Bug Summary

File:jdk/src/java.desktop/share/native/libsplashscreen/libpng/pngset.c
Warning:line 952, column 10
Null pointer passed to 2nd parameter expecting 'nonnull'

Annotated Source Code

Press '?' to see keyboard shortcuts

clang -cc1 -triple x86_64-pc-linux-gnu -analyze -disable-free -disable-llvm-verifier -discard-value-names -main-file-name pngset.c -analyzer-store=region -analyzer-opt-analyze-nested-blocks -analyzer-checker=core -analyzer-checker=apiModeling -analyzer-checker=unix -analyzer-checker=deadcode -analyzer-checker=security.insecureAPI.UncheckedReturn -analyzer-checker=security.insecureAPI.getpw -analyzer-checker=security.insecureAPI.gets -analyzer-checker=security.insecureAPI.mktemp -analyzer-checker=security.insecureAPI.mkstemp -analyzer-checker=security.insecureAPI.vfork -analyzer-checker=nullability.NullPassedToNonnull -analyzer-checker=nullability.NullReturnedFromNonnull -analyzer-output plist -w -setup-static-analyzer -mrelocation-model pic -pic-level 2 -mthread-model posix -fno-delete-null-pointer-checks -mframe-pointer=all -relaxed-aliasing -fmath-errno -fno-rounding-math -masm-verbose -mconstructor-aliases -munwind-tables -target-cpu x86-64 -dwarf-column-info -fno-split-dwarf-inlining -debugger-tuning=gdb -resource-dir /usr/lib/llvm-10/lib/clang/10.0.0 -I /home/daniel/Projects/java/jdk/build/linux-x86_64-server-fastdebug/support/modules_include/java.base -I /home/daniel/Projects/java/jdk/build/linux-x86_64-server-fastdebug/support/modules_include/java.base/linux -I /home/daniel/Projects/java/jdk/src/java.base/share/native/libjava -I /home/daniel/Projects/java/jdk/src/java.base/unix/native/libjava -I /home/daniel/Projects/java/jdk/src/hotspot/share/include -I /home/daniel/Projects/java/jdk/src/hotspot/os/posix/include -D LIBC=gnu -D _GNU_SOURCE -D _REENTRANT -D _LARGEFILE64_SOURCE -D LINUX -D DEBUG -D _LITTLE_ENDIAN -D ARCH="amd64" -D amd64 -D _LP64=1 -D SPLASHSCREEN -D PNG_NO_MMX_CODE -D PNG_ARM_NEON_OPT=0 -D PNG_ARM_NEON_IMPLEMENTATION=0 -D WITH_X11 -I /home/daniel/Projects/java/jdk/src/java.desktop/unix/native/libsplashscreen -I /home/daniel/Projects/java/jdk/src/java.desktop/share/native/libsplashscreen -I /home/daniel/Projects/java/jdk/src/java.desktop/unix/native/common/awt/systemscale -I /home/daniel/Projects/java/jdk/src/java.desktop/share/native/libjavajpeg -I /home/daniel/Projects/java/jdk/build/linux-x86_64-server-fastdebug/support/headers/java.desktop -I /home/daniel/Projects/java/jdk/src/java.desktop/share/native/libsplashscreen/giflib -I /home/daniel/Projects/java/jdk/src/java.desktop/share/native/libsplashscreen/libpng -I /home/daniel/Projects/java/jdk/src/java.base/unix/native/include -I /home/daniel/Projects/java/jdk/src/java.base/share/native/include -I /home/daniel/Projects/java/jdk/src/java.base/linux/native/libjava -I /home/daniel/Projects/java/jdk/src/java.base/unix/native/libjava -I /home/daniel/Projects/java/jdk/src/java.base/share/native/libjava -D _FORTIFY_SOURCE=2 -internal-isystem /usr/local/include -internal-isystem /usr/lib/llvm-10/lib/clang/10.0.0/include -internal-externc-isystem /usr/include/x86_64-linux-gnu -internal-externc-isystem /include -internal-externc-isystem /usr/include -O2 -Wno-unused-parameter -Wno-unused -Wno-sign-compare -Wno-type-limits -Wno-unused-result -Wno-maybe-uninitialized -Wno-shift-negative-value -Wno-implicit-fallthrough -Wno-unused-function -std=c99 -fdebug-compilation-dir /home/daniel/Projects/java/jdk/make -ferror-limit 19 -fmessage-length 0 -fvisibility hidden -stack-protector 1 -fgnuc-version=4.2.1 -fobjc-runtime=gcc -fdiagnostics-show-option -vectorize-loops -vectorize-slp -analyzer-output=html -faddrsig -o /home/daniel/Projects/java/scan/2021-12-21-193737-8510-1 -x c /home/daniel/Projects/java/jdk/src/java.desktop/share/native/libsplashscreen/libpng/pngset.c
1/*
2 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
3 *
4 * This code is free software; you can redistribute it and/or modify it
5 * under the terms of the GNU General Public License version 2 only, as
6 * published by the Free Software Foundation. Oracle designates this
7 * particular file as subject to the "Classpath" exception as provided
8 * by Oracle in the LICENSE file that accompanied this code.
9 *
10 * This code is distributed in the hope that it will be useful, but WITHOUT
11 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
12 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * version 2 for more details (a copy is included in the LICENSE file that
14 * accompanied this code).
15 *
16 * You should have received a copy of the GNU General Public License version
17 * 2 along with this work; if not, write to the Free Software Foundation,
18 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
19 *
20 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
21 * or visit www.oracle.com if you need additional information or have any
22 * questions.
23 */
24
25/* pngset.c - storage of image information into info struct
26 *
27 * This file is available under and governed by the GNU General Public
28 * License version 2 only, as published by the Free Software Foundation.
29 * However, the following notice accompanied the original version of this
30 * file and, per its terms, should not be removed:
31 *
32 * Copyright (c) 2018 Cosmin Truta
33 * Copyright (c) 1998-2018 Glenn Randers-Pehrson
34 * Copyright (c) 1996-1997 Andreas Dilger
35 * Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc.
36 *
37 * This code is released under the libpng license.
38 * For conditions of distribution and use, see the disclaimer
39 * and license in png.h
40 *
41 * The functions here are used during reads to store data from the file
42 * into the info struct, and during writes to store application data
43 * into the info struct for writing into the file. This abstracts the
44 * info struct and allows us to change the structure in the future.
45 */
46
47#include "pngpriv.h"
48
49#if defined(PNG_READ_SUPPORTED) || defined(PNG_WRITE_SUPPORTED)
50
51#ifdef PNG_bKGD_SUPPORTED
52void PNGAPI
53png_set_bKGD(png_const_structrp png_ptr, png_inforp info_ptr,
54 png_const_color_16p background)
55{
56 png_debug1(1, "in %s storage function", "bKGD")((void)0);
57
58 if (png_ptr == NULL((void*)0) || info_ptr == NULL((void*)0) || background == NULL((void*)0))
59 return;
60
61 info_ptr->background = *background;
62 info_ptr->valid |= PNG_INFO_bKGD0x0020U;
63}
64#endif
65
66#ifdef PNG_cHRM_SUPPORTED
67void PNGFAPI
68png_set_cHRM_fixed(png_const_structrp png_ptr, png_inforp info_ptr,
69 png_fixed_point white_x, png_fixed_point white_y, png_fixed_point red_x,
70 png_fixed_point red_y, png_fixed_point green_x, png_fixed_point green_y,
71 png_fixed_point blue_x, png_fixed_point blue_y)
72{
73 png_xy xy;
74
75 png_debug1(1, "in %s storage function", "cHRM fixed")((void)0);
76
77 if (png_ptr == NULL((void*)0) || info_ptr == NULL((void*)0))
78 return;
79
80 xy.redx = red_x;
81 xy.redy = red_y;
82 xy.greenx = green_x;
83 xy.greeny = green_y;
84 xy.bluex = blue_x;
85 xy.bluey = blue_y;
86 xy.whitex = white_x;
87 xy.whitey = white_y;
88
89 if (png_colorspace_set_chromaticities(png_ptr, &info_ptr->colorspace, &xy,
90 2/* override with app values*/) != 0)
91 info_ptr->colorspace.flags |= PNG_COLORSPACE_FROM_cHRM0x0010;
92
93 png_colorspace_sync_info(png_ptr, info_ptr);
94}
95
96void PNGFAPI
97png_set_cHRM_XYZ_fixed(png_const_structrp png_ptr, png_inforp info_ptr,
98 png_fixed_point int_red_X, png_fixed_point int_red_Y,
99 png_fixed_point int_red_Z, png_fixed_point int_green_X,
100 png_fixed_point int_green_Y, png_fixed_point int_green_Z,
101 png_fixed_point int_blue_X, png_fixed_point int_blue_Y,
102 png_fixed_point int_blue_Z)
103{
104 png_XYZ XYZ;
105
106 png_debug1(1, "in %s storage function", "cHRM XYZ fixed")((void)0);
107
108 if (png_ptr == NULL((void*)0) || info_ptr == NULL((void*)0))
109 return;
110
111 XYZ.red_X = int_red_X;
112 XYZ.red_Y = int_red_Y;
113 XYZ.red_Z = int_red_Z;
114 XYZ.green_X = int_green_X;
115 XYZ.green_Y = int_green_Y;
116 XYZ.green_Z = int_green_Z;
117 XYZ.blue_X = int_blue_X;
118 XYZ.blue_Y = int_blue_Y;
119 XYZ.blue_Z = int_blue_Z;
120
121 if (png_colorspace_set_endpoints(png_ptr, &info_ptr->colorspace,
122 &XYZ, 2) != 0)
123 info_ptr->colorspace.flags |= PNG_COLORSPACE_FROM_cHRM0x0010;
124
125 png_colorspace_sync_info(png_ptr, info_ptr);
126}
127
128# ifdef PNG_FLOATING_POINT_SUPPORTED
129void PNGAPI
130png_set_cHRM(png_const_structrp png_ptr, png_inforp info_ptr,
131 double white_x, double white_y, double red_x, double red_y,
132 double green_x, double green_y, double blue_x, double blue_y)
133{
134 png_set_cHRM_fixed(png_ptr, info_ptr,
135 png_fixed(png_ptr, white_x, "cHRM White X"),
136 png_fixed(png_ptr, white_y, "cHRM White Y"),
137 png_fixed(png_ptr, red_x, "cHRM Red X"),
138 png_fixed(png_ptr, red_y, "cHRM Red Y"),
139 png_fixed(png_ptr, green_x, "cHRM Green X"),
140 png_fixed(png_ptr, green_y, "cHRM Green Y"),
141 png_fixed(png_ptr, blue_x, "cHRM Blue X"),
142 png_fixed(png_ptr, blue_y, "cHRM Blue Y"));
143}
144
145void PNGAPI
146png_set_cHRM_XYZ(png_const_structrp png_ptr, png_inforp info_ptr, double red_X,
147 double red_Y, double red_Z, double green_X, double green_Y, double green_Z,
148 double blue_X, double blue_Y, double blue_Z)
149{
150 png_set_cHRM_XYZ_fixed(png_ptr, info_ptr,
151 png_fixed(png_ptr, red_X, "cHRM Red X"),
152 png_fixed(png_ptr, red_Y, "cHRM Red Y"),
153 png_fixed(png_ptr, red_Z, "cHRM Red Z"),
154 png_fixed(png_ptr, green_X, "cHRM Green X"),
155 png_fixed(png_ptr, green_Y, "cHRM Green Y"),
156 png_fixed(png_ptr, green_Z, "cHRM Green Z"),
157 png_fixed(png_ptr, blue_X, "cHRM Blue X"),
158 png_fixed(png_ptr, blue_Y, "cHRM Blue Y"),
159 png_fixed(png_ptr, blue_Z, "cHRM Blue Z"));
160}
161# endif /* FLOATING_POINT */
162
163#endif /* cHRM */
164
165#ifdef PNG_eXIf_SUPPORTED
166void PNGAPI
167png_set_eXIf(png_const_structrp png_ptr, png_inforp info_ptr,
168 png_bytep eXIf_buf)
169{
170 png_warning(png_ptr, "png_set_eXIf does not work; use png_set_eXIf_1");
171 PNG_UNUSED(info_ptr)(void)info_ptr;
172 PNG_UNUSED(eXIf_buf)(void)eXIf_buf;
173}
174
175void PNGAPI
176png_set_eXIf_1(png_const_structrp png_ptr, png_inforp info_ptr,
177 png_uint_32 num_exif, png_bytep eXIf_buf)
178{
179 int i;
180
181 png_debug1(1, "in %s storage function", "eXIf")((void)0);
182
183 if (png_ptr == NULL((void*)0) || info_ptr == NULL((void*)0))
184 return;
185
186 if (info_ptr->exif)
187 {
188 png_free(png_ptr, info_ptr->exif);
189 info_ptr->exif = NULL((void*)0);
190 }
191
192 info_ptr->num_exif = num_exif;
193
194 info_ptr->exif = png_voidcast(png_bytep, png_malloc_warn(png_ptr,(png_malloc_warn(png_ptr, info_ptr->num_exif))
195 info_ptr->num_exif))(png_malloc_warn(png_ptr, info_ptr->num_exif));
196
197 if (info_ptr->exif == NULL((void*)0))
198 {
199 png_warning(png_ptr, "Insufficient memory for eXIf chunk data");
200 return;
201 }
202
203 info_ptr->free_me |= PNG_FREE_EXIF0x8000U;
204
205 for (i = 0; i < (int) info_ptr->num_exif; i++)
206 info_ptr->exif[i] = eXIf_buf[i];
207
208 info_ptr->valid |= PNG_INFO_eXIf0x10000U;
209}
210#endif /* eXIf */
211
212#ifdef PNG_gAMA_SUPPORTED
213void PNGFAPI
214png_set_gAMA_fixed(png_const_structrp png_ptr, png_inforp info_ptr,
215 png_fixed_point file_gamma)
216{
217 png_debug1(1, "in %s storage function", "gAMA")((void)0);
218
219 if (png_ptr == NULL((void*)0) || info_ptr == NULL((void*)0))
220 return;
221
222 png_colorspace_set_gamma(png_ptr, &info_ptr->colorspace, file_gamma);
223 png_colorspace_sync_info(png_ptr, info_ptr);
224}
225
226# ifdef PNG_FLOATING_POINT_SUPPORTED
227void PNGAPI
228png_set_gAMA(png_const_structrp png_ptr, png_inforp info_ptr, double file_gamma)
229{
230 png_set_gAMA_fixed(png_ptr, info_ptr, png_fixed(png_ptr, file_gamma,
231 "png_set_gAMA"));
232}
233# endif
234#endif
235
236#ifdef PNG_hIST_SUPPORTED
237void PNGAPI
238png_set_hIST(png_const_structrp png_ptr, png_inforp info_ptr,
239 png_const_uint_16p hist)
240{
241 int i;
242
243 png_debug1(1, "in %s storage function", "hIST")((void)0);
244
245 if (png_ptr == NULL((void*)0) || info_ptr == NULL((void*)0))
246 return;
247
248 if (info_ptr->num_palette == 0 || info_ptr->num_palette
249 > PNG_MAX_PALETTE_LENGTH256)
250 {
251 png_warning(png_ptr,
252 "Invalid palette size, hIST allocation skipped");
253
254 return;
255 }
256
257 png_free_data(png_ptr, info_ptr, PNG_FREE_HIST0x0008U, 0);
258
259 /* Changed from info->num_palette to PNG_MAX_PALETTE_LENGTH in
260 * version 1.2.1
261 */
262 info_ptr->hist = png_voidcast(png_uint_16p, png_malloc_warn(png_ptr,(png_malloc_warn(png_ptr, 256 * (sizeof (png_uint_16))))
263 PNG_MAX_PALETTE_LENGTH * (sizeof (png_uint_16))))(png_malloc_warn(png_ptr, 256 * (sizeof (png_uint_16))));
264
265 if (info_ptr->hist == NULL((void*)0))
266 {
267 png_warning(png_ptr, "Insufficient memory for hIST chunk data");
268
269 return;
270 }
271
272 info_ptr->free_me |= PNG_FREE_HIST0x0008U;
273
274 for (i = 0; i < info_ptr->num_palette; i++)
275 info_ptr->hist[i] = hist[i];
276
277 info_ptr->valid |= PNG_INFO_hIST0x0040U;
278}
279#endif
280
281void PNGAPI
282png_set_IHDR(png_const_structrp png_ptr, png_inforp info_ptr,
283 png_uint_32 width, png_uint_32 height, int bit_depth,
284 int color_type, int interlace_type, int compression_type,
285 int filter_type)
286{
287 png_debug1(1, "in %s storage function", "IHDR")((void)0);
288
289 if (png_ptr == NULL((void*)0) || info_ptr == NULL((void*)0))
290 return;
291
292 info_ptr->width = width;
293 info_ptr->height = height;
294 info_ptr->bit_depth = (png_byte)bit_depth;
295 info_ptr->color_type = (png_byte)color_type;
296 info_ptr->compression_type = (png_byte)compression_type;
297 info_ptr->filter_type = (png_byte)filter_type;
298 info_ptr->interlace_type = (png_byte)interlace_type;
299
300 png_check_IHDR (png_ptr, info_ptr->width, info_ptr->height,
301 info_ptr->bit_depth, info_ptr->color_type, info_ptr->interlace_type,
302 info_ptr->compression_type, info_ptr->filter_type);
303
304 if (info_ptr->color_type == PNG_COLOR_TYPE_PALETTE(2 | 1))
305 info_ptr->channels = 1;
306
307 else if ((info_ptr->color_type & PNG_COLOR_MASK_COLOR2) != 0)
308 info_ptr->channels = 3;
309
310 else
311 info_ptr->channels = 1;
312
313 if ((info_ptr->color_type & PNG_COLOR_MASK_ALPHA4) != 0)
314 info_ptr->channels++;
315
316 info_ptr->pixel_depth = (png_byte)(info_ptr->channels * info_ptr->bit_depth);
317
318 info_ptr->rowbytes = PNG_ROWBYTES(info_ptr->pixel_depth, width)((info_ptr->pixel_depth) >= 8 ? ((size_t)(width) * (((size_t
)(info_ptr->pixel_depth)) >> 3)) : (( ((size_t)(width
) * ((size_t)(info_ptr->pixel_depth))) + 7) >> 3) )
;
319}
320
321#ifdef PNG_oFFs_SUPPORTED
322void PNGAPI
323png_set_oFFs(png_const_structrp png_ptr, png_inforp info_ptr,
324 png_int_32 offset_x, png_int_32 offset_y, int unit_type)
325{
326 png_debug1(1, "in %s storage function", "oFFs")((void)0);
327
328 if (png_ptr == NULL((void*)0) || info_ptr == NULL((void*)0))
329 return;
330
331 info_ptr->x_offset = offset_x;
332 info_ptr->y_offset = offset_y;
333 info_ptr->offset_unit_type = (png_byte)unit_type;
334 info_ptr->valid |= PNG_INFO_oFFs0x0100U;
335}
336#endif
337
338#ifdef PNG_pCAL_SUPPORTED
339void PNGAPI
340png_set_pCAL(png_const_structrp png_ptr, png_inforp info_ptr,
341 png_const_charp purpose, png_int_32 X0, png_int_32 X1, int type,
342 int nparams, png_const_charp units, png_charpp params)
343{
344 size_t length;
345 int i;
346
347 png_debug1(1, "in %s storage function", "pCAL")((void)0);
348
349 if (png_ptr == NULL((void*)0) || info_ptr == NULL((void*)0) || purpose == NULL((void*)0) || units == NULL((void*)0)
350 || (nparams > 0 && params == NULL((void*)0)))
351 return;
352
353 length = strlen(purpose) + 1;
354 png_debug1(3, "allocating purpose for info (%lu bytes)",((void)0)
355 (unsigned long)length)((void)0);
356
357 /* TODO: validate format of calibration name and unit name */
358
359 /* Check that the type matches the specification. */
360 if (type < 0 || type > 3)
361 {
362 png_chunk_report(png_ptr, "Invalid pCAL equation type",
363 PNG_CHUNK_WRITE_ERROR1);
364 return;
365 }
366
367 if (nparams < 0 || nparams > 255)
368 {
369 png_chunk_report(png_ptr, "Invalid pCAL parameter count",
370 PNG_CHUNK_WRITE_ERROR1);
371 return;
372 }
373
374 /* Validate params[nparams] */
375 for (i=0; i<nparams; ++i)
376 {
377 if (params[i] == NULL((void*)0) ||
378 !png_check_fp_string(params[i], strlen(params[i])))
379 {
380 png_chunk_report(png_ptr, "Invalid format for pCAL parameter",
381 PNG_CHUNK_WRITE_ERROR1);
382 return;
383 }
384 }
385
386 info_ptr->pcal_purpose = png_voidcast(png_charp,(png_malloc_warn(png_ptr, length))
387 png_malloc_warn(png_ptr, length))(png_malloc_warn(png_ptr, length));
388
389 if (info_ptr->pcal_purpose == NULL((void*)0))
390 {
391 png_chunk_report(png_ptr, "Insufficient memory for pCAL purpose",
392 PNG_CHUNK_WRITE_ERROR1);
393 return;
394 }
395
396 memcpy(info_ptr->pcal_purpose, purpose, length);
397
398 png_debug(3, "storing X0, X1, type, and nparams in info")((void)0);
399 info_ptr->pcal_X0 = X0;
400 info_ptr->pcal_X1 = X1;
401 info_ptr->pcal_type = (png_byte)type;
402 info_ptr->pcal_nparams = (png_byte)nparams;
403
404 length = strlen(units) + 1;
405 png_debug1(3, "allocating units for info (%lu bytes)",((void)0)
406 (unsigned long)length)((void)0);
407
408 info_ptr->pcal_units = png_voidcast(png_charp,(png_malloc_warn(png_ptr, length))
409 png_malloc_warn(png_ptr, length))(png_malloc_warn(png_ptr, length));
410
411 if (info_ptr->pcal_units == NULL((void*)0))
412 {
413 png_warning(png_ptr, "Insufficient memory for pCAL units");
414
415 return;
416 }
417
418 memcpy(info_ptr->pcal_units, units, length);
419
420 info_ptr->pcal_params = png_voidcast(png_charpp, png_malloc_warn(png_ptr,(png_malloc_warn(png_ptr, (size_t)(((unsigned int)nparams + 1
) * (sizeof (png_charp)))))
421 (size_t)(((unsigned int)nparams + 1) * (sizeof (png_charp)))))(png_malloc_warn(png_ptr, (size_t)(((unsigned int)nparams + 1
) * (sizeof (png_charp)))))
;
422
423 if (info_ptr->pcal_params == NULL((void*)0))
424 {
425 png_warning(png_ptr, "Insufficient memory for pCAL params");
426
427 return;
428 }
429
430 memset(info_ptr->pcal_params, 0, ((unsigned int)nparams + 1) *
431 (sizeof (png_charp)));
432
433 for (i = 0; i < nparams; i++)
434 {
435 length = strlen(params[i]) + 1;
436 png_debug2(3, "allocating parameter %d for info (%lu bytes)", i,((void)0)
437 (unsigned long)length)((void)0);
438
439 info_ptr->pcal_params[i] = (png_charp)png_malloc_warn(png_ptr, length);
440
441 if (info_ptr->pcal_params[i] == NULL((void*)0))
442 {
443 png_warning(png_ptr, "Insufficient memory for pCAL parameter");
444
445 return;
446 }
447
448 memcpy(info_ptr->pcal_params[i], params[i], length);
449 }
450
451 info_ptr->valid |= PNG_INFO_pCAL0x0400U;
452 info_ptr->free_me |= PNG_FREE_PCAL0x0080U;
453}
454#endif
455
456#ifdef PNG_sCAL_SUPPORTED
457void PNGAPI
458png_set_sCAL_s(png_const_structrp png_ptr, png_inforp info_ptr,
459 int unit, png_const_charp swidth, png_const_charp sheight)
460{
461 size_t lengthw = 0, lengthh = 0;
462
463 png_debug1(1, "in %s storage function", "sCAL")((void)0);
464
465 if (png_ptr == NULL((void*)0) || info_ptr == NULL((void*)0))
466 return;
467
468 /* Double check the unit (should never get here with an invalid
469 * unit unless this is an API call.)
470 */
471 if (unit != 1 && unit != 2)
472 png_error(png_ptr, "Invalid sCAL unit");
473
474 if (swidth == NULL((void*)0) || (lengthw = strlen(swidth)) == 0 ||
475 swidth[0] == 45 /* '-' */ || !png_check_fp_string(swidth, lengthw))
476 png_error(png_ptr, "Invalid sCAL width");
477
478 if (sheight == NULL((void*)0) || (lengthh = strlen(sheight)) == 0 ||
479 sheight[0] == 45 /* '-' */ || !png_check_fp_string(sheight, lengthh))
480 png_error(png_ptr, "Invalid sCAL height");
481
482 info_ptr->scal_unit = (png_byte)unit;
483
484 ++lengthw;
485
486 png_debug1(3, "allocating unit for info (%u bytes)", (unsigned int)lengthw)((void)0);
487
488 info_ptr->scal_s_width = png_voidcast(png_charp,(png_malloc_warn(png_ptr, lengthw))
489 png_malloc_warn(png_ptr, lengthw))(png_malloc_warn(png_ptr, lengthw));
490
491 if (info_ptr->scal_s_width == NULL((void*)0))
492 {
493 png_warning(png_ptr, "Memory allocation failed while processing sCAL");
494
495 return;
496 }
497
498 memcpy(info_ptr->scal_s_width, swidth, lengthw);
499
500 ++lengthh;
501
502 png_debug1(3, "allocating unit for info (%u bytes)", (unsigned int)lengthh)((void)0);
503
504 info_ptr->scal_s_height = png_voidcast(png_charp,(png_malloc_warn(png_ptr, lengthh))
505 png_malloc_warn(png_ptr, lengthh))(png_malloc_warn(png_ptr, lengthh));
506
507 if (info_ptr->scal_s_height == NULL((void*)0))
508 {
509 png_free (png_ptr, info_ptr->scal_s_width);
510 info_ptr->scal_s_width = NULL((void*)0);
511
512 png_warning(png_ptr, "Memory allocation failed while processing sCAL");
513
514 return;
515 }
516
517 memcpy(info_ptr->scal_s_height, sheight, lengthh);
518
519 info_ptr->valid |= PNG_INFO_sCAL0x4000U;
520 info_ptr->free_me |= PNG_FREE_SCAL0x0100U;
521}
522
523# ifdef PNG_FLOATING_POINT_SUPPORTED
524void PNGAPI
525png_set_sCAL(png_const_structrp png_ptr, png_inforp info_ptr, int unit,
526 double width, double height)
527{
528 png_debug1(1, "in %s storage function", "sCAL")((void)0);
529
530 /* Check the arguments. */
531 if (width <= 0)
532 png_warning(png_ptr, "Invalid sCAL width ignored");
533
534 else if (height <= 0)
535 png_warning(png_ptr, "Invalid sCAL height ignored");
536
537 else
538 {
539 /* Convert 'width' and 'height' to ASCII. */
540 char swidth[PNG_sCAL_MAX_DIGITS(5 +1 +1 +10 )+1];
541 char sheight[PNG_sCAL_MAX_DIGITS(5 +1 +1 +10 )+1];
542
543 png_ascii_from_fp(png_ptr, swidth, (sizeof swidth), width,
544 PNG_sCAL_PRECISION5);
545 png_ascii_from_fp(png_ptr, sheight, (sizeof sheight), height,
546 PNG_sCAL_PRECISION5);
547
548 png_set_sCAL_s(png_ptr, info_ptr, unit, swidth, sheight);
549 }
550}
551# endif
552
553# ifdef PNG_FIXED_POINT_SUPPORTED
554void PNGAPI
555png_set_sCAL_fixed(png_const_structrp png_ptr, png_inforp info_ptr, int unit,
556 png_fixed_point width, png_fixed_point height)
557{
558 png_debug1(1, "in %s storage function", "sCAL")((void)0);
559
560 /* Check the arguments. */
561 if (width <= 0)
562 png_warning(png_ptr, "Invalid sCAL width ignored");
563
564 else if (height <= 0)
565 png_warning(png_ptr, "Invalid sCAL height ignored");
566
567 else
568 {
569 /* Convert 'width' and 'height' to ASCII. */
570 char swidth[PNG_sCAL_MAX_DIGITS(5 +1 +1 +10 )+1];
571 char sheight[PNG_sCAL_MAX_DIGITS(5 +1 +1 +10 )+1];
572
573 png_ascii_from_fixed(png_ptr, swidth, (sizeof swidth), width);
574 png_ascii_from_fixed(png_ptr, sheight, (sizeof sheight), height);
575
576 png_set_sCAL_s(png_ptr, info_ptr, unit, swidth, sheight);
577 }
578}
579# endif
580#endif
581
582#ifdef PNG_pHYs_SUPPORTED
583void PNGAPI
584png_set_pHYs(png_const_structrp png_ptr, png_inforp info_ptr,
585 png_uint_32 res_x, png_uint_32 res_y, int unit_type)
586{
587 png_debug1(1, "in %s storage function", "pHYs")((void)0);
588
589 if (png_ptr == NULL((void*)0) || info_ptr == NULL((void*)0))
590 return;
591
592 info_ptr->x_pixels_per_unit = res_x;
593 info_ptr->y_pixels_per_unit = res_y;
594 info_ptr->phys_unit_type = (png_byte)unit_type;
595 info_ptr->valid |= PNG_INFO_pHYs0x0080U;
596}
597#endif
598
599void PNGAPI
600png_set_PLTE(png_structrp png_ptr, png_inforp info_ptr,
601 png_const_colorp palette, int num_palette)
602{
603
604 png_uint_32 max_palette_length;
605
606 png_debug1(1, "in %s storage function", "PLTE")((void)0);
607
608 if (png_ptr == NULL((void*)0) || info_ptr == NULL((void*)0))
609 return;
610
611 max_palette_length = (info_ptr->color_type == PNG_COLOR_TYPE_PALETTE(2 | 1)) ?
612 (1 << info_ptr->bit_depth) : PNG_MAX_PALETTE_LENGTH256;
613
614 if (num_palette < 0 || num_palette > (int) max_palette_length)
615 {
616 if (info_ptr->color_type == PNG_COLOR_TYPE_PALETTE(2 | 1))
617 png_error(png_ptr, "Invalid palette length");
618
619 else
620 {
621 png_warning(png_ptr, "Invalid palette length");
622
623 return;
624 }
625 }
626
627 if ((num_palette > 0 && palette == NULL((void*)0)) ||
628 (num_palette == 0
629# ifdef PNG_MNG_FEATURES_SUPPORTED
630 && (png_ptr->mng_features_permitted & PNG_FLAG_MNG_EMPTY_PLTE0x01) == 0
631# endif
632 ))
633 {
634 png_error(png_ptr, "Invalid palette");
635 }
636
637 /* It may not actually be necessary to set png_ptr->palette here;
638 * we do it for backward compatibility with the way the png_handle_tRNS
639 * function used to do the allocation.
640 *
641 * 1.6.0: the above statement appears to be incorrect; something has to set
642 * the palette inside png_struct on read.
643 */
644 png_free_data(png_ptr, info_ptr, PNG_FREE_PLTE0x1000U, 0);
645
646 /* Changed in libpng-1.2.1 to allocate PNG_MAX_PALETTE_LENGTH instead
647 * of num_palette entries, in case of an invalid PNG file or incorrect
648 * call to png_set_PLTE() with too-large sample values.
649 */
650 png_ptr->palette = png_voidcast(png_colorp, png_calloc(png_ptr,(png_calloc(png_ptr, 256 * (sizeof (png_color))))
651 PNG_MAX_PALETTE_LENGTH * (sizeof (png_color))))(png_calloc(png_ptr, 256 * (sizeof (png_color))));
652
653 if (num_palette > 0)
654 memcpy(png_ptr->palette, palette, (unsigned int)num_palette *
655 (sizeof (png_color)));
656 info_ptr->palette = png_ptr->palette;
657 info_ptr->num_palette = png_ptr->num_palette = (png_uint_16)num_palette;
658
659 info_ptr->free_me |= PNG_FREE_PLTE0x1000U;
660
661 info_ptr->valid |= PNG_INFO_PLTE0x0008U;
662}
663
664#ifdef PNG_sBIT_SUPPORTED
665void PNGAPI
666png_set_sBIT(png_const_structrp png_ptr, png_inforp info_ptr,
667 png_const_color_8p sig_bit)
668{
669 png_debug1(1, "in %s storage function", "sBIT")((void)0);
670
671 if (png_ptr == NULL((void*)0) || info_ptr == NULL((void*)0) || sig_bit == NULL((void*)0))
672 return;
673
674 info_ptr->sig_bit = *sig_bit;
675 info_ptr->valid |= PNG_INFO_sBIT0x0002U;
676}
677#endif
678
679#ifdef PNG_sRGB_SUPPORTED
680void PNGAPI
681png_set_sRGB(png_const_structrp png_ptr, png_inforp info_ptr, int srgb_intent)
682{
683 png_debug1(1, "in %s storage function", "sRGB")((void)0);
684
685 if (png_ptr == NULL((void*)0) || info_ptr == NULL((void*)0))
686 return;
687
688 (void)png_colorspace_set_sRGB(png_ptr, &info_ptr->colorspace, srgb_intent);
689 png_colorspace_sync_info(png_ptr, info_ptr);
690}
691
692void PNGAPI
693png_set_sRGB_gAMA_and_cHRM(png_const_structrp png_ptr, png_inforp info_ptr,
694 int srgb_intent)
695{
696 png_debug1(1, "in %s storage function", "sRGB_gAMA_and_cHRM")((void)0);
697
698 if (png_ptr == NULL((void*)0) || info_ptr == NULL((void*)0))
699 return;
700
701 if (png_colorspace_set_sRGB(png_ptr, &info_ptr->colorspace,
702 srgb_intent) != 0)
703 {
704 /* This causes the gAMA and cHRM to be written too */
705 info_ptr->colorspace.flags |=
706 PNG_COLORSPACE_FROM_gAMA0x0008|PNG_COLORSPACE_FROM_cHRM0x0010;
707 }
708
709 png_colorspace_sync_info(png_ptr, info_ptr);
710}
711#endif /* sRGB */
712
713
714#ifdef PNG_iCCP_SUPPORTED
715void PNGAPI
716png_set_iCCP(png_const_structrp png_ptr, png_inforp info_ptr,
717 png_const_charp name, int compression_type,
718 png_const_bytep profile, png_uint_32 proflen)
719{
720 png_charp new_iccp_name;
721 png_bytep new_iccp_profile;
722 size_t length;
723
724 png_debug1(1, "in %s storage function", "iCCP")((void)0);
725
726 if (png_ptr == NULL((void*)0) || info_ptr == NULL((void*)0) || name == NULL((void*)0) || profile == NULL((void*)0))
727 return;
728
729 if (compression_type != PNG_COMPRESSION_TYPE_BASE0)
730 png_app_error(png_ptr, "Invalid iCCP compression method");
731
732 /* Set the colorspace first because this validates the profile; do not
733 * override previously set app cHRM or gAMA here (because likely as not the
734 * application knows better than libpng what the correct values are.) Pass
735 * the info_ptr color_type field to png_colorspace_set_ICC because in the
736 * write case it has not yet been stored in png_ptr.
737 */
738 {
739 int result = png_colorspace_set_ICC(png_ptr, &info_ptr->colorspace, name,
740 proflen, profile, info_ptr->color_type);
741
742 png_colorspace_sync_info(png_ptr, info_ptr);
743
744 /* Don't do any of the copying if the profile was bad, or inconsistent. */
745 if (result == 0)
746 return;
747
748 /* But do write the gAMA and cHRM chunks from the profile. */
749 info_ptr->colorspace.flags |=
750 PNG_COLORSPACE_FROM_gAMA0x0008|PNG_COLORSPACE_FROM_cHRM0x0010;
751 }
752
753 length = strlen(name)+1;
754 new_iccp_name = png_voidcast(png_charp, png_malloc_warn(png_ptr, length))(png_malloc_warn(png_ptr, length));
755
756 if (new_iccp_name == NULL((void*)0))
757 {
758 png_benign_error(png_ptr, "Insufficient memory to process iCCP chunk");
759
760 return;
761 }
762
763 memcpy(new_iccp_name, name, length);
764 new_iccp_profile = png_voidcast(png_bytep,(png_malloc_warn(png_ptr, proflen))
765 png_malloc_warn(png_ptr, proflen))(png_malloc_warn(png_ptr, proflen));
766
767 if (new_iccp_profile == NULL((void*)0))
768 {
769 png_free(png_ptr, new_iccp_name);
770 png_benign_error(png_ptr,
771 "Insufficient memory to process iCCP profile");
772
773 return;
774 }
775
776 memcpy(new_iccp_profile, profile, proflen);
777
778 png_free_data(png_ptr, info_ptr, PNG_FREE_ICCP0x0010U, 0);
779
780 info_ptr->iccp_proflen = proflen;
781 info_ptr->iccp_name = new_iccp_name;
782 info_ptr->iccp_profile = new_iccp_profile;
783 info_ptr->free_me |= PNG_FREE_ICCP0x0010U;
784 info_ptr->valid |= PNG_INFO_iCCP0x1000U;
785}
786#endif
787
788#ifdef PNG_TEXT_SUPPORTED
789void PNGAPI
790png_set_text(png_const_structrp png_ptr, png_inforp info_ptr,
791 png_const_textp text_ptr, int num_text)
792{
793 int ret;
794 ret = png_set_text_2(png_ptr, info_ptr, text_ptr, num_text);
1
Calling 'png_set_text_2'
795
796 if (ret != 0)
797 png_error(png_ptr, "Insufficient memory to store text");
798}
799
800int /* PRIVATE */
801png_set_text_2(png_const_structrp png_ptr, png_inforp info_ptr,
802 png_const_textp text_ptr, int num_text)
803{
804 int i;
805
806 png_debug1(1, "in %lx storage function", png_ptr == NULL ? 0xabadca11U :((void)0)
807 (unsigned long)png_ptr->chunk_name)((void)0);
808
809 if (png_ptr == NULL((void*)0) || info_ptr == NULL((void*)0) || num_text <= 0 || text_ptr == NULL((void*)0))
2
Assuming 'png_ptr' is not equal to NULL
3
Assuming 'info_ptr' is not equal to NULL
4
Assuming 'num_text' is > 0
5
Assuming 'text_ptr' is not equal to NULL
6
Taking false branch
810 return(0);
811
812 /* Make sure we have enough space in the "text" array in info_struct
813 * to hold all of the incoming text_ptr objects. This compare can't overflow
814 * because max_text >= num_text (anyway, subtract of two positive integers
815 * can't overflow in any case.)
816 */
817 if (num_text > info_ptr->max_text - info_ptr->num_text)
7
Assuming the condition is false
8
Taking false branch
818 {
819 int old_num_text = info_ptr->num_text;
820 int max_text;
821 png_textp new_text = NULL((void*)0);
822
823 /* Calculate an appropriate max_text, checking for overflow. */
824 max_text = old_num_text;
825 if (num_text <= INT_MAX2147483647 - max_text)
826 {
827 max_text += num_text;
828
829 /* Round up to a multiple of 8 */
830 if (max_text < INT_MAX2147483647-8)
831 max_text = (max_text + 8) & ~0x7;
832
833 else
834 max_text = INT_MAX2147483647;
835
836 /* Now allocate a new array and copy the old members in; this does all
837 * the overflow checks.
838 */
839 new_text = png_voidcast(png_textp,png_realloc_array(png_ptr,(png_realloc_array(png_ptr, info_ptr->text, old_num_text, max_text
-old_num_text, sizeof *new_text))
840 info_ptr->text, old_num_text, max_text-old_num_text,(png_realloc_array(png_ptr, info_ptr->text, old_num_text, max_text
-old_num_text, sizeof *new_text))
841 sizeof *new_text))(png_realloc_array(png_ptr, info_ptr->text, old_num_text, max_text
-old_num_text, sizeof *new_text))
;
842 }
843
844 if (new_text == NULL((void*)0))
845 {
846 png_chunk_report(png_ptr, "too many text chunks",
847 PNG_CHUNK_WRITE_ERROR1);
848
849 return 1;
850 }
851
852 png_free(png_ptr, info_ptr->text);
853
854 info_ptr->text = new_text;
855 info_ptr->free_me |= PNG_FREE_TEXT0x4000U;
856 info_ptr->max_text = max_text;
857 /* num_text is adjusted below as the entries are copied in */
858
859 png_debug1(3, "allocated %d entries for info_ptr->text", max_text)((void)0);
860 }
861
862 for (i = 0; i
8.1
'i' is < 'num_text'
< num_text; i++)
9
Loop condition is true. Entering loop body
863 {
864 size_t text_length, key_len;
865 size_t lang_len, lang_key_len;
866 png_textp textp = &(info_ptr->text[info_ptr->num_text]);
867
868 if (text_ptr[i].key == NULL((void*)0))
10
Assuming field 'key' is not equal to NULL
11
Taking false branch
869 continue;
870
871 if (text_ptr[i].compression < PNG_TEXT_COMPRESSION_NONE-1 ||
12
Assuming the condition is false
14
Taking false branch
872 text_ptr[i].compression >= PNG_TEXT_COMPRESSION_LAST3)
13
Assuming field 'compression' is < PNG_TEXT_COMPRESSION_LAST
873 {
874 png_chunk_report(png_ptr, "text compression mode is out of range",
875 PNG_CHUNK_WRITE_ERROR1);
876 continue;
877 }
878
879 key_len = strlen(text_ptr[i].key);
880
881 if (text_ptr[i].compression <= 0)
15
Assuming field 'compression' is > 0
16
Taking false branch
882 {
883 lang_len = 0;
884 lang_key_len = 0;
885 }
886
887 else
888# ifdef PNG_iTXt_SUPPORTED
889 {
890 /* Set iTXt data */
891
892 if (text_ptr[i].lang != NULL((void*)0))
17
Assuming field 'lang' is equal to NULL
18
Assuming pointer value is null
19
Taking false branch
893 lang_len = strlen(text_ptr[i].lang);
894
895 else
896 lang_len = 0;
897
898 if (text_ptr[i].lang_key != NULL((void*)0))
20
Assuming field 'lang_key' is equal to NULL
21
Taking false branch
899 lang_key_len = strlen(text_ptr[i].lang_key);
900
901 else
902 lang_key_len = 0;
903 }
904# else /* iTXt */
905 {
906 png_chunk_report(png_ptr, "iTXt chunk not supported",
907 PNG_CHUNK_WRITE_ERROR1);
908 continue;
909 }
910# endif
911
912 if (text_ptr[i].text == NULL((void*)0) || text_ptr[i].text[0] == '\0')
22
Assuming field 'text' is equal to NULL
913 {
914 text_length = 0;
915# ifdef PNG_iTXt_SUPPORTED
916 if (text_ptr[i].compression
22.1
Field 'compression' is > 0
> 0)
23
Taking true branch
917 textp->compression = PNG_ITXT_COMPRESSION_NONE1;
918
919 else
920# endif
921 textp->compression = PNG_TEXT_COMPRESSION_NONE-1;
922 }
923
924 else
925 {
926 text_length = strlen(text_ptr[i].text);
927 textp->compression = text_ptr[i].compression;
928 }
929
930 textp->key = png_voidcast(png_charp,png_malloc_base(png_ptr,(png_malloc_base(png_ptr, key_len + text_length + lang_len + lang_key_len
+ 4))
931 key_len + text_length + lang_len + lang_key_len + 4))(png_malloc_base(png_ptr, key_len + text_length + lang_len + lang_key_len
+ 4))
;
932
933 if (textp->key == NULL((void*)0))
24
Assuming field 'key' is not equal to NULL
25
Taking false branch
934 {
935 png_chunk_report(png_ptr, "text chunk: out of memory",
936 PNG_CHUNK_WRITE_ERROR1);
937
938 return 1;
939 }
940
941 png_debug2(2, "Allocated %lu bytes at %p in png_set_text",((void)0)
942 (unsigned long)(png_uint_32)((void)0)
943 (key_len + lang_len + lang_key_len + text_length + 4),((void)0)
944 textp->key)((void)0);
945
946 memcpy(textp->key, text_ptr[i].key, key_len);
947 *(textp->key + key_len) = '\0';
948
949 if (text_ptr[i].compression
25.1
Field 'compression' is > 0
> 0)
26
Taking true branch
950 {
951 textp->lang = textp->key + key_len + 1;
952 memcpy(textp->lang, text_ptr[i].lang, lang_len);
27
Null pointer passed to 2nd parameter expecting 'nonnull'
953 *(textp->lang + lang_len) = '\0';
954 textp->lang_key = textp->lang + lang_len + 1;
955 memcpy(textp->lang_key, text_ptr[i].lang_key, lang_key_len);
956 *(textp->lang_key + lang_key_len) = '\0';
957 textp->text = textp->lang_key + lang_key_len + 1;
958 }
959
960 else
961 {
962 textp->lang=NULL((void*)0);
963 textp->lang_key=NULL((void*)0);
964 textp->text = textp->key + key_len + 1;
965 }
966
967 if (text_length != 0)
968 memcpy(textp->text, text_ptr[i].text, text_length);
969
970 *(textp->text + text_length) = '\0';
971
972# ifdef PNG_iTXt_SUPPORTED
973 if (textp->compression > 0)
974 {
975 textp->text_length = 0;
976 textp->itxt_length = text_length;
977 }
978
979 else
980# endif
981 {
982 textp->text_length = text_length;
983 textp->itxt_length = 0;
984 }
985
986 info_ptr->num_text++;
987 png_debug1(3, "transferred text chunk %d", info_ptr->num_text)((void)0);
988 }
989
990 return(0);
991}
992#endif
993
994#ifdef PNG_tIME_SUPPORTED
995void PNGAPI
996png_set_tIME(png_const_structrp png_ptr, png_inforp info_ptr,
997 png_const_timep mod_time)
998{
999 png_debug1(1, "in %s storage function", "tIME")((void)0);
1000
1001 if (png_ptr == NULL((void*)0) || info_ptr == NULL((void*)0) || mod_time == NULL((void*)0) ||
1002 (png_ptr->mode & PNG_WROTE_tIME0x200U) != 0)
1003 return;
1004
1005 if (mod_time->month == 0 || mod_time->month > 12 ||
1006 mod_time->day == 0 || mod_time->day > 31 ||
1007 mod_time->hour > 23 || mod_time->minute > 59 ||
1008 mod_time->second > 60)
1009 {
1010 png_warning(png_ptr, "Ignoring invalid time value");
1011
1012 return;
1013 }
1014
1015 info_ptr->mod_time = *mod_time;
1016 info_ptr->valid |= PNG_INFO_tIME0x0200U;
1017}
1018#endif
1019
1020#ifdef PNG_tRNS_SUPPORTED
1021void PNGAPI
1022png_set_tRNS(png_structrp png_ptr, png_inforp info_ptr,
1023 png_const_bytep trans_alpha, int num_trans, png_const_color_16p trans_color)
1024{
1025 png_debug1(1, "in %s storage function", "tRNS")((void)0);
1026
1027 if (png_ptr == NULL((void*)0) || info_ptr == NULL((void*)0))
1028
1029 return;
1030
1031 if (trans_alpha != NULL((void*)0))
1032 {
1033 /* It may not actually be necessary to set png_ptr->trans_alpha here;
1034 * we do it for backward compatibility with the way the png_handle_tRNS
1035 * function used to do the allocation.
1036 *
1037 * 1.6.0: The above statement is incorrect; png_handle_tRNS effectively
1038 * relies on png_set_tRNS storing the information in png_struct
1039 * (otherwise it won't be there for the code in pngrtran.c).
1040 */
1041
1042 png_free_data(png_ptr, info_ptr, PNG_FREE_TRNS0x2000U, 0);
1043
1044 if (num_trans > 0 && num_trans <= PNG_MAX_PALETTE_LENGTH256)
1045 {
1046 /* Changed from num_trans to PNG_MAX_PALETTE_LENGTH in version 1.2.1 */
1047 info_ptr->trans_alpha = png_voidcast(png_bytep,(png_malloc(png_ptr, 256))
1048 png_malloc(png_ptr, PNG_MAX_PALETTE_LENGTH))(png_malloc(png_ptr, 256));
1049 memcpy(info_ptr->trans_alpha, trans_alpha, (size_t)num_trans);
1050 }
1051 png_ptr->trans_alpha = info_ptr->trans_alpha;
1052 }
1053
1054 if (trans_color != NULL((void*)0))
1055 {
1056#ifdef PNG_WARNINGS_SUPPORTED
1057 if (info_ptr->bit_depth < 16)
1058 {
1059 int sample_max = (1 << info_ptr->bit_depth) - 1;
1060
1061 if ((info_ptr->color_type == PNG_COLOR_TYPE_GRAY0 &&
1062 trans_color->gray > sample_max) ||
1063 (info_ptr->color_type == PNG_COLOR_TYPE_RGB(2) &&
1064 (trans_color->red > sample_max ||
1065 trans_color->green > sample_max ||
1066 trans_color->blue > sample_max)))
1067 png_warning(png_ptr,
1068 "tRNS chunk has out-of-range samples for bit_depth");
1069 }
1070#endif
1071
1072 info_ptr->trans_color = *trans_color;
1073
1074 if (num_trans == 0)
1075 num_trans = 1;
1076 }
1077
1078 info_ptr->num_trans = (png_uint_16)num_trans;
1079
1080 if (num_trans != 0)
1081 {
1082 info_ptr->valid |= PNG_INFO_tRNS0x0010U;
1083 info_ptr->free_me |= PNG_FREE_TRNS0x2000U;
1084 }
1085}
1086#endif
1087
1088#ifdef PNG_sPLT_SUPPORTED
1089void PNGAPI
1090png_set_sPLT(png_const_structrp png_ptr,
1091 png_inforp info_ptr, png_const_sPLT_tp entries, int nentries)
1092/*
1093 * entries - array of png_sPLT_t structures
1094 * to be added to the list of palettes
1095 * in the info structure.
1096 *
1097 * nentries - number of palette structures to be
1098 * added.
1099 */
1100{
1101 png_sPLT_tp np;
1102
1103 if (png_ptr == NULL((void*)0) || info_ptr == NULL((void*)0) || nentries <= 0 || entries == NULL((void*)0))
1104 return;
1105
1106 /* Use the internal realloc function, which checks for all the possible
1107 * overflows. Notice that the parameters are (int) and (size_t)
1108 */
1109 np = png_voidcast(png_sPLT_tp,png_realloc_array(png_ptr,(png_realloc_array(png_ptr, info_ptr->splt_palettes, info_ptr
->splt_palettes_num, nentries, sizeof *np))
1110 info_ptr->splt_palettes, info_ptr->splt_palettes_num, nentries,(png_realloc_array(png_ptr, info_ptr->splt_palettes, info_ptr
->splt_palettes_num, nentries, sizeof *np))
1111 sizeof *np))(png_realloc_array(png_ptr, info_ptr->splt_palettes, info_ptr
->splt_palettes_num, nentries, sizeof *np))
;
1112
1113 if (np == NULL((void*)0))
1114 {
1115 /* Out of memory or too many chunks */
1116 png_chunk_report(png_ptr, "too many sPLT chunks", PNG_CHUNK_WRITE_ERROR1);
1117
1118 return;
1119 }
1120
1121 png_free(png_ptr, info_ptr->splt_palettes);
1122 info_ptr->splt_palettes = np;
1123 info_ptr->free_me |= PNG_FREE_SPLT0x0020U;
1124
1125 np += info_ptr->splt_palettes_num;
1126
1127 do
1128 {
1129 size_t length;
1130
1131 /* Skip invalid input entries */
1132 if (entries->name == NULL((void*)0) || entries->entries == NULL((void*)0))
1133 {
1134 /* png_handle_sPLT doesn't do this, so this is an app error */
1135 png_app_error(png_ptr, "png_set_sPLT: invalid sPLT");
1136 /* Just skip the invalid entry */
1137 continue;
1138 }
1139
1140 np->depth = entries->depth;
1141
1142 /* In the event of out-of-memory just return - there's no point keeping
1143 * on trying to add sPLT chunks.
1144 */
1145 length = strlen(entries->name) + 1;
1146 np->name = png_voidcast(png_charp, png_malloc_base(png_ptr, length))(png_malloc_base(png_ptr, length));
1147
1148 if (np->name == NULL((void*)0))
1149 break;
1150
1151 memcpy(np->name, entries->name, length);
1152
1153 /* IMPORTANT: we have memory now that won't get freed if something else
1154 * goes wrong; this code must free it. png_malloc_array produces no
1155 * warnings; use a png_chunk_report (below) if there is an error.
1156 */
1157 np->entries = png_voidcast(png_sPLT_entryp, png_malloc_array(png_ptr,(png_malloc_array(png_ptr, entries->nentries, sizeof (png_sPLT_entry
)))
1158 entries->nentries, sizeof (png_sPLT_entry)))(png_malloc_array(png_ptr, entries->nentries, sizeof (png_sPLT_entry
)))
;
1159
1160 if (np->entries == NULL((void*)0))
1161 {
1162 png_free(png_ptr, np->name);
1163 np->name = NULL((void*)0);
1164 break;
1165 }
1166
1167 np->nentries = entries->nentries;
1168 /* This multiply can't overflow because png_malloc_array has already
1169 * checked it when doing the allocation.
1170 */
1171 memcpy(np->entries, entries->entries,
1172 (unsigned int)entries->nentries * sizeof (png_sPLT_entry));
1173
1174 /* Note that 'continue' skips the advance of the out pointer and out
1175 * count, so an invalid entry is not added.
1176 */
1177 info_ptr->valid |= PNG_INFO_sPLT0x2000U;
1178 ++(info_ptr->splt_palettes_num);
1179 ++np;
1180 ++entries;
1181 }
1182 while (--nentries);
1183
1184 if (nentries > 0)
1185 png_chunk_report(png_ptr, "sPLT out of memory", PNG_CHUNK_WRITE_ERROR1);
1186}
1187#endif /* sPLT */
1188
1189#ifdef PNG_STORE_UNKNOWN_CHUNKS_SUPPORTED
1190static png_byte
1191check_location(png_const_structrp png_ptr, int location)
1192{
1193 location &= (PNG_HAVE_IHDR0x01|PNG_HAVE_PLTE0x02|PNG_AFTER_IDAT0x08);
1194
1195 /* New in 1.6.0; copy the location and check it. This is an API
1196 * change; previously the app had to use the
1197 * png_set_unknown_chunk_location API below for each chunk.
1198 */
1199 if (location == 0 && (png_ptr->mode & PNG_IS_READ_STRUCT0x8000U) == 0)
1200 {
1201 /* Write struct, so unknown chunks come from the app */
1202 png_app_warning(png_ptr,
1203 "png_set_unknown_chunks now expects a valid location");
1204 /* Use the old behavior */
1205 location = (png_byte)(png_ptr->mode &
1206 (PNG_HAVE_IHDR0x01|PNG_HAVE_PLTE0x02|PNG_AFTER_IDAT0x08));
1207 }
1208
1209 /* This need not be an internal error - if the app calls
1210 * png_set_unknown_chunks on a read pointer it must get the location right.
1211 */
1212 if (location == 0)
1213 png_error(png_ptr, "invalid location in png_set_unknown_chunks");
1214
1215 /* Now reduce the location to the top-most set bit by removing each least
1216 * significant bit in turn.
1217 */
1218 while (location != (location & -location))
1219 location &= ~(location & -location);
1220
1221 /* The cast is safe because 'location' is a bit mask and only the low four
1222 * bits are significant.
1223 */
1224 return (png_byte)location;
1225}
1226
1227void PNGAPI
1228png_set_unknown_chunks(png_const_structrp png_ptr,
1229 png_inforp info_ptr, png_const_unknown_chunkp unknowns, int num_unknowns)
1230{
1231 png_unknown_chunkp np;
1232
1233 if (png_ptr == NULL((void*)0) || info_ptr == NULL((void*)0) || num_unknowns <= 0 ||
1234 unknowns == NULL((void*)0))
1235 return;
1236
1237 /* Check for the failure cases where support has been disabled at compile
1238 * time. This code is hardly ever compiled - it's here because
1239 * STORE_UNKNOWN_CHUNKS is set by both read and write code (compiling in this
1240 * code) but may be meaningless if the read or write handling of unknown
1241 * chunks is not compiled in.
1242 */
1243# if !defined(PNG_READ_UNKNOWN_CHUNKS_SUPPORTED) && \
1244 defined(PNG_READ_SUPPORTED)
1245 if ((png_ptr->mode & PNG_IS_READ_STRUCT0x8000U) != 0)
1246 {
1247 png_app_error(png_ptr, "no unknown chunk support on read");
1248
1249 return;
1250 }
1251# endif
1252# if !defined(PNG_WRITE_UNKNOWN_CHUNKS_SUPPORTED) && \
1253 defined(PNG_WRITE_SUPPORTED)
1254 if ((png_ptr->mode & PNG_IS_READ_STRUCT0x8000U) == 0)
1255 {
1256 png_app_error(png_ptr, "no unknown chunk support on write");
1257
1258 return;
1259 }
1260# endif
1261
1262 /* Prior to 1.6.0 this code used png_malloc_warn; however, this meant that
1263 * unknown critical chunks could be lost with just a warning resulting in
1264 * undefined behavior. Now png_chunk_report is used to provide behavior
1265 * appropriate to read or write.
1266 */
1267 np = png_voidcast(png_unknown_chunkp, png_realloc_array(png_ptr,(png_realloc_array(png_ptr, info_ptr->unknown_chunks, info_ptr
->unknown_chunks_num, num_unknowns, sizeof *np))
1268 info_ptr->unknown_chunks, info_ptr->unknown_chunks_num, num_unknowns,(png_realloc_array(png_ptr, info_ptr->unknown_chunks, info_ptr
->unknown_chunks_num, num_unknowns, sizeof *np))
1269 sizeof *np))(png_realloc_array(png_ptr, info_ptr->unknown_chunks, info_ptr
->unknown_chunks_num, num_unknowns, sizeof *np))
;
1270
1271 if (np == NULL((void*)0))
1272 {
1273 png_chunk_report(png_ptr, "too many unknown chunks",
1274 PNG_CHUNK_WRITE_ERROR1);
1275
1276 return;
1277 }
1278
1279 png_free(png_ptr, info_ptr->unknown_chunks);
1280 info_ptr->unknown_chunks = np; /* safe because it is initialized */
1281 info_ptr->free_me |= PNG_FREE_UNKN0x0200U;
1282
1283 np += info_ptr->unknown_chunks_num;
1284
1285 /* Increment unknown_chunks_num each time round the loop to protect the
1286 * just-allocated chunk data.
1287 */
1288 for (; num_unknowns > 0; --num_unknowns, ++unknowns)
1289 {
1290 memcpy(np->name, unknowns->name, (sizeof np->name));
1291 np->name[(sizeof np->name)-1] = '\0';
1292 np->location = check_location(png_ptr, unknowns->location);
1293
1294 if (unknowns->size == 0)
1295 {
1296 np->data = NULL((void*)0);
1297 np->size = 0;
1298 }
1299
1300 else
1301 {
1302 np->data = png_voidcast(png_bytep,(png_malloc_base(png_ptr, unknowns->size))
1303 png_malloc_base(png_ptr, unknowns->size))(png_malloc_base(png_ptr, unknowns->size));
1304
1305 if (np->data == NULL((void*)0))
1306 {
1307 png_chunk_report(png_ptr, "unknown chunk: out of memory",
1308 PNG_CHUNK_WRITE_ERROR1);
1309 /* But just skip storing the unknown chunk */
1310 continue;
1311 }
1312
1313 memcpy(np->data, unknowns->data, unknowns->size);
1314 np->size = unknowns->size;
1315 }
1316
1317 /* These increments are skipped on out-of-memory for the data - the
1318 * unknown chunk entry gets overwritten if the png_chunk_report returns.
1319 * This is correct in the read case (the chunk is just dropped.)
1320 */
1321 ++np;
1322 ++(info_ptr->unknown_chunks_num);
1323 }
1324}
1325
1326void PNGAPI
1327png_set_unknown_chunk_location(png_const_structrp png_ptr, png_inforp info_ptr,
1328 int chunk, int location)
1329{
1330 /* This API is pretty pointless in 1.6.0 because the location can be set
1331 * before the call to png_set_unknown_chunks.
1332 *
1333 * TODO: add a png_app_warning in 1.7
1334 */
1335 if (png_ptr != NULL((void*)0) && info_ptr != NULL((void*)0) && chunk >= 0 &&
1336 chunk < info_ptr->unknown_chunks_num)
1337 {
1338 if ((location & (PNG_HAVE_IHDR0x01|PNG_HAVE_PLTE0x02|PNG_AFTER_IDAT0x08)) == 0)
1339 {
1340 png_app_error(png_ptr, "invalid unknown chunk location");
1341 /* Fake out the pre 1.6.0 behavior: */
1342 if (((unsigned int)location & PNG_HAVE_IDAT0x04U) != 0) /* undocumented! */
1343 location = PNG_AFTER_IDAT0x08;
1344
1345 else
1346 location = PNG_HAVE_IHDR0x01; /* also undocumented */
1347 }
1348
1349 info_ptr->unknown_chunks[chunk].location =
1350 check_location(png_ptr, location);
1351 }
1352}
1353#endif /* STORE_UNKNOWN_CHUNKS */
1354
1355#ifdef PNG_MNG_FEATURES_SUPPORTED
1356png_uint_32 PNGAPI
1357png_permit_mng_features (png_structrp png_ptr, png_uint_32 mng_features)
1358{
1359 png_debug(1, "in png_permit_mng_features")((void)0);
1360
1361 if (png_ptr == NULL((void*)0))
1362 return 0;
1363
1364 png_ptr->mng_features_permitted = mng_features & PNG_ALL_MNG_FEATURES0x05;
1365
1366 return png_ptr->mng_features_permitted;
1367}
1368#endif
1369
1370#ifdef PNG_HANDLE_AS_UNKNOWN_SUPPORTED
1371static unsigned int
1372add_one_chunk(png_bytep list, unsigned int count, png_const_bytep add, int keep)
1373{
1374 unsigned int i;
1375
1376 /* Utility function: update the 'keep' state of a chunk if it is already in
1377 * the list, otherwise add it to the list.
1378 */
1379 for (i=0; i<count; ++i, list += 5)
1380 {
1381 if (memcmp(list, add, 4) == 0)
1382 {
1383 list[4] = (png_byte)keep;
1384
1385 return count;
1386 }
1387 }
1388
1389 if (keep != PNG_HANDLE_CHUNK_AS_DEFAULT0)
1390 {
1391 ++count;
1392 memcpy(list, add, 4);
1393 list[4] = (png_byte)keep;
1394 }
1395
1396 return count;
1397}
1398
1399void PNGAPI
1400png_set_keep_unknown_chunks(png_structrp png_ptr, int keep,
1401 png_const_bytep chunk_list, int num_chunks_in)
1402{
1403 png_bytep new_list;
1404 unsigned int num_chunks, old_num_chunks;
1405
1406 if (png_ptr == NULL((void*)0))
1407 return;
1408
1409 if (keep < 0 || keep >= PNG_HANDLE_CHUNK_LAST4)
1410 {
1411 png_app_error(png_ptr, "png_set_keep_unknown_chunks: invalid keep");
1412
1413 return;
1414 }
1415
1416 if (num_chunks_in <= 0)
1417 {
1418 png_ptr->unknown_default = keep;
1419
1420 /* '0' means just set the flags, so stop here */
1421 if (num_chunks_in == 0)
1422 return;
1423 }
1424
1425 if (num_chunks_in < 0)
1426 {
1427 /* Ignore all unknown chunks and all chunks recognized by
1428 * libpng except for IHDR, PLTE, tRNS, IDAT, and IEND
1429 */
1430 static const png_byte chunks_to_ignore[] = {
1431 98, 75, 71, 68, '\0', /* bKGD */
1432 99, 72, 82, 77, '\0', /* cHRM */
1433 101, 88, 73, 102, '\0', /* eXIf */
1434 103, 65, 77, 65, '\0', /* gAMA */
1435 104, 73, 83, 84, '\0', /* hIST */
1436 105, 67, 67, 80, '\0', /* iCCP */
1437 105, 84, 88, 116, '\0', /* iTXt */
1438 111, 70, 70, 115, '\0', /* oFFs */
1439 112, 67, 65, 76, '\0', /* pCAL */
1440 112, 72, 89, 115, '\0', /* pHYs */
1441 115, 66, 73, 84, '\0', /* sBIT */
1442 115, 67, 65, 76, '\0', /* sCAL */
1443 115, 80, 76, 84, '\0', /* sPLT */
1444 115, 84, 69, 82, '\0', /* sTER */
1445 115, 82, 71, 66, '\0', /* sRGB */
1446 116, 69, 88, 116, '\0', /* tEXt */
1447 116, 73, 77, 69, '\0', /* tIME */
1448 122, 84, 88, 116, '\0' /* zTXt */
1449 };
1450
1451 chunk_list = chunks_to_ignore;
1452 num_chunks = (unsigned int)/*SAFE*/(sizeof chunks_to_ignore)/5U;
1453 }
1454
1455 else /* num_chunks_in > 0 */
1456 {
1457 if (chunk_list == NULL((void*)0))
1458 {
1459 /* Prior to 1.6.0 this was silently ignored, now it is an app_error
1460 * which can be switched off.
1461 */
1462 png_app_error(png_ptr, "png_set_keep_unknown_chunks: no chunk list");
1463
1464 return;
1465 }
1466
1467 num_chunks = (unsigned int)num_chunks_in;
1468 }
1469
1470 old_num_chunks = png_ptr->num_chunk_list;
1471 if (png_ptr->chunk_list == NULL((void*)0))
1472 old_num_chunks = 0;
1473
1474 /* Since num_chunks is always restricted to UINT_MAX/5 this can't overflow.
1475 */
1476 if (num_chunks + old_num_chunks > UINT_MAX(2147483647 *2U +1U)/5)
1477 {
1478 png_app_error(png_ptr, "png_set_keep_unknown_chunks: too many chunks");
1479
1480 return;
1481 }
1482
1483 /* If these chunks are being reset to the default then no more memory is
1484 * required because add_one_chunk above doesn't extend the list if the 'keep'
1485 * parameter is the default.
1486 */
1487 if (keep != 0)
1488 {
1489 new_list = png_voidcast(png_bytep, png_malloc(png_ptr,(png_malloc(png_ptr, 5 * (num_chunks + old_num_chunks)))
1490 5 * (num_chunks + old_num_chunks)))(png_malloc(png_ptr, 5 * (num_chunks + old_num_chunks)));
1491
1492 if (old_num_chunks > 0)
1493 memcpy(new_list, png_ptr->chunk_list, 5*old_num_chunks);
1494 }
1495
1496 else if (old_num_chunks > 0)
1497 new_list = png_ptr->chunk_list;
1498
1499 else
1500 new_list = NULL((void*)0);
1501
1502 /* Add the new chunks together with each one's handling code. If the chunk
1503 * already exists the code is updated, otherwise the chunk is added to the
1504 * end. (In libpng 1.6.0 order no longer matters because this code enforces
1505 * the earlier convention that the last setting is the one that is used.)
1506 */
1507 if (new_list != NULL((void*)0))
1508 {
1509 png_const_bytep inlist;
1510 png_bytep outlist;
1511 unsigned int i;
1512
1513 for (i=0; i<num_chunks; ++i)
1514 {
1515 old_num_chunks = add_one_chunk(new_list, old_num_chunks,
1516 chunk_list+5*i, keep);
1517 }
1518
1519 /* Now remove any spurious 'default' entries. */
1520 num_chunks = 0;
1521 for (i=0, inlist=outlist=new_list; i<old_num_chunks; ++i, inlist += 5)
1522 {
1523 if (inlist[4])
1524 {
1525 if (outlist != inlist)
1526 memcpy(outlist, inlist, 5);
1527 outlist += 5;
1528 ++num_chunks;
1529 }
1530 }
1531
1532 /* This means the application has removed all the specialized handling. */
1533 if (num_chunks == 0)
1534 {
1535 if (png_ptr->chunk_list != new_list)
1536 png_free(png_ptr, new_list);
1537
1538 new_list = NULL((void*)0);
1539 }
1540 }
1541
1542 else
1543 num_chunks = 0;
1544
1545 png_ptr->num_chunk_list = num_chunks;
1546
1547 if (png_ptr->chunk_list != new_list)
1548 {
1549 if (png_ptr->chunk_list != NULL((void*)0))
1550 png_free(png_ptr, png_ptr->chunk_list);
1551
1552 png_ptr->chunk_list = new_list;
1553 }
1554}
1555#endif
1556
1557#ifdef PNG_READ_USER_CHUNKS_SUPPORTED
1558void PNGAPI
1559png_set_read_user_chunk_fn(png_structrp png_ptr, png_voidp user_chunk_ptr,
1560 png_user_chunk_ptr read_user_chunk_fn)
1561{
1562 png_debug(1, "in png_set_read_user_chunk_fn")((void)0);
1563
1564 if (png_ptr == NULL((void*)0))
1565 return;
1566
1567 png_ptr->read_user_chunk_fn = read_user_chunk_fn;
1568 png_ptr->user_chunk_ptr = user_chunk_ptr;
1569}
1570#endif
1571
1572#ifdef PNG_INFO_IMAGE_SUPPORTED
1573void PNGAPI
1574png_set_rows(png_const_structrp png_ptr, png_inforp info_ptr,
1575 png_bytepp row_pointers)
1576{
1577 png_debug1(1, "in %s storage function", "rows")((void)0);
1578
1579 if (png_ptr == NULL((void*)0) || info_ptr == NULL((void*)0))
1580 return;
1581
1582 if (info_ptr->row_pointers != NULL((void*)0) &&
1583 (info_ptr->row_pointers != row_pointers))
1584 png_free_data(png_ptr, info_ptr, PNG_FREE_ROWS0x0040U, 0);
1585
1586 info_ptr->row_pointers = row_pointers;
1587
1588 if (row_pointers != NULL((void*)0))
1589 info_ptr->valid |= PNG_INFO_IDAT0x8000U;
1590}
1591#endif
1592
1593void PNGAPI
1594png_set_compression_buffer_size(png_structrp png_ptr, size_t size)
1595{
1596 if (png_ptr == NULL((void*)0))
1597 return;
1598
1599 if (size == 0 || size > PNG_UINT_31_MAX((png_uint_32)0x7fffffffL))
1600 png_error(png_ptr, "invalid compression buffer size");
1601
1602# ifdef PNG_SEQUENTIAL_READ_SUPPORTED
1603 if ((png_ptr->mode & PNG_IS_READ_STRUCT0x8000U) != 0)
1604 {
1605 png_ptr->IDAT_read_size = (png_uint_32)size; /* checked above */
1606 return;
1607 }
1608# endif
1609
1610# ifdef PNG_WRITE_SUPPORTED
1611 if ((png_ptr->mode & PNG_IS_READ_STRUCT0x8000U) == 0)
1612 {
1613 if (png_ptr->zowner != 0)
1614 {
1615 png_warning(png_ptr,
1616 "Compression buffer size cannot be changed because it is in use");
1617
1618 return;
1619 }
1620
1621#ifndef __COVERITY__
1622 /* Some compilers complain that this is always false. However, it
1623 * can be true when integer overflow happens.
1624 */
1625 if (size > ZLIB_IO_MAX((uInt)-1))
1626 {
1627 png_warning(png_ptr,
1628 "Compression buffer size limited to system maximum");
1629 size = ZLIB_IO_MAX((uInt)-1); /* must fit */
1630 }
1631#endif
1632
1633 if (size < 6)
1634 {
1635 /* Deflate will potentially go into an infinite loop on a SYNC_FLUSH
1636 * if this is permitted.
1637 */
1638 png_warning(png_ptr,
1639 "Compression buffer size cannot be reduced below 6");
1640
1641 return;
1642 }
1643
1644 if (png_ptr->zbuffer_size != size)
1645 {
1646 png_free_buffer_list(png_ptr, &png_ptr->zbuffer_list);
1647 png_ptr->zbuffer_size = (uInt)size;
1648 }
1649 }
1650# endif
1651}
1652
1653void PNGAPI
1654png_set_invalid(png_const_structrp png_ptr, png_inforp info_ptr, int mask)
1655{
1656 if (png_ptr != NULL((void*)0) && info_ptr != NULL((void*)0))
1657 info_ptr->valid &= (unsigned int)(~mask);
1658}
1659
1660
1661#ifdef PNG_SET_USER_LIMITS_SUPPORTED
1662/* This function was added to libpng 1.2.6 */
1663void PNGAPI
1664png_set_user_limits (png_structrp png_ptr, png_uint_32 user_width_max,
1665 png_uint_32 user_height_max)
1666{
1667 /* Images with dimensions larger than these limits will be
1668 * rejected by png_set_IHDR(). To accept any PNG datastream
1669 * regardless of dimensions, set both limits to 0x7fffffff.
1670 */
1671 if (png_ptr == NULL((void*)0))
1672 return;
1673
1674 png_ptr->user_width_max = user_width_max;
1675 png_ptr->user_height_max = user_height_max;
1676}
1677
1678/* This function was added to libpng 1.4.0 */
1679void PNGAPI
1680png_set_chunk_cache_max (png_structrp png_ptr, png_uint_32 user_chunk_cache_max)
1681{
1682 if (png_ptr != NULL((void*)0))
1683 png_ptr->user_chunk_cache_max = user_chunk_cache_max;
1684}
1685
1686/* This function was added to libpng 1.4.1 */
1687void PNGAPI
1688png_set_chunk_malloc_max (png_structrp png_ptr,
1689 png_alloc_size_t user_chunk_malloc_max)
1690{
1691 if (png_ptr != NULL((void*)0))
1692 png_ptr->user_chunk_malloc_max = user_chunk_malloc_max;
1693}
1694#endif /* ?SET_USER_LIMITS */
1695
1696
1697#ifdef PNG_BENIGN_ERRORS_SUPPORTED
1698void PNGAPI
1699png_set_benign_errors(png_structrp png_ptr, int allowed)
1700{
1701 png_debug(1, "in png_set_benign_errors")((void)0);
1702
1703 /* If allowed is 1, png_benign_error() is treated as a warning.
1704 *
1705 * If allowed is 0, png_benign_error() is treated as an error (which
1706 * is the default behavior if png_set_benign_errors() is not called).
1707 */
1708
1709 if (allowed != 0)
1710 png_ptr->flags |= PNG_FLAG_BENIGN_ERRORS_WARN0x100000U |
1711 PNG_FLAG_APP_WARNINGS_WARN0x200000U | PNG_FLAG_APP_ERRORS_WARN0x400000U;
1712
1713 else
1714 png_ptr->flags &= ~(PNG_FLAG_BENIGN_ERRORS_WARN0x100000U |
1715 PNG_FLAG_APP_WARNINGS_WARN0x200000U | PNG_FLAG_APP_ERRORS_WARN0x400000U);
1716}
1717#endif /* BENIGN_ERRORS */
1718
1719#ifdef PNG_CHECK_FOR_INVALID_INDEX_SUPPORTED
1720 /* Whether to report invalid palette index; added at libng-1.5.10.
1721 * It is possible for an indexed (color-type==3) PNG file to contain
1722 * pixels with invalid (out-of-range) indexes if the PLTE chunk has
1723 * fewer entries than the image's bit-depth would allow. We recover
1724 * from this gracefully by filling any incomplete palette with zeros
1725 * (opaque black). By default, when this occurs libpng will issue
1726 * a benign error. This API can be used to override that behavior.
1727 */
1728void PNGAPI
1729png_set_check_for_invalid_index(png_structrp png_ptr, int allowed)
1730{
1731 png_debug(1, "in png_set_check_for_invalid_index")((void)0);
1732
1733 if (allowed > 0)
1734 png_ptr->num_palette_max = 0;
1735
1736 else
1737 png_ptr->num_palette_max = -1;
1738}
1739#endif
1740
1741#if defined(PNG_TEXT_SUPPORTED) || defined(PNG_pCAL_SUPPORTED) || \
1742 defined(PNG_iCCP_SUPPORTED) || defined(PNG_sPLT_SUPPORTED)
1743/* Check that the tEXt or zTXt keyword is valid per PNG 1.0 specification,
1744 * and if invalid, correct the keyword rather than discarding the entire
1745 * chunk. The PNG 1.0 specification requires keywords 1-79 characters in
1746 * length, forbids leading or trailing whitespace, multiple internal spaces,
1747 * and the non-break space (0x80) from ISO 8859-1. Returns keyword length.
1748 *
1749 * The 'new_key' buffer must be 80 characters in size (for the keyword plus a
1750 * trailing '\0'). If this routine returns 0 then there was no keyword, or a
1751 * valid one could not be generated, and the caller must png_error.
1752 */
1753png_uint_32 /* PRIVATE */
1754png_check_keyword(png_structrp png_ptr, png_const_charp key, png_bytep new_key)
1755{
1756#ifdef PNG_WARNINGS_SUPPORTED
1757 png_const_charp orig_key = key;
1758#endif
1759 png_uint_32 key_len = 0;
1760 int bad_character = 0;
1761 int space = 1;
1762
1763 png_debug(1, "in png_check_keyword")((void)0);
1764
1765 if (key == NULL((void*)0))
1766 {
1767 *new_key = 0;
1768 return 0;
1769 }
1770
1771 while (*key && key_len < 79)
1772 {
1773 png_byte ch = (png_byte)*key++;
1774
1775 if ((ch > 32 && ch <= 126) || (ch >= 161 /*&& ch <= 255*/))
1776 {
1777 *new_key++ = ch; ++key_len; space = 0;
1778 }
1779
1780 else if (space == 0)
1781 {
1782 /* A space or an invalid character when one wasn't seen immediately
1783 * before; output just a space.
1784 */
1785 *new_key++ = 32; ++key_len; space = 1;
1786
1787 /* If the character was not a space then it is invalid. */
1788 if (ch != 32)
1789 bad_character = ch;
1790 }
1791
1792 else if (bad_character == 0)
1793 bad_character = ch; /* just skip it, record the first error */
1794 }
1795
1796 if (key_len > 0 && space != 0) /* trailing space */
1797 {
1798 --key_len; --new_key;
1799 if (bad_character == 0)
1800 bad_character = 32;
1801 }
1802
1803 /* Terminate the keyword */
1804 *new_key = 0;
1805
1806 if (key_len == 0)
1807 return 0;
1808
1809#ifdef PNG_WARNINGS_SUPPORTED
1810 /* Try to only output one warning per keyword: */
1811 if (*key != 0) /* keyword too long */
1812 png_warning(png_ptr, "keyword truncated");
1813
1814 else if (bad_character != 0)
1815 {
1816 PNG_WARNING_PARAMETERS(p)png_warning_parameters p;
1817
1818 png_warning_parameter(p, 1, orig_key);
1819 png_warning_parameter_signed(p, 2, PNG_NUMBER_FORMAT_02x4, bad_character);
1820
1821 png_formatted_warning(png_ptr, p, "keyword \"@1\": bad character '0x@2'");
1822 }
1823#else /* !WARNINGS */
1824 PNG_UNUSED(png_ptr)(void)png_ptr;
1825#endif /* !WARNINGS */
1826
1827 return key_len;
1828}
1829#endif /* TEXT || pCAL || iCCP || sPLT */
1830#endif /* READ || WRITE */