  Fixed an error in png_rgb_to_gray_fixed()
  Revised example.c, usage of png_destroy_write_struct().
  Renamed makefile.ibmvac3 to makefile.ibmc, added libpng.icc IBM project file
  Added a check for info_ptr->free_me&PNG_FREE_TEXT when free'ing text in png.c
  Simplify png_sig_bytes() function to remove use of non-ISO-C strdup().
  Added png_data_freer() function.
  In the code that checks for over-length tRNS chunks, added check of
    info_ptr->num_trans as well as png_ptr->num_trans (Matthias Benckmann)
  Check for existing data and free it if the free_me flag is set, in png_set_*()
    and png_handle_*().
  Only define PNG_WEIGHTED_FILTERS_SUPPORTED when PNG_FLOATING_POINT_SUPPORTED
    is defined.
  Changed several instances of PNG_NO_CONSOLE_ID to PNG_NO_STDIO in pngrutil.c
    and mentioned the purposes of the two macros in libpng.txt/libpng.3.
  Revised png_set_iCCP() and png_set_rows() to avoid prematurely freeing data.
  Add checks in png_set_text() for NULL members of the input text structure.
  Removed superfluous prototype for png_set_itxt from png.h
  Removed "else" from pngread.c, after png_error(), and changed "0" to "length".
  Changed several png_errors about malformed ancillary chunks to png_warnings.
  Added png_pass-* arrays to pnggccrd.c when PNG_USE_LOCAL_ARRAYS is defined.
  Relocated paragraph about png_set_background() in libpng.3/libpng.txt
    and other revisions (Matthias Benckmann)
  Relocated info_ptr->free_me to restore binary compatibility with libpng-1.0.5
    (breaks compatibility with libpng-1.0.6).
  Relocated info_ptr->free_me, png_ptr->free_me, and other info_ptr and
    png_ptr members to restore binary compatibility with libpng-1.0.5
    (breaks compatibility with libpng-1.0.6).
  Rearranged some members at the end of png_info and png_struct, to put
    unknown_chunks_num and free_me within the original size of the png_structs
    and free_me, png_read_user_fn, and png_free_fn within the original png_info,
    because some old applications allocate the structs directly instead of
    using png_create_*().
  Added documentation of user memory functions in libpng.txt/libpng.3
  Modified png_read_png so that it will use user_allocated row_pointers
    if present, unless free_me directs that it be freed, and added description
    of the use of png_set_rows() and png_get_rows() in libpng.txt/libpng.3.
  Added PNG_LEGACY_SUPPORTED macro, and #ifdef out all new (since version
    1.00) members of png_struct and png_info, to regain binary compatibility
    when you define this macro.  Capabilities lost in this event
    are user transforms (new in version 1.0.0),the user transform pointer
    (new in version 1.0.2), rgb_to_gray (new in 1.0.5), iCCP, sCAL, sPLT,
    the high-level interface, and unknown chunks support (all new in 1.0.6).
    This was necessary because of old applications that allocate the structs
    directly as authors were instructed to do in libpng-0.88 and earlier,
    instead of using png_create_*().
  Added makefile.intel and updated makefile.watcom (Pawel Mrochen)
  Overloaded png_read_init() and png_write_init() with macros that convert
    calls to png_read_init_2() or png_write_init_2() that check the version
    and structure sizes.
  Made PNG_NO_ITXT_SUPPORTED the default setting, to avoid memory overrun
    when old applications fill the info_ptr->text structure directly.
  Added PNGAPI macro, and added it to the definitions of all exported functions.
  Relocated version macro definitions ahead of the includes of zlib.h and
    pngconf.h in png.h.
  Made PNG_NO_CONSOLE_IO the default condition when PNG_BUILD_DLL is defined.
  Use MSC _RPTn debugging instead of fprintf if _MSC_VER is defined.
  Added png_access_version_number() function.
  Check for mask&PNG_FREE_CHNK (for TEXT, SCAL, PCAL) in png_free_data().
  Expanded libpng.3/libpng.txt information about png_data_freer().
  Changed pnggccrd.c and pngvcrd.c to handle bad adaptive filter types as
    warnings instead of errors, as pngrutil.c does.
  Set the PNG_INFO_IDAT valid flag in png_set_rows() so png_write_png()
    will actually write IDATs.
  Made the default PNG_USE_LOCAL_ARRAYS depend on PNG_DLL instead of WIN32.
  Make png_free_data() ignore its final parameter when freeing data that can
    have multiple instances (text, sPLT, unknowns).
  Removed info_ptr->valid tests from png_free_data(), as in version 1.0.5.
  Added png_set_invalid() function.
  Fixed incorrect illustrations of png_destroy_write_struct() in example.c.
  Revised the deliberately erroneous Linux setjmp code in pngconf.h to produce
    fewer error messages.
  Set each pointer to NULL after freeing it in png_free_data().
  Worked around a problem in pngconf.h; AIX's strings.h defines an "index"
    macro that conflicts with libpng's png_color_16.index. (Dimitri Papadapoulos)
  Added PNG_NO_POINTER_INDEXING macro to use array-indexing instead of pointer
    indexing in pngrutil.c and pngwutil.c to accommodate a buggy compiler.
  Added a check for overlength PLTE chunk in pngrutil.c.
  Added PNG_NO_POINTER_INDEXING macro to use array-indexing instead of pointer
    indexing in pngrutil.c and pngwutil.c to accommodate a buggy compiler.
  Added a warning in png_decompress_chunk() when it runs out of data.
  Revised the copyright/disclaimer/license notice.
  Corrected the definition of PNG_TRANSFORM_INVERT_ALPHA  (0x0400 not 0x0200)
  Added PNG_USE_DLL macro.
  Added "msvc" and contrib/msvctest directories with MSVC++ project files
    (Simon-Pierre Cadieux) and contrib/visupng directory (Willem van Schaik).
  Removed leading underscores from "_PNG_H" and "_PNG_SAVE_BSD_SOURCE" macros.
  Fixed bugs in pngwrite.c and pngwutil.c that prevented writing iCCP chunks.
  Revised the definition of "trans_values" in libpng.3/libpng.txt
2000-07-03 12:06:47 +00:00
wiz
6f8379fafb Fix library dependencies (on libm and libz).
USE_LIBTOOL instead of USE_PKGLIBTOOL.
2000-06-03 19:46:42 +00:00
wiz
62a8f68a2d install man pages for libpng, as requested in pkg/9937. 2000-04-20 02:11:46 +00:00
tron
152243dbb2 Update "png" package to version 1.0.6. Changes since version 1.0.5:
- Added contrib/pngsuite and contrib/pngminus (Willem van Schaik)
- Fixed a typo in the png_set_sRGB() function call in example.c (Jan Nijtmans)
- Further optimization and bugfix of pngvcrd.c
- Revised pngset.c so that it does not allocate or free memory in the user's
  text_ptr structure.- Instead, it makes its own copy.
- Added code in pngwrite.c to free info_ptr->text[i].key to stop a memory leak.
- Created separate write_end_info_struct in pngtest.c for a more severe test.
- Moved PNG_FLAG_HAVE_CHUNK_HEADER, PNG_FLAG_BACKGROUND_IS_GRAY and
  PNG_FLAG_WROTE_tIME from flags to mode.
- Added png_write_info_before_PLTE() function.
- Fixed some typecasting in contrib/gregbook/*.c
- Updated scripts/makevms.com (Martin Zinser)
- Moved png_get_header_version from png.h to png.c, to accomodate ansi2knr.
- Removed all global arrays (according to PNG_NO_GLOBAL_ARRAYS macro), to
  accomodate making DLL's: Moved usr_png_ver from global variable to function
  png_get_header_ver() in png.c.- Moved png_sig to png_sig_bytes in png.c and
  eliminated use of png_sig in pngwutil.c.- Moved the various png_CHNK arrays
  into local arrays.- Eliminated use of global png_pass arrays.- Declared the
  png_CHNK and png_pass arrays to be "const".- Made the global arrays
  available to applications when PNG_NO_GLOBAL_ARRAYS is not defined or
  when PNG_USE_GLOBAL_ARRAYS is defined.- Made available to applications a
  macro "PNG_USE_LOCAL_ARRAYS".
- Changed the PNG_sRGB_INTENT macros in png.h to be consistent with PNG-1.2.
- Change PNG_SRGB_INTENT to PNG_sRGB_INTENT in libpng.txt and libpng.3
- Added PNG_EXPORT_VAR macro to accommodate making DLL's.
- Refactored the inflate/deflate support to make adding new chunks with
  trailing compressed parts easier in the future (Eric S. Raymond).
- Added iCCP, iTXt, sCAL, and sPLT support; added "lang", "lang_key", and
  itxt_length" members to the png_text structure (Eric S. Raymond, Glenn R-P)
- Changed png_get_oFFs() and png_set_oFFs() to use signed rather than unsigned
  offsets (Eric S. Raymond).
- Combined PNG_READ_cHNK_SUPPORTED and PNG_WRITE_cHNK_SUPPORTED macros into
  PNG_cHNK_SUPPORTED and combined the three types of PNG_text_SUPPORTED
  macros, leaving the separate macros also available.
- Removed comments on #endifs at the end of many short, non-nested #if-blocks.
- Changed makefile.solaris to issue a warning about potential problems when
  the ucb "ld" is in the path ahead of the ccs "ld".
- Removed "- [date]" from the "synopsis" line in libpng.3 and libpngpf.3.
- Added code in pngwrite.c to work around a newly discovered zlib bug.
- Unknown chunk handling is now supported (Eric S. Raymond).
- Option to eliminate all floating point support was added.- Some new
  fixed-point functions such as png_set_gAMA_fixed() were added.
- Added new type "png_fixed_point" for integers that hold float*100000 values
- Added many parentheses, e.g., "if (a && b & c)" becomes "if (a && (b & c))"
- Added png_handle_as_unknown()
- Added chunk_list and num_chunk_list members of png_ptr.
- Define png_get_int_32 when oFFs chunk is supported as well as when pCAL is.
- Added functions png_set_read_user_chunk_fn() and png_get_user_chunk_ptr()
  for setting a callback function to handle unknown chunks and for
  retrieving the associated user pointer (Glenn).
- Added png_free_data() function.
- Added high-level functions png_read_png() and png_write_png() (ESR).
- Renamed pngdll.mak to makefile.bd32
- Cosmetic changes in pngtest.c
- Fixed pngvcrd.c bug by pushing/popping registers in mmxsupport (Bruce Oberg)
- Revised makefile.gcmmx
- Fixed a bug in pngrtran.c that improperly expanded the background color.
- Return *num_text=0 from png_get_text() when appropriate, and fix
  documentation of png_get_text() in libpng.txt/libpng.3.
- Added PNG_SETJMP_SUPPORTED, PNG_SETJMP_NOT_SUPPORTED, and PNG_ABORT() and
  "png_jmpbuf()" macros to pngconf.h, to help people migrate to the new error
  handler that's planned for the next libpng release, and changed example.c,
  pngtest.c, and contrib programs to use this macro.
- Revised some of the DLL-export macros in pngconf.h (Greg Roelofs)
- Fixed some mistakes in the unused and undocumented INCH_CONVERSIONS functions
  in pngget.c
- Updated makefile.linux and makefile.gccmmx to make directories conditionally.
- Increased precision of rgb_to_gray calculations from 8 to 15 bits and
  added png_set_rgb_to_gray_fixed() function.
- Added makefile.bc32 (32-bit Borland C++, C mode)
- Updated references to the zlib home page, which has moved to
  freesoftware.com.
- Corrected bugs in documentation regarding png_read_row() and png_write_row().
- Renamed makefile.borland,turboc3 back to makefile.bor,tc3 as in version
  1.0.3, revised borland makefiles; added makefile.ibmvac3 and makefile.gcc
  (Cosmin)
- Added makefile.sggcc (SGI IRIX with gcc)
2000-03-21 22:07:57 +00:00
tron
a5127075eb Update "png" package to version 1.0.5. This version mostly fixes bugs
discovered since version 1.0.3. A complete list of the changes can be
found under "ftp://ftp.uu.net/graphics/png/src/libpng-1.0.5-README.txt".
2000-02-09 15:46:27 +00:00
tron
f03e5614c7 Update "png" package to version 1.0.3. 1999-03-04 13:50:48 +00:00
agc
86db14e819 Add NetBSD RCS Ids. 1998-08-07 10:35:47 +00:00
tv
54ceb4bc86 Update libpng to 1.0.2. Works with all dependent pkgs I have tested
(everything but ImageMagick, gs5, and xemacs20).  The API hasn't changed
much, say the install instructions, but it isn't binary compatible--bump
shlib version to 1.0.
1998-07-15 11:45:49 +00:00
tron
d895a9a177 Patch from Tim Rightnour to make "png" compile on alpha, fixes PR pkg/5626. 1998-06-26 21:12:06 +00:00
mycroft
3eb532a5e1 Slight fix to the shared library linking command.
XXX This doesn't work for ELF/binutils.
1997-10-31 12:26:33 +00:00
agc
1b6a14d471 Add NetBSD RCS Ids.
Attempt to make the target directories ${PREFIX}-dependent.
1997-10-06 13:42:02 +00:00
agc
5c3b7292c3 Initial import of FreeBSD graphics ports into the NetBSD packages
system.
1997-10-06 13:29:36 +00:00