12 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * version 2 for more details (a copy is included in the LICENSE file that
14 * accompanied this code).
15 *
16 * You should have received a copy of the GNU General Public License version
17 * 2 along with this work; if not, write to the Free Software Foundation,
18 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
19 *
20 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
21 * or visit www.oracle.com if you need additional information or have any
22 * questions.
23 */
24
25 /* pngset.c - storage of image information into info struct
26 *
27 * This file is available under and governed by the GNU General Public
28 * License version 2 only, as published by the Free Software Foundation.
29 * However, the following notice accompanied the original version of this
30 * file and, per its terms, should not be removed:
31 *
32 * Last changed in libpng 1.6.23 [June 9, 2016]
33 * Copyright (c) 1998-2016 Glenn Randers-Pehrson
34 * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger)
35 * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.)
36 *
37 * This code is released under the libpng license.
38 * For conditions of distribution and use, see the disclaimer
39 * and license in png.h
40 *
41 * The functions here are used during reads to store data from the file
42 * into the info struct, and during writes to store application data
43 * into the info struct for writing into the file. This abstracts the
44 * info struct and allows us to change the structure in the future.
45 */
46
47 #include "pngpriv.h"
48
49 #if defined(PNG_READ_SUPPORTED) || defined(PNG_WRITE_SUPPORTED)
50
51 #ifdef PNG_bKGD_SUPPORTED
52 void PNGAPI
294 png_const_charp purpose, png_int_32 X0, png_int_32 X1, int type,
295 int nparams, png_const_charp units, png_charpp params)
296 {
297 png_size_t length;
298 int i;
299
300 png_debug1(1, "in %s storage function", "pCAL");
301
302 if (png_ptr == NULL || info_ptr == NULL || purpose == NULL || units == NULL
303 || (nparams > 0 && params == NULL))
304 return;
305
306 length = strlen(purpose) + 1;
307 png_debug1(3, "allocating purpose for info (%lu bytes)",
308 (unsigned long)length);
309
310 /* TODO: validate format of calibration name and unit name */
311
312 /* Check that the type matches the specification. */
313 if (type < 0 || type > 3)
314 png_error(png_ptr, "Invalid pCAL equation type");
315
316 if (nparams < 0 || nparams > 255)
317 png_error(png_ptr, "Invalid pCAL parameter count");
318
319 /* Validate params[nparams] */
320 for (i=0; i<nparams; ++i)
321 {
322 if (params[i] == NULL ||
323 !png_check_fp_string(params[i], strlen(params[i])))
324 png_error(png_ptr, "Invalid format for pCAL parameter");
325 }
326
327 info_ptr->pcal_purpose = png_voidcast(png_charp,
328 png_malloc_warn(png_ptr, length));
329
330 if (info_ptr->pcal_purpose == NULL)
331 {
332 png_warning(png_ptr, "Insufficient memory for pCAL purpose");
333
334 return;
335 }
336
337 memcpy(info_ptr->pcal_purpose, purpose, length);
338
339 png_debug(3, "storing X0, X1, type, and nparams in info");
340 info_ptr->pcal_X0 = X0;
341 info_ptr->pcal_X1 = X1;
342 info_ptr->pcal_type = (png_byte)type;
343 info_ptr->pcal_nparams = (png_byte)nparams;
344
345 length = strlen(units) + 1;
346 png_debug1(3, "allocating units for info (%lu bytes)",
347 (unsigned long)length);
348
349 info_ptr->pcal_units = png_voidcast(png_charp,
350 png_malloc_warn(png_ptr, length));
351
352 if (info_ptr->pcal_units == NULL)
353 {
354 png_warning(png_ptr, "Insufficient memory for pCAL units");
355
356 return;
357 }
358
359 memcpy(info_ptr->pcal_units, units, length);
360
361 info_ptr->pcal_params = png_voidcast(png_charpp, png_malloc_warn(png_ptr,
362 (png_size_t)((nparams + 1) * (sizeof (png_charp)))));
363
364 if (info_ptr->pcal_params == NULL)
365 {
366 png_warning(png_ptr, "Insufficient memory for pCAL params");
367
368 return;
369 }
370
371 memset(info_ptr->pcal_params, 0, (nparams + 1) * (sizeof (png_charp)));
372
373 for (i = 0; i < nparams; i++)
374 {
375 length = strlen(params[i]) + 1;
376 png_debug2(3, "allocating parameter %d for info (%lu bytes)", i,
377 (unsigned long)length);
378
379 info_ptr->pcal_params[i] = (png_charp)png_malloc_warn(png_ptr, length);
380
381 if (info_ptr->pcal_params[i] == NULL)
382 {
383 png_warning(png_ptr, "Insufficient memory for pCAL parameter");
384
385 return;
386 }
387
388 memcpy(info_ptr->pcal_params[i], params[i], length);
389 }
390
391 info_ptr->valid |= PNG_INFO_pCAL;
574 png_error(png_ptr, "Invalid palette");
575 }
576
577 /* It may not actually be necessary to set png_ptr->palette here;
578 * we do it for backward compatibility with the way the png_handle_tRNS
579 * function used to do the allocation.
580 *
581 * 1.6.0: the above statement appears to be incorrect; something has to set
582 * the palette inside png_struct on read.
583 */
584 png_free_data(png_ptr, info_ptr, PNG_FREE_PLTE, 0);
585
586 /* Changed in libpng-1.2.1 to allocate PNG_MAX_PALETTE_LENGTH instead
587 * of num_palette entries, in case of an invalid PNG file or incorrect
588 * call to png_set_PLTE() with too-large sample values.
589 */
590 png_ptr->palette = png_voidcast(png_colorp, png_calloc(png_ptr,
591 PNG_MAX_PALETTE_LENGTH * (sizeof (png_color))));
592
593 if (num_palette > 0)
594 memcpy(png_ptr->palette, palette, num_palette * (sizeof (png_color)));
595 info_ptr->palette = png_ptr->palette;
596 info_ptr->num_palette = png_ptr->num_palette = (png_uint_16)num_palette;
597
598 info_ptr->free_me |= PNG_FREE_PLTE;
599
600 info_ptr->valid |= PNG_INFO_PLTE;
601 }
602
603 #ifdef PNG_sBIT_SUPPORTED
604 void PNGAPI
605 png_set_sBIT(png_const_structrp png_ptr, png_inforp info_ptr,
606 png_const_color_8p sig_bit)
607 {
608 png_debug1(1, "in %s storage function", "sBIT");
609
610 if (png_ptr == NULL || info_ptr == NULL || sig_bit == NULL)
611 return;
612
613 info_ptr->sig_bit = *sig_bit;
614 info_ptr->valid |= PNG_INFO_sBIT;
1091
1092 /* IMPORTANT: we have memory now that won't get freed if something else
1093 * goes wrong; this code must free it. png_malloc_array produces no
1094 * warnings; use a png_chunk_report (below) if there is an error.
1095 */
1096 np->entries = png_voidcast(png_sPLT_entryp, png_malloc_array(png_ptr,
1097 entries->nentries, sizeof (png_sPLT_entry)));
1098
1099 if (np->entries == NULL)
1100 {
1101 png_free(png_ptr, np->name);
1102 np->name = NULL;
1103 break;
1104 }
1105
1106 np->nentries = entries->nentries;
1107 /* This multiply can't overflow because png_malloc_array has already
1108 * checked it when doing the allocation.
1109 */
1110 memcpy(np->entries, entries->entries,
1111 entries->nentries * sizeof (png_sPLT_entry));
1112
1113 /* Note that 'continue' skips the advance of the out pointer and out
1114 * count, so an invalid entry is not added.
1115 */
1116 info_ptr->valid |= PNG_INFO_sPLT;
1117 ++(info_ptr->splt_palettes_num);
1118 ++np;
1119 }
1120 while (++entries, --nentries);
1121
1122 if (nentries > 0)
1123 png_chunk_report(png_ptr, "sPLT out of memory", PNG_CHUNK_WRITE_ERROR);
1124 }
1125 #endif /* sPLT */
1126
1127 #ifdef PNG_STORE_UNKNOWN_CHUNKS_SUPPORTED
1128 static png_byte
1129 check_location(png_const_structrp png_ptr, int location)
1130 {
1131 location &= (PNG_HAVE_IHDR|PNG_HAVE_PLTE|PNG_AFTER_IDAT);
1260 ++(info_ptr->unknown_chunks_num);
1261 }
1262 }
1263
1264 void PNGAPI
1265 png_set_unknown_chunk_location(png_const_structrp png_ptr, png_inforp info_ptr,
1266 int chunk, int location)
1267 {
1268 /* This API is pretty pointless in 1.6.0 because the location can be set
1269 * before the call to png_set_unknown_chunks.
1270 *
1271 * TODO: add a png_app_warning in 1.7
1272 */
1273 if (png_ptr != NULL && info_ptr != NULL && chunk >= 0 &&
1274 chunk < info_ptr->unknown_chunks_num)
1275 {
1276 if ((location & (PNG_HAVE_IHDR|PNG_HAVE_PLTE|PNG_AFTER_IDAT)) == 0)
1277 {
1278 png_app_error(png_ptr, "invalid unknown chunk location");
1279 /* Fake out the pre 1.6.0 behavior: */
1280 if ((location & PNG_HAVE_IDAT) != 0) /* undocumented! */
1281 location = PNG_AFTER_IDAT;
1282
1283 else
1284 location = PNG_HAVE_IHDR; /* also undocumented */
1285 }
1286
1287 info_ptr->unknown_chunks[chunk].location =
1288 check_location(png_ptr, location);
1289 }
1290 }
1291 #endif /* STORE_UNKNOWN_CHUNKS */
1292
1293 #ifdef PNG_MNG_FEATURES_SUPPORTED
1294 png_uint_32 PNGAPI
1295 png_permit_mng_features (png_structrp png_ptr, png_uint_32 mng_features)
1296 {
1297 png_debug(1, "in png_permit_mng_features");
1298
1299 if (png_ptr == NULL)
1300 return 0;
1384 116, 73, 77, 69, '\0', /* tIME */
1385 122, 84, 88, 116, '\0' /* zTXt */
1386 };
1387
1388 chunk_list = chunks_to_ignore;
1389 num_chunks = (unsigned int)/*SAFE*/(sizeof chunks_to_ignore)/5U;
1390 }
1391
1392 else /* num_chunks_in > 0 */
1393 {
1394 if (chunk_list == NULL)
1395 {
1396 /* Prior to 1.6.0 this was silently ignored, now it is an app_error
1397 * which can be switched off.
1398 */
1399 png_app_error(png_ptr, "png_set_keep_unknown_chunks: no chunk list");
1400
1401 return;
1402 }
1403
1404 num_chunks = num_chunks_in;
1405 }
1406
1407 old_num_chunks = png_ptr->num_chunk_list;
1408 if (png_ptr->chunk_list == NULL)
1409 old_num_chunks = 0;
1410
1411 /* Since num_chunks is always restricted to UINT_MAX/5 this can't overflow.
1412 */
1413 if (num_chunks + old_num_chunks > UINT_MAX/5)
1414 {
1415 png_app_error(png_ptr, "png_set_keep_unknown_chunks: too many chunks");
1416
1417 return;
1418 }
1419
1420 /* If these chunks are being reset to the default then no more memory is
1421 * required because add_one_chunk above doesn't extend the list if the 'keep'
1422 * parameter is the default.
1423 */
1424 if (keep != 0)
1574 */
1575 png_warning(png_ptr,
1576 "Compression buffer size cannot be reduced below 6");
1577
1578 return;
1579 }
1580
1581 if (png_ptr->zbuffer_size != size)
1582 {
1583 png_free_buffer_list(png_ptr, &png_ptr->zbuffer_list);
1584 png_ptr->zbuffer_size = (uInt)size;
1585 }
1586 }
1587 # endif
1588 }
1589
1590 void PNGAPI
1591 png_set_invalid(png_const_structrp png_ptr, png_inforp info_ptr, int mask)
1592 {
1593 if (png_ptr != NULL && info_ptr != NULL)
1594 info_ptr->valid &= ~mask;
1595 }
1596
1597
1598 #ifdef PNG_SET_USER_LIMITS_SUPPORTED
1599 /* This function was added to libpng 1.2.6 */
1600 void PNGAPI
1601 png_set_user_limits (png_structrp png_ptr, png_uint_32 user_width_max,
1602 png_uint_32 user_height_max)
1603 {
1604 /* Images with dimensions larger than these limits will be
1605 * rejected by png_set_IHDR(). To accept any PNG datastream
1606 * regardless of dimensions, set both limits to 0x7fffffff.
1607 */
1608 if (png_ptr == NULL)
1609 return;
1610
1611 png_ptr->user_width_max = user_width_max;
1612 png_ptr->user_height_max = user_height_max;
1613 }
1614
1673 else
1674 png_ptr->num_palette_max = -1;
1675 }
1676 #endif
1677
1678 #if defined(PNG_TEXT_SUPPORTED) || defined(PNG_pCAL_SUPPORTED) || \
1679 defined(PNG_iCCP_SUPPORTED) || defined(PNG_sPLT_SUPPORTED)
1680 /* Check that the tEXt or zTXt keyword is valid per PNG 1.0 specification,
1681 * and if invalid, correct the keyword rather than discarding the entire
1682 * chunk. The PNG 1.0 specification requires keywords 1-79 characters in
1683 * length, forbids leading or trailing whitespace, multiple internal spaces,
1684 * and the non-break space (0x80) from ISO 8859-1. Returns keyword length.
1685 *
1686 * The 'new_key' buffer must be 80 characters in size (for the keyword plus a
1687 * trailing '\0'). If this routine returns 0 then there was no keyword, or a
1688 * valid one could not be generated, and the caller must png_error.
1689 */
1690 png_uint_32 /* PRIVATE */
1691 png_check_keyword(png_structrp png_ptr, png_const_charp key, png_bytep new_key)
1692 {
1693 png_const_charp orig_key = key;
1694 png_uint_32 key_len = 0;
1695 int bad_character = 0;
1696 int space = 1;
1697
1698 png_debug(1, "in png_check_keyword");
1699
1700 if (key == NULL)
1701 {
1702 *new_key = 0;
1703 return 0;
1704 }
1705
1706 while (*key && key_len < 79)
1707 {
1708 png_byte ch = (png_byte)*key++;
1709
1710 if ((ch > 32 && ch <= 126) || (ch >= 161 /*&& ch <= 255*/))
1711 *new_key++ = ch, ++key_len, space = 0;
1712
1713 else if (space == 0)
1736 /* Terminate the keyword */
1737 *new_key = 0;
1738
1739 if (key_len == 0)
1740 return 0;
1741
1742 #ifdef PNG_WARNINGS_SUPPORTED
1743 /* Try to only output one warning per keyword: */
1744 if (*key != 0) /* keyword too long */
1745 png_warning(png_ptr, "keyword truncated");
1746
1747 else if (bad_character != 0)
1748 {
1749 PNG_WARNING_PARAMETERS(p)
1750
1751 png_warning_parameter(p, 1, orig_key);
1752 png_warning_parameter_signed(p, 2, PNG_NUMBER_FORMAT_02x, bad_character);
1753
1754 png_formatted_warning(png_ptr, p, "keyword \"@1\": bad character '0x@2'");
1755 }
1756 #endif /* WARNINGS */
1757
1758 return key_len;
1759 }
1760 #endif /* TEXT || pCAL || iCCP || sPLT */
1761 #endif /* READ || WRITE */
|
12 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * version 2 for more details (a copy is included in the LICENSE file that
14 * accompanied this code).
15 *
16 * You should have received a copy of the GNU General Public License version
17 * 2 along with this work; if not, write to the Free Software Foundation,
18 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
19 *
20 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
21 * or visit www.oracle.com if you need additional information or have any
22 * questions.
23 */
24
25 /* pngset.c - storage of image information into info struct
26 *
27 * This file is available under and governed by the GNU General Public
28 * License version 2 only, as published by the Free Software Foundation.
29 * However, the following notice accompanied the original version of this
30 * file and, per its terms, should not be removed:
31 *
32 * Last changed in libpng 1.6.26 [October 20, 2016]
33 * Copyright (c) 1998-2016 Glenn Randers-Pehrson
34 * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger)
35 * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.)
36 *
37 * This code is released under the libpng license.
38 * For conditions of distribution and use, see the disclaimer
39 * and license in png.h
40 *
41 * The functions here are used during reads to store data from the file
42 * into the info struct, and during writes to store application data
43 * into the info struct for writing into the file. This abstracts the
44 * info struct and allows us to change the structure in the future.
45 */
46
47 #include "pngpriv.h"
48
49 #if defined(PNG_READ_SUPPORTED) || defined(PNG_WRITE_SUPPORTED)
50
51 #ifdef PNG_bKGD_SUPPORTED
52 void PNGAPI
294 png_const_charp purpose, png_int_32 X0, png_int_32 X1, int type,
295 int nparams, png_const_charp units, png_charpp params)
296 {
297 png_size_t length;
298 int i;
299
300 png_debug1(1, "in %s storage function", "pCAL");
301
302 if (png_ptr == NULL || info_ptr == NULL || purpose == NULL || units == NULL
303 || (nparams > 0 && params == NULL))
304 return;
305
306 length = strlen(purpose) + 1;
307 png_debug1(3, "allocating purpose for info (%lu bytes)",
308 (unsigned long)length);
309
310 /* TODO: validate format of calibration name and unit name */
311
312 /* Check that the type matches the specification. */
313 if (type < 0 || type > 3)
314 {
315 png_chunk_report(png_ptr, "Invalid pCAL equation type",
316 PNG_CHUNK_WRITE_ERROR);
317 return;
318 }
319
320 if (nparams < 0 || nparams > 255)
321 {
322 png_chunk_report(png_ptr, "Invalid pCAL parameter count",
323 PNG_CHUNK_WRITE_ERROR);
324 return;
325 }
326
327 /* Validate params[nparams] */
328 for (i=0; i<nparams; ++i)
329 {
330 if (params[i] == NULL ||
331 !png_check_fp_string(params[i], strlen(params[i])))
332 {
333 png_chunk_report(png_ptr, "Invalid format for pCAL parameter",
334 PNG_CHUNK_WRITE_ERROR);
335 return;
336 }
337 }
338
339 info_ptr->pcal_purpose = png_voidcast(png_charp,
340 png_malloc_warn(png_ptr, length));
341
342 if (info_ptr->pcal_purpose == NULL)
343 {
344 png_chunk_report(png_ptr, "Insufficient memory for pCAL purpose",
345 PNG_CHUNK_WRITE_ERROR);
346 return;
347 }
348
349 memcpy(info_ptr->pcal_purpose, purpose, length);
350
351 png_debug(3, "storing X0, X1, type, and nparams in info");
352 info_ptr->pcal_X0 = X0;
353 info_ptr->pcal_X1 = X1;
354 info_ptr->pcal_type = (png_byte)type;
355 info_ptr->pcal_nparams = (png_byte)nparams;
356
357 length = strlen(units) + 1;
358 png_debug1(3, "allocating units for info (%lu bytes)",
359 (unsigned long)length);
360
361 info_ptr->pcal_units = png_voidcast(png_charp,
362 png_malloc_warn(png_ptr, length));
363
364 if (info_ptr->pcal_units == NULL)
365 {
366 png_warning(png_ptr, "Insufficient memory for pCAL units");
367
368 return;
369 }
370
371 memcpy(info_ptr->pcal_units, units, length);
372
373 info_ptr->pcal_params = png_voidcast(png_charpp, png_malloc_warn(png_ptr,
374 (png_size_t)(((unsigned int)nparams + 1) * (sizeof (png_charp)))));
375
376 if (info_ptr->pcal_params == NULL)
377 {
378 png_warning(png_ptr, "Insufficient memory for pCAL params");
379
380 return;
381 }
382
383 memset(info_ptr->pcal_params, 0, ((unsigned int)nparams + 1) *
384 (sizeof (png_charp)));
385
386 for (i = 0; i < nparams; i++)
387 {
388 length = strlen(params[i]) + 1;
389 png_debug2(3, "allocating parameter %d for info (%lu bytes)", i,
390 (unsigned long)length);
391
392 info_ptr->pcal_params[i] = (png_charp)png_malloc_warn(png_ptr, length);
393
394 if (info_ptr->pcal_params[i] == NULL)
395 {
396 png_warning(png_ptr, "Insufficient memory for pCAL parameter");
397
398 return;
399 }
400
401 memcpy(info_ptr->pcal_params[i], params[i], length);
402 }
403
404 info_ptr->valid |= PNG_INFO_pCAL;
587 png_error(png_ptr, "Invalid palette");
588 }
589
590 /* It may not actually be necessary to set png_ptr->palette here;
591 * we do it for backward compatibility with the way the png_handle_tRNS
592 * function used to do the allocation.
593 *
594 * 1.6.0: the above statement appears to be incorrect; something has to set
595 * the palette inside png_struct on read.
596 */
597 png_free_data(png_ptr, info_ptr, PNG_FREE_PLTE, 0);
598
599 /* Changed in libpng-1.2.1 to allocate PNG_MAX_PALETTE_LENGTH instead
600 * of num_palette entries, in case of an invalid PNG file or incorrect
601 * call to png_set_PLTE() with too-large sample values.
602 */
603 png_ptr->palette = png_voidcast(png_colorp, png_calloc(png_ptr,
604 PNG_MAX_PALETTE_LENGTH * (sizeof (png_color))));
605
606 if (num_palette > 0)
607 memcpy(png_ptr->palette, palette, (unsigned int)num_palette *
608 (sizeof (png_color)));
609 info_ptr->palette = png_ptr->palette;
610 info_ptr->num_palette = png_ptr->num_palette = (png_uint_16)num_palette;
611
612 info_ptr->free_me |= PNG_FREE_PLTE;
613
614 info_ptr->valid |= PNG_INFO_PLTE;
615 }
616
617 #ifdef PNG_sBIT_SUPPORTED
618 void PNGAPI
619 png_set_sBIT(png_const_structrp png_ptr, png_inforp info_ptr,
620 png_const_color_8p sig_bit)
621 {
622 png_debug1(1, "in %s storage function", "sBIT");
623
624 if (png_ptr == NULL || info_ptr == NULL || sig_bit == NULL)
625 return;
626
627 info_ptr->sig_bit = *sig_bit;
628 info_ptr->valid |= PNG_INFO_sBIT;
1105
1106 /* IMPORTANT: we have memory now that won't get freed if something else
1107 * goes wrong; this code must free it. png_malloc_array produces no
1108 * warnings; use a png_chunk_report (below) if there is an error.
1109 */
1110 np->entries = png_voidcast(png_sPLT_entryp, png_malloc_array(png_ptr,
1111 entries->nentries, sizeof (png_sPLT_entry)));
1112
1113 if (np->entries == NULL)
1114 {
1115 png_free(png_ptr, np->name);
1116 np->name = NULL;
1117 break;
1118 }
1119
1120 np->nentries = entries->nentries;
1121 /* This multiply can't overflow because png_malloc_array has already
1122 * checked it when doing the allocation.
1123 */
1124 memcpy(np->entries, entries->entries,
1125 (unsigned int)entries->nentries * sizeof (png_sPLT_entry));
1126
1127 /* Note that 'continue' skips the advance of the out pointer and out
1128 * count, so an invalid entry is not added.
1129 */
1130 info_ptr->valid |= PNG_INFO_sPLT;
1131 ++(info_ptr->splt_palettes_num);
1132 ++np;
1133 }
1134 while (++entries, --nentries);
1135
1136 if (nentries > 0)
1137 png_chunk_report(png_ptr, "sPLT out of memory", PNG_CHUNK_WRITE_ERROR);
1138 }
1139 #endif /* sPLT */
1140
1141 #ifdef PNG_STORE_UNKNOWN_CHUNKS_SUPPORTED
1142 static png_byte
1143 check_location(png_const_structrp png_ptr, int location)
1144 {
1145 location &= (PNG_HAVE_IHDR|PNG_HAVE_PLTE|PNG_AFTER_IDAT);
1274 ++(info_ptr->unknown_chunks_num);
1275 }
1276 }
1277
1278 void PNGAPI
1279 png_set_unknown_chunk_location(png_const_structrp png_ptr, png_inforp info_ptr,
1280 int chunk, int location)
1281 {
1282 /* This API is pretty pointless in 1.6.0 because the location can be set
1283 * before the call to png_set_unknown_chunks.
1284 *
1285 * TODO: add a png_app_warning in 1.7
1286 */
1287 if (png_ptr != NULL && info_ptr != NULL && chunk >= 0 &&
1288 chunk < info_ptr->unknown_chunks_num)
1289 {
1290 if ((location & (PNG_HAVE_IHDR|PNG_HAVE_PLTE|PNG_AFTER_IDAT)) == 0)
1291 {
1292 png_app_error(png_ptr, "invalid unknown chunk location");
1293 /* Fake out the pre 1.6.0 behavior: */
1294 if (((unsigned int)location & PNG_HAVE_IDAT) != 0) /* undocumented! */
1295 location = PNG_AFTER_IDAT;
1296
1297 else
1298 location = PNG_HAVE_IHDR; /* also undocumented */
1299 }
1300
1301 info_ptr->unknown_chunks[chunk].location =
1302 check_location(png_ptr, location);
1303 }
1304 }
1305 #endif /* STORE_UNKNOWN_CHUNKS */
1306
1307 #ifdef PNG_MNG_FEATURES_SUPPORTED
1308 png_uint_32 PNGAPI
1309 png_permit_mng_features (png_structrp png_ptr, png_uint_32 mng_features)
1310 {
1311 png_debug(1, "in png_permit_mng_features");
1312
1313 if (png_ptr == NULL)
1314 return 0;
1398 116, 73, 77, 69, '\0', /* tIME */
1399 122, 84, 88, 116, '\0' /* zTXt */
1400 };
1401
1402 chunk_list = chunks_to_ignore;
1403 num_chunks = (unsigned int)/*SAFE*/(sizeof chunks_to_ignore)/5U;
1404 }
1405
1406 else /* num_chunks_in > 0 */
1407 {
1408 if (chunk_list == NULL)
1409 {
1410 /* Prior to 1.6.0 this was silently ignored, now it is an app_error
1411 * which can be switched off.
1412 */
1413 png_app_error(png_ptr, "png_set_keep_unknown_chunks: no chunk list");
1414
1415 return;
1416 }
1417
1418 num_chunks = (unsigned int)num_chunks_in;
1419 }
1420
1421 old_num_chunks = png_ptr->num_chunk_list;
1422 if (png_ptr->chunk_list == NULL)
1423 old_num_chunks = 0;
1424
1425 /* Since num_chunks is always restricted to UINT_MAX/5 this can't overflow.
1426 */
1427 if (num_chunks + old_num_chunks > UINT_MAX/5)
1428 {
1429 png_app_error(png_ptr, "png_set_keep_unknown_chunks: too many chunks");
1430
1431 return;
1432 }
1433
1434 /* If these chunks are being reset to the default then no more memory is
1435 * required because add_one_chunk above doesn't extend the list if the 'keep'
1436 * parameter is the default.
1437 */
1438 if (keep != 0)
1588 */
1589 png_warning(png_ptr,
1590 "Compression buffer size cannot be reduced below 6");
1591
1592 return;
1593 }
1594
1595 if (png_ptr->zbuffer_size != size)
1596 {
1597 png_free_buffer_list(png_ptr, &png_ptr->zbuffer_list);
1598 png_ptr->zbuffer_size = (uInt)size;
1599 }
1600 }
1601 # endif
1602 }
1603
1604 void PNGAPI
1605 png_set_invalid(png_const_structrp png_ptr, png_inforp info_ptr, int mask)
1606 {
1607 if (png_ptr != NULL && info_ptr != NULL)
1608 info_ptr->valid &= (unsigned int)(~mask);
1609 }
1610
1611
1612 #ifdef PNG_SET_USER_LIMITS_SUPPORTED
1613 /* This function was added to libpng 1.2.6 */
1614 void PNGAPI
1615 png_set_user_limits (png_structrp png_ptr, png_uint_32 user_width_max,
1616 png_uint_32 user_height_max)
1617 {
1618 /* Images with dimensions larger than these limits will be
1619 * rejected by png_set_IHDR(). To accept any PNG datastream
1620 * regardless of dimensions, set both limits to 0x7fffffff.
1621 */
1622 if (png_ptr == NULL)
1623 return;
1624
1625 png_ptr->user_width_max = user_width_max;
1626 png_ptr->user_height_max = user_height_max;
1627 }
1628
1687 else
1688 png_ptr->num_palette_max = -1;
1689 }
1690 #endif
1691
1692 #if defined(PNG_TEXT_SUPPORTED) || defined(PNG_pCAL_SUPPORTED) || \
1693 defined(PNG_iCCP_SUPPORTED) || defined(PNG_sPLT_SUPPORTED)
1694 /* Check that the tEXt or zTXt keyword is valid per PNG 1.0 specification,
1695 * and if invalid, correct the keyword rather than discarding the entire
1696 * chunk. The PNG 1.0 specification requires keywords 1-79 characters in
1697 * length, forbids leading or trailing whitespace, multiple internal spaces,
1698 * and the non-break space (0x80) from ISO 8859-1. Returns keyword length.
1699 *
1700 * The 'new_key' buffer must be 80 characters in size (for the keyword plus a
1701 * trailing '\0'). If this routine returns 0 then there was no keyword, or a
1702 * valid one could not be generated, and the caller must png_error.
1703 */
1704 png_uint_32 /* PRIVATE */
1705 png_check_keyword(png_structrp png_ptr, png_const_charp key, png_bytep new_key)
1706 {
1707 #ifdef PNG_WARNINGS_SUPPORTED
1708 png_const_charp orig_key = key;
1709 #endif
1710 png_uint_32 key_len = 0;
1711 int bad_character = 0;
1712 int space = 1;
1713
1714 png_debug(1, "in png_check_keyword");
1715
1716 if (key == NULL)
1717 {
1718 *new_key = 0;
1719 return 0;
1720 }
1721
1722 while (*key && key_len < 79)
1723 {
1724 png_byte ch = (png_byte)*key++;
1725
1726 if ((ch > 32 && ch <= 126) || (ch >= 161 /*&& ch <= 255*/))
1727 *new_key++ = ch, ++key_len, space = 0;
1728
1729 else if (space == 0)
1752 /* Terminate the keyword */
1753 *new_key = 0;
1754
1755 if (key_len == 0)
1756 return 0;
1757
1758 #ifdef PNG_WARNINGS_SUPPORTED
1759 /* Try to only output one warning per keyword: */
1760 if (*key != 0) /* keyword too long */
1761 png_warning(png_ptr, "keyword truncated");
1762
1763 else if (bad_character != 0)
1764 {
1765 PNG_WARNING_PARAMETERS(p)
1766
1767 png_warning_parameter(p, 1, orig_key);
1768 png_warning_parameter_signed(p, 2, PNG_NUMBER_FORMAT_02x, bad_character);
1769
1770 png_formatted_warning(png_ptr, p, "keyword \"@1\": bad character '0x@2'");
1771 }
1772 #else /* !WARNINGS */
1773 PNG_UNUSED(png_ptr)
1774 #endif /* !WARNINGS */
1775
1776 return key_len;
1777 }
1778 #endif /* TEXT || pCAL || iCCP || sPLT */
1779 #endif /* READ || WRITE */
|