diff --git a/graphics/png/Makefile b/graphics/png/Makefile index 78e1da0fc57..9781dac5394 100644 --- a/graphics/png/Makefile +++ b/graphics/png/Makefile @@ -1,9 +1,8 @@ -# $OpenBSD: Makefile,v 1.47 2004/08/05 19:17:14 brad Exp $ +# $OpenBSD: Makefile,v 1.48 2004/09/20 01:24:10 brad Exp $ COMMENT= "library for manipulating PNG images" -DISTNAME= libpng-1.2.5 -PKGNAME= ${DISTNAME:S/lib//}p5 +DISTNAME= libpng-1.2.7 CATEGORIES= graphics MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=libpng/} diff --git a/graphics/png/distinfo b/graphics/png/distinfo index e07468d955a..a6581366ea6 100644 --- a/graphics/png/distinfo +++ b/graphics/png/distinfo @@ -1,3 +1,3 @@ -MD5 (libpng-1.2.5.tar.gz) = 0cec860559f2f5f7145da3c6851bacb7 -RMD160 (libpng-1.2.5.tar.gz) = a30feaf1f58ff6905ee5801f463bc683183ccbc2 -SHA1 (libpng-1.2.5.tar.gz) = b0d2c54ebc6c25bd364b20f54eef0c82331d0759 +MD5 (libpng-1.2.7.tar.gz) = 898871b38e92bb233cceee479a4c4b58 +RMD160 (libpng-1.2.7.tar.gz) = c2dd693151a0dbaf382598d21cf5610c618d7d36 +SHA1 (libpng-1.2.7.tar.gz) = 18254116a8c19affbe038b0ea605421ccbb3a67d diff --git a/graphics/png/patches/patch-png_h b/graphics/png/patches/patch-png_h deleted file mode 100644 index f03bd689630..00000000000 --- a/graphics/png/patches/patch-png_h +++ /dev/null @@ -1,25 +0,0 @@ -$OpenBSD: patch-png_h,v 1.1 2004/08/05 19:17:14 brad Exp $ ---- png.h.orig Thu Oct 3 07:32:26 2002 -+++ png.h Thu Aug 5 14:29:45 2004 -@@ -833,7 +833,11 @@ typedef png_info FAR * png_infop; - typedef png_info FAR * FAR * png_infopp; - - /* Maximum positive integer used in PNG is (2^31)-1 */ --#define PNG_MAX_UINT ((png_uint_32)0x7fffffffL) -+#define PNG_UINT_31_MAX ((png_uint_32)0x7fffffffL) -+#define PNG_UINT_32_MAX (~((png_uint_32)0)) -+#define PNG_SIZE_MAX (~((png_size_t)0)) -+/* PNG_MAX_UINT is deprecated; use PNG_UINT_31_MAX instead. */ -+#define PNG_MAX_UINT PNG_UINT_31_MAX - - /* These describe the color_type field in png_info. */ - /* color type masks */ -@@ -2655,6 +2659,8 @@ PNG_EXTERN png_int_32 png_get_int_32 PNG - PNG_EXTERN png_uint_32 png_get_uint_32 PNGARG((png_bytep buf)); - PNG_EXTERN png_uint_16 png_get_uint_16 PNGARG((png_bytep buf)); - #endif /* !PNG_READ_BIG_ENDIAN_SUPPORTED */ -+PNG_EXTERN png_uint_32 png_get_uint_31 PNGARG((png_structp png_ptr, -+ png_bytep buf)); - - /* Initialize png_ptr struct for reading, and allocate any other memory. - * (old interface - DEPRECATED - use png_create_read_struct instead). diff --git a/graphics/png/patches/patch-pngconf_h b/graphics/png/patches/patch-pngconf_h deleted file mode 100644 index 6c60fca75e7..00000000000 --- a/graphics/png/patches/patch-pngconf_h +++ /dev/null @@ -1,33 +0,0 @@ -$OpenBSD: patch-pngconf_h,v 1.2 2004/08/05 19:17:14 brad Exp $ ---- pngconf.h.orig Thu Oct 3 07:32:27 2002 -+++ pngconf.h Thu Aug 5 14:29:45 2004 -@@ -663,6 +663,13 @@ - #endif - #endif /* PNG_1_0_X */ - -+#ifndef PNG_USER_WIDTH_MAX -+# define PNG_USER_WIDTH_MAX 1000000L -+#endif -+#ifndef PNG_USER_HEIGHT_MAX -+# define PNG_USER_HEIGHT_MAX 1000000L -+#endif -+ - /* These are currently experimental features, define them if you want */ - - /* very little testing */ -@@ -1280,6 +1287,7 @@ typedef z_stream FAR * png_zstreamp; - # define CVT_PTR(ptr) (png_far_to_near(png_ptr,ptr,CHECK)) - # define CVT_PTR_NOCHECK(ptr) (png_far_to_near(png_ptr,ptr,NOCHECK)) - # define png_strcpy _fstrcpy -+# define png_strncpy _fstrncpy /* Added to v 1.2.6 */ - # define png_strlen _fstrlen - # define png_memcmp _fmemcmp /* SJT: added */ - # define png_memcpy _fmemcpy -@@ -1288,6 +1296,7 @@ typedef z_stream FAR * png_zstreamp; - # define CVT_PTR(ptr) (ptr) - # define CVT_PTR_NOCHECK(ptr) (ptr) - # define png_strcpy strcpy -+# define png_strncpy strncpy /* Added to v 1.2.6 */ - # define png_strlen strlen - # define png_memcmp memcmp /* SJT: added */ - # define png_memcpy memcpy diff --git a/graphics/png/patches/patch-pngerror_c b/graphics/png/patches/patch-pngerror_c deleted file mode 100644 index 495f9f11edd..00000000000 --- a/graphics/png/patches/patch-pngerror_c +++ /dev/null @@ -1,12 +0,0 @@ -$OpenBSD: patch-pngerror_c,v 1.3 2004/07/10 23:19:21 brad Exp $ ---- pngerror.c.orig Thu Oct 3 07:32:27 2002 -+++ pngerror.c Sat Jul 10 19:11:39 2004 -@@ -137,7 +137,7 @@ png_format_buffer(png_structp png_ptr, p - { - buffer[iout++] = ':'; - buffer[iout++] = ' '; -- png_memcpy(buffer+iout, error_message, 64); -+ png_strncpy(buffer+iout, error_message, 63); - buffer[iout+63] = 0; - } - } diff --git a/graphics/png/patches/patch-pngpread_c b/graphics/png/patches/patch-pngpread_c deleted file mode 100644 index eca8655408b..00000000000 --- a/graphics/png/patches/patch-pngpread_c +++ /dev/null @@ -1,34 +0,0 @@ -$OpenBSD: patch-pngpread_c,v 1.1 2004/08/05 19:17:14 brad Exp $ ---- pngpread.c.orig Thu Oct 3 07:32:28 2002 -+++ pngpread.c Thu Aug 5 14:29:45 2004 -@@ -208,7 +208,7 @@ png_push_read_chunk(png_structp png_ptr, - } - - png_push_fill_buffer(png_ptr, chunk_length, 4); -- png_ptr->push_length = png_get_uint_32(chunk_length); -+ png_ptr->push_length = png_get_uint_31(png_ptr,chunk_length); - png_reset_crc(png_ptr); - png_crc_read(png_ptr, png_ptr->chunk_name, 4); - png_ptr->mode |= PNG_HAVE_CHUNK_HEADER; -@@ -591,6 +591,11 @@ png_push_save_buffer(png_structp png_ptr - png_size_t new_max; - png_bytep old_buffer; - -+ if (png_ptr->save_buffer_size > PNG_SIZE_MAX - -+ (png_ptr->current_buffer_size + 256)) -+ { -+ png_error(png_ptr, "Potential overflow of save_buffer"); -+ } - new_max = png_ptr->save_buffer_size + png_ptr->current_buffer_size + 256; - old_buffer = png_ptr->save_buffer; - png_ptr->save_buffer = (png_bytep)png_malloc(png_ptr, -@@ -637,8 +642,7 @@ png_push_read_IDAT(png_structp png_ptr) - } - - png_push_fill_buffer(png_ptr, chunk_length, 4); -- png_ptr->push_length = png_get_uint_32(chunk_length); -- -+ png_ptr->push_length = png_get_uint_31(png_ptr,chunk_length); - png_reset_crc(png_ptr); - png_crc_read(png_ptr, png_ptr->chunk_name, 4); - png_ptr->mode |= PNG_HAVE_CHUNK_HEADER; diff --git a/graphics/png/patches/patch-pngread_c b/graphics/png/patches/patch-pngread_c deleted file mode 100644 index 92b918f9234..00000000000 --- a/graphics/png/patches/patch-pngread_c +++ /dev/null @@ -1,63 +0,0 @@ -$OpenBSD: patch-pngread_c,v 1.1 2004/08/05 19:17:14 brad Exp $ ---- pngread.c.orig Thu Oct 3 07:32:29 2002 -+++ pngread.c Thu Aug 5 14:29:45 2004 -@@ -384,7 +384,7 @@ png_read_info(png_structp png_ptr, png_i - png_uint_32 length; - - png_read_data(png_ptr, chunk_length, 4); -- length = png_get_uint_32(chunk_length); -+ length = png_get_uint_31(png_ptr,chunk_length); - - png_reset_crc(png_ptr); - png_crc_read(png_ptr, png_ptr->chunk_name, 4); -@@ -392,9 +392,6 @@ png_read_info(png_structp png_ptr, png_i - png_debug2(0, "Reading %s chunk, length=%lu.\n", png_ptr->chunk_name, - length); - -- if (length > PNG_MAX_UINT) -- png_error(png_ptr, "Invalid chunk length."); -- - /* This should be a binary subdivision search or a hash for - * matching the chunk name rather than a linear search. - */ -@@ -673,11 +670,8 @@ png_read_row(png_structp png_ptr, png_by - png_crc_finish(png_ptr, 0); - - png_read_data(png_ptr, chunk_length, 4); -- png_ptr->idat_size = png_get_uint_32(chunk_length); -+ png_ptr->idat_size = png_get_uint_31(png_ptr,chunk_length); - -- if (png_ptr->idat_size > PNG_MAX_UINT) -- png_error(png_ptr, "Invalid chunk length."); -- - png_reset_crc(png_ptr); - png_crc_read(png_ptr, png_ptr->chunk_name, 4); - if (png_memcmp(png_ptr->chunk_name, png_IDAT, 4)) -@@ -946,16 +940,13 @@ png_read_end(png_structp png_ptr, png_in - #endif /* PNG_GLOBAL_ARRAYS */ - - png_read_data(png_ptr, chunk_length, 4); -- length = png_get_uint_32(chunk_length); -+ length = png_get_uint_31(png_ptr,chunk_length); - - png_reset_crc(png_ptr); - png_crc_read(png_ptr, png_ptr->chunk_name, 4); - - png_debug1(0, "Reading %s chunk.\n", png_ptr->chunk_name); - -- if (length > PNG_MAX_UINT) -- png_error(png_ptr, "Invalid chunk length."); -- - if (!png_memcmp(png_ptr->chunk_name, png_IHDR, 4)) - png_handle_IHDR(png_ptr, info_ptr, length); - else if (!png_memcmp(png_ptr->chunk_name, png_IEND, 4)) -@@ -1298,6 +1289,9 @@ png_read_png(png_structp png_ptr, png_in - * PNG file before the first IDAT (image data chunk). - */ - png_read_info(png_ptr, info_ptr); -+ -+ if (info_ptr->height > PNG_UINT_32_MAX/sizeof(png_bytep)) -+ png_error(png_ptr,"Image is too high to process with png_read_png()"); - - /* -------------- image transformations start here ------------------- */ - diff --git a/graphics/png/patches/patch-pngrtran_c b/graphics/png/patches/patch-pngrtran_c deleted file mode 100644 index 71d3ea07dff..00000000000 --- a/graphics/png/patches/patch-pngrtran_c +++ /dev/null @@ -1,47 +0,0 @@ -$OpenBSD: patch-pngrtran_c,v 1.1 2004/07/06 22:17:49 brad Exp $ ---- pngrtran.c.orig Tue Jul 6 17:44:30 2004 -+++ pngrtran.c Tue Jul 6 17:46:22 2004 -@@ -1889,8 +1889,8 @@ png_do_read_filler(png_row_infop row_inf - /* This changes the data from GG to GGXX */ - if (flags & PNG_FLAG_FILLER_AFTER) - { -- png_bytep sp = row + (png_size_t)row_width; -- png_bytep dp = sp + (png_size_t)row_width; -+ png_bytep sp = row + (png_size_t)row_width * 2; -+ png_bytep dp = sp + (png_size_t)row_width * 2; - for (i = 1; i < row_width; i++) - { - *(--dp) = hi_filler; -@@ -1907,8 +1907,8 @@ png_do_read_filler(png_row_infop row_inf - /* This changes the data from GG to XXGG */ - else - { -- png_bytep sp = row + (png_size_t)row_width; -- png_bytep dp = sp + (png_size_t)row_width; -+ png_bytep sp = row + (png_size_t)row_width * 2; -+ png_bytep dp = sp + (png_size_t)row_width * 2; - for (i = 0; i < row_width; i++) - { - *(--dp) = *(--sp); -@@ -1965,8 +1965,8 @@ png_do_read_filler(png_row_infop row_inf - /* This changes the data from RRGGBB to RRGGBBXX */ - if (flags & PNG_FLAG_FILLER_AFTER) - { -- png_bytep sp = row + (png_size_t)row_width * 3; -- png_bytep dp = sp + (png_size_t)row_width; -+ png_bytep sp = row + (png_size_t)row_width * 6; -+ png_bytep dp = sp + (png_size_t)row_width * 2; - for (i = 1; i < row_width; i++) - { - *(--dp) = hi_filler; -@@ -1987,8 +1987,8 @@ png_do_read_filler(png_row_infop row_inf - /* This changes the data from RRGGBB to XXRRGGBB */ - else - { -- png_bytep sp = row + (png_size_t)row_width * 3; -- png_bytep dp = sp + (png_size_t)row_width; -+ png_bytep sp = row + (png_size_t)row_width * 6; -+ png_bytep dp = sp + (png_size_t)row_width * 2; - for (i = 0; i < row_width; i++) - { - *(--dp) = *(--sp); diff --git a/graphics/png/patches/patch-pngrutil_c b/graphics/png/patches/patch-pngrutil_c deleted file mode 100644 index e020b0e3149..00000000000 --- a/graphics/png/patches/patch-pngrutil_c +++ /dev/null @@ -1,103 +0,0 @@ -$OpenBSD: patch-pngrutil_c,v 1.1 2004/08/05 19:17:14 brad Exp $ ---- pngrutil.c.orig Thu Oct 3 07:32:30 2002 -+++ pngrutil.c Thu Aug 5 14:29:45 2004 -@@ -38,6 +38,14 @@ __inline double strtod(const char *nptr, - # endif - #endif - -+png_uint_32 /* PRIVATE */ -+png_get_uint_31(png_structp png_ptr, png_bytep buf) -+{ -+ png_uint_32 i = png_get_uint_32(buf); -+ if (i > PNG_UINT_31_MAX) -+ png_error(png_ptr, "PNG unsigned integer out of range.\n"); -+ return (i); -+} - #ifndef PNG_READ_BIG_ENDIAN_SUPPORTED - /* Grab an unsigned 32-bit integer from a buffer in big-endian format. */ - png_uint_32 /* PRIVATE */ -@@ -579,7 +587,7 @@ png_handle_gAMA(png_structp png_ptr, png - /* Should be an error, but we can cope with it */ - png_warning(png_ptr, "Out of place gAMA chunk"); - -- else if (info_ptr != NULL && (info_ptr->valid & PNG_INFO_gAMA) -+ if (info_ptr != NULL && (info_ptr->valid & PNG_INFO_gAMA) - #if defined(PNG_READ_sRGB_SUPPORTED) - && !(info_ptr->valid & PNG_INFO_sRGB) - #endif -@@ -660,7 +668,7 @@ png_handle_sBIT(png_structp png_ptr, png - /* Should be an error, but we can cope with it */ - png_warning(png_ptr, "Out of place sBIT chunk"); - } -- else if (info_ptr != NULL && (info_ptr->valid & PNG_INFO_sBIT)) -+ if (info_ptr != NULL && (info_ptr->valid & PNG_INFO_sBIT)) - { - png_warning(png_ptr, "Duplicate sBIT chunk"); - png_crc_finish(png_ptr, length); -@@ -729,7 +737,7 @@ png_handle_cHRM(png_structp png_ptr, png - /* Should be an error, but we can cope with it */ - png_warning(png_ptr, "Missing PLTE before cHRM"); - -- else if (info_ptr != NULL && (info_ptr->valid & PNG_INFO_cHRM) -+ if (info_ptr != NULL && (info_ptr->valid & PNG_INFO_cHRM) - #if defined(PNG_READ_sRGB_SUPPORTED) - && !(info_ptr->valid & PNG_INFO_sRGB) - #endif -@@ -891,7 +899,7 @@ png_handle_sRGB(png_structp png_ptr, png - /* Should be an error, but we can cope with it */ - png_warning(png_ptr, "Out of place sRGB chunk"); - -- else if (info_ptr != NULL && (info_ptr->valid & PNG_INFO_sRGB)) -+ if (info_ptr != NULL && (info_ptr->valid & PNG_INFO_sRGB)) - { - png_warning(png_ptr, "Duplicate sRGB chunk"); - png_crc_finish(png_ptr, length); -@@ -977,8 +985,7 @@ png_handle_iCCP(png_structp png_ptr, png - png_bytep pC; - png_charp profile; - png_uint_32 skip = 0; -- png_uint_32 profile_size = 0; -- png_uint_32 profile_length = 0; -+ png_uint_32 profile_size, profile_length; - png_size_t slength, prefix_length, data_length; - - png_debug(1, "in png_handle_iCCP\n"); -@@ -995,7 +1002,7 @@ png_handle_iCCP(png_structp png_ptr, png - /* Should be an error, but we can cope with it */ - png_warning(png_ptr, "Out of place iCCP chunk"); - -- else if (info_ptr != NULL && (info_ptr->valid & PNG_INFO_iCCP)) -+ if (info_ptr != NULL && (info_ptr->valid & PNG_INFO_iCCP)) - { - png_warning(png_ptr, "Duplicate iCCP chunk"); - png_crc_finish(png_ptr, length); -@@ -1154,8 +1161,18 @@ png_handle_sPLT(png_structp png_ptr, png - } - - new_palette.nentries = data_length / entry_size; -- new_palette.entries = (png_sPLT_entryp)png_malloc( -+ if (new_palette.nentries > PNG_SIZE_MAX / sizeof(png_sPLT_entry)) -+ { -+ png_warning(png_ptr, "sPLT chunk too long"); -+ return; -+ } -+ new_palette.entries = (png_sPLT_entryp)png_malloc_warn( - png_ptr, new_palette.nentries * sizeof(png_sPLT_entry)); -+ if (new_palette.entries == NULL) -+ { -+ png_warning(png_ptr, "sPLT chunk requires too much memory"); -+ return; -+ } - - #ifndef PNG_NO_POINTER_INDEXING - for (i = 0; i < new_palette.nentries; i++) -@@ -1241,7 +1258,8 @@ png_handle_tRNS(png_structp png_ptr, png - /* Should be an error, but we can cope with it */ - png_warning(png_ptr, "Missing PLTE before tRNS"); - } -- else if (length > (png_uint_32)png_ptr->num_palette) -+ if (length > (png_uint_32)png_ptr->num_palette || -+ length > PNG_MAX_PALETTE_LENGTH) - { - png_warning(png_ptr, "Incorrect tRNS chunk length"); - png_crc_finish(png_ptr, length); diff --git a/graphics/png/patches/patch-pngset_c b/graphics/png/patches/patch-pngset_c deleted file mode 100644 index 2f78e86e0d5..00000000000 --- a/graphics/png/patches/patch-pngset_c +++ /dev/null @@ -1,12 +0,0 @@ -$OpenBSD: patch-pngset_c,v 1.1 2004/08/05 19:17:14 brad Exp $ ---- pngset.c.orig Thu Oct 3 07:32:30 2002 -+++ pngset.c Thu Aug 5 14:29:45 2004 -@@ -253,6 +253,8 @@ png_set_IHDR(png_structp png_ptr, png_in - png_error(png_ptr, "Image width or height is zero in IHDR"); - if (width > PNG_MAX_UINT || height > PNG_MAX_UINT) - png_error(png_ptr, "Invalid image size in IHDR"); -+ if (width > PNG_USER_WIDTH_MAX || height > PNG_USER_HEIGHT_MAX) -+ png_error(png_ptr, "image size exceeds user limits in IHDR"); - - /* check other values */ - if (bit_depth != 1 && bit_depth != 2 && bit_depth != 4 && diff --git a/graphics/png/patches/patch-scripts_makefile_openbsd b/graphics/png/patches/patch-scripts_makefile_openbsd index 65c3cbd65f9..39432c73d35 100644 --- a/graphics/png/patches/patch-scripts_makefile_openbsd +++ b/graphics/png/patches/patch-scripts_makefile_openbsd @@ -1,6 +1,6 @@ -$OpenBSD: patch-scripts_makefile_openbsd,v 1.9 2004/07/06 21:53:16 brad Exp $ ---- scripts/makefile.openbsd.orig Thu Oct 3 07:32:34 2002 -+++ scripts/makefile.openbsd Tue Jul 6 17:33:35 2004 +$OpenBSD: patch-scripts_makefile_openbsd,v 1.10 2004/09/20 01:24:11 brad Exp $ +--- scripts/makefile.openbsd.orig Sat Sep 11 22:19:36 2004 ++++ scripts/makefile.openbsd Sat Sep 18 22:43:38 2004 @@ -1,13 +1,16 @@ -# makefile for libpng +# makefile for libpng under OpenBSD @@ -16,9 +16,9 @@ $OpenBSD: patch-scripts_makefile_openbsd,v 1.9 2004/07/06 21:53:16 brad Exp $ +DOCDIR= ${PREFIX}/share/doc/png -SHLIB_MAJOR= 0 --SHLIB_MINOR= 1.2.5 +-SHLIB_MINOR= 1.2.7 +SHLIB_MAJOR= 4 -+SHLIB_MINOR= 0 ++SHLIB_MINOR= 1 LIB= png SRCS= png.c pngerror.c pnggccrd.c pngget.c pngmem.c pngpread.c \ diff --git a/graphics/png/pkg/PFRAG.shared b/graphics/png/pkg/PFRAG.shared index 000bbb8f318..ffa2b04f6ee 100644 --- a/graphics/png/pkg/PFRAG.shared +++ b/graphics/png/pkg/PFRAG.shared @@ -1,2 +1,2 @@ -@comment $OpenBSD: PFRAG.shared,v 1.12 2004/09/15 00:50:10 espie Exp $ -@lib lib/libpng.so.4.0 +@comment $OpenBSD: PFRAG.shared,v 1.13 2004/09/20 01:24:11 brad Exp $ +@lib lib/libpng.so.4.1