asgardius/virtualx-engine
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

libpng: Update to upstream 1.6.28

Browse source 
Fixes a NULL pointer dereference bug (CVE-2016-10087).
This commit is contained in:
Rémi Verschelde 2017-01-05 22:27:46 +01:00
parent 495d059a74
commit a0141fa823
7 changed files with 46 additions and 58 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
thirdparty/README.md vendored
View file

@ -84,7 +84,7 @@ Files extracted from upstream source:
## libpng ## libpng
- Upstream: http://libpng.org/pub/png/libpng.html - Upstream: http://libpng.org/pub/png/libpng.html
- Version: 1.6.26 - Version: 1.6.28
- License: libpng/zlib - License: libpng/zlib
Files extracted from upstream source: Files extracted from upstream source:

23
thirdparty/libpng/png.c vendored
View file

@ -1,8 +1,8 @@
/* png.c - location for general purpose libpng functions /* png.c - location for general purpose libpng functions
* *
* Last changed in libpng 1.6.26 [October 20, 2016] * Last changed in libpng 1.6.28 [January 5, 2017]
* Copyright (c) 1998-2002,2004,2006-2016 Glenn Randers-Pehrson * Copyright (c) 1998-2002,2004,2006-2017 Glenn Randers-Pehrson
* (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger)
* (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.)
* *
@ -14,7 +14,7 @@
#include "pngpriv.h" #include "pngpriv.h"
/* Generate a compiler error if there is an old png.h in the search path. */ /* Generate a compiler error if there is an old png.h in the search path. */
typedef png_libpng_version_1_6_26 Your_png_h_is_not_version_1_6_26; typedef png_libpng_version_1_6_28 Your_png_h_is_not_version_1_6_28;
/* Tells libpng that we have already handled the first "num_bytes" bytes /* Tells libpng that we have already handled the first "num_bytes" bytes
* of the PNG file signature. If the PNG data is embedded into another * of the PNG file signature. If the PNG data is embedded into another
@ -477,6 +477,7 @@ png_free_data(png_const_structrp png_ptr, png_inforp info_ptr, png_uint_32 mask,
png_free(png_ptr, info_ptr->text); png_free(png_ptr, info_ptr->text);
info_ptr->text = NULL; info_ptr->text = NULL;
info_ptr->num_text = 0; info_ptr->num_text = 0;
info_ptr->max_text = 0;
} }
} }
#endif #endif
@ -775,15 +776,15 @@ png_get_copyright(png_const_structrp png_ptr)
#else #else
# ifdef __STDC__ # ifdef __STDC__
return PNG_STRING_NEWLINE \ return PNG_STRING_NEWLINE \
"libpng version 1.6.26 - October 20, 2016" PNG_STRING_NEWLINE \ "libpng version 1.6.28 - January 5, 2017" PNG_STRING_NEWLINE \
"Copyright (c) 1998-2002,2004,2006-2016 Glenn Randers-Pehrson" \ "Copyright (c) 1998-2002,2004,2006-2017 Glenn Randers-Pehrson" \
PNG_STRING_NEWLINE \ PNG_STRING_NEWLINE \
"Copyright (c) 1996-1997 Andreas Dilger" PNG_STRING_NEWLINE \ "Copyright (c) 1996-1997 Andreas Dilger" PNG_STRING_NEWLINE \
"Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc." \ "Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc." \
PNG_STRING_NEWLINE; PNG_STRING_NEWLINE;
# else # else
return "libpng version 1.6.26 - October 20, 2016\ return "libpng version 1.6.28 - January 5, 2017\
Copyright (c) 1998-2002,2004,2006-2016 Glenn Randers-Pehrson\ Copyright (c) 1998-2002,2004,2006-2017 Glenn Randers-Pehrson\
Copyright (c) 1996-1997 Andreas Dilger\ Copyright (c) 1996-1997 Andreas Dilger\
Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc."; Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc.";
# endif # endif
@ -4259,11 +4260,11 @@ png_set_option(png_structrp png_ptr, int option, int onoff)
if (png_ptr != NULL && option >= 0 && option < PNG_OPTION_NEXT && if (png_ptr != NULL && option >= 0 && option < PNG_OPTION_NEXT &&
(option & 1) == 0) (option & 1) == 0)
{ {
int mask = 3 << option; png_uint_32 mask = 3 << option;
int setting = (2 + (onoff != 0)) << option; png_uint_32 setting = (2 + (onoff != 0)) << option;
int current = png_ptr->options; png_uint_32 current = png_ptr->options;
png_ptr->options = (png_byte)(((current & ~mask) | setting) & 0xff); png_ptr->options = (png_uint_32)(((current & ~mask) | setting) & 0xff);
return (current & mask) >> option; return (current & mask) >> option;
} }

44
thirdparty/libpng/png.h vendored
View file

@ -1,9 +1,9 @@
/* png.h - header file for PNG reference library /* png.h - header file for PNG reference library
* *
* libpng version 1.6.26, October 20, 2016 * libpng version 1.6.28, January 5, 2017
* *
* Copyright (c) 1998-2002,2004,2006-2016 Glenn Randers-Pehrson * Copyright (c) 1998-2002,2004,2006-2017 Glenn Randers-Pehrson
* (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger)
* (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.)
* *
@ -12,7 +12,7 @@
* Authors and maintainers: * Authors and maintainers:
* libpng versions 0.71, May 1995, through 0.88, January 1996: Guy Schalnat * libpng versions 0.71, May 1995, through 0.88, January 1996: Guy Schalnat
* libpng versions 0.89, June 1996, through 0.96, May 1997: Andreas Dilger * libpng versions 0.89, June 1996, through 0.96, May 1997: Andreas Dilger
* libpng versions 0.97, January 1998, through 1.6.26, October 20, 2016: * libpng versions 0.97, January 1998, through 1.6.28, January 5, 2017:
* Glenn Randers-Pehrson. * Glenn Randers-Pehrson.
* See also "Contributing Authors", below. * See also "Contributing Authors", below.
*/ */
@ -25,12 +25,8 @@
* *
* This code is released under the libpng license. * This code is released under the libpng license.
* *
* Some files in the "contrib" directory and some configure-generated * libpng versions 1.0.7, July 1, 2000 through 1.6.28, January 5, 2017 are
* files that are distributed with libpng have other copyright owners and * Copyright (c) 2000-2002, 2004, 2006-2017 Glenn Randers-Pehrson, are
* are released under other open source licenses.
*
* libpng versions 1.0.7, July 1, 2000 through 1.6.26, October 20, 2016 are
* Copyright (c) 2000-2002, 2004, 2006-2016 Glenn Randers-Pehrson, are
* derived from libpng-1.0.6, and are distributed according to the same * derived from libpng-1.0.6, and are distributed according to the same
* disclaimer and license as libpng-1.0.6 with the following individuals * disclaimer and license as libpng-1.0.6 with the following individuals
* added to the list of Contributing Authors: * added to the list of Contributing Authors:
@ -52,10 +48,10 @@
* risk of satisfactory quality, performance, accuracy, and effort is with * risk of satisfactory quality, performance, accuracy, and effort is with
* the user. * the user.
* *
* Some files in the "contrib" directory have other copyright owners and * Some files in the "contrib" directory and some configure-generated
* files that are distributed with libpng have other copyright owners and
* are released under other open source licenses. * are released under other open source licenses.
* *
*
* libpng versions 0.97, January 1998, through 1.0.6, March 20, 2000, are * libpng versions 0.97, January 1998, through 1.0.6, March 20, 2000, are
* Copyright (c) 1998-2000 Glenn Randers-Pehrson, are derived from * Copyright (c) 1998-2000 Glenn Randers-Pehrson, are derived from
* libpng-0.96, and are distributed according to the same disclaimer and * libpng-0.96, and are distributed according to the same disclaimer and
@ -66,9 +62,6 @@
* Glenn Randers-Pehrson * Glenn Randers-Pehrson
* Willem van Schaik * Willem van Schaik
* *
* Some files in the "scripts" directory have different copyright owners
* but are also released under this license.
*
* libpng versions 0.89, June 1996, through 0.96, May 1997, are * libpng versions 0.89, June 1996, through 0.96, May 1997, are
* Copyright (c) 1996-1997 Andreas Dilger, are derived from libpng-0.88, * Copyright (c) 1996-1997 Andreas Dilger, are derived from libpng-0.88,
* and are distributed according to the same disclaimer and license as * and are distributed according to the same disclaimer and license as
@ -214,11 +207,11 @@
* ... * ...
* 1.0.19 10 10019 10.so.0.19[.0] * 1.0.19 10 10019 10.so.0.19[.0]
* ... * ...
* 1.2.56 13 10256 12.so.0.56[.0] * 1.2.57 13 10257 12.so.0.57[.0]
* ... * ...
* 1.5.27 15 10527 15.so.15.27[.0] * 1.5.28 15 10527 15.so.15.28[.0]
* ... * ...
* 1.6.26 16 10626 16.so.16.26[.0] * 1.6.28 16 10628 16.so.16.28[.0]
* *
* Henceforth the source version will match the shared-library major * Henceforth the source version will match the shared-library major
* and minor numbers; the shared-library major version number will be * and minor numbers; the shared-library major version number will be
@ -246,13 +239,13 @@
* Y2K compliance in libpng: * Y2K compliance in libpng:
* ========================= * =========================
* *
* October 20, 2016 * January 5, 2017
* *
* Since the PNG Development group is an ad-hoc body, we can't make * Since the PNG Development group is an ad-hoc body, we can't make
* an official declaration. * an official declaration.
* *
* This is your unofficial assurance that libpng from version 0.71 and * This is your unofficial assurance that libpng from version 0.71 and
* upward through 1.6.26 are Y2K compliant. It is my belief that * upward through 1.6.28 are Y2K compliant. It is my belief that
* earlier versions were also Y2K compliant. * earlier versions were also Y2K compliant.
* *
* Libpng only has two year fields. One is a 2-byte unsigned integer * Libpng only has two year fields. One is a 2-byte unsigned integer
@ -314,8 +307,8 @@
*/ */
/* Version information for png.h - this should match the version in png.c */ /* Version information for png.h - this should match the version in png.c */
#define PNG_LIBPNG_VER_STRING "1.6.26" #define PNG_LIBPNG_VER_STRING "1.6.28"
#define PNG_HEADER_VERSION_STRING " libpng version 1.6.26 - October 20, 2016\n" #define PNG_HEADER_VERSION_STRING " libpng version 1.6.28 - January 5, 2017\n"
#define PNG_LIBPNG_VER_SONUM 16 #define PNG_LIBPNG_VER_SONUM 16
#define PNG_LIBPNG_VER_DLLNUM 16 #define PNG_LIBPNG_VER_DLLNUM 16
@ -323,7 +316,7 @@
/* These should match the first 3 components of PNG_LIBPNG_VER_STRING: */ /* These should match the first 3 components of PNG_LIBPNG_VER_STRING: */
#define PNG_LIBPNG_VER_MAJOR 1 #define PNG_LIBPNG_VER_MAJOR 1
#define PNG_LIBPNG_VER_MINOR 6 #define PNG_LIBPNG_VER_MINOR 6
#define PNG_LIBPNG_VER_RELEASE 26 #define PNG_LIBPNG_VER_RELEASE 28
/* This should match the numeric part of the final component of /* This should match the numeric part of the final component of
* PNG_LIBPNG_VER_STRING, omitting any leading zero: * PNG_LIBPNG_VER_STRING, omitting any leading zero:
@ -354,7 +347,7 @@
* version 1.0.0 was mis-numbered 100 instead of 10000). From * version 1.0.0 was mis-numbered 100 instead of 10000). From
* version 1.0.1 it's xxyyzz, where x=major, y=minor, z=release * version 1.0.1 it's xxyyzz, where x=major, y=minor, z=release
*/ */
#define PNG_LIBPNG_VER 10626 /* 1.6.26 */ #define PNG_LIBPNG_VER 10628 /* 1.6.28 */
/* Library configuration: these options cannot be changed after /* Library configuration: these options cannot be changed after
* the library has been built. * the library has been built.
@ -464,7 +457,7 @@ extern "C" {
/* This triggers a compiler error in png.c, if png.c and png.h /* This triggers a compiler error in png.c, if png.c and png.h
* do not agree upon the version number. * do not agree upon the version number.
*/ */
typedef char* png_libpng_version_1_6_26; typedef char* png_libpng_version_1_6_28;
/* Basic control structions. Read libpng-manual.txt or libpng.3 for more info. /* Basic control structions. Read libpng-manual.txt or libpng.3 for more info.
* *
@ -3230,7 +3223,8 @@ PNG_EXPORT(245, int, png_image_write_to_memory, (png_imagep image, void *memory,
#ifdef PNG_MIPS_MSA_API_SUPPORTED #ifdef PNG_MIPS_MSA_API_SUPPORTED
# define PNG_MIPS_MSA 6 /* HARDWARE: MIPS Msa SIMD instructions supported */ # define PNG_MIPS_MSA 6 /* HARDWARE: MIPS Msa SIMD instructions supported */
#endif #endif
#define PNG_OPTION_NEXT 8 /* Next option - numbers must be even */ #define PNG_IGNORE_ADLER32 8
#define PNG_OPTION_NEXT 10 /* Next option - numbers must be even */
/* Return values: NOTE: there are four values and 'off' is *not* zero */ /* Return values: NOTE: there are four values and 'off' is *not* zero */
#define PNG_OPTION_UNSET 0 /* Unset - defaults to off */ #define PNG_OPTION_UNSET 0 /* Unset - defaults to off */

2
thirdparty/libpng/pngconf.h vendored
View file

@ -1,7 +1,7 @@
/* pngconf.h - machine configurable file for libpng /* pngconf.h - machine configurable file for libpng
* *
* libpng version 1.6.26, October 20, 2016 * libpng version 1.6.28, January 5, 2017
* *
* Copyright (c) 1998-2002,2004,2006-2016 Glenn Randers-Pehrson * Copyright (c) 1998-2002,2004,2006-2016 Glenn Randers-Pehrson
* (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger)

4
thirdparty/libpng/pnglibconf.h vendored
View file

@ -1,8 +1,8 @@
/* libpng 1.6.26 STANDARD API DEFINITION */ /* libpng 1.6.28 STANDARD API DEFINITION */
/* pnglibconf.h - library build configuration */ /* pnglibconf.h - library build configuration */
/* Libpng version 1.6.26 - October 20, 2016 */ /* Libpng version 1.6.28 - January 5, 2017 */
/* Copyright (c) 1998-2015 Glenn Randers-Pehrson */ /* Copyright (c) 1998-2015 Glenn Randers-Pehrson */

23
thirdparty/libpng/pngrutil.c vendored
View file

@ -1,7 +1,7 @@
/* pngrutil.c - utilities to read a PNG file /* pngrutil.c - utilities to read a PNG file
* *
* Last changed in libpng 1.6.26 [October 20, 2016] * Last changed in libpng 1.6.27 [January 5, 2017]
* Copyright (c) 1998-2002,2004,2006-2016 Glenn Randers-Pehrson * Copyright (c) 1998-2002,2004,2006-2016 Glenn Randers-Pehrson
* (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger)
* (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.)
@ -418,9 +418,10 @@ png_inflate_claim(png_structrp png_ptr, png_uint_32 owner)
png_ptr->flags |= PNG_FLAG_ZSTREAM_INITIALIZED; png_ptr->flags |= PNG_FLAG_ZSTREAM_INITIALIZED;
} }
#if ZLIB_VERNUM >= 0x1281 #if ZLIB_VERNUM >= 0x1281 && \
/* Turn off validation of the ADLER32 checksum */ defined(PNG_SET_OPTION_SUPPORTED) && defined(PNG_IGNORE_ADLER32)
if ((png_ptr->flags & PNG_FLAG_CRC_CRITICAL_IGNORE) != 0) if (((png_ptr->options >> PNG_IGNORE_ADLER32) & 3) == PNG_OPTION_ON)
/* Turn off validation of the ADLER32 checksum in IDAT chunks */
ret = inflateValidate(&png_ptr->zstream, 0); ret = inflateValidate(&png_ptr->zstream, 0);
#endif #endif
@ -716,7 +717,7 @@ png_decompress_chunk(png_structrp png_ptr,
* the extra space may otherwise be used as a Trojan Horse. * the extra space may otherwise be used as a Trojan Horse.
*/ */
if (ret == Z_STREAM_END && if (ret == Z_STREAM_END &&
chunklength - prefix_size != lzsize) chunklength - prefix_size != lzsize)
png_chunk_benign_error(png_ptr, "extra compressed data"); png_chunk_benign_error(png_ptr, "extra compressed data");
} }
@ -826,7 +827,7 @@ png_inflate_read(png_structrp png_ptr, png_bytep read_buffer, uInt read_size,
return Z_STREAM_ERROR; return Z_STREAM_ERROR;
} }
} }
#endif #endif /* READ_iCCP */
/* Read and check the IDHR chunk */ /* Read and check the IDHR chunk */
@ -4107,15 +4108,7 @@ png_read_IDAT_data(png_structrp png_ptr, png_bytep output,
png_zstream_error(png_ptr, ret); png_zstream_error(png_ptr, ret);
if (output != NULL) if (output != NULL)
{ png_chunk_error(png_ptr, png_ptr->zstream.msg);
if(!strncmp(png_ptr->zstream.msg,"incorrect data check",20))
{
png_chunk_benign_error(png_ptr, "ADLER32 checksum mismatch");
continue;
}
else
png_chunk_error(png_ptr, png_ptr->zstream.msg);
}
else /* checking */ else /* checking */
{ {

6
thirdparty/libpng/pngstruct.h vendored
View file

@ -1,8 +1,8 @@
/* pngstruct.h - header file for PNG reference library /* pngstruct.h - header file for PNG reference library
* *
* Last changed in libpng 1.6.24 [August 4, 2016] * Last changed in libpng 1.6.28 [January 5, 2017]
* Copyright (c) 1998-2002,2004,2006-2016 Glenn Randers-Pehrson * Copyright (c) 1998-2002,2004,2006-2017 Glenn Randers-Pehrson
* (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger)
* (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.)
* *
@ -353,7 +353,7 @@ struct png_struct_def
/* Options */ /* Options */
#ifdef PNG_SET_OPTION_SUPPORTED #ifdef PNG_SET_OPTION_SUPPORTED
png_byte options; /* On/off state (up to 4 options) */ png_uint_32 options; /* On/off state (up to 16 options) */
#endif #endif
#if PNG_LIBPNG_VER < 10700 #if PNG_LIBPNG_VER < 10700