./graphics/png, Library for manipulating PNG images

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 1.6.26, Package name: png-1.6.26, Maintainer: wiz

Libpng was written as a companion to the PNG specification, as a
way to reduce the amount of time and effort it takes to support
the PNG file format in application programs. Most users will not
have to modify the library significantly; advanced users may want
to modify it more. The library was coded for both users. All
attempts were made to make it as complete as possible, while
keeping the code easy to understand. Currently, this library
only supports C. Support for other languages is being considered.

Master sites: (Expand)

SHA1: 7a50569b26d57db9810409a59f1b87f8a8e387a3
RMD160: 9139502d8d4d00d6637b5a363ba97040f5153dc9
Filesize: 960.523 KB

Version history: (Expand)

CVS history: (Expand)

   2016-10-20 13:36:36 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
Updated png to 1.6.26.

Version 1.6.26beta01 [September 26, 2016]
  Fixed handling zero length IDAT in pngfix (bug report by Agostino Sarubbo,
    bugfix by John Bowler).
  Do not issue a png_error() on read in png_set_pCAL() because png_handle_pCAL
    has allocated memory that libpng needs to free.
  Conditionally compile png_set_benign_errors() in pngread.c and pngtest.c
  Issue a png_benign_error instead of a png_error on ADLER32 mismatch
    while decoding compressed data chunks.
  Changed PNG_ZLIB_VERNUM to ZLIB_VERNUM in pngpriv.h, pngstruct.h, and
  If CRC handling of critical chunks has been set to PNG_CRC_QUIET_USE,
    ignore the ADLER32 checksum in the IDAT chunk as well as the chunk CRCs.
  Issue png_benign_error() on ADLER32 checksum mismatch instead of png_error().
  Add tests/badcrc.png and tests/badadler.png to tests/pngtest.
  Merged pngtest.c with libpng-1.7.0beta84/pngtest.c

Version 1.6.26beta02 [October 1, 2016]
  Updated the documentation about CRC and ADLER32 handling.
  Quieted 117 warnings from clang-3.8 in pngtrans.c, pngread.c,
     pngwrite.c, pngunknown.c, and pngvalid.c.
  Quieted 58 (out of 144) -Wconversion compiler warnings by changing
    flag definitions in pngpriv.h from 0xnnnn to 0xnnnnU and trivial changes
    in png.c, pngread.c, and pngwutil.c.

Version 1.6.26beta03 [October 2, 2016]
  Removed contrib/libtests/*.orig and *.rej that slipped into the tarballs.
  Quieted the 86 remaining -Wconversion compiler warnings by
    revising the png_isaligned() macro and trivial changes in png.c,
    pngerror.c, pngget.c, pngmem.c, pngset.c, pngrtran.c, pngrutil.c,
    pngwtran.c, pngwrite.c, and pngwutil.c.

Version 1.6.26beta04 [October 3, 2016]
  Quieted (bogus?) clang warnings about "absolute value has no effect"
    when PNG_USE_ABS is defined.
  Fixed offsets in contrib/intel/intel_sse.patch

Version 1.6.26beta05 [October 6, 2016]
  Changed integer constant 4294967294 to unsigned 4294967294U in pngconf.h
    to avoid a signed/unsigned compare in the preprocessor.

Version 1.6.26beta06 [October 7, 2016]
  Use zlib- inflateValidate() instead of inflateReset2() to
    optionally avoid ADLER32 evaluation.

Version 1.6.26rc01 [October 12, 2016]
  No changes.

Version 1.6.26 [October 20, 2016]
  Cosmetic change, "ptr != 0" to "ptr != NULL" in png.c and \ 
  Despammed email addresses (replaced "@" with " at ").
   2016-09-01 06:14:23 by Thomas Klausner | Files touched by this commit (3) | Package updated
Log message:
Updated png to 1.6.25.

Changes since the last public release (1.6.24):
  Reject oversized iCCP profile immediately.
  Cleaned up PNG_DEBUG compile of pngtest.c.
  Conditionally compile png_inflate().
  Don't install pngcp; it conflicts with pngcp in the pngtools package.
  Minor editing of INSTALL, (whitespace, added copyright line)
  Added MIPS support (Mandar Sahastrabuddhe \ 
  Rebased contrib/intel/intel_sse.patch after the MIPS implementation.
   2016-08-04 08:05:08 by Thomas Klausner | Files touched by this commit (3) | Package updated
Log message:
Updated png to 1.6.24.

Version 1.6.24beta01 [June 11, 2016]
  Avoid potential overflow of the PNG_IMAGE_SIZE macro.  This macro
    is not used within libpng, but is used in some of the examples.

Version 1.6.24beta02 [June 23, 2016]
  Correct filter heuristic overflow handling. This was broken when the
    write filter code was moved out-of-line; if there is a single filter and
    the heuristic sum overflows the calculation of the filtered line is not
    completed.  In versions prior to 1.6 the code was duplicated in-line
    and the check not performed, so the filter operation completed; however,
    in the multi-filter case where the sum is performed the 'none' filter would
    be selected if all the sums overflowed, even if it wasn't in the filter
    list.  The fix to the first problem is simply to provide PNG_SIZE_MAX as
    the current lmins sum value; this means the sum can never exceed it and
    overflows silently.  A reasonable compiler that does choose to inline
    the code will simply eliminate the sum check.
  The fix to the second problem is to use high precision arithmetic (this is
    implemented in 1.7), however a simple safe fix here is to chose the lowest
    numbered filter in the list from png_set_filter (this only works if the
    first problem is also fixed) (John Bowler).
  Use a more efficient absolute value calculation on SSE2 (Matthieu Darbois).
  Fixed the case where PNG_IMAGE_BUFFER_SIZE can overflow in the application
    as a result of the application using an increased 'row_stride'; previously
    png_image_finish_read only checked for overflow on the base calculation of
    components.  (I.e. it checked for overflow of a 32-bit number on the total
    number of pixel components in the output format, not the possibly padded row
    length and not the number of bytes, which for linear formats is twice the
    number of components.)
  MSVC does not like '-(unsigned)', so replaced it with 0U-(unsigned)
  MSVC does not like (uInt) = -(unsigned) (i.e. as an initializer), unless
    the conversion is explicitly invoked by a cast.
  Put the SKIP definition in the correct place. It needs to come after the
    png.h include (see all the other .c files in contrib/libtests) because it
    depends on PNG_LIBPNG_VER.
  Removed the three compile warning options from the individual project
    files into the zlib.props globals.  It increases the warning level from 4
    to All and adds a list of the warnings that need to be turned off.  This is
    semi-documentary; the intent is to tell libpng users which warnings have
    been examined and judged non-fixable at present.  The warning about
    structure padding is fixable, but it would be a signficant change (moving
    structure members around).

Version 1.6.24beta03 [July 4, 2016]
  Optimized absolute value calculation in filter selection, similar to
    code in the PAETH decoder in pngrutil.c. Build with PNG_USE_ABS to
    use this.
  Added pngcp to the build together with a pngcp.dfa configuration test.
  Added high resolution timing to pngcp.
  Added "Common linking failures" section to INSTALL.
  Relocated misplaced #endif in png.c sRGB profile checking.
  Fixed two Coverity issues in pngcp.c.

Version 1.6.24beta04 [July 8, 2016]
  Avoid filter-selection heuristic sum calculations in cases where only one
    filter is a candidate for selection. This trades off code size (added
    private png_setup_*_row_only() functions) for speed.

Version 1.6.24beta05 [July 13, 2016]
  Fixed some indentation to comply with our coding style.
  Added contrib/tools/reindent.

Version 1.6.24beta06 [July 18, 2016]
  Fixed more indentation to comply with our coding style.
  Eliminated unnecessary tests of boolean png_isaligned() vs 0.

Version 1.6.24rc01 [July 25, 2016]
  No changes.

Version 1.6.24rc02 [August 1, 2016]
  Conditionally compile SSE2 headers in contrib/intel/intel_sse.patch
  Conditionally compile png_decompress_chunk().

Version 1.6.24rc03 [August 2, 2016]
  Conditionally compile ARM_NEON headers in pngpriv.h
  Updated contrib/intel/intel_sse.patch

Version 1.6.24[August 4, 2016]
  No changes.
   2016-06-10 17:23:47 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
Updated png to 1.6.23.

Version 1.6.23beta01 [May 29, 2016]
  Stop a potential memory leak in png_set_tRNS() (Bug report by Ted Ying).
  Fixed the progressive reader to handle empty first IDAT chunk properly
    (patch by Timothy Nikkel).  This bug was introduced in libpng-1.6.0 and
    only affected the libpng16 branch.
  Added tests in pngvalid.c to check zero-length IDAT chunks in various
    positions.  Fixed the sequential reader to handle these more robustly
    (John Bowler).

Version 1.6.23rc01 [June 2, 2016]
  Corrected progressive read input buffer in pngvalid.c. The previous version
    the code invariably passed just one byte at a time to libpng.  The intent
    was to pass a random number of bytes in the range 0..511.
  Moved sse2 prototype from pngpriv.h to contrib/intel/intel_sse.patch.
  Added missing ")" in pngerror.c (Matt Sarrett).

Version 1.6.23rc02 [June 4, 2016]
  Fixed undefined behavior in png_push_save_buffer(). Do not call
    memcpy() with a null source, even if count is zero (Leon Scroggins III).

Version 1.6.23 [June 9, 2016]
  Fixed bad link to RFC2083 in png.5 (Nikola Forro).
   2016-05-26 15:32:00 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
Updated png to 1.6.22.

Version 1.6.22beta01 [January 23, 2016]
  Changed PNG_USE_MKSTEMP to __COVERITY__ to select alternate
    "tmpfile()" implementation in contrib/libtests/pngstest.c
  Fixed NO_STDIO build of pngunknown.c to skip calling png_init_io()
    if there is no stdio.h support.
  Added a png_image_write_to_memory() API and a number of assist macros
    to allow an application that uses the simplified API write to bypass
    stdio and write directly to memory.
  Added some warnings (png.h) and some check code to detect *possible*
    overflow in the ROW_STRIDE and simplified image SIZE macros.  This
    disallows image width/height/format that *might* overflow.  This is
    a quiet API change that limits in-memory image size (uncompressed) to
    less than 4GByte and image row size (stride) to less than 2GByte.
  Revised workaround for false-positive Coverity issue in pngvalid.c.

Version 1.6.22beta02 [February 8, 2016]
  Only use exit(77) in configure builds.
  Corrected error in PNG_IMAGE_PNG_SIZE_MAX. This new macro underreported
    the palette size because it failed to take into account that the memory
    palette has to be expanded to full RGB when it is written to PNG.
  Updated CMakeLists.txt, added supporting scripts/gen*.cmake.in
    and test.cmake.in (Roger Leigh).
  Relaxed limit checks on gamma values in pngrtran.c. As suggested in
    the comments gamma values outside the range currently permitted
    by png_set_alpha_mode are useful for HDR data encoding.  These values
    are already permitted by png_set_gamma so it is reasonable caution to
    extend the png_set_alpha_mode range as HDR imaging systems are starting
    to emerge.

Version 1.6.22beta03 [March 9, 2016]
  Added a common-law trademark notice and export control information
    to the LICENSE file, png.h, and the man page.
  Restored "& 0xff" in png_save_uint_16() and png_save_uint_32() that
    were accidentally removed from libpng-1.6.17.
  Changed PNG_INFO_cHNK and PNG_FREE_cHNK from 0xnnnn to 0xnnnnU in png.h
    (Robert C. Seacord).
  Removed dubious "#if INT_MAX" test from png.h that was added to
    libpng-1.6.19beta02 (John Bowler).
  Add ${INCLUDES} in scripts/genout.cmake.in (Bug report by Nixon Kwok).
  Updated LICENSE to say files in the contrib directory are not
    necessarily under the libpng license, and that some makefiles have
    other copyright owners.
  Added INTEL-SSE2 support (Mike Klein and Matt Sarett, Google, Inc.).
  Made contrib/libtests/timepng more robust.  The code no longer gives
    up/fails on invalid PNG data, it just skips it (with error messages).
    The code no longer fails on PNG files with data beyond IEND.  Options
    exist to use png_read_png (reading the whole image, not by row) and, in
    that case, to apply any of the supported transforms.  This makes for
    more realistic testing; the decoded data actually gets used in a
    meaningful fashion (John Bowler).
  Fixed some misleading indentation (Krishnaraj Bhat).

Version 1.6.22beta04 [April 5, 2016]
  Force GCC compilation to C89 if needed (Dagobert Michelsen).
  SSE filter speed improvements for bpp=3:
    memcpy-free implementations of load3() / store3().
    call load3() only when needed at the end of a scanline.

Version 1.6.22beta05 [April 27, 2016]
  Added PNG_FAST_FILTERS macro (defined as
  Various fixes for contrib/libtests/timepng.c
  Moved INTEL-SSE code from pngpriv.h into contrib/intel/intel_sse.patch.
  Fixed typo (missing underscore) in #define PNG_READ_16_TO_8_SUPPORTED
    (Bug report by Y.Ohashik).

Version 1.6.22beta06 [May 5, 2016]
  Rebased contrib/intel_sse.patch.
  Quieted two Coverity issues in contrib/libtests/timepng.c.
  Fixed issues with scripts/genout.cmake.in (David Capello, Nixon Kwok):
    Added support to use multiple directories in ZLIBINCDIR variable,
    Fixed CMAKE_C_FLAGS with multiple values when genout is compiled on MSVC,
    Fixed pnglibconf.c compilation on OS X including the sysroot path.

Version 1.6.22rc01 [May 14, 2016]
  No changes.

Version 1.6.22rc02 [May 16, 2016]
  Removed contrib/timepng from default build; it does not build on platforms
    that don't supply clock_gettime().

Version 1.6.22rc03 [May 17, 2016]
  Restored contrib/timepng to default build but check for the presence
    of clock_gettime() in configure.ac and Makefile.am.

Version 1.6.22 [May 26, 2016]
  No changes.
   2016-01-16 01:05:15 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
Update png to 1.6.21:

Version 1.6.21beta01 [December 11, 2015]
  Fixed syntax "$(command)" in tests/pngstest that some shells other than
    bash could not parse (Bug report by Nelson Beebe). Use `command` instead.

Version 1.6.21beta02 [December 14, 2015]
  Moved png_check_keyword() from pngwutil.c to pngset.c
  Removed LE/BE dependencies in pngvalid, to 'fix' the current problem
    in the BigEndian tests by not testing it, making the BE code the same
    as the LE version.
  Fixes to pngvalid for various reduced build configurations (eliminate unused
    statics) and a fix for the case in rgb_to_gray when the digitize option
    reduces graylo to 0, producing a large error.

Version 1.6.21beta03 [December 18, 2015]
  Widened the 'limit' check on the internally calculated error limits in
    the 'DIGITIZE' case (the code used prior to 1.7 for rgb_to_gray error
    checks) and changed the check to only operate in non-release builds
    (base build type not RC or RELEASE.)
  Fixed undefined behavior in pngvalid.c, undefined because
    (png_byte) << shift is undefined if it changes the signed bit
    (because png_byte is promoted to int). The libpng exported functions
    png_get_uint_32 and png_get_uint_16 handle this. (Bug reported by
    David Drysdale as a result of reports from UBSAN in clang 3.8).
  This changes pngvalid to use BE random numbers; this used to produce
    errors but these should not be fixed as a result of the previous changes.

Version 1.6.21rc01 [January 4, 2016]
  In projects/vstudio, combined readme.txt and WARNING into README.txt

Version 1.6.21rc02 [January 7, 2016]
  Relocated assert() in contrib/tools/pngfix.c, bug found by American
    Fuzzy Lop, reported by Brian Carpenter.
  Marked 'limit' UNUSED in transform_range_check().  This only affects
    release builds.

Version 1.6.21 [January 15, 2016]
  Worked around a false-positive Coverity issue in pngvalid.c.
   2015-12-03 16:17:02 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
Update to 1.6.20:

Version 1.6.20beta01 [November 20, 2015]
  Avoid potential pointer overflow/underflow in png_handle_sPLT() and
    png_handle_pCAL() (Bug report by John Regehr).

Version 1.6.20beta02 [November 23, 2015]
  Fixed incorrect implementation of png_set_PLTE() that uses png_ptr
    not info_ptr, that left png_set_PLTE() open to the CVE-2015-8126

Version 1.6.20beta03 [November 24, 2015]
  Backported tests from libpng-1.7.0beta69.

Version 1.6.20rc01 [November 26, 2015]
  Fixed an error in handling of bad zlib CMINFO field in pngfix, found by
    American Fuzzy Lop, reported by Brian Carpenter.  inflate() doesn't
    immediately fault a bad CMINFO field; instead a 'too far back' error
    happens later (at least some times).  pngfix failed to limit CMINFO to
    the allowed values but then assumed that window_bits was in range,
    triggering an assert. The bug is mostly harmless; the PNG file cannot
    be fixed.

Version 1.6.20rc02 [November 29, 2015]
  In libpng 1.6 zlib initialization was changed to use the window size
    in the zlib stream, not a fixed value. This causes some invalid images,
    where CINFO is too large, to display 'correctly' if the rest of the
    data is valid.  This provides a workaround for zlib versions where the
    error arises (ones that support the API change to use the window size
    in the stream).

Version 1.6.20 [December 3, 2015]
  No changes.
   2015-11-12 17:12:19 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
Update png to 1.6.19:

Libpng 1.6.19 - November 12, 2015
Changes since the last public release (1.6.18):
  Updated obsolete information about the simplified API macros in the
    manual pages (Bug report by Arc Riley).
  Avoid potentially dereferencing NULL info_ptr in png_info_init_3().
  Rearranged png.h to put the major sections in the same order as
    in libpng17.
  Suppressed some warnings from the Borland C++ 5.5.1/5.82 compiler
    (Bug report by Viktor Szakats).  Several warnings remain and are
    unavoidable, where we test for overflow.
  Fixed potential leak of png_pixels in contrib/pngminus/pnm2png.c
  Fixed uninitialized variable in contrib/gregbook/rpng2-x.c
  Moved config.h.in~ from the "libpng_autotools_files" list to the
    "libpng_autotools_extra" list in autogen.sh because it was causing a
    false positive for missing files (bug report by Robert C. Seacord).
  Removed unreachable "break" statements in png.c, pngread.c, and \ 
    to suppress clang warnings (Bug report by Viktor Szakats).
  Fixed some bad links in the man page.
  Changed "n bit" to "n-bit" in comments.
  Added signed/unsigned 16-bit safety net. This removes the dubious
    0x8000 flag definitions on 16-bit systems. They aren't supported
    yet the defs *probably* work, however it seems much safer to do this
    and be advised if anyone, contrary to advice, is building libpng 1.6
    on a 16-bit system. It also adds back various switch default clauses
    for GCC; GCC errors out if they are not present (with an appropriately
    high level of warnings).
  Safely convert num_bytes to a png_byte in png_set_sig_bytes() (Robert
  Fixed the recently reported 1's complement security issue by replacing
    the value that is illegal in the PNG spec, in both signed and unsigned
    values, with 0. Illegal unsigned values (anything greater than or equal
    to  0x80000000) can still pass through, but since these are not illegal
    in ANSI-C (unlike 0x80000000 in the signed case) the checking that
    occurs later can catch them (John Bowler).
  Fixed png_save_int_32 when int is not 2's complement (John Bowler).
  Updated libpng16 with all the recent test changes from libpng17,
    including changes to pngvalid.c to ensure that the original,
    distributed, version of contrib/visupng/cexcept.h can be used
    (John Bowler).
  pngvalid contains the correction to the use of SAVE/STORE_
    UNKNOWN_CHUNKS; a bug revealed by changes in libpng 1.7. More
    tests contain the --strict option to detect warnings and the
    pngvalid-standard test has been corrected so that it does not
    turn on progressive-read. There is a separate test which does
    that. (John Bowler)
  Also made some signed/unsigned fixes.
  Make pngstest error limits version specific. Splitting the machine
    generated error structs out to a file allows the values to be updated
    without changing pngstest.c itself. Since libpng 1.6 and 1.7 have
    slightly different error limits this simplifies maintenance. The
    makepngs.sh script has also been updated to more accurately reflect
    current problems in libpng 1.7 (John Bowler).
  Incorporated new test PNG files into make check.  tests/pngstest-*
    are changed so that the new test files are divided into 8 groups by
    gamma and alpha channel.  These tests have considerably better code
    and pixel-value coverage than contrib/pngsuite; however,coverage is
    still incomplete (John Bowler).
  Removed the '--strict' in 1.6 because of the double-gamma-correction
    warning, updated pngstest-errors.h for the errors detected with the
    new contrib/testspngs PNG test files (John Bowler).
  Worked around rgb-to-gray issues in libpng 1.6.  The previous
    attempts to ignore the errors in the code aren't quite enough to
    deal with the 'channel selection' encoding added to libpng 1.7; abort.
  Fixed 'pow' macros in pngvalid.c. It is legal for 'pow' to be a
    macro, therefore the argument list cannot contain preprocessing
    directives.  Make sure pow is a function where this happens. This is
    a minimal safe fix, the issue only arises in non-performance-critical
    code (bug report by Curtis Leach, fix by John Bowler).
  Added sPLT support to pngtest.c
  Prevent setting or writing over-length PLTE chunk (Cosmin Truta).
  Silently truncate over-length PLTE chunk while reading.
  Libpng incorrectly calculated the output rowbytes when the application
    decreased either the number of channels or the bit depth (or both) in
    a user transform.  This was safe; libpng overallocated buffer space
   (potentially by quite a lot; up to 4 times the amount required) but,
   from 1.5.4 on, resulted in a png_error (John Bowler).
  Fixed some inconsequential cut-and-paste typos in
  Clarified COPYRIGHT information to state explicitly that versions
    are derived from previous versions.
  Removed much of the long list of previous versions from png.h and