Line | Count | Source |
1 | | /* pngset.c - storage of image information into info struct |
2 | | * |
3 | | * Copyright (c) 2018-2026 Cosmin Truta |
4 | | * Copyright (c) 1998-2018 Glenn Randers-Pehrson |
5 | | * Copyright (c) 1996-1997 Andreas Dilger |
6 | | * Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc. |
7 | | * |
8 | | * This code is released under the libpng license. |
9 | | * For conditions of distribution and use, see the disclaimer |
10 | | * and license in png.h |
11 | | * |
12 | | * The functions here are used during reads to store data from the file |
13 | | * into the info struct, and during writes to store application data |
14 | | * into the info struct for writing into the file. This abstracts the |
15 | | * info struct and allows us to change the structure in the future. |
16 | | */ |
17 | | |
18 | | #include "pngpriv.h" |
19 | | |
20 | | #if defined(PNG_READ_SUPPORTED) || defined(PNG_WRITE_SUPPORTED) |
21 | | |
22 | | #ifdef PNG_bKGD_SUPPORTED |
23 | | void |
24 | | png_set_bKGD(const png_struct *png_ptr, png_info *info_ptr, |
25 | | const png_color_16 *background) |
26 | 7 | { |
27 | 7 | png_debug1(1, "in %s storage function", "bKGD"); |
28 | | |
29 | 7 | if (png_ptr == NULL || info_ptr == NULL || background == NULL) |
30 | 0 | return; |
31 | | |
32 | 7 | info_ptr->background = *background; |
33 | 7 | info_ptr->valid |= PNG_INFO_bKGD; |
34 | 7 | } |
35 | | #endif |
36 | | |
37 | | #ifdef PNG_cHRM_SUPPORTED |
38 | | void |
39 | | png_set_cHRM_fixed(const png_struct *png_ptr, png_info *info_ptr, |
40 | | png_fixed_point white_x, png_fixed_point white_y, png_fixed_point red_x, |
41 | | png_fixed_point red_y, png_fixed_point green_x, png_fixed_point green_y, |
42 | | png_fixed_point blue_x, png_fixed_point blue_y) |
43 | 25 | { |
44 | 25 | png_debug1(1, "in %s storage function", "cHRM fixed"); |
45 | | |
46 | 25 | if (png_ptr == NULL || info_ptr == NULL) |
47 | 0 | return; |
48 | | |
49 | 25 | info_ptr->cHRM.redx = red_x; |
50 | 25 | info_ptr->cHRM.redy = red_y; |
51 | 25 | info_ptr->cHRM.greenx = green_x; |
52 | 25 | info_ptr->cHRM.greeny = green_y; |
53 | 25 | info_ptr->cHRM.bluex = blue_x; |
54 | 25 | info_ptr->cHRM.bluey = blue_y; |
55 | 25 | info_ptr->cHRM.whitex = white_x; |
56 | 25 | info_ptr->cHRM.whitey = white_y; |
57 | | |
58 | 25 | info_ptr->valid |= PNG_INFO_cHRM; |
59 | 25 | } |
60 | | |
61 | | void |
62 | | png_set_cHRM_XYZ_fixed(const png_struct *png_ptr, png_info *info_ptr, |
63 | | png_fixed_point int_red_X, png_fixed_point int_red_Y, |
64 | | png_fixed_point int_red_Z, png_fixed_point int_green_X, |
65 | | png_fixed_point int_green_Y, png_fixed_point int_green_Z, |
66 | | png_fixed_point int_blue_X, png_fixed_point int_blue_Y, |
67 | | png_fixed_point int_blue_Z) |
68 | 0 | { |
69 | 0 | png_XYZ XYZ; |
70 | 0 | png_xy xy; |
71 | |
|
72 | 0 | png_debug1(1, "in %s storage function", "cHRM XYZ fixed"); |
73 | |
|
74 | 0 | if (png_ptr == NULL || info_ptr == NULL) |
75 | 0 | return; |
76 | | |
77 | 0 | XYZ.red_X = int_red_X; |
78 | 0 | XYZ.red_Y = int_red_Y; |
79 | 0 | XYZ.red_Z = int_red_Z; |
80 | 0 | XYZ.green_X = int_green_X; |
81 | 0 | XYZ.green_Y = int_green_Y; |
82 | 0 | XYZ.green_Z = int_green_Z; |
83 | 0 | XYZ.blue_X = int_blue_X; |
84 | 0 | XYZ.blue_Y = int_blue_Y; |
85 | 0 | XYZ.blue_Z = int_blue_Z; |
86 | |
|
87 | 0 | if (png_xy_from_XYZ(&xy, &XYZ) == 0) |
88 | 0 | { |
89 | 0 | info_ptr->cHRM = xy; |
90 | 0 | info_ptr->valid |= PNG_INFO_cHRM; |
91 | 0 | } |
92 | | |
93 | 0 | else |
94 | 0 | png_app_error(png_ptr, "invalid cHRM XYZ"); |
95 | 0 | } |
96 | | |
97 | | # ifdef PNG_FLOATING_POINT_SUPPORTED |
98 | | void |
99 | | png_set_cHRM(const png_struct *png_ptr, png_info *info_ptr, |
100 | | double white_x, double white_y, double red_x, double red_y, |
101 | | double green_x, double green_y, double blue_x, double blue_y) |
102 | 0 | { |
103 | 0 | png_set_cHRM_fixed(png_ptr, info_ptr, |
104 | 0 | png_fixed(png_ptr, white_x, "cHRM White X"), |
105 | 0 | png_fixed(png_ptr, white_y, "cHRM White Y"), |
106 | 0 | png_fixed(png_ptr, red_x, "cHRM Red X"), |
107 | 0 | png_fixed(png_ptr, red_y, "cHRM Red Y"), |
108 | 0 | png_fixed(png_ptr, green_x, "cHRM Green X"), |
109 | 0 | png_fixed(png_ptr, green_y, "cHRM Green Y"), |
110 | 0 | png_fixed(png_ptr, blue_x, "cHRM Blue X"), |
111 | 0 | png_fixed(png_ptr, blue_y, "cHRM Blue Y")); |
112 | 0 | } |
113 | | |
114 | | void |
115 | | png_set_cHRM_XYZ(const png_struct *png_ptr, png_info *info_ptr, double red_X, |
116 | | double red_Y, double red_Z, double green_X, double green_Y, double green_Z, |
117 | | double blue_X, double blue_Y, double blue_Z) |
118 | 0 | { |
119 | 0 | png_set_cHRM_XYZ_fixed(png_ptr, info_ptr, |
120 | 0 | png_fixed(png_ptr, red_X, "cHRM Red X"), |
121 | 0 | png_fixed(png_ptr, red_Y, "cHRM Red Y"), |
122 | 0 | png_fixed(png_ptr, red_Z, "cHRM Red Z"), |
123 | 0 | png_fixed(png_ptr, green_X, "cHRM Green X"), |
124 | 0 | png_fixed(png_ptr, green_Y, "cHRM Green Y"), |
125 | 0 | png_fixed(png_ptr, green_Z, "cHRM Green Z"), |
126 | 0 | png_fixed(png_ptr, blue_X, "cHRM Blue X"), |
127 | 0 | png_fixed(png_ptr, blue_Y, "cHRM Blue Y"), |
128 | 0 | png_fixed(png_ptr, blue_Z, "cHRM Blue Z")); |
129 | 0 | } |
130 | | # endif /* FLOATING_POINT */ |
131 | | |
132 | | #endif /* cHRM */ |
133 | | |
134 | | #ifdef PNG_cICP_SUPPORTED |
135 | | void |
136 | | png_set_cICP(const png_struct *png_ptr, png_info *info_ptr, |
137 | | png_byte colour_primaries, png_byte transfer_function, |
138 | | png_byte matrix_coefficients, png_byte video_full_range_flag) |
139 | 1 | { |
140 | 1 | png_debug1(1, "in %s storage function", "cICP"); |
141 | | |
142 | 1 | if (png_ptr == NULL || info_ptr == NULL) |
143 | 0 | return; |
144 | | |
145 | 1 | info_ptr->cicp_colour_primaries = colour_primaries; |
146 | 1 | info_ptr->cicp_transfer_function = transfer_function; |
147 | 1 | info_ptr->cicp_matrix_coefficients = matrix_coefficients; |
148 | 1 | info_ptr->cicp_video_full_range_flag = video_full_range_flag; |
149 | | |
150 | 1 | if (info_ptr->cicp_matrix_coefficients != 0) |
151 | 1 | { |
152 | 1 | png_warning(png_ptr, "Invalid cICP matrix coefficients"); |
153 | 1 | return; |
154 | 1 | } |
155 | | |
156 | 0 | info_ptr->valid |= PNG_INFO_cICP; |
157 | 0 | } |
158 | | #endif /* cICP */ |
159 | | |
160 | | #ifdef PNG_cLLI_SUPPORTED |
161 | | void |
162 | | png_set_cLLI_fixed(const png_struct *png_ptr, png_info *info_ptr, |
163 | | /* The values below are in cd/m2 (nits) and are scaled by 10,000; not |
164 | | * 100,000 as in the case of png_fixed_point. |
165 | | */ |
166 | | png_uint_32 maxCLL, png_uint_32 maxFALL) |
167 | 1 | { |
168 | 1 | png_debug1(1, "in %s storage function", "cLLI"); |
169 | | |
170 | 1 | if (png_ptr == NULL || info_ptr == NULL) |
171 | 0 | return; |
172 | | |
173 | | /* Check the light level range: */ |
174 | 1 | if (maxCLL > 0x7FFFFFFFU || maxFALL > 0x7FFFFFFFU) |
175 | 0 | { |
176 | | /* The limit is 200kcd/m2; somewhat bright but not inconceivable because |
177 | | * human vision is said to run up to 100Mcd/m2. The sun is about 2Gcd/m2. |
178 | | * |
179 | | * The reference sRGB monitor is 80cd/m2 and the limit of PQ encoding is |
180 | | * 2kcd/m2. |
181 | | */ |
182 | 0 | png_chunk_report(png_ptr, "cLLI light level exceeds PNG limit", |
183 | 0 | PNG_CHUNK_WRITE_ERROR); |
184 | 0 | return; |
185 | 0 | } |
186 | | |
187 | 1 | info_ptr->maxCLL = maxCLL; |
188 | 1 | info_ptr->maxFALL = maxFALL; |
189 | 1 | info_ptr->valid |= PNG_INFO_cLLI; |
190 | 1 | } |
191 | | |
192 | | # ifdef PNG_FLOATING_POINT_SUPPORTED |
193 | | void |
194 | | png_set_cLLI(const png_struct *png_ptr, png_info *info_ptr, |
195 | | double maxCLL, double maxFALL) |
196 | 0 | { |
197 | 0 | png_set_cLLI_fixed(png_ptr, info_ptr, |
198 | 0 | png_fixed_ITU(png_ptr, maxCLL, "png_set_cLLI(maxCLL)"), |
199 | 0 | png_fixed_ITU(png_ptr, maxFALL, "png_set_cLLI(maxFALL)")); |
200 | 0 | } |
201 | | # endif /* FLOATING_POINT */ |
202 | | #endif /* cLLI */ |
203 | | |
204 | | #ifdef PNG_mDCV_SUPPORTED |
205 | | static png_uint_16 |
206 | | png_ITU_fixed_16(int *error, png_fixed_point v) |
207 | 40 | { |
208 | | /* Return a safe uint16_t value scaled according to the ITU H273 rules for |
209 | | * 16-bit display chromaticities. Functions like the corresponding |
210 | | * png_fixed() internal function with regard to errors: it's an error on |
211 | | * write, a chunk_benign_error on read: See the definition of |
212 | | * png_chunk_report in pngpriv.h. |
213 | | */ |
214 | 40 | v /= 2; /* rounds to 0 in C: avoids insignificant arithmetic errors */ |
215 | 40 | if (v > 65535 || v < 0) |
216 | 0 | { |
217 | 0 | *error = 1; |
218 | 0 | return 0; |
219 | 0 | } |
220 | | |
221 | 40 | return (png_uint_16)/*SAFE*/v; |
222 | 40 | } |
223 | | |
224 | | void |
225 | | png_set_mDCV_fixed(const png_struct *png_ptr, png_info *info_ptr, |
226 | | png_fixed_point white_x, png_fixed_point white_y, |
227 | | png_fixed_point red_x, png_fixed_point red_y, |
228 | | png_fixed_point green_x, png_fixed_point green_y, |
229 | | png_fixed_point blue_x, png_fixed_point blue_y, |
230 | | png_uint_32 maxDL, |
231 | | png_uint_32 minDL) |
232 | 5 | { |
233 | 5 | png_uint_16 rx, ry, gx, gy, bx, by, wx, wy; |
234 | 5 | int error; |
235 | | |
236 | 5 | png_debug1(1, "in %s storage function", "mDCV"); |
237 | | |
238 | 5 | if (png_ptr == NULL || info_ptr == NULL) |
239 | 0 | return; |
240 | | |
241 | | /* Check the input values to ensure they are in the expected range: */ |
242 | 5 | error = 0; |
243 | 5 | rx = png_ITU_fixed_16(&error, red_x); |
244 | 5 | ry = png_ITU_fixed_16(&error, red_y); |
245 | 5 | gx = png_ITU_fixed_16(&error, green_x); |
246 | 5 | gy = png_ITU_fixed_16(&error, green_y); |
247 | 5 | bx = png_ITU_fixed_16(&error, blue_x); |
248 | 5 | by = png_ITU_fixed_16(&error, blue_y); |
249 | 5 | wx = png_ITU_fixed_16(&error, white_x); |
250 | 5 | wy = png_ITU_fixed_16(&error, white_y); |
251 | | |
252 | 5 | if (error) |
253 | 0 | { |
254 | 0 | png_chunk_report(png_ptr, |
255 | 0 | "mDCV chromaticities outside representable range", |
256 | 0 | PNG_CHUNK_WRITE_ERROR); |
257 | 0 | return; |
258 | 0 | } |
259 | | |
260 | | /* Check the light level range: */ |
261 | 5 | if (maxDL > 0x7FFFFFFFU || minDL > 0x7FFFFFFFU) |
262 | 2 | { |
263 | | /* The limit is 200kcd/m2; somewhat bright but not inconceivable because |
264 | | * human vision is said to run up to 100Mcd/m2. The sun is about 2Gcd/m2. |
265 | | * |
266 | | * The reference sRGB monitor is 80cd/m2 and the limit of PQ encoding is |
267 | | * 2kcd/m2. |
268 | | */ |
269 | 2 | png_chunk_report(png_ptr, "mDCV display light level exceeds PNG limit", |
270 | 2 | PNG_CHUNK_WRITE_ERROR); |
271 | 2 | return; |
272 | 2 | } |
273 | | |
274 | | /* All values are safe, the settings are accepted. |
275 | | * |
276 | | * IMPLEMENTATION NOTE: in practice the values can be checked and assigned |
277 | | * but the result is confusing if a writing app calls png_set_mDCV more than |
278 | | * once, the second time with an invalid value. This approach is more |
279 | | * obviously correct at the cost of typing and a very slight machine |
280 | | * overhead. |
281 | | */ |
282 | 3 | info_ptr->mastering_red_x = rx; |
283 | 3 | info_ptr->mastering_red_y = ry; |
284 | 3 | info_ptr->mastering_green_x = gx; |
285 | 3 | info_ptr->mastering_green_y = gy; |
286 | 3 | info_ptr->mastering_blue_x = bx; |
287 | 3 | info_ptr->mastering_blue_y = by; |
288 | 3 | info_ptr->mastering_white_x = wx; |
289 | 3 | info_ptr->mastering_white_y = wy; |
290 | 3 | info_ptr->mastering_maxDL = maxDL; |
291 | 3 | info_ptr->mastering_minDL = minDL; |
292 | 3 | info_ptr->valid |= PNG_INFO_mDCV; |
293 | 3 | } |
294 | | |
295 | | # ifdef PNG_FLOATING_POINT_SUPPORTED |
296 | | void |
297 | | png_set_mDCV(const png_struct *png_ptr, png_info *info_ptr, |
298 | | double white_x, double white_y, double red_x, double red_y, double green_x, |
299 | | double green_y, double blue_x, double blue_y, |
300 | | double maxDL, double minDL) |
301 | 0 | { |
302 | 0 | png_set_mDCV_fixed(png_ptr, info_ptr, |
303 | 0 | png_fixed(png_ptr, white_x, "png_set_mDCV(white(x))"), |
304 | 0 | png_fixed(png_ptr, white_y, "png_set_mDCV(white(y))"), |
305 | 0 | png_fixed(png_ptr, red_x, "png_set_mDCV(red(x))"), |
306 | 0 | png_fixed(png_ptr, red_y, "png_set_mDCV(red(y))"), |
307 | 0 | png_fixed(png_ptr, green_x, "png_set_mDCV(green(x))"), |
308 | 0 | png_fixed(png_ptr, green_y, "png_set_mDCV(green(y))"), |
309 | 0 | png_fixed(png_ptr, blue_x, "png_set_mDCV(blue(x))"), |
310 | 0 | png_fixed(png_ptr, blue_y, "png_set_mDCV(blue(y))"), |
311 | 0 | png_fixed_ITU(png_ptr, maxDL, "png_set_mDCV(maxDL)"), |
312 | 0 | png_fixed_ITU(png_ptr, minDL, "png_set_mDCV(minDL)")); |
313 | 0 | } |
314 | | # endif /* FLOATING_POINT */ |
315 | | #endif /* mDCV */ |
316 | | |
317 | | #ifdef PNG_eXIf_SUPPORTED |
318 | | void |
319 | | png_set_eXIf_1(const png_struct *png_ptr, png_info *info_ptr, |
320 | | png_uint_32 num_exif, png_byte *exif) |
321 | 0 | { |
322 | 0 | png_byte *new_exif; |
323 | |
|
324 | 0 | png_debug1(1, "in %s storage function", "eXIf"); |
325 | |
|
326 | 0 | if (png_ptr == NULL || info_ptr == NULL || |
327 | 0 | (png_ptr->mode & PNG_WROTE_eXIf) != 0 || |
328 | 0 | exif == NULL) |
329 | 0 | return; |
330 | | |
331 | 0 | new_exif = png_voidcast(png_byte *, png_malloc_warn(png_ptr, num_exif)); |
332 | |
|
333 | 0 | if (new_exif == NULL) |
334 | 0 | { |
335 | 0 | png_warning(png_ptr, "Insufficient memory for eXIf chunk data"); |
336 | 0 | return; |
337 | 0 | } |
338 | | |
339 | 0 | memcpy(new_exif, exif, (size_t)num_exif); |
340 | |
|
341 | 0 | png_free_data(png_ptr, info_ptr, PNG_FREE_EXIF, 0); |
342 | |
|
343 | 0 | info_ptr->num_exif = num_exif; |
344 | 0 | info_ptr->exif = new_exif; |
345 | 0 | info_ptr->free_me |= PNG_FREE_EXIF; |
346 | 0 | info_ptr->valid |= PNG_INFO_eXIf; |
347 | 0 | } |
348 | | #endif /* eXIf */ |
349 | | |
350 | | #ifdef PNG_gAMA_SUPPORTED |
351 | | void |
352 | | png_set_gAMA_fixed(const png_struct *png_ptr, png_info *info_ptr, |
353 | | png_fixed_point file_gamma) |
354 | 86 | { |
355 | 86 | png_debug1(1, "in %s storage function", "gAMA"); |
356 | | |
357 | 86 | if (png_ptr == NULL || info_ptr == NULL) |
358 | 0 | return; |
359 | | |
360 | 86 | info_ptr->gamma = file_gamma; |
361 | 86 | info_ptr->valid |= PNG_INFO_gAMA; |
362 | 86 | } |
363 | | |
364 | | # ifdef PNG_FLOATING_POINT_SUPPORTED |
365 | | void |
366 | | png_set_gAMA(const png_struct *png_ptr, png_info *info_ptr, double file_gamma) |
367 | 0 | { |
368 | 0 | png_set_gAMA_fixed(png_ptr, info_ptr, png_fixed(png_ptr, file_gamma, |
369 | 0 | "png_set_gAMA")); |
370 | 0 | } |
371 | | # endif |
372 | | #endif |
373 | | |
374 | | #ifdef PNG_hIST_SUPPORTED |
375 | | void |
376 | | png_set_hIST(const png_struct *png_ptr, png_info *info_ptr, |
377 | | const png_uint_16 *hist) |
378 | 6 | { |
379 | 6 | int i; |
380 | | |
381 | 6 | png_debug1(1, "in %s storage function", "hIST"); |
382 | | |
383 | 6 | if (png_ptr == NULL || info_ptr == NULL || hist == NULL) |
384 | 0 | return; |
385 | | |
386 | 6 | if (info_ptr->num_palette == 0 || info_ptr->num_palette |
387 | 0 | > PNG_MAX_PALETTE_LENGTH) |
388 | 6 | { |
389 | 6 | png_warning(png_ptr, |
390 | 6 | "Invalid palette size, hIST allocation skipped"); |
391 | | |
392 | 6 | return; |
393 | 6 | } |
394 | | |
395 | 0 | png_free_data(png_ptr, info_ptr, PNG_FREE_HIST, 0); |
396 | | |
397 | | /* Changed from info->num_palette to PNG_MAX_PALETTE_LENGTH in |
398 | | * version 1.2.1 |
399 | | */ |
400 | 0 | info_ptr->hist = png_voidcast(png_uint_16 *, png_malloc_warn(png_ptr, |
401 | 0 | PNG_MAX_PALETTE_LENGTH * (sizeof (png_uint_16)))); |
402 | |
|
403 | 0 | if (info_ptr->hist == NULL) |
404 | 0 | { |
405 | 0 | png_warning(png_ptr, "Insufficient memory for hIST chunk data"); |
406 | 0 | return; |
407 | 0 | } |
408 | | |
409 | 0 | for (i = 0; i < info_ptr->num_palette; i++) |
410 | 0 | info_ptr->hist[i] = hist[i]; |
411 | |
|
412 | 0 | info_ptr->free_me |= PNG_FREE_HIST; |
413 | 0 | info_ptr->valid |= PNG_INFO_hIST; |
414 | 0 | } |
415 | | #endif |
416 | | |
417 | | void |
418 | | png_set_IHDR(const png_struct *png_ptr, png_info *info_ptr, |
419 | | png_uint_32 width, png_uint_32 height, int bit_depth, |
420 | | int color_type, int interlace_type, int compression_type, |
421 | | int filter_type) |
422 | 76.1k | { |
423 | 76.1k | png_debug1(1, "in %s storage function", "IHDR"); |
424 | | |
425 | 76.1k | if (png_ptr == NULL || info_ptr == NULL) |
426 | 0 | return; |
427 | | |
428 | 76.1k | info_ptr->width = width; |
429 | 76.1k | info_ptr->height = height; |
430 | 76.1k | info_ptr->bit_depth = (png_byte)bit_depth; |
431 | 76.1k | info_ptr->color_type = (png_byte)color_type; |
432 | 76.1k | info_ptr->compression_type = (png_byte)compression_type; |
433 | 76.1k | info_ptr->filter_type = (png_byte)filter_type; |
434 | 76.1k | info_ptr->interlace_type = (png_byte)interlace_type; |
435 | | |
436 | 76.1k | png_check_IHDR (png_ptr, info_ptr->width, info_ptr->height, |
437 | 76.1k | info_ptr->bit_depth, info_ptr->color_type, info_ptr->interlace_type, |
438 | 76.1k | info_ptr->compression_type, info_ptr->filter_type); |
439 | | |
440 | 76.1k | if (info_ptr->color_type == PNG_COLOR_TYPE_PALETTE) |
441 | 578 | info_ptr->channels = 1; |
442 | | |
443 | 75.5k | else if ((info_ptr->color_type & PNG_COLOR_MASK_COLOR) != 0) |
444 | 1.20k | info_ptr->channels = 3; |
445 | | |
446 | 74.3k | else |
447 | 74.3k | info_ptr->channels = 1; |
448 | | |
449 | 76.1k | if ((info_ptr->color_type & PNG_COLOR_MASK_ALPHA) != 0) |
450 | 226 | info_ptr->channels++; |
451 | | |
452 | 76.1k | info_ptr->pixel_depth = (png_byte)(info_ptr->channels * info_ptr->bit_depth); |
453 | | |
454 | 76.1k | info_ptr->rowbytes = PNG_ROWBYTES(info_ptr->pixel_depth, width); |
455 | | |
456 | 76.1k | #ifdef PNG_APNG_SUPPORTED |
457 | | /* Assume a non-animated PNG in the beginning. This may be overridden after |
458 | | * seeing an acTL chunk later. |
459 | | */ |
460 | 76.1k | info_ptr->num_frames = 1; |
461 | 76.1k | #endif |
462 | 76.1k | } |
463 | | |
464 | | #ifdef PNG_oFFs_SUPPORTED |
465 | | void |
466 | | png_set_oFFs(const png_struct *png_ptr, png_info *info_ptr, |
467 | | png_int_32 offset_x, png_int_32 offset_y, int unit_type) |
468 | 13 | { |
469 | 13 | png_debug1(1, "in %s storage function", "oFFs"); |
470 | | |
471 | 13 | if (png_ptr == NULL || info_ptr == NULL) |
472 | 0 | return; |
473 | | |
474 | 13 | info_ptr->x_offset = offset_x; |
475 | 13 | info_ptr->y_offset = offset_y; |
476 | 13 | info_ptr->offset_unit_type = (png_byte)unit_type; |
477 | 13 | info_ptr->valid |= PNG_INFO_oFFs; |
478 | 13 | } |
479 | | #endif |
480 | | |
481 | | #ifdef PNG_pCAL_SUPPORTED |
482 | | void |
483 | | png_set_pCAL(const png_struct *png_ptr, png_info *info_ptr, |
484 | | const char *purpose, png_int_32 X0, png_int_32 X1, int type, |
485 | | int nparams, const char *units, char **params) |
486 | 2 | { |
487 | 2 | size_t length; |
488 | 2 | int i; |
489 | | |
490 | 2 | png_debug1(1, "in %s storage function", "pCAL"); |
491 | | |
492 | 2 | if (png_ptr == NULL || info_ptr == NULL || purpose == NULL || units == NULL |
493 | 2 | || (nparams > 0 && params == NULL)) |
494 | 0 | return; |
495 | | |
496 | 2 | length = strlen(purpose) + 1; |
497 | 2 | png_debug1(3, "allocating purpose for info (%lu bytes)", |
498 | 2 | (unsigned long)length); |
499 | | |
500 | | /* TODO: validate format of calibration name and unit name */ |
501 | | |
502 | | /* Check that the type matches the specification. */ |
503 | 2 | if (type < 0 || type > 3) |
504 | 2 | { |
505 | 2 | png_chunk_report(png_ptr, "Invalid pCAL equation type", |
506 | 2 | PNG_CHUNK_WRITE_ERROR); |
507 | 2 | return; |
508 | 2 | } |
509 | | |
510 | 0 | if (nparams < 0 || nparams > 255) |
511 | 0 | { |
512 | 0 | png_chunk_report(png_ptr, "Invalid pCAL parameter count", |
513 | 0 | PNG_CHUNK_WRITE_ERROR); |
514 | 0 | return; |
515 | 0 | } |
516 | | |
517 | | /* Validate params[nparams] */ |
518 | 0 | for (i=0; i<nparams; ++i) |
519 | 0 | { |
520 | 0 | if (params[i] == NULL || |
521 | 0 | !png_check_fp_string(params[i], strlen(params[i]))) |
522 | 0 | { |
523 | 0 | png_chunk_report(png_ptr, "Invalid format for pCAL parameter", |
524 | 0 | PNG_CHUNK_WRITE_ERROR); |
525 | 0 | return; |
526 | 0 | } |
527 | 0 | } |
528 | | |
529 | 0 | info_ptr->pcal_purpose = png_voidcast(char *, |
530 | 0 | png_malloc_warn(png_ptr, length)); |
531 | |
|
532 | 0 | if (info_ptr->pcal_purpose == NULL) |
533 | 0 | { |
534 | 0 | png_chunk_report(png_ptr, "Insufficient memory for pCAL purpose", |
535 | 0 | PNG_CHUNK_WRITE_ERROR); |
536 | 0 | return; |
537 | 0 | } |
538 | | |
539 | 0 | memcpy(info_ptr->pcal_purpose, purpose, length); |
540 | |
|
541 | 0 | info_ptr->free_me |= PNG_FREE_PCAL; |
542 | |
|
543 | 0 | png_debug(3, "storing X0, X1, type, and nparams in info"); |
544 | 0 | info_ptr->pcal_X0 = X0; |
545 | 0 | info_ptr->pcal_X1 = X1; |
546 | 0 | info_ptr->pcal_type = (png_byte)type; |
547 | 0 | info_ptr->pcal_nparams = (png_byte)nparams; |
548 | |
|
549 | 0 | length = strlen(units) + 1; |
550 | 0 | png_debug1(3, "allocating units for info (%lu bytes)", |
551 | 0 | (unsigned long)length); |
552 | |
|
553 | 0 | info_ptr->pcal_units = png_voidcast(char *, |
554 | 0 | png_malloc_warn(png_ptr, length)); |
555 | |
|
556 | 0 | if (info_ptr->pcal_units == NULL) |
557 | 0 | { |
558 | 0 | png_warning(png_ptr, "Insufficient memory for pCAL units"); |
559 | 0 | return; |
560 | 0 | } |
561 | | |
562 | 0 | memcpy(info_ptr->pcal_units, units, length); |
563 | |
|
564 | 0 | info_ptr->pcal_params = png_voidcast(char **, png_malloc_warn(png_ptr, |
565 | 0 | (size_t)(((unsigned int)nparams + 1) * (sizeof (char *))))); |
566 | |
|
567 | 0 | if (info_ptr->pcal_params == NULL) |
568 | 0 | { |
569 | 0 | png_warning(png_ptr, "Insufficient memory for pCAL params"); |
570 | 0 | return; |
571 | 0 | } |
572 | | |
573 | 0 | memset(info_ptr->pcal_params, 0, ((unsigned int)nparams + 1) * |
574 | 0 | (sizeof (char *))); |
575 | |
|
576 | 0 | for (i = 0; i < nparams; i++) |
577 | 0 | { |
578 | 0 | length = strlen(params[i]) + 1; |
579 | 0 | png_debug2(3, "allocating parameter %d for info (%lu bytes)", i, |
580 | 0 | (unsigned long)length); |
581 | |
|
582 | 0 | info_ptr->pcal_params[i] = (char *)png_malloc_warn(png_ptr, length); |
583 | |
|
584 | 0 | if (info_ptr->pcal_params[i] == NULL) |
585 | 0 | { |
586 | 0 | png_warning(png_ptr, "Insufficient memory for pCAL parameter"); |
587 | 0 | return; |
588 | 0 | } |
589 | | |
590 | 0 | memcpy(info_ptr->pcal_params[i], params[i], length); |
591 | 0 | } |
592 | | |
593 | 0 | info_ptr->valid |= PNG_INFO_pCAL; |
594 | 0 | } |
595 | | #endif |
596 | | |
597 | | #ifdef PNG_sCAL_SUPPORTED |
598 | | void |
599 | | png_set_sCAL_s(const png_struct *png_ptr, png_info *info_ptr, |
600 | | int unit, const char *swidth, const char *sheight) |
601 | 0 | { |
602 | 0 | size_t lengthw = 0, lengthh = 0; |
603 | |
|
604 | 0 | png_debug1(1, "in %s storage function", "sCAL"); |
605 | |
|
606 | 0 | if (png_ptr == NULL || info_ptr == NULL) |
607 | 0 | return; |
608 | | |
609 | | /* Double check the unit (should never get here with an invalid |
610 | | * unit unless this is an API call.) |
611 | | */ |
612 | 0 | if (unit != 1 && unit != 2) |
613 | 0 | png_error(png_ptr, "Invalid sCAL unit"); |
614 | | |
615 | 0 | if (swidth == NULL || (lengthw = strlen(swidth)) == 0 || |
616 | 0 | swidth[0] == 45 /* '-' */ || !png_check_fp_string(swidth, lengthw)) |
617 | 0 | png_error(png_ptr, "Invalid sCAL width"); |
618 | | |
619 | 0 | if (sheight == NULL || (lengthh = strlen(sheight)) == 0 || |
620 | 0 | sheight[0] == 45 /* '-' */ || !png_check_fp_string(sheight, lengthh)) |
621 | 0 | png_error(png_ptr, "Invalid sCAL height"); |
622 | | |
623 | 0 | info_ptr->scal_unit = (png_byte)unit; |
624 | |
|
625 | 0 | ++lengthw; |
626 | |
|
627 | 0 | png_debug1(3, "allocating unit for info (%u bytes)", (unsigned int)lengthw); |
628 | |
|
629 | 0 | info_ptr->scal_s_width = png_voidcast(char *, |
630 | 0 | png_malloc_warn(png_ptr, lengthw)); |
631 | |
|
632 | 0 | if (info_ptr->scal_s_width == NULL) |
633 | 0 | { |
634 | 0 | png_warning(png_ptr, "Memory allocation failed while processing sCAL"); |
635 | |
|
636 | 0 | return; |
637 | 0 | } |
638 | | |
639 | 0 | memcpy(info_ptr->scal_s_width, swidth, lengthw); |
640 | |
|
641 | 0 | ++lengthh; |
642 | |
|
643 | 0 | png_debug1(3, "allocating unit for info (%u bytes)", (unsigned int)lengthh); |
644 | |
|
645 | 0 | info_ptr->scal_s_height = png_voidcast(char *, |
646 | 0 | png_malloc_warn(png_ptr, lengthh)); |
647 | |
|
648 | 0 | if (info_ptr->scal_s_height == NULL) |
649 | 0 | { |
650 | 0 | png_free(png_ptr, info_ptr->scal_s_width); |
651 | 0 | info_ptr->scal_s_width = NULL; |
652 | |
|
653 | 0 | png_warning(png_ptr, "Memory allocation failed while processing sCAL"); |
654 | 0 | return; |
655 | 0 | } |
656 | | |
657 | 0 | memcpy(info_ptr->scal_s_height, sheight, lengthh); |
658 | |
|
659 | 0 | info_ptr->free_me |= PNG_FREE_SCAL; |
660 | 0 | info_ptr->valid |= PNG_INFO_sCAL; |
661 | 0 | } |
662 | | |
663 | | # ifdef PNG_FLOATING_POINT_SUPPORTED |
664 | | void |
665 | | png_set_sCAL(const png_struct *png_ptr, png_info *info_ptr, int unit, |
666 | | double width, double height) |
667 | 0 | { |
668 | 0 | png_debug1(1, "in %s storage function", "sCAL"); |
669 | | |
670 | | /* Check the arguments. */ |
671 | 0 | if (width <= 0) |
672 | 0 | png_warning(png_ptr, "Invalid sCAL width ignored"); |
673 | | |
674 | 0 | else if (height <= 0) |
675 | 0 | png_warning(png_ptr, "Invalid sCAL height ignored"); |
676 | | |
677 | 0 | else |
678 | 0 | { |
679 | | /* Convert 'width' and 'height' to ASCII. */ |
680 | 0 | char swidth[PNG_sCAL_MAX_DIGITS+1]; |
681 | 0 | char sheight[PNG_sCAL_MAX_DIGITS+1]; |
682 | |
|
683 | 0 | png_ascii_from_fp(png_ptr, swidth, (sizeof swidth), width, |
684 | 0 | PNG_sCAL_PRECISION); |
685 | 0 | png_ascii_from_fp(png_ptr, sheight, (sizeof sheight), height, |
686 | 0 | PNG_sCAL_PRECISION); |
687 | |
|
688 | 0 | png_set_sCAL_s(png_ptr, info_ptr, unit, swidth, sheight); |
689 | 0 | } |
690 | 0 | } |
691 | | # endif |
692 | | |
693 | | # ifdef PNG_FIXED_POINT_SUPPORTED |
694 | | void |
695 | | png_set_sCAL_fixed(const png_struct *png_ptr, png_info *info_ptr, int unit, |
696 | | png_fixed_point width, png_fixed_point height) |
697 | 0 | { |
698 | 0 | png_debug1(1, "in %s storage function", "sCAL"); |
699 | | |
700 | | /* Check the arguments. */ |
701 | 0 | if (width <= 0) |
702 | 0 | png_warning(png_ptr, "Invalid sCAL width ignored"); |
703 | | |
704 | 0 | else if (height <= 0) |
705 | 0 | png_warning(png_ptr, "Invalid sCAL height ignored"); |
706 | | |
707 | 0 | else |
708 | 0 | { |
709 | | /* Convert 'width' and 'height' to ASCII. */ |
710 | 0 | char swidth[PNG_sCAL_MAX_DIGITS+1]; |
711 | 0 | char sheight[PNG_sCAL_MAX_DIGITS+1]; |
712 | |
|
713 | 0 | png_ascii_from_fixed(png_ptr, swidth, (sizeof swidth), width); |
714 | 0 | png_ascii_from_fixed(png_ptr, sheight, (sizeof sheight), height); |
715 | |
|
716 | 0 | png_set_sCAL_s(png_ptr, info_ptr, unit, swidth, sheight); |
717 | 0 | } |
718 | 0 | } |
719 | | # endif |
720 | | #endif |
721 | | |
722 | | #ifdef PNG_pHYs_SUPPORTED |
723 | | void |
724 | | png_set_pHYs(const png_struct *png_ptr, png_info *info_ptr, |
725 | | png_uint_32 res_x, png_uint_32 res_y, int unit_type) |
726 | 57.6k | { |
727 | 57.6k | png_debug1(1, "in %s storage function", "pHYs"); |
728 | | |
729 | 57.6k | if (png_ptr == NULL || info_ptr == NULL) |
730 | 0 | return; |
731 | | |
732 | 57.6k | info_ptr->x_pixels_per_unit = res_x; |
733 | 57.6k | info_ptr->y_pixels_per_unit = res_y; |
734 | 57.6k | info_ptr->phys_unit_type = (png_byte)unit_type; |
735 | 57.6k | info_ptr->valid |= PNG_INFO_pHYs; |
736 | 57.6k | } |
737 | | #endif |
738 | | |
739 | | void |
740 | | png_set_PLTE(png_struct *png_ptr, png_info *info_ptr, |
741 | | const png_color *palette, int num_palette) |
742 | 469 | { |
743 | | |
744 | 469 | png_uint_32 max_palette_length; |
745 | | |
746 | 469 | png_debug1(1, "in %s storage function", "PLTE"); |
747 | | |
748 | 469 | if (png_ptr == NULL || info_ptr == NULL) |
749 | 0 | return; |
750 | | |
751 | 469 | max_palette_length = (info_ptr->color_type == PNG_COLOR_TYPE_PALETTE) ? |
752 | 448 | (1 << info_ptr->bit_depth) : PNG_MAX_PALETTE_LENGTH; |
753 | | |
754 | 469 | if (num_palette < 0 || num_palette > (int) max_palette_length) |
755 | 0 | { |
756 | 0 | if (info_ptr->color_type == PNG_COLOR_TYPE_PALETTE) |
757 | 0 | png_error(png_ptr, "Invalid palette length"); |
758 | | |
759 | 0 | else |
760 | 0 | { |
761 | 0 | png_warning(png_ptr, "Invalid palette length"); |
762 | |
|
763 | 0 | return; |
764 | 0 | } |
765 | 0 | } |
766 | | |
767 | 469 | if ((num_palette > 0 && palette == NULL) || |
768 | 469 | (num_palette == 0 |
769 | 2 | # ifdef PNG_MNG_FEATURES_SUPPORTED |
770 | 2 | && (png_ptr->mng_features_permitted & PNG_FLAG_MNG_EMPTY_PLTE) == 0 |
771 | 469 | # endif |
772 | 469 | )) |
773 | 2 | { |
774 | 2 | png_error(png_ptr, "Invalid palette"); |
775 | 2 | } |
776 | | |
777 | 467 | png_free_data(png_ptr, info_ptr, PNG_FREE_PLTE, 0); |
778 | | |
779 | | /* Changed in libpng-1.2.1 to allocate PNG_MAX_PALETTE_LENGTH instead |
780 | | * of num_palette entries, in case of an invalid PNG file or incorrect |
781 | | * call to png_set_PLTE() with too-large sample values. |
782 | | * |
783 | | * Allocate independent buffers for info_ptr and png_ptr so that the |
784 | | * lifetime of png_ptr->palette is decoupled from the lifetime of |
785 | | * info_ptr->palette. Previously, these two pointers were aliased, |
786 | | * which caused a use-after-free vulnerability if png_free_data freed |
787 | | * info_ptr->palette while png_ptr->palette was still in use by the |
788 | | * row transform functions (e.g. png_do_expand_palette). |
789 | | * |
790 | | * Both buffers are allocated with png_calloc to zero-fill, because |
791 | | * the ARM NEON palette riffle reads all 256 entries unconditionally, |
792 | | * regardless of num_palette. |
793 | | */ |
794 | 467 | png_free(png_ptr, png_ptr->palette); |
795 | 467 | png_ptr->palette = png_voidcast(png_color *, png_calloc(png_ptr, |
796 | 467 | PNG_MAX_PALETTE_LENGTH * (sizeof (png_color)))); |
797 | 467 | info_ptr->palette = png_voidcast(png_colorp, png_calloc(png_ptr, |
798 | 467 | PNG_MAX_PALETTE_LENGTH * (sizeof (png_color)))); |
799 | 467 | png_ptr->num_palette = info_ptr->num_palette = (png_uint_16)num_palette; |
800 | | |
801 | 467 | if (num_palette > 0) |
802 | 467 | { |
803 | 467 | memcpy(info_ptr->palette, palette, (unsigned int)num_palette * |
804 | 467 | (sizeof (png_color))); |
805 | 467 | memcpy(png_ptr->palette, palette, (unsigned int)num_palette * |
806 | 467 | (sizeof (png_color))); |
807 | 467 | } |
808 | | |
809 | 467 | info_ptr->free_me |= PNG_FREE_PLTE; |
810 | 467 | info_ptr->valid |= PNG_INFO_PLTE; |
811 | 467 | } |
812 | | |
813 | | #ifdef PNG_sBIT_SUPPORTED |
814 | | void |
815 | | png_set_sBIT(const png_struct *png_ptr, png_info *info_ptr, |
816 | | const png_color_8 *sig_bit) |
817 | 1 | { |
818 | 1 | png_debug1(1, "in %s storage function", "sBIT"); |
819 | | |
820 | 1 | if (png_ptr == NULL || info_ptr == NULL || sig_bit == NULL) |
821 | 0 | return; |
822 | | |
823 | 1 | info_ptr->sig_bit = *sig_bit; |
824 | 1 | info_ptr->valid |= PNG_INFO_sBIT; |
825 | 1 | } |
826 | | #endif |
827 | | |
828 | | #ifdef PNG_sRGB_SUPPORTED |
829 | | void |
830 | | png_set_sRGB(const png_struct *png_ptr, png_info *info_ptr, int srgb_intent) |
831 | 21 | { |
832 | 21 | png_debug1(1, "in %s storage function", "sRGB"); |
833 | | |
834 | 21 | if (png_ptr == NULL || info_ptr == NULL) |
835 | 0 | return; |
836 | | |
837 | 21 | info_ptr->rendering_intent = srgb_intent; |
838 | 21 | info_ptr->valid |= PNG_INFO_sRGB; |
839 | 21 | } |
840 | | |
841 | | void |
842 | | png_set_sRGB_gAMA_and_cHRM(const png_struct *png_ptr, png_info *info_ptr, |
843 | | int srgb_intent) |
844 | 0 | { |
845 | 0 | png_debug1(1, "in %s storage function", "sRGB_gAMA_and_cHRM"); |
846 | |
|
847 | 0 | if (png_ptr == NULL || info_ptr == NULL) |
848 | 0 | return; |
849 | | |
850 | 0 | png_set_sRGB(png_ptr, info_ptr, srgb_intent); |
851 | |
|
852 | 0 | # ifdef PNG_gAMA_SUPPORTED |
853 | 0 | png_set_gAMA_fixed(png_ptr, info_ptr, PNG_GAMMA_sRGB_INVERSE); |
854 | 0 | # endif /* gAMA */ |
855 | |
|
856 | 0 | # ifdef PNG_cHRM_SUPPORTED |
857 | 0 | png_set_cHRM_fixed(png_ptr, info_ptr, |
858 | | /* color x y */ |
859 | 0 | /* white */ 31270, 32900, |
860 | 0 | /* red */ 64000, 33000, |
861 | 0 | /* green */ 30000, 60000, |
862 | 0 | /* blue */ 15000, 6000); |
863 | 0 | # endif /* cHRM */ |
864 | 0 | } |
865 | | #endif /* sRGB */ |
866 | | |
867 | | |
868 | | #ifdef PNG_iCCP_SUPPORTED |
869 | | void |
870 | | png_set_iCCP(const png_struct *png_ptr, png_info *info_ptr, |
871 | | const char *name, int compression_type, |
872 | | const png_byte *profile, png_uint_32 proflen) |
873 | 0 | { |
874 | 0 | char *new_iccp_name; |
875 | 0 | png_byte *new_iccp_profile; |
876 | 0 | size_t length; |
877 | |
|
878 | 0 | png_debug1(1, "in %s storage function", "iCCP"); |
879 | |
|
880 | 0 | if (png_ptr == NULL || info_ptr == NULL || name == NULL || profile == NULL) |
881 | 0 | return; |
882 | | |
883 | 0 | if (compression_type != PNG_COMPRESSION_TYPE_BASE) |
884 | 0 | png_app_error(png_ptr, "Invalid iCCP compression method"); |
885 | |
|
886 | 0 | length = strlen(name)+1; |
887 | 0 | new_iccp_name = png_voidcast(char *, png_malloc_warn(png_ptr, length)); |
888 | |
|
889 | 0 | if (new_iccp_name == NULL) |
890 | 0 | { |
891 | 0 | png_benign_error(png_ptr, "Insufficient memory to process iCCP chunk"); |
892 | |
|
893 | 0 | return; |
894 | 0 | } |
895 | | |
896 | 0 | memcpy(new_iccp_name, name, length); |
897 | 0 | new_iccp_profile = png_voidcast(png_byte *, |
898 | 0 | png_malloc_warn(png_ptr, proflen)); |
899 | |
|
900 | 0 | if (new_iccp_profile == NULL) |
901 | 0 | { |
902 | 0 | png_free(png_ptr, new_iccp_name); |
903 | 0 | png_benign_error(png_ptr, |
904 | 0 | "Insufficient memory to process iCCP profile"); |
905 | |
|
906 | 0 | return; |
907 | 0 | } |
908 | | |
909 | 0 | memcpy(new_iccp_profile, profile, proflen); |
910 | |
|
911 | 0 | png_free_data(png_ptr, info_ptr, PNG_FREE_ICCP, 0); |
912 | |
|
913 | 0 | info_ptr->iccp_proflen = proflen; |
914 | 0 | info_ptr->iccp_name = new_iccp_name; |
915 | 0 | info_ptr->iccp_profile = new_iccp_profile; |
916 | 0 | info_ptr->free_me |= PNG_FREE_ICCP; |
917 | 0 | info_ptr->valid |= PNG_INFO_iCCP; |
918 | 0 | } |
919 | | #endif |
920 | | |
921 | | #ifdef PNG_TEXT_SUPPORTED |
922 | | void |
923 | | png_set_text(const png_struct *png_ptr, png_info *info_ptr, |
924 | | const png_text *text_ptr, int num_text) |
925 | 0 | { |
926 | 0 | int ret; |
927 | 0 | ret = png_set_text_2(png_ptr, info_ptr, text_ptr, num_text); |
928 | |
|
929 | 0 | if (ret != 0) |
930 | 0 | png_error(png_ptr, "Insufficient memory to store text"); |
931 | 0 | } |
932 | | |
933 | | int /* PRIVATE */ |
934 | | png_set_text_2(const png_struct *png_ptr, png_info *info_ptr, |
935 | | const png_text *text_ptr, int num_text) |
936 | 38.4k | { |
937 | 38.4k | int i; |
938 | | |
939 | 38.4k | png_debug1(1, "in text storage function, chunk typeid = 0x%lx", |
940 | 38.4k | png_ptr == NULL ? 0xabadca11UL : (unsigned long)png_ptr->chunk_name); |
941 | | |
942 | 38.4k | if (png_ptr == NULL || info_ptr == NULL || num_text <= 0 || text_ptr == NULL) |
943 | 0 | return 0; |
944 | | |
945 | | /* Make sure we have enough space in the "text" array in info_struct |
946 | | * to hold all of the incoming text_ptr objects. This compare can't overflow |
947 | | * because max_text >= num_text (anyway, subtract of two positive integers |
948 | | * can't overflow in any case.) |
949 | | */ |
950 | 38.4k | if (num_text > info_ptr->max_text - info_ptr->num_text) |
951 | 34.9k | { |
952 | 34.9k | int old_num_text = info_ptr->num_text; |
953 | 34.9k | int max_text; |
954 | 34.9k | png_text *new_text = NULL; |
955 | | |
956 | | /* Calculate an appropriate max_text, checking for overflow. */ |
957 | 34.9k | max_text = old_num_text; |
958 | 34.9k | if (num_text <= INT_MAX - max_text) |
959 | 34.9k | { |
960 | 34.9k | max_text += num_text; |
961 | | |
962 | | /* Round up to a multiple of 8 */ |
963 | 34.9k | if (max_text < INT_MAX-8) |
964 | 34.9k | max_text = (max_text + 8) & ~0x7; |
965 | | |
966 | 0 | else |
967 | 0 | max_text = INT_MAX; |
968 | | |
969 | | /* Now allocate a new array and copy the old members in; this does all |
970 | | * the overflow checks. |
971 | | */ |
972 | 34.9k | new_text = png_voidcast(png_text *,png_realloc_array(png_ptr, |
973 | 34.9k | info_ptr->text, old_num_text, max_text-old_num_text, |
974 | 34.9k | sizeof *new_text)); |
975 | 34.9k | } |
976 | | |
977 | 34.9k | if (new_text == NULL) |
978 | 0 | { |
979 | 0 | png_chunk_report(png_ptr, "too many text chunks", |
980 | 0 | PNG_CHUNK_WRITE_ERROR); |
981 | |
|
982 | 0 | return 1; |
983 | 0 | } |
984 | | |
985 | 34.9k | png_free(png_ptr, info_ptr->text); |
986 | | |
987 | 34.9k | info_ptr->text = new_text; |
988 | 34.9k | info_ptr->free_me |= PNG_FREE_TEXT; |
989 | 34.9k | info_ptr->max_text = max_text; |
990 | | /* num_text is adjusted below as the entries are copied in */ |
991 | | |
992 | 34.9k | png_debug1(3, "allocated %d entries for info_ptr->text", max_text); |
993 | 34.9k | } |
994 | | |
995 | 76.8k | for (i = 0; i < num_text; i++) |
996 | 38.4k | { |
997 | 38.4k | size_t text_length, key_len; |
998 | 38.4k | size_t lang_len, lang_key_len; |
999 | 38.4k | png_text *textp = &(info_ptr->text[info_ptr->num_text]); |
1000 | | |
1001 | 38.4k | if (text_ptr[i].key == NULL) |
1002 | 0 | continue; |
1003 | | |
1004 | 38.4k | if (text_ptr[i].compression < PNG_TEXT_COMPRESSION_NONE || |
1005 | 38.4k | text_ptr[i].compression >= PNG_TEXT_COMPRESSION_LAST) |
1006 | 0 | { |
1007 | 0 | png_chunk_report(png_ptr, "text compression mode is out of range", |
1008 | 0 | PNG_CHUNK_WRITE_ERROR); |
1009 | 0 | continue; |
1010 | 0 | } |
1011 | | |
1012 | 38.4k | key_len = strlen(text_ptr[i].key); |
1013 | | |
1014 | 38.4k | if (text_ptr[i].compression <= 0) |
1015 | 38.3k | { |
1016 | 38.3k | lang_len = 0; |
1017 | 38.3k | lang_key_len = 0; |
1018 | 38.3k | } |
1019 | | |
1020 | 118 | else |
1021 | 118 | # ifdef PNG_iTXt_SUPPORTED |
1022 | 118 | { |
1023 | | /* Set iTXt data */ |
1024 | | |
1025 | 118 | if (text_ptr[i].lang != NULL) |
1026 | 118 | lang_len = strlen(text_ptr[i].lang); |
1027 | | |
1028 | 0 | else |
1029 | 0 | lang_len = 0; |
1030 | | |
1031 | 118 | if (text_ptr[i].lang_key != NULL) |
1032 | 118 | lang_key_len = strlen(text_ptr[i].lang_key); |
1033 | | |
1034 | 0 | else |
1035 | 0 | lang_key_len = 0; |
1036 | 118 | } |
1037 | | # else /* iTXt */ |
1038 | | { |
1039 | | png_chunk_report(png_ptr, "iTXt chunk not supported", |
1040 | | PNG_CHUNK_WRITE_ERROR); |
1041 | | continue; |
1042 | | } |
1043 | | # endif |
1044 | | |
1045 | 38.4k | if (text_ptr[i].text == NULL || text_ptr[i].text[0] == '\0') |
1046 | 3.50k | { |
1047 | 3.50k | text_length = 0; |
1048 | 3.50k | # ifdef PNG_iTXt_SUPPORTED |
1049 | 3.50k | if (text_ptr[i].compression > 0) |
1050 | 116 | textp->compression = PNG_ITXT_COMPRESSION_NONE; |
1051 | | |
1052 | 3.39k | else |
1053 | 3.39k | # endif |
1054 | 3.39k | textp->compression = PNG_TEXT_COMPRESSION_NONE; |
1055 | 3.50k | } |
1056 | | |
1057 | 34.9k | else |
1058 | 34.9k | { |
1059 | 34.9k | text_length = strlen(text_ptr[i].text); |
1060 | 34.9k | textp->compression = text_ptr[i].compression; |
1061 | 34.9k | } |
1062 | | |
1063 | 38.4k | textp->key = png_voidcast(char *,png_malloc_base(png_ptr, |
1064 | 38.4k | key_len + text_length + lang_len + lang_key_len + 4)); |
1065 | | |
1066 | 38.4k | if (textp->key == NULL) |
1067 | 0 | { |
1068 | 0 | png_chunk_report(png_ptr, "text chunk: out of memory", |
1069 | 0 | PNG_CHUNK_WRITE_ERROR); |
1070 | |
|
1071 | 0 | return 1; |
1072 | 0 | } |
1073 | | |
1074 | 38.4k | png_debug2(2, "Allocated %lu bytes at %p in png_set_text", |
1075 | 38.4k | (unsigned long)(png_uint_32) |
1076 | 38.4k | (key_len + lang_len + lang_key_len + text_length + 4), |
1077 | 38.4k | textp->key); |
1078 | | |
1079 | 38.4k | memcpy(textp->key, text_ptr[i].key, key_len); |
1080 | 38.4k | *(textp->key + key_len) = '\0'; |
1081 | | |
1082 | 38.4k | if (text_ptr[i].compression > 0) |
1083 | 118 | { |
1084 | 118 | textp->lang = textp->key + key_len + 1; |
1085 | 118 | memcpy(textp->lang, text_ptr[i].lang, lang_len); |
1086 | 118 | *(textp->lang + lang_len) = '\0'; |
1087 | 118 | textp->lang_key = textp->lang + lang_len + 1; |
1088 | 118 | memcpy(textp->lang_key, text_ptr[i].lang_key, lang_key_len); |
1089 | 118 | *(textp->lang_key + lang_key_len) = '\0'; |
1090 | 118 | textp->text = textp->lang_key + lang_key_len + 1; |
1091 | 118 | } |
1092 | | |
1093 | 38.3k | else |
1094 | 38.3k | { |
1095 | 38.3k | textp->lang=NULL; |
1096 | 38.3k | textp->lang_key=NULL; |
1097 | 38.3k | textp->text = textp->key + key_len + 1; |
1098 | 38.3k | } |
1099 | | |
1100 | 38.4k | if (text_length != 0) |
1101 | 34.9k | memcpy(textp->text, text_ptr[i].text, text_length); |
1102 | | |
1103 | 38.4k | *(textp->text + text_length) = '\0'; |
1104 | | |
1105 | 38.4k | # ifdef PNG_iTXt_SUPPORTED |
1106 | 38.4k | if (textp->compression > 0) |
1107 | 118 | { |
1108 | 118 | textp->text_length = 0; |
1109 | 118 | textp->itxt_length = text_length; |
1110 | 118 | } |
1111 | | |
1112 | 38.3k | else |
1113 | 38.3k | # endif |
1114 | 38.3k | { |
1115 | 38.3k | textp->text_length = text_length; |
1116 | 38.3k | textp->itxt_length = 0; |
1117 | 38.3k | } |
1118 | | |
1119 | 38.4k | info_ptr->num_text++; |
1120 | 38.4k | png_debug1(3, "transferred text chunk %d", info_ptr->num_text); |
1121 | 38.4k | } |
1122 | | |
1123 | 38.4k | return 0; |
1124 | 38.4k | } |
1125 | | #endif |
1126 | | |
1127 | | #ifdef PNG_tIME_SUPPORTED |
1128 | | void |
1129 | | png_set_tIME(const png_struct *png_ptr, png_info *info_ptr, |
1130 | | const png_time *mod_time) |
1131 | 4 | { |
1132 | 4 | png_debug1(1, "in %s storage function", "tIME"); |
1133 | | |
1134 | 4 | if (png_ptr == NULL || info_ptr == NULL || mod_time == NULL || |
1135 | 4 | (png_ptr->mode & PNG_WROTE_tIME) != 0) |
1136 | 0 | return; |
1137 | | |
1138 | 4 | if (mod_time->month == 0 || mod_time->month > 12 || |
1139 | 2 | mod_time->day == 0 || mod_time->day > 31 || |
1140 | 0 | mod_time->hour > 23 || mod_time->minute > 59 || |
1141 | 0 | mod_time->second > 60) |
1142 | 4 | { |
1143 | 4 | png_warning(png_ptr, "Ignoring invalid time value"); |
1144 | | |
1145 | 4 | return; |
1146 | 4 | } |
1147 | | |
1148 | 0 | info_ptr->mod_time = *mod_time; |
1149 | 0 | info_ptr->valid |= PNG_INFO_tIME; |
1150 | 0 | } |
1151 | | #endif |
1152 | | |
1153 | | #ifdef PNG_tRNS_SUPPORTED |
1154 | | void |
1155 | | png_set_tRNS(png_struct *png_ptr, png_info *info_ptr, |
1156 | | const png_byte *trans_alpha, int num_trans, const png_color_16 *trans_color) |
1157 | 354 | { |
1158 | 354 | png_debug1(1, "in %s storage function", "tRNS"); |
1159 | | |
1160 | 354 | if (png_ptr == NULL || info_ptr == NULL) |
1161 | | |
1162 | 0 | return; |
1163 | | |
1164 | 354 | if (trans_alpha != NULL) |
1165 | 354 | { |
1166 | 354 | png_free_data(png_ptr, info_ptr, PNG_FREE_TRNS, 0); |
1167 | | |
1168 | 354 | if (num_trans > 0 && num_trans <= PNG_MAX_PALETTE_LENGTH) |
1169 | 354 | { |
1170 | | /* Allocate info_ptr's copy of the transparency data. |
1171 | | * Initialize all entries to fully opaque (0xff), then overwrite |
1172 | | * the first num_trans entries with the actual values. |
1173 | | */ |
1174 | 354 | info_ptr->trans_alpha = png_voidcast(png_byte *, |
1175 | 354 | png_malloc(png_ptr, PNG_MAX_PALETTE_LENGTH)); |
1176 | 354 | memset(info_ptr->trans_alpha, 0xff, PNG_MAX_PALETTE_LENGTH); |
1177 | 354 | memcpy(info_ptr->trans_alpha, trans_alpha, (size_t)num_trans); |
1178 | 354 | info_ptr->free_me |= PNG_FREE_TRNS; |
1179 | 354 | info_ptr->valid |= PNG_INFO_tRNS; |
1180 | | |
1181 | | /* Allocate an independent copy for png_struct, so that the |
1182 | | * lifetime of png_ptr->trans_alpha is decoupled from the |
1183 | | * lifetime of info_ptr->trans_alpha. Previously these two |
1184 | | * pointers were aliased, which caused a use-after-free if |
1185 | | * png_free_data freed info_ptr->trans_alpha while |
1186 | | * png_ptr->trans_alpha was still in use by the row transform |
1187 | | * functions (e.g. png_do_expand_palette). |
1188 | | */ |
1189 | 354 | png_free(png_ptr, png_ptr->trans_alpha); |
1190 | 354 | png_ptr->trans_alpha = png_voidcast(png_bytep, |
1191 | 354 | png_malloc(png_ptr, PNG_MAX_PALETTE_LENGTH)); |
1192 | 354 | memset(png_ptr->trans_alpha, 0xff, PNG_MAX_PALETTE_LENGTH); |
1193 | 354 | memcpy(png_ptr->trans_alpha, trans_alpha, (size_t)num_trans); |
1194 | 354 | } |
1195 | 0 | else |
1196 | 0 | { |
1197 | 0 | png_free(png_ptr, png_ptr->trans_alpha); |
1198 | 0 | png_ptr->trans_alpha = NULL; |
1199 | 0 | } |
1200 | 354 | } |
1201 | | |
1202 | 354 | if (trans_color != NULL) |
1203 | 116 | { |
1204 | 116 | #ifdef PNG_WARNINGS_SUPPORTED |
1205 | 116 | if (info_ptr->bit_depth < 16) |
1206 | 116 | { |
1207 | 116 | int sample_max = (1 << info_ptr->bit_depth) - 1; |
1208 | | |
1209 | 116 | if ((info_ptr->color_type == PNG_COLOR_TYPE_GRAY && |
1210 | 44 | trans_color->gray > sample_max) || |
1211 | 73 | (info_ptr->color_type == PNG_COLOR_TYPE_RGB && |
1212 | 14 | (trans_color->red > sample_max || |
1213 | 3 | trans_color->green > sample_max || |
1214 | 1 | trans_color->blue > sample_max))) |
1215 | 56 | png_warning(png_ptr, |
1216 | 56 | "tRNS chunk has out-of-range samples for bit_depth"); |
1217 | 116 | } |
1218 | 116 | #endif |
1219 | | |
1220 | 116 | info_ptr->trans_color = *trans_color; |
1221 | | |
1222 | 116 | if (num_trans == 0) |
1223 | 0 | num_trans = 1; |
1224 | 116 | } |
1225 | | |
1226 | 354 | info_ptr->num_trans = (png_uint_16)num_trans; |
1227 | | |
1228 | 354 | if (num_trans != 0) |
1229 | 354 | { |
1230 | 354 | info_ptr->free_me |= PNG_FREE_TRNS; |
1231 | 354 | info_ptr->valid |= PNG_INFO_tRNS; |
1232 | 354 | } |
1233 | 354 | } |
1234 | | #endif |
1235 | | |
1236 | | #ifdef PNG_sPLT_SUPPORTED |
1237 | | void |
1238 | | png_set_sPLT(const png_struct *png_ptr, |
1239 | | png_info *info_ptr, const png_sPLT_t *entries, int nentries) |
1240 | | /* |
1241 | | * entries - array of png_sPLT_t structures |
1242 | | * to be added to the list of palettes |
1243 | | * in the info structure. |
1244 | | * |
1245 | | * nentries - number of palette structures to be |
1246 | | * added. |
1247 | | */ |
1248 | 1.41k | { |
1249 | 1.41k | png_sPLT_t *np; |
1250 | | |
1251 | 1.41k | png_debug1(1, "in %s storage function", "sPLT"); |
1252 | | |
1253 | 1.41k | if (png_ptr == NULL || info_ptr == NULL || nentries <= 0 || entries == NULL) |
1254 | 0 | return; |
1255 | | |
1256 | | /* Use the internal realloc function, which checks for all the possible |
1257 | | * overflows. Notice that the parameters are (int) and (size_t) |
1258 | | */ |
1259 | 1.41k | np = png_voidcast(png_sPLT_t *,png_realloc_array(png_ptr, |
1260 | 1.41k | info_ptr->splt_palettes, info_ptr->splt_palettes_num, nentries, |
1261 | 1.41k | sizeof *np)); |
1262 | | |
1263 | 1.41k | if (np == NULL) |
1264 | 0 | { |
1265 | | /* Out of memory or too many chunks */ |
1266 | 0 | png_chunk_report(png_ptr, "too many sPLT chunks", PNG_CHUNK_WRITE_ERROR); |
1267 | 0 | return; |
1268 | 0 | } |
1269 | | |
1270 | 1.41k | png_free(png_ptr, info_ptr->splt_palettes); |
1271 | | |
1272 | 1.41k | info_ptr->splt_palettes = np; |
1273 | 1.41k | info_ptr->free_me |= PNG_FREE_SPLT; |
1274 | | |
1275 | 1.41k | np += info_ptr->splt_palettes_num; |
1276 | | |
1277 | 1.41k | do |
1278 | 1.41k | { |
1279 | 1.41k | size_t length; |
1280 | | |
1281 | | /* Skip invalid input entries */ |
1282 | 1.41k | if (entries->name == NULL || entries->entries == NULL) |
1283 | 0 | { |
1284 | | /* png_handle_sPLT doesn't do this, so this is an app error */ |
1285 | 0 | png_app_error(png_ptr, "png_set_sPLT: invalid sPLT"); |
1286 | | /* Just skip the invalid entry */ |
1287 | 0 | continue; |
1288 | 0 | } |
1289 | | |
1290 | 1.41k | np->depth = entries->depth; |
1291 | | |
1292 | | /* In the event of out-of-memory just return - there's no point keeping |
1293 | | * on trying to add sPLT chunks. |
1294 | | */ |
1295 | 1.41k | length = strlen(entries->name) + 1; |
1296 | 1.41k | np->name = png_voidcast(char *, png_malloc_base(png_ptr, length)); |
1297 | | |
1298 | 1.41k | if (np->name == NULL) |
1299 | 0 | break; |
1300 | | |
1301 | 1.41k | memcpy(np->name, entries->name, length); |
1302 | | |
1303 | | /* IMPORTANT: we have memory now that won't get freed if something else |
1304 | | * goes wrong; this code must free it. png_malloc_array produces no |
1305 | | * warnings; use a png_chunk_report (below) if there is an error. |
1306 | | */ |
1307 | 1.41k | np->entries = png_voidcast(png_sPLT_entry *, png_malloc_array(png_ptr, |
1308 | 1.41k | entries->nentries, sizeof (png_sPLT_entry))); |
1309 | | |
1310 | 1.41k | if (np->entries == NULL) |
1311 | 0 | { |
1312 | 0 | png_free(png_ptr, np->name); |
1313 | 0 | np->name = NULL; |
1314 | 0 | break; |
1315 | 0 | } |
1316 | | |
1317 | 1.41k | np->nentries = entries->nentries; |
1318 | | /* This multiply can't overflow because png_malloc_array has already |
1319 | | * checked it when doing the allocation. |
1320 | | */ |
1321 | 1.41k | memcpy(np->entries, entries->entries, |
1322 | 1.41k | (unsigned int)entries->nentries * sizeof (png_sPLT_entry)); |
1323 | | |
1324 | | /* Note that 'continue' skips the advance of the out pointer and out |
1325 | | * count, so an invalid entry is not added. |
1326 | | */ |
1327 | 1.41k | info_ptr->valid |= PNG_INFO_sPLT; |
1328 | 1.41k | ++(info_ptr->splt_palettes_num); |
1329 | 1.41k | ++np; |
1330 | 1.41k | ++entries; |
1331 | 1.41k | } |
1332 | 1.41k | while (--nentries); |
1333 | | |
1334 | 1.41k | if (nentries > 0) |
1335 | 0 | png_chunk_report(png_ptr, "sPLT out of memory", PNG_CHUNK_WRITE_ERROR); |
1336 | 1.41k | } |
1337 | | #endif /* sPLT */ |
1338 | | |
1339 | | #ifdef PNG_APNG_SUPPORTED |
1340 | | png_uint_32 PNGAPI |
1341 | | png_set_acTL(png_struct *png_ptr, png_info *info_ptr, |
1342 | | png_uint_32 num_frames, png_uint_32 num_plays) |
1343 | 75 | { |
1344 | 75 | png_debug1(1, "in %s storage function", "acTL"); |
1345 | | |
1346 | 75 | if (png_ptr == NULL || info_ptr == NULL) |
1347 | 0 | { |
1348 | 0 | png_warning(png_ptr, |
1349 | 0 | "Ignoring call to png_set_acTL with NULL libpng object args"); |
1350 | 0 | return 0; |
1351 | 0 | } |
1352 | 75 | if (num_frames == 0) |
1353 | 14 | { |
1354 | 14 | png_warning(png_ptr, |
1355 | 14 | "Ignoring attempt to set acTL with num_frames zero"); |
1356 | 14 | return 0; |
1357 | 14 | } |
1358 | 61 | if (num_frames > PNG_UINT_31_MAX) |
1359 | 0 | { |
1360 | 0 | png_warning(png_ptr, |
1361 | 0 | "Ignoring attempt to set acTL with num_frames > 2^31-1"); |
1362 | 0 | return 0; |
1363 | 0 | } |
1364 | 61 | if (num_plays > PNG_UINT_31_MAX) |
1365 | 0 | { |
1366 | 0 | png_warning(png_ptr, |
1367 | 0 | "Ignoring attempt to set acTL with num_plays > 2^31-1"); |
1368 | 0 | return 0; |
1369 | 0 | } |
1370 | | |
1371 | 61 | info_ptr->num_frames = num_frames; |
1372 | 61 | info_ptr->num_plays = num_plays; |
1373 | | |
1374 | 61 | info_ptr->valid |= PNG_INFO_acTL; |
1375 | | |
1376 | 61 | return 1; |
1377 | 61 | } |
1378 | | |
1379 | | png_uint_32 PNGAPI |
1380 | | png_set_next_frame_fcTL(png_struct *png_ptr, png_info *info_ptr, |
1381 | | png_uint_32 width, png_uint_32 height, |
1382 | | png_uint_32 x_offset, png_uint_32 y_offset, |
1383 | | png_uint_16 delay_num, png_uint_16 delay_den, |
1384 | | png_byte dispose_op, png_byte blend_op) |
1385 | 0 | { |
1386 | 0 | png_debug1(1, "in %s storage function", "fcTL"); |
1387 | |
|
1388 | 0 | if (png_ptr == NULL || info_ptr == NULL) |
1389 | 0 | { |
1390 | 0 | png_warning(png_ptr, |
1391 | 0 | "Ignoring call to png_set_fcTL with NULL libpng object args"); |
1392 | 0 | return 0; |
1393 | 0 | } |
1394 | | |
1395 | 0 | png_ensure_fcTL_is_valid(png_ptr, width, height, x_offset, y_offset, |
1396 | 0 | delay_num, delay_den, dispose_op, blend_op); |
1397 | | |
1398 | | /* No checking is required for delay_num and delay_den. |
1399 | | * They can hold any 16-bit value, including zero. |
1400 | | */ |
1401 | |
|
1402 | 0 | if (blend_op == PNG_fcTL_BLEND_OP_OVER) |
1403 | 0 | { |
1404 | 0 | if (!(png_ptr->color_type & PNG_COLOR_MASK_ALPHA) && |
1405 | 0 | !(png_get_valid(png_ptr, info_ptr, PNG_INFO_tRNS))) |
1406 | 0 | { |
1407 | 0 | png_warning(png_ptr, |
1408 | 0 | "Ignoring wasteful fcTL BLEND_OP_OVER in opaque images"); |
1409 | 0 | blend_op = PNG_fcTL_BLEND_OP_SOURCE; |
1410 | 0 | } |
1411 | 0 | } |
1412 | |
|
1413 | 0 | info_ptr->next_frame_width = width; |
1414 | 0 | info_ptr->next_frame_height = height; |
1415 | 0 | info_ptr->next_frame_x_offset = x_offset; |
1416 | 0 | info_ptr->next_frame_y_offset = y_offset; |
1417 | 0 | info_ptr->next_frame_delay_num = delay_num; |
1418 | 0 | info_ptr->next_frame_delay_den = delay_den; |
1419 | 0 | info_ptr->next_frame_dispose_op = dispose_op; |
1420 | 0 | info_ptr->next_frame_blend_op = blend_op; |
1421 | |
|
1422 | 0 | info_ptr->valid |= PNG_INFO_fcTL; |
1423 | |
|
1424 | 0 | return 1; |
1425 | 0 | } |
1426 | | |
1427 | | void /* PRIVATE */ |
1428 | | png_ensure_fcTL_is_valid(png_struct *png_ptr, |
1429 | | png_uint_32 width, png_uint_32 height, |
1430 | | png_uint_32 x_offset, png_uint_32 y_offset, |
1431 | | png_uint_16 delay_num, png_uint_16 delay_den, |
1432 | | png_byte dispose_op, png_byte blend_op) |
1433 | 0 | { |
1434 | 0 | if (width == 0 || width > PNG_UINT_31_MAX) |
1435 | 0 | png_error(png_ptr, "Invalid frame width in fcTL"); |
1436 | 0 | if (height == 0 || height > PNG_UINT_31_MAX) |
1437 | 0 | png_error(png_ptr, "Invalid frame height in fcTL"); |
1438 | 0 | if (x_offset > PNG_UINT_31_MAX || y_offset > PNG_UINT_31_MAX) |
1439 | 0 | png_error(png_ptr, "Invalid frame offset in fcTL"); |
1440 | 0 | if (width + x_offset > png_ptr->first_frame_width || |
1441 | 0 | height + y_offset > png_ptr->first_frame_height) |
1442 | 0 | png_error(png_ptr, "Oversized frame in fcTL"); |
1443 | | |
1444 | 0 | if (dispose_op != PNG_fcTL_DISPOSE_OP_NONE && |
1445 | 0 | dispose_op != PNG_fcTL_DISPOSE_OP_BACKGROUND && |
1446 | 0 | dispose_op != PNG_fcTL_DISPOSE_OP_PREVIOUS) |
1447 | 0 | png_error(png_ptr, "Invalid dispose_op in fcTL"); |
1448 | | |
1449 | 0 | if (blend_op != PNG_fcTL_BLEND_OP_SOURCE && |
1450 | 0 | blend_op != PNG_fcTL_BLEND_OP_OVER) |
1451 | 0 | png_error(png_ptr, "Invalid blend_op in fcTL"); |
1452 | | |
1453 | 0 | PNG_UNUSED(delay_num) |
1454 | 0 | PNG_UNUSED(delay_den) |
1455 | 0 | } |
1456 | | |
1457 | | png_uint_32 PNGAPI |
1458 | | png_set_first_frame_is_hidden(png_struct *png_ptr, png_info *info_ptr, |
1459 | | png_byte is_hidden) |
1460 | 0 | { |
1461 | 0 | png_debug(1, "in png_first_frame_is_hidden"); |
1462 | |
|
1463 | 0 | if (png_ptr == NULL) |
1464 | 0 | return 0; |
1465 | | |
1466 | 0 | if (is_hidden) |
1467 | 0 | png_ptr->apng_flags |= PNG_FIRST_FRAME_HIDDEN; |
1468 | 0 | else |
1469 | 0 | png_ptr->apng_flags &= ~PNG_FIRST_FRAME_HIDDEN; |
1470 | |
|
1471 | 0 | PNG_UNUSED(info_ptr) |
1472 | |
|
1473 | 0 | return 1; |
1474 | 0 | } |
1475 | | #endif /* PNG_APNG_SUPPORTED */ |
1476 | | |
1477 | | #ifdef PNG_STORE_UNKNOWN_CHUNKS_SUPPORTED |
1478 | | static png_byte |
1479 | | check_location(const png_struct *png_ptr, int location) |
1480 | 0 | { |
1481 | 0 | location &= (PNG_HAVE_IHDR|PNG_HAVE_PLTE|PNG_AFTER_IDAT); |
1482 | | |
1483 | | /* New in 1.6.0; copy the location and check it. This is an API |
1484 | | * change; previously the app had to use the |
1485 | | * png_set_unknown_chunk_location API below for each chunk. |
1486 | | */ |
1487 | 0 | if (location == 0 && (png_ptr->mode & PNG_IS_READ_STRUCT) == 0) |
1488 | 0 | { |
1489 | | /* Write struct, so unknown chunks come from the app */ |
1490 | 0 | png_app_warning(png_ptr, |
1491 | 0 | "png_set_unknown_chunks now expects a valid location"); |
1492 | | /* Use the old behavior */ |
1493 | 0 | location = (png_byte)(png_ptr->mode & |
1494 | 0 | (PNG_HAVE_IHDR|PNG_HAVE_PLTE|PNG_AFTER_IDAT)); |
1495 | 0 | } |
1496 | | |
1497 | | /* This need not be an internal error - if the app calls |
1498 | | * png_set_unknown_chunks on a read pointer it must get the location right. |
1499 | | */ |
1500 | 0 | if (location == 0) |
1501 | 0 | png_error(png_ptr, "invalid location in png_set_unknown_chunks"); |
1502 | | |
1503 | | /* Now reduce the location to the top-most set bit by removing each least |
1504 | | * significant bit in turn. |
1505 | | */ |
1506 | 0 | while (location != (location & -location)) |
1507 | 0 | location &= ~(location & -location); |
1508 | | |
1509 | | /* The cast is safe because 'location' is a bit mask and only the low four |
1510 | | * bits are significant. |
1511 | | */ |
1512 | 0 | return (png_byte)location; |
1513 | 0 | } |
1514 | | |
1515 | | void |
1516 | | png_set_unknown_chunks(const png_struct *png_ptr, |
1517 | | png_info *info_ptr, const png_unknown_chunk *unknowns, int num_unknowns) |
1518 | 0 | { |
1519 | 0 | png_unknown_chunk *np; |
1520 | |
|
1521 | 0 | if (png_ptr == NULL || info_ptr == NULL || num_unknowns <= 0 || |
1522 | 0 | unknowns == NULL) |
1523 | 0 | return; |
1524 | | |
1525 | | /* Check for the failure cases where support has been disabled at compile |
1526 | | * time. This code is hardly ever compiled - it's here because |
1527 | | * STORE_UNKNOWN_CHUNKS is set by both read and write code (compiling in this |
1528 | | * code) but may be meaningless if the read or write handling of unknown |
1529 | | * chunks is not compiled in. |
1530 | | */ |
1531 | | # if !defined(PNG_READ_UNKNOWN_CHUNKS_SUPPORTED) && \ |
1532 | | defined(PNG_READ_SUPPORTED) |
1533 | | if ((png_ptr->mode & PNG_IS_READ_STRUCT) != 0) |
1534 | | { |
1535 | | png_app_error(png_ptr, "no unknown chunk support on read"); |
1536 | | |
1537 | | return; |
1538 | | } |
1539 | | # endif |
1540 | | # if !defined(PNG_WRITE_UNKNOWN_CHUNKS_SUPPORTED) && \ |
1541 | | defined(PNG_WRITE_SUPPORTED) |
1542 | | if ((png_ptr->mode & PNG_IS_READ_STRUCT) == 0) |
1543 | | { |
1544 | | png_app_error(png_ptr, "no unknown chunk support on write"); |
1545 | | |
1546 | | return; |
1547 | | } |
1548 | | # endif |
1549 | | |
1550 | | /* Prior to 1.6.0 this code used png_malloc_warn; however, this meant that |
1551 | | * unknown critical chunks could be lost with just a warning resulting in |
1552 | | * undefined behavior. Now png_chunk_report is used to provide behavior |
1553 | | * appropriate to read or write. |
1554 | | */ |
1555 | 0 | np = png_voidcast(png_unknown_chunk *, png_realloc_array(png_ptr, |
1556 | 0 | info_ptr->unknown_chunks, info_ptr->unknown_chunks_num, num_unknowns, |
1557 | 0 | sizeof *np)); |
1558 | |
|
1559 | 0 | if (np == NULL) |
1560 | 0 | { |
1561 | 0 | png_chunk_report(png_ptr, "too many unknown chunks", |
1562 | 0 | PNG_CHUNK_WRITE_ERROR); |
1563 | 0 | return; |
1564 | 0 | } |
1565 | | |
1566 | 0 | png_free(png_ptr, info_ptr->unknown_chunks); |
1567 | |
|
1568 | 0 | info_ptr->unknown_chunks = np; /* safe because it is initialized */ |
1569 | 0 | info_ptr->free_me |= PNG_FREE_UNKN; |
1570 | |
|
1571 | 0 | np += info_ptr->unknown_chunks_num; |
1572 | | |
1573 | | /* Increment unknown_chunks_num each time round the loop to protect the |
1574 | | * just-allocated chunk data. |
1575 | | */ |
1576 | 0 | for (; num_unknowns > 0; --num_unknowns, ++unknowns) |
1577 | 0 | { |
1578 | 0 | memcpy(np->name, unknowns->name, (sizeof np->name)); |
1579 | 0 | np->name[(sizeof np->name)-1] = '\0'; |
1580 | 0 | np->location = check_location(png_ptr, unknowns->location); |
1581 | |
|
1582 | 0 | if (unknowns->size == 0) |
1583 | 0 | { |
1584 | 0 | np->data = NULL; |
1585 | 0 | np->size = 0; |
1586 | 0 | } |
1587 | | |
1588 | 0 | else |
1589 | 0 | { |
1590 | 0 | np->data = png_voidcast(png_byte *, |
1591 | 0 | png_malloc_base(png_ptr, unknowns->size)); |
1592 | |
|
1593 | 0 | if (np->data == NULL) |
1594 | 0 | { |
1595 | 0 | png_chunk_report(png_ptr, "unknown chunk: out of memory", |
1596 | 0 | PNG_CHUNK_WRITE_ERROR); |
1597 | | /* But just skip storing the unknown chunk */ |
1598 | 0 | continue; |
1599 | 0 | } |
1600 | | |
1601 | 0 | memcpy(np->data, unknowns->data, unknowns->size); |
1602 | 0 | np->size = unknowns->size; |
1603 | 0 | } |
1604 | | |
1605 | | /* These increments are skipped on out-of-memory for the data - the |
1606 | | * unknown chunk entry gets overwritten if the png_chunk_report returns. |
1607 | | * This is correct in the read case (the chunk is just dropped.) |
1608 | | */ |
1609 | 0 | ++np; |
1610 | 0 | ++(info_ptr->unknown_chunks_num); |
1611 | 0 | } |
1612 | 0 | } |
1613 | | |
1614 | | void |
1615 | | png_set_unknown_chunk_location(const png_struct *png_ptr, png_info *info_ptr, |
1616 | | int chunk, int location) |
1617 | 0 | { |
1618 | | /* This API is pretty pointless in 1.6.0 because the location can be set |
1619 | | * before the call to png_set_unknown_chunks. |
1620 | | * |
1621 | | * TODO: add a png_app_warning in 1.7 |
1622 | | */ |
1623 | 0 | if (png_ptr != NULL && info_ptr != NULL && chunk >= 0 && |
1624 | 0 | chunk < info_ptr->unknown_chunks_num) |
1625 | 0 | { |
1626 | 0 | if ((location & (PNG_HAVE_IHDR|PNG_HAVE_PLTE|PNG_AFTER_IDAT)) == 0) |
1627 | 0 | { |
1628 | 0 | png_app_error(png_ptr, "invalid unknown chunk location"); |
1629 | | /* Fake out the pre 1.6.0 behavior: */ |
1630 | 0 | if (((unsigned int)location & PNG_HAVE_IDAT) != 0) /* undocumented! */ |
1631 | 0 | location = PNG_AFTER_IDAT; |
1632 | | |
1633 | 0 | else |
1634 | 0 | location = PNG_HAVE_IHDR; /* also undocumented */ |
1635 | 0 | } |
1636 | |
|
1637 | 0 | info_ptr->unknown_chunks[chunk].location = |
1638 | 0 | check_location(png_ptr, location); |
1639 | 0 | } |
1640 | 0 | } |
1641 | | #endif /* STORE_UNKNOWN_CHUNKS */ |
1642 | | |
1643 | | #ifdef PNG_MNG_FEATURES_SUPPORTED |
1644 | | png_uint_32 |
1645 | | png_permit_mng_features(png_struct *png_ptr, png_uint_32 mng_features) |
1646 | 0 | { |
1647 | 0 | png_debug(1, "in png_permit_mng_features"); |
1648 | |
|
1649 | 0 | if (png_ptr == NULL) |
1650 | 0 | return 0; |
1651 | | |
1652 | 0 | png_ptr->mng_features_permitted = mng_features & PNG_ALL_MNG_FEATURES; |
1653 | |
|
1654 | 0 | return png_ptr->mng_features_permitted; |
1655 | 0 | } |
1656 | | #endif |
1657 | | |
1658 | | #ifdef PNG_HANDLE_AS_UNKNOWN_SUPPORTED |
1659 | | static unsigned int |
1660 | | add_one_chunk(png_byte *list, unsigned int count, const png_byte *add, int keep) |
1661 | 0 | { |
1662 | 0 | unsigned int i; |
1663 | | |
1664 | | /* Utility function: update the 'keep' state of a chunk if it is already in |
1665 | | * the list, otherwise add it to the list. |
1666 | | */ |
1667 | 0 | for (i=0; i<count; ++i, list += 5) |
1668 | 0 | { |
1669 | 0 | if (memcmp(list, add, 4) == 0) |
1670 | 0 | { |
1671 | 0 | list[4] = (png_byte)keep; |
1672 | |
|
1673 | 0 | return count; |
1674 | 0 | } |
1675 | 0 | } |
1676 | | |
1677 | 0 | if (keep != PNG_HANDLE_CHUNK_AS_DEFAULT) |
1678 | 0 | { |
1679 | 0 | ++count; |
1680 | 0 | memcpy(list, add, 4); |
1681 | 0 | list[4] = (png_byte)keep; |
1682 | 0 | } |
1683 | |
|
1684 | 0 | return count; |
1685 | 0 | } |
1686 | | |
1687 | | void |
1688 | | png_set_keep_unknown_chunks(png_struct *png_ptr, int keep, |
1689 | | const png_byte *chunk_list, int num_chunks_in) |
1690 | 0 | { |
1691 | 0 | png_byte *new_list; |
1692 | 0 | unsigned int num_chunks, old_num_chunks; |
1693 | |
|
1694 | 0 | if (png_ptr == NULL) |
1695 | 0 | return; |
1696 | | |
1697 | 0 | if (keep < 0 || keep >= PNG_HANDLE_CHUNK_LAST) |
1698 | 0 | { |
1699 | 0 | png_app_error(png_ptr, "png_set_keep_unknown_chunks: invalid keep"); |
1700 | |
|
1701 | 0 | return; |
1702 | 0 | } |
1703 | | |
1704 | 0 | if (num_chunks_in <= 0) |
1705 | 0 | { |
1706 | 0 | png_ptr->unknown_default = keep; |
1707 | | |
1708 | | /* '0' means just set the flags, so stop here */ |
1709 | 0 | if (num_chunks_in == 0) |
1710 | 0 | return; |
1711 | 0 | } |
1712 | | |
1713 | 0 | if (num_chunks_in < 0) |
1714 | 0 | { |
1715 | | /* Ignore all unknown chunks and all chunks recognized by |
1716 | | * libpng except for IHDR, PLTE, tRNS, IDAT, and IEND |
1717 | | */ |
1718 | 0 | static const png_byte chunks_to_ignore[] = { |
1719 | 0 | 97, 99, 84, 76, '\0', /* acTL */ |
1720 | 0 | 98, 75, 71, 68, '\0', /* bKGD */ |
1721 | 0 | 99, 72, 82, 77, '\0', /* cHRM */ |
1722 | 0 | 99, 73, 67, 80, '\0', /* cICP */ |
1723 | 0 | 99, 76, 76, 73, '\0', /* cLLI */ |
1724 | 0 | 101, 88, 73, 102, '\0', /* eXIf */ |
1725 | 0 | 102, 99, 84, 76, '\0', /* fcTL */ |
1726 | 0 | 102, 100, 65, 84, '\0', /* fdAT */ |
1727 | 0 | 103, 65, 77, 65, '\0', /* gAMA */ |
1728 | 0 | 104, 73, 83, 84, '\0', /* hIST */ |
1729 | 0 | 105, 67, 67, 80, '\0', /* iCCP */ |
1730 | 0 | 105, 84, 88, 116, '\0', /* iTXt */ |
1731 | 0 | 109, 68, 67, 86, '\0', /* mDCV */ |
1732 | 0 | 111, 70, 70, 115, '\0', /* oFFs */ |
1733 | 0 | 112, 67, 65, 76, '\0', /* pCAL */ |
1734 | 0 | 112, 72, 89, 115, '\0', /* pHYs */ |
1735 | 0 | 115, 66, 73, 84, '\0', /* sBIT */ |
1736 | 0 | 115, 67, 65, 76, '\0', /* sCAL */ |
1737 | 0 | 115, 80, 76, 84, '\0', /* sPLT */ |
1738 | 0 | 115, 84, 69, 82, '\0', /* sTER */ |
1739 | 0 | 115, 82, 71, 66, '\0', /* sRGB */ |
1740 | 0 | 116, 69, 88, 116, '\0', /* tEXt */ |
1741 | 0 | 116, 73, 77, 69, '\0', /* tIME */ |
1742 | 0 | 122, 84, 88, 116, '\0' /* zTXt */ |
1743 | 0 | }; |
1744 | |
|
1745 | 0 | chunk_list = chunks_to_ignore; |
1746 | 0 | num_chunks = (unsigned int)/*SAFE*/(sizeof chunks_to_ignore)/5U; |
1747 | 0 | } |
1748 | | |
1749 | 0 | else /* num_chunks_in > 0 */ |
1750 | 0 | { |
1751 | 0 | if (chunk_list == NULL) |
1752 | 0 | { |
1753 | | /* Prior to 1.6.0 this was silently ignored, now it is an app_error |
1754 | | * which can be switched off. |
1755 | | */ |
1756 | 0 | png_app_error(png_ptr, "png_set_keep_unknown_chunks: no chunk list"); |
1757 | |
|
1758 | 0 | return; |
1759 | 0 | } |
1760 | | |
1761 | 0 | num_chunks = (unsigned int)num_chunks_in; |
1762 | 0 | } |
1763 | | |
1764 | 0 | old_num_chunks = png_ptr->num_chunk_list; |
1765 | 0 | if (png_ptr->chunk_list == NULL) |
1766 | 0 | old_num_chunks = 0; |
1767 | | |
1768 | | /* Since num_chunks is always restricted to UINT_MAX/5 this can't overflow. |
1769 | | */ |
1770 | 0 | if (num_chunks + old_num_chunks > UINT_MAX/5) |
1771 | 0 | { |
1772 | 0 | png_app_error(png_ptr, "png_set_keep_unknown_chunks: too many chunks"); |
1773 | |
|
1774 | 0 | return; |
1775 | 0 | } |
1776 | | |
1777 | | /* If these chunks are being reset to the default then no more memory is |
1778 | | * required because add_one_chunk above doesn't extend the list if the 'keep' |
1779 | | * parameter is the default. |
1780 | | */ |
1781 | 0 | if (keep != 0) |
1782 | 0 | { |
1783 | 0 | new_list = png_voidcast(png_byte *, png_malloc(png_ptr, |
1784 | 0 | 5 * (num_chunks + old_num_chunks))); |
1785 | |
|
1786 | 0 | if (old_num_chunks > 0) |
1787 | 0 | memcpy(new_list, png_ptr->chunk_list, 5*old_num_chunks); |
1788 | 0 | } |
1789 | | |
1790 | 0 | else if (old_num_chunks > 0) |
1791 | 0 | new_list = png_ptr->chunk_list; |
1792 | | |
1793 | 0 | else |
1794 | 0 | new_list = NULL; |
1795 | | |
1796 | | /* Add the new chunks together with each one's handling code. If the chunk |
1797 | | * already exists the code is updated, otherwise the chunk is added to the |
1798 | | * end. (In libpng 1.6.0 order no longer matters because this code enforces |
1799 | | * the earlier convention that the last setting is the one that is used.) |
1800 | | */ |
1801 | 0 | if (new_list != NULL) |
1802 | 0 | { |
1803 | 0 | const png_byte *inlist; |
1804 | 0 | png_byte *outlist; |
1805 | 0 | unsigned int i; |
1806 | |
|
1807 | 0 | for (i=0; i<num_chunks; ++i) |
1808 | 0 | { |
1809 | 0 | old_num_chunks = add_one_chunk(new_list, old_num_chunks, |
1810 | 0 | chunk_list+5*i, keep); |
1811 | 0 | } |
1812 | | |
1813 | | /* Now remove any spurious 'default' entries. */ |
1814 | 0 | num_chunks = 0; |
1815 | 0 | for (i=0, inlist=outlist=new_list; i<old_num_chunks; ++i, inlist += 5) |
1816 | 0 | { |
1817 | 0 | if (inlist[4]) |
1818 | 0 | { |
1819 | 0 | if (outlist != inlist) |
1820 | 0 | memcpy(outlist, inlist, 5); |
1821 | 0 | outlist += 5; |
1822 | 0 | ++num_chunks; |
1823 | 0 | } |
1824 | 0 | } |
1825 | | |
1826 | | /* This means the application has removed all the specialized handling. */ |
1827 | 0 | if (num_chunks == 0) |
1828 | 0 | { |
1829 | 0 | if (png_ptr->chunk_list != new_list) |
1830 | 0 | png_free(png_ptr, new_list); |
1831 | |
|
1832 | 0 | new_list = NULL; |
1833 | 0 | } |
1834 | 0 | } |
1835 | | |
1836 | 0 | else |
1837 | 0 | num_chunks = 0; |
1838 | |
|
1839 | 0 | png_ptr->num_chunk_list = num_chunks; |
1840 | |
|
1841 | 0 | if (png_ptr->chunk_list != new_list) |
1842 | 0 | { |
1843 | 0 | if (png_ptr->chunk_list != NULL) |
1844 | 0 | png_free(png_ptr, png_ptr->chunk_list); |
1845 | |
|
1846 | 0 | png_ptr->chunk_list = new_list; |
1847 | 0 | } |
1848 | 0 | } |
1849 | | #endif |
1850 | | |
1851 | | #ifdef PNG_READ_USER_CHUNKS_SUPPORTED |
1852 | | void |
1853 | | png_set_read_user_chunk_fn(png_struct *png_ptr, void *user_chunk_ptr, |
1854 | | png_user_chunk_ptr read_user_chunk_fn) |
1855 | 0 | { |
1856 | 0 | png_debug(1, "in png_set_read_user_chunk_fn"); |
1857 | |
|
1858 | 0 | if (png_ptr == NULL) |
1859 | 0 | return; |
1860 | | |
1861 | 0 | png_ptr->read_user_chunk_fn = read_user_chunk_fn; |
1862 | 0 | png_ptr->user_chunk_ptr = user_chunk_ptr; |
1863 | 0 | } |
1864 | | #endif |
1865 | | |
1866 | | #ifdef PNG_INFO_IMAGE_SUPPORTED |
1867 | | void |
1868 | | png_set_rows(const png_struct *png_ptr, png_info *info_ptr, |
1869 | | png_byte **row_pointers) |
1870 | 1.44k | { |
1871 | 1.44k | png_debug(1, "in png_set_rows"); |
1872 | | |
1873 | 1.44k | if (png_ptr == NULL || info_ptr == NULL) |
1874 | 0 | return; |
1875 | | |
1876 | 1.44k | if (info_ptr->row_pointers != NULL && |
1877 | 0 | (info_ptr->row_pointers != row_pointers)) |
1878 | 0 | png_free_data(png_ptr, info_ptr, PNG_FREE_ROWS, 0); |
1879 | | |
1880 | 1.44k | info_ptr->row_pointers = row_pointers; |
1881 | | |
1882 | 1.44k | if (row_pointers != NULL) |
1883 | 1.44k | info_ptr->valid |= PNG_INFO_IDAT; |
1884 | 1.44k | } |
1885 | | #endif |
1886 | | |
1887 | | void |
1888 | | png_set_compression_buffer_size(png_struct *png_ptr, size_t size) |
1889 | 0 | { |
1890 | 0 | png_debug(1, "in png_set_compression_buffer_size"); |
1891 | |
|
1892 | 0 | if (png_ptr == NULL) |
1893 | 0 | return; |
1894 | | |
1895 | 0 | if (size == 0 || size > PNG_UINT_31_MAX) |
1896 | 0 | png_error(png_ptr, "invalid compression buffer size"); |
1897 | | |
1898 | 0 | # ifdef PNG_SEQUENTIAL_READ_SUPPORTED |
1899 | 0 | if ((png_ptr->mode & PNG_IS_READ_STRUCT) != 0) |
1900 | 0 | { |
1901 | 0 | png_ptr->IDAT_read_size = (png_uint_32)size; /* checked above */ |
1902 | 0 | return; |
1903 | 0 | } |
1904 | 0 | # endif |
1905 | | |
1906 | 0 | # ifdef PNG_WRITE_SUPPORTED |
1907 | 0 | if ((png_ptr->mode & PNG_IS_READ_STRUCT) == 0) |
1908 | 0 | { |
1909 | 0 | if (png_ptr->zowner != 0) |
1910 | 0 | { |
1911 | 0 | png_warning(png_ptr, |
1912 | 0 | "Compression buffer size cannot be changed because it is in use"); |
1913 | |
|
1914 | 0 | return; |
1915 | 0 | } |
1916 | | |
1917 | 0 | #ifndef __COVERITY__ |
1918 | | /* Some compilers complain that this is always false. However, it |
1919 | | * can be true when integer overflow happens. |
1920 | | */ |
1921 | 0 | if (size > ZLIB_IO_MAX) |
1922 | 0 | { |
1923 | 0 | png_warning(png_ptr, |
1924 | 0 | "Compression buffer size limited to system maximum"); |
1925 | 0 | size = ZLIB_IO_MAX; /* must fit */ |
1926 | 0 | } |
1927 | 0 | #endif |
1928 | |
|
1929 | 0 | if (size < 6) |
1930 | 0 | { |
1931 | | /* Deflate will potentially go into an infinite loop on a SYNC_FLUSH |
1932 | | * if this is permitted. |
1933 | | */ |
1934 | 0 | png_warning(png_ptr, |
1935 | 0 | "Compression buffer size cannot be reduced below 6"); |
1936 | |
|
1937 | 0 | return; |
1938 | 0 | } |
1939 | | |
1940 | 0 | if (png_ptr->zbuffer_size != size) |
1941 | 0 | { |
1942 | 0 | png_free_buffer_list(png_ptr, &png_ptr->zbuffer_list); |
1943 | 0 | png_ptr->zbuffer_size = (uInt)size; |
1944 | 0 | } |
1945 | 0 | } |
1946 | 0 | # endif |
1947 | 0 | } |
1948 | | |
1949 | | void |
1950 | | png_set_invalid(const png_struct *png_ptr, png_info *info_ptr, int mask) |
1951 | 0 | { |
1952 | 0 | if (png_ptr != NULL && info_ptr != NULL) |
1953 | 0 | info_ptr->valid &= (unsigned int)(~mask); |
1954 | 0 | } |
1955 | | |
1956 | | |
1957 | | #ifdef PNG_SET_USER_LIMITS_SUPPORTED |
1958 | | /* This function was added to libpng 1.2.6 */ |
1959 | | void |
1960 | | png_set_user_limits(png_struct *png_ptr, png_uint_32 user_width_max, |
1961 | | png_uint_32 user_height_max) |
1962 | 0 | { |
1963 | 0 | png_debug(1, "in png_set_user_limits"); |
1964 | | |
1965 | | /* Images with dimensions larger than these limits will be |
1966 | | * rejected by png_set_IHDR(). To accept any PNG datastream |
1967 | | * regardless of dimensions, set both limits to 0x7fffffff. |
1968 | | */ |
1969 | 0 | if (png_ptr == NULL) |
1970 | 0 | return; |
1971 | | |
1972 | 0 | png_ptr->user_width_max = user_width_max; |
1973 | 0 | png_ptr->user_height_max = user_height_max; |
1974 | 0 | } |
1975 | | |
1976 | | /* This function was added to libpng 1.4.0 */ |
1977 | | void |
1978 | | png_set_chunk_cache_max(png_struct *png_ptr, png_uint_32 user_chunk_cache_max) |
1979 | 0 | { |
1980 | 0 | png_debug(1, "in png_set_chunk_cache_max"); |
1981 | |
|
1982 | 0 | if (png_ptr != NULL) |
1983 | 0 | png_ptr->user_chunk_cache_max = user_chunk_cache_max; |
1984 | 0 | } |
1985 | | |
1986 | | /* This function was added to libpng 1.4.1 */ |
1987 | | void |
1988 | | png_set_chunk_malloc_max(png_struct *png_ptr, |
1989 | | png_alloc_size_t user_chunk_malloc_max) |
1990 | 0 | { |
1991 | 0 | png_debug(1, "in png_set_chunk_malloc_max"); |
1992 | | |
1993 | | /* pngstruct::user_chunk_malloc_max is initialized to a non-zero value in |
1994 | | * png.c. This API supports '0' for unlimited, make sure the correct |
1995 | | * (unlimited) value is set here to avoid a need to check for 0 everywhere |
1996 | | * the parameter is used. |
1997 | | */ |
1998 | 0 | if (png_ptr != NULL) |
1999 | 0 | { |
2000 | 0 | if (user_chunk_malloc_max == 0U) /* unlimited */ |
2001 | 0 | { |
2002 | | # ifdef PNG_MAX_MALLOC_64K |
2003 | | png_ptr->user_chunk_malloc_max = 65536U; |
2004 | | # else |
2005 | 0 | png_ptr->user_chunk_malloc_max = PNG_SIZE_MAX; |
2006 | 0 | # endif |
2007 | 0 | } |
2008 | 0 | else |
2009 | 0 | png_ptr->user_chunk_malloc_max = user_chunk_malloc_max; |
2010 | 0 | } |
2011 | 0 | } |
2012 | | #endif /* ?SET_USER_LIMITS */ |
2013 | | |
2014 | | |
2015 | | #ifdef PNG_BENIGN_ERRORS_SUPPORTED |
2016 | | void |
2017 | | png_set_benign_errors(png_struct *png_ptr, int allowed) |
2018 | 0 | { |
2019 | 0 | png_debug(1, "in png_set_benign_errors"); |
2020 | | |
2021 | | /* If allowed is 1, png_benign_error() is treated as a warning. |
2022 | | * |
2023 | | * If allowed is 0, png_benign_error() is treated as an error (which |
2024 | | * is the default behavior if png_set_benign_errors() is not called). |
2025 | | */ |
2026 | |
|
2027 | 0 | if (allowed != 0) |
2028 | 0 | png_ptr->flags |= PNG_FLAG_BENIGN_ERRORS_WARN | |
2029 | 0 | PNG_FLAG_APP_WARNINGS_WARN | PNG_FLAG_APP_ERRORS_WARN; |
2030 | | |
2031 | 0 | else |
2032 | 0 | png_ptr->flags &= ~(PNG_FLAG_BENIGN_ERRORS_WARN | |
2033 | 0 | PNG_FLAG_APP_WARNINGS_WARN | PNG_FLAG_APP_ERRORS_WARN); |
2034 | 0 | } |
2035 | | #endif /* BENIGN_ERRORS */ |
2036 | | |
2037 | | #ifdef PNG_CHECK_FOR_INVALID_INDEX_SUPPORTED |
2038 | | /* Whether to report invalid palette index; added at libpng-1.5.10. |
2039 | | * It is possible for an indexed (color-type==3) PNG file to contain |
2040 | | * pixels with invalid (out-of-range) indexes if the PLTE chunk has |
2041 | | * fewer entries than the image's bit-depth would allow. We recover |
2042 | | * from this gracefully by filling any incomplete palette with zeros |
2043 | | * (opaque black). By default, when this occurs libpng will issue |
2044 | | * a benign error. This API can be used to override that behavior. |
2045 | | */ |
2046 | | void |
2047 | | png_set_check_for_invalid_index(png_struct *png_ptr, int allowed) |
2048 | 0 | { |
2049 | 0 | png_debug(1, "in png_set_check_for_invalid_index"); |
2050 | |
|
2051 | 0 | if (allowed > 0) |
2052 | 0 | png_ptr->num_palette_max = 0; |
2053 | | |
2054 | 0 | else |
2055 | 0 | png_ptr->num_palette_max = -1; |
2056 | 0 | } |
2057 | | #endif |
2058 | | |
2059 | | #if defined(PNG_TEXT_SUPPORTED) || defined(PNG_pCAL_SUPPORTED) || \ |
2060 | | defined(PNG_iCCP_SUPPORTED) || defined(PNG_sPLT_SUPPORTED) |
2061 | | /* Check that the tEXt or zTXt keyword is valid per PNG 1.0 specification, |
2062 | | * and if invalid, correct the keyword rather than discarding the entire |
2063 | | * chunk. The PNG 1.0 specification requires keywords 1-79 characters in |
2064 | | * length, forbids leading or trailing whitespace, multiple internal spaces, |
2065 | | * and the non-break space (0x80) from ISO 8859-1. Returns keyword length. |
2066 | | * |
2067 | | * The 'new_key' buffer must be 80 characters in size (for the keyword plus a |
2068 | | * trailing '\0'). If this routine returns 0 then there was no keyword, or a |
2069 | | * valid one could not be generated, and the caller must png_error. |
2070 | | */ |
2071 | | png_uint_32 /* PRIVATE */ |
2072 | | png_check_keyword(png_struct *png_ptr, const char *key, png_byte *new_key) |
2073 | 0 | { |
2074 | 0 | #ifdef PNG_WARNINGS_SUPPORTED |
2075 | 0 | const char *orig_key = key; |
2076 | 0 | #endif |
2077 | 0 | png_uint_32 key_len = 0; |
2078 | 0 | int bad_character = 0; |
2079 | 0 | int space = 1; |
2080 | |
|
2081 | 0 | png_debug(1, "in png_check_keyword"); |
2082 | |
|
2083 | 0 | if (key == NULL) |
2084 | 0 | { |
2085 | 0 | *new_key = 0; |
2086 | 0 | return 0; |
2087 | 0 | } |
2088 | | |
2089 | 0 | while (*key && key_len < 79) |
2090 | 0 | { |
2091 | 0 | png_byte ch = (png_byte)*key++; |
2092 | |
|
2093 | 0 | if ((ch > 32 && ch <= 126) || (ch >= 161 /*&& ch <= 255*/)) |
2094 | 0 | { |
2095 | 0 | *new_key++ = ch; ++key_len; space = 0; |
2096 | 0 | } |
2097 | | |
2098 | 0 | else if (space == 0) |
2099 | 0 | { |
2100 | | /* A space or an invalid character when one wasn't seen immediately |
2101 | | * before; output just a space. |
2102 | | */ |
2103 | 0 | *new_key++ = 32; ++key_len; space = 1; |
2104 | | |
2105 | | /* If the character was not a space then it is invalid. */ |
2106 | 0 | if (ch != 32) |
2107 | 0 | bad_character = ch; |
2108 | 0 | } |
2109 | | |
2110 | 0 | else if (bad_character == 0) |
2111 | 0 | bad_character = ch; /* just skip it, record the first error */ |
2112 | 0 | } |
2113 | |
|
2114 | 0 | if (key_len > 0 && space != 0) /* trailing space */ |
2115 | 0 | { |
2116 | 0 | --key_len; --new_key; |
2117 | 0 | if (bad_character == 0) |
2118 | 0 | bad_character = 32; |
2119 | 0 | } |
2120 | | |
2121 | | /* Terminate the keyword */ |
2122 | 0 | *new_key = 0; |
2123 | |
|
2124 | 0 | if (key_len == 0) |
2125 | 0 | return 0; |
2126 | | |
2127 | 0 | #ifdef PNG_WARNINGS_SUPPORTED |
2128 | | /* Try to only output one warning per keyword: */ |
2129 | 0 | if (*key != 0) /* keyword too long */ |
2130 | 0 | png_warning(png_ptr, "keyword truncated"); |
2131 | | |
2132 | 0 | else if (bad_character != 0) |
2133 | 0 | { |
2134 | 0 | PNG_WARNING_PARAMETERS(p) |
2135 | |
|
2136 | 0 | png_warning_parameter(p, 1, orig_key); |
2137 | 0 | png_warning_parameter_signed(p, 2, PNG_NUMBER_FORMAT_02x, bad_character); |
2138 | |
|
2139 | 0 | png_formatted_warning(png_ptr, p, "keyword \"@1\": bad character '0x@2'"); |
2140 | 0 | } |
2141 | | #else /* !WARNINGS */ |
2142 | | PNG_UNUSED(png_ptr) |
2143 | | #endif /* !WARNINGS */ |
2144 | |
|
2145 | 0 | return key_len; |
2146 | 0 | } |
2147 | | #endif /* TEXT || pCAL || iCCP || sPLT */ |
2148 | | #endif /* READ || WRITE */ |