/src/FreeImage/Source/LibPNG/png.c

https://bitbucket.org/cabalistic/ogredeps/ · C · 2870 lines · 1710 code · 392 blank · 768 comment · 442 complexity · 43d68f8e6f25295ba659fdd331ae0123 MD5 · raw file

Large files are truncated click here to view the full file

  1. /* png.c - location for general purpose libpng functions
  2. *
  3. * Last changed in libpng 1.5.7 [December 15, 2011]
  4. * Copyright (c) 1998-2011 Glenn Randers-Pehrson
  5. * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger)
  6. * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.)
  7. *
  8. * This code is released under the libpng license.
  9. * For conditions of distribution and use, see the disclaimer
  10. * and license in png.h
  11. */
  12. #include "pngpriv.h"
  13. /* Generate a compiler error if there is an old png.h in the search path. */
  14. typedef png_libpng_version_1_5_9 Your_png_h_is_not_version_1_5_9;
  15. /* Tells libpng that we have already handled the first "num_bytes" bytes
  16. * of the PNG file signature. If the PNG data is embedded into another
  17. * stream we can set num_bytes = 8 so that libpng will not attempt to read
  18. * or write any of the magic bytes before it starts on the IHDR.
  19. */
  20. #ifdef PNG_READ_SUPPORTED
  21. void PNGAPI
  22. png_set_sig_bytes(png_structp png_ptr, int num_bytes)
  23. {
  24. png_debug(1, "in png_set_sig_bytes");
  25. if (png_ptr == NULL)
  26. return;
  27. if (num_bytes > 8)
  28. png_error(png_ptr, "Too many bytes for PNG signature");
  29. png_ptr->sig_bytes = (png_byte)(num_bytes < 0 ? 0 : num_bytes);
  30. }
  31. /* Checks whether the supplied bytes match the PNG signature. We allow
  32. * checking less than the full 8-byte signature so that those apps that
  33. * already read the first few bytes of a file to determine the file type
  34. * can simply check the remaining bytes for extra assurance. Returns
  35. * an integer less than, equal to, or greater than zero if sig is found,
  36. * respectively, to be less than, to match, or be greater than the correct
  37. * PNG signature (this is the same behavior as strcmp, memcmp, etc).
  38. */
  39. int PNGAPI
  40. png_sig_cmp(png_const_bytep sig, png_size_t start, png_size_t num_to_check)
  41. {
  42. png_byte png_signature[8] = {137, 80, 78, 71, 13, 10, 26, 10};
  43. if (num_to_check > 8)
  44. num_to_check = 8;
  45. else if (num_to_check < 1)
  46. return (-1);
  47. if (start > 7)
  48. return (-1);
  49. if (start + num_to_check > 8)
  50. num_to_check = 8 - start;
  51. return ((int)(png_memcmp(&sig[start], &png_signature[start], num_to_check)));
  52. }
  53. #endif /* PNG_READ_SUPPORTED */
  54. #if defined(PNG_READ_SUPPORTED) || defined(PNG_WRITE_SUPPORTED)
  55. /* Function to allocate memory for zlib */
  56. PNG_FUNCTION(voidpf /* PRIVATE */,
  57. png_zalloc,(voidpf png_ptr, uInt items, uInt size),PNG_ALLOCATED)
  58. {
  59. png_voidp ptr;
  60. png_structp p=(png_structp)png_ptr;
  61. png_uint_32 save_flags=p->flags;
  62. png_alloc_size_t num_bytes;
  63. if (png_ptr == NULL)
  64. return (NULL);
  65. if (items > PNG_UINT_32_MAX/size)
  66. {
  67. png_warning (p, "Potential overflow in png_zalloc()");
  68. return (NULL);
  69. }
  70. num_bytes = (png_alloc_size_t)items * size;
  71. p->flags|=PNG_FLAG_MALLOC_NULL_MEM_OK;
  72. ptr = (png_voidp)png_malloc((png_structp)png_ptr, num_bytes);
  73. p->flags=save_flags;
  74. return ((voidpf)ptr);
  75. }
  76. /* Function to free memory for zlib */
  77. void /* PRIVATE */
  78. png_zfree(voidpf png_ptr, voidpf ptr)
  79. {
  80. png_free((png_structp)png_ptr, (png_voidp)ptr);
  81. }
  82. /* Reset the CRC variable to 32 bits of 1's. Care must be taken
  83. * in case CRC is > 32 bits to leave the top bits 0.
  84. */
  85. void /* PRIVATE */
  86. png_reset_crc(png_structp png_ptr)
  87. {
  88. /* The cast is safe because the crc is a 32 bit value. */
  89. png_ptr->crc = (png_uint_32)crc32(0, Z_NULL, 0);
  90. }
  91. /* Calculate the CRC over a section of data. We can only pass as
  92. * much data to this routine as the largest single buffer size. We
  93. * also check that this data will actually be used before going to the
  94. * trouble of calculating it.
  95. */
  96. void /* PRIVATE */
  97. png_calculate_crc(png_structp png_ptr, png_const_bytep ptr, png_size_t length)
  98. {
  99. int need_crc = 1;
  100. if (PNG_CHUNK_ANCILLIARY(png_ptr->chunk_name))
  101. {
  102. if ((png_ptr->flags & PNG_FLAG_CRC_ANCILLARY_MASK) ==
  103. (PNG_FLAG_CRC_ANCILLARY_USE | PNG_FLAG_CRC_ANCILLARY_NOWARN))
  104. need_crc = 0;
  105. }
  106. else /* critical */
  107. {
  108. if (png_ptr->flags & PNG_FLAG_CRC_CRITICAL_IGNORE)
  109. need_crc = 0;
  110. }
  111. /* 'uLong' is defined as unsigned long, this means that on some systems it is
  112. * a 64 bit value. crc32, however, returns 32 bits so the following cast is
  113. * safe. 'uInt' may be no more than 16 bits, so it is necessary to perform a
  114. * loop here.
  115. */
  116. if (need_crc && length > 0)
  117. {
  118. uLong crc = png_ptr->crc; /* Should never issue a warning */
  119. do
  120. {
  121. uInt safeLength = (uInt)length;
  122. if (safeLength == 0)
  123. safeLength = (uInt)-1; /* evil, but safe */
  124. crc = crc32(crc, ptr, safeLength);
  125. /* The following should never issue compiler warnings, if they do the
  126. * target system has characteristics that will probably violate other
  127. * assumptions within the libpng code.
  128. */
  129. ptr += safeLength;
  130. length -= safeLength;
  131. }
  132. while (length > 0);
  133. /* And the following is always safe because the crc is only 32 bits. */
  134. png_ptr->crc = (png_uint_32)crc;
  135. }
  136. }
  137. /* Check a user supplied version number, called from both read and write
  138. * functions that create a png_struct
  139. */
  140. int
  141. png_user_version_check(png_structp png_ptr, png_const_charp user_png_ver)
  142. {
  143. if (user_png_ver)
  144. {
  145. int i = 0;
  146. do
  147. {
  148. if (user_png_ver[i] != png_libpng_ver[i])
  149. png_ptr->flags |= PNG_FLAG_LIBRARY_MISMATCH;
  150. } while (png_libpng_ver[i++]);
  151. }
  152. else
  153. png_ptr->flags |= PNG_FLAG_LIBRARY_MISMATCH;
  154. if (png_ptr->flags & PNG_FLAG_LIBRARY_MISMATCH)
  155. {
  156. /* Libpng 0.90 and later are binary incompatible with libpng 0.89, so
  157. * we must recompile any applications that use any older library version.
  158. * For versions after libpng 1.0, we will be compatible, so we need
  159. * only check the first digit.
  160. */
  161. if (user_png_ver == NULL || user_png_ver[0] != png_libpng_ver[0] ||
  162. (user_png_ver[0] == '1' && user_png_ver[2] != png_libpng_ver[2]) ||
  163. (user_png_ver[0] == '0' && user_png_ver[2] < '9'))
  164. {
  165. #ifdef PNG_WARNINGS_SUPPORTED
  166. size_t pos = 0;
  167. char m[128];
  168. pos = png_safecat(m, sizeof m, pos, "Application built with libpng-");
  169. pos = png_safecat(m, sizeof m, pos, user_png_ver);
  170. pos = png_safecat(m, sizeof m, pos, " but running with ");
  171. pos = png_safecat(m, sizeof m, pos, png_libpng_ver);
  172. png_warning(png_ptr, m);
  173. #endif
  174. #ifdef PNG_ERROR_NUMBERS_SUPPORTED
  175. png_ptr->flags = 0;
  176. #endif
  177. return 0;
  178. }
  179. }
  180. /* Success return. */
  181. return 1;
  182. }
  183. /* Allocate the memory for an info_struct for the application. We don't
  184. * really need the png_ptr, but it could potentially be useful in the
  185. * future. This should be used in favour of malloc(png_sizeof(png_info))
  186. * and png_info_init() so that applications that want to use a shared
  187. * libpng don't have to be recompiled if png_info changes size.
  188. */
  189. PNG_FUNCTION(png_infop,PNGAPI
  190. png_create_info_struct,(png_structp png_ptr),PNG_ALLOCATED)
  191. {
  192. png_infop info_ptr;
  193. png_debug(1, "in png_create_info_struct");
  194. if (png_ptr == NULL)
  195. return (NULL);
  196. #ifdef PNG_USER_MEM_SUPPORTED
  197. info_ptr = (png_infop)png_create_struct_2(PNG_STRUCT_INFO,
  198. png_ptr->malloc_fn, png_ptr->mem_ptr);
  199. #else
  200. info_ptr = (png_infop)png_create_struct(PNG_STRUCT_INFO);
  201. #endif
  202. if (info_ptr != NULL)
  203. png_info_init_3(&info_ptr, png_sizeof(png_info));
  204. return (info_ptr);
  205. }
  206. /* This function frees the memory associated with a single info struct.
  207. * Normally, one would use either png_destroy_read_struct() or
  208. * png_destroy_write_struct() to free an info struct, but this may be
  209. * useful for some applications.
  210. */
  211. void PNGAPI
  212. png_destroy_info_struct(png_structp png_ptr, png_infopp info_ptr_ptr)
  213. {
  214. png_infop info_ptr = NULL;
  215. png_debug(1, "in png_destroy_info_struct");
  216. if (png_ptr == NULL)
  217. return;
  218. if (info_ptr_ptr != NULL)
  219. info_ptr = *info_ptr_ptr;
  220. if (info_ptr != NULL)
  221. {
  222. png_info_destroy(png_ptr, info_ptr);
  223. #ifdef PNG_USER_MEM_SUPPORTED
  224. png_destroy_struct_2((png_voidp)info_ptr, png_ptr->free_fn,
  225. png_ptr->mem_ptr);
  226. #else
  227. png_destroy_struct((png_voidp)info_ptr);
  228. #endif
  229. *info_ptr_ptr = NULL;
  230. }
  231. }
  232. /* Initialize the info structure. This is now an internal function (0.89)
  233. * and applications using it are urged to use png_create_info_struct()
  234. * instead.
  235. */
  236. void PNGAPI
  237. png_info_init_3(png_infopp ptr_ptr, png_size_t png_info_struct_size)
  238. {
  239. png_infop info_ptr = *ptr_ptr;
  240. png_debug(1, "in png_info_init_3");
  241. if (info_ptr == NULL)
  242. return;
  243. if (png_sizeof(png_info) > png_info_struct_size)
  244. {
  245. png_destroy_struct(info_ptr);
  246. info_ptr = (png_infop)png_create_struct(PNG_STRUCT_INFO);
  247. *ptr_ptr = info_ptr;
  248. }
  249. /* Set everything to 0 */
  250. png_memset(info_ptr, 0, png_sizeof(png_info));
  251. }
  252. void PNGAPI
  253. png_data_freer(png_structp png_ptr, png_infop info_ptr,
  254. int freer, png_uint_32 mask)
  255. {
  256. png_debug(1, "in png_data_freer");
  257. if (png_ptr == NULL || info_ptr == NULL)
  258. return;
  259. if (freer == PNG_DESTROY_WILL_FREE_DATA)
  260. info_ptr->free_me |= mask;
  261. else if (freer == PNG_USER_WILL_FREE_DATA)
  262. info_ptr->free_me &= ~mask;
  263. else
  264. png_warning(png_ptr,
  265. "Unknown freer parameter in png_data_freer");
  266. }
  267. void PNGAPI
  268. png_free_data(png_structp png_ptr, png_infop info_ptr, png_uint_32 mask,
  269. int num)
  270. {
  271. png_debug(1, "in png_free_data");
  272. if (png_ptr == NULL || info_ptr == NULL)
  273. return;
  274. #ifdef PNG_TEXT_SUPPORTED
  275. /* Free text item num or (if num == -1) all text items */
  276. if ((mask & PNG_FREE_TEXT) & info_ptr->free_me)
  277. {
  278. if (num != -1)
  279. {
  280. if (info_ptr->text && info_ptr->text[num].key)
  281. {
  282. png_free(png_ptr, info_ptr->text[num].key);
  283. info_ptr->text[num].key = NULL;
  284. }
  285. }
  286. else
  287. {
  288. int i;
  289. for (i = 0; i < info_ptr->num_text; i++)
  290. png_free_data(png_ptr, info_ptr, PNG_FREE_TEXT, i);
  291. png_free(png_ptr, info_ptr->text);
  292. info_ptr->text = NULL;
  293. info_ptr->num_text=0;
  294. }
  295. }
  296. #endif
  297. #ifdef PNG_tRNS_SUPPORTED
  298. /* Free any tRNS entry */
  299. if ((mask & PNG_FREE_TRNS) & info_ptr->free_me)
  300. {
  301. png_free(png_ptr, info_ptr->trans_alpha);
  302. info_ptr->trans_alpha = NULL;
  303. info_ptr->valid &= ~PNG_INFO_tRNS;
  304. }
  305. #endif
  306. #ifdef PNG_sCAL_SUPPORTED
  307. /* Free any sCAL entry */
  308. if ((mask & PNG_FREE_SCAL) & info_ptr->free_me)
  309. {
  310. png_free(png_ptr, info_ptr->scal_s_width);
  311. png_free(png_ptr, info_ptr->scal_s_height);
  312. info_ptr->scal_s_width = NULL;
  313. info_ptr->scal_s_height = NULL;
  314. info_ptr->valid &= ~PNG_INFO_sCAL;
  315. }
  316. #endif
  317. #ifdef PNG_pCAL_SUPPORTED
  318. /* Free any pCAL entry */
  319. if ((mask & PNG_FREE_PCAL) & info_ptr->free_me)
  320. {
  321. png_free(png_ptr, info_ptr->pcal_purpose);
  322. png_free(png_ptr, info_ptr->pcal_units);
  323. info_ptr->pcal_purpose = NULL;
  324. info_ptr->pcal_units = NULL;
  325. if (info_ptr->pcal_params != NULL)
  326. {
  327. int i;
  328. for (i = 0; i < (int)info_ptr->pcal_nparams; i++)
  329. {
  330. png_free(png_ptr, info_ptr->pcal_params[i]);
  331. info_ptr->pcal_params[i] = NULL;
  332. }
  333. png_free(png_ptr, info_ptr->pcal_params);
  334. info_ptr->pcal_params = NULL;
  335. }
  336. info_ptr->valid &= ~PNG_INFO_pCAL;
  337. }
  338. #endif
  339. #ifdef PNG_iCCP_SUPPORTED
  340. /* Free any iCCP entry */
  341. if ((mask & PNG_FREE_ICCP) & info_ptr->free_me)
  342. {
  343. png_free(png_ptr, info_ptr->iccp_name);
  344. png_free(png_ptr, info_ptr->iccp_profile);
  345. info_ptr->iccp_name = NULL;
  346. info_ptr->iccp_profile = NULL;
  347. info_ptr->valid &= ~PNG_INFO_iCCP;
  348. }
  349. #endif
  350. #ifdef PNG_sPLT_SUPPORTED
  351. /* Free a given sPLT entry, or (if num == -1) all sPLT entries */
  352. if ((mask & PNG_FREE_SPLT) & info_ptr->free_me)
  353. {
  354. if (num != -1)
  355. {
  356. if (info_ptr->splt_palettes)
  357. {
  358. png_free(png_ptr, info_ptr->splt_palettes[num].name);
  359. png_free(png_ptr, info_ptr->splt_palettes[num].entries);
  360. info_ptr->splt_palettes[num].name = NULL;
  361. info_ptr->splt_palettes[num].entries = NULL;
  362. }
  363. }
  364. else
  365. {
  366. if (info_ptr->splt_palettes_num)
  367. {
  368. int i;
  369. for (i = 0; i < (int)info_ptr->splt_palettes_num; i++)
  370. png_free_data(png_ptr, info_ptr, PNG_FREE_SPLT, i);
  371. png_free(png_ptr, info_ptr->splt_palettes);
  372. info_ptr->splt_palettes = NULL;
  373. info_ptr->splt_palettes_num = 0;
  374. }
  375. info_ptr->valid &= ~PNG_INFO_sPLT;
  376. }
  377. }
  378. #endif
  379. #ifdef PNG_UNKNOWN_CHUNKS_SUPPORTED
  380. if (png_ptr->unknown_chunk.data)
  381. {
  382. png_free(png_ptr, png_ptr->unknown_chunk.data);
  383. png_ptr->unknown_chunk.data = NULL;
  384. }
  385. if ((mask & PNG_FREE_UNKN) & info_ptr->free_me)
  386. {
  387. if (num != -1)
  388. {
  389. if (info_ptr->unknown_chunks)
  390. {
  391. png_free(png_ptr, info_ptr->unknown_chunks[num].data);
  392. info_ptr->unknown_chunks[num].data = NULL;
  393. }
  394. }
  395. else
  396. {
  397. int i;
  398. if (info_ptr->unknown_chunks_num)
  399. {
  400. for (i = 0; i < info_ptr->unknown_chunks_num; i++)
  401. png_free_data(png_ptr, info_ptr, PNG_FREE_UNKN, i);
  402. png_free(png_ptr, info_ptr->unknown_chunks);
  403. info_ptr->unknown_chunks = NULL;
  404. info_ptr->unknown_chunks_num = 0;
  405. }
  406. }
  407. }
  408. #endif
  409. #ifdef PNG_hIST_SUPPORTED
  410. /* Free any hIST entry */
  411. if ((mask & PNG_FREE_HIST) & info_ptr->free_me)
  412. {
  413. png_free(png_ptr, info_ptr->hist);
  414. info_ptr->hist = NULL;
  415. info_ptr->valid &= ~PNG_INFO_hIST;
  416. }
  417. #endif
  418. /* Free any PLTE entry that was internally allocated */
  419. if ((mask & PNG_FREE_PLTE) & info_ptr->free_me)
  420. {
  421. png_zfree(png_ptr, info_ptr->palette);
  422. info_ptr->palette = NULL;
  423. info_ptr->valid &= ~PNG_INFO_PLTE;
  424. info_ptr->num_palette = 0;
  425. }
  426. #ifdef PNG_INFO_IMAGE_SUPPORTED
  427. /* Free any image bits attached to the info structure */
  428. if ((mask & PNG_FREE_ROWS) & info_ptr->free_me)
  429. {
  430. if (info_ptr->row_pointers)
  431. {
  432. int row;
  433. for (row = 0; row < (int)info_ptr->height; row++)
  434. {
  435. png_free(png_ptr, info_ptr->row_pointers[row]);
  436. info_ptr->row_pointers[row] = NULL;
  437. }
  438. png_free(png_ptr, info_ptr->row_pointers);
  439. info_ptr->row_pointers = NULL;
  440. }
  441. info_ptr->valid &= ~PNG_INFO_IDAT;
  442. }
  443. #endif
  444. if (num != -1)
  445. mask &= ~PNG_FREE_MUL;
  446. info_ptr->free_me &= ~mask;
  447. }
  448. /* This is an internal routine to free any memory that the info struct is
  449. * pointing to before re-using it or freeing the struct itself. Recall
  450. * that png_free() checks for NULL pointers for us.
  451. */
  452. void /* PRIVATE */
  453. png_info_destroy(png_structp png_ptr, png_infop info_ptr)
  454. {
  455. png_debug(1, "in png_info_destroy");
  456. png_free_data(png_ptr, info_ptr, PNG_FREE_ALL, -1);
  457. #ifdef PNG_HANDLE_AS_UNKNOWN_SUPPORTED
  458. if (png_ptr->num_chunk_list)
  459. {
  460. png_free(png_ptr, png_ptr->chunk_list);
  461. png_ptr->chunk_list = NULL;
  462. png_ptr->num_chunk_list = 0;
  463. }
  464. #endif
  465. png_info_init_3(&info_ptr, png_sizeof(png_info));
  466. }
  467. #endif /* defined(PNG_READ_SUPPORTED) || defined(PNG_WRITE_SUPPORTED) */
  468. /* This function returns a pointer to the io_ptr associated with the user
  469. * functions. The application should free any memory associated with this
  470. * pointer before png_write_destroy() or png_read_destroy() are called.
  471. */
  472. png_voidp PNGAPI
  473. png_get_io_ptr(png_structp png_ptr)
  474. {
  475. if (png_ptr == NULL)
  476. return (NULL);
  477. return (png_ptr->io_ptr);
  478. }
  479. #if defined(PNG_READ_SUPPORTED) || defined(PNG_WRITE_SUPPORTED)
  480. # ifdef PNG_STDIO_SUPPORTED
  481. /* Initialize the default input/output functions for the PNG file. If you
  482. * use your own read or write routines, you can call either png_set_read_fn()
  483. * or png_set_write_fn() instead of png_init_io(). If you have defined
  484. * PNG_NO_STDIO or otherwise disabled PNG_STDIO_SUPPORTED, you must use a
  485. * function of your own because "FILE *" isn't necessarily available.
  486. */
  487. void PNGAPI
  488. png_init_io(png_structp png_ptr, png_FILE_p fp)
  489. {
  490. png_debug(1, "in png_init_io");
  491. if (png_ptr == NULL)
  492. return;
  493. png_ptr->io_ptr = (png_voidp)fp;
  494. }
  495. # endif
  496. # ifdef PNG_TIME_RFC1123_SUPPORTED
  497. /* Convert the supplied time into an RFC 1123 string suitable for use in
  498. * a "Creation Time" or other text-based time string.
  499. */
  500. png_const_charp PNGAPI
  501. png_convert_to_rfc1123(png_structp png_ptr, png_const_timep ptime)
  502. {
  503. static PNG_CONST char short_months[12][4] =
  504. {"Jan", "Feb", "Mar", "Apr", "May", "Jun",
  505. "Jul", "Aug", "Sep", "Oct", "Nov", "Dec"};
  506. if (png_ptr == NULL)
  507. return (NULL);
  508. if (ptime->year > 9999 /* RFC1123 limitation */ ||
  509. ptime->month == 0 || ptime->month > 12 ||
  510. ptime->day == 0 || ptime->day > 31 ||
  511. ptime->hour > 23 || ptime->minute > 59 ||
  512. ptime->second > 60)
  513. {
  514. png_warning(png_ptr, "Ignoring invalid time value");
  515. return (NULL);
  516. }
  517. {
  518. size_t pos = 0;
  519. char number_buf[5]; /* enough for a four-digit year */
  520. # define APPEND_STRING(string)\
  521. pos = png_safecat(png_ptr->time_buffer, sizeof png_ptr->time_buffer,\
  522. pos, (string))
  523. # define APPEND_NUMBER(format, value)\
  524. APPEND_STRING(PNG_FORMAT_NUMBER(number_buf, format, (value)))
  525. # define APPEND(ch)\
  526. if (pos < (sizeof png_ptr->time_buffer)-1)\
  527. png_ptr->time_buffer[pos++] = (ch)
  528. APPEND_NUMBER(PNG_NUMBER_FORMAT_u, (unsigned)ptime->day);
  529. APPEND(' ');
  530. APPEND_STRING(short_months[(ptime->month - 1)]);
  531. APPEND(' ');
  532. APPEND_NUMBER(PNG_NUMBER_FORMAT_u, ptime->year);
  533. APPEND(' ');
  534. APPEND_NUMBER(PNG_NUMBER_FORMAT_02u, (unsigned)ptime->hour);
  535. APPEND(':');
  536. APPEND_NUMBER(PNG_NUMBER_FORMAT_02u, (unsigned)ptime->minute);
  537. APPEND(':');
  538. APPEND_NUMBER(PNG_NUMBER_FORMAT_02u, (unsigned)ptime->second);
  539. APPEND_STRING(" +0000"); /* This reliably terminates the buffer */
  540. # undef APPEND
  541. # undef APPEND_NUMBER
  542. # undef APPEND_STRING
  543. }
  544. return png_ptr->time_buffer;
  545. }
  546. # endif /* PNG_TIME_RFC1123_SUPPORTED */
  547. #endif /* defined(PNG_READ_SUPPORTED) || defined(PNG_WRITE_SUPPORTED) */
  548. png_const_charp PNGAPI
  549. png_get_copyright(png_const_structp png_ptr)
  550. {
  551. PNG_UNUSED(png_ptr) /* Silence compiler warning about unused png_ptr */
  552. #ifdef PNG_STRING_COPYRIGHT
  553. return PNG_STRING_COPYRIGHT
  554. #else
  555. # ifdef __STDC__
  556. return PNG_STRING_NEWLINE \
  557. "libpng version 1.5.9 - February 18, 2012" PNG_STRING_NEWLINE \
  558. "Copyright (c) 1998-2011 Glenn Randers-Pehrson" PNG_STRING_NEWLINE \
  559. "Copyright (c) 1996-1997 Andreas Dilger" PNG_STRING_NEWLINE \
  560. "Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc." \
  561. PNG_STRING_NEWLINE;
  562. # else
  563. return "libpng version 1.5.9 - February 18, 2012\
  564. Copyright (c) 1998-2011 Glenn Randers-Pehrson\
  565. Copyright (c) 1996-1997 Andreas Dilger\
  566. Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc.";
  567. # endif
  568. #endif
  569. }
  570. /* The following return the library version as a short string in the
  571. * format 1.0.0 through 99.99.99zz. To get the version of *.h files
  572. * used with your application, print out PNG_LIBPNG_VER_STRING, which
  573. * is defined in png.h.
  574. * Note: now there is no difference between png_get_libpng_ver() and
  575. * png_get_header_ver(). Due to the version_nn_nn_nn typedef guard,
  576. * it is guaranteed that png.c uses the correct version of png.h.
  577. */
  578. png_const_charp PNGAPI
  579. png_get_libpng_ver(png_const_structp png_ptr)
  580. {
  581. /* Version of *.c files used when building libpng */
  582. return png_get_header_ver(png_ptr);
  583. }
  584. png_const_charp PNGAPI
  585. png_get_header_ver(png_const_structp png_ptr)
  586. {
  587. /* Version of *.h files used when building libpng */
  588. PNG_UNUSED(png_ptr) /* Silence compiler warning about unused png_ptr */
  589. return PNG_LIBPNG_VER_STRING;
  590. }
  591. png_const_charp PNGAPI
  592. png_get_header_version(png_const_structp png_ptr)
  593. {
  594. /* Returns longer string containing both version and date */
  595. PNG_UNUSED(png_ptr) /* Silence compiler warning about unused png_ptr */
  596. #ifdef __STDC__
  597. return PNG_HEADER_VERSION_STRING
  598. # ifndef PNG_READ_SUPPORTED
  599. " (NO READ SUPPORT)"
  600. # endif
  601. PNG_STRING_NEWLINE;
  602. #else
  603. return PNG_HEADER_VERSION_STRING;
  604. #endif
  605. }
  606. #ifdef PNG_HANDLE_AS_UNKNOWN_SUPPORTED
  607. int PNGAPI
  608. png_handle_as_unknown(png_structp png_ptr, png_const_bytep chunk_name)
  609. {
  610. /* Check chunk_name and return "keep" value if it's on the list, else 0 */
  611. png_const_bytep p, p_end;
  612. if (png_ptr == NULL || chunk_name == NULL || png_ptr->num_chunk_list <= 0)
  613. return PNG_HANDLE_CHUNK_AS_DEFAULT;
  614. p_end = png_ptr->chunk_list;
  615. p = p_end + png_ptr->num_chunk_list*5; /* beyond end */
  616. /* The code is the fifth byte after each four byte string. Historically this
  617. * code was always searched from the end of the list, so it should continue
  618. * to do so in case there are duplicated entries.
  619. */
  620. do /* num_chunk_list > 0, so at least one */
  621. {
  622. p -= 5;
  623. if (!png_memcmp(chunk_name, p, 4))
  624. return p[4];
  625. }
  626. while (p > p_end);
  627. return PNG_HANDLE_CHUNK_AS_DEFAULT;
  628. }
  629. int /* PRIVATE */
  630. png_chunk_unknown_handling(png_structp png_ptr, png_uint_32 chunk_name)
  631. {
  632. png_byte chunk_string[5];
  633. PNG_CSTRING_FROM_CHUNK(chunk_string, chunk_name);
  634. return png_handle_as_unknown(png_ptr, chunk_string);
  635. }
  636. #endif
  637. #ifdef PNG_READ_SUPPORTED
  638. /* This function, added to libpng-1.0.6g, is untested. */
  639. int PNGAPI
  640. png_reset_zstream(png_structp png_ptr)
  641. {
  642. if (png_ptr == NULL)
  643. return Z_STREAM_ERROR;
  644. return (inflateReset(&png_ptr->zstream));
  645. }
  646. #endif /* PNG_READ_SUPPORTED */
  647. /* This function was added to libpng-1.0.7 */
  648. png_uint_32 PNGAPI
  649. png_access_version_number(void)
  650. {
  651. /* Version of *.c files used when building libpng */
  652. return((png_uint_32)PNG_LIBPNG_VER);
  653. }
  654. #if defined(PNG_READ_SUPPORTED) || defined(PNG_WRITE_SUPPORTED)
  655. /* png_convert_size: a PNGAPI but no longer in png.h, so deleted
  656. * at libpng 1.5.5!
  657. */
  658. /* Added at libpng version 1.2.34 and 1.4.0 (moved from pngset.c) */
  659. # ifdef PNG_CHECK_cHRM_SUPPORTED
  660. int /* PRIVATE */
  661. png_check_cHRM_fixed(png_structp png_ptr,
  662. png_fixed_point white_x, png_fixed_point white_y, png_fixed_point red_x,
  663. png_fixed_point red_y, png_fixed_point green_x, png_fixed_point green_y,
  664. png_fixed_point blue_x, png_fixed_point blue_y)
  665. {
  666. int ret = 1;
  667. unsigned long xy_hi,xy_lo,yx_hi,yx_lo;
  668. png_debug(1, "in function png_check_cHRM_fixed");
  669. if (png_ptr == NULL)
  670. return 0;
  671. /* (x,y,z) values are first limited to 0..100000 (PNG_FP_1), the white
  672. * y must also be greater than 0. To test for the upper limit calculate
  673. * (PNG_FP_1-y) - x must be <= to this for z to be >= 0 (and the expression
  674. * cannot overflow.) At this point we know x and y are >= 0 and (x+y) is
  675. * <= PNG_FP_1. The previous test on PNG_MAX_UINT_31 is removed because it
  676. * pointless (and it produces compiler warnings!)
  677. */
  678. if (white_x < 0 || white_y <= 0 ||
  679. red_x < 0 || red_y < 0 ||
  680. green_x < 0 || green_y < 0 ||
  681. blue_x < 0 || blue_y < 0)
  682. {
  683. png_warning(png_ptr,
  684. "Ignoring attempt to set negative chromaticity value");
  685. ret = 0;
  686. }
  687. /* And (x+y) must be <= PNG_FP_1 (so z is >= 0) */
  688. if (white_x > PNG_FP_1 - white_y)
  689. {
  690. png_warning(png_ptr, "Invalid cHRM white point");
  691. ret = 0;
  692. }
  693. if (red_x > PNG_FP_1 - red_y)
  694. {
  695. png_warning(png_ptr, "Invalid cHRM red point");
  696. ret = 0;
  697. }
  698. if (green_x > PNG_FP_1 - green_y)
  699. {
  700. png_warning(png_ptr, "Invalid cHRM green point");
  701. ret = 0;
  702. }
  703. if (blue_x > PNG_FP_1 - blue_y)
  704. {
  705. png_warning(png_ptr, "Invalid cHRM blue point");
  706. ret = 0;
  707. }
  708. png_64bit_product(green_x - red_x, blue_y - red_y, &xy_hi, &xy_lo);
  709. png_64bit_product(green_y - red_y, blue_x - red_x, &yx_hi, &yx_lo);
  710. if (xy_hi == yx_hi && xy_lo == yx_lo)
  711. {
  712. png_warning(png_ptr,
  713. "Ignoring attempt to set cHRM RGB triangle with zero area");
  714. ret = 0;
  715. }
  716. return ret;
  717. }
  718. # endif /* PNG_CHECK_cHRM_SUPPORTED */
  719. #ifdef PNG_cHRM_SUPPORTED
  720. /* Added at libpng-1.5.5 to support read and write of true CIEXYZ values for
  721. * cHRM, as opposed to using chromaticities. These internal APIs return
  722. * non-zero on a parameter error. The X, Y and Z values are required to be
  723. * positive and less than 1.0.
  724. */
  725. int png_xy_from_XYZ(png_xy *xy, png_XYZ XYZ)
  726. {
  727. png_int_32 d, dwhite, whiteX, whiteY;
  728. d = XYZ.redX + XYZ.redY + XYZ.redZ;
  729. if (!png_muldiv(&xy->redx, XYZ.redX, PNG_FP_1, d)) return 1;
  730. if (!png_muldiv(&xy->redy, XYZ.redY, PNG_FP_1, d)) return 1;
  731. dwhite = d;
  732. whiteX = XYZ.redX;
  733. whiteY = XYZ.redY;
  734. d = XYZ.greenX + XYZ.greenY + XYZ.greenZ;
  735. if (!png_muldiv(&xy->greenx, XYZ.greenX, PNG_FP_1, d)) return 1;
  736. if (!png_muldiv(&xy->greeny, XYZ.greenY, PNG_FP_1, d)) return 1;
  737. dwhite += d;
  738. whiteX += XYZ.greenX;
  739. whiteY += XYZ.greenY;
  740. d = XYZ.blueX + XYZ.blueY + XYZ.blueZ;
  741. if (!png_muldiv(&xy->bluex, XYZ.blueX, PNG_FP_1, d)) return 1;
  742. if (!png_muldiv(&xy->bluey, XYZ.blueY, PNG_FP_1, d)) return 1;
  743. dwhite += d;
  744. whiteX += XYZ.blueX;
  745. whiteY += XYZ.blueY;
  746. /* The reference white is simply the same of the end-point (X,Y,Z) vectors,
  747. * thus:
  748. */
  749. if (!png_muldiv(&xy->whitex, whiteX, PNG_FP_1, dwhite)) return 1;
  750. if (!png_muldiv(&xy->whitey, whiteY, PNG_FP_1, dwhite)) return 1;
  751. return 0;
  752. }
  753. int png_XYZ_from_xy(png_XYZ *XYZ, png_xy xy)
  754. {
  755. png_fixed_point red_inverse, green_inverse, blue_scale;
  756. png_fixed_point left, right, denominator;
  757. /* Check xy and, implicitly, z. Note that wide gamut color spaces typically
  758. * have end points with 0 tristimulus values (these are impossible end
  759. * points, but they are used to cover the possible colors.)
  760. */
  761. if (xy.redx < 0 || xy.redx > PNG_FP_1) return 1;
  762. if (xy.redy < 0 || xy.redy > PNG_FP_1-xy.redx) return 1;
  763. if (xy.greenx < 0 || xy.greenx > PNG_FP_1) return 1;
  764. if (xy.greeny < 0 || xy.greeny > PNG_FP_1-xy.greenx) return 1;
  765. if (xy.bluex < 0 || xy.bluex > PNG_FP_1) return 1;
  766. if (xy.bluey < 0 || xy.bluey > PNG_FP_1-xy.bluex) return 1;
  767. if (xy.whitex < 0 || xy.whitex > PNG_FP_1) return 1;
  768. if (xy.whitey < 0 || xy.whitey > PNG_FP_1-xy.whitex) return 1;
  769. /* The reverse calculation is more difficult because the original tristimulus
  770. * value had 9 independent values (red,green,blue)x(X,Y,Z) however only 8
  771. * derived values were recorded in the cHRM chunk;
  772. * (red,green,blue,white)x(x,y). This loses one degree of freedom and
  773. * therefore an arbitrary ninth value has to be introduced to undo the
  774. * original transformations.
  775. *
  776. * Think of the original end-points as points in (X,Y,Z) space. The
  777. * chromaticity values (c) have the property:
  778. *
  779. * C
  780. * c = ---------
  781. * X + Y + Z
  782. *
  783. * For each c (x,y,z) from the corresponding original C (X,Y,Z). Thus the
  784. * three chromaticity values (x,y,z) for each end-point obey the
  785. * relationship:
  786. *
  787. * x + y + z = 1
  788. *
  789. * This describes the plane in (X,Y,Z) space that intersects each axis at the
  790. * value 1.0; call this the chromaticity plane. Thus the chromaticity
  791. * calculation has scaled each end-point so that it is on the x+y+z=1 plane
  792. * and chromaticity is the intersection of the vector from the origin to the
  793. * (X,Y,Z) value with the chromaticity plane.
  794. *
  795. * To fully invert the chromaticity calculation we would need the three
  796. * end-point scale factors, (red-scale, green-scale, blue-scale), but these
  797. * were not recorded. Instead we calculated the reference white (X,Y,Z) and
  798. * recorded the chromaticity of this. The reference white (X,Y,Z) would have
  799. * given all three of the scale factors since:
  800. *
  801. * color-C = color-c * color-scale
  802. * white-C = red-C + green-C + blue-C
  803. * = red-c*red-scale + green-c*green-scale + blue-c*blue-scale
  804. *
  805. * But cHRM records only white-x and white-y, so we have lost the white scale
  806. * factor:
  807. *
  808. * white-C = white-c*white-scale
  809. *
  810. * To handle this the inverse transformation makes an arbitrary assumption
  811. * about white-scale:
  812. *
  813. * Assume: white-Y = 1.0
  814. * Hence: white-scale = 1/white-y
  815. * Or: red-Y + green-Y + blue-Y = 1.0
  816. *
  817. * Notice the last statement of the assumption gives an equation in three of
  818. * the nine values we want to calculate. 8 more equations come from the
  819. * above routine as summarised at the top above (the chromaticity
  820. * calculation):
  821. *
  822. * Given: color-x = color-X / (color-X + color-Y + color-Z)
  823. * Hence: (color-x - 1)*color-X + color.x*color-Y + color.x*color-Z = 0
  824. *
  825. * This is 9 simultaneous equations in the 9 variables "color-C" and can be
  826. * solved by Cramer's rule. Cramer's rule requires calculating 10 9x9 matrix
  827. * determinants, however this is not as bad as it seems because only 28 of
  828. * the total of 90 terms in the various matrices are non-zero. Nevertheless
  829. * Cramer's rule is notoriously numerically unstable because the determinant
  830. * calculation involves the difference of large, but similar, numbers. It is
  831. * difficult to be sure that the calculation is stable for real world values
  832. * and it is certain that it becomes unstable where the end points are close
  833. * together.
  834. *
  835. * So this code uses the perhaps slighly less optimal but more understandable
  836. * and totally obvious approach of calculating color-scale.
  837. *
  838. * This algorithm depends on the precision in white-scale and that is
  839. * (1/white-y), so we can immediately see that as white-y approaches 0 the
  840. * accuracy inherent in the cHRM chunk drops off substantially.
  841. *
  842. * libpng arithmetic: a simple invertion of the above equations
  843. * ------------------------------------------------------------
  844. *
  845. * white_scale = 1/white-y
  846. * white-X = white-x * white-scale
  847. * white-Y = 1.0
  848. * white-Z = (1 - white-x - white-y) * white_scale
  849. *
  850. * white-C = red-C + green-C + blue-C
  851. * = red-c*red-scale + green-c*green-scale + blue-c*blue-scale
  852. *
  853. * This gives us three equations in (red-scale,green-scale,blue-scale) where
  854. * all the coefficients are now known:
  855. *
  856. * red-x*red-scale + green-x*green-scale + blue-x*blue-scale
  857. * = white-x/white-y
  858. * red-y*red-scale + green-y*green-scale + blue-y*blue-scale = 1
  859. * red-z*red-scale + green-z*green-scale + blue-z*blue-scale
  860. * = (1 - white-x - white-y)/white-y
  861. *
  862. * In the last equation color-z is (1 - color-x - color-y) so we can add all
  863. * three equations together to get an alternative third:
  864. *
  865. * red-scale + green-scale + blue-scale = 1/white-y = white-scale
  866. *
  867. * So now we have a Cramer's rule solution where the determinants are just
  868. * 3x3 - far more tractible. Unfortunately 3x3 determinants still involve
  869. * multiplication of three coefficients so we can't guarantee to avoid
  870. * overflow in the libpng fixed point representation. Using Cramer's rule in
  871. * floating point is probably a good choice here, but it's not an option for
  872. * fixed point. Instead proceed to simplify the first two equations by
  873. * eliminating what is likely to be the largest value, blue-scale:
  874. *
  875. * blue-scale = white-scale - red-scale - green-scale
  876. *
  877. * Hence:
  878. *
  879. * (red-x - blue-x)*red-scale + (green-x - blue-x)*green-scale =
  880. * (white-x - blue-x)*white-scale
  881. *
  882. * (red-y - blue-y)*red-scale + (green-y - blue-y)*green-scale =
  883. * 1 - blue-y*white-scale
  884. *
  885. * And now we can trivially solve for (red-scale,green-scale):
  886. *
  887. * green-scale =
  888. * (white-x - blue-x)*white-scale - (red-x - blue-x)*red-scale
  889. * -----------------------------------------------------------
  890. * green-x - blue-x
  891. *
  892. * red-scale =
  893. * 1 - blue-y*white-scale - (green-y - blue-y) * green-scale
  894. * ---------------------------------------------------------
  895. * red-y - blue-y
  896. *
  897. * Hence:
  898. *
  899. * red-scale =
  900. * ( (green-x - blue-x) * (white-y - blue-y) -
  901. * (green-y - blue-y) * (white-x - blue-x) ) / white-y
  902. * -------------------------------------------------------------------------
  903. * (green-x - blue-x)*(red-y - blue-y)-(green-y - blue-y)*(red-x - blue-x)
  904. *
  905. * green-scale =
  906. * ( (red-y - blue-y) * (white-x - blue-x) -
  907. * (red-x - blue-x) * (white-y - blue-y) ) / white-y
  908. * -------------------------------------------------------------------------
  909. * (green-x - blue-x)*(red-y - blue-y)-(green-y - blue-y)*(red-x - blue-x)
  910. *
  911. * Accuracy:
  912. * The input values have 5 decimal digits of accuracy. The values are all in
  913. * the range 0 < value < 1, so simple products are in the same range but may
  914. * need up to 10 decimal digits to preserve the original precision and avoid
  915. * underflow. Because we are using a 32-bit signed representation we cannot
  916. * match this; the best is a little over 9 decimal digits, less than 10.
  917. *
  918. * The approach used here is to preserve the maximum precision within the
  919. * signed representation. Because the red-scale calculation above uses the
  920. * difference between two products of values that must be in the range -1..+1
  921. * it is sufficient to divide the product by 7; ceil(100,000/32767*2). The
  922. * factor is irrelevant in the calculation because it is applied to both
  923. * numerator and denominator.
  924. *
  925. * Note that the values of the differences of the products of the
  926. * chromaticities in the above equations tend to be small, for example for
  927. * the sRGB chromaticities they are:
  928. *
  929. * red numerator: -0.04751
  930. * green numerator: -0.08788
  931. * denominator: -0.2241 (without white-y multiplication)
  932. *
  933. * The resultant Y coefficients from the chromaticities of some widely used
  934. * color space definitions are (to 15 decimal places):
  935. *
  936. * sRGB
  937. * 0.212639005871510 0.715168678767756 0.072192315360734
  938. * Kodak ProPhoto
  939. * 0.288071128229293 0.711843217810102 0.000085653960605
  940. * Adobe RGB
  941. * 0.297344975250536 0.627363566255466 0.075291458493998
  942. * Adobe Wide Gamut RGB
  943. * 0.258728243040113 0.724682314948566 0.016589442011321
  944. */
  945. /* By the argument, above overflow should be impossible here. The return
  946. * value of 2 indicates an internal error to the caller.
  947. */
  948. if (!png_muldiv(&left, xy.greenx-xy.bluex, xy.redy - xy.bluey, 7)) return 2;
  949. if (!png_muldiv(&right, xy.greeny-xy.bluey, xy.redx - xy.bluex, 7)) return 2;
  950. denominator = left - right;
  951. /* Now find the red numerator. */
  952. if (!png_muldiv(&left, xy.greenx-xy.bluex, xy.whitey-xy.bluey, 7)) return 2;
  953. if (!png_muldiv(&right, xy.greeny-xy.bluey, xy.whitex-xy.bluex, 7)) return 2;
  954. /* Overflow is possible here and it indicates an extreme set of PNG cHRM
  955. * chunk values. This calculation actually returns the reciprocal of the
  956. * scale value because this allows us to delay the multiplication of white-y
  957. * into the denominator, which tends to produce a small number.
  958. */
  959. if (!png_muldiv(&red_inverse, xy.whitey, denominator, left-right) ||
  960. red_inverse <= xy.whitey /* r+g+b scales = white scale */)
  961. return 1;
  962. /* Similarly for green_inverse: */
  963. if (!png_muldiv(&left, xy.redy-xy.bluey, xy.whitex-xy.bluex, 7)) return 2;
  964. if (!png_muldiv(&right, xy.redx-xy.bluex, xy.whitey-xy.bluey, 7)) return 2;
  965. if (!png_muldiv(&green_inverse, xy.whitey, denominator, left-right) ||
  966. green_inverse <= xy.whitey)
  967. return 1;
  968. /* And the blue scale, the checks above guarantee this can't overflow but it
  969. * can still produce 0 for extreme cHRM values.
  970. */
  971. blue_scale = png_reciprocal(xy.whitey) - png_reciprocal(red_inverse) -
  972. png_reciprocal(green_inverse);
  973. if (blue_scale <= 0) return 1;
  974. /* And fill in the png_XYZ: */
  975. if (!png_muldiv(&XYZ->redX, xy.redx, PNG_FP_1, red_inverse)) return 1;
  976. if (!png_muldiv(&XYZ->redY, xy.redy, PNG_FP_1, red_inverse)) return 1;
  977. if (!png_muldiv(&XYZ->redZ, PNG_FP_1 - xy.redx - xy.redy, PNG_FP_1,
  978. red_inverse))
  979. return 1;
  980. if (!png_muldiv(&XYZ->greenX, xy.greenx, PNG_FP_1, green_inverse)) return 1;
  981. if (!png_muldiv(&XYZ->greenY, xy.greeny, PNG_FP_1, green_inverse)) return 1;
  982. if (!png_muldiv(&XYZ->greenZ, PNG_FP_1 - xy.greenx - xy.greeny, PNG_FP_1,
  983. green_inverse))
  984. return 1;
  985. if (!png_muldiv(&XYZ->blueX, xy.bluex, blue_scale, PNG_FP_1)) return 1;
  986. if (!png_muldiv(&XYZ->blueY, xy.bluey, blue_scale, PNG_FP_1)) return 1;
  987. if (!png_muldiv(&XYZ->blueZ, PNG_FP_1 - xy.bluex - xy.bluey, blue_scale,
  988. PNG_FP_1))
  989. return 1;
  990. return 0; /*success*/
  991. }
  992. int png_XYZ_from_xy_checked(png_structp png_ptr, png_XYZ *XYZ, png_xy xy)
  993. {
  994. switch (png_XYZ_from_xy(XYZ, xy))
  995. {
  996. case 0: /* success */
  997. return 1;
  998. case 1:
  999. /* The chunk may be technically valid, but we got png_fixed_point
  1000. * overflow while trying to get XYZ values out of it. This is
  1001. * entirely benign - the cHRM chunk is pretty extreme.
  1002. */
  1003. png_warning(png_ptr,
  1004. "extreme cHRM chunk cannot be converted to tristimulus values");
  1005. break;
  1006. default:
  1007. /* libpng is broken; this should be a warning but if it happens we
  1008. * want error reports so for the moment it is an error.
  1009. */
  1010. png_error(png_ptr, "internal error in png_XYZ_from_xy");
  1011. break;
  1012. }
  1013. /* ERROR RETURN */
  1014. return 0;
  1015. }
  1016. #endif
  1017. void /* PRIVATE */
  1018. png_check_IHDR(png_structp png_ptr,
  1019. png_uint_32 width, png_uint_32 height, int bit_depth,
  1020. int color_type, int interlace_type, int compression_type,
  1021. int filter_type)
  1022. {
  1023. int error = 0;
  1024. /* Check for width and height valid values */
  1025. if (width == 0)
  1026. {
  1027. png_warning(png_ptr, "Image width is zero in IHDR");
  1028. error = 1;
  1029. }
  1030. if (height == 0)
  1031. {
  1032. png_warning(png_ptr, "Image height is zero in IHDR");
  1033. error = 1;
  1034. }
  1035. # ifdef PNG_SET_USER_LIMITS_SUPPORTED
  1036. if (width > png_ptr->user_width_max)
  1037. # else
  1038. if (width > PNG_USER_WIDTH_MAX)
  1039. # endif
  1040. {
  1041. png_warning(png_ptr, "Image width exceeds user limit in IHDR");
  1042. error = 1;
  1043. }
  1044. # ifdef PNG_SET_USER_LIMITS_SUPPORTED
  1045. if (height > png_ptr->user_height_max)
  1046. # else
  1047. if (height > PNG_USER_HEIGHT_MAX)
  1048. # endif
  1049. {
  1050. png_warning(png_ptr, "Image height exceeds user limit in IHDR");
  1051. error = 1;
  1052. }
  1053. if (width > PNG_UINT_31_MAX)
  1054. {
  1055. png_warning(png_ptr, "Invalid image width in IHDR");
  1056. error = 1;
  1057. }
  1058. if (height > PNG_UINT_31_MAX)
  1059. {
  1060. png_warning(png_ptr, "Invalid image height in IHDR");
  1061. error = 1;
  1062. }
  1063. if (width > (PNG_UINT_32_MAX
  1064. >> 3) /* 8-byte RGBA pixels */
  1065. - 48 /* bigrowbuf hack */
  1066. - 1 /* filter byte */
  1067. - 7*8 /* rounding of width to multiple of 8 pixels */
  1068. - 8) /* extra max_pixel_depth pad */
  1069. png_warning(png_ptr, "Width is too large for libpng to process pixels");
  1070. /* Check other values */
  1071. if (bit_depth != 1 && bit_depth != 2 && bit_depth != 4 &&
  1072. bit_depth != 8 && bit_depth != 16)
  1073. {
  1074. png_warning(png_ptr, "Invalid bit depth in IHDR");
  1075. error = 1;
  1076. }
  1077. if (color_type < 0 || color_type == 1 ||
  1078. color_type == 5 || color_type > 6)
  1079. {
  1080. png_warning(png_ptr, "Invalid color type in IHDR");
  1081. error = 1;
  1082. }
  1083. if (((color_type == PNG_COLOR_TYPE_PALETTE) && bit_depth > 8) ||
  1084. ((color_type == PNG_COLOR_TYPE_RGB ||
  1085. color_type == PNG_COLOR_TYPE_GRAY_ALPHA ||
  1086. color_type == PNG_COLOR_TYPE_RGB_ALPHA) && bit_depth < 8))
  1087. {
  1088. png_warning(png_ptr, "Invalid color type/bit depth combination in IHDR");
  1089. error = 1;
  1090. }
  1091. if (interlace_type >= PNG_INTERLACE_LAST)
  1092. {
  1093. png_warning(png_ptr, "Unknown interlace method in IHDR");
  1094. error = 1;
  1095. }
  1096. if (compression_type != PNG_COMPRESSION_TYPE_BASE)
  1097. {
  1098. png_warning(png_ptr, "Unknown compression method in IHDR");
  1099. error = 1;
  1100. }
  1101. # ifdef PNG_MNG_FEATURES_SUPPORTED
  1102. /* Accept filter_method 64 (intrapixel differencing) only if
  1103. * 1. Libpng was compiled with PNG_MNG_FEATURES_SUPPORTED and
  1104. * 2. Libpng did not read a PNG signature (this filter_method is only
  1105. * used in PNG datastreams that are embedded in MNG datastreams) and
  1106. * 3. The application called png_permit_mng_features with a mask that
  1107. * included PNG_FLAG_MNG_FILTER_64 and
  1108. * 4. The filter_method is 64 and
  1109. * 5. The color_type is RGB or RGBA
  1110. */
  1111. if ((png_ptr->mode & PNG_HAVE_PNG_SIGNATURE) &&
  1112. png_ptr->mng_features_permitted)
  1113. png_warning(png_ptr, "MNG features are not allowed in a PNG datastream");
  1114. if (filter_type != PNG_FILTER_TYPE_BASE)
  1115. {
  1116. if (!((png_ptr->mng_features_permitted & PNG_FLAG_MNG_FILTER_64) &&
  1117. (filter_type == PNG_INTRAPIXEL_DIFFERENCING) &&
  1118. ((png_ptr->mode & PNG_HAVE_PNG_SIGNATURE) == 0) &&
  1119. (color_type == PNG_COLOR_TYPE_RGB ||
  1120. color_type == PNG_COLOR_TYPE_RGB_ALPHA)))
  1121. {
  1122. png_warning(png_ptr, "Unknown filter method in IHDR");
  1123. error = 1;
  1124. }
  1125. if (png_ptr->mode & PNG_HAVE_PNG_SIGNATURE)
  1126. {
  1127. png_warning(png_ptr, "Invalid filter method in IHDR");
  1128. error = 1;
  1129. }
  1130. }
  1131. # else
  1132. if (filter_type != PNG_FILTER_TYPE_BASE)
  1133. {
  1134. png_warning(png_ptr, "Unknown filter method in IHDR");
  1135. error = 1;
  1136. }
  1137. # endif
  1138. if (error == 1)
  1139. png_error(png_ptr, "Invalid IHDR data");
  1140. }
  1141. #if defined(PNG_sCAL_SUPPORTED) || defined(PNG_pCAL_SUPPORTED)
  1142. /* ASCII to fp functions */
  1143. /* Check an ASCII formated floating point value, see the more detailed
  1144. * comments in pngpriv.h
  1145. */
  1146. /* The following is used internally to preserve the sticky flags */
  1147. #define png_fp_add(state, flags) ((state) |= (flags))
  1148. #define png_fp_set(state, value) ((state) = (value) | ((state) & PNG_FP_STICKY))
  1149. int /* PRIVATE */
  1150. png_check_fp_number(png_const_charp string, png_size_t size, int *statep,
  1151. png_size_tp whereami)
  1152. {
  1153. int state = *statep;
  1154. png_size_t i = *whereami;
  1155. while (i < size)
  1156. {
  1157. int type;
  1158. /* First find the type of the next character */
  1159. switch (string[i])
  1160. {
  1161. case 43: type = PNG_FP_SAW_SIGN; break;
  1162. case 45: type = PNG_FP_SAW_SIGN + PNG_FP_NEGATIVE; break;
  1163. case 46: type = PNG_FP_SAW_DOT; break;
  1164. case 48: type = PNG_FP_SAW_DIGIT; break;
  1165. case 49: case 50: case 51: case 52:
  1166. case 53: case 54: case 55: case 56:
  1167. case 57: type = PNG_FP_SAW_DIGIT + PNG_FP_NONZERO; break;
  1168. case 69:
  1169. case 101: type = PNG_FP_SAW_E; break;
  1170. default: goto PNG_FP_End;
  1171. }
  1172. /* Now deal with this type according to the current
  1173. * state, the type is arranged to not overlap the
  1174. * bits of the PNG_FP_STATE.
  1175. */
  1176. switch ((state & PNG_FP_STATE) + (type & PNG_FP_SAW_ANY))
  1177. {
  1178. case PNG_FP_INTEGER + PNG_FP_SAW_SIGN:
  1179. if (state & PNG_FP_SAW_ANY)
  1180. goto PNG_FP_End; /* not a part of the number */
  1181. png_fp_add(state, type);
  1182. break;
  1183. case PNG_FP_INTEGER + PNG_FP_SAW_DOT:
  1184. /* Ok as trailer, ok as lead of fraction. */
  1185. if (state & PNG_FP_SAW_DOT) /* two dots */
  1186. goto PNG_FP_End;
  1187. else if (state & PNG_FP_SAW_DIGIT) /* trailing dot? */
  1188. png_fp_add(state, type);
  1189. else
  1190. png_fp_set(state, PNG_FP_FRACTION | type);
  1191. break;
  1192. case PNG_FP_INTEGER + PNG_FP_SAW_DIGIT:
  1193. if (state & PNG_FP_SAW_DOT) /* delayed fraction */
  1194. png_fp_set(state, PNG_FP_FRACTION | PNG_FP_SAW_DOT);
  1195. png_fp_add(state, type | PNG_FP_WAS_VALID);
  1196. break;
  1197. case PNG_FP_INTEGER + PNG_FP_SAW_E:
  1198. if ((state & PNG_FP_SAW_DIGIT) == 0)
  1199. goto PNG_FP_End;
  1200. png_fp_set(state, PNG_FP_EXPONENT);
  1201. break;
  1202. /* case PNG_FP_FRACTION + PNG_FP_SAW_SIGN:
  1203. goto PNG_FP_End; ** no sign in fraction */
  1204. /* case PNG_FP_FRACTION + PNG_FP_SAW_DOT:
  1205. goto PNG_FP_End; ** Because SAW_DOT is always set */
  1206. case PNG_FP_FRACTION + PNG_FP_SAW_DIGIT:
  1207. png_fp_add(state, type | PNG_FP_WAS_VALID);
  1208. break;
  1209. case PNG_FP_FRACTION + PNG_FP_SAW_E:
  1210. /* This is correct because the trailing '.' on an
  1211. * integer is handled above - so we can only get here
  1212. * with the sequence ".E" (with no preceding digits).
  1213. */
  1214. if ((state & PNG_FP_SAW_DIGIT) == 0)
  1215. goto PNG_FP_End;
  1216. png_fp_set(state, PNG_FP_EXPONENT);
  1217. break;
  1218. case PNG_FP_EXPONENT + PNG_FP_SAW_SIGN:
  1219. if (state & PNG_FP_SAW_ANY)
  1220. goto PNG_FP_End; /* not a part of the number */
  1221. png_fp_add(state, PNG_FP_SAW_SIGN);
  1222. break;
  1223. /* case PNG_FP_EXPONENT + PNG_FP_SAW_DOT:
  1224. goto PNG_FP_End; */
  1225. case PNG_FP_EXPONENT + PNG_FP_SAW_DIGIT:
  1226. png_fp_add(state, PNG_FP_SAW_DIGIT | PNG_FP_WAS_VALID);
  1227. break;
  1228. /* case PNG_FP_EXPONEXT + PNG_FP_SAW_E:
  1229. goto PNG_FP_End; */
  1230. default: goto PNG_FP_End; /* I.e. break 2 */
  1231. }
  1232. /* The character seems ok, continue. */
  1233. ++i;
  1234. }
  1235. PNG_FP_End:
  1236. /* Here at the end, update the state and return the correct
  1237. * return code.
  1238. */
  1239. *statep = state;
  1240. *whereami = i;
  1241. return (state & PNG_FP_SAW_DIGIT) != 0;
  1242. }
  1243. /* The same but for a complete string. */
  1244. int
  1245. png_check_fp_string(png_const_charp string, png_size_t size)
  1246. {
  1247. int state=0;
  1248. png_size_t char_index=0;
  1249. if (png_check_fp_number(string, size, &state, &char_index) &&
  1250. (char_index == size || string[char_index] == 0))
  1251. return state /* must be non-zero - see above */;
  1252. return 0; /* i.e. fail */
  1253. }
  1254. #endif /* pCAL or sCAL */
  1255. #ifdef PNG_READ_sCAL_SUPPORTED
  1256. # ifdef PNG_FLOATING_POINT_SUPPORTED
  1257. /* Utility used below - a simple accurate power of ten from an integral
  1258. * exponent.
  1259. */
  1260. static double
  1261. png_pow10(int power)
  1262. {
  1263. int recip = 0;
  1264. double d = 1;
  1265. /* Handle negative exponent with a reciprocal at the end because
  1266. * 10 is exact whereas .1 is inexact in base 2
  1267. */
  1268. if (power < 0)
  1269. {
  1270. if (power < DBL_MIN_10_EXP) return 0;
  1271. recip = 1, power = -power;
  1272. }
  1273. if (power > 0)
  1274. {
  1275. /* Decompose power bitwise. */
  1276. double mult = 10;
  1277. do
  1278. {
  1279. if (power & 1) d *= mult;
  1280. mult *= mult;
  1281. power >>= 1;
  1282. }
  1283. while (power > 0);
  1284. if (recip) d = 1/d;
  1285. }
  1286. /* else power is 0 and d is 1 */
  1287. return d;
  1288. }
  1289. /* Function to format a floating point value in ASCII with a given
  1290. * precision.
  1291. */
  1292. void /* PRIVATE */
  1293. png_ascii_from_fp(png_structp png_ptr, png_charp ascii, png_size_t size,
  1294. double fp, unsigned int precision)
  1295. {
  1296. /* We use standard functions from math.h, but not printf because
  1297. * that would require stdio. The caller must supply a buffer of
  1298. * sufficient size or we will png_error. The tests on size and
  1299. * the space in ascii[] consumed are indicated below.
  1300. */
  1301. if (precision < 1)
  1302. precision = DBL_DIG;
  1303. /* Enforce the limit of the implementation precision too. */
  1304. if (precision > DBL_DIG+1)
  1305. precision = DBL_DIG+1;
  1306. /* Basic sanity checks */
  1307. if (size >= precision+5) /* See the requirements below. */
  1308. {
  1309. if (fp < 0)
  1310. {
  1311. fp = -fp;
  1312. *ascii++ = 45; /* '-' PLUS 1 TOTAL 1 */
  1313. --size;
  1314. }
  1315. if (fp >= DBL_MIN && fp <= DBL_MAX)
  1316. {
  1317. int exp_b10; /* A base 10 exponent */
  1318. double base; /* 10^exp_b10 */
  1319. /* First extract a base 10 exponent of the number,
  1320. * the calculation below rounds down when converting
  1321. * from base 2 to base 10 (multiply by log10(2) -
  1322. * 0.3010, but 77/256 is 0.3008, so exp_b10 needs to
  1323. * be increased. Note that the arithmetic shift
  1324. * performs a floor() unlike C arithmetic - using a
  1325. * C multiply would break the following for negative
  1326. * exponents.
  1327. */
  1328. (void)frexp(fp, &exp_b10); /* exponent to base 2 */
  1329. exp_b10 = (exp_b10 * 77) >> 8; /* <= exponent to base 10 */
  1330. /* Avoid underflow here. */
  1331. base = png_pow10(exp_b10); /* May underflow */
  1332. while (base < DBL_MIN || base < fp)
  1333. {
  1334. /* And this may overflow. */
  1335. double test = png_pow10(exp_b10+1);
  1336. if (test <= DBL_MAX)
  1337. ++exp_b10, base = test;
  1338. else
  1339. break;
  1340. }
  1341. /* Normalize fp and correct exp_b10, after this fp is in the
  1342. * range [.1,1) and exp_b10 is both the exponent and the digit
  1343. * *before* which the decimal point should be inserted
  1344. * (starting with 0 for the first digit). Note that this
  1345. * works even if 10^exp_b10 is out of range because of the
  1346. * test on DBL_MAX above.
  1347. */
  1348. fp /= base;
  1349. while (fp >= 1) fp /= 10, ++exp_b10;
  1350. /* Because of the code above fp may, at this point, be
  1351. * less than .1, this is ok b…