[LIBPNG] Update to version 1.6.39. CORE-18670

2024-06-02 18:51:50 +00:00 · 2022-11-25 09:57:36 -05:00 · 2022-11-25 09:57:36 -05:00 · 991e2bd45b
parent c5febe93f0
commit 991e2bd45b
15 changed files with 136 additions and 117 deletions
--- a/dll/3rdparty/libpng/docs/ANNOUNCE
+++ b/dll/3rdparty/libpng/docs/ANNOUNCE
@ -1,5 +1,5 @@
-libpng 1.6.38 - September 14, 2022
+libpng 1.6.39 - November 20, 2022
-==================================
+=================================
 This is a public release of libpng, intended for use in production code.
@ -9,13 +9,13 @@ Files available for download
 Source files with LF line endings (for Unix/Linux):
- * libpng-1.6.38.tar.xz (LZMA-compressed, recommended)
+ * libpng-1.6.39.tar.xz (LZMA-compressed, recommended)
- * libpng-1.6.38.tar.gz
+ * libpng-1.6.39.tar.gz
 Source files with CRLF line endings (for Windows):
- * lp1638.7z (LZMA-compressed, recommended)
+ * lpng1639.7z (LZMA-compressed, recommended)
- * lp1638.zip
+ * lpng1639.zip
 Other information:
@ -25,13 +25,19 @@ Other information:
 * TRADEMARK.md
-Changes since the previous public release (version 1.6.37)
+Changes from version 1.6.38 to version 1.6.39
----------------------------------------------------------
+---------------------------------------------
- * Added configurations and scripts for continuous integration.
+ * Changed the error handler of oversized chunks (i.e. larger than
- * Fixed various errors in the handling of tRNS, hIST and eXIf.
+   PNG_USER_CHUNK_MALLOC_MAX) from png_chunk_error to png_benign_error.
- * Implemented many stability improvements across all platforms.
+ * Fixed a buffer overflow error in contrib/tools/pngfix.
- * Updated the internal documentation.
+ * Fixed a memory leak (CVE-2019-6129) in contrib/tools/pngcp.
 * Disabled the ARM Neon optimizations by default in the CMake file,
   following the default behavior of the configure script.
 * Allowed configure.ac to work with the trunk version of autoconf.
 * Removed the support for "install" targets from the legacy makefiles;
   removed the obsolete makefile.cegcc.
 * Cleaned up the code and updated the internal documentation.
 Send comments/corrections/commendations to png-mng-implement at lists.sf.net.
--- a/dll/3rdparty/libpng/docs/CHANGES
+++ b/dll/3rdparty/libpng/docs/CHANGES
@ -6109,6 +6109,18 @@ Version 1.6.38 [September 14, 2022]
  Implemented many stability improvements across all platforms.
  Updated the internal documentation.
 Version 1.6.39 [November 20, 2022]
  Changed the error handler of oversized chunks (i.e. larger than
    PNG_USER_CHUNK_MALLOC_MAX) from png_chunk_error to png_benign_error.
  Fixed a buffer overflow error in contrib/tools/pngfix.
  Fixed a memory leak (CVE-2019-6129) in contrib/tools/pngcp.
  Disabled the ARM Neon optimizations by default in the CMake file,
    following the default behavior of the configure script.
  Allowed configure.ac to work with the trunk version of autoconf.
  Removed the support for "install" targets from the legacy makefiles;
    removed the obsolete makefile.cegcc.
  Cleaned up the code and updated the internal documentation.
 Send comments/corrections/commendations to png-mng-implement at lists.sf.net.
 Subscription is required; visit
 https://lists.sourceforge.net/lists/listinfo/png-mng-implement
--- a/dll/3rdparty/libpng/docs/INSTALL
+++ b/dll/3rdparty/libpng/docs/INSTALL
@ -192,11 +192,11 @@ test.  For more confidence, you can run another test by typing
 Also, you can run "pngtest -m contrib/pngsuite/*.png" and compare
 your output with the result shown in contrib/pngsuite/README.
-Most of the makefiles will allow you to run "make install" to
+Most of the makefiles used to allow you to run "make install" to put
-put the library in its final resting place (if you want to
+the library in its final resting place, but that feature is no longer
-do that, run "make install" in the zlib directory first if necessary).
+supported.  The only tested and supported manners to install libpng are
-Some also allow you to run "make test-installed" after you have
+the conventional build and install procedures driven by the configure
-run "make install".
+script or by the CMake file.
 VIII. Configuring for DOS and other 16-bit platforms
--- a/dll/3rdparty/libpng/docs/README
+++ b/dll/3rdparty/libpng/docs/README
@ -1,4 +1,4 @@
-README for libpng version 1.6.38
+README for libpng version 1.6.39
 ================================
 See the note about version numbers near the top of png.h.
@ -109,16 +109,16 @@ Files in this distribution:
    ANNOUNCE      =>  Announcement of this version, with recent changes
    AUTHORS       =>  List of contributing authors
    CHANGES       =>  Description of changes between libpng versions
-      KNOWNBUG      =>  List of known bugs and deficiencies
+    INSTALL       =>  Instructions to install libpng
    LICENSE       =>  License to use and redistribute libpng
    README        =>  This file
    TODO          =>  Things not implemented in the current library
    TRADEMARK     =>  Trademark information
    example.c     =>  Example code for using libpng functions
-      libpng.3      =>  manual page for libpng (includes libpng-manual.txt)
+    libpng.3      =>  Manual page for libpng (includes libpng-manual.txt)
    libpng-manual.txt  =>  Description of libpng and its functions
-      libpngpf.3    =>  manual page for libpng's private functions
+    libpngpf.3    =>  Manual page for libpng's private functions (deprecated)
-      png.5         =>  manual page for the PNG format
+    png.5         =>  Manual page for the PNG format
    png.c         =>  Basic interface functions common to library
    png.h         =>  Library function and interface declarations (public)
    pngpriv.h     =>  Library function and interface declarations (private)
@ -144,35 +144,36 @@ Files in this distribution:
    pngwrite.c    =>  High-level write functions
    pngwtran.c    =>  Write data transformations
    pngwutil.c    =>  Write utility functions
-      arm           =>  Contains optimized code for the ARM platform
+    arm/          =>  Optimized code for the ARM platform
-      powerpc       =>  Contains optimized code for the PowerPC platform
+    intel/        =>  Optimized code for the INTEL-SSE2 platform
-      contrib       =>  Contributions
+    mips/         =>  Optimized code for the MIPS platform
-       arm-neon         =>  Optimized code for ARM-NEON platform
+    powerpc/      =>  Optimized code for the PowerPC platform
-       powerpc-vsx      =>  Optimized code for POWERPC-VSX platform
+    ci/           =>  Scripts for continuous integration
-       examples         =>  Example programs
+    contrib/      =>  External contributions
-       gregbook         =>  source code for PNG reading and writing, from
+        arm-neon/     =>  Optimized code for the ARM-NEON platform
-                            Greg Roelofs' "PNG: The Definitive Guide",
+        mips-msa/     =>  Optimized code for the MIPS-MSA platform
        powerpc-vsx/  =>  Optimized code for the POWERPC-VSX platform
        examples/     =>  Example programs
        gregbook/     =>  Source code for PNG reading and writing, from
                          "PNG: The Definitive Guide" by Greg Roelofs,
                          O'Reilly, 1999
-       libtests         =>  Test programs
+        libtests/     =>  Test programs
-       mips-msa         =>  Optimized code for MIPS-MSA platform
+        oss-fuzz/     =>  Files used by the OSS-Fuzz project for fuzz-testing
-       pngminim         =>  Minimal decoder, encoder, and progressive decoder
+                          libpng
-                            programs demonstrating use of pngusr.dfa
+        pngminim/     =>  Minimal decoder, encoder, and progressive decoder
-       pngminus         =>  Simple pnm2png and png2pnm programs
+                          programs demonstrating the use of pngusr.dfa
-       pngsuite         =>  Test images
+        pngminus/     =>  Simple pnm2png and png2pnm programs
-       testpngs
+        pngsuite/     =>  Test images
-       tools            =>  Various tools
+        testpngs/     =>  Test images
-       visupng          =>  Contains a MSVC workspace for VisualPng
+        tools/        =>  Various tools
-      intel             =>  Optimized code for INTEL-SSE2 platform
+        visupng/      =>  VisualPng, a Windows viewer for PNG images
-      mips              =>  Optimized code for MIPS platform
+    projects/     =>  Project files and workspaces for various IDEs
-      projects      =>  Contains project files and workspaces for
+        owatcom/      =>  OpenWatcom project
-                        building a DLL
+        visualc71/    =>  Microsoft Visual C++ 7.1 workspace
-       owatcom          =>  Contains a WATCOM project for building libpng
+        vstudio/      =>  Microsoft Visual Studio workspace
-       visualc71        =>  Contains a Microsoft Visual C++ (MSVC)
+    scripts/      =>  Scripts and makefiles for building libpng
-                            workspace for building libpng and zlib
+                      (see scripts/README.txt for the complete list)
-       vstudio          =>  Contains a Microsoft Visual C++ (MSVC)
+    tests/        =>  Test scripts
                            workspace for building libpng and zlib
      scripts       =>  Directory containing scripts for building libpng:
                            (see scripts/README.txt for the list of scripts)
 Good luck, and happy coding!
--- a/dll/3rdparty/libpng/docs/libpng-manual.txt
+++ b/dll/3rdparty/libpng/docs/libpng-manual.txt
@ -9,7 +9,7 @@ libpng-manual.txt - A description on how to use and modify libpng
 Based on:
- libpng version 1.6.36, December 2018, through 1.6.38 - September 2022
+ libpng version 1.6.36, December 2018, through 1.6.39 - November 2022
 Updated and distributed by Cosmin Truta
 Copyright (c) 2018-2022 Cosmin Truta
--- a/dll/3rdparty/libpng/png.c
+++ b/dll/3rdparty/libpng/png.c
@ -14,7 +14,7 @@
 #include "pngpriv.h"
 /* Generate a compiler error if there is an old png.h in the search path. */
-typedef png_libpng_version_1_6_38 Your_png_h_is_not_version_1_6_38;
+typedef png_libpng_version_1_6_39 Your_png_h_is_not_version_1_6_39;
 #ifdef __GNUC__
 /* The version tests may need to be added to, but the problem warning has
@ -815,7 +815,7 @@ png_get_copyright(png_const_structrp png_ptr)
   return PNG_STRING_COPYRIGHT
 #else
   return PNG_STRING_NEWLINE \
-      "libpng version 1.6.38" PNG_STRING_NEWLINE \
+      "libpng version 1.6.39" PNG_STRING_NEWLINE \
      "Copyright (c) 2018-2022 Cosmin Truta" PNG_STRING_NEWLINE \
      "Copyright (c) 1998-2002,2004,2006-2018 Glenn Randers-Pehrson" \
      PNG_STRING_NEWLINE \
@ -2710,7 +2710,7 @@ png_check_IHDR(png_const_structrp png_ptr,
 int /* PRIVATE */
 png_check_fp_number(png_const_charp string, size_t size, int *statep,
-    png_size_tp whereami)
+    size_t *whereami)
 {
   int state = *statep;
   size_t i = *whereami;
--- a/dll/3rdparty/libpng/pngpriv.h
+++ b/dll/3rdparty/libpng/pngpriv.h
@ -1946,7 +1946,7 @@ PNG_INTERNAL_FUNCTION(void,png_ascii_from_fixed,(png_const_structrp png_ptr,
 * the problem character.)  This has not been tested within libpng.
 */
 PNG_INTERNAL_FUNCTION(int,png_check_fp_number,(png_const_charp string,
-   size_t size, int *statep, png_size_tp whereami),PNG_EMPTY);
+   size_t size, int *statep, size_t *whereami),PNG_EMPTY);
 /* This is the same but it checks a complete string and returns true
 * only if it just contains a floating point number.  As of 1.5.4 this
--- a/dll/3rdparty/libpng/pngrutil.c
+++ b/dll/3rdparty/libpng/pngrutil.c
@ -3186,7 +3186,7 @@ png_check_chunk_length(png_const_structrp png_ptr, png_uint_32 length)
   {
      png_debug2(0," length = %lu, limit = %lu",
         (unsigned long)length,(unsigned long)limit);
-      png_chunk_error(png_ptr, "chunk data is too large");
+      png_benign_error(png_ptr, "chunk data is too large");
   }
 }
--- a/dll/3rdparty/libpng/pngwrite.c
+++ b/dll/3rdparty/libpng/pngwrite.c
@ -75,10 +75,10 @@ write_unknown_chunks(png_structrp png_ptr, png_const_inforp info_ptr,
 * library.  If you have a new chunk to add, make a function to write it,
 * and put it in the correct location here.  If you want the chunk written
 * after the image data, put it in png_write_end().  I strongly encourage
- * you to supply a PNG_INFO_ flag, and check info_ptr->valid before writing
+ * you to supply a PNG_INFO_<chunk> flag, and check info_ptr->valid before
- * the chunk, as that will keep the code from breaking if you want to just
+ * writing the chunk, as that will keep the code from breaking if you want
- * write a plain PNG file.  If you have long comments, I suggest writing
+ * to just write a plain PNG file.  If you have long comments, I suggest
- * them in png_write_end(), and compressing them.
+ * writing them in png_write_end(), and compressing them.
 */
 void PNGAPI
 png_write_info_before_PLTE(png_structrp png_ptr, png_const_inforp info_ptr)
--- a/dll/3rdparty/libpng/pngwutil.c
+++ b/dll/3rdparty/libpng/pngwutil.c
@ -1,7 +1,7 @@
 /* pngwutil.c - utilities to write a PNG file
 *
- * Copyright (c) 2018 Cosmin Truta
+ * Copyright (c) 2018-2022 Cosmin Truta
 * Copyright (c) 1998-2002,2004,2006-2018 Glenn Randers-Pehrson
 * Copyright (c) 1996-1997 Andreas Dilger
 * Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc.
@ -1747,7 +1747,7 @@ png_write_pCAL(png_structrp png_ptr, png_charp purpose, png_int_32 X0,
 {
   png_uint_32 purpose_len;
   size_t units_len, total_len;
-   png_size_tp params_len;
+   size_t *params_len;
   png_byte buf[10];
   png_byte new_purpose[80];
   int i;
@ -1769,7 +1769,7 @@ png_write_pCAL(png_structrp png_ptr, png_charp purpose, png_int_32 X0,
   png_debug1(3, "pCAL units length = %d", (int)units_len);
   total_len = purpose_len + units_len + 10;
-   params_len = (png_size_tp)png_malloc(png_ptr,
+   params_len = (size_t *)png_malloc(png_ptr,
       (png_alloc_size_t)((png_alloc_size_t)nparams * (sizeof (size_t))));
   /* Find the length of each parameter, making sure we don't count the
--- a/media/doc/3rd
+++ b/media/doc/3rd
@ -33,7 +33,7 @@ URL: http://www.ijg.org/
 Title: libpng
 Path: dll/3rdparty/libpng
-Used Version: 1.6.38
+Used Version: 1.6.39
 License: PNG Reference Library version 2
 URL: http://libpng.sourceforge.net/
--- a/sdk/include/reactos/libs/libpng/png.h
+++ b/sdk/include/reactos/libs/libpng/png.h
@ -1,7 +1,7 @@
 /* png.h - header file for PNG reference library
 *
- * libpng version 1.6.38 - September 14, 2022
+ * libpng version 1.6.39 - November 20, 2022
 *
 * Copyright (c) 2018-2022 Cosmin Truta
 * Copyright (c) 1998-2002,2004,2006-2018 Glenn Randers-Pehrson
@ -15,7 +15,7 @@
 *   libpng versions 0.89, June 1996, through 0.96, May 1997: Andreas Dilger
 *   libpng versions 0.97, January 1998, through 1.6.35, July 2018:
 *     Glenn Randers-Pehrson
- *   libpng versions 1.6.36, December 2018, through 1.6.38, September 2022:
+ *   libpng versions 1.6.36, December 2018, through 1.6.39, November 2022:
 *     Cosmin Truta
 *   See also "Contributing Authors", below.
 */
@ -239,7 +239,7 @@
 *    ...
 *    1.5.30                  15    10530  15.so.15.30[.0]
 *    ...
- *    1.6.38                  16    10638  16.so.16.38[.0]
+ *    1.6.39                  16    10639  16.so.16.39[.0]
 *
 *    Henceforth the source version will match the shared-library major and
 *    minor numbers; the shared-library major version number will be used for
@ -278,8 +278,8 @@
 */
 /* Version information for png.h - this should match the version in png.c */
-#define PNG_LIBPNG_VER_STRING "1.6.38"
+#define PNG_LIBPNG_VER_STRING "1.6.39"
-#define PNG_HEADER_VERSION_STRING " libpng version 1.6.38 - September 14, 2022\n"
+#define PNG_HEADER_VERSION_STRING " libpng version 1.6.39 - November 20, 2022\n"
 #define PNG_LIBPNG_VER_SONUM   16
 #define PNG_LIBPNG_VER_DLLNUM  16
@ -287,7 +287,7 @@
 /* These should match the first 3 components of PNG_LIBPNG_VER_STRING: */
 #define PNG_LIBPNG_VER_MAJOR   1
 #define PNG_LIBPNG_VER_MINOR   6
-#define PNG_LIBPNG_VER_RELEASE 38
+#define PNG_LIBPNG_VER_RELEASE 39
 /* This should be zero for a public release, or non-zero for a
 * development version.  [Deprecated]
@ -318,7 +318,7 @@
 * From version 1.0.1 it is:
 * XXYYZZ, where XX=major, YY=minor, ZZ=release
 */
-#define PNG_LIBPNG_VER 10638 /* 1.6.38 */
+#define PNG_LIBPNG_VER 10639 /* 1.6.39 */
 /* Library configuration: these options cannot be changed after
 * the library has been built.
@ -428,7 +428,7 @@ extern "C" {
 /* This triggers a compiler error in png.c, if png.c and png.h
 * do not agree upon the version number.
 */
-typedef char* png_libpng_version_1_6_38;
+typedef char* png_libpng_version_1_6_39;
 /* Basic control structions.  Read libpng-manual.txt or libpng.3 for more info.
 *
--- a/sdk/include/reactos/libs/libpng/pngconf.h
+++ b/sdk/include/reactos/libs/libpng/pngconf.h
@ -1,7 +1,7 @@
 /* pngconf.h - machine-configurable file for libpng
 *
- * libpng version 1.6.38
+ * libpng version 1.6.39
 *
 * Copyright (c) 2018-2022 Cosmin Truta
 * Copyright (c) 1998-2002,2004,2006-2016,2018 Glenn Randers-Pehrson
--- a/sdk/include/reactos/libs/libpng/pnglibconf.h
+++ b/sdk/include/reactos/libs/libpng/pnglibconf.h
@ -1,6 +1,6 @@
 /* pnglibconf.h - library build configuration */
-/* libpng version 1.6.38 */
+/* libpng version 1.6.39 */
 /* Copyright (c) 2018-2022 Cosmin Truta */
 /* Copyright (c) 1998-2002,2004,2006-2018 Glenn Randers-Pehrson */