pnggroup / libpng Goto Github PK

LIBPNG: Portable Network Graphics support, official libpng repository

License: Other

C 73.16% Assembly 0.21% Shell 11.81% Makefile 3.74% Awk 1.09% CMake 1.47% DIGITAL Command Language 0.27% Batchfile 0.09% Module Management System 0.05% M4 0.62% C++ 0.16% Roff 6.83% Dockerfile 0.03% Python 0.45%

libpng's People

Contributors

Stargazers

Watchers

Forkers

imazen ctruta lasote herocodemaster shenzhiming gnuhub cms-externals miraisdk alamaison xiaoliukai madvay varlog rxl194 gamefusion enseed flair rcseacord onevcat antoinereyt nicolaichuk techsmith justgaoyuan dreamflyforever rig-project daviddrysdale rpcs3 davidcorbin mwgoldsmith mattsarett nixonk u-stone dzoidx doo krrishnarraj elarafx dago thu-real aseprite jasontujun walterwhitedong k-shinotsuka harold-b junaidnaseer zhiyix code-mx jianyjjy codefoco-forks cctravel gailysun templeblock mandar-sahastrabuddhe kmammou chkob damiandixon akonia ericchill rubenvb zbxzc35 andy-held pkxwmpgn lilith salleodore phazmatis seven332 syrianballas andersonunsonst mhoffesommer madmaxoft dooglz kleemedia zhuchen1911 romeromalaquias ponapalt significant-bit xbmc bysreg cambriconandroid tamworth kylelampe njlr wesleywwf gatgui kleopatra999 sentimentron sintefmath rcdailey kinddragon lukynfromhell anatom-e andymiao858 wking07 thfabian cybersys victorlee1988 lealbyte playbar kcc ziosk malterlib skirk

libpng's Issues

Potential memory leak in png_handle_pCAL.

Given a correctly crafted PNG it is possible that the params passed into png_set_pCAL will fail the if (params[i] == NULL || !png_check_fp_string(params[i], strlen(params[i]))) check. If that happens then a longjmp will occur to some other location in the code.

This causes the params pointer allocated in png_handle_pCAL to leak.

I have a potential fix in: https://codereview.chromium.org/2292313003/ which I can turn into a pull request if its the correct approach to fixing the issue.

integrate with OSS-Fuzz (continuous automated fuzzing), and fix a recent regression (leak)

Hello,

OSS-Fuzz is a continuous fuzzing service provided to important OSS projects for free:
https://github.com/google/oss-fuzz
https://opensource.googleblog.com/2017/05/oss-fuzz-five-months-later-and.html

Normally, an open-source project would do the integration with OSS-Fuzz themselves, but since libpng is so widely used we've made an initial integration for libpng ourselves a while ago:
https://github.com/google/oss-fuzz/tree/master/projects/libpng

The fuzzer has been running since late 2016 w/o any bug reports, but now it has reported a first bug (memory leak), which seems to be a recent regression, introduced between 4ab78af and 68a80b1

ERROR: LeakSanitizer: detected memory leaks
Direct leak of 538976288 byte(s) in 1 object(s) allocated from:
    #0 0x4de2c8 in malloc /src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cc:67
    #1 0x5a4406 in png_malloc_warn /src/libpng/pngmem.c:217:23
    #2 0x5d2689 in png_handle_eXIf /src/libpng/pngrutil.c:2031:15
    #3 0x5a4d34 in png_read_info /src/libpng/pngread.c:180:10
    #4 0x5190f0 in LLVMFuzzerTestOneInput /src/libpng_read_fuzzer.cc:88:3

So, at this moment we would ask for your help to better integrate libpng with OSS-Fuzz:

Please send a pull request to https://github.com/google/oss-fuzz/blob/master/projects/libpng/project.yaml to add one or more maintainers so that bugs are automatically CC-ed. (Example, docs). This will give you access to https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2821, which has the leak report (same as above) and the input that reproduces the leak
Take a look at https://github.com/google/oss-fuzz/blob/master/projects/libpng/libpng_read_fuzzer.cc; if it makes sense to you, please integrate it into the main libpng repository, see https://github.com/google/oss-fuzz/blob/master/docs/ideal_integration.md for more details.

runtime error: load of misaligned address

I've been testing libpng using clang address sanitizer and undefined behaviour sanitizer.

libpng/intel/filter_sse2_intrinsics.c:32:29: runtime error: load of misaligned address 0x6200000030a3 for type 'const int', which requires 4 byte alignment
0x6200000030a3: note: pointer points here
 01  04 0c 77 00 00 00 ff ff  ff 01 02 00 00 00 fe 00  00 00 00 00 00 00 00 fe  00 00 00 00 00 02 00
              ^ 
SUMMARY: AddressSanitizer: undefined-behavior libpng/intel/filter_sse2_intrinsics.c:32:29 in 
libpng/intel/filter_sse2_intrinsics.c:63:4: runtime error: store to misaligned address 0x6200000030a3 for type 'png_uint_16' (aka 'unsigned short'), which requires 2 byte alignment
0x6200000030a3: note: pointer points here
 01  04 0c 77 00 00 00 ff ff  ff 01 02 00 00 00 fe 00  00 00 00 00 00 00 00 fe  00 00 00 00 00 02 00
              ^ 
SUMMARY: AddressSanitizer: undefined-behavior libpng/intel/filter_sse2_intrinsics.c:63:4 in 
libpng/intel/filter_sse2_intrinsics.c:46:37: runtime error: load of misaligned address 0x620000003b11 for type 'const png_uint_16' (aka 'const unsigned short'), which requires 2 byte alignment
0x620000003b11: note: pointer points here
 75 be 83  75 00 00 00 be be be be  be be be be be be be be  be be be be be be be be  be be be be be

The solution to this is to use memcpy rather than direct access to the pointer. The compiler will optimise it out in the appropriate cases.

png_write_png (libpng 1.6.21 + zlib 1.2.8) causes uninitiialized read in fill_window

Has this issue been seen before, or should I try to work up a test case to reproduce it?

Conditional jump or move depends on uninitialised value(s)
at 0x4F52F22: fill_window
by 0x4F536FE: deflate_fast
by 0x4F5209F: deflate
by 0x4F4B7E1: png_compress_IDAT
by 0x4F4EA9C: png_write_filtered_row
by 0x4F4EA6D: png_write_find_filter
by 0x4F46F41: png_write_row
by 0x4F46927: png_write_image
by 0x4F478E2: png_write_png
Uninitialised value was created by a heap allocation
at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
by 0x4F28825: png_malloc_base
by 0x4F28A85: png_malloc_warn
by 0x4F1FB98: png_zalloc
by 0x4F5053A: deflateInit2_
by 0x4F4ACB8: png_deflate_claim
by 0x4F4B727: png_compress_IDAT
by 0x4F4EA9C: png_write_filtered_row
by 0x4F4EA6D: png_write_find_filter
by 0x4F46F41: png_write_row
by 0x4F46927: png_write_image
by 0x4F478E2: png_write_png

Naming convention in `contrib/testpngs/crashers/*`

On OSX, after a fresh clone of the repo, you will end up with changes even though you have not touch anything yet. After some digging it appears that some files have the same names since the file system is case insensitive (SO). The files are listed below:

contrib/testpngs/crashers/huge_juNK_chunk.png
contrib/testpngs/crashers/huge_juNk_chunk.png

This might lead to error, when cloned automatically from build script (i.e. CMake's ExternalProjects)

Christophe

[pngfix] ./ as part of input filename causes problems

I wanted to fix several png images at once using find, it turns out that the ./ is not understood correctly as part of the filename. Here is a simple example:

~$ pngfix --prefix=fix_ ./sample.png
fix_./sample.png: No such file or directory

libpng warning: Invalid image width in IHDR

libpng warning: Invalid image width in IHDR
libpng warning: Image width exceeds user limit in IHDR
libpng error: Invalid IHDR data
Abort trap: 6

There's any way I can solve that, can I play directly on IHDR to allow any kind of width? This warnings are thrown but the .png file got created anyway but it's empty though.

Add dll support to command line build for MSVC

If I use the visual studio project files I can build libpng.dll

However, if I use the command line like so:

nmake -f scripts\makefile.vcwin32 all

It only builds a static libpng.lib

It would be nice to have the option to build it as a .dll with a .lib import library the way the project files do.

Thanks.

pngfix: contrib/tools/pngfix.c:2708: zlib_check: Assertion `test_bits == 15' failed

I just compiled libpng from git source and am fuzzing pngfix with American Fuzzy Lop and I came across a "png" (https://dl.dropboxusercontent.com/u/6088006/libpng/test01.png) that causes an assertion failure.

~/libpng/pngfix --strip=all test01.png
pngfix: contrib/tools/pngfix.c:2708: zlib_check: Assertion `test_bits == 15' failed.
Aborted

Starting program: /home/geeknik/libpng/pngfix --strip=all test01.png
pngfix: contrib/tools/pngfix.c:2708: zlib_check: Assertion `test_bits == 15' failed.

Program received signal SIGABRT, Aborted.
0x00007ffff754c107 in __GI_raise (sig=sig@entry=6)
    at ../nptl/sysdeps/unix/sysv/linux/raise.c:56
56  ../nptl/sysdeps/unix/sysv/linux/raise.c: No such file or directory.
(gdb) bt
#0  0x00007ffff754c107 in __GI_raise (sig=sig@entry=6)
    at ../nptl/sysdeps/unix/sysv/linux/raise.c:56
#1  0x00007ffff754d4e8 in __GI_abort () at abort.c:89
#2  0x00007ffff7545226 in __assert_fail_base (
    fmt=0x7ffff767bce8 "%s%s%s:%u: %s%sAssertion `%s' failed.\n%n", 
    assertion=assertion@entry=0x52cf42 "test_bits == 15", 
    file=file@entry=0x52cdae "contrib/tools/pngfix.c", line=line@entry=2708, 
    function=function@entry=0x52dcaf <__PRETTY_FUNCTION__.6586> "zlib_check")
    at assert.c:92
#3  0x00007ffff75452d2 in __GI___assert_fail (
    assertion=assertion@entry=0x52cf42 "test_bits == 15", 
    file=file@entry=0x52cdae "contrib/tools/pngfix.c", line=line@entry=2708, 
    function=function@entry=0x52dcaf <__PRETTY_FUNCTION__.6586> "zlib_check")
    at assert.c:101
#4  0x00000000004103c5 in zlib_check (file=file@entry=0x7fffffffd040, 
    offset=offset@entry=0) at contrib/tools/pngfix.c:2708
#5  0x0000000000411302 in process_IDAT (file=0x7fffffffd040)
    at contrib/tools/pngfix.c:1968
#6  process_chunk (file=file@entry=0x7fffffffd040, file_crc=<optimized out>, 
    next_length=808464432, next_type=1682263620) at contrib/tools/pngfix.c:2924
#7  0x000000000041a4be in sync_stream (file=<optimized out>)
    at contrib/tools/pngfix.c:3039
#8  read_chunk (file=file@entry=0x7fffffffd040) at contrib/tools/pngfix.c:3162
#9  0x000000000041bd98 in read_callback (png_ptr=0x73c250, 
    buffer=0x7fffffffcee0 "RDHI", count=8) at contrib/tools/pngfix.c:3283
#10 0x00000000004c8338 in png_read_chunk_header (
    png_ptr=png_ptr@entry=0x73c250) at pngrutil.c:168
#11 0x000000000045ca68 in png_read_info (png_ptr=0x73c250, info_ptr=0x73c740)
    at pngread.c:108
#12 0x0000000000474019 in png_read_info (png_ptr=<optimized out>, 
    info_ptr=<optimized out>) at pngread.c:254
#13 0x0000000000401bed in read_png (control=0x7fffffffd040)
    at contrib/tools/pngfix.c:3618
#14 0x0000000000404449 in one_file (out_name=<optimized out>, 
    file_name=<optimized out>, global=<optimized out>)
    at contrib/tools/pngfix.c:3666
#15 main (argc=1, argv=0x7fffffffe368) at contrib/tools/pngfix.c:4008
(gdb) i r
rax            0x0  0
rbx            0x7ffff7ff4000   140737354088448
rcx            0xffffffffffffffff   -1
rdx            0x6  6
rsi            0x1e47d  124029
rdi            0x1e47d  124029
rbp            0x7ffff767bce8   0x7ffff767bce8
rsp            0x7fffffffcac8   0x7fffffffcac8
r8             0xfefefefefefefe00   -72340172838076928
r9             0x74e4b0 7660720
r10            0x8  8
r11            0x246    582
r12            0x52cf42 5427010
r13            0x52dcaf 5430447
r14            0x11 17
r15            0x7fffffffcd00   140737488342272
rip            0x7ffff754c107   0x7ffff754c107 <__GI_raise+55>
eflags         0x246    [ PF ZF IF ]
cs             0x33 51
ss             0x2b 43
ds             0x0  0
es             0x0  0
fs             0x0  0
gs             0x0  0

Small inconsistency in CMake install output

It appears that headers are copied twice to install output, to include but also to include/libpng16 directories.

(I have KDiff-ed them and they're all identical)

Sincere request to remove the sRGB profile error

Hello Glenn,

Was just curious if you guys are comfortable in removing this if statement. It's causing a lot of headache throughout the communities. Some examples are here and here.

I understand that the warning is important to you, however I'm a really big user of the Godot engine. And our contributors are denying my request to remove it, as they are not allowed to touch upstream sources.

If you guys can remove that if statement in a new version, they will most likely update to the latest version, and thus, it will be removed. The line in your codebase is here, at #2350.

However, I don't expect you guys to listen nor care at all, but it's worth a shot! For the record, I'm not a Godot contributor, just a heavy user of the engine. Also, libpng has been great within Godot and honestly, this would relieve quite a bit of stress.

Kind Regards,

-Nick

CMake in project put ASM at the end

I propose to change line 34 in CMakeLists.txt from project(libpng ASM C) to project(libpng C ASM). Reason is that CMake uses the C compiler on some systems to detect ASM capabilities and therefore order matters here.

Example: CMake with MSVC 2015 as generator will generate an error (No ASM compiler found) without the change but not with the change.

Please see this CMake issue for a confirmation from CMake and their proposed update to the CMake documentation recommending this.

Since I don't know to which branch of libpng to make a PR and it's a really small change I just post it here as an issue.

image cut off

Filed in Chromium as crbug.com/807324. Chromium is using 1.6.34. I tried updating to 1.6.35beta01 but still see the same problem:

The following image is cut off:

I see a png warning "IDAT: ADLER32 checksum mismatch". Then we stop processing the IDAT.

This image decoded correctly in the previous version Chromium was using: 1.6.22

Declaration/definition mismatch for png_set_eXIf_1

File png.h, line 2019
Third paramter has no const for the third parameter in declaration.
Maybe it is not needed at all, and should be removed from the method definintion.

libpng configuration package is completely broken

So right now, the CMake script attempts to install exports for libpng but they're not usable by find_package() because they are not following the proper rules documented by CMake. I'm happy to fix this for you, but I want to make you aware of certain changes that need to happen.

The fact that the project is named "libpng" instead of "png" will make things quirky on linux because the 'lib' part is usually implied on that platform. Since it doesn't seem reasonable to rename everything to just "png" (unless you are ok with this; it's a lot of refactoring but possible to do), the config package installation logic will be inconsistent.

In most cases, users will be expected to do this:

find_package(png CONFIG)

This will trigger the config package search for libpng, as opposed to the "FindPNG.cmake" that comes with CMake (this is the module package structure which is the older way of doing it).

There are 2 main requirements that I think you want:

New installations of libpng should remain structurally backward compatible with module package (i.e. people that use FindPNG.cmake should still be able to do so)
New installations of libpng should install config and starget scripts in CMake's deterministic structure so that config package searches work (this will be a new feature since the current way it is being done is non-functional).

When users do find_package(png CONFIG), CMake searches for a png-config.cmake, which will in turn do an include() to include png-targets.cmake. So the final install structure would look like:

Under ${CMAKE_INSTALL_PREFIX}/lib/png/[cmake/]:

png-config.cmake
png-targets.cmake

You're already sort-of doing png-config.cmake, but the name is incorrect. You're installing the name as libpng, which will require users to do find_package(libpng), which breaks interoperability with the module package style.

How much flexibility do I have in restructuring and renaming things from the installation logic standpoint? I want to fix all of this but I need to know what I can and can't do. Happy to go over detail items if you want.

There's a lot of weirdness with the library naming as well, but I recognize for backward compatibility reasons, you probably can't allow the naming convention for the libraries to change. Normally the VERSION and SOVERSION symlinking and management is done for you by CMake, if you set it up right. Right now, the script assumes responsibility for doing all of that by hand.

libpng-config should filter out -L/usr/lib (or -L/usr/lib64)

Calling libpng-config --ldflags unconditionally emits -Lxxx, which is problematic. Consider a standard Unix installation with libraries in /usr/lib (or /usr/lib64), and local packages in /usr/local/lib (or /usr/local/lib64). It is quite common that the linker is set up to first look into /usr/local, then into /usr – this allows to provide newer, self-compiled library versions in the /usr/local tree.

If libpng-config installed in /usr is now called by a configure script, it emits -L/usr/lib (or -L/usr/lib64). Since -L prepends directories to the library search path, the linker no longer looks into /usr/local first for all libraries that follow, effectively hiding all newer library versions in /usr/local.

For this reason, /usr/lib and /usr/lib64 should always be filtered out. In case you want to stay with libpng-config at all (Debian gets rid of all *-config scripts soon), here is a possible patch.

--- libpng16-config.orig        2017-05-10 01:26:17.000000000 +0200
+++ libpng16-config     2018-02-10 20:30:06.195253267 +0100
@@ -25,6 +25,12 @@
 ccopts=""
 ldopts=""
 
+if test "${libdir}" = "/usr/lib" ||
+   test "${libdir}" = "/usr/lib64"; then
+  L_opts=""
+fi
+
+
 usage()
 {
     cat <<EOF

Conan package for libpng

Hello
Do you know about Conan package manager? Can you add Conan package for libpng and maintain it? Here you can find example of my conan recipe for libpng: https://github.com/ZaMaZaN4iK/conan-libpng

1.5.28beta01: [informational] pngtest and pngvalid-simple fail with clang and ubsan

This is a duplicate report, however I think the other report is on sourceforge - I can't find it on github. This is mainly for information; there isn't actually a bug in libpng because unsigned integer overflow is very well defined in C and is expected here.

pngtest.c fails at line 2186 of png.h (git head); the line which calculates ad+bc. pngvalid --simple fails with the rgb_to_gray transform. That's part of the 'pngvalid --transform' test. pngvalid catches the exception internally but it comes from the same line. Here's pngtest-log.txt:

pngtest-log.txt

This is in a x86_64-linux-clang+ubsan 'regen' build, the relevant clang options being '-fsanitize=undefined,unsigned-integer-overflow -fsanitize-trap=undefined,unsigned-integer-overflow'. I'll append the full make.out at the end.

Issue #139 is a generic unsigned overflow issue list for 1.6. The cHRM check is different and uses png_muldiv which I believe doesn't have any overflow issues. Here's the 1.5 gdb output from pngtest:

jbowler@hippopopus ~/src/libpng/libpng15/build/x86_64-linux-clang+ubsan $ LD_LIBRARY_PATH=$PWD/.libs:$LD_LIBRARY_PATH gdb .libs/pngtest
GNU gdb (Gentoo 7.12 vanilla) 7.12
Copyright (C) 2016 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-pc-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
https://bugs.gentoo.org/.
Find the GDB manual and other documentation resources online at:
http://www.gnu.org/software/gdb/documentation/.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from .libs/pngtest...done.
(gdb) run --strict ../../code/pngtest.png
Starting program: /home/jbowler/src/libpng/libpng15/build/x86_64-linux-clang+ubsan/.libs/pngtest --strict ../../code/pngtest.png

Testing libpng version 1.5.28beta01
with zlib version 1.2.8

libpng version 1.5.28beta01 - May 29, 2016
Copyright (c) 1998-2002,2004,2006-2016 Glenn Randers-Pehrson
Copyright (c) 1996-1997 Andreas Dilger
Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc.
library (10528): libpng version 1.5.28beta01 - May 29, 2016

pngtest (10528): libpng version 1.5.28beta01 - May 29, 2016

Program received signal SIGILL, Illegal instruction.
0x00007ffff7ae02b7 in png_64bit_product (v1=-34000, v2=-27000,
hi_product=0x7fffffffc6a0, lo_product=0x7fffffffc698)
at /home/jbowler/src/libpng/libpng15/code/png.c:2186
2186 x = a * d + c * b; /* AD + CB */
(gdb) print a
$1 = 65535
(gdb) print d
$2 = 38536
(gdb) print c
$3 = 65535
(gdb) print b
$4 = 3153
(gdb) bt
#0 0x00007ffff7ae02b7 in png_64bit_product (v1=-34000, v2=-27000,
hi_product=0x7fffffffc6a0, lo_product=0x7fffffffc698)
at /home/jbowler/src/libpng/libpng15/code/png.c:2186
#1 0x00007ffff7ae0138 in png_check_cHRM_fixed (png_ptr=0x60b880,
white_x=31270, white_y=32900, red_x=64000, red_y=33000, green_x=30000,
green_y=60000, blue_x=15000, blue_y=6000)
at /home/jbowler/src/libpng/libpng15/code/png.c:836
#2 0x00007ffff7b8323b in png_set_cHRM_fixed (png_ptr=0x60b880,
info_ptr=0x611de0, white_x=31270, white_y=32900, red_x=64000, red_y=33000,
green_x=30000, green_y=60000, blue_x=15000, blue_y=6000)
at /home/jbowler/src/libpng/libpng15/code/pngset.c:105
#3 0x00007ffff7b89117 in png_set_sRGB_gAMA_and_cHRM (png_ptr=0x60b880,
info_ptr=0x611de0, srgb_intent=1)
at /home/jbowler/src/libpng/libpng15/code/pngset.c:662
#4 0x00007ffff7b64fbc in png_handle_sRGB (png_ptr=0x60b880,
info_ptr=0x611de0, length=1)
at /home/jbowler/src/libpng/libpng15/code/pngrutil.c:1256
#5 0x00007ffff7b09e77 in png_read_info (png_ptr=0x60b880, info_ptr=0x611de0)
at /home/jbowler/src/libpng/libpng15/code/pngread.c:295
#6 0x0000000000403903 in test_one_file (
inname=0x7fffffffdba7 "../../code/pngtest.png",
outname=0x408558 "pngout.png")
at /home/jbowler/src/libpng/libpng15/code/pngtest.c:1061
#7 0x00000000004030e6 in main (argc=3, argv=0x7fffffffd708)
at /home/jbowler/src/libpng/libpng15/code/pngtest.c:1969

Here's the full make.out showing all the options and the actual output from the failing test scripts:

make.out.txt

Loading anyway malformed image when possible

Hi!

We got a bug report in GIMP about PNGs which don't load well in GIMP: https://bugzilla.gnome.org/show_bug.cgi?id=776944
Loading the file available in the report outputs "IDAT: invalid distance too far back" and the image is only partially loaded.

If the image has some broken data, so it's ok to output warnings. But apparently there is still enough information to load fully the image and it has been reported that the images can even be fixed with command line tools such as optipng or pngcrush.

It would be much better than libpng allows to fully load the image while still outputting relevant warnings.

Reporting LIBPNG Security Issues

If you need to report a security issue (vulnerability) in libpng, please report it by email to
[email protected].

pgp info:
pub 4096R/A16C640F 2013-05-31 [expires: 2018-06-04]
uid Glenn Randers-Pehrson (libpng) [email protected]

how to updata libpng?

dear sir:
when i run caffe, I met the following error, i think is libpng version too low, but when i download
libpng 1.6.22 and compile the source, caffe still use libpng-1.2.50, so how to update libpng-1.6.22?

libpng warning: Application built with libpng-1.2.50 but running with 1.6.22
E0724 20:06:51.113085 28969 io.cpp:653] Could not decode datum
OpenCV Error: Unknown error code -10 (Raw image encoder error: Empty JPEG image (DNL not supported)) in throwOnEror, file /home/td/opencv-2.4.9/modules/highgui/src/grfmt_base.cpp, line 131

Potential arithmetic overflows in libpng16 branch

Below are warnings from VS 2015 static analyzer.

To fix, for example:

(png_size_t)(row_width << 3) can overflow, while

((png_size_t)row_width << 3) will not overflow.

 \libpng\pngrtran.c(4305): warning C6297: Arithmetic overflow:  32-bit value is shifted, then cast to 64-bit value.  Results might not be an expected value.
\libpng\pngrtran.c(4466): warning C6297: Arithmetic overflow:  32-bit value is shifted, then cast to 64-bit value.  Results might not be an expected value.
\libpng\pngrtran.c(4522): warning C6297: Arithmetic overflow:  32-bit value is shifted, then cast to 64-bit value.  Results might not be an expected value.
\libpng\pngrtran.c(4545): warning C6297: Arithmetic overflow:  32-bit value is shifted, then cast to 64-bit value.  Results might not be an expected value.

pngfix: contrib/tools/pngfix.c:323: uarb_mult32: Assertion `a_digits > 0' failed.

I just compiled libpng from git source and am fuzzing pngfix with American Fuzzy Lop and I came across a "png" (https://dl.dropboxusercontent.com/u/6088006/libpng/test00.png) that causes an assertion failure.

~/libpng/pngfix --strip=all test00.png
pngfix: contrib/tools/pngfix.c:323: uarb_mult32: Assertion `a_digits > 0' failed.
Aborted

Starting program: /home/geeknik/libpng/pngfix --strip=all test00.png
pngfix: contrib/tools/pngfix.c:323: uarb_mult32: Assertion `a_digits > 0' failed.

Program received signal SIGABRT, Aborted.
0x00007ffff754c107 in __GI_raise (sig=sig@entry=6)
    at ../nptl/sysdeps/unix/sysv/linux/raise.c:56
56  ../nptl/sysdeps/unix/sysv/linux/raise.c: No such file or directory.
(gdb) bt
#0  0x00007ffff754c107 in __GI_raise (sig=sig@entry=6)
    at ../nptl/sysdeps/unix/sysv/linux/raise.c:56
#1  0x00007ffff754d4e8 in __GI_abort () at abort.c:89
#2  0x00007ffff7545226 in __assert_fail_base (
    fmt=0x7ffff767bce8 "%s%s%s:%u: %s%sAssertion `%s' failed.\n%n", 
    assertion=assertion@entry=0x52cde0 "a_digits > 0", 
    file=file@entry=0x52cdae "contrib/tools/pngfix.c", line=line@entry=323, 
    function=function@entry=0x52dcd2 <__PRETTY_FUNCTION__.5982> "uarb_mult32")
    at assert.c:92
#3  0x00007ffff75452d2 in __GI___assert_fail (
    assertion=assertion@entry=0x52cde0 "a_digits > 0", 
    file=file@entry=0x52cdae "contrib/tools/pngfix.c", line=line@entry=323, 
    function=function@entry=0x52dcd2 <__PRETTY_FUNCTION__.5982> "uarb_mult32")
    at assert.c:101
#4  0x0000000000409441 in uarb_mult32 (acc=<optimized out>, 
    a_digits=<optimized out>, num=<optimized out>, n_digits=<optimized out>, 
    val=<optimized out>) at contrib/tools/pngfix.c:323
#5  0x00000000004179fb in calc_image_size (file=0x7fffffffd040)
    at contrib/tools/pngfix.c:1500
#6  process_chunk (file=file@entry=0x7fffffffd040, file_crc=<optimized out>, 
    next_length=<optimized out>, next_type=<optimized out>)
    at contrib/tools/pngfix.c:2904
#7  0x000000000041a4be in sync_stream (file=<optimized out>)
    at contrib/tools/pngfix.c:3039
---Type <return> to continue, or q <return> to quit---
#8  read_chunk (file=file@entry=0x7fffffffd040) at contrib/tools/pngfix.c:3162
#9  0x000000000041bd98 in read_callback (png_ptr=0x73c250, 
    buffer=0x7fffffffcee0 "\340\317\377\377\377\177", count=8)
    at contrib/tools/pngfix.c:3283
#10 0x00000000004c8338 in png_read_chunk_header (
    png_ptr=png_ptr@entry=0x73c250) at pngrutil.c:168
#11 0x000000000045ca68 in png_read_info (png_ptr=0x73c250, info_ptr=0x73c740)
    at pngread.c:108
#12 0x0000000000474019 in png_read_info (png_ptr=<optimized out>, 
    info_ptr=<optimized out>) at pngread.c:254
#13 0x0000000000401bed in read_png (control=0x7fffffffd040)
    at contrib/tools/pngfix.c:3618
#14 0x0000000000404449 in one_file (out_name=<optimized out>, 
    file_name=<optimized out>, global=<optimized out>)
    at contrib/tools/pngfix.c:3666
#15 main (argc=1, argv=0x7fffffffe368) at contrib/tools/pngfix.c:4008
(gdb) i r
rax            0x0  0
rbx            0x7ffff7ff4000   140737354088448
rcx            0xffffffffffffffff   -1
rdx            0x6  6
rsi            0x136b0  79536
rdi            0x136b0  79536
rbp            0x7ffff767bce8   0x7ffff767bce8
rsp            0x7fffffffcbc8   0x7fffffffcbc8
r8             0xfefefefefefefe00   -72340172838076928
r9             0x73c8a0 7588000
r10            0x8  8
r11            0x246    582
r12            0x52cde0 5426656
r13            0x52dcd2 5430482
r14            0x3  3
r15            0x4  4
rip            0x7ffff754c107   0x7ffff754c107 <__GI_raise+55>
eflags         0x246    [ PF ZF IF ]
cs             0x33 51
ss             0x2b 43
ds             0x0  0
es             0x0  0
fs             0x0  0
gs             0x0  0

Master Changelog is incomplete

CHANGES.txt

The CHANGES file on the master branch is missing changes from previous revisions. For Example, the last 20 or so changes for each of the libpng15, libpng14, libpng12, and libpng10 are missing in the master file. Shouldn't they all be there?

I've attached a corrected version of the CHANGES file with all the version listed in sequence.

Apple clang 8.1.0 warnings

After this week's toolchain updates, the following, mostly -Wcomma warnings appeared. Also included some existing const stripping warnings. This is so when building libpng with -Weverything option, I haven't tested with other warning levels. Anyhow some of these may be useful information.

png.c:2835:16: warning: possible misuse of comma operator here [-Wcomma]
      recip = 1, power = -power;
               ^
png.c:2835:7: note: cast expression to void to silence warning
      recip = 1, power = -power;
      ^~~~~~~~~
      (void)(  )
png.c:2913:25: warning: possible misuse of comma operator here [-Wcomma]
               ++exp_b10, base = test;
                        ^
png.c:2913:16: note: cast expression to void to silence warning
               ++exp_b10, base = test;
               ^~~~~~~~~
               (void)(  )
png.c:2927:34: warning: possible misuse of comma operator here [-Wcomma]
         while (fp >= 1) fp /= 10, ++exp_b10;
                                 ^
png.c:2927:26: note: cast expression to void to silence warning
         while (fp >= 1) fp /= 10, ++exp_b10;
                         ^~~~~~~~
                         (void)( )
png.c:2978:32: warning: possible misuse of comma operator here [-Wcomma]
                        --czero, d = 1;
                               ^
png.c:2978:25: note: cast expression to void to silence warning
                        --czero, d = 1;
                        ^~~~~~~
                        (void)()
png.c:2992:44: warning: possible misuse of comma operator here [-Wcomma]
                              ch = *--ascii, ++size;
                                           ^
png.c:2992:31: note: cast expression to void to silence warning
                              ch = *--ascii, ++size;
                              ^~~~~~~~~~~~~
                              (void)(      )
png.c:3019:40: warning: possible misuse of comma operator here [-Wcomma]
                                 ++size, exp_b10 = 1;
                                       ^
png.c:3019:34: note: cast expression to void to silence warning
                                 ++size, exp_b10 = 1;
                                 ^~~~~~
                                 (void)( )
png.c:3055:56: warning: possible misuse of comma operator here [-Wcomma]
                        if (exp_b10 == 0) *ascii++ = 46, --size;
                                                       ^
png.c:3055:43: note: cast expression to void to silence warning
                        if (exp_b10 == 0) *ascii++ = 46, --size;
                                          ^~~~~~~~~~~~~
                                          (void)(      )
png.c:3059:35: warning: possible misuse of comma operator here [-Wcomma]
                     *ascii++ = 48, --czero;
                                  ^
png.c:3059:22: note: cast expression to void to silence warning
                     *ascii++ = 48, --czero;
                     ^~~~~~~~~~~~~
                     (void)(      )
png.c:3065:38: warning: possible misuse of comma operator here [-Wcomma]
                        *ascii++ = 46, --size; /* counted above */
                                     ^
png.c:3065:25: note: cast expression to void to silence warning
                        *ascii++ = 46, --size; /* counted above */
                        ^~~~~~~~~~~~~
                        (void)(      )
png.c:3069:49: warning: possible misuse of comma operator here [-Wcomma]
                  *ascii++ = (char)(48 + (int)d), ++cdigits;
                                                ^
png.c:3069:19: note: cast expression to void to silence warning
                  *ascii++ = (char)(48 + (int)d), ++cdigits;
                  ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                  (void)(                       )
png.c:3110:26: warning: possible misuse of comma operator here [-Wcomma]
            *ascii++ = 69, --size;    /* 'E': PLUS 1 TOTAL 2+precision */
                         ^
png.c:3110:13: note: cast expression to void to silence warning
            *ascii++ = 69, --size;    /* 'E': PLUS 1 TOTAL 2+precision */
            ^~~~~~~~~~~~~
            (void)(      )
png.c:3121:32: warning: possible misuse of comma operator here [-Wcomma]
                  *ascii++ = 45, --size; /* '-': PLUS 1 TOTAL 3+precision */
                               ^
png.c:3121:19: note: cast expression to void to silence warning
                  *ascii++ = 45, --size; /* '-': PLUS 1 TOTAL 3+precision */
                  ^~~~~~~~~~~~~
                  (void)(      )
png.c:3188:23: warning: possible misuse of comma operator here [-Wcomma]
         *ascii++ = 45, num = (png_uint_32)(-fp);
                      ^
png.c:3188:10: note: cast expression to void to silence warning
         *ascii++ = 45, num = (png_uint_32)(-fp);
         ^~~~~~~~~~~~~
         (void)(      )
png.c:3226:49: warning: possible misuse of comma operator here [-Wcomma]
               while (ndigits < i) *ascii++ = 48, --i;
                                                ^
png.c:3226:36: note: cast expression to void to silence warning
               while (ndigits < i) *ascii++ = 48, --i;
                                   ^~~~~~~~~~~~~
                                   (void)(      )
14 warnings generated.
pngerror.c:83:30: warning: cast from 'const struct png_struct_def *' to 'struct png_struct_def *restrict' drops const qualifier [-Wcast-qual]
      (*(png_ptr->error_fn))(png_constcast(png_structrp,png_ptr),
                             ^
pngpriv.h:469:45: note: expanded from macro 'png_constcast'
#  define png_constcast(type, value) ((type)(value))
                                            ^
pngerror.c:235:32: warning: cast from 'const struct png_struct_def *' to 'struct png_struct_def *restrict' drops const qualifier [-Wcast-qual]
      (*(png_ptr->warning_fn))(png_constcast(png_structrp,png_ptr),
                               ^
pngpriv.h:469:45: note: expanded from macro 'png_constcast'
#  define png_constcast(type, value) ((type)(value))
                                            ^
2 warnings generated.
pngmem.c:91:36: warning: cast from 'const struct png_struct_def *' to 'struct png_struct_def *restrict' drops const qualifier [-Wcast-qual]
         return png_ptr->malloc_fn(png_constcast(png_structrp,png_ptr), size);
                                   ^
pngpriv.h:469:45: note: expanded from macro 'png_constcast'
#  define png_constcast(type, value) ((type)(value))
                                            ^
pngmem.c:239:24: warning: cast from 'const struct png_struct_def *' to 'struct png_struct_def *restrict' drops const qualifier [-Wcast-qual]
      png_ptr->free_fn(png_constcast(png_structrp,png_ptr), ptr);
                       ^
pngpriv.h:469:45: note: expanded from macro 'png_constcast'
#  define png_constcast(type, value) ((type)(value))
                                            ^
2 warnings generated.
pngrtran.c:4604:33: warning: possible misuse of comma operator here [-Wcomma]
         dp[-2] = dp[-1] = *--sp, dp -= 2;
                                ^
pngrtran.c:4604:10: note: cast expression to void to silence warning
         dp[-2] = dp[-1] = *--sp, dp -= 2;
         ^~~~~~~~~~~~~~~~~~~~~~~
         (void)(                )
1 warning generated.
pngrutil.c:3380:32: warning: possible misuse of comma operator here [-Wcomma]
                  dp[0] = sp[0], dp[1] = sp[1];
                               ^
pngrutil.c:3380:19: note: cast expression to void to silence warning
                  dp[0] = sp[0], dp[1] = sp[1];
                  ^~~~~~~~~~~~~
                  (void)(      )
pngrutil.c:3401:32: warning: possible misuse of comma operator here [-Wcomma]
                  dp[0] = sp[0], dp[1] = sp[1], dp[2] = sp[2];
                               ^
pngrutil.c:3401:19: note: cast expression to void to silence warning
                  dp[0] = sp[0], dp[1] = sp[1], dp[2] = sp[2];
                  ^~~~~~~~~~~~~
                  (void)(      )
pngrutil.c:3401:47: warning: possible misuse of comma operator here [-Wcomma]
                  dp[0] = sp[0], dp[1] = sp[1], dp[2] = sp[2];
                                              ^
pngrutil.c:3401:34: note: cast expression to void to silence warning
                  dp[0] = sp[0], dp[1] = sp[1], dp[2] = sp[2];
                                 ^~~~~~~~~~~~~
                                 (void)(      )
pngrutil.c:3890:27: warning: possible misuse of comma operator here [-Wcomma]
      if (pb < pa) pa = pb, a = b;
                          ^
pngrutil.c:3890:20: note: cast expression to void to silence warning
      if (pb < pa) pa = pb, a = b;
                   ^~~~~~~
                   (void)()
pngrutil.c:3942:27: warning: possible misuse of comma operator here [-Wcomma]
      if (pb < pa) pa = pb, a = b;
                          ^
pngrutil.c:3942:20: note: cast expression to void to silence warning
      if (pb < pa) pa = pb, a = b;
                   ^~~~~~~
                   (void)()
5 warnings generated.
pngset.c:1106:20: warning: possible misuse of comma operator here [-Wcomma]
   while (++entries, --nentries);
                   ^
pngset.c:1106:11: note: cast expression to void to silence warning
   while (++entries, --nentries);
          ^~~~~~~~~
          (void)(  )
pngset.c:1699:25: warning: possible misuse of comma operator here [-Wcomma]
         *new_key++ = ch, ++key_len, space = 0;
                        ^
pngset.c:1699:10: note: cast expression to void to silence warning
         *new_key++ = ch, ++key_len, space = 0;
         ^~~~~~~~~~~~~~~
         (void)(        )
pngset.c:1699:36: warning: possible misuse of comma operator here [-Wcomma]
         *new_key++ = ch, ++key_len, space = 0;
                                   ^
pngset.c:1699:27: note: cast expression to void to silence warning
         *new_key++ = ch, ++key_len, space = 0;
                          ^~~~~~~~~
                          (void)(  )
pngset.c:1706:25: warning: possible misuse of comma operator here [-Wcomma]
         *new_key++ = 32, ++key_len, space = 1;
                        ^
pngset.c:1706:10: note: cast expression to void to silence warning
         *new_key++ = 32, ++key_len, space = 1;
         ^~~~~~~~~~~~~~~
         (void)(        )
pngset.c:1706:36: warning: possible misuse of comma operator here [-Wcomma]
         *new_key++ = 32, ++key_len, space = 1;
                                   ^
pngset.c:1706:27: note: cast expression to void to silence warning
         *new_key++ = 32, ++key_len, space = 1;
                          ^~~~~~~~~
                          (void)(  )
pngset.c:1719:16: warning: possible misuse of comma operator here [-Wcomma]
      --key_len, --new_key;
               ^
pngset.c:1719:7: note: cast expression to void to silence warning
      --key_len, --new_key;
      ^~~~~~~~~
      (void)(  )
6 warnings generated.
pngtrans.c:517:20: warning: possible misuse of comma operator here [-Wcomma]
            sp += 2, ++dp;
                   ^
pngtrans.c:517:13: note: cast expression to void to silence warning
            sp += 2, ++dp;
            ^~~~~~~
            (void)()
pngtrans.c:521:24: warning: possible misuse of comma operator here [-Wcomma]
            *dp++ = *sp, sp += 2;
                       ^
pngtrans.c:521:13: note: cast expression to void to silence warning
            *dp++ = *sp, sp += 2;
            ^~~~~~~~~~~
            (void)(    )
pngtrans.c:531:20: warning: possible misuse of comma operator here [-Wcomma]
            sp += 4, dp += 2;
                   ^
pngtrans.c:531:13: note: cast expression to void to silence warning
            sp += 4, dp += 2;
            ^~~~~~~
            (void)()
pngtrans.c:534:26: warning: possible misuse of comma operator here [-Wcomma]
            *dp++ = *sp++, *dp++ = *sp, sp += 3;
                         ^
pngtrans.c:534:13: note: cast expression to void to silence warning
            *dp++ = *sp++, *dp++ = *sp, sp += 3;
            ^~~~~~~~~~~~~
            (void)(      )
pngtrans.c:534:39: warning: possible misuse of comma operator here [-Wcomma]
            *dp++ = *sp++, *dp++ = *sp, sp += 3;
                                      ^
pngtrans.c:534:28: note: cast expression to void to silence warning
            *dp++ = *sp++, *dp++ = *sp, sp += 3;
                           ^~~~~~~~~~~
                           (void)(    )
pngtrans.c:557:20: warning: possible misuse of comma operator here [-Wcomma]
            sp += 4, dp += 3;
                   ^
pngtrans.c:557:13: note: cast expression to void to silence warning
            sp += 4, dp += 3;
            ^~~~~~~
            (void)()
pngtrans.c:561:26: warning: possible misuse of comma operator here [-Wcomma]
            *dp++ = *sp++, *dp++ = *sp++, *dp++ = *sp, sp += 2;
                         ^
pngtrans.c:561:13: note: cast expression to void to silence warning
            *dp++ = *sp++, *dp++ = *sp++, *dp++ = *sp, sp += 2;
            ^~~~~~~~~~~~~
            (void)(      )
pngtrans.c:561:41: warning: possible misuse of comma operator here [-Wcomma]
            *dp++ = *sp++, *dp++ = *sp++, *dp++ = *sp, sp += 2;
                                        ^
pngtrans.c:561:28: note: cast expression to void to silence warning
            *dp++ = *sp++, *dp++ = *sp++, *dp++ = *sp, sp += 2;
                           ^~~~~~~~~~~~~
                           (void)(      )
pngtrans.c:561:54: warning: possible misuse of comma operator here [-Wcomma]
            *dp++ = *sp++, *dp++ = *sp++, *dp++ = *sp, sp += 2;
                                                     ^
pngtrans.c:561:43: note: cast expression to void to silence warning
            *dp++ = *sp++, *dp++ = *sp++, *dp++ = *sp, sp += 2;
                                          ^~~~~~~~~~~
                                          (void)(    )
pngtrans.c:571:20: warning: possible misuse of comma operator here [-Wcomma]
            sp += 8, dp += 6;
                   ^
pngtrans.c:571:13: note: cast expression to void to silence warning
            sp += 8, dp += 6;
            ^~~~~~~
            (void)()
pngtrans.c:576:26: warning: possible misuse of comma operator here [-Wcomma]
            *dp++ = *sp++, *dp++ = *sp++;
                         ^
pngtrans.c:576:13: note: cast expression to void to silence warning
            *dp++ = *sp++, *dp++ = *sp++;
            ^~~~~~~~~~~~~
            (void)(      )
pngtrans.c:577:26: warning: possible misuse of comma operator here [-Wcomma]
            *dp++ = *sp++, *dp++ = *sp++;
                         ^
pngtrans.c:577:13: note: cast expression to void to silence warning
            *dp++ = *sp++, *dp++ = *sp++;
            ^~~~~~~~~~~~~
            (void)(      )
pngtrans.c:578:26: warning: possible misuse of comma operator here [-Wcomma]
            *dp++ = *sp++, *dp++ = *sp, sp += 3;
                         ^
pngtrans.c:578:13: note: cast expression to void to silence warning
            *dp++ = *sp++, *dp++ = *sp, sp += 3;
            ^~~~~~~~~~~~~
            (void)(      )
pngtrans.c:578:39: warning: possible misuse of comma operator here [-Wcomma]
            *dp++ = *sp++, *dp++ = *sp, sp += 3;
                                      ^
pngtrans.c:578:28: note: cast expression to void to silence warning
            *dp++ = *sp++, *dp++ = *sp, sp += 3;
                           ^~~~~~~~~~~
                           (void)(    )
14 warnings generated.
pngwio.c:37:44: warning: cast from 'const unsigned char *' to 'unsigned char *' drops const qualifier [-Wcast-qual]
      (*(png_ptr->write_data_fn))(png_ptr, png_constcast(png_bytep,data),
                                           ^
pngpriv.h:469:45: note: expanded from macro 'png_constcast'
#  define png_constcast(type, value) ((type)(value))
                                            ^
1 warning generated.

Branch situation

Hello.

I don't understand how development works for this repository.

It looks like you are building tar files and then... using those to make commits?

Where is the right place to make commits?

Are you interested in re-structuring the development process?

Minor finding from static analysis

File pngrutil.c in libpng16 branch, lines
3422: if (png_isaligned(dp, png_uint_32) != 0 &&
3423: png_isaligned(sp, png_uint_32) != 0 &&
Comparison to zero is not needed, because macro png_isaligned() already gives boolean value (as in lines 3413 and 3414).

IDAT: invalid distance too far back in recent 1.6 versions

Here is an attached PNG file which was loading properly at least with 1.6.18 version. Recent versions (including 1.6.23) return this error.

test.png.zip

install error

Dear sir,

I have install zlib first,but I install The libpng in my win64 with mingw32+cmake+vs2015.but I found the error as follow.what I can do?
I will very appreciate wo receive your reply.

CMake Error at C:/Program Files/CMake/share/cmake-3.8/Modules/FindPackageHandleStandardArgs.cmake:137 (message):
Could NOT find ZLIB (missing: ZLIB_LIBRARY ZLIB_INCLUDE_DIR)
Call Stack (most recent call first):
C:/Program Files/CMake/share/cmake-3.8/Modules/FindPackageHandleStandardArgs.cmake:377 (_FPHSA_FAILURE_MESSAGE)
C:/Program Files/CMake/share/cmake-3.8/Modules/FindZLIB.cmake:112 (FIND_PACKAGE_HANDLE_STANDARD_ARGS)
CMakeLists.txt:52 (find_package)

Configuring incomplete, errors occurred!
See also "D:/Program Files (x86)/some_lib/mingw64-libpng/CMakeFiles/CMakeOutput.log".

Missing zlib dependency

Adding "Requires: zlib" to libpng.pc.in like in the patch below solved compilation issues...

diff -ru libpng-1.6.29.original/libpng.pc.in libpng-1.6.29.patched/libpng.pc.in
--- libpng-1.6.29.original/libpng.pc.in 2017-03-16 13:21:02.000000000 +0100
+++ libpng-1.6.29.patched/libpng.pc.in 2017-06-29 11:04:17.000000000 +0200
@@ -6,6 +6,7 @@
Name: libpng
Description: Loads and saves PNG files
Version: @PNGLIB_VERSION@
+Requires: zlib
Libs: -L${libdir} -lpng@PNGLIB_MAJOR@@PNGLIB_MINOR@
Libs.private: @libs@
Cflags: -I${includedir}

pngrutil.c:429:16: 'inflateValidate' is only available on macOS 10.13 or newer

See the png_inflate_claim method inside pngrutil.c

What would be a good work-around for applications targeting pre < macos 10.13 ?

Is it safe for me to just undefine PNG_SET_OPTION_SUPPORTED ?

No tag for 1.6.34

pngfix freeze

Hello,

after a fuzzing on pngfix, there was some images that freeze it. It goes on standby and do nothing.

There aren't memory curruptions or something similar. I'm attaching a zip with the content.

To reproduce: pngfix $FILE
Tested on 1.6.24
hangs.zip

Possibly unnecessary condition check

File pngrutil.c, line 740:
if (ret == Z_STREAM_END)
Either if-then-else structure around this line should be reconsidered or the check could be omitted.

Borland C++ 5.5.1/5.82 warnings

Build configuration: -DPNG_NO_STDIO, -DUNICODE and disabled PNG_CONSOLE_IO_SUPPORTED, PNG_CONVERT_tIME_SUPPORTED

Warning W8004 png.c 724: 'pos' is assigned a value that is never used in function png_convert_to_rfc1123_buffer
Warning W8012 png.c 2279: Comparing signed and unsigned values in function png_compare_ICC_profile_with_sRGB
Warning W8004 png.c 3146: 'size' is assigned a value that is never used in function png_ascii_from_fixed
Warning W8008 pngmem.c 80: Condition is always true in function png_malloc_base
Warning W8004 pngpread.c 593: 'old_buffer' is assigned a value that is never used in function png_push_save_buffer
Warning W8012 pngrtran.c 4463: Comparing signed and unsigned values in function png_do_expand
Warning W8012 pngrtran.c 4481: Comparing signed and unsigned values in function png_do_expand
Warning W8004 pngrutil.c 673: 'text' is assigned a value that is never used in function png_decompress_chunk
Warning W8012 pngrutil.c 1820: Comparing signed and unsigned values in function png_handle_tRNS
Warning W8012 pngrutil.c 1983: Comparing signed and unsigned values in function png_handle_hIST
Warning W8004 pngset.c 676: 'new_iccp_name' is assigned a value that is never used in function png_set_iCCP
Warning W8008 pngset.c 1525: Condition is always false in function png_set_compression_buffer_size
Warning W8066 pngset.c 1527: Unreachable code in function png_set_compression_buffer_size
Warning W8084 pngtrans.c 707: Suggest parentheses to clarify precedence in function png_do_check_palette_indexes
Warning W8004 pngwtran.c 487: 'dp' is assigned a value that is never used in function png_do_write_invert_alpha
Warning W8004 pngwtran.c 449: 'dp' is assigned a value that is never used in function png_do_write_invert_alpha
Warning W8004 pngwtran.c 425: 'dp' is assigned a value that is never used in function png_do_write_invert_alpha

png_get_io_ptr error png_ptr

Hi,

I'm currently using the following to write a PNG to a memory buffer,

and I checked this link https://stackoverflow.com/a/1823604/3304719

implemented the same
I will give the snippet of my code

struct mem_encode
{
char buffer;
size_t size;
};
void user_write_data(png_structp png_ptr, png_bytep data, png_size_t length) {
struct mem_encode p = (struct mem_encode*)png_get_io_ptr(png_ptr); // here png_ptr something is wrong
size_t nsize = p->size + length;
if (p->buffer)
p->buffer == realloc(p->buffer, nsize);
else
p->buffer == malloc(nsize);
if (!p->buffer)
png_error(png_ptr, "Write Error");
memcpy(p->buffer + p->size, data, length);
p->size += length;
}
void user_flush_data(png_structp png_ptr) {
}

BOOL GeneratePNG(mem_encode& state, const long lWidth, const long lHeight, const long lDepth, BYTE* pucImageData)
{
BOOL bSave = FALSE; //i will flag this in saving and freeing of png_ptr
//bla bla here info_ptrpng_set_IHDR, row_pointers these code

png_set_rows(png_ptr, info_ptr, row_pointers);
png_set_write_fn(png_ptr, &state, user_write_data, user_flush_data);// If we'r not using IO operation
png_write_png(png_ptr, info_ptr, PNG_TRANSFORM_IDENTITY, NULL);

return bSave;
}
int main ()
{
//something to output
}

and my png lib version is 1.6.34

Please consider to replace zlib to 50% faster libdeflate

Preformance comparision can be obtained from this report http://www.htslib.org/benchmarks/zlib.html

PowerPC Power8 VSX SIMD optimized filter functions

Implement SIMD vector support for Power8 VSX SIMD equivalent to libpng support for SIMD optimizations for Intel SSE, ARM Neon, and MIPS MSA. Achieve speedup appropriate for PowerPC VSX vector width and processor pipeline.

what is the problem with this png image

i am using OpenCV and tried to use latest version of libpng in OpenCV. i can't open the image above when i use newer versions of libpng than 1.6.25

error message libpng error: IDAT: invalid distance too far back
my OS is windows 10 64bit

Type casts for allocation size in pngrtran.c

There are a few calls of png_malloc and png_calloc in module pngtran.c, where the second parameter (allocation size) is cast to png_uint_32 - possibly for historic reasons.
But declaration defines second parameter as memsize type (png_alloc_size_t).
Therefore these casts are mostly unnecessary and could be incorrect in 64-bit mode.

Using pointer before checking for NULL

File pngrutil.c, line 674:
memset(text, 0, buffer_size);
It should be moved down after the check at line 676.

Undefined behaviour in pngrutil.c

Line 423 in libpng16 pngrutil.c is
if (((png_ptr->options >> PNG_IGNORE_ADLER32) & 3) == PNG_OPTION_ON)

png_ptr->options is png_byte and has 8 bits
PNG_IGNORE_ADLER32 equals 8
C/C++ standards claim that shift by the number of available bits (or more) is an undefined behaviour.

Generated libtool is bugged

Had to manually change the libtool directory to /usr/bin/libtool for libpng to compile correctly.

Ubuntu 16.04, mate DE

The error it gives is

./libtool: eval: line 7967: unexpected EOF while looking for matching `''
./libtool: eval: line 7968: syntax error: unexpected end of file
Makefile:891: recipe for target 'libpng16.la' failed
make[1]: *** [libpng16.la] Error 2

Not building on OSX...

At top of tree, CMAKE_OSX_ARCHITECTURES is now resolving to an empty string, yielding a bad clang line as you can see below. The error occurs with both a make generator and the Xcode generator.

I checked out from 830608b, and things build fine from that commit.

-- Build files have been written to: /Users/dp/Projects/stage/prereq/libpng/build
Scanning dependencies of target genfiles
Scanning dependencies of target png-fix-itxt
[ 1%] Generating pnglibconf.c
[ 4%] Generating pngprefix.h
[ 4%] Generating scripts/pnglibconf.c
[ 5%] Building C object CMakeFiles/png-fix-itxt.dir/contrib/tools/png-fix-itxt.c.o
[ 7%] Generating scripts/symbols.out
[ 8%] Linking C executable png-fix-itxt
clang: error: invalid arch name '-arch -isysroot'
clang: warning: /Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.12.sdk: 'linker' input unused
CMake Error at scripts/genout.cmake:73 (message):
Failed to generate
/Users/dp/Projects/stage/prereq/libpng/build/scripts/symbols.out.tf1

unable to compile >=1.6.28 on OSX 10.12

cc -dynamiclib \
	 -install_name /usr/local/lib/libpng16.16.dylib \
	 -current_version 16 -compatibility_version 16 \
	 -o libpng16.16.dylib \
	 png.pic.o pngset.pic.o pngget.pic.o pngrutil.pic.o pngtrans.pic.o pngwutil.pic.o pngread.pic.o pngrio.pic.o pngwio.pic.o pngwrite.pic.o pngrtran.pic.o pngwtran.pic.o pngmem.pic.o pngerror.pic.o pngpread.pic.o -L/usr/lib -lz
Undefined symbols for architecture x86_64:
  "_inflateValidate", referenced from:
      _png_inflate_claim in pngrutil.pic.o
ld: symbol(s) not found for architecture x86_64
clang: error: linker command failed with exit code 1 (use -v to see invocation)
make: *** [libpng16.16.dylib] Error 1

CMake build failing when cross compiling to Android NDK

On master, I am not able to build on Android. Here is the error I get:

-- [1/64] Generating pngprefix.h
[2/64] Generating scripts/symbols.out
FAILED: scripts/symbols.out
cmd.exe /C "cd /D E:\code\frontend\android_release\third_party\build\libpng && "E:\Program Files\CMake\bin\cmake.exe" -DINPUT=E:/code/frontend/source/Core/ThirdParty/libpng/source/scripts/symbols.c -DOUTPUT=E:/code/frontend/android_release/third_party/build/libpng/scripts/symbols.out -P E:/code/frontend/android_release/third_party/build/libpng/scripts/genout.cmake"
clang.exe: warning: argument unused during compilation: '-mfloat-abi=softfp' [-Wunused-command-line-argument]
clang.exe: warning: argument unused during compilation: '-mfpu=vfpv3-d16' [-Wunused-command-line-argument]
clang.exe: warning: argument unused during compilation: '-mthumb' [-Wunused-command-line-argument]
clang.exe: warning: argument unused during compilation: '-Wa,--noexecstack' [-Wunused-command-line-argument]
error: unknown target CPU 'armv7-a'
CMake Error at scripts/genout.cmake:78 (message):
  Failed to generate
  E:/code/frontend/android_release/third_party/build/libpng/scripts/symbols.out.tf1

I'm targetting armeabi-v7a using clang compiler. My NDK is r15b. I'm using the toolchain file provided by the NDK itself.

@glennrp Please let me know if this is an issue in your CMake scripts. If so, I am happy to help contribute any changes needed. I'm not sure what the problem is at this point.

UBsan unsigned overflow reports [informational]

clang 3.8.1 with -fsanitize=unsigned-integer-overflow identifies the following 21 cases where overflow happens with libpng 1.6.26beta02. This includes 10 cases in libpng itself which could be serious bugs if ISO-C did not define the behavior of unsigned overflow. This is informational: ISO-C defines unsigned overflow completely and in the libpng cases there are two reasons:

while (i-- > 0)
Where 'i' is unsigned is illegal in a language where unsigned overflow (underflow in this case) is not permitted. There are six cases of things like this.
Modular arithmetic: only one instance is detected by 'make check', but it probably happens in other cases as well.

As well as the list below the 107 separate reports are in a fill I will attach.

contrib/libtests/pngunknown.c:481:19: runtime error: unsigned integer overflow: 0 - 1 cannot be represented in type 'png_uint_32' (aka 'unsigned int')
contrib/libtests/pngvalid.c:11275:20: runtime error: unsigned integer overflow: 1008250423 * 8 cannot be represented in type 'unsigned int'
contrib/libtests/pngvalid.c:11276:20: runtime error: unsigned integer overflow: 1008250423 * 8 cannot be represented in type 'unsigned int'
contrib/libtests/pngvalid.c:11277:20: runtime error: unsigned integer overflow: 1008250423 * 8 cannot be represented in type 'unsigned int'
contrib/libtests/pngvalid.c:11278:20: runtime error: unsigned integer overflow: 1143599688 * 4 cannot be represented in type 'unsigned int'
contrib/libtests/pngvalid.c:11279:20: runtime error: unsigned integer overflow: 1143599688 * 4 cannot be represented in type 'unsigned int'
contrib/libtests/pngvalid.c:11294:20: runtime error: unsigned integer overflow: 1008250423 * 8 cannot be represented in type 'unsigned int'
contrib/libtests/pngvalid.c:11295:20: runtime error: unsigned integer overflow: 1008250423 * 8 cannot be represented in type 'unsigned int'
contrib/libtests/pngvalid.c:11296:20: runtime error: unsigned integer overflow: 1143599688 * 4 cannot be represented in type 'unsigned int'
contrib/libtests/pngvalid.c:11297:20: runtime error: unsigned integer overflow: 1143599688 * 4 cannot be represented in type 'unsigned int'
contrib/libtests/pngvalid.c:1245:18: runtime error: unsigned integer overflow: 0 - 1 cannot be represented in type 'png_uint_32' (aka 'unsigned int')
pngread.c:3234:18: runtime error: unsigned integer overflow: 0 - 1 cannot be represented in type 'png_uint_32' (aka 'unsigned int')
pngread.c:4067:18: runtime error: unsigned integer overflow: 0 - 1 cannot be represented in type 'png_uint_32' (aka 'unsigned int')
pngtrans.c:696:45: runtime error: unsigned integer overflow: 4294967288 * 128 cannot be represented in type 'unsigned int'
pngtrans.c:696:45: runtime error: unsigned integer overflow: 4294967288 * 256 cannot be represented in type 'unsigned int'
pngtrans.c:696:45: runtime error: unsigned integer overflow: 4294967288 * 2 cannot be represented in type 'unsigned int'
pngtrans.c:696:45: runtime error: unsigned integer overflow: 4294967288 * 32 cannot be represented in type 'unsigned int'
pngwrite.c:1557:12: runtime error: unsigned integer overflow: 0 - 1 cannot be represented in type 'png_uint_32' (aka 'unsigned int')
pngwrite.c:1708:15: runtime error: unsigned integer overflow: 0 - 1 cannot be represented in type 'png_uint_32' (aka 'unsigned int')
pngwrite.c:1749:15: runtime error: unsigned integer overflow: 0 - 1 cannot be represented in type 'png_uint_32' (aka 'unsigned int')
pngwrite.c:2139:15: runtime error: unsigned integer overflow: 0 - 1 cannot be represented in type 'png_uint_32' (aka 'unsigned int')

error: incomplete definition of type 'struct png_struct_def'

I'm using the source cloned from github, running latest version I'm guessing this is a compatibility issue?

variable has incomplete type 'png_info' (aka 'struct png_info_def')
png_info info_ptr;
^
./png.h:484:16: note: forward declaration of 'struct png_info_def'

error: incomplete definition of type 'struct png_struct_def'
./png.h:470:16: note: forward declaration of 'struct png_struct_def'
typedef struct png_struct_def png_struct;

how can i fix this?

Make Failed

[root@server libpng-1.6.32]# make
make all-am
make[1]: Entering directory /libpng-1.6.32' /bin/sh ./libtool --tag=CC --mode=link gcc -g -O2 -o pngfix contrib/tools/pngfix.o libpng16.la -lm -lz -lm libtool: link: gcc -g -O2 -o .libs/pngfix contrib/tools/pngfix.o ./.libs/libpng16.so -lz -lm -Wl,-rpath -Wl,/usr/local/lib ./.libs/libpng16.so: undefined reference to inflateValidate'
collect2: error: ld returned 1 exit status
make[1]: *** [pngfix] Error 1
make[1]: Leaving directory `/libpng-1.6.32'
make: *** [all] Error 2

configure :

./configure --prefix=/usr/local

Centos 7

powerpc VSX acceleration could be tweaked for AltiVec/VMX

I'm testing a version in TenFourFox that tweaks the VSX code to run under AltiVec/VMX (there are some missing intrinsics and it's always BE, but otherwise it mostly "just worked"). Is there interest in this? If so, I can upstream it. See classilla/tenfourfox#448 for the changes; I kept the VMX stuff in separate files though it may be possible to merge them.