diff options
author | agl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-10-28 15:09:46 +0000 |
---|---|---|
committer | agl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-10-28 15:09:46 +0000 |
commit | 587b8066b4d994a10986fbeef624aba4c69b4cfe (patch) | |
tree | 3e8a2c661c7e335503754308b12c615dd8f0d73b /third_party/libpng/pngrutil.c | |
parent | f5aaec32f75fe1c65030bc661c58360c3f22c21e (diff) | |
download | chromium_src-587b8066b4d994a10986fbeef624aba4c69b4cfe.zip chromium_src-587b8066b4d994a10986fbeef624aba4c69b4cfe.tar.gz chromium_src-587b8066b4d994a10986fbeef624aba4c69b4cfe.tar.bz2 |
Revert "Revert "libpng: update to 1.2.44""
This reverts commit r64079. The perf regression turned out not to be the fault
of the libpng change.
BUG=60942
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@64243 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'third_party/libpng/pngrutil.c')
-rw-r--r-- | third_party/libpng/pngrutil.c | 120 |
1 files changed, 61 insertions, 59 deletions
diff --git a/third_party/libpng/pngrutil.c b/third_party/libpng/pngrutil.c index a2b39cc2..1e2db31 100644 --- a/third_party/libpng/pngrutil.c +++ b/third_party/libpng/pngrutil.c @@ -220,7 +220,7 @@ png_crc_error(png_structp png_ptr) defined(PNG_READ_iCCP_SUPPORTED) static png_size_t png_inflate(png_structp png_ptr, const png_byte *data, png_size_t size, - png_bytep output, png_size_t output_size) + png_bytep output, png_size_t output_size) { png_size_t count = 0; @@ -246,11 +246,11 @@ png_inflate(png_structp png_ptr, const png_byte *data, png_size_t size, if ((ret == Z_OK || ret == Z_STREAM_END) && avail > 0) { if (output != 0 && output_size > count) - { - int copy = output_size - count; - if (avail < copy) copy = avail; - png_memcpy(output + count, png_ptr->zbuf, copy); - } + { + int copy = output_size - count; + if (avail < copy) copy = avail; + png_memcpy(output + count, png_ptr->zbuf, copy); + } count += avail; } @@ -272,32 +272,32 @@ png_inflate(png_structp png_ptr, const png_byte *data, png_size_t size, */ { PNG_CONST char *msg; - if (png_ptr->zstream.msg != 0) - msg = png_ptr->zstream.msg; - else - { + if (png_ptr->zstream.msg != 0) + msg = png_ptr->zstream.msg; + else + { #if defined(PNG_STDIO_SUPPORTED) && !defined(_WIN32_WCE) - char umsg[52]; - - switch (ret) - { - case Z_BUF_ERROR: - msg = "Buffer error in compressed datastream in %s chunk"; - break; - case Z_DATA_ERROR: - msg = "Data error in compressed datastream in %s chunk"; - break; - default: - msg = "Incomplete compressed datastream in %s chunk"; - break; - } - - png_snprintf(umsg, sizeof umsg, msg, png_ptr->chunk_name); - msg = umsg; + char umsg[52]; + + switch (ret) + { + case Z_BUF_ERROR: + msg = "Buffer error in compressed datastream in %s chunk"; + break; + case Z_DATA_ERROR: + msg = "Data error in compressed datastream in %s chunk"; + break; + default: + msg = "Incomplete compressed datastream in %s chunk"; + break; + } + + png_snprintf(umsg, sizeof umsg, msg, png_ptr->chunk_name); + msg = umsg; #else - msg = "Damaged compressed datastream in chunk other than IDAT"; + msg = "Damaged compressed datastream in chunk other than IDAT"; #endif - } + } png_warning(png_ptr, msg); } @@ -332,9 +332,9 @@ png_decompress_chunk(png_structp png_ptr, int comp_type, else if (comp_type == PNG_COMPRESSION_TYPE_BASE) { png_size_t expanded_size = png_inflate(png_ptr, - (png_bytep)(png_ptr->chunkdata + prefix_size), + (png_bytep)(png_ptr->chunkdata + prefix_size), chunklength - prefix_size, - 0/*output*/, 0/*output size*/); + 0/*output*/, 0/*output size*/); /* Now check the limits on this chunk - if the limit fails the * compressed data will be removed, the prefix will remain. @@ -343,10 +343,10 @@ png_decompress_chunk(png_structp png_ptr, int comp_type, if (png_ptr->user_chunk_malloc_max && (prefix_size + expanded_size >= png_ptr->user_chunk_malloc_max - 1)) #else -#ifdef PNG_USER_CHUNK_MALLOC_MAX +# ifdef PNG_USER_CHUNK_MALLOC_MAX if ((PNG_USER_CHUNK_MALLOC_MAX > 0) && prefix_size + expanded_size >= PNG_USER_CHUNK_MALLOC_MAX - 1) -#endif +# endif #endif png_warning(png_ptr, "Exceeded size limit while expanding chunk"); @@ -359,34 +359,34 @@ png_decompress_chunk(png_structp png_ptr, int comp_type, defined(PNG_USER_CHUNK_MALLOC_MAX) else #endif - if (expanded_size > 0 + if (expanded_size > 0) { /* Success (maybe) - really uncompress the chunk. */ - png_size_t new_size = 0; - png_charp text = png_malloc_warn(png_ptr, - prefix_size + expanded_size + 1); + png_size_t new_size = 0; + png_charp text = png_malloc_warn(png_ptr, + prefix_size + expanded_size + 1); if (text != NULL) { - png_memcpy(text, png_ptr->chunkdata, prefix_size); - new_size = png_inflate(png_ptr, + png_memcpy(text, png_ptr->chunkdata, prefix_size); + new_size = png_inflate(png_ptr, (png_bytep)(png_ptr->chunkdata + prefix_size), - chunklength - prefix_size, + chunklength - prefix_size, (png_bytep)(text + prefix_size), expanded_size); - text[prefix_size + expanded_size] = 0; /* just in case */ - - if (new_size == expanded_size) - { - png_free(png_ptr, png_ptr->chunkdata); - png_ptr->chunkdata = text; - *newlength = prefix_size + expanded_size; - return; /* The success return! */ - } - - png_warning(png_ptr, "png_inflate logic error"); - png_free(png_ptr, text); - } - else + text[prefix_size + expanded_size] = 0; /* just in case */ + + if (new_size == expanded_size) + { + png_free(png_ptr, png_ptr->chunkdata); + png_ptr->chunkdata = text; + *newlength = prefix_size + expanded_size; + return; /* The success return! */ + } + + png_warning(png_ptr, "png_inflate logic error"); + png_free(png_ptr, text); + } + else png_warning(png_ptr, "Not enough memory to decompress chunk."); } } @@ -414,13 +414,13 @@ png_decompress_chunk(png_structp png_ptr, int comp_type, png_charp text = png_malloc_warn(png_ptr, prefix_size + 1); if (text != NULL) { - if (prefix_size > 0) + if (prefix_size > 0) png_memcpy(text, png_ptr->chunkdata, prefix_size); - png_free(png_ptr, png_ptr->chunkdata); - png_ptr->chunkdata = text; + png_free(png_ptr, png_ptr->chunkdata); + png_ptr->chunkdata = text; - /* This is an extra zero in the 'uncompressed' part. */ - *(png_ptr->chunkdata + prefix_size) = 0x00; + /* This is an extra zero in the 'uncompressed' part. */ + *(png_ptr->chunkdata + prefix_size) = 0x00; } /* Ignore a malloc error here - it is safe. */ } @@ -1850,6 +1850,8 @@ png_handle_sCAL(png_structp png_ptr, png_infop info_ptr, png_uint_32 length) if (swidth == NULL) { png_warning(png_ptr, "Out of memory while processing sCAL chunk width"); + png_free(png_ptr, png_ptr->chunkdata); + png_ptr->chunkdata = NULL; return; } png_memcpy(swidth, ep, (png_size_t)png_strlen(ep)); |