/work/workdir/UnpackedTarball/libpng/pngset.c
Line | Count | Source |
1 | | /* pngset.c - storage of image information into info struct |
2 | | * |
3 | | * Copyright (c) 2018-2026 Cosmin Truta |
4 | | * Copyright (c) 1998-2018 Glenn Randers-Pehrson |
5 | | * Copyright (c) 1996-1997 Andreas Dilger |
6 | | * Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc. |
7 | | * |
8 | | * This code is released under the libpng license. |
9 | | * For conditions of distribution and use, see the disclaimer |
10 | | * and license in png.h |
11 | | * |
12 | | * The functions here are used during reads to store data from the file |
13 | | * into the info struct, and during writes to store application data |
14 | | * into the info struct for writing into the file. This abstracts the |
15 | | * info struct and allows us to change the structure in the future. |
16 | | */ |
17 | | |
18 | | #include "pngpriv.h" |
19 | | |
20 | | #if defined(PNG_READ_SUPPORTED) || defined(PNG_WRITE_SUPPORTED) |
21 | | |
22 | | #ifdef PNG_bKGD_SUPPORTED |
23 | | void PNGAPI |
24 | | png_set_bKGD(png_const_structrp png_ptr, png_inforp info_ptr, |
25 | | png_const_color_16p background) |
26 | 199 | { |
27 | 199 | png_debug1(1, "in %s storage function", "bKGD"); |
28 | | |
29 | 199 | if (png_ptr == NULL || info_ptr == NULL || background == NULL) |
30 | 0 | return; |
31 | | |
32 | 199 | info_ptr->background = *background; |
33 | 199 | info_ptr->valid |= PNG_INFO_bKGD; |
34 | 199 | } |
35 | | #endif |
36 | | |
37 | | #ifdef PNG_cHRM_SUPPORTED |
38 | | void PNGFAPI |
39 | | png_set_cHRM_fixed(png_const_structrp png_ptr, png_inforp info_ptr, |
40 | | png_fixed_point white_x, png_fixed_point white_y, png_fixed_point red_x, |
41 | | png_fixed_point red_y, png_fixed_point green_x, png_fixed_point green_y, |
42 | | png_fixed_point blue_x, png_fixed_point blue_y) |
43 | 364 | { |
44 | 364 | png_debug1(1, "in %s storage function", "cHRM fixed"); |
45 | | |
46 | 364 | if (png_ptr == NULL || info_ptr == NULL) |
47 | 0 | return; |
48 | | |
49 | 364 | info_ptr->cHRM.redx = red_x; |
50 | 364 | info_ptr->cHRM.redy = red_y; |
51 | 364 | info_ptr->cHRM.greenx = green_x; |
52 | 364 | info_ptr->cHRM.greeny = green_y; |
53 | 364 | info_ptr->cHRM.bluex = blue_x; |
54 | 364 | info_ptr->cHRM.bluey = blue_y; |
55 | 364 | info_ptr->cHRM.whitex = white_x; |
56 | 364 | info_ptr->cHRM.whitey = white_y; |
57 | | |
58 | 364 | info_ptr->valid |= PNG_INFO_cHRM; |
59 | 364 | } |
60 | | |
61 | | void PNGFAPI |
62 | | png_set_cHRM_XYZ_fixed(png_const_structrp png_ptr, png_inforp info_ptr, |
63 | | png_fixed_point int_red_X, png_fixed_point int_red_Y, |
64 | | png_fixed_point int_red_Z, png_fixed_point int_green_X, |
65 | | png_fixed_point int_green_Y, png_fixed_point int_green_Z, |
66 | | png_fixed_point int_blue_X, png_fixed_point int_blue_Y, |
67 | | png_fixed_point int_blue_Z) |
68 | 0 | { |
69 | 0 | png_XYZ XYZ; |
70 | 0 | png_xy xy; |
71 | |
|
72 | 0 | png_debug1(1, "in %s storage function", "cHRM XYZ fixed"); |
73 | |
|
74 | 0 | if (png_ptr == NULL || info_ptr == NULL) |
75 | 0 | return; |
76 | | |
77 | 0 | XYZ.red_X = int_red_X; |
78 | 0 | XYZ.red_Y = int_red_Y; |
79 | 0 | XYZ.red_Z = int_red_Z; |
80 | 0 | XYZ.green_X = int_green_X; |
81 | 0 | XYZ.green_Y = int_green_Y; |
82 | 0 | XYZ.green_Z = int_green_Z; |
83 | 0 | XYZ.blue_X = int_blue_X; |
84 | 0 | XYZ.blue_Y = int_blue_Y; |
85 | 0 | XYZ.blue_Z = int_blue_Z; |
86 | |
|
87 | 0 | if (png_xy_from_XYZ(&xy, &XYZ) == 0) |
88 | 0 | { |
89 | 0 | info_ptr->cHRM = xy; |
90 | 0 | info_ptr->valid |= PNG_INFO_cHRM; |
91 | 0 | } |
92 | | |
93 | 0 | else |
94 | 0 | png_app_error(png_ptr, "invalid cHRM XYZ"); |
95 | 0 | } |
96 | | |
97 | | # ifdef PNG_FLOATING_POINT_SUPPORTED |
98 | | void PNGAPI |
99 | | png_set_cHRM(png_const_structrp png_ptr, png_inforp info_ptr, |
100 | | double white_x, double white_y, double red_x, double red_y, |
101 | | double green_x, double green_y, double blue_x, double blue_y) |
102 | 0 | { |
103 | 0 | png_set_cHRM_fixed(png_ptr, info_ptr, |
104 | 0 | png_fixed(png_ptr, white_x, "cHRM White X"), |
105 | 0 | png_fixed(png_ptr, white_y, "cHRM White Y"), |
106 | 0 | png_fixed(png_ptr, red_x, "cHRM Red X"), |
107 | 0 | png_fixed(png_ptr, red_y, "cHRM Red Y"), |
108 | 0 | png_fixed(png_ptr, green_x, "cHRM Green X"), |
109 | 0 | png_fixed(png_ptr, green_y, "cHRM Green Y"), |
110 | 0 | png_fixed(png_ptr, blue_x, "cHRM Blue X"), |
111 | 0 | png_fixed(png_ptr, blue_y, "cHRM Blue Y")); |
112 | 0 | } |
113 | | |
114 | | void PNGAPI |
115 | | png_set_cHRM_XYZ(png_const_structrp png_ptr, png_inforp info_ptr, double red_X, |
116 | | double red_Y, double red_Z, double green_X, double green_Y, double green_Z, |
117 | | double blue_X, double blue_Y, double blue_Z) |
118 | 0 | { |
119 | 0 | png_set_cHRM_XYZ_fixed(png_ptr, info_ptr, |
120 | 0 | png_fixed(png_ptr, red_X, "cHRM Red X"), |
121 | 0 | png_fixed(png_ptr, red_Y, "cHRM Red Y"), |
122 | 0 | png_fixed(png_ptr, red_Z, "cHRM Red Z"), |
123 | 0 | png_fixed(png_ptr, green_X, "cHRM Green X"), |
124 | 0 | png_fixed(png_ptr, green_Y, "cHRM Green Y"), |
125 | 0 | png_fixed(png_ptr, green_Z, "cHRM Green Z"), |
126 | 0 | png_fixed(png_ptr, blue_X, "cHRM Blue X"), |
127 | 0 | png_fixed(png_ptr, blue_Y, "cHRM Blue Y"), |
128 | 0 | png_fixed(png_ptr, blue_Z, "cHRM Blue Z")); |
129 | 0 | } |
130 | | # endif /* FLOATING_POINT */ |
131 | | |
132 | | #endif /* cHRM */ |
133 | | |
134 | | #ifdef PNG_cICP_SUPPORTED |
135 | | void PNGAPI |
136 | | png_set_cICP(png_const_structrp png_ptr, png_inforp info_ptr, |
137 | | png_byte colour_primaries, png_byte transfer_function, |
138 | | png_byte matrix_coefficients, png_byte video_full_range_flag) |
139 | | { |
140 | | png_debug1(1, "in %s storage function", "cICP"); |
141 | | |
142 | | if (png_ptr == NULL || info_ptr == NULL) |
143 | | return; |
144 | | |
145 | | info_ptr->cicp_colour_primaries = colour_primaries; |
146 | | info_ptr->cicp_transfer_function = transfer_function; |
147 | | info_ptr->cicp_matrix_coefficients = matrix_coefficients; |
148 | | info_ptr->cicp_video_full_range_flag = video_full_range_flag; |
149 | | |
150 | | if (info_ptr->cicp_matrix_coefficients != 0) |
151 | | { |
152 | | png_warning(png_ptr, "Invalid cICP matrix coefficients"); |
153 | | return; |
154 | | } |
155 | | |
156 | | info_ptr->valid |= PNG_INFO_cICP; |
157 | | } |
158 | | #endif /* cICP */ |
159 | | |
160 | | #ifdef PNG_cLLI_SUPPORTED |
161 | | void PNGFAPI |
162 | | png_set_cLLI_fixed(png_const_structrp png_ptr, png_inforp info_ptr, |
163 | | /* The values below are in cd/m2 (nits) and are scaled by 10,000; not |
164 | | * 100,000 as in the case of png_fixed_point. |
165 | | */ |
166 | | png_uint_32 maxCLL, png_uint_32 maxFALL) |
167 | | { |
168 | | png_debug1(1, "in %s storage function", "cLLI"); |
169 | | |
170 | | if (png_ptr == NULL || info_ptr == NULL) |
171 | | return; |
172 | | |
173 | | /* Check the light level range: */ |
174 | | if (maxCLL > 0x7FFFFFFFU || maxFALL > 0x7FFFFFFFU) |
175 | | { |
176 | | /* The limit is 200kcd/m2; somewhat bright but not inconceivable because |
177 | | * human vision is said to run up to 100Mcd/m2. The sun is about 2Gcd/m2. |
178 | | * |
179 | | * The reference sRGB monitor is 80cd/m2 and the limit of PQ encoding is |
180 | | * 2kcd/m2. |
181 | | */ |
182 | | png_chunk_report(png_ptr, "cLLI light level exceeds PNG limit", |
183 | | PNG_CHUNK_WRITE_ERROR); |
184 | | return; |
185 | | } |
186 | | |
187 | | info_ptr->maxCLL = maxCLL; |
188 | | info_ptr->maxFALL = maxFALL; |
189 | | info_ptr->valid |= PNG_INFO_cLLI; |
190 | | } |
191 | | |
192 | | # ifdef PNG_FLOATING_POINT_SUPPORTED |
193 | | void PNGAPI |
194 | | png_set_cLLI(png_const_structrp png_ptr, png_inforp info_ptr, |
195 | | double maxCLL, double maxFALL) |
196 | | { |
197 | | png_set_cLLI_fixed(png_ptr, info_ptr, |
198 | | png_fixed_ITU(png_ptr, maxCLL, "png_set_cLLI(maxCLL)"), |
199 | | png_fixed_ITU(png_ptr, maxFALL, "png_set_cLLI(maxFALL)")); |
200 | | } |
201 | | # endif /* FLOATING_POINT */ |
202 | | #endif /* cLLI */ |
203 | | |
204 | | #ifdef PNG_mDCV_SUPPORTED |
205 | | static png_uint_16 |
206 | | png_ITU_fixed_16(int *error, png_fixed_point v) |
207 | | { |
208 | | /* Return a safe uint16_t value scaled according to the ITU H273 rules for |
209 | | * 16-bit display chromaticities. Functions like the corresponding |
210 | | * png_fixed() internal function with regard to errors: it's an error on |
211 | | * write, a chunk_benign_error on read: See the definition of |
212 | | * png_chunk_report in pngpriv.h. |
213 | | */ |
214 | | v /= 2; /* rounds to 0 in C: avoids insignificant arithmetic errors */ |
215 | | if (v > 65535 || v < 0) |
216 | | { |
217 | | *error = 1; |
218 | | return 0; |
219 | | } |
220 | | |
221 | | return (png_uint_16)/*SAFE*/v; |
222 | | } |
223 | | |
224 | | void PNGAPI |
225 | | png_set_mDCV_fixed(png_const_structrp png_ptr, png_inforp info_ptr, |
226 | | png_fixed_point white_x, png_fixed_point white_y, |
227 | | png_fixed_point red_x, png_fixed_point red_y, |
228 | | png_fixed_point green_x, png_fixed_point green_y, |
229 | | png_fixed_point blue_x, png_fixed_point blue_y, |
230 | | png_uint_32 maxDL, |
231 | | png_uint_32 minDL) |
232 | | { |
233 | | png_uint_16 rx, ry, gx, gy, bx, by, wx, wy; |
234 | | int error; |
235 | | |
236 | | png_debug1(1, "in %s storage function", "mDCV"); |
237 | | |
238 | | if (png_ptr == NULL || info_ptr == NULL) |
239 | | return; |
240 | | |
241 | | /* Check the input values to ensure they are in the expected range: */ |
242 | | error = 0; |
243 | | rx = png_ITU_fixed_16(&error, red_x); |
244 | | ry = png_ITU_fixed_16(&error, red_y); |
245 | | gx = png_ITU_fixed_16(&error, green_x); |
246 | | gy = png_ITU_fixed_16(&error, green_y); |
247 | | bx = png_ITU_fixed_16(&error, blue_x); |
248 | | by = png_ITU_fixed_16(&error, blue_y); |
249 | | wx = png_ITU_fixed_16(&error, white_x); |
250 | | wy = png_ITU_fixed_16(&error, white_y); |
251 | | |
252 | | if (error) |
253 | | { |
254 | | png_chunk_report(png_ptr, |
255 | | "mDCV chromaticities outside representable range", |
256 | | PNG_CHUNK_WRITE_ERROR); |
257 | | return; |
258 | | } |
259 | | |
260 | | /* Check the light level range: */ |
261 | | if (maxDL > 0x7FFFFFFFU || minDL > 0x7FFFFFFFU) |
262 | | { |
263 | | /* The limit is 200kcd/m2; somewhat bright but not inconceivable because |
264 | | * human vision is said to run up to 100Mcd/m2. The sun is about 2Gcd/m2. |
265 | | * |
266 | | * The reference sRGB monitor is 80cd/m2 and the limit of PQ encoding is |
267 | | * 2kcd/m2. |
268 | | */ |
269 | | png_chunk_report(png_ptr, "mDCV display light level exceeds PNG limit", |
270 | | PNG_CHUNK_WRITE_ERROR); |
271 | | return; |
272 | | } |
273 | | |
274 | | /* All values are safe, the settings are accepted. |
275 | | * |
276 | | * IMPLEMENTATION NOTE: in practice the values can be checked and assigned |
277 | | * but the result is confusing if a writing app calls png_set_mDCV more than |
278 | | * once, the second time with an invalid value. This approach is more |
279 | | * obviously correct at the cost of typing and a very slight machine |
280 | | * overhead. |
281 | | */ |
282 | | info_ptr->mastering_red_x = rx; |
283 | | info_ptr->mastering_red_y = ry; |
284 | | info_ptr->mastering_green_x = gx; |
285 | | info_ptr->mastering_green_y = gy; |
286 | | info_ptr->mastering_blue_x = bx; |
287 | | info_ptr->mastering_blue_y = by; |
288 | | info_ptr->mastering_white_x = wx; |
289 | | info_ptr->mastering_white_y = wy; |
290 | | info_ptr->mastering_maxDL = maxDL; |
291 | | info_ptr->mastering_minDL = minDL; |
292 | | info_ptr->valid |= PNG_INFO_mDCV; |
293 | | } |
294 | | |
295 | | # ifdef PNG_FLOATING_POINT_SUPPORTED |
296 | | void PNGAPI |
297 | | png_set_mDCV(png_const_structrp png_ptr, png_inforp info_ptr, |
298 | | double white_x, double white_y, double red_x, double red_y, double green_x, |
299 | | double green_y, double blue_x, double blue_y, |
300 | | double maxDL, double minDL) |
301 | | { |
302 | | png_set_mDCV_fixed(png_ptr, info_ptr, |
303 | | png_fixed(png_ptr, white_x, "png_set_mDCV(white(x))"), |
304 | | png_fixed(png_ptr, white_y, "png_set_mDCV(white(y))"), |
305 | | png_fixed(png_ptr, red_x, "png_set_mDCV(red(x))"), |
306 | | png_fixed(png_ptr, red_y, "png_set_mDCV(red(y))"), |
307 | | png_fixed(png_ptr, green_x, "png_set_mDCV(green(x))"), |
308 | | png_fixed(png_ptr, green_y, "png_set_mDCV(green(y))"), |
309 | | png_fixed(png_ptr, blue_x, "png_set_mDCV(blue(x))"), |
310 | | png_fixed(png_ptr, blue_y, "png_set_mDCV(blue(y))"), |
311 | | png_fixed_ITU(png_ptr, maxDL, "png_set_mDCV(maxDL)"), |
312 | | png_fixed_ITU(png_ptr, minDL, "png_set_mDCV(minDL)")); |
313 | | } |
314 | | # endif /* FLOATING_POINT */ |
315 | | #endif /* mDCV */ |
316 | | |
317 | | #ifdef PNG_eXIf_SUPPORTED |
318 | | void PNGAPI |
319 | | png_set_eXIf(png_const_structrp png_ptr, png_inforp info_ptr, |
320 | | png_bytep exif) |
321 | | { |
322 | | png_warning(png_ptr, "png_set_eXIf does not work; use png_set_eXIf_1"); |
323 | | PNG_UNUSED(info_ptr) |
324 | | PNG_UNUSED(exif) |
325 | | } |
326 | | |
327 | | void PNGAPI |
328 | | png_set_eXIf_1(png_const_structrp png_ptr, png_inforp info_ptr, |
329 | | png_uint_32 num_exif, png_bytep exif) |
330 | | { |
331 | | png_bytep new_exif; |
332 | | |
333 | | png_debug1(1, "in %s storage function", "eXIf"); |
334 | | |
335 | | if (png_ptr == NULL || info_ptr == NULL || |
336 | | (png_ptr->mode & PNG_WROTE_eXIf) != 0 || |
337 | | exif == NULL) |
338 | | return; |
339 | | |
340 | | new_exif = png_voidcast(png_bytep, png_malloc_warn(png_ptr, num_exif)); |
341 | | |
342 | | if (new_exif == NULL) |
343 | | { |
344 | | png_warning(png_ptr, "Insufficient memory for eXIf chunk data"); |
345 | | return; |
346 | | } |
347 | | |
348 | | memcpy(new_exif, exif, (size_t)num_exif); |
349 | | |
350 | | png_free_data(png_ptr, info_ptr, PNG_FREE_EXIF, 0); |
351 | | |
352 | | info_ptr->num_exif = num_exif; |
353 | | info_ptr->exif = new_exif; |
354 | | info_ptr->free_me |= PNG_FREE_EXIF; |
355 | | info_ptr->valid |= PNG_INFO_eXIf; |
356 | | } |
357 | | #endif /* eXIf */ |
358 | | |
359 | | #ifdef PNG_gAMA_SUPPORTED |
360 | | void PNGFAPI |
361 | | png_set_gAMA_fixed(png_const_structrp png_ptr, png_inforp info_ptr, |
362 | | png_fixed_point file_gamma) |
363 | 477 | { |
364 | 477 | png_debug1(1, "in %s storage function", "gAMA"); |
365 | | |
366 | 477 | if (png_ptr == NULL || info_ptr == NULL) |
367 | 0 | return; |
368 | | |
369 | 477 | info_ptr->gamma = file_gamma; |
370 | 477 | info_ptr->valid |= PNG_INFO_gAMA; |
371 | 477 | } |
372 | | |
373 | | # ifdef PNG_FLOATING_POINT_SUPPORTED |
374 | | void PNGAPI |
375 | | png_set_gAMA(png_const_structrp png_ptr, png_inforp info_ptr, double file_gamma) |
376 | 0 | { |
377 | 0 | png_set_gAMA_fixed(png_ptr, info_ptr, png_fixed(png_ptr, file_gamma, |
378 | 0 | "png_set_gAMA")); |
379 | 0 | } |
380 | | # endif |
381 | | #endif |
382 | | |
383 | | #ifdef PNG_hIST_SUPPORTED |
384 | | void PNGAPI |
385 | | png_set_hIST(png_const_structrp png_ptr, png_inforp info_ptr, |
386 | | png_const_uint_16p hist) |
387 | 2.55k | { |
388 | 2.55k | int i; |
389 | | |
390 | 2.55k | png_debug1(1, "in %s storage function", "hIST"); |
391 | | |
392 | 2.55k | if (png_ptr == NULL || info_ptr == NULL || hist == NULL) |
393 | 0 | return; |
394 | | |
395 | 2.55k | if (info_ptr->num_palette == 0 || info_ptr->num_palette |
396 | 0 | > PNG_MAX_PALETTE_LENGTH) |
397 | 2.55k | { |
398 | 2.55k | png_warning(png_ptr, |
399 | 2.55k | "Invalid palette size, hIST allocation skipped"); |
400 | | |
401 | 2.55k | return; |
402 | 2.55k | } |
403 | | |
404 | 0 | png_free_data(png_ptr, info_ptr, PNG_FREE_HIST, 0); |
405 | | |
406 | | /* Changed from info->num_palette to PNG_MAX_PALETTE_LENGTH in |
407 | | * version 1.2.1 |
408 | | */ |
409 | 0 | info_ptr->hist = png_voidcast(png_uint_16p, png_malloc_warn(png_ptr, |
410 | 0 | PNG_MAX_PALETTE_LENGTH * (sizeof (png_uint_16)))); |
411 | |
|
412 | 0 | if (info_ptr->hist == NULL) |
413 | 0 | { |
414 | 0 | png_warning(png_ptr, "Insufficient memory for hIST chunk data"); |
415 | 0 | return; |
416 | 0 | } |
417 | | |
418 | 0 | for (i = 0; i < info_ptr->num_palette; i++) |
419 | 0 | info_ptr->hist[i] = hist[i]; |
420 | |
|
421 | 0 | info_ptr->free_me |= PNG_FREE_HIST; |
422 | 0 | info_ptr->valid |= PNG_INFO_hIST; |
423 | 0 | } |
424 | | #endif |
425 | | |
426 | | void PNGAPI |
427 | | png_set_IHDR(png_const_structrp png_ptr, png_inforp info_ptr, |
428 | | png_uint_32 width, png_uint_32 height, int bit_depth, |
429 | | int color_type, int interlace_type, int compression_type, |
430 | | int filter_type) |
431 | 16.9k | { |
432 | 16.9k | png_debug1(1, "in %s storage function", "IHDR"); |
433 | | |
434 | 16.9k | if (png_ptr == NULL || info_ptr == NULL) |
435 | 0 | return; |
436 | | |
437 | 16.9k | info_ptr->width = width; |
438 | 16.9k | info_ptr->height = height; |
439 | 16.9k | info_ptr->bit_depth = (png_byte)bit_depth; |
440 | 16.9k | info_ptr->color_type = (png_byte)color_type; |
441 | 16.9k | info_ptr->compression_type = (png_byte)compression_type; |
442 | 16.9k | info_ptr->filter_type = (png_byte)filter_type; |
443 | 16.9k | info_ptr->interlace_type = (png_byte)interlace_type; |
444 | | |
445 | 16.9k | png_check_IHDR (png_ptr, info_ptr->width, info_ptr->height, |
446 | 16.9k | info_ptr->bit_depth, info_ptr->color_type, info_ptr->interlace_type, |
447 | 16.9k | info_ptr->compression_type, info_ptr->filter_type); |
448 | | |
449 | 16.9k | if (info_ptr->color_type == PNG_COLOR_TYPE_PALETTE) |
450 | 1.43k | info_ptr->channels = 1; |
451 | | |
452 | 15.4k | else if ((info_ptr->color_type & PNG_COLOR_MASK_COLOR) != 0) |
453 | 3.28k | info_ptr->channels = 3; |
454 | | |
455 | 12.1k | else |
456 | 12.1k | info_ptr->channels = 1; |
457 | | |
458 | 16.9k | if ((info_ptr->color_type & PNG_COLOR_MASK_ALPHA) != 0) |
459 | 1.66k | info_ptr->channels++; |
460 | | |
461 | 16.9k | info_ptr->pixel_depth = (png_byte)(info_ptr->channels * info_ptr->bit_depth); |
462 | | |
463 | 16.9k | info_ptr->rowbytes = PNG_ROWBYTES(info_ptr->pixel_depth, width); |
464 | 16.9k | } |
465 | | |
466 | | #ifdef PNG_oFFs_SUPPORTED |
467 | | void PNGAPI |
468 | | png_set_oFFs(png_const_structrp png_ptr, png_inforp info_ptr, |
469 | | png_int_32 offset_x, png_int_32 offset_y, int unit_type) |
470 | 1.24k | { |
471 | 1.24k | png_debug1(1, "in %s storage function", "oFFs"); |
472 | | |
473 | 1.24k | if (png_ptr == NULL || info_ptr == NULL) |
474 | 0 | return; |
475 | | |
476 | 1.24k | info_ptr->x_offset = offset_x; |
477 | 1.24k | info_ptr->y_offset = offset_y; |
478 | 1.24k | info_ptr->offset_unit_type = (png_byte)unit_type; |
479 | 1.24k | info_ptr->valid |= PNG_INFO_oFFs; |
480 | 1.24k | } |
481 | | #endif |
482 | | |
483 | | #ifdef PNG_pCAL_SUPPORTED |
484 | | void PNGAPI |
485 | | png_set_pCAL(png_const_structrp png_ptr, png_inforp info_ptr, |
486 | | png_const_charp purpose, png_int_32 X0, png_int_32 X1, int type, |
487 | | int nparams, png_const_charp units, png_charpp params) |
488 | 356 | { |
489 | 356 | size_t length; |
490 | 356 | int i; |
491 | | |
492 | 356 | png_debug1(1, "in %s storage function", "pCAL"); |
493 | | |
494 | 356 | if (png_ptr == NULL || info_ptr == NULL || purpose == NULL || units == NULL |
495 | 356 | || (nparams > 0 && params == NULL)) |
496 | 0 | return; |
497 | | |
498 | 356 | length = strlen(purpose) + 1; |
499 | 356 | png_debug1(3, "allocating purpose for info (%lu bytes)", |
500 | 356 | (unsigned long)length); |
501 | | |
502 | | /* TODO: validate format of calibration name and unit name */ |
503 | | |
504 | | /* Check that the type matches the specification. */ |
505 | 356 | if (type < 0 || type > 3) |
506 | 111 | { |
507 | 111 | png_chunk_report(png_ptr, "Invalid pCAL equation type", |
508 | 111 | PNG_CHUNK_WRITE_ERROR); |
509 | 111 | return; |
510 | 111 | } |
511 | | |
512 | 245 | if (nparams < 0 || nparams > 255) |
513 | 0 | { |
514 | 0 | png_chunk_report(png_ptr, "Invalid pCAL parameter count", |
515 | 0 | PNG_CHUNK_WRITE_ERROR); |
516 | 0 | return; |
517 | 0 | } |
518 | | |
519 | | /* Validate params[nparams] */ |
520 | 289 | for (i=0; i<nparams; ++i) |
521 | 285 | { |
522 | 285 | if (params[i] == NULL || |
523 | 285 | !png_check_fp_string(params[i], strlen(params[i]))) |
524 | 241 | { |
525 | 241 | png_chunk_report(png_ptr, "Invalid format for pCAL parameter", |
526 | 241 | PNG_CHUNK_WRITE_ERROR); |
527 | 241 | return; |
528 | 241 | } |
529 | 285 | } |
530 | | |
531 | 4 | info_ptr->pcal_purpose = png_voidcast(png_charp, |
532 | 4 | png_malloc_warn(png_ptr, length)); |
533 | | |
534 | 4 | if (info_ptr->pcal_purpose == NULL) |
535 | 0 | { |
536 | 0 | png_chunk_report(png_ptr, "Insufficient memory for pCAL purpose", |
537 | 0 | PNG_CHUNK_WRITE_ERROR); |
538 | 0 | return; |
539 | 0 | } |
540 | | |
541 | 4 | memcpy(info_ptr->pcal_purpose, purpose, length); |
542 | | |
543 | 4 | info_ptr->free_me |= PNG_FREE_PCAL; |
544 | | |
545 | 4 | png_debug(3, "storing X0, X1, type, and nparams in info"); |
546 | 4 | info_ptr->pcal_X0 = X0; |
547 | 4 | info_ptr->pcal_X1 = X1; |
548 | 4 | info_ptr->pcal_type = (png_byte)type; |
549 | 4 | info_ptr->pcal_nparams = (png_byte)nparams; |
550 | | |
551 | 4 | length = strlen(units) + 1; |
552 | 4 | png_debug1(3, "allocating units for info (%lu bytes)", |
553 | 4 | (unsigned long)length); |
554 | | |
555 | 4 | info_ptr->pcal_units = png_voidcast(png_charp, |
556 | 4 | png_malloc_warn(png_ptr, length)); |
557 | | |
558 | 4 | if (info_ptr->pcal_units == NULL) |
559 | 0 | { |
560 | 0 | png_warning(png_ptr, "Insufficient memory for pCAL units"); |
561 | 0 | return; |
562 | 0 | } |
563 | | |
564 | 4 | memcpy(info_ptr->pcal_units, units, length); |
565 | | |
566 | 4 | info_ptr->pcal_params = png_voidcast(png_charpp, png_malloc_warn(png_ptr, |
567 | 4 | (size_t)(((unsigned int)nparams + 1) * (sizeof (png_charp))))); |
568 | | |
569 | 4 | if (info_ptr->pcal_params == NULL) |
570 | 0 | { |
571 | 0 | png_warning(png_ptr, "Insufficient memory for pCAL params"); |
572 | 0 | return; |
573 | 0 | } |
574 | | |
575 | 4 | memset(info_ptr->pcal_params, 0, ((unsigned int)nparams + 1) * |
576 | 4 | (sizeof (png_charp))); |
577 | | |
578 | 15 | for (i = 0; i < nparams; i++) |
579 | 11 | { |
580 | 11 | length = strlen(params[i]) + 1; |
581 | 11 | png_debug2(3, "allocating parameter %d for info (%lu bytes)", i, |
582 | 11 | (unsigned long)length); |
583 | | |
584 | 11 | info_ptr->pcal_params[i] = (png_charp)png_malloc_warn(png_ptr, length); |
585 | | |
586 | 11 | if (info_ptr->pcal_params[i] == NULL) |
587 | 0 | { |
588 | 0 | png_warning(png_ptr, "Insufficient memory for pCAL parameter"); |
589 | 0 | return; |
590 | 0 | } |
591 | | |
592 | 11 | memcpy(info_ptr->pcal_params[i], params[i], length); |
593 | 11 | } |
594 | | |
595 | 4 | info_ptr->valid |= PNG_INFO_pCAL; |
596 | 4 | } |
597 | | #endif |
598 | | |
599 | | #ifdef PNG_sCAL_SUPPORTED |
600 | | void PNGAPI |
601 | | png_set_sCAL_s(png_const_structrp png_ptr, png_inforp info_ptr, |
602 | | int unit, png_const_charp swidth, png_const_charp sheight) |
603 | 225 | { |
604 | 225 | size_t lengthw = 0, lengthh = 0; |
605 | | |
606 | 225 | png_debug1(1, "in %s storage function", "sCAL"); |
607 | | |
608 | 225 | if (png_ptr == NULL || info_ptr == NULL) |
609 | 0 | return; |
610 | | |
611 | | /* Double check the unit (should never get here with an invalid |
612 | | * unit unless this is an API call.) |
613 | | */ |
614 | 225 | if (unit != 1 && unit != 2) |
615 | 0 | png_error(png_ptr, "Invalid sCAL unit"); |
616 | | |
617 | 225 | if (swidth == NULL || (lengthw = strlen(swidth)) == 0 || |
618 | 225 | swidth[0] == 45 /* '-' */ || !png_check_fp_string(swidth, lengthw)) |
619 | 0 | png_error(png_ptr, "Invalid sCAL width"); |
620 | | |
621 | 225 | if (sheight == NULL || (lengthh = strlen(sheight)) == 0 || |
622 | 225 | sheight[0] == 45 /* '-' */ || !png_check_fp_string(sheight, lengthh)) |
623 | 0 | png_error(png_ptr, "Invalid sCAL height"); |
624 | | |
625 | 225 | info_ptr->scal_unit = (png_byte)unit; |
626 | | |
627 | 225 | ++lengthw; |
628 | | |
629 | 225 | png_debug1(3, "allocating unit for info (%u bytes)", (unsigned int)lengthw); |
630 | | |
631 | 225 | info_ptr->scal_s_width = png_voidcast(png_charp, |
632 | 225 | png_malloc_warn(png_ptr, lengthw)); |
633 | | |
634 | 225 | if (info_ptr->scal_s_width == NULL) |
635 | 0 | { |
636 | 0 | png_warning(png_ptr, "Memory allocation failed while processing sCAL"); |
637 | |
|
638 | 0 | return; |
639 | 0 | } |
640 | | |
641 | 225 | memcpy(info_ptr->scal_s_width, swidth, lengthw); |
642 | | |
643 | 225 | ++lengthh; |
644 | | |
645 | 225 | png_debug1(3, "allocating unit for info (%u bytes)", (unsigned int)lengthh); |
646 | | |
647 | 225 | info_ptr->scal_s_height = png_voidcast(png_charp, |
648 | 225 | png_malloc_warn(png_ptr, lengthh)); |
649 | | |
650 | 225 | if (info_ptr->scal_s_height == NULL) |
651 | 0 | { |
652 | 0 | png_free(png_ptr, info_ptr->scal_s_width); |
653 | 0 | info_ptr->scal_s_width = NULL; |
654 | |
|
655 | 0 | png_warning(png_ptr, "Memory allocation failed while processing sCAL"); |
656 | 0 | return; |
657 | 0 | } |
658 | | |
659 | 225 | memcpy(info_ptr->scal_s_height, sheight, lengthh); |
660 | | |
661 | 225 | info_ptr->free_me |= PNG_FREE_SCAL; |
662 | 225 | info_ptr->valid |= PNG_INFO_sCAL; |
663 | 225 | } |
664 | | |
665 | | # ifdef PNG_FLOATING_POINT_SUPPORTED |
666 | | void PNGAPI |
667 | | png_set_sCAL(png_const_structrp png_ptr, png_inforp info_ptr, int unit, |
668 | | double width, double height) |
669 | 0 | { |
670 | 0 | png_debug1(1, "in %s storage function", "sCAL"); |
671 | | |
672 | | /* Check the arguments. */ |
673 | 0 | if (width <= 0) |
674 | 0 | png_warning(png_ptr, "Invalid sCAL width ignored"); |
675 | | |
676 | 0 | else if (height <= 0) |
677 | 0 | png_warning(png_ptr, "Invalid sCAL height ignored"); |
678 | | |
679 | 0 | else |
680 | 0 | { |
681 | | /* Convert 'width' and 'height' to ASCII. */ |
682 | 0 | char swidth[PNG_sCAL_MAX_DIGITS+1]; |
683 | 0 | char sheight[PNG_sCAL_MAX_DIGITS+1]; |
684 | |
|
685 | 0 | png_ascii_from_fp(png_ptr, swidth, (sizeof swidth), width, |
686 | 0 | PNG_sCAL_PRECISION); |
687 | 0 | png_ascii_from_fp(png_ptr, sheight, (sizeof sheight), height, |
688 | 0 | PNG_sCAL_PRECISION); |
689 | |
|
690 | 0 | png_set_sCAL_s(png_ptr, info_ptr, unit, swidth, sheight); |
691 | 0 | } |
692 | 0 | } |
693 | | # endif |
694 | | |
695 | | # ifdef PNG_FIXED_POINT_SUPPORTED |
696 | | void PNGAPI |
697 | | png_set_sCAL_fixed(png_const_structrp png_ptr, png_inforp info_ptr, int unit, |
698 | | png_fixed_point width, png_fixed_point height) |
699 | 0 | { |
700 | 0 | png_debug1(1, "in %s storage function", "sCAL"); |
701 | | |
702 | | /* Check the arguments. */ |
703 | 0 | if (width <= 0) |
704 | 0 | png_warning(png_ptr, "Invalid sCAL width ignored"); |
705 | | |
706 | 0 | else if (height <= 0) |
707 | 0 | png_warning(png_ptr, "Invalid sCAL height ignored"); |
708 | | |
709 | 0 | else |
710 | 0 | { |
711 | | /* Convert 'width' and 'height' to ASCII. */ |
712 | 0 | char swidth[PNG_sCAL_MAX_DIGITS+1]; |
713 | 0 | char sheight[PNG_sCAL_MAX_DIGITS+1]; |
714 | |
|
715 | 0 | png_ascii_from_fixed(png_ptr, swidth, (sizeof swidth), width); |
716 | 0 | png_ascii_from_fixed(png_ptr, sheight, (sizeof sheight), height); |
717 | |
|
718 | 0 | png_set_sCAL_s(png_ptr, info_ptr, unit, swidth, sheight); |
719 | 0 | } |
720 | 0 | } |
721 | | # endif |
722 | | #endif |
723 | | |
724 | | #ifdef PNG_pHYs_SUPPORTED |
725 | | void PNGAPI |
726 | | png_set_pHYs(png_const_structrp png_ptr, png_inforp info_ptr, |
727 | | png_uint_32 res_x, png_uint_32 res_y, int unit_type) |
728 | 1.07k | { |
729 | 1.07k | png_debug1(1, "in %s storage function", "pHYs"); |
730 | | |
731 | 1.07k | if (png_ptr == NULL || info_ptr == NULL) |
732 | 0 | return; |
733 | | |
734 | 1.07k | info_ptr->x_pixels_per_unit = res_x; |
735 | 1.07k | info_ptr->y_pixels_per_unit = res_y; |
736 | 1.07k | info_ptr->phys_unit_type = (png_byte)unit_type; |
737 | 1.07k | info_ptr->valid |= PNG_INFO_pHYs; |
738 | 1.07k | } |
739 | | #endif |
740 | | |
741 | | void PNGAPI |
742 | | png_set_PLTE(png_structrp png_ptr, png_inforp info_ptr, |
743 | | png_const_colorp palette, int num_palette) |
744 | 636 | { |
745 | | |
746 | 636 | png_uint_32 max_palette_length; |
747 | | |
748 | 636 | png_debug1(1, "in %s storage function", "PLTE"); |
749 | | |
750 | 636 | if (png_ptr == NULL || info_ptr == NULL) |
751 | 0 | return; |
752 | | |
753 | 636 | max_palette_length = (info_ptr->color_type == PNG_COLOR_TYPE_PALETTE) ? |
754 | 604 | (1 << info_ptr->bit_depth) : PNG_MAX_PALETTE_LENGTH; |
755 | | |
756 | 636 | if (num_palette < 0 || num_palette > (int) max_palette_length) |
757 | 0 | { |
758 | 0 | if (info_ptr->color_type == PNG_COLOR_TYPE_PALETTE) |
759 | 0 | png_error(png_ptr, "Invalid palette length"); |
760 | | |
761 | 0 | else |
762 | 0 | { |
763 | 0 | png_warning(png_ptr, "Invalid palette length"); |
764 | |
|
765 | 0 | return; |
766 | 0 | } |
767 | 0 | } |
768 | | |
769 | 636 | if ((num_palette > 0 && palette == NULL) || |
770 | 636 | (num_palette == 0 |
771 | 3 | # ifdef PNG_MNG_FEATURES_SUPPORTED |
772 | 3 | && (png_ptr->mng_features_permitted & PNG_FLAG_MNG_EMPTY_PLTE) == 0 |
773 | 636 | # endif |
774 | 636 | )) |
775 | 3 | { |
776 | 3 | png_error(png_ptr, "Invalid palette"); |
777 | 3 | } |
778 | | |
779 | 633 | png_free_data(png_ptr, info_ptr, PNG_FREE_PLTE, 0); |
780 | | |
781 | | /* Changed in libpng-1.2.1 to allocate PNG_MAX_PALETTE_LENGTH instead |
782 | | * of num_palette entries, in case of an invalid PNG file or incorrect |
783 | | * call to png_set_PLTE() with too-large sample values. |
784 | | * |
785 | | * Allocate independent buffers for info_ptr and png_ptr so that the |
786 | | * lifetime of png_ptr->palette is decoupled from the lifetime of |
787 | | * info_ptr->palette. Previously, these two pointers were aliased, |
788 | | * which caused a use-after-free vulnerability if png_free_data freed |
789 | | * info_ptr->palette while png_ptr->palette was still in use by the |
790 | | * row transform functions (e.g. png_do_expand_palette). |
791 | | * |
792 | | * Both buffers are allocated with png_calloc to zero-fill, because |
793 | | * the ARM NEON palette riffle reads all 256 entries unconditionally, |
794 | | * regardless of num_palette. |
795 | | */ |
796 | 633 | png_free(png_ptr, png_ptr->palette); |
797 | 633 | png_ptr->palette = png_voidcast(png_colorp, png_calloc(png_ptr, |
798 | 633 | PNG_MAX_PALETTE_LENGTH * (sizeof (png_color)))); |
799 | 633 | info_ptr->palette = png_voidcast(png_colorp, png_calloc(png_ptr, |
800 | 633 | PNG_MAX_PALETTE_LENGTH * (sizeof (png_color)))); |
801 | 633 | png_ptr->num_palette = info_ptr->num_palette = (png_uint_16)num_palette; |
802 | | |
803 | 633 | if (num_palette > 0) |
804 | 633 | { |
805 | 633 | memcpy(info_ptr->palette, palette, (unsigned int)num_palette * |
806 | 633 | (sizeof (png_color))); |
807 | 633 | memcpy(png_ptr->palette, palette, (unsigned int)num_palette * |
808 | 633 | (sizeof (png_color))); |
809 | 633 | } |
810 | | |
811 | 633 | info_ptr->free_me |= PNG_FREE_PLTE; |
812 | 633 | info_ptr->valid |= PNG_INFO_PLTE; |
813 | 633 | } |
814 | | |
815 | | #ifdef PNG_sBIT_SUPPORTED |
816 | | void PNGAPI |
817 | | png_set_sBIT(png_const_structrp png_ptr, png_inforp info_ptr, |
818 | | png_const_color_8p sig_bit) |
819 | 76 | { |
820 | 76 | png_debug1(1, "in %s storage function", "sBIT"); |
821 | | |
822 | 76 | if (png_ptr == NULL || info_ptr == NULL || sig_bit == NULL) |
823 | 0 | return; |
824 | | |
825 | 76 | info_ptr->sig_bit = *sig_bit; |
826 | 76 | info_ptr->valid |= PNG_INFO_sBIT; |
827 | 76 | } |
828 | | #endif |
829 | | |
830 | | #ifdef PNG_sRGB_SUPPORTED |
831 | | void PNGAPI |
832 | | png_set_sRGB(png_const_structrp png_ptr, png_inforp info_ptr, int srgb_intent) |
833 | 819 | { |
834 | 819 | png_debug1(1, "in %s storage function", "sRGB"); |
835 | | |
836 | 819 | if (png_ptr == NULL || info_ptr == NULL) |
837 | 0 | return; |
838 | | |
839 | 819 | info_ptr->rendering_intent = srgb_intent; |
840 | 819 | info_ptr->valid |= PNG_INFO_sRGB; |
841 | 819 | } |
842 | | |
843 | | void PNGAPI |
844 | | png_set_sRGB_gAMA_and_cHRM(png_const_structrp png_ptr, png_inforp info_ptr, |
845 | | int srgb_intent) |
846 | 0 | { |
847 | 0 | png_debug1(1, "in %s storage function", "sRGB_gAMA_and_cHRM"); |
848 | |
|
849 | 0 | if (png_ptr == NULL || info_ptr == NULL) |
850 | 0 | return; |
851 | | |
852 | 0 | png_set_sRGB(png_ptr, info_ptr, srgb_intent); |
853 | |
|
854 | 0 | # ifdef PNG_gAMA_SUPPORTED |
855 | 0 | png_set_gAMA_fixed(png_ptr, info_ptr, PNG_GAMMA_sRGB_INVERSE); |
856 | 0 | # endif /* gAMA */ |
857 | |
|
858 | 0 | # ifdef PNG_cHRM_SUPPORTED |
859 | 0 | png_set_cHRM_fixed(png_ptr, info_ptr, |
860 | | /* color x y */ |
861 | 0 | /* white */ 31270, 32900, |
862 | 0 | /* red */ 64000, 33000, |
863 | 0 | /* green */ 30000, 60000, |
864 | 0 | /* blue */ 15000, 6000); |
865 | 0 | # endif /* cHRM */ |
866 | 0 | } |
867 | | #endif /* sRGB */ |
868 | | |
869 | | |
870 | | #ifdef PNG_iCCP_SUPPORTED |
871 | | void PNGAPI |
872 | | png_set_iCCP(png_const_structrp png_ptr, png_inforp info_ptr, |
873 | | png_const_charp name, int compression_type, |
874 | | png_const_bytep profile, png_uint_32 proflen) |
875 | 0 | { |
876 | 0 | png_charp new_iccp_name; |
877 | 0 | png_bytep new_iccp_profile; |
878 | 0 | size_t length; |
879 | |
|
880 | 0 | png_debug1(1, "in %s storage function", "iCCP"); |
881 | |
|
882 | 0 | if (png_ptr == NULL || info_ptr == NULL || name == NULL || profile == NULL) |
883 | 0 | return; |
884 | | |
885 | 0 | if (compression_type != PNG_COMPRESSION_TYPE_BASE) |
886 | 0 | png_app_error(png_ptr, "Invalid iCCP compression method"); |
887 | |
|
888 | 0 | length = strlen(name)+1; |
889 | 0 | new_iccp_name = png_voidcast(png_charp, png_malloc_warn(png_ptr, length)); |
890 | |
|
891 | 0 | if (new_iccp_name == NULL) |
892 | 0 | { |
893 | 0 | png_benign_error(png_ptr, "Insufficient memory to process iCCP chunk"); |
894 | |
|
895 | 0 | return; |
896 | 0 | } |
897 | | |
898 | 0 | memcpy(new_iccp_name, name, length); |
899 | 0 | new_iccp_profile = png_voidcast(png_bytep, |
900 | 0 | png_malloc_warn(png_ptr, proflen)); |
901 | |
|
902 | 0 | if (new_iccp_profile == NULL) |
903 | 0 | { |
904 | 0 | png_free(png_ptr, new_iccp_name); |
905 | 0 | png_benign_error(png_ptr, |
906 | 0 | "Insufficient memory to process iCCP profile"); |
907 | |
|
908 | 0 | return; |
909 | 0 | } |
910 | | |
911 | 0 | memcpy(new_iccp_profile, profile, proflen); |
912 | |
|
913 | 0 | png_free_data(png_ptr, info_ptr, PNG_FREE_ICCP, 0); |
914 | |
|
915 | 0 | info_ptr->iccp_proflen = proflen; |
916 | 0 | info_ptr->iccp_name = new_iccp_name; |
917 | 0 | info_ptr->iccp_profile = new_iccp_profile; |
918 | 0 | info_ptr->free_me |= PNG_FREE_ICCP; |
919 | 0 | info_ptr->valid |= PNG_INFO_iCCP; |
920 | 0 | } |
921 | | #endif |
922 | | |
923 | | #ifdef PNG_TEXT_SUPPORTED |
924 | | void PNGAPI |
925 | | png_set_text(png_const_structrp png_ptr, png_inforp info_ptr, |
926 | | png_const_textp text_ptr, int num_text) |
927 | 0 | { |
928 | 0 | int ret; |
929 | 0 | ret = png_set_text_2(png_ptr, info_ptr, text_ptr, num_text); |
930 | |
|
931 | 0 | if (ret != 0) |
932 | 0 | png_error(png_ptr, "Insufficient memory to store text"); |
933 | 0 | } |
934 | | |
935 | | int /* PRIVATE */ |
936 | | png_set_text_2(png_const_structrp png_ptr, png_inforp info_ptr, |
937 | | png_const_textp text_ptr, int num_text) |
938 | 12.2k | { |
939 | 12.2k | int i; |
940 | | |
941 | 12.2k | png_debug1(1, "in text storage function, chunk typeid = 0x%lx", |
942 | 12.2k | png_ptr == NULL ? 0xabadca11UL : (unsigned long)png_ptr->chunk_name); |
943 | | |
944 | 12.2k | if (png_ptr == NULL || info_ptr == NULL || num_text <= 0 || text_ptr == NULL) |
945 | 0 | return 0; |
946 | | |
947 | | /* Make sure we have enough space in the "text" array in info_struct |
948 | | * to hold all of the incoming text_ptr objects. This compare can't overflow |
949 | | * because max_text >= num_text (anyway, subtract of two positive integers |
950 | | * can't overflow in any case.) |
951 | | */ |
952 | 12.2k | if (num_text > info_ptr->max_text - info_ptr->num_text) |
953 | 2.35k | { |
954 | 2.35k | int old_num_text = info_ptr->num_text; |
955 | 2.35k | int max_text; |
956 | 2.35k | png_textp new_text = NULL; |
957 | | |
958 | | /* Calculate an appropriate max_text, checking for overflow. */ |
959 | 2.35k | max_text = old_num_text; |
960 | 2.35k | if (num_text <= INT_MAX - max_text) |
961 | 2.35k | { |
962 | 2.35k | max_text += num_text; |
963 | | |
964 | | /* Round up to a multiple of 8 */ |
965 | 2.35k | if (max_text < INT_MAX-8) |
966 | 2.35k | max_text = (max_text + 8) & ~0x7; |
967 | | |
968 | 0 | else |
969 | 0 | max_text = INT_MAX; |
970 | | |
971 | | /* Now allocate a new array and copy the old members in; this does all |
972 | | * the overflow checks. |
973 | | */ |
974 | 2.35k | new_text = png_voidcast(png_textp,png_realloc_array(png_ptr, |
975 | 2.35k | info_ptr->text, old_num_text, max_text-old_num_text, |
976 | 2.35k | sizeof *new_text)); |
977 | 2.35k | } |
978 | | |
979 | 2.35k | if (new_text == NULL) |
980 | 0 | { |
981 | 0 | png_chunk_report(png_ptr, "too many text chunks", |
982 | 0 | PNG_CHUNK_WRITE_ERROR); |
983 | |
|
984 | 0 | return 1; |
985 | 0 | } |
986 | | |
987 | 2.35k | png_free(png_ptr, info_ptr->text); |
988 | | |
989 | 2.35k | info_ptr->text = new_text; |
990 | 2.35k | info_ptr->free_me |= PNG_FREE_TEXT; |
991 | 2.35k | info_ptr->max_text = max_text; |
992 | | /* num_text is adjusted below as the entries are copied in */ |
993 | | |
994 | 2.35k | png_debug1(3, "allocated %d entries for info_ptr->text", max_text); |
995 | 2.35k | } |
996 | | |
997 | 24.5k | for (i = 0; i < num_text; i++) |
998 | 12.2k | { |
999 | 12.2k | size_t text_length, key_len; |
1000 | 12.2k | size_t lang_len, lang_key_len; |
1001 | 12.2k | png_textp textp = &(info_ptr->text[info_ptr->num_text]); |
1002 | | |
1003 | 12.2k | if (text_ptr[i].key == NULL) |
1004 | 0 | continue; |
1005 | | |
1006 | 12.2k | if (text_ptr[i].compression < PNG_TEXT_COMPRESSION_NONE || |
1007 | 12.2k | text_ptr[i].compression >= PNG_TEXT_COMPRESSION_LAST) |
1008 | 0 | { |
1009 | 0 | png_chunk_report(png_ptr, "text compression mode is out of range", |
1010 | 0 | PNG_CHUNK_WRITE_ERROR); |
1011 | 0 | continue; |
1012 | 0 | } |
1013 | | |
1014 | 12.2k | key_len = strlen(text_ptr[i].key); |
1015 | | |
1016 | 12.2k | if (text_ptr[i].compression <= 0) |
1017 | 10.4k | { |
1018 | 10.4k | lang_len = 0; |
1019 | 10.4k | lang_key_len = 0; |
1020 | 10.4k | } |
1021 | | |
1022 | 1.79k | else |
1023 | 1.79k | # ifdef PNG_iTXt_SUPPORTED |
1024 | 1.79k | { |
1025 | | /* Set iTXt data */ |
1026 | | |
1027 | 1.79k | if (text_ptr[i].lang != NULL) |
1028 | 1.79k | lang_len = strlen(text_ptr[i].lang); |
1029 | | |
1030 | 0 | else |
1031 | 0 | lang_len = 0; |
1032 | | |
1033 | 1.79k | if (text_ptr[i].lang_key != NULL) |
1034 | 1.79k | lang_key_len = strlen(text_ptr[i].lang_key); |
1035 | | |
1036 | 0 | else |
1037 | 0 | lang_key_len = 0; |
1038 | 1.79k | } |
1039 | | # else /* iTXt */ |
1040 | | { |
1041 | | png_chunk_report(png_ptr, "iTXt chunk not supported", |
1042 | | PNG_CHUNK_WRITE_ERROR); |
1043 | | continue; |
1044 | | } |
1045 | | # endif |
1046 | | |
1047 | 12.2k | if (text_ptr[i].text == NULL || text_ptr[i].text[0] == '\0') |
1048 | 4.55k | { |
1049 | 4.55k | text_length = 0; |
1050 | 4.55k | # ifdef PNG_iTXt_SUPPORTED |
1051 | 4.55k | if (text_ptr[i].compression > 0) |
1052 | 1.75k | textp->compression = PNG_ITXT_COMPRESSION_NONE; |
1053 | | |
1054 | 2.79k | else |
1055 | 2.79k | # endif |
1056 | 2.79k | textp->compression = PNG_TEXT_COMPRESSION_NONE; |
1057 | 4.55k | } |
1058 | | |
1059 | 7.71k | else |
1060 | 7.71k | { |
1061 | 7.71k | text_length = strlen(text_ptr[i].text); |
1062 | 7.71k | textp->compression = text_ptr[i].compression; |
1063 | 7.71k | } |
1064 | | |
1065 | 12.2k | textp->key = png_voidcast(png_charp,png_malloc_base(png_ptr, |
1066 | 12.2k | key_len + text_length + lang_len + lang_key_len + 4)); |
1067 | | |
1068 | 12.2k | if (textp->key == NULL) |
1069 | 0 | { |
1070 | 0 | png_chunk_report(png_ptr, "text chunk: out of memory", |
1071 | 0 | PNG_CHUNK_WRITE_ERROR); |
1072 | |
|
1073 | 0 | return 1; |
1074 | 0 | } |
1075 | | |
1076 | 12.2k | png_debug2(2, "Allocated %lu bytes at %p in png_set_text", |
1077 | 12.2k | (unsigned long)(png_uint_32) |
1078 | 12.2k | (key_len + lang_len + lang_key_len + text_length + 4), |
1079 | 12.2k | textp->key); |
1080 | | |
1081 | 12.2k | memcpy(textp->key, text_ptr[i].key, key_len); |
1082 | 12.2k | *(textp->key + key_len) = '\0'; |
1083 | | |
1084 | 12.2k | if (text_ptr[i].compression > 0) |
1085 | 1.79k | { |
1086 | 1.79k | textp->lang = textp->key + key_len + 1; |
1087 | 1.79k | memcpy(textp->lang, text_ptr[i].lang, lang_len); |
1088 | 1.79k | *(textp->lang + lang_len) = '\0'; |
1089 | 1.79k | textp->lang_key = textp->lang + lang_len + 1; |
1090 | 1.79k | memcpy(textp->lang_key, text_ptr[i].lang_key, lang_key_len); |
1091 | 1.79k | *(textp->lang_key + lang_key_len) = '\0'; |
1092 | 1.79k | textp->text = textp->lang_key + lang_key_len + 1; |
1093 | 1.79k | } |
1094 | | |
1095 | 10.4k | else |
1096 | 10.4k | { |
1097 | 10.4k | textp->lang=NULL; |
1098 | 10.4k | textp->lang_key=NULL; |
1099 | 10.4k | textp->text = textp->key + key_len + 1; |
1100 | 10.4k | } |
1101 | | |
1102 | 12.2k | if (text_length != 0) |
1103 | 7.71k | memcpy(textp->text, text_ptr[i].text, text_length); |
1104 | | |
1105 | 12.2k | *(textp->text + text_length) = '\0'; |
1106 | | |
1107 | 12.2k | # ifdef PNG_iTXt_SUPPORTED |
1108 | 12.2k | if (textp->compression > 0) |
1109 | 1.79k | { |
1110 | 1.79k | textp->text_length = 0; |
1111 | 1.79k | textp->itxt_length = text_length; |
1112 | 1.79k | } |
1113 | | |
1114 | 10.4k | else |
1115 | 10.4k | # endif |
1116 | 10.4k | { |
1117 | 10.4k | textp->text_length = text_length; |
1118 | 10.4k | textp->itxt_length = 0; |
1119 | 10.4k | } |
1120 | | |
1121 | 12.2k | info_ptr->num_text++; |
1122 | 12.2k | png_debug1(3, "transferred text chunk %d", info_ptr->num_text); |
1123 | 12.2k | } |
1124 | | |
1125 | 12.2k | return 0; |
1126 | 12.2k | } |
1127 | | #endif |
1128 | | |
1129 | | #ifdef PNG_tIME_SUPPORTED |
1130 | | void PNGAPI |
1131 | | png_set_tIME(png_const_structrp png_ptr, png_inforp info_ptr, |
1132 | | png_const_timep mod_time) |
1133 | 471 | { |
1134 | 471 | png_debug1(1, "in %s storage function", "tIME"); |
1135 | | |
1136 | 471 | if (png_ptr == NULL || info_ptr == NULL || mod_time == NULL || |
1137 | 471 | (png_ptr->mode & PNG_WROTE_tIME) != 0) |
1138 | 0 | return; |
1139 | | |
1140 | 471 | if (mod_time->month == 0 || mod_time->month > 12 || |
1141 | 281 | mod_time->day == 0 || mod_time->day > 31 || |
1142 | 232 | mod_time->hour > 23 || mod_time->minute > 59 || |
1143 | 112 | mod_time->second > 60) |
1144 | 394 | { |
1145 | 394 | png_warning(png_ptr, "Ignoring invalid time value"); |
1146 | | |
1147 | 394 | return; |
1148 | 394 | } |
1149 | | |
1150 | 77 | info_ptr->mod_time = *mod_time; |
1151 | 77 | info_ptr->valid |= PNG_INFO_tIME; |
1152 | 77 | } |
1153 | | #endif |
1154 | | |
1155 | | #ifdef PNG_tRNS_SUPPORTED |
1156 | | void PNGAPI |
1157 | | png_set_tRNS(png_structrp png_ptr, png_inforp info_ptr, |
1158 | | png_const_bytep trans_alpha, int num_trans, png_const_color_16p trans_color) |
1159 | 2.72k | { |
1160 | 2.72k | png_debug1(1, "in %s storage function", "tRNS"); |
1161 | | |
1162 | 2.72k | if (png_ptr == NULL || info_ptr == NULL) |
1163 | | |
1164 | 0 | return; |
1165 | | |
1166 | 2.72k | if (trans_alpha != NULL) |
1167 | 2.72k | { |
1168 | 2.72k | png_free_data(png_ptr, info_ptr, PNG_FREE_TRNS, 0); |
1169 | | |
1170 | 2.72k | if (num_trans > 0 && num_trans <= PNG_MAX_PALETTE_LENGTH) |
1171 | 2.72k | { |
1172 | | /* Allocate info_ptr's copy of the transparency data. |
1173 | | * Initialize all entries to fully opaque (0xff), then overwrite |
1174 | | * the first num_trans entries with the actual values. |
1175 | | */ |
1176 | 2.72k | info_ptr->trans_alpha = png_voidcast(png_bytep, |
1177 | 2.72k | png_malloc(png_ptr, PNG_MAX_PALETTE_LENGTH)); |
1178 | 2.72k | memset(info_ptr->trans_alpha, 0xff, PNG_MAX_PALETTE_LENGTH); |
1179 | 2.72k | memcpy(info_ptr->trans_alpha, trans_alpha, (size_t)num_trans); |
1180 | 2.72k | info_ptr->free_me |= PNG_FREE_TRNS; |
1181 | 2.72k | info_ptr->valid |= PNG_INFO_tRNS; |
1182 | | |
1183 | | /* Allocate an independent copy for png_struct, so that the |
1184 | | * lifetime of png_ptr->trans_alpha is decoupled from the |
1185 | | * lifetime of info_ptr->trans_alpha. Previously these two |
1186 | | * pointers were aliased, which caused a use-after-free if |
1187 | | * png_free_data freed info_ptr->trans_alpha while |
1188 | | * png_ptr->trans_alpha was still in use by the row transform |
1189 | | * functions (e.g. png_do_expand_palette). |
1190 | | */ |
1191 | 2.72k | png_free(png_ptr, png_ptr->trans_alpha); |
1192 | 2.72k | png_ptr->trans_alpha = png_voidcast(png_bytep, |
1193 | 2.72k | png_malloc(png_ptr, PNG_MAX_PALETTE_LENGTH)); |
1194 | 2.72k | memset(png_ptr->trans_alpha, 0xff, PNG_MAX_PALETTE_LENGTH); |
1195 | 2.72k | memcpy(png_ptr->trans_alpha, trans_alpha, (size_t)num_trans); |
1196 | 2.72k | } |
1197 | 0 | else |
1198 | 0 | { |
1199 | 0 | png_free(png_ptr, png_ptr->trans_alpha); |
1200 | 0 | png_ptr->trans_alpha = NULL; |
1201 | 0 | } |
1202 | 2.72k | } |
1203 | | |
1204 | 2.72k | if (trans_color != NULL) |
1205 | 2.72k | { |
1206 | 2.72k | #ifdef PNG_WARNINGS_SUPPORTED |
1207 | 2.72k | if (info_ptr->bit_depth < 16) |
1208 | 2.13k | { |
1209 | 2.13k | int sample_max = (1 << info_ptr->bit_depth) - 1; |
1210 | | |
1211 | 2.13k | if ((info_ptr->color_type == PNG_COLOR_TYPE_GRAY && |
1212 | 1.52k | trans_color->gray > sample_max) || |
1213 | 1.72k | (info_ptr->color_type == PNG_COLOR_TYPE_RGB && |
1214 | 290 | (trans_color->red > sample_max || |
1215 | 177 | trans_color->green > sample_max || |
1216 | 79 | trans_color->blue > sample_max))) |
1217 | 675 | png_warning(png_ptr, |
1218 | 675 | "tRNS chunk has out-of-range samples for bit_depth"); |
1219 | 2.13k | } |
1220 | 2.72k | #endif |
1221 | | |
1222 | 2.72k | info_ptr->trans_color = *trans_color; |
1223 | | |
1224 | 2.72k | if (num_trans == 0) |
1225 | 0 | num_trans = 1; |
1226 | 2.72k | } |
1227 | | |
1228 | 2.72k | info_ptr->num_trans = (png_uint_16)num_trans; |
1229 | | |
1230 | 2.72k | if (num_trans != 0) |
1231 | 2.72k | { |
1232 | 2.72k | info_ptr->free_me |= PNG_FREE_TRNS; |
1233 | 2.72k | info_ptr->valid |= PNG_INFO_tRNS; |
1234 | 2.72k | } |
1235 | 2.72k | } |
1236 | | #endif |
1237 | | |
1238 | | #ifdef PNG_sPLT_SUPPORTED |
1239 | | void PNGAPI |
1240 | | png_set_sPLT(png_const_structrp png_ptr, |
1241 | | png_inforp info_ptr, png_const_sPLT_tp entries, int nentries) |
1242 | | /* |
1243 | | * entries - array of png_sPLT_t structures |
1244 | | * to be added to the list of palettes |
1245 | | * in the info structure. |
1246 | | * |
1247 | | * nentries - number of palette structures to be |
1248 | | * added. |
1249 | | */ |
1250 | 2.39k | { |
1251 | 2.39k | png_sPLT_tp np; |
1252 | | |
1253 | 2.39k | png_debug1(1, "in %s storage function", "sPLT"); |
1254 | | |
1255 | 2.39k | if (png_ptr == NULL || info_ptr == NULL || nentries <= 0 || entries == NULL) |
1256 | 0 | return; |
1257 | | |
1258 | | /* Use the internal realloc function, which checks for all the possible |
1259 | | * overflows. Notice that the parameters are (int) and (size_t) |
1260 | | */ |
1261 | 2.39k | np = png_voidcast(png_sPLT_tp,png_realloc_array(png_ptr, |
1262 | 2.39k | info_ptr->splt_palettes, info_ptr->splt_palettes_num, nentries, |
1263 | 2.39k | sizeof *np)); |
1264 | | |
1265 | 2.39k | if (np == NULL) |
1266 | 0 | { |
1267 | | /* Out of memory or too many chunks */ |
1268 | 0 | png_chunk_report(png_ptr, "too many sPLT chunks", PNG_CHUNK_WRITE_ERROR); |
1269 | 0 | return; |
1270 | 0 | } |
1271 | | |
1272 | 2.39k | png_free(png_ptr, info_ptr->splt_palettes); |
1273 | | |
1274 | 2.39k | info_ptr->splt_palettes = np; |
1275 | 2.39k | info_ptr->free_me |= PNG_FREE_SPLT; |
1276 | | |
1277 | 2.39k | np += info_ptr->splt_palettes_num; |
1278 | | |
1279 | 2.39k | do |
1280 | 2.39k | { |
1281 | 2.39k | size_t length; |
1282 | | |
1283 | | /* Skip invalid input entries */ |
1284 | 2.39k | if (entries->name == NULL || entries->entries == NULL) |
1285 | 0 | { |
1286 | | /* png_handle_sPLT doesn't do this, so this is an app error */ |
1287 | 0 | png_app_error(png_ptr, "png_set_sPLT: invalid sPLT"); |
1288 | | /* Just skip the invalid entry */ |
1289 | 0 | continue; |
1290 | 0 | } |
1291 | | |
1292 | 2.39k | np->depth = entries->depth; |
1293 | | |
1294 | | /* In the event of out-of-memory just return - there's no point keeping |
1295 | | * on trying to add sPLT chunks. |
1296 | | */ |
1297 | 2.39k | length = strlen(entries->name) + 1; |
1298 | 2.39k | np->name = png_voidcast(png_charp, png_malloc_base(png_ptr, length)); |
1299 | | |
1300 | 2.39k | if (np->name == NULL) |
1301 | 0 | break; |
1302 | | |
1303 | 2.39k | memcpy(np->name, entries->name, length); |
1304 | | |
1305 | | /* IMPORTANT: we have memory now that won't get freed if something else |
1306 | | * goes wrong; this code must free it. png_malloc_array produces no |
1307 | | * warnings; use a png_chunk_report (below) if there is an error. |
1308 | | */ |
1309 | 2.39k | np->entries = png_voidcast(png_sPLT_entryp, png_malloc_array(png_ptr, |
1310 | 2.39k | entries->nentries, sizeof (png_sPLT_entry))); |
1311 | | |
1312 | 2.39k | if (np->entries == NULL) |
1313 | 0 | { |
1314 | 0 | png_free(png_ptr, np->name); |
1315 | 0 | np->name = NULL; |
1316 | 0 | break; |
1317 | 0 | } |
1318 | | |
1319 | 2.39k | np->nentries = entries->nentries; |
1320 | | /* This multiply can't overflow because png_malloc_array has already |
1321 | | * checked it when doing the allocation. |
1322 | | */ |
1323 | 2.39k | memcpy(np->entries, entries->entries, |
1324 | 2.39k | (unsigned int)entries->nentries * sizeof (png_sPLT_entry)); |
1325 | | |
1326 | | /* Note that 'continue' skips the advance of the out pointer and out |
1327 | | * count, so an invalid entry is not added. |
1328 | | */ |
1329 | 2.39k | info_ptr->valid |= PNG_INFO_sPLT; |
1330 | 2.39k | ++(info_ptr->splt_palettes_num); |
1331 | 2.39k | ++np; |
1332 | 2.39k | ++entries; |
1333 | 2.39k | } |
1334 | 2.39k | while (--nentries); |
1335 | | |
1336 | 2.39k | if (nentries > 0) |
1337 | 0 | png_chunk_report(png_ptr, "sPLT out of memory", PNG_CHUNK_WRITE_ERROR); |
1338 | 2.39k | } |
1339 | | #endif /* sPLT */ |
1340 | | |
1341 | | #ifdef PNG_STORE_UNKNOWN_CHUNKS_SUPPORTED |
1342 | | static png_byte |
1343 | | check_location(png_const_structrp png_ptr, int location) |
1344 | 151k | { |
1345 | 151k | location &= (PNG_HAVE_IHDR|PNG_HAVE_PLTE|PNG_AFTER_IDAT); |
1346 | | |
1347 | | /* New in 1.6.0; copy the location and check it. This is an API |
1348 | | * change; previously the app had to use the |
1349 | | * png_set_unknown_chunk_location API below for each chunk. |
1350 | | */ |
1351 | 151k | if (location == 0 && (png_ptr->mode & PNG_IS_READ_STRUCT) == 0) |
1352 | 0 | { |
1353 | | /* Write struct, so unknown chunks come from the app */ |
1354 | 0 | png_app_warning(png_ptr, |
1355 | 0 | "png_set_unknown_chunks now expects a valid location"); |
1356 | | /* Use the old behavior */ |
1357 | 0 | location = (png_byte)(png_ptr->mode & |
1358 | 0 | (PNG_HAVE_IHDR|PNG_HAVE_PLTE|PNG_AFTER_IDAT)); |
1359 | 0 | } |
1360 | | |
1361 | | /* This need not be an internal error - if the app calls |
1362 | | * png_set_unknown_chunks on a read pointer it must get the location right. |
1363 | | */ |
1364 | 151k | if (location == 0) |
1365 | 16 | png_error(png_ptr, "invalid location in png_set_unknown_chunks"); |
1366 | | |
1367 | | /* Now reduce the location to the top-most set bit by removing each least |
1368 | | * significant bit in turn. |
1369 | | */ |
1370 | 154k | while (location != (location & -location)) |
1371 | 3.07k | location &= ~(location & -location); |
1372 | | |
1373 | | /* The cast is safe because 'location' is a bit mask and only the low four |
1374 | | * bits are significant. |
1375 | | */ |
1376 | 151k | return (png_byte)location; |
1377 | 151k | } |
1378 | | |
1379 | | void PNGAPI |
1380 | | png_set_unknown_chunks(png_const_structrp png_ptr, |
1381 | | png_inforp info_ptr, png_const_unknown_chunkp unknowns, int num_unknowns) |
1382 | 151k | { |
1383 | 151k | png_unknown_chunkp np; |
1384 | | |
1385 | 151k | if (png_ptr == NULL || info_ptr == NULL || num_unknowns <= 0 || |
1386 | 151k | unknowns == NULL) |
1387 | 0 | return; |
1388 | | |
1389 | | /* Check for the failure cases where support has been disabled at compile |
1390 | | * time. This code is hardly ever compiled - it's here because |
1391 | | * STORE_UNKNOWN_CHUNKS is set by both read and write code (compiling in this |
1392 | | * code) but may be meaningless if the read or write handling of unknown |
1393 | | * chunks is not compiled in. |
1394 | | */ |
1395 | | # if !defined(PNG_READ_UNKNOWN_CHUNKS_SUPPORTED) && \ |
1396 | | defined(PNG_READ_SUPPORTED) |
1397 | | if ((png_ptr->mode & PNG_IS_READ_STRUCT) != 0) |
1398 | | { |
1399 | | png_app_error(png_ptr, "no unknown chunk support on read"); |
1400 | | |
1401 | | return; |
1402 | | } |
1403 | | # endif |
1404 | | # if !defined(PNG_WRITE_UNKNOWN_CHUNKS_SUPPORTED) && \ |
1405 | | defined(PNG_WRITE_SUPPORTED) |
1406 | | if ((png_ptr->mode & PNG_IS_READ_STRUCT) == 0) |
1407 | | { |
1408 | | png_app_error(png_ptr, "no unknown chunk support on write"); |
1409 | | |
1410 | | return; |
1411 | | } |
1412 | | # endif |
1413 | | |
1414 | | /* Prior to 1.6.0 this code used png_malloc_warn; however, this meant that |
1415 | | * unknown critical chunks could be lost with just a warning resulting in |
1416 | | * undefined behavior. Now png_chunk_report is used to provide behavior |
1417 | | * appropriate to read or write. |
1418 | | */ |
1419 | 151k | np = png_voidcast(png_unknown_chunkp, png_realloc_array(png_ptr, |
1420 | 151k | info_ptr->unknown_chunks, info_ptr->unknown_chunks_num, num_unknowns, |
1421 | 151k | sizeof *np)); |
1422 | | |
1423 | 151k | if (np == NULL) |
1424 | 0 | { |
1425 | 0 | png_chunk_report(png_ptr, "too many unknown chunks", |
1426 | 0 | PNG_CHUNK_WRITE_ERROR); |
1427 | 0 | return; |
1428 | 0 | } |
1429 | | |
1430 | 151k | png_free(png_ptr, info_ptr->unknown_chunks); |
1431 | | |
1432 | 151k | info_ptr->unknown_chunks = np; /* safe because it is initialized */ |
1433 | 151k | info_ptr->free_me |= PNG_FREE_UNKN; |
1434 | | |
1435 | 151k | np += info_ptr->unknown_chunks_num; |
1436 | | |
1437 | | /* Increment unknown_chunks_num each time round the loop to protect the |
1438 | | * just-allocated chunk data. |
1439 | | */ |
1440 | 302k | for (; num_unknowns > 0; --num_unknowns, ++unknowns) |
1441 | 151k | { |
1442 | 151k | memcpy(np->name, unknowns->name, (sizeof np->name)); |
1443 | 151k | np->name[(sizeof np->name)-1] = '\0'; |
1444 | 151k | np->location = check_location(png_ptr, unknowns->location); |
1445 | | |
1446 | 151k | if (unknowns->size == 0) |
1447 | 53.6k | { |
1448 | 53.6k | np->data = NULL; |
1449 | 53.6k | np->size = 0; |
1450 | 53.6k | } |
1451 | | |
1452 | 97.5k | else |
1453 | 97.5k | { |
1454 | 97.5k | np->data = png_voidcast(png_bytep, |
1455 | 97.5k | png_malloc_base(png_ptr, unknowns->size)); |
1456 | | |
1457 | 97.5k | if (np->data == NULL) |
1458 | 0 | { |
1459 | 0 | png_chunk_report(png_ptr, "unknown chunk: out of memory", |
1460 | 0 | PNG_CHUNK_WRITE_ERROR); |
1461 | | /* But just skip storing the unknown chunk */ |
1462 | 0 | continue; |
1463 | 0 | } |
1464 | | |
1465 | 97.5k | memcpy(np->data, unknowns->data, unknowns->size); |
1466 | 97.5k | np->size = unknowns->size; |
1467 | 97.5k | } |
1468 | | |
1469 | | /* These increments are skipped on out-of-memory for the data - the |
1470 | | * unknown chunk entry gets overwritten if the png_chunk_report returns. |
1471 | | * This is correct in the read case (the chunk is just dropped.) |
1472 | | */ |
1473 | 151k | ++np; |
1474 | 151k | ++(info_ptr->unknown_chunks_num); |
1475 | 151k | } |
1476 | 151k | } |
1477 | | |
1478 | | void PNGAPI |
1479 | | png_set_unknown_chunk_location(png_const_structrp png_ptr, png_inforp info_ptr, |
1480 | | int chunk, int location) |
1481 | 0 | { |
1482 | | /* This API is pretty pointless in 1.6.0 because the location can be set |
1483 | | * before the call to png_set_unknown_chunks. |
1484 | | * |
1485 | | * TODO: add a png_app_warning in 1.7 |
1486 | | */ |
1487 | 0 | if (png_ptr != NULL && info_ptr != NULL && chunk >= 0 && |
1488 | 0 | chunk < info_ptr->unknown_chunks_num) |
1489 | 0 | { |
1490 | 0 | if ((location & (PNG_HAVE_IHDR|PNG_HAVE_PLTE|PNG_AFTER_IDAT)) == 0) |
1491 | 0 | { |
1492 | 0 | png_app_error(png_ptr, "invalid unknown chunk location"); |
1493 | | /* Fake out the pre 1.6.0 behavior: */ |
1494 | 0 | if (((unsigned int)location & PNG_HAVE_IDAT) != 0) /* undocumented! */ |
1495 | 0 | location = PNG_AFTER_IDAT; |
1496 | | |
1497 | 0 | else |
1498 | 0 | location = PNG_HAVE_IHDR; /* also undocumented */ |
1499 | 0 | } |
1500 | |
|
1501 | 0 | info_ptr->unknown_chunks[chunk].location = |
1502 | 0 | check_location(png_ptr, location); |
1503 | 0 | } |
1504 | 0 | } |
1505 | | #endif /* STORE_UNKNOWN_CHUNKS */ |
1506 | | |
1507 | | #ifdef PNG_MNG_FEATURES_SUPPORTED |
1508 | | png_uint_32 PNGAPI |
1509 | | png_permit_mng_features(png_structrp png_ptr, png_uint_32 mng_features) |
1510 | 0 | { |
1511 | 0 | png_debug(1, "in png_permit_mng_features"); |
1512 | |
|
1513 | 0 | if (png_ptr == NULL) |
1514 | 0 | return 0; |
1515 | | |
1516 | 0 | png_ptr->mng_features_permitted = mng_features & PNG_ALL_MNG_FEATURES; |
1517 | |
|
1518 | 0 | return png_ptr->mng_features_permitted; |
1519 | 0 | } |
1520 | | #endif |
1521 | | |
1522 | | #ifdef PNG_HANDLE_AS_UNKNOWN_SUPPORTED |
1523 | | static unsigned int |
1524 | | add_one_chunk(png_bytep list, unsigned int count, png_const_bytep add, int keep) |
1525 | 0 | { |
1526 | 0 | unsigned int i; |
1527 | | |
1528 | | /* Utility function: update the 'keep' state of a chunk if it is already in |
1529 | | * the list, otherwise add it to the list. |
1530 | | */ |
1531 | 0 | for (i=0; i<count; ++i, list += 5) |
1532 | 0 | { |
1533 | 0 | if (memcmp(list, add, 4) == 0) |
1534 | 0 | { |
1535 | 0 | list[4] = (png_byte)keep; |
1536 | |
|
1537 | 0 | return count; |
1538 | 0 | } |
1539 | 0 | } |
1540 | | |
1541 | 0 | if (keep != PNG_HANDLE_CHUNK_AS_DEFAULT) |
1542 | 0 | { |
1543 | 0 | ++count; |
1544 | 0 | memcpy(list, add, 4); |
1545 | 0 | list[4] = (png_byte)keep; |
1546 | 0 | } |
1547 | |
|
1548 | 0 | return count; |
1549 | 0 | } |
1550 | | |
1551 | | void PNGAPI |
1552 | | png_set_keep_unknown_chunks(png_structrp png_ptr, int keep, |
1553 | | png_const_bytep chunk_list, int num_chunks_in) |
1554 | 18.2k | { |
1555 | 18.2k | png_bytep new_list; |
1556 | 18.2k | unsigned int num_chunks, old_num_chunks; |
1557 | | |
1558 | 18.2k | if (png_ptr == NULL) |
1559 | 0 | return; |
1560 | | |
1561 | 18.2k | if (keep < 0 || keep >= PNG_HANDLE_CHUNK_LAST) |
1562 | 0 | { |
1563 | 0 | png_app_error(png_ptr, "png_set_keep_unknown_chunks: invalid keep"); |
1564 | |
|
1565 | 0 | return; |
1566 | 0 | } |
1567 | | |
1568 | 18.2k | if (num_chunks_in <= 0) |
1569 | 18.2k | { |
1570 | 18.2k | png_ptr->unknown_default = keep; |
1571 | | |
1572 | | /* '0' means just set the flags, so stop here */ |
1573 | 18.2k | if (num_chunks_in == 0) |
1574 | 18.2k | return; |
1575 | 18.2k | } |
1576 | | |
1577 | 0 | if (num_chunks_in < 0) |
1578 | 0 | { |
1579 | | /* Ignore all unknown chunks and all chunks recognized by |
1580 | | * libpng except for IHDR, PLTE, tRNS, IDAT, and IEND |
1581 | | */ |
1582 | 0 | static const png_byte chunks_to_ignore[] = { |
1583 | 0 | 98, 75, 71, 68, '\0', /* bKGD */ |
1584 | 0 | 99, 72, 82, 77, '\0', /* cHRM */ |
1585 | 0 | 99, 73, 67, 80, '\0', /* cICP */ |
1586 | 0 | 99, 76, 76, 73, '\0', /* cLLI */ |
1587 | 0 | 101, 88, 73, 102, '\0', /* eXIf */ |
1588 | 0 | 103, 65, 77, 65, '\0', /* gAMA */ |
1589 | 0 | 104, 73, 83, 84, '\0', /* hIST */ |
1590 | 0 | 105, 67, 67, 80, '\0', /* iCCP */ |
1591 | 0 | 105, 84, 88, 116, '\0', /* iTXt */ |
1592 | 0 | 109, 68, 67, 86, '\0', /* mDCV */ |
1593 | 0 | 111, 70, 70, 115, '\0', /* oFFs */ |
1594 | 0 | 112, 67, 65, 76, '\0', /* pCAL */ |
1595 | 0 | 112, 72, 89, 115, '\0', /* pHYs */ |
1596 | 0 | 115, 66, 73, 84, '\0', /* sBIT */ |
1597 | 0 | 115, 67, 65, 76, '\0', /* sCAL */ |
1598 | 0 | 115, 80, 76, 84, '\0', /* sPLT */ |
1599 | 0 | 115, 84, 69, 82, '\0', /* sTER */ |
1600 | 0 | 115, 82, 71, 66, '\0', /* sRGB */ |
1601 | 0 | 116, 69, 88, 116, '\0', /* tEXt */ |
1602 | 0 | 116, 73, 77, 69, '\0', /* tIME */ |
1603 | 0 | 122, 84, 88, 116, '\0' /* zTXt */ |
1604 | 0 | }; |
1605 | |
|
1606 | 0 | chunk_list = chunks_to_ignore; |
1607 | 0 | num_chunks = (unsigned int)/*SAFE*/(sizeof chunks_to_ignore)/5U; |
1608 | 0 | } |
1609 | | |
1610 | 0 | else /* num_chunks_in > 0 */ |
1611 | 0 | { |
1612 | 0 | if (chunk_list == NULL) |
1613 | 0 | { |
1614 | | /* Prior to 1.6.0 this was silently ignored, now it is an app_error |
1615 | | * which can be switched off. |
1616 | | */ |
1617 | 0 | png_app_error(png_ptr, "png_set_keep_unknown_chunks: no chunk list"); |
1618 | |
|
1619 | 0 | return; |
1620 | 0 | } |
1621 | | |
1622 | 0 | num_chunks = (unsigned int)num_chunks_in; |
1623 | 0 | } |
1624 | | |
1625 | 0 | old_num_chunks = png_ptr->num_chunk_list; |
1626 | 0 | if (png_ptr->chunk_list == NULL) |
1627 | 0 | old_num_chunks = 0; |
1628 | | |
1629 | | /* Since num_chunks is always restricted to UINT_MAX/5 this can't overflow. |
1630 | | */ |
1631 | 0 | if (num_chunks + old_num_chunks > UINT_MAX/5) |
1632 | 0 | { |
1633 | 0 | png_app_error(png_ptr, "png_set_keep_unknown_chunks: too many chunks"); |
1634 | |
|
1635 | 0 | return; |
1636 | 0 | } |
1637 | | |
1638 | | /* If these chunks are being reset to the default then no more memory is |
1639 | | * required because add_one_chunk above doesn't extend the list if the 'keep' |
1640 | | * parameter is the default. |
1641 | | */ |
1642 | 0 | if (keep != 0) |
1643 | 0 | { |
1644 | 0 | new_list = png_voidcast(png_bytep, png_malloc(png_ptr, |
1645 | 0 | 5 * (num_chunks + old_num_chunks))); |
1646 | |
|
1647 | 0 | if (old_num_chunks > 0) |
1648 | 0 | memcpy(new_list, png_ptr->chunk_list, 5*old_num_chunks); |
1649 | 0 | } |
1650 | | |
1651 | 0 | else if (old_num_chunks > 0) |
1652 | 0 | new_list = png_ptr->chunk_list; |
1653 | | |
1654 | 0 | else |
1655 | 0 | new_list = NULL; |
1656 | | |
1657 | | /* Add the new chunks together with each one's handling code. If the chunk |
1658 | | * already exists the code is updated, otherwise the chunk is added to the |
1659 | | * end. (In libpng 1.6.0 order no longer matters because this code enforces |
1660 | | * the earlier convention that the last setting is the one that is used.) |
1661 | | */ |
1662 | 0 | if (new_list != NULL) |
1663 | 0 | { |
1664 | 0 | png_const_bytep inlist; |
1665 | 0 | png_bytep outlist; |
1666 | 0 | unsigned int i; |
1667 | |
|
1668 | 0 | for (i=0; i<num_chunks; ++i) |
1669 | 0 | { |
1670 | 0 | old_num_chunks = add_one_chunk(new_list, old_num_chunks, |
1671 | 0 | chunk_list+5*i, keep); |
1672 | 0 | } |
1673 | | |
1674 | | /* Now remove any spurious 'default' entries. */ |
1675 | 0 | num_chunks = 0; |
1676 | 0 | for (i=0, inlist=outlist=new_list; i<old_num_chunks; ++i, inlist += 5) |
1677 | 0 | { |
1678 | 0 | if (inlist[4]) |
1679 | 0 | { |
1680 | 0 | if (outlist != inlist) |
1681 | 0 | memcpy(outlist, inlist, 5); |
1682 | 0 | outlist += 5; |
1683 | 0 | ++num_chunks; |
1684 | 0 | } |
1685 | 0 | } |
1686 | | |
1687 | | /* This means the application has removed all the specialized handling. */ |
1688 | 0 | if (num_chunks == 0) |
1689 | 0 | { |
1690 | 0 | if (png_ptr->chunk_list != new_list) |
1691 | 0 | png_free(png_ptr, new_list); |
1692 | |
|
1693 | 0 | new_list = NULL; |
1694 | 0 | } |
1695 | 0 | } |
1696 | | |
1697 | 0 | else |
1698 | 0 | num_chunks = 0; |
1699 | |
|
1700 | 0 | png_ptr->num_chunk_list = num_chunks; |
1701 | |
|
1702 | 0 | if (png_ptr->chunk_list != new_list) |
1703 | 0 | { |
1704 | 0 | if (png_ptr->chunk_list != NULL) |
1705 | 0 | png_free(png_ptr, png_ptr->chunk_list); |
1706 | |
|
1707 | 0 | png_ptr->chunk_list = new_list; |
1708 | 0 | } |
1709 | 0 | } |
1710 | | #endif |
1711 | | |
1712 | | #ifdef PNG_READ_USER_CHUNKS_SUPPORTED |
1713 | | void PNGAPI |
1714 | | png_set_read_user_chunk_fn(png_structrp png_ptr, png_voidp user_chunk_ptr, |
1715 | | png_user_chunk_ptr read_user_chunk_fn) |
1716 | 18.2k | { |
1717 | 18.2k | png_debug(1, "in png_set_read_user_chunk_fn"); |
1718 | | |
1719 | 18.2k | if (png_ptr == NULL) |
1720 | 0 | return; |
1721 | | |
1722 | 18.2k | png_ptr->read_user_chunk_fn = read_user_chunk_fn; |
1723 | 18.2k | png_ptr->user_chunk_ptr = user_chunk_ptr; |
1724 | 18.2k | } |
1725 | | #endif |
1726 | | |
1727 | | #ifdef PNG_INFO_IMAGE_SUPPORTED |
1728 | | void PNGAPI |
1729 | | png_set_rows(png_const_structrp png_ptr, png_inforp info_ptr, |
1730 | | png_bytepp row_pointers) |
1731 | 0 | { |
1732 | 0 | png_debug(1, "in png_set_rows"); |
1733 | |
|
1734 | 0 | if (png_ptr == NULL || info_ptr == NULL) |
1735 | 0 | return; |
1736 | | |
1737 | 0 | if (info_ptr->row_pointers != NULL && |
1738 | 0 | (info_ptr->row_pointers != row_pointers)) |
1739 | 0 | png_free_data(png_ptr, info_ptr, PNG_FREE_ROWS, 0); |
1740 | |
|
1741 | 0 | info_ptr->row_pointers = row_pointers; |
1742 | |
|
1743 | 0 | if (row_pointers != NULL) |
1744 | 0 | info_ptr->valid |= PNG_INFO_IDAT; |
1745 | 0 | } |
1746 | | #endif |
1747 | | |
1748 | | void PNGAPI |
1749 | | png_set_compression_buffer_size(png_structrp png_ptr, size_t size) |
1750 | 0 | { |
1751 | 0 | png_debug(1, "in png_set_compression_buffer_size"); |
1752 | |
|
1753 | 0 | if (png_ptr == NULL) |
1754 | 0 | return; |
1755 | | |
1756 | 0 | if (size == 0 || size > PNG_UINT_31_MAX) |
1757 | 0 | png_error(png_ptr, "invalid compression buffer size"); |
1758 | | |
1759 | 0 | # ifdef PNG_SEQUENTIAL_READ_SUPPORTED |
1760 | 0 | if ((png_ptr->mode & PNG_IS_READ_STRUCT) != 0) |
1761 | 0 | { |
1762 | 0 | png_ptr->IDAT_read_size = (png_uint_32)size; /* checked above */ |
1763 | 0 | return; |
1764 | 0 | } |
1765 | 0 | # endif |
1766 | | |
1767 | 0 | # ifdef PNG_WRITE_SUPPORTED |
1768 | 0 | if ((png_ptr->mode & PNG_IS_READ_STRUCT) == 0) |
1769 | 0 | { |
1770 | 0 | if (png_ptr->zowner != 0) |
1771 | 0 | { |
1772 | 0 | png_warning(png_ptr, |
1773 | 0 | "Compression buffer size cannot be changed because it is in use"); |
1774 | |
|
1775 | 0 | return; |
1776 | 0 | } |
1777 | | |
1778 | 0 | #ifndef __COVERITY__ |
1779 | | /* Some compilers complain that this is always false. However, it |
1780 | | * can be true when integer overflow happens. |
1781 | | */ |
1782 | 0 | if (size > ZLIB_IO_MAX) |
1783 | 0 | { |
1784 | 0 | png_warning(png_ptr, |
1785 | 0 | "Compression buffer size limited to system maximum"); |
1786 | 0 | size = ZLIB_IO_MAX; /* must fit */ |
1787 | 0 | } |
1788 | 0 | #endif |
1789 | |
|
1790 | 0 | if (size < 6) |
1791 | 0 | { |
1792 | | /* Deflate will potentially go into an infinite loop on a SYNC_FLUSH |
1793 | | * if this is permitted. |
1794 | | */ |
1795 | 0 | png_warning(png_ptr, |
1796 | 0 | "Compression buffer size cannot be reduced below 6"); |
1797 | |
|
1798 | 0 | return; |
1799 | 0 | } |
1800 | | |
1801 | 0 | if (png_ptr->zbuffer_size != size) |
1802 | 0 | { |
1803 | 0 | png_free_buffer_list(png_ptr, &png_ptr->zbuffer_list); |
1804 | 0 | png_ptr->zbuffer_size = (uInt)size; |
1805 | 0 | } |
1806 | 0 | } |
1807 | 0 | # endif |
1808 | 0 | } |
1809 | | |
1810 | | void PNGAPI |
1811 | | png_set_invalid(png_const_structrp png_ptr, png_inforp info_ptr, int mask) |
1812 | 0 | { |
1813 | 0 | if (png_ptr != NULL && info_ptr != NULL) |
1814 | 0 | info_ptr->valid &= (unsigned int)(~mask); |
1815 | 0 | } |
1816 | | |
1817 | | |
1818 | | #ifdef PNG_SET_USER_LIMITS_SUPPORTED |
1819 | | /* This function was added to libpng 1.2.6 */ |
1820 | | void PNGAPI |
1821 | | png_set_user_limits(png_structrp png_ptr, png_uint_32 user_width_max, |
1822 | | png_uint_32 user_height_max) |
1823 | 0 | { |
1824 | 0 | png_debug(1, "in png_set_user_limits"); |
1825 | | |
1826 | | /* Images with dimensions larger than these limits will be |
1827 | | * rejected by png_set_IHDR(). To accept any PNG datastream |
1828 | | * regardless of dimensions, set both limits to 0x7fffffff. |
1829 | | */ |
1830 | 0 | if (png_ptr == NULL) |
1831 | 0 | return; |
1832 | | |
1833 | 0 | png_ptr->user_width_max = user_width_max; |
1834 | 0 | png_ptr->user_height_max = user_height_max; |
1835 | 0 | } |
1836 | | |
1837 | | /* This function was added to libpng 1.4.0 */ |
1838 | | void PNGAPI |
1839 | | png_set_chunk_cache_max(png_structrp png_ptr, png_uint_32 user_chunk_cache_max) |
1840 | 0 | { |
1841 | 0 | png_debug(1, "in png_set_chunk_cache_max"); |
1842 | |
|
1843 | 0 | if (png_ptr != NULL) |
1844 | 0 | png_ptr->user_chunk_cache_max = user_chunk_cache_max; |
1845 | 0 | } |
1846 | | |
1847 | | /* This function was added to libpng 1.4.1 */ |
1848 | | void PNGAPI |
1849 | | png_set_chunk_malloc_max(png_structrp png_ptr, |
1850 | | png_alloc_size_t user_chunk_malloc_max) |
1851 | 0 | { |
1852 | 0 | png_debug(1, "in png_set_chunk_malloc_max"); |
1853 | | |
1854 | | /* pngstruct::user_chunk_malloc_max is initialized to a non-zero value in |
1855 | | * png.c. This API supports '0' for unlimited, make sure the correct |
1856 | | * (unlimited) value is set here to avoid a need to check for 0 everywhere |
1857 | | * the parameter is used. |
1858 | | */ |
1859 | 0 | if (png_ptr != NULL) |
1860 | 0 | { |
1861 | 0 | if (user_chunk_malloc_max == 0U) /* unlimited */ |
1862 | 0 | { |
1863 | | # ifdef PNG_MAX_MALLOC_64K |
1864 | | png_ptr->user_chunk_malloc_max = 65536U; |
1865 | | # else |
1866 | 0 | png_ptr->user_chunk_malloc_max = PNG_SIZE_MAX; |
1867 | 0 | # endif |
1868 | 0 | } |
1869 | 0 | else |
1870 | 0 | png_ptr->user_chunk_malloc_max = user_chunk_malloc_max; |
1871 | 0 | } |
1872 | 0 | } |
1873 | | #endif /* ?SET_USER_LIMITS */ |
1874 | | |
1875 | | |
1876 | | #ifdef PNG_BENIGN_ERRORS_SUPPORTED |
1877 | | void PNGAPI |
1878 | | png_set_benign_errors(png_structrp png_ptr, int allowed) |
1879 | 0 | { |
1880 | 0 | png_debug(1, "in png_set_benign_errors"); |
1881 | | |
1882 | | /* If allowed is 1, png_benign_error() is treated as a warning. |
1883 | | * |
1884 | | * If allowed is 0, png_benign_error() is treated as an error (which |
1885 | | * is the default behavior if png_set_benign_errors() is not called). |
1886 | | */ |
1887 | |
|
1888 | 0 | if (allowed != 0) |
1889 | 0 | png_ptr->flags |= PNG_FLAG_BENIGN_ERRORS_WARN | |
1890 | 0 | PNG_FLAG_APP_WARNINGS_WARN | PNG_FLAG_APP_ERRORS_WARN; |
1891 | | |
1892 | 0 | else |
1893 | 0 | png_ptr->flags &= ~(PNG_FLAG_BENIGN_ERRORS_WARN | |
1894 | 0 | PNG_FLAG_APP_WARNINGS_WARN | PNG_FLAG_APP_ERRORS_WARN); |
1895 | 0 | } |
1896 | | #endif /* BENIGN_ERRORS */ |
1897 | | |
1898 | | #ifdef PNG_CHECK_FOR_INVALID_INDEX_SUPPORTED |
1899 | | /* Whether to report invalid palette index; added at libpng-1.5.10. |
1900 | | * It is possible for an indexed (color-type==3) PNG file to contain |
1901 | | * pixels with invalid (out-of-range) indexes if the PLTE chunk has |
1902 | | * fewer entries than the image's bit-depth would allow. We recover |
1903 | | * from this gracefully by filling any incomplete palette with zeros |
1904 | | * (opaque black). By default, when this occurs libpng will issue |
1905 | | * a benign error. This API can be used to override that behavior. |
1906 | | */ |
1907 | | void PNGAPI |
1908 | | png_set_check_for_invalid_index(png_structrp png_ptr, int allowed) |
1909 | 0 | { |
1910 | 0 | png_debug(1, "in png_set_check_for_invalid_index"); |
1911 | |
|
1912 | 0 | if (allowed > 0) |
1913 | 0 | png_ptr->num_palette_max = 0; |
1914 | | |
1915 | 0 | else |
1916 | 0 | png_ptr->num_palette_max = -1; |
1917 | 0 | } |
1918 | | #endif |
1919 | | |
1920 | | #if defined(PNG_TEXT_SUPPORTED) || defined(PNG_pCAL_SUPPORTED) || \ |
1921 | | defined(PNG_iCCP_SUPPORTED) || defined(PNG_sPLT_SUPPORTED) |
1922 | | /* Check that the tEXt or zTXt keyword is valid per PNG 1.0 specification, |
1923 | | * and if invalid, correct the keyword rather than discarding the entire |
1924 | | * chunk. The PNG 1.0 specification requires keywords 1-79 characters in |
1925 | | * length, forbids leading or trailing whitespace, multiple internal spaces, |
1926 | | * and the non-break space (0x80) from ISO 8859-1. Returns keyword length. |
1927 | | * |
1928 | | * The 'new_key' buffer must be 80 characters in size (for the keyword plus a |
1929 | | * trailing '\0'). If this routine returns 0 then there was no keyword, or a |
1930 | | * valid one could not be generated, and the caller must png_error. |
1931 | | */ |
1932 | | png_uint_32 /* PRIVATE */ |
1933 | | png_check_keyword(png_structrp png_ptr, png_const_charp key, png_bytep new_key) |
1934 | 0 | { |
1935 | 0 | #ifdef PNG_WARNINGS_SUPPORTED |
1936 | 0 | png_const_charp orig_key = key; |
1937 | 0 | #endif |
1938 | 0 | png_uint_32 key_len = 0; |
1939 | 0 | int bad_character = 0; |
1940 | 0 | int space = 1; |
1941 | |
|
1942 | 0 | png_debug(1, "in png_check_keyword"); |
1943 | |
|
1944 | 0 | if (key == NULL) |
1945 | 0 | { |
1946 | 0 | *new_key = 0; |
1947 | 0 | return 0; |
1948 | 0 | } |
1949 | | |
1950 | 0 | while (*key && key_len < 79) |
1951 | 0 | { |
1952 | 0 | png_byte ch = (png_byte)*key++; |
1953 | |
|
1954 | 0 | if ((ch > 32 && ch <= 126) || (ch >= 161 /*&& ch <= 255*/)) |
1955 | 0 | { |
1956 | 0 | *new_key++ = ch; ++key_len; space = 0; |
1957 | 0 | } |
1958 | | |
1959 | 0 | else if (space == 0) |
1960 | 0 | { |
1961 | | /* A space or an invalid character when one wasn't seen immediately |
1962 | | * before; output just a space. |
1963 | | */ |
1964 | 0 | *new_key++ = 32; ++key_len; space = 1; |
1965 | | |
1966 | | /* If the character was not a space then it is invalid. */ |
1967 | 0 | if (ch != 32) |
1968 | 0 | bad_character = ch; |
1969 | 0 | } |
1970 | | |
1971 | 0 | else if (bad_character == 0) |
1972 | 0 | bad_character = ch; /* just skip it, record the first error */ |
1973 | 0 | } |
1974 | |
|
1975 | 0 | if (key_len > 0 && space != 0) /* trailing space */ |
1976 | 0 | { |
1977 | 0 | --key_len; --new_key; |
1978 | 0 | if (bad_character == 0) |
1979 | 0 | bad_character = 32; |
1980 | 0 | } |
1981 | | |
1982 | | /* Terminate the keyword */ |
1983 | 0 | *new_key = 0; |
1984 | |
|
1985 | 0 | if (key_len == 0) |
1986 | 0 | return 0; |
1987 | | |
1988 | 0 | #ifdef PNG_WARNINGS_SUPPORTED |
1989 | | /* Try to only output one warning per keyword: */ |
1990 | 0 | if (*key != 0) /* keyword too long */ |
1991 | 0 | png_warning(png_ptr, "keyword truncated"); |
1992 | | |
1993 | 0 | else if (bad_character != 0) |
1994 | 0 | { |
1995 | 0 | PNG_WARNING_PARAMETERS(p) |
1996 | |
|
1997 | 0 | png_warning_parameter(p, 1, orig_key); |
1998 | 0 | png_warning_parameter_signed(p, 2, PNG_NUMBER_FORMAT_02x, bad_character); |
1999 | |
|
2000 | 0 | png_formatted_warning(png_ptr, p, "keyword \"@1\": bad character '0x@2'"); |
2001 | 0 | } |
2002 | | #else /* !WARNINGS */ |
2003 | | PNG_UNUSED(png_ptr) |
2004 | | #endif /* !WARNINGS */ |
2005 | |
|
2006 | 0 | return key_len; |
2007 | 0 | } |
2008 | | #endif /* TEXT || pCAL || iCCP || sPLT */ |
2009 | | #endif /* READ || WRITE */ |