./graphics/png, Library for manipulating PNG images

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 1.6.23, Package name: png-1.6.23, Maintainer: wiz

Libpng was written as a companion to the PNG specification, as a
way to reduce the amount of time and effort it takes to support
the PNG file format in application programs. Most users will not
have to modify the library significantly; advanced users may want
to modify it more. The library was coded for both users. All
attempts were made to make it as complete as possible, while
keeping the code easy to understand. Currently, this library
only supports C. Support for other languages is being considered.

Master sites: (Expand)

SHA1: 4857fb8dbd5ca7ddacc40c183e340b9ffa34a097
RMD160: bb2ddbd8d72ffd86b8a2225428f778da99cc1741
Filesize: 938.984 KB

Version history: (Expand)

CVS history: (Expand)

   2016-06-10 17:23:47 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
Updated png to 1.6.23.

Version 1.6.23beta01 [May 29, 2016]
  Stop a potential memory leak in png_set_tRNS() (Bug report by Ted Ying).
  Fixed the progressive reader to handle empty first IDAT chunk properly
    (patch by Timothy Nikkel).  This bug was introduced in libpng-1.6.0 and
    only affected the libpng16 branch.
  Added tests in pngvalid.c to check zero-length IDAT chunks in various
    positions.  Fixed the sequential reader to handle these more robustly
    (John Bowler).

Version 1.6.23rc01 [June 2, 2016]
  Corrected progressive read input buffer in pngvalid.c. The previous version
    the code invariably passed just one byte at a time to libpng.  The intent
    was to pass a random number of bytes in the range 0..511.
  Moved sse2 prototype from pngpriv.h to contrib/intel/intel_sse.patch.
  Added missing ")" in pngerror.c (Matt Sarrett).

Version 1.6.23rc02 [June 4, 2016]
  Fixed undefined behavior in png_push_save_buffer(). Do not call
    memcpy() with a null source, even if count is zero (Leon Scroggins III).

Version 1.6.23 [June 9, 2016]
  Fixed bad link to RFC2083 in png.5 (Nikola Forro).
   2016-05-26 15:32:00 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
Updated png to 1.6.22.

Version 1.6.22beta01 [January 23, 2016]
  Changed PNG_USE_MKSTEMP to __COVERITY__ to select alternate
    "tmpfile()" implementation in contrib/libtests/pngstest.c
  Fixed NO_STDIO build of pngunknown.c to skip calling png_init_io()
    if there is no stdio.h support.
  Added a png_image_write_to_memory() API and a number of assist macros
    to allow an application that uses the simplified API write to bypass
    stdio and write directly to memory.
  Added some warnings (png.h) and some check code to detect *possible*
    overflow in the ROW_STRIDE and simplified image SIZE macros.  This
    disallows image width/height/format that *might* overflow.  This is
    a quiet API change that limits in-memory image size (uncompressed) to
    less than 4GByte and image row size (stride) to less than 2GByte.
  Revised workaround for false-positive Coverity issue in pngvalid.c.

Version 1.6.22beta02 [February 8, 2016]
  Only use exit(77) in configure builds.
  Corrected error in PNG_IMAGE_PNG_SIZE_MAX. This new macro underreported
    the palette size because it failed to take into account that the memory
    palette has to be expanded to full RGB when it is written to PNG.
  Updated CMakeLists.txt, added supporting scripts/gen*.cmake.in
    and test.cmake.in (Roger Leigh).
  Relaxed limit checks on gamma values in pngrtran.c. As suggested in
    the comments gamma values outside the range currently permitted
    by png_set_alpha_mode are useful for HDR data encoding.  These values
    are already permitted by png_set_gamma so it is reasonable caution to
    extend the png_set_alpha_mode range as HDR imaging systems are starting
    to emerge.

Version 1.6.22beta03 [March 9, 2016]
  Added a common-law trademark notice and export control information
    to the LICENSE file, png.h, and the man page.
  Restored "& 0xff" in png_save_uint_16() and png_save_uint_32() that
    were accidentally removed from libpng-1.6.17.
  Changed PNG_INFO_cHNK and PNG_FREE_cHNK from 0xnnnn to 0xnnnnU in png.h
    (Robert C. Seacord).
  Removed dubious "#if INT_MAX" test from png.h that was added to
    libpng-1.6.19beta02 (John Bowler).
  Add ${INCLUDES} in scripts/genout.cmake.in (Bug report by Nixon Kwok).
  Updated LICENSE to say files in the contrib directory are not
    necessarily under the libpng license, and that some makefiles have
    other copyright owners.
  Added INTEL-SSE2 support (Mike Klein and Matt Sarett, Google, Inc.).
  Made contrib/libtests/timepng more robust.  The code no longer gives
    up/fails on invalid PNG data, it just skips it (with error messages).
    The code no longer fails on PNG files with data beyond IEND.  Options
    exist to use png_read_png (reading the whole image, not by row) and, in
    that case, to apply any of the supported transforms.  This makes for
    more realistic testing; the decoded data actually gets used in a
    meaningful fashion (John Bowler).
  Fixed some misleading indentation (Krishnaraj Bhat).

Version 1.6.22beta04 [April 5, 2016]
  Force GCC compilation to C89 if needed (Dagobert Michelsen).
  SSE filter speed improvements for bpp=3:
    memcpy-free implementations of load3() / store3().
    call load3() only when needed at the end of a scanline.

Version 1.6.22beta05 [April 27, 2016]
  Added PNG_FAST_FILTERS macro (defined as
  Various fixes for contrib/libtests/timepng.c
  Moved INTEL-SSE code from pngpriv.h into contrib/intel/intel_sse.patch.
  Fixed typo (missing underscore) in #define PNG_READ_16_TO_8_SUPPORTED
    (Bug report by Y.Ohashik).

Version 1.6.22beta06 [May 5, 2016]
  Rebased contrib/intel_sse.patch.
  Quieted two Coverity issues in contrib/libtests/timepng.c.
  Fixed issues with scripts/genout.cmake.in (David Capello, Nixon Kwok):
    Added support to use multiple directories in ZLIBINCDIR variable,
    Fixed CMAKE_C_FLAGS with multiple values when genout is compiled on MSVC,
    Fixed pnglibconf.c compilation on OS X including the sysroot path.

Version 1.6.22rc01 [May 14, 2016]
  No changes.

Version 1.6.22rc02 [May 16, 2016]
  Removed contrib/timepng from default build; it does not build on platforms
    that don't supply clock_gettime().

Version 1.6.22rc03 [May 17, 2016]
  Restored contrib/timepng to default build but check for the presence
    of clock_gettime() in configure.ac and Makefile.am.

Version 1.6.22 [May 26, 2016]
  No changes.
   2016-01-16 01:05:15 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
Update png to 1.6.21:

Version 1.6.21beta01 [December 11, 2015]
  Fixed syntax "$(command)" in tests/pngstest that some shells other than
    bash could not parse (Bug report by Nelson Beebe). Use `command` instead.

Version 1.6.21beta02 [December 14, 2015]
  Moved png_check_keyword() from pngwutil.c to pngset.c
  Removed LE/BE dependencies in pngvalid, to 'fix' the current problem
    in the BigEndian tests by not testing it, making the BE code the same
    as the LE version.
  Fixes to pngvalid for various reduced build configurations (eliminate unused
    statics) and a fix for the case in rgb_to_gray when the digitize option
    reduces graylo to 0, producing a large error.

Version 1.6.21beta03 [December 18, 2015]
  Widened the 'limit' check on the internally calculated error limits in
    the 'DIGITIZE' case (the code used prior to 1.7 for rgb_to_gray error
    checks) and changed the check to only operate in non-release builds
    (base build type not RC or RELEASE.)
  Fixed undefined behavior in pngvalid.c, undefined because
    (png_byte) << shift is undefined if it changes the signed bit
    (because png_byte is promoted to int). The libpng exported functions
    png_get_uint_32 and png_get_uint_16 handle this. (Bug reported by
    David Drysdale as a result of reports from UBSAN in clang 3.8).
  This changes pngvalid to use BE random numbers; this used to produce
    errors but these should not be fixed as a result of the previous changes.

Version 1.6.21rc01 [January 4, 2016]
  In projects/vstudio, combined readme.txt and WARNING into README.txt

Version 1.6.21rc02 [January 7, 2016]
  Relocated assert() in contrib/tools/pngfix.c, bug found by American
    Fuzzy Lop, reported by Brian Carpenter.
  Marked 'limit' UNUSED in transform_range_check().  This only affects
    release builds.

Version 1.6.21 [January 15, 2016]
  Worked around a false-positive Coverity issue in pngvalid.c.
   2015-12-03 16:17:02 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
Update to 1.6.20:

Version 1.6.20beta01 [November 20, 2015]
  Avoid potential pointer overflow/underflow in png_handle_sPLT() and
    png_handle_pCAL() (Bug report by John Regehr).

Version 1.6.20beta02 [November 23, 2015]
  Fixed incorrect implementation of png_set_PLTE() that uses png_ptr
    not info_ptr, that left png_set_PLTE() open to the CVE-2015-8126

Version 1.6.20beta03 [November 24, 2015]
  Backported tests from libpng-1.7.0beta69.

Version 1.6.20rc01 [November 26, 2015]
  Fixed an error in handling of bad zlib CMINFO field in pngfix, found by
    American Fuzzy Lop, reported by Brian Carpenter.  inflate() doesn't
    immediately fault a bad CMINFO field; instead a 'too far back' error
    happens later (at least some times).  pngfix failed to limit CMINFO to
    the allowed values but then assumed that window_bits was in range,
    triggering an assert. The bug is mostly harmless; the PNG file cannot
    be fixed.

Version 1.6.20rc02 [November 29, 2015]
  In libpng 1.6 zlib initialization was changed to use the window size
    in the zlib stream, not a fixed value. This causes some invalid images,
    where CINFO is too large, to display 'correctly' if the rest of the
    data is valid.  This provides a workaround for zlib versions where the
    error arises (ones that support the API change to use the window size
    in the stream).

Version 1.6.20 [December 3, 2015]
  No changes.
   2015-11-12 17:12:19 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
Update png to 1.6.19:

Libpng 1.6.19 - November 12, 2015
Changes since the last public release (1.6.18):
  Updated obsolete information about the simplified API macros in the
    manual pages (Bug report by Arc Riley).
  Avoid potentially dereferencing NULL info_ptr in png_info_init_3().
  Rearranged png.h to put the major sections in the same order as
    in libpng17.
  Suppressed some warnings from the Borland C++ 5.5.1/5.82 compiler
    (Bug report by Viktor Szakats).  Several warnings remain and are
    unavoidable, where we test for overflow.
  Fixed potential leak of png_pixels in contrib/pngminus/pnm2png.c
  Fixed uninitialized variable in contrib/gregbook/rpng2-x.c
  Moved config.h.in~ from the "libpng_autotools_files" list to the
    "libpng_autotools_extra" list in autogen.sh because it was causing a
    false positive for missing files (bug report by Robert C. Seacord).
  Removed unreachable "break" statements in png.c, pngread.c, and \ 
    to suppress clang warnings (Bug report by Viktor Szakats).
  Fixed some bad links in the man page.
  Changed "n bit" to "n-bit" in comments.
  Added signed/unsigned 16-bit safety net. This removes the dubious
    0x8000 flag definitions on 16-bit systems. They aren't supported
    yet the defs *probably* work, however it seems much safer to do this
    and be advised if anyone, contrary to advice, is building libpng 1.6
    on a 16-bit system. It also adds back various switch default clauses
    for GCC; GCC errors out if they are not present (with an appropriately
    high level of warnings).
  Safely convert num_bytes to a png_byte in png_set_sig_bytes() (Robert
  Fixed the recently reported 1's complement security issue by replacing
    the value that is illegal in the PNG spec, in both signed and unsigned
    values, with 0. Illegal unsigned values (anything greater than or equal
    to  0x80000000) can still pass through, but since these are not illegal
    in ANSI-C (unlike 0x80000000 in the signed case) the checking that
    occurs later can catch them (John Bowler).
  Fixed png_save_int_32 when int is not 2's complement (John Bowler).
  Updated libpng16 with all the recent test changes from libpng17,
    including changes to pngvalid.c to ensure that the original,
    distributed, version of contrib/visupng/cexcept.h can be used
    (John Bowler).
  pngvalid contains the correction to the use of SAVE/STORE_
    UNKNOWN_CHUNKS; a bug revealed by changes in libpng 1.7. More
    tests contain the --strict option to detect warnings and the
    pngvalid-standard test has been corrected so that it does not
    turn on progressive-read. There is a separate test which does
    that. (John Bowler)
  Also made some signed/unsigned fixes.
  Make pngstest error limits version specific. Splitting the machine
    generated error structs out to a file allows the values to be updated
    without changing pngstest.c itself. Since libpng 1.6 and 1.7 have
    slightly different error limits this simplifies maintenance. The
    makepngs.sh script has also been updated to more accurately reflect
    current problems in libpng 1.7 (John Bowler).
  Incorporated new test PNG files into make check.  tests/pngstest-*
    are changed so that the new test files are divided into 8 groups by
    gamma and alpha channel.  These tests have considerably better code
    and pixel-value coverage than contrib/pngsuite; however,coverage is
    still incomplete (John Bowler).
  Removed the '--strict' in 1.6 because of the double-gamma-correction
    warning, updated pngstest-errors.h for the errors detected with the
    new contrib/testspngs PNG test files (John Bowler).
  Worked around rgb-to-gray issues in libpng 1.6.  The previous
    attempts to ignore the errors in the code aren't quite enough to
    deal with the 'channel selection' encoding added to libpng 1.7; abort.
  Fixed 'pow' macros in pngvalid.c. It is legal for 'pow' to be a
    macro, therefore the argument list cannot contain preprocessing
    directives.  Make sure pow is a function where this happens. This is
    a minimal safe fix, the issue only arises in non-performance-critical
    code (bug report by Curtis Leach, fix by John Bowler).
  Added sPLT support to pngtest.c
  Prevent setting or writing over-length PLTE chunk (Cosmin Truta).
  Silently truncate over-length PLTE chunk while reading.
  Libpng incorrectly calculated the output rowbytes when the application
    decreased either the number of channels or the bit depth (or both) in
    a user transform.  This was safe; libpng overallocated buffer space
   (potentially by quite a lot; up to 4 times the amount required) but,
   from 1.5.4 on, resulted in a png_error (John Bowler).
  Fixed some inconsequential cut-and-paste typos in
  Clarified COPYRIGHT information to state explicitly that versions
    are derived from previous versions.
  Removed much of the long list of previous versions from png.h and
   2015-11-03 22:34:36 by Alistair G. Crooks | Files touched by this commit (610)
Log message:
Add SHA512 digests for distfiles for graphics category

Problems found with existing digests:
	Package fotoxx distfile fotoxx-14.03.1.tar.gz
	ac2033f87de2c23941261f7c50160cddf872c110 [recorded]
	118e98a8cc0414676b3c4d37b8df407c28a1407c [calculated]
	Package ploticus-examples distfile ploticus-2.00/plnode200.tar.gz
	34274a03d0c41fae5690633663e3d4114b9d7a6d [recorded]
	da39a3ee5e6b4b0d3255bfef95601890afd80709 [calculated]

Problems found locating distfiles:
	Package AfterShotPro: missing distfile AfterShotPro-
	Package pgraf: missing distfile pgraf-20010131.tar.gz
	Package qvplay: missing distfile qvplay-0.95.tar.gz

Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden).  All existing
SHA1 digests retained for now as an audit trail.
   2015-07-27 00:46:53 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
Update to 1.6.18:

Version 1.6.18beta01 [April 1, 2015]
    have been combined with PNG_SET_USER_LIMITS_SUPPORTED (resolves
    bug report by Andrew Church).
  Fixed rgb_to_gray checks and added tRNS checks to pngvalid.c.  This
    fixes some arithmetic errors that caused some tests to fail on
    some 32-bit platforms (Bug reports by Peter Breitenlohner [i686]
    and Petr Gajdos [i586]).

Version 1.6.18beta02 [April 26, 2015]
  Suppressed some warnings from the Borland C++ 5.5.1/5.82 compiler
    (Bug report by Viktor Szaka'ts).

Version 1.6.18beta03 [May 6, 2015]
  Replaced "unexpected" with an integer (0xabadca11) in pngset.c
    where a long was expected, to avoid a compiler warning when PNG_DEBUG > 1.
  Added contrib/examples/simpleover.c, to demonstrate how to handle
    alpha compositing of multiple images, using the "simplified API"
    and an example PNG generation tool, contrib/examples/genpng.c
    (John Bowler).

Version 1.6.18beta04 [May 20, 2015]
  PNG_RELEASE_BUILD replaces tests where the code depended on the build base
    type and can be defined on the command line, allowing testing in beta
    builds (John Bowler).
  Avoid Coverity issue 80858 (REVERSE NULL) in pngtest.c PNG_DEBUG builds.
  Avoid a harmless potential integer overflow in png_XYZ_from_xy() (Bug
    report from Christopher Ferris).

Version 1.6.18beta05 [May 31, 2015]
  Backport filter selection code from libpng-1.7.0beta51, to combine
    sub_row, up_row, avg_row, and paeth_row into try_row and tst_row.
  Changed png_voidcast(), etc., to voidcast(), etc., in contrib/tools/pngfix.c
    to avoid confusion with the libpng private macros.
  Fixed old cut&paste bug in the weighted filter selection code in
    pngwutil.c, introduced in libpng-0.95, March 1997.

Version 1.6.18beta06 [June 1, 2015]
  Removed WRITE_WEIGHTED_FILTERED code, to save a few kbytes of the
    compiled library size. It never worked properly and as far as we can
    tell, no one uses it. The png_set_filter_heuristics() and
    png_set_filter_heuristics_fixed() APIs are retained but deprecated
    and do nothing.

Version 1.6.18beta07 [June 6, 2015]
  Removed non-working progressive reader 'skip' function. This
    function has apparently never been used. It was implemented
    to support back-door modification of png_struct in libpng-1.4.x
    but (because it does nothing and cannot do anything) was apparently
    never tested (John Bowler).
  Fixed cexcept.h in which GCC 5 now reports that one of the auto
    variables in the Try macro needs to be volatile to prevent value
    being lost over the setjmp (John Bowler).
  Fixed NO_WRITE_FILTER and -Wconversion build breaks (John Bowler).
  Fix g++ build breaks (John Bowler).
  Quieted some Coverity issues in pngfix.c, png-fix-itxt.c, pngvalid.c,
    pngstest.c, and pngimage.c. Most seem harmless, but png-fix-itxt
    would only work with iTXt chunks with length 255 or less.
  Added #ifdef's to contrib/examples programs so people don't try
    to compile them without the minimum required support enabled
    (suggested by Flavio Medeiros).

Version 1.6.18beta08 [June 30, 2015]
  Eliminated the final two Coverity defects (insecure temporary file
    handling in contrib/libtests/pngstest.c; possible overflow of
    unsigned char in contrib/tools/png-fix-itxt.c). To use the "secure"
    file handling, define PNG_USE_MKSTEMP, otherwise "tmpfile()" will
    be used.
  Removed some unused WEIGHTED_FILTER macros from png.h and pngstruct.h

Version 1.6.18beta09 [July 5, 2015]
  Removed some useless typecasts from contrib/tools/png-fix-itxt.c
  Fixed a new signed-unsigned comparison in pngrtran.c (Max Stepin).
  Replaced arbitrary use of 'extern' with #define PNG_LINKAGE_*.  To
    preserve API compatibility, the new defines all default to "extern"
    (requested by Jan Nijtmans).

Version 1.6.18rc01 [July 9, 2015]
  Belatedly added Mans Rullgard and James Yu to the list of Contributing

Version 1.6.18rc02 [July 12, 2015]
  Restored unused FILTER_HEURISTIC macros removed at libpng-1.6.18beta08
    to png.h to avoid compatibility warnings.

Version 1.6.18rc03 [July 15, 2015]
  Minor changes to the man page

Version 1.6.18 [July 23, 2015]
  No changes.
   2015-04-03 00:35:54 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
Update to 1.6.17:

Version 1.6.17beta01 [January 29, 2015]
  Removed duplicate PNG_SAFE_LIMITS_SUPPORTED handling from pngconf.h
  Corrected the width limit calculation in png_check_IHDR().
  Removed user limits from pngfix. Also pass NULL pointers to
    png_read_row to skip the unnecessary row de-interlace stuff.
  Added testing of png_set_packing() to pngvalid.c
  Regenerated configure scripts in the *.tar distributions with libtool-2.4.4
  Implement previously untested cases of libpng transforms in pngvalid.c
  Fixed byte order in 2-byte filler, in png_do_read_filler().
  Made the check for out-of-range values in png_set_tRNS() detect
    values that are exactly 2^bit_depth, and work on 16-bit platforms.
  Merged some parts of libpng-1.6.17beta01 and libpng-1.7.0beta47.
  Added #ifndef __COVERITY__ where needed in png.c, pngrutil.c and
    pngset.c to avoid warnings about dead code.
  Added "& 0xff" to many instances of expressions that are typecast
    to (png_byte), to avoid Coverity gripes.

Version 1.6.17beta02 [February 7, 2015]
  Work around one more Coverity-scan dead-code warning.
  Do not build png_product2() when it is unused.

Version 1.6.17beta03 [February 17, 2015]
  Display user limits in the output from pngtest.
  Eliminated the PNG_SAFE_LIMITS macro and restored the 1-million-column
    and 1-million-row default limits in pnglibconf.dfa, that can be reset
    by the user at build time or run time.  This provides a more robust
    defense against DOS and as-yet undiscovered overflows.

Version 1.6.17beta04 [February 21, 2015]
  Allow user to call png_get_IHDR() with NULL arguments (Reuben Hawkins).
  Rebuilt configure scripts with automake-1.15 and libtool-2.4.6

Version 1.6.17beta05 [February 25, 2015]
  Restored compiling of png_reciprocal2 with PNG_NO_16BIT.

Version 1.6.17beta06 [February 27, 2015]
  Moved png_set_filter() prototype into a PNG_WRITE_SUPPORTED block
    of png.h.
  Avoid runtime checks when converting integer to png_byte with
    Visual Studio (Sergey Kosarevsky)

Version 1.6.17rc01 [March 4, 2015]
  No changes.

Version 1.6.17rc02 [March 9, 2015]
  Removed some comments that the configure script did not handle
    properly from scripts/pnglibconf.dfa and pnglibconf.h.prebuilt.
  Free the unknown_chunks structure even when it contains no data.

Version 1.6.17rc03 [March 12, 2015]
  Updated CMakeLists.txt to add OSX framework, change YES/NO to ON/OFF
    for consistency, and remove some useless tests (Alexey Petruchik).

Version 1.6.17rc04 [March 16, 2015]
  Remove pnglibconf.h, pnglibconf.c, and pnglibconf.out instead of
    pnglibconf.* in "make clean" (Cosmin).
  Fix bug in calculation of maxbits, in png_write_sBIT, introduced
    in libpng-1.6.17beta01 (John Bowler).

Version 1.6.17rc05 [March 21, 2015]
  Define PNG_FILTER_* and PNG_FILTER_VALUE_* in png.h even when WRITE
    is not supported (John Bowler).  This fixes an error introduced in
  Reverted "& 0xff" additions of version 1.6.17beta01. Libpng passes
    the Coverity scan without them.

Version 1.6.17rc06 [March 23, 2015]
  Remove pnglibconf.dfn and pnglibconf.pre with "make clean".
  Reformatted some "&0xff" instances to "& 0xff".
  Fixed simplified 8-bit-linear to sRGB alpha. The calculated alpha
    value was wrong.  It's not clear if this affected the final stored
    value; in the obvious code path the upper and lower 8-bits of the
    alpha value were identical and the alpha was truncated to 8-bits
    rather than dividing by 257 (John Bowler).

Version 1.6.17 [March 26, 2015]
  No changes.