From 5f6bd84e375226bf228fc8ac90318957ec9e1e7f Mon Sep 17 00:00:00 2001 From: Patrick Scott Date: Mon, 28 Jun 2010 16:55:16 -0400 Subject: Upgrade libpng to 1.2.44 for security fixes. Change-Id: Iae257ca6ea7031a99f38e9de196d71ef8b94f9aa --- contrib/gregbook/readpng.c | 2 +- contrib/gregbook/readpng2.c | 9 +++-- contrib/pngminim/decoder/gather.sh | 5 +-- contrib/pngminim/decoder/makefile | 44 ++++++++++++++++++++++++ contrib/pngminim/decoder/pngusr.h | 2 +- contrib/pngminim/encoder/gather.sh | 5 +-- contrib/pngminim/encoder/makefile | 43 ++++++++++++++++++++++++ contrib/pngminim/encoder/pngusr.h | 2 +- contrib/pngminim/preader/README | 14 ++++++++ contrib/pngminim/preader/gather.sh | 10 ++++++ contrib/pngminim/preader/makefile | 60 +++++++++++++++++++++++++++++++++ contrib/pngminim/preader/pngusr.h | 68 ++++++++++++++++++++++++++++++++++++++ contrib/pngminus/png2pnm.c | 2 +- contrib/visupng/PngFile.c | 2 +- 14 files changed, 256 insertions(+), 12 deletions(-) create mode 100644 contrib/pngminim/decoder/makefile create mode 100644 contrib/pngminim/encoder/makefile create mode 100644 contrib/pngminim/preader/README create mode 100755 contrib/pngminim/preader/gather.sh create mode 100644 contrib/pngminim/preader/makefile create mode 100644 contrib/pngminim/preader/pngusr.h (limited to 'contrib') diff --git a/contrib/gregbook/readpng.c b/contrib/gregbook/readpng.c index d87f6c7..abfc1fb 100644 --- a/contrib/gregbook/readpng.c +++ b/contrib/gregbook/readpng.c @@ -93,7 +93,7 @@ int readpng_init(FILE *infile, ulg *pWidth, ulg *pHeight) * have used slightly more general png_sig_cmp() function instead */ fread(sig, 1, 8, infile); - if (!png_check_sig(sig, 8)) + if (png_sig_cmp(sig, 0, 8)) return 1; /* bad signature */ diff --git a/contrib/gregbook/readpng2.c b/contrib/gregbook/readpng2.c index 9215042..2ee6b68 100644 --- a/contrib/gregbook/readpng2.c +++ b/contrib/gregbook/readpng2.c @@ -159,7 +159,7 @@ void readpng2_version_info(void) int readpng2_check_sig(uch *sig, int num) { - return png_check_sig(sig, num); + return !png_sig_cmp(sig, 0, num); } @@ -379,6 +379,7 @@ static void readpng2_info_callback(png_structp png_ptr, png_infop info_ptr) { mainprog_info *mainprog_ptr; int color_type, bit_depth; + png_uint_32 width, height; double gamma; @@ -414,8 +415,10 @@ static void readpng2_info_callback(png_structp png_ptr, png_infop info_ptr) /* this is just like in the non-progressive case */ - png_get_IHDR(png_ptr, info_ptr, &mainprog_ptr->width, - &mainprog_ptr->height, &bit_depth, &color_type, NULL, NULL, NULL); + png_get_IHDR(png_ptr, info_ptr, &width, &height, &bit_depth, &color_type, + NULL, NULL, NULL); + mainprog_ptr->width = (ulg)width; + mainprog_ptr->height = (ulg)height; /* since we know we've read all of the PNG file's "header" (i.e., up diff --git a/contrib/pngminim/decoder/gather.sh b/contrib/pngminim/decoder/gather.sh index 6230e81..913b78d 100755 --- a/contrib/pngminim/decoder/gather.sh +++ b/contrib/pngminim/decoder/gather.sh @@ -1,8 +1,9 @@ cp ../../pngminus/png2pnm.c pngm2pnm.c cp ../../../*.h . cp ../../../*.c . -rm example.c pnggccrd.c pngvcrd.c pngtest.c pngpread.c pngw*.c +rm pnggccrd.c pngvcrd.c +rm example.c pngtest.c pngpread.c pngw*.c # change the following 2 lines if zlib is somewhere else cp ../../../../zlib/*.h . cp ../../../../zlib/*.c . -rm minigzip.c example.c compress.c deflate.c +rm minigzip.c example.c compress.c deflate.c gz* diff --git a/contrib/pngminim/decoder/makefile b/contrib/pngminim/decoder/makefile new file mode 100644 index 0000000..4c73839 --- /dev/null +++ b/contrib/pngminim/decoder/makefile @@ -0,0 +1,44 @@ +# Makefile for PngMinus (pngm2pnm) +# Linux / Unix + +#CC=cc +CC=gcc +LD=$(CC) + +RM=rm -f + +CFLAGS=-DPNG_USER_CONFIG -DNO_GZCOMPRESS -DNO_GZIP \ + -DdeflateParams\(a,b,c\)=Z_OK -I. -O1 + +C=.c +O=.o +L=.a +E= + +ZOBJS = adler32$(O) crc32$(O) \ + infback$(O) inffast$(O) inflate$(O) inftrees$(O) \ + trees$(O) uncompr$(O) zutil$(O) + +OBJS = pngm2pnm$(O) png$(O) pngerror$(O) pngget$(O) pngmem$(O) \ + pngread$(O) pngrio$(O) pngrtran$(O) pngrutil$(O) \ + pngset$(O) pngtrans$(O) $(ZOBJS) + +# implicit make rules ------------------------------------------------------- + +.c$(O): png.h pngconf.h pngusr.h zlib.h + $(CC) -c $(CFLAGS) $< + +# dependencies + +all: pngm2pnm$(E) + +pngm2pnm$(E): $(OBJS) + $(LD) -o pngm2pnm$(E) $(OBJS) + strip pngm2pnm$(E) + +clean: + $(RM) pngm2pnm$(O) + $(RM) pngm2pnm$(E) + $(RM) $(OBJS) + +# End of makefile for pngm2pnm diff --git a/contrib/pngminim/decoder/pngusr.h b/contrib/pngminim/decoder/pngusr.h index 4502c30..2312a78 100644 --- a/contrib/pngminim/decoder/pngusr.h +++ b/contrib/pngminim/decoder/pngusr.h @@ -2,7 +2,7 @@ * * Copyright (c) 2007, 2009 Glenn Randers-Pehrson * - * This code is released under the zlib/libpng license. + * This code is released under the libpng license. * For conditions of distribution and use, see the disclaimer * and license in png.h * diff --git a/contrib/pngminim/encoder/gather.sh b/contrib/pngminim/encoder/gather.sh index 46e04da..61d0b13 100755 --- a/contrib/pngminim/encoder/gather.sh +++ b/contrib/pngminim/encoder/gather.sh @@ -1,9 +1,10 @@ cp ../../pngminus/pnm2png.c pnm2pngm.c cp ../../../*.h . cp ../../../*.c . -rm example.c pnggccrd.c pngvcrd.c pngtest.c pngr*.c pngpread.c +rm pnggccrd.c pngvcrd.c +rm example.c pngtest.c pngr*.c pngpread.c # Change the next 2 lines if zlib is somewhere else. cp ../../../../zlib/*.h . cp ../../../../zlib/*.c . rm inf*.[ch] -rm minigzip.c example.c +rm minigzip.c example.c gz* diff --git a/contrib/pngminim/encoder/makefile b/contrib/pngminim/encoder/makefile new file mode 100644 index 0000000..dfde950 --- /dev/null +++ b/contrib/pngminim/encoder/makefile @@ -0,0 +1,43 @@ +# Makefile for PngMinus (pnm2pngm) +# Linux / Unix + +#CC=cc +CC=gcc +LD=$(CC) + +RM=rm -f + +CFLAGS=-DPNG_USER_CONFIG -DNO_GZIP -I. -O1 + +C=.c +O=.o +L=.a +E= + +ZOBJS = adler32$(O) compress$(O) crc32$(O) deflate$(O) \ + dummy_inflate$(O) \ + trees$(O) uncompr$(O) zutil$(O) + +OBJS = pnm2pngm$(O) png$(O) pngerror$(O) pngget$(O) pngmem$(O) \ + pngset$(O) pngtrans$(O) pngwio$(O) pngwrite$(O) \ + pngwtran$(O) pngwutil$(O) $(ZOBJS) + +# implicit make rules ------------------------------------------------------- + +.c$(O): png.h pngconf.h pngusr.h zlib.h + $(CC) -c $(CFLAGS) $< + +# dependencies + +all: pnm2pngm$(E) + +pnm2pngm$(E): $(OBJS) + $(LD) -o pnm2pngm$(E) $(OBJS) + strip pnm2pngm$(E) + +clean: + $(RM) pnm2pngm$(O) + $(RM) pnm2pngm$(E) + $(RM) $(OBJS) + +# End of makefile for pnm2pngm diff --git a/contrib/pngminim/encoder/pngusr.h b/contrib/pngminim/encoder/pngusr.h index 9f58c98..c98b547 100644 --- a/contrib/pngminim/encoder/pngusr.h +++ b/contrib/pngminim/encoder/pngusr.h @@ -2,7 +2,7 @@ * * Copyright (c) 2007, 2009 Glenn Randers-Pehrson * - * This code is released under the zlib/libpng license. + * This code is released under the libpng license. * For conditions of distribution and use, see the disclaimer * and license in png.h * diff --git a/contrib/pngminim/preader/README b/contrib/pngminim/preader/README new file mode 100644 index 0000000..377d641 --- /dev/null +++ b/contrib/pngminim/preader/README @@ -0,0 +1,14 @@ +This demonstrates the use of PNG_USER_CONFIG and pngusr.h + +To build a minimal read-only progressive decoder embedded libpng and +zlib and with your system's X library, run + + gather.sh # to collect needed files from gregbook, libpng, and zlib + +Edit makefile if required, to find your X library and include files, +then + + make + +If you prefer to use the shared libraries, go to contrib/gregbook +and build the rpng2-x application there. diff --git a/contrib/pngminim/preader/gather.sh b/contrib/pngminim/preader/gather.sh new file mode 100755 index 0000000..357bb9a --- /dev/null +++ b/contrib/pngminim/preader/gather.sh @@ -0,0 +1,10 @@ +cp ../../gregbook/rpng2-x.c ../../gregbook/readpng2.[ch] . +cp ../../gregbook/COPYING ../../gregbook/LICENSE . +cp ../../../*.h . +cp ../../../*.c . +rm pnggccrd.c pngvcrd.c +rm example.c pngtest.c pngw*.c +# change the following 2 lines if zlib is somewhere else +cp ../../../../zlib/*.h . +cp ../../../../zlib/*.c . +rm minigzip.c example.c compress.c deflate.c gz* diff --git a/contrib/pngminim/preader/makefile b/contrib/pngminim/preader/makefile new file mode 100644 index 0000000..717978d --- /dev/null +++ b/contrib/pngminim/preader/makefile @@ -0,0 +1,60 @@ +# Makefile for PngMinus (rpng2) +# Linux / Unix + +#CC=cc +CC=gcc +LD=$(CC) + +RM=rm -f + +#XINC = -I/usr/include # old-style, stock X distributions +#XLIB = -L/usr/lib/X11 -lX11 # (including SGI IRIX) + +#XINC = -I/usr/openwin/include # Sun workstations (OpenWindows) +#XLIB = -L/usr/openwin/lib -lX11 + +XINC = -I/usr/X11R6/include # new X distributions (X.org, etc.) +XLIB = -L/usr/X11R6/lib -lX11 +#XLIB = -L/usr/X11R6/lib64 -lX11 # e.g., Red Hat on AMD64 + +#XINC = -I/usr/local/include # FreeBSD +#XLIB = -L/usr/local/lib -lX11 + +#LIBS = $(XLIB) +LIBS = $(XLIB) -lm #platforms that need libm + +CFLAGS=-DPNG_USER_CONFIG -DNO_GZCOMPRESS -DNO_GZIP \ + -DdeflateParams\(a,b,c\)=Z_OK -I. $(XINC) -O1 + +C=.c +O=.o +L=.a +E= + +ZOBJS = adler32$(O) crc32$(O) \ + infback$(O) inffast$(O) inflate$(O) inftrees$(O) \ + trees$(O) uncompr$(O) zutil$(O) + +OBJS = rpng2-x$(O) readpng2$(O) png$(O) pngerror$(O) pngget$(O) pngmem$(O) \ + pngpread$(O) pngread$(O) pngrio$(O) pngrtran$(O) pngrutil$(O) \ + pngset$(O) pngtrans$(O) $(ZOBJS) + +# implicit make rules ------------------------------------------------------- + +.c$(O): png.h pngconf.h readpng2.h pngusr.h zlib.h + $(CC) -c $(CFLAGS) $< + +# dependencies + +all: rpng2-x$(E) + +rpng2-x$(E): $(OBJS) + $(LD) -o rpng2-x$(E) $(OBJS) $(LIBS) + strip rpng2-x$(E) + +clean: + $(RM) rpng2-x$(O) + $(RM) rpng2-x$(E) + $(RM) $(OBJS) + +# End of makefile for rpng2-x diff --git a/contrib/pngminim/preader/pngusr.h b/contrib/pngminim/preader/pngusr.h new file mode 100644 index 0000000..7d728c8 --- /dev/null +++ b/contrib/pngminim/preader/pngusr.h @@ -0,0 +1,68 @@ +/* minrdpngconf.h: headers to make a minimal png-read-only library + * + * Copyright (c) 2009 Glenn Randers-Pehrson + * + * This code is released under the libpng license. + * For conditions of distribution and use, see the disclaimer + * and license in png.h + * + * Derived from pngcrush.h, Copyright 1998-2007, Glenn Randers-Pehrson + */ + +#ifndef MINPRDPNGCONF_H +#define MINPRDPNGCONF_H + +#define PNG_NO_GLOBAL_ARRAYS + +#define PNG_NO_WARNINGS +#define png_warning(s1,s2) "" +#define png_chunk_warning(s1,s2) "" +#define PNG_NO_ERROR_TEXT +#define png_error(s1,s2) png_err(s1) +#define png_chunk_error(s1,s2) png_err(s1) + +#define PNG_NO_ASSEMBLER_CODE +#define PNG_NO_OPTIMIZED_CODE +#define PNG_NO_READ_DITHER +#define PNG_NO_READ_INVERT +#define PNG_NO_READ_SHIFT +#define PNG_NO_READ_PACK +#define PNG_NO_READ_PACKSWAP +#define PNG_NO_READ_FILLER +#define PNG_NO_READ_SWAP +#define PNG_NO_READ_SWAP_ALPHA +#define PNG_NO_READ_INVERT_ALPHA +#define PNG_NO_READ_RGB_TO_GRAY +#define PNG_NO_READ_USER_TRANSFORM +#define PNG_NO_READ_cHRM +#define PNG_NO_READ_hIST +#define PNG_NO_READ_iCCP +#define PNG_NO_READ_pCAL +#define PNG_NO_READ_pHYs +#define PNG_NO_READ_sBIT +#define PNG_NO_READ_sCAL +#define PNG_NO_READ_sPLT +#define PNG_NO_READ_TEXT +#define PNG_NO_READ_tIME +#define PNG_NO_READ_UNKNOWN_CHUNKS +#define PNG_NO_READ_USER_CHUNKS +#define PNG_NO_READ_EMPTY_PLTE +#define PNG_NO_READ_OPT_PLTE +#define PNG_NO_READ_STRIP_ALPHA +#define PNG_NO_READ_oFFs +#define PNG_NO_WARN_UNINITIALIZED_ROW + +#define PNG_NO_WRITE_SUPPORTED + +#define PNG_NO_INFO_IMAGE +#define PNG_NO_USER_MEM +#define PNG_NO_FIXED_POINT_SUPPORTED +#define PNG_NO_MNG_FEATURES +#define PNG_NO_USER_TRANSFORM_PTR +#define PNG_NO_HANDLE_AS_UNKNOWN +#define PNG_NO_CONSOLE_IO +#define PNG_NO_ZALLOC_ZERO +#define PNG_NO_ERROR_NUMBERS +#define PNG_NO_EASY_ACCESS + +#endif /* MINPRDPNGCONF_H */ diff --git a/contrib/pngminus/png2pnm.c b/contrib/pngminus/png2pnm.c index 010870a..ac295aa 100644 --- a/contrib/pngminus/png2pnm.c +++ b/contrib/pngminus/png2pnm.c @@ -211,7 +211,7 @@ BOOL png2pnm (FILE *png_file, FILE *pnm_file, FILE *alpha_file, BOOL raw, BOOL a if (ret != 8) return FALSE; - ret = png_check_sig (buf, 8); + ret = !png_sig_cmp (buf, 0, 8); if (!ret) return FALSE; diff --git a/contrib/visupng/PngFile.c b/contrib/visupng/PngFile.c index 6154ce2..ff6d155 100644 --- a/contrib/visupng/PngFile.c +++ b/contrib/visupng/PngFile.c @@ -126,7 +126,7 @@ BOOL PngLoadImage (PTSTR pstrFileName, png_byte **ppbImageData, // first check the eight byte PNG signature fread(pbSig, 1, 8, pfFile); - if (!png_check_sig(pbSig, 8)) + if (png_sig_cmp(pbSig, 0, 8)) { *ppbImageData = pbImageData = NULL; return FALSE; -- cgit v1.1