/src/FreeImage/Source/LibPNG/png.c
C | 2870 lines | 1710 code | 392 blank | 768 comment | 442 complexity | 43d68f8e6f25295ba659fdd331ae0123 MD5 | raw file
Large files files are truncated, but you can click here to view the full file
1 2/* png.c - location for general purpose libpng functions 3 * 4 * Last changed in libpng 1.5.7 [December 15, 2011] 5 * Copyright (c) 1998-2011 Glenn Randers-Pehrson 6 * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) 7 * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) 8 * 9 * This code is released under the libpng license. 10 * For conditions of distribution and use, see the disclaimer 11 * and license in png.h 12 */ 13 14#include "pngpriv.h" 15 16/* Generate a compiler error if there is an old png.h in the search path. */ 17typedef png_libpng_version_1_5_9 Your_png_h_is_not_version_1_5_9; 18 19/* Tells libpng that we have already handled the first "num_bytes" bytes 20 * of the PNG file signature. If the PNG data is embedded into another 21 * stream we can set num_bytes = 8 so that libpng will not attempt to read 22 * or write any of the magic bytes before it starts on the IHDR. 23 */ 24 25#ifdef PNG_READ_SUPPORTED 26void PNGAPI 27png_set_sig_bytes(png_structp png_ptr, int num_bytes) 28{ 29 png_debug(1, "in png_set_sig_bytes"); 30 31 if (png_ptr == NULL) 32 return; 33 34 if (num_bytes > 8) 35 png_error(png_ptr, "Too many bytes for PNG signature"); 36 37 png_ptr->sig_bytes = (png_byte)(num_bytes < 0 ? 0 : num_bytes); 38} 39 40/* Checks whether the supplied bytes match the PNG signature. We allow 41 * checking less than the full 8-byte signature so that those apps that 42 * already read the first few bytes of a file to determine the file type 43 * can simply check the remaining bytes for extra assurance. Returns 44 * an integer less than, equal to, or greater than zero if sig is found, 45 * respectively, to be less than, to match, or be greater than the correct 46 * PNG signature (this is the same behavior as strcmp, memcmp, etc). 47 */ 48int PNGAPI 49png_sig_cmp(png_const_bytep sig, png_size_t start, png_size_t num_to_check) 50{ 51 png_byte png_signature[8] = {137, 80, 78, 71, 13, 10, 26, 10}; 52 53 if (num_to_check > 8) 54 num_to_check = 8; 55 56 else if (num_to_check < 1) 57 return (-1); 58 59 if (start > 7) 60 return (-1); 61 62 if (start + num_to_check > 8) 63 num_to_check = 8 - start; 64 65 return ((int)(png_memcmp(&sig[start], &png_signature[start], num_to_check))); 66} 67 68#endif /* PNG_READ_SUPPORTED */ 69 70#if defined(PNG_READ_SUPPORTED) || defined(PNG_WRITE_SUPPORTED) 71/* Function to allocate memory for zlib */ 72PNG_FUNCTION(voidpf /* PRIVATE */, 73png_zalloc,(voidpf png_ptr, uInt items, uInt size),PNG_ALLOCATED) 74{ 75 png_voidp ptr; 76 png_structp p=(png_structp)png_ptr; 77 png_uint_32 save_flags=p->flags; 78 png_alloc_size_t num_bytes; 79 80 if (png_ptr == NULL) 81 return (NULL); 82 83 if (items > PNG_UINT_32_MAX/size) 84 { 85 png_warning (p, "Potential overflow in png_zalloc()"); 86 return (NULL); 87 } 88 num_bytes = (png_alloc_size_t)items * size; 89 90 p->flags|=PNG_FLAG_MALLOC_NULL_MEM_OK; 91 ptr = (png_voidp)png_malloc((png_structp)png_ptr, num_bytes); 92 p->flags=save_flags; 93 94 return ((voidpf)ptr); 95} 96 97/* Function to free memory for zlib */ 98void /* PRIVATE */ 99png_zfree(voidpf png_ptr, voidpf ptr) 100{ 101 png_free((png_structp)png_ptr, (png_voidp)ptr); 102} 103 104/* Reset the CRC variable to 32 bits of 1's. Care must be taken 105 * in case CRC is > 32 bits to leave the top bits 0. 106 */ 107void /* PRIVATE */ 108png_reset_crc(png_structp png_ptr) 109{ 110 /* The cast is safe because the crc is a 32 bit value. */ 111 png_ptr->crc = (png_uint_32)crc32(0, Z_NULL, 0); 112} 113 114/* Calculate the CRC over a section of data. We can only pass as 115 * much data to this routine as the largest single buffer size. We 116 * also check that this data will actually be used before going to the 117 * trouble of calculating it. 118 */ 119void /* PRIVATE */ 120png_calculate_crc(png_structp png_ptr, png_const_bytep ptr, png_size_t length) 121{ 122 int need_crc = 1; 123 124 if (PNG_CHUNK_ANCILLIARY(png_ptr->chunk_name)) 125 { 126 if ((png_ptr->flags & PNG_FLAG_CRC_ANCILLARY_MASK) == 127 (PNG_FLAG_CRC_ANCILLARY_USE | PNG_FLAG_CRC_ANCILLARY_NOWARN)) 128 need_crc = 0; 129 } 130 131 else /* critical */ 132 { 133 if (png_ptr->flags & PNG_FLAG_CRC_CRITICAL_IGNORE) 134 need_crc = 0; 135 } 136 137 /* 'uLong' is defined as unsigned long, this means that on some systems it is 138 * a 64 bit value. crc32, however, returns 32 bits so the following cast is 139 * safe. 'uInt' may be no more than 16 bits, so it is necessary to perform a 140 * loop here. 141 */ 142 if (need_crc && length > 0) 143 { 144 uLong crc = png_ptr->crc; /* Should never issue a warning */ 145 146 do 147 { 148 uInt safeLength = (uInt)length; 149 if (safeLength == 0) 150 safeLength = (uInt)-1; /* evil, but safe */ 151 152 crc = crc32(crc, ptr, safeLength); 153 154 /* The following should never issue compiler warnings, if they do the 155 * target system has characteristics that will probably violate other 156 * assumptions within the libpng code. 157 */ 158 ptr += safeLength; 159 length -= safeLength; 160 } 161 while (length > 0); 162 163 /* And the following is always safe because the crc is only 32 bits. */ 164 png_ptr->crc = (png_uint_32)crc; 165 } 166} 167 168/* Check a user supplied version number, called from both read and write 169 * functions that create a png_struct 170 */ 171int 172png_user_version_check(png_structp png_ptr, png_const_charp user_png_ver) 173{ 174 if (user_png_ver) 175 { 176 int i = 0; 177 178 do 179 { 180 if (user_png_ver[i] != png_libpng_ver[i]) 181 png_ptr->flags |= PNG_FLAG_LIBRARY_MISMATCH; 182 } while (png_libpng_ver[i++]); 183 } 184 185 else 186 png_ptr->flags |= PNG_FLAG_LIBRARY_MISMATCH; 187 188 if (png_ptr->flags & PNG_FLAG_LIBRARY_MISMATCH) 189 { 190 /* Libpng 0.90 and later are binary incompatible with libpng 0.89, so 191 * we must recompile any applications that use any older library version. 192 * For versions after libpng 1.0, we will be compatible, so we need 193 * only check the first digit. 194 */ 195 if (user_png_ver == NULL || user_png_ver[0] != png_libpng_ver[0] || 196 (user_png_ver[0] == '1' && user_png_ver[2] != png_libpng_ver[2]) || 197 (user_png_ver[0] == '0' && user_png_ver[2] < '9')) 198 { 199#ifdef PNG_WARNINGS_SUPPORTED 200 size_t pos = 0; 201 char m[128]; 202 203 pos = png_safecat(m, sizeof m, pos, "Application built with libpng-"); 204 pos = png_safecat(m, sizeof m, pos, user_png_ver); 205 pos = png_safecat(m, sizeof m, pos, " but running with "); 206 pos = png_safecat(m, sizeof m, pos, png_libpng_ver); 207 208 png_warning(png_ptr, m); 209#endif 210 211#ifdef PNG_ERROR_NUMBERS_SUPPORTED 212 png_ptr->flags = 0; 213#endif 214 215 return 0; 216 } 217 } 218 219 /* Success return. */ 220 return 1; 221} 222 223/* Allocate the memory for an info_struct for the application. We don't 224 * really need the png_ptr, but it could potentially be useful in the 225 * future. This should be used in favour of malloc(png_sizeof(png_info)) 226 * and png_info_init() so that applications that want to use a shared 227 * libpng don't have to be recompiled if png_info changes size. 228 */ 229PNG_FUNCTION(png_infop,PNGAPI 230png_create_info_struct,(png_structp png_ptr),PNG_ALLOCATED) 231{ 232 png_infop info_ptr; 233 234 png_debug(1, "in png_create_info_struct"); 235 236 if (png_ptr == NULL) 237 return (NULL); 238 239#ifdef PNG_USER_MEM_SUPPORTED 240 info_ptr = (png_infop)png_create_struct_2(PNG_STRUCT_INFO, 241 png_ptr->malloc_fn, png_ptr->mem_ptr); 242#else 243 info_ptr = (png_infop)png_create_struct(PNG_STRUCT_INFO); 244#endif 245 if (info_ptr != NULL) 246 png_info_init_3(&info_ptr, png_sizeof(png_info)); 247 248 return (info_ptr); 249} 250 251/* This function frees the memory associated with a single info struct. 252 * Normally, one would use either png_destroy_read_struct() or 253 * png_destroy_write_struct() to free an info struct, but this may be 254 * useful for some applications. 255 */ 256void PNGAPI 257png_destroy_info_struct(png_structp png_ptr, png_infopp info_ptr_ptr) 258{ 259 png_infop info_ptr = NULL; 260 261 png_debug(1, "in png_destroy_info_struct"); 262 263 if (png_ptr == NULL) 264 return; 265 266 if (info_ptr_ptr != NULL) 267 info_ptr = *info_ptr_ptr; 268 269 if (info_ptr != NULL) 270 { 271 png_info_destroy(png_ptr, info_ptr); 272 273#ifdef PNG_USER_MEM_SUPPORTED 274 png_destroy_struct_2((png_voidp)info_ptr, png_ptr->free_fn, 275 png_ptr->mem_ptr); 276#else 277 png_destroy_struct((png_voidp)info_ptr); 278#endif 279 *info_ptr_ptr = NULL; 280 } 281} 282 283/* Initialize the info structure. This is now an internal function (0.89) 284 * and applications using it are urged to use png_create_info_struct() 285 * instead. 286 */ 287 288void PNGAPI 289png_info_init_3(png_infopp ptr_ptr, png_size_t png_info_struct_size) 290{ 291 png_infop info_ptr = *ptr_ptr; 292 293 png_debug(1, "in png_info_init_3"); 294 295 if (info_ptr == NULL) 296 return; 297 298 if (png_sizeof(png_info) > png_info_struct_size) 299 { 300 png_destroy_struct(info_ptr); 301 info_ptr = (png_infop)png_create_struct(PNG_STRUCT_INFO); 302 *ptr_ptr = info_ptr; 303 } 304 305 /* Set everything to 0 */ 306 png_memset(info_ptr, 0, png_sizeof(png_info)); 307} 308 309void PNGAPI 310png_data_freer(png_structp png_ptr, png_infop info_ptr, 311 int freer, png_uint_32 mask) 312{ 313 png_debug(1, "in png_data_freer"); 314 315 if (png_ptr == NULL || info_ptr == NULL) 316 return; 317 318 if (freer == PNG_DESTROY_WILL_FREE_DATA) 319 info_ptr->free_me |= mask; 320 321 else if (freer == PNG_USER_WILL_FREE_DATA) 322 info_ptr->free_me &= ~mask; 323 324 else 325 png_warning(png_ptr, 326 "Unknown freer parameter in png_data_freer"); 327} 328 329void PNGAPI 330png_free_data(png_structp png_ptr, png_infop info_ptr, png_uint_32 mask, 331 int num) 332{ 333 png_debug(1, "in png_free_data"); 334 335 if (png_ptr == NULL || info_ptr == NULL) 336 return; 337 338#ifdef PNG_TEXT_SUPPORTED 339 /* Free text item num or (if num == -1) all text items */ 340 if ((mask & PNG_FREE_TEXT) & info_ptr->free_me) 341 { 342 if (num != -1) 343 { 344 if (info_ptr->text && info_ptr->text[num].key) 345 { 346 png_free(png_ptr, info_ptr->text[num].key); 347 info_ptr->text[num].key = NULL; 348 } 349 } 350 351 else 352 { 353 int i; 354 for (i = 0; i < info_ptr->num_text; i++) 355 png_free_data(png_ptr, info_ptr, PNG_FREE_TEXT, i); 356 png_free(png_ptr, info_ptr->text); 357 info_ptr->text = NULL; 358 info_ptr->num_text=0; 359 } 360 } 361#endif 362 363#ifdef PNG_tRNS_SUPPORTED 364 /* Free any tRNS entry */ 365 if ((mask & PNG_FREE_TRNS) & info_ptr->free_me) 366 { 367 png_free(png_ptr, info_ptr->trans_alpha); 368 info_ptr->trans_alpha = NULL; 369 info_ptr->valid &= ~PNG_INFO_tRNS; 370 } 371#endif 372 373#ifdef PNG_sCAL_SUPPORTED 374 /* Free any sCAL entry */ 375 if ((mask & PNG_FREE_SCAL) & info_ptr->free_me) 376 { 377 png_free(png_ptr, info_ptr->scal_s_width); 378 png_free(png_ptr, info_ptr->scal_s_height); 379 info_ptr->scal_s_width = NULL; 380 info_ptr->scal_s_height = NULL; 381 info_ptr->valid &= ~PNG_INFO_sCAL; 382 } 383#endif 384 385#ifdef PNG_pCAL_SUPPORTED 386 /* Free any pCAL entry */ 387 if ((mask & PNG_FREE_PCAL) & info_ptr->free_me) 388 { 389 png_free(png_ptr, info_ptr->pcal_purpose); 390 png_free(png_ptr, info_ptr->pcal_units); 391 info_ptr->pcal_purpose = NULL; 392 info_ptr->pcal_units = NULL; 393 if (info_ptr->pcal_params != NULL) 394 { 395 int i; 396 for (i = 0; i < (int)info_ptr->pcal_nparams; i++) 397 { 398 png_free(png_ptr, info_ptr->pcal_params[i]); 399 info_ptr->pcal_params[i] = NULL; 400 } 401 png_free(png_ptr, info_ptr->pcal_params); 402 info_ptr->pcal_params = NULL; 403 } 404 info_ptr->valid &= ~PNG_INFO_pCAL; 405 } 406#endif 407 408#ifdef PNG_iCCP_SUPPORTED 409 /* Free any iCCP entry */ 410 if ((mask & PNG_FREE_ICCP) & info_ptr->free_me) 411 { 412 png_free(png_ptr, info_ptr->iccp_name); 413 png_free(png_ptr, info_ptr->iccp_profile); 414 info_ptr->iccp_name = NULL; 415 info_ptr->iccp_profile = NULL; 416 info_ptr->valid &= ~PNG_INFO_iCCP; 417 } 418#endif 419 420#ifdef PNG_sPLT_SUPPORTED 421 /* Free a given sPLT entry, or (if num == -1) all sPLT entries */ 422 if ((mask & PNG_FREE_SPLT) & info_ptr->free_me) 423 { 424 if (num != -1) 425 { 426 if (info_ptr->splt_palettes) 427 { 428 png_free(png_ptr, info_ptr->splt_palettes[num].name); 429 png_free(png_ptr, info_ptr->splt_palettes[num].entries); 430 info_ptr->splt_palettes[num].name = NULL; 431 info_ptr->splt_palettes[num].entries = NULL; 432 } 433 } 434 435 else 436 { 437 if (info_ptr->splt_palettes_num) 438 { 439 int i; 440 for (i = 0; i < (int)info_ptr->splt_palettes_num; i++) 441 png_free_data(png_ptr, info_ptr, PNG_FREE_SPLT, i); 442 443 png_free(png_ptr, info_ptr->splt_palettes); 444 info_ptr->splt_palettes = NULL; 445 info_ptr->splt_palettes_num = 0; 446 } 447 info_ptr->valid &= ~PNG_INFO_sPLT; 448 } 449 } 450#endif 451 452#ifdef PNG_UNKNOWN_CHUNKS_SUPPORTED 453 if (png_ptr->unknown_chunk.data) 454 { 455 png_free(png_ptr, png_ptr->unknown_chunk.data); 456 png_ptr->unknown_chunk.data = NULL; 457 } 458 459 if ((mask & PNG_FREE_UNKN) & info_ptr->free_me) 460 { 461 if (num != -1) 462 { 463 if (info_ptr->unknown_chunks) 464 { 465 png_free(png_ptr, info_ptr->unknown_chunks[num].data); 466 info_ptr->unknown_chunks[num].data = NULL; 467 } 468 } 469 470 else 471 { 472 int i; 473 474 if (info_ptr->unknown_chunks_num) 475 { 476 for (i = 0; i < info_ptr->unknown_chunks_num; i++) 477 png_free_data(png_ptr, info_ptr, PNG_FREE_UNKN, i); 478 479 png_free(png_ptr, info_ptr->unknown_chunks); 480 info_ptr->unknown_chunks = NULL; 481 info_ptr->unknown_chunks_num = 0; 482 } 483 } 484 } 485#endif 486 487#ifdef PNG_hIST_SUPPORTED 488 /* Free any hIST entry */ 489 if ((mask & PNG_FREE_HIST) & info_ptr->free_me) 490 { 491 png_free(png_ptr, info_ptr->hist); 492 info_ptr->hist = NULL; 493 info_ptr->valid &= ~PNG_INFO_hIST; 494 } 495#endif 496 497 /* Free any PLTE entry that was internally allocated */ 498 if ((mask & PNG_FREE_PLTE) & info_ptr->free_me) 499 { 500 png_zfree(png_ptr, info_ptr->palette); 501 info_ptr->palette = NULL; 502 info_ptr->valid &= ~PNG_INFO_PLTE; 503 info_ptr->num_palette = 0; 504 } 505 506#ifdef PNG_INFO_IMAGE_SUPPORTED 507 /* Free any image bits attached to the info structure */ 508 if ((mask & PNG_FREE_ROWS) & info_ptr->free_me) 509 { 510 if (info_ptr->row_pointers) 511 { 512 int row; 513 for (row = 0; row < (int)info_ptr->height; row++) 514 { 515 png_free(png_ptr, info_ptr->row_pointers[row]); 516 info_ptr->row_pointers[row] = NULL; 517 } 518 png_free(png_ptr, info_ptr->row_pointers); 519 info_ptr->row_pointers = NULL; 520 } 521 info_ptr->valid &= ~PNG_INFO_IDAT; 522 } 523#endif 524 525 if (num != -1) 526 mask &= ~PNG_FREE_MUL; 527 528 info_ptr->free_me &= ~mask; 529} 530 531/* This is an internal routine to free any memory that the info struct is 532 * pointing to before re-using it or freeing the struct itself. Recall 533 * that png_free() checks for NULL pointers for us. 534 */ 535void /* PRIVATE */ 536png_info_destroy(png_structp png_ptr, png_infop info_ptr) 537{ 538 png_debug(1, "in png_info_destroy"); 539 540 png_free_data(png_ptr, info_ptr, PNG_FREE_ALL, -1); 541 542#ifdef PNG_HANDLE_AS_UNKNOWN_SUPPORTED 543 if (png_ptr->num_chunk_list) 544 { 545 png_free(png_ptr, png_ptr->chunk_list); 546 png_ptr->chunk_list = NULL; 547 png_ptr->num_chunk_list = 0; 548 } 549#endif 550 551 png_info_init_3(&info_ptr, png_sizeof(png_info)); 552} 553#endif /* defined(PNG_READ_SUPPORTED) || defined(PNG_WRITE_SUPPORTED) */ 554 555/* This function returns a pointer to the io_ptr associated with the user 556 * functions. The application should free any memory associated with this 557 * pointer before png_write_destroy() or png_read_destroy() are called. 558 */ 559png_voidp PNGAPI 560png_get_io_ptr(png_structp png_ptr) 561{ 562 if (png_ptr == NULL) 563 return (NULL); 564 565 return (png_ptr->io_ptr); 566} 567 568#if defined(PNG_READ_SUPPORTED) || defined(PNG_WRITE_SUPPORTED) 569# ifdef PNG_STDIO_SUPPORTED 570/* Initialize the default input/output functions for the PNG file. If you 571 * use your own read or write routines, you can call either png_set_read_fn() 572 * or png_set_write_fn() instead of png_init_io(). If you have defined 573 * PNG_NO_STDIO or otherwise disabled PNG_STDIO_SUPPORTED, you must use a 574 * function of your own because "FILE *" isn't necessarily available. 575 */ 576void PNGAPI 577png_init_io(png_structp png_ptr, png_FILE_p fp) 578{ 579 png_debug(1, "in png_init_io"); 580 581 if (png_ptr == NULL) 582 return; 583 584 png_ptr->io_ptr = (png_voidp)fp; 585} 586# endif 587 588# ifdef PNG_TIME_RFC1123_SUPPORTED 589/* Convert the supplied time into an RFC 1123 string suitable for use in 590 * a "Creation Time" or other text-based time string. 591 */ 592png_const_charp PNGAPI 593png_convert_to_rfc1123(png_structp png_ptr, png_const_timep ptime) 594{ 595 static PNG_CONST char short_months[12][4] = 596 {"Jan", "Feb", "Mar", "Apr", "May", "Jun", 597 "Jul", "Aug", "Sep", "Oct", "Nov", "Dec"}; 598 599 if (png_ptr == NULL) 600 return (NULL); 601 602 if (ptime->year > 9999 /* RFC1123 limitation */ || 603 ptime->month == 0 || ptime->month > 12 || 604 ptime->day == 0 || ptime->day > 31 || 605 ptime->hour > 23 || ptime->minute > 59 || 606 ptime->second > 60) 607 { 608 png_warning(png_ptr, "Ignoring invalid time value"); 609 return (NULL); 610 } 611 612 { 613 size_t pos = 0; 614 char number_buf[5]; /* enough for a four-digit year */ 615 616# define APPEND_STRING(string)\ 617 pos = png_safecat(png_ptr->time_buffer, sizeof png_ptr->time_buffer,\ 618 pos, (string)) 619# define APPEND_NUMBER(format, value)\ 620 APPEND_STRING(PNG_FORMAT_NUMBER(number_buf, format, (value))) 621# define APPEND(ch)\ 622 if (pos < (sizeof png_ptr->time_buffer)-1)\ 623 png_ptr->time_buffer[pos++] = (ch) 624 625 APPEND_NUMBER(PNG_NUMBER_FORMAT_u, (unsigned)ptime->day); 626 APPEND(' '); 627 APPEND_STRING(short_months[(ptime->month - 1)]); 628 APPEND(' '); 629 APPEND_NUMBER(PNG_NUMBER_FORMAT_u, ptime->year); 630 APPEND(' '); 631 APPEND_NUMBER(PNG_NUMBER_FORMAT_02u, (unsigned)ptime->hour); 632 APPEND(':'); 633 APPEND_NUMBER(PNG_NUMBER_FORMAT_02u, (unsigned)ptime->minute); 634 APPEND(':'); 635 APPEND_NUMBER(PNG_NUMBER_FORMAT_02u, (unsigned)ptime->second); 636 APPEND_STRING(" +0000"); /* This reliably terminates the buffer */ 637 638# undef APPEND 639# undef APPEND_NUMBER 640# undef APPEND_STRING 641 } 642 643 return png_ptr->time_buffer; 644} 645# endif /* PNG_TIME_RFC1123_SUPPORTED */ 646 647#endif /* defined(PNG_READ_SUPPORTED) || defined(PNG_WRITE_SUPPORTED) */ 648 649png_const_charp PNGAPI 650png_get_copyright(png_const_structp png_ptr) 651{ 652 PNG_UNUSED(png_ptr) /* Silence compiler warning about unused png_ptr */ 653#ifdef PNG_STRING_COPYRIGHT 654 return PNG_STRING_COPYRIGHT 655#else 656# ifdef __STDC__ 657 return PNG_STRING_NEWLINE \ 658 "libpng version 1.5.9 - February 18, 2012" PNG_STRING_NEWLINE \ 659 "Copyright (c) 1998-2011 Glenn Randers-Pehrson" PNG_STRING_NEWLINE \ 660 "Copyright (c) 1996-1997 Andreas Dilger" PNG_STRING_NEWLINE \ 661 "Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc." \ 662 PNG_STRING_NEWLINE; 663# else 664 return "libpng version 1.5.9 - February 18, 2012\ 665 Copyright (c) 1998-2011 Glenn Randers-Pehrson\ 666 Copyright (c) 1996-1997 Andreas Dilger\ 667 Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc."; 668# endif 669#endif 670} 671 672/* The following return the library version as a short string in the 673 * format 1.0.0 through 99.99.99zz. To get the version of *.h files 674 * used with your application, print out PNG_LIBPNG_VER_STRING, which 675 * is defined in png.h. 676 * Note: now there is no difference between png_get_libpng_ver() and 677 * png_get_header_ver(). Due to the version_nn_nn_nn typedef guard, 678 * it is guaranteed that png.c uses the correct version of png.h. 679 */ 680png_const_charp PNGAPI 681png_get_libpng_ver(png_const_structp png_ptr) 682{ 683 /* Version of *.c files used when building libpng */ 684 return png_get_header_ver(png_ptr); 685} 686 687png_const_charp PNGAPI 688png_get_header_ver(png_const_structp png_ptr) 689{ 690 /* Version of *.h files used when building libpng */ 691 PNG_UNUSED(png_ptr) /* Silence compiler warning about unused png_ptr */ 692 return PNG_LIBPNG_VER_STRING; 693} 694 695png_const_charp PNGAPI 696png_get_header_version(png_const_structp png_ptr) 697{ 698 /* Returns longer string containing both version and date */ 699 PNG_UNUSED(png_ptr) /* Silence compiler warning about unused png_ptr */ 700#ifdef __STDC__ 701 return PNG_HEADER_VERSION_STRING 702# ifndef PNG_READ_SUPPORTED 703 " (NO READ SUPPORT)" 704# endif 705 PNG_STRING_NEWLINE; 706#else 707 return PNG_HEADER_VERSION_STRING; 708#endif 709} 710 711#ifdef PNG_HANDLE_AS_UNKNOWN_SUPPORTED 712int PNGAPI 713png_handle_as_unknown(png_structp png_ptr, png_const_bytep chunk_name) 714{ 715 /* Check chunk_name and return "keep" value if it's on the list, else 0 */ 716 png_const_bytep p, p_end; 717 718 if (png_ptr == NULL || chunk_name == NULL || png_ptr->num_chunk_list <= 0) 719 return PNG_HANDLE_CHUNK_AS_DEFAULT; 720 721 p_end = png_ptr->chunk_list; 722 p = p_end + png_ptr->num_chunk_list*5; /* beyond end */ 723 724 /* The code is the fifth byte after each four byte string. Historically this 725 * code was always searched from the end of the list, so it should continue 726 * to do so in case there are duplicated entries. 727 */ 728 do /* num_chunk_list > 0, so at least one */ 729 { 730 p -= 5; 731 if (!png_memcmp(chunk_name, p, 4)) 732 return p[4]; 733 } 734 while (p > p_end); 735 736 return PNG_HANDLE_CHUNK_AS_DEFAULT; 737} 738 739int /* PRIVATE */ 740png_chunk_unknown_handling(png_structp png_ptr, png_uint_32 chunk_name) 741{ 742 png_byte chunk_string[5]; 743 744 PNG_CSTRING_FROM_CHUNK(chunk_string, chunk_name); 745 return png_handle_as_unknown(png_ptr, chunk_string); 746} 747#endif 748 749#ifdef PNG_READ_SUPPORTED 750/* This function, added to libpng-1.0.6g, is untested. */ 751int PNGAPI 752png_reset_zstream(png_structp png_ptr) 753{ 754 if (png_ptr == NULL) 755 return Z_STREAM_ERROR; 756 757 return (inflateReset(&png_ptr->zstream)); 758} 759#endif /* PNG_READ_SUPPORTED */ 760 761/* This function was added to libpng-1.0.7 */ 762png_uint_32 PNGAPI 763png_access_version_number(void) 764{ 765 /* Version of *.c files used when building libpng */ 766 return((png_uint_32)PNG_LIBPNG_VER); 767} 768 769 770 771#if defined(PNG_READ_SUPPORTED) || defined(PNG_WRITE_SUPPORTED) 772/* png_convert_size: a PNGAPI but no longer in png.h, so deleted 773 * at libpng 1.5.5! 774 */ 775 776/* Added at libpng version 1.2.34 and 1.4.0 (moved from pngset.c) */ 777# ifdef PNG_CHECK_cHRM_SUPPORTED 778 779int /* PRIVATE */ 780png_check_cHRM_fixed(png_structp png_ptr, 781 png_fixed_point white_x, png_fixed_point white_y, png_fixed_point red_x, 782 png_fixed_point red_y, png_fixed_point green_x, png_fixed_point green_y, 783 png_fixed_point blue_x, png_fixed_point blue_y) 784{ 785 int ret = 1; 786 unsigned long xy_hi,xy_lo,yx_hi,yx_lo; 787 788 png_debug(1, "in function png_check_cHRM_fixed"); 789 790 if (png_ptr == NULL) 791 return 0; 792 793 /* (x,y,z) values are first limited to 0..100000 (PNG_FP_1), the white 794 * y must also be greater than 0. To test for the upper limit calculate 795 * (PNG_FP_1-y) - x must be <= to this for z to be >= 0 (and the expression 796 * cannot overflow.) At this point we know x and y are >= 0 and (x+y) is 797 * <= PNG_FP_1. The previous test on PNG_MAX_UINT_31 is removed because it 798 * pointless (and it produces compiler warnings!) 799 */ 800 if (white_x < 0 || white_y <= 0 || 801 red_x < 0 || red_y < 0 || 802 green_x < 0 || green_y < 0 || 803 blue_x < 0 || blue_y < 0) 804 { 805 png_warning(png_ptr, 806 "Ignoring attempt to set negative chromaticity value"); 807 ret = 0; 808 } 809 /* And (x+y) must be <= PNG_FP_1 (so z is >= 0) */ 810 if (white_x > PNG_FP_1 - white_y) 811 { 812 png_warning(png_ptr, "Invalid cHRM white point"); 813 ret = 0; 814 } 815 816 if (red_x > PNG_FP_1 - red_y) 817 { 818 png_warning(png_ptr, "Invalid cHRM red point"); 819 ret = 0; 820 } 821 822 if (green_x > PNG_FP_1 - green_y) 823 { 824 png_warning(png_ptr, "Invalid cHRM green point"); 825 ret = 0; 826 } 827 828 if (blue_x > PNG_FP_1 - blue_y) 829 { 830 png_warning(png_ptr, "Invalid cHRM blue point"); 831 ret = 0; 832 } 833 834 png_64bit_product(green_x - red_x, blue_y - red_y, &xy_hi, &xy_lo); 835 png_64bit_product(green_y - red_y, blue_x - red_x, &yx_hi, &yx_lo); 836 837 if (xy_hi == yx_hi && xy_lo == yx_lo) 838 { 839 png_warning(png_ptr, 840 "Ignoring attempt to set cHRM RGB triangle with zero area"); 841 ret = 0; 842 } 843 844 return ret; 845} 846# endif /* PNG_CHECK_cHRM_SUPPORTED */ 847 848#ifdef PNG_cHRM_SUPPORTED 849/* Added at libpng-1.5.5 to support read and write of true CIEXYZ values for 850 * cHRM, as opposed to using chromaticities. These internal APIs return 851 * non-zero on a parameter error. The X, Y and Z values are required to be 852 * positive and less than 1.0. 853 */ 854int png_xy_from_XYZ(png_xy *xy, png_XYZ XYZ) 855{ 856 png_int_32 d, dwhite, whiteX, whiteY; 857 858 d = XYZ.redX + XYZ.redY + XYZ.redZ; 859 if (!png_muldiv(&xy->redx, XYZ.redX, PNG_FP_1, d)) return 1; 860 if (!png_muldiv(&xy->redy, XYZ.redY, PNG_FP_1, d)) return 1; 861 dwhite = d; 862 whiteX = XYZ.redX; 863 whiteY = XYZ.redY; 864 865 d = XYZ.greenX + XYZ.greenY + XYZ.greenZ; 866 if (!png_muldiv(&xy->greenx, XYZ.greenX, PNG_FP_1, d)) return 1; 867 if (!png_muldiv(&xy->greeny, XYZ.greenY, PNG_FP_1, d)) return 1; 868 dwhite += d; 869 whiteX += XYZ.greenX; 870 whiteY += XYZ.greenY; 871 872 d = XYZ.blueX + XYZ.blueY + XYZ.blueZ; 873 if (!png_muldiv(&xy->bluex, XYZ.blueX, PNG_FP_1, d)) return 1; 874 if (!png_muldiv(&xy->bluey, XYZ.blueY, PNG_FP_1, d)) return 1; 875 dwhite += d; 876 whiteX += XYZ.blueX; 877 whiteY += XYZ.blueY; 878 879 /* The reference white is simply the same of the end-point (X,Y,Z) vectors, 880 * thus: 881 */ 882 if (!png_muldiv(&xy->whitex, whiteX, PNG_FP_1, dwhite)) return 1; 883 if (!png_muldiv(&xy->whitey, whiteY, PNG_FP_1, dwhite)) return 1; 884 885 return 0; 886} 887 888int png_XYZ_from_xy(png_XYZ *XYZ, png_xy xy) 889{ 890 png_fixed_point red_inverse, green_inverse, blue_scale; 891 png_fixed_point left, right, denominator; 892 893 /* Check xy and, implicitly, z. Note that wide gamut color spaces typically 894 * have end points with 0 tristimulus values (these are impossible end 895 * points, but they are used to cover the possible colors.) 896 */ 897 if (xy.redx < 0 || xy.redx > PNG_FP_1) return 1; 898 if (xy.redy < 0 || xy.redy > PNG_FP_1-xy.redx) return 1; 899 if (xy.greenx < 0 || xy.greenx > PNG_FP_1) return 1; 900 if (xy.greeny < 0 || xy.greeny > PNG_FP_1-xy.greenx) return 1; 901 if (xy.bluex < 0 || xy.bluex > PNG_FP_1) return 1; 902 if (xy.bluey < 0 || xy.bluey > PNG_FP_1-xy.bluex) return 1; 903 if (xy.whitex < 0 || xy.whitex > PNG_FP_1) return 1; 904 if (xy.whitey < 0 || xy.whitey > PNG_FP_1-xy.whitex) return 1; 905 906 /* The reverse calculation is more difficult because the original tristimulus 907 * value had 9 independent values (red,green,blue)x(X,Y,Z) however only 8 908 * derived values were recorded in the cHRM chunk; 909 * (red,green,blue,white)x(x,y). This loses one degree of freedom and 910 * therefore an arbitrary ninth value has to be introduced to undo the 911 * original transformations. 912 * 913 * Think of the original end-points as points in (X,Y,Z) space. The 914 * chromaticity values (c) have the property: 915 * 916 * C 917 * c = --------- 918 * X + Y + Z 919 * 920 * For each c (x,y,z) from the corresponding original C (X,Y,Z). Thus the 921 * three chromaticity values (x,y,z) for each end-point obey the 922 * relationship: 923 * 924 * x + y + z = 1 925 * 926 * This describes the plane in (X,Y,Z) space that intersects each axis at the 927 * value 1.0; call this the chromaticity plane. Thus the chromaticity 928 * calculation has scaled each end-point so that it is on the x+y+z=1 plane 929 * and chromaticity is the intersection of the vector from the origin to the 930 * (X,Y,Z) value with the chromaticity plane. 931 * 932 * To fully invert the chromaticity calculation we would need the three 933 * end-point scale factors, (red-scale, green-scale, blue-scale), but these 934 * were not recorded. Instead we calculated the reference white (X,Y,Z) and 935 * recorded the chromaticity of this. The reference white (X,Y,Z) would have 936 * given all three of the scale factors since: 937 * 938 * color-C = color-c * color-scale 939 * white-C = red-C + green-C + blue-C 940 * = red-c*red-scale + green-c*green-scale + blue-c*blue-scale 941 * 942 * But cHRM records only white-x and white-y, so we have lost the white scale 943 * factor: 944 * 945 * white-C = white-c*white-scale 946 * 947 * To handle this the inverse transformation makes an arbitrary assumption 948 * about white-scale: 949 * 950 * Assume: white-Y = 1.0 951 * Hence: white-scale = 1/white-y 952 * Or: red-Y + green-Y + blue-Y = 1.0 953 * 954 * Notice the last statement of the assumption gives an equation in three of 955 * the nine values we want to calculate. 8 more equations come from the 956 * above routine as summarised at the top above (the chromaticity 957 * calculation): 958 * 959 * Given: color-x = color-X / (color-X + color-Y + color-Z) 960 * Hence: (color-x - 1)*color-X + color.x*color-Y + color.x*color-Z = 0 961 * 962 * This is 9 simultaneous equations in the 9 variables "color-C" and can be 963 * solved by Cramer's rule. Cramer's rule requires calculating 10 9x9 matrix 964 * determinants, however this is not as bad as it seems because only 28 of 965 * the total of 90 terms in the various matrices are non-zero. Nevertheless 966 * Cramer's rule is notoriously numerically unstable because the determinant 967 * calculation involves the difference of large, but similar, numbers. It is 968 * difficult to be sure that the calculation is stable for real world values 969 * and it is certain that it becomes unstable where the end points are close 970 * together. 971 * 972 * So this code uses the perhaps slighly less optimal but more understandable 973 * and totally obvious approach of calculating color-scale. 974 * 975 * This algorithm depends on the precision in white-scale and that is 976 * (1/white-y), so we can immediately see that as white-y approaches 0 the 977 * accuracy inherent in the cHRM chunk drops off substantially. 978 * 979 * libpng arithmetic: a simple invertion of the above equations 980 * ------------------------------------------------------------ 981 * 982 * white_scale = 1/white-y 983 * white-X = white-x * white-scale 984 * white-Y = 1.0 985 * white-Z = (1 - white-x - white-y) * white_scale 986 * 987 * white-C = red-C + green-C + blue-C 988 * = red-c*red-scale + green-c*green-scale + blue-c*blue-scale 989 * 990 * This gives us three equations in (red-scale,green-scale,blue-scale) where 991 * all the coefficients are now known: 992 * 993 * red-x*red-scale + green-x*green-scale + blue-x*blue-scale 994 * = white-x/white-y 995 * red-y*red-scale + green-y*green-scale + blue-y*blue-scale = 1 996 * red-z*red-scale + green-z*green-scale + blue-z*blue-scale 997 * = (1 - white-x - white-y)/white-y 998 * 999 * In the last equation color-z is (1 - color-x - color-y) so we can add all 1000 * three equations together to get an alternative third: 1001 * 1002 * red-scale + green-scale + blue-scale = 1/white-y = white-scale 1003 * 1004 * So now we have a Cramer's rule solution where the determinants are just 1005 * 3x3 - far more tractible. Unfortunately 3x3 determinants still involve 1006 * multiplication of three coefficients so we can't guarantee to avoid 1007 * overflow in the libpng fixed point representation. Using Cramer's rule in 1008 * floating point is probably a good choice here, but it's not an option for 1009 * fixed point. Instead proceed to simplify the first two equations by 1010 * eliminating what is likely to be the largest value, blue-scale: 1011 * 1012 * blue-scale = white-scale - red-scale - green-scale 1013 * 1014 * Hence: 1015 * 1016 * (red-x - blue-x)*red-scale + (green-x - blue-x)*green-scale = 1017 * (white-x - blue-x)*white-scale 1018 * 1019 * (red-y - blue-y)*red-scale + (green-y - blue-y)*green-scale = 1020 * 1 - blue-y*white-scale 1021 * 1022 * And now we can trivially solve for (red-scale,green-scale): 1023 * 1024 * green-scale = 1025 * (white-x - blue-x)*white-scale - (red-x - blue-x)*red-scale 1026 * ----------------------------------------------------------- 1027 * green-x - blue-x 1028 * 1029 * red-scale = 1030 * 1 - blue-y*white-scale - (green-y - blue-y) * green-scale 1031 * --------------------------------------------------------- 1032 * red-y - blue-y 1033 * 1034 * Hence: 1035 * 1036 * red-scale = 1037 * ( (green-x - blue-x) * (white-y - blue-y) - 1038 * (green-y - blue-y) * (white-x - blue-x) ) / white-y 1039 * ------------------------------------------------------------------------- 1040 * (green-x - blue-x)*(red-y - blue-y)-(green-y - blue-y)*(red-x - blue-x) 1041 * 1042 * green-scale = 1043 * ( (red-y - blue-y) * (white-x - blue-x) - 1044 * (red-x - blue-x) * (white-y - blue-y) ) / white-y 1045 * ------------------------------------------------------------------------- 1046 * (green-x - blue-x)*(red-y - blue-y)-(green-y - blue-y)*(red-x - blue-x) 1047 * 1048 * Accuracy: 1049 * The input values have 5 decimal digits of accuracy. The values are all in 1050 * the range 0 < value < 1, so simple products are in the same range but may 1051 * need up to 10 decimal digits to preserve the original precision and avoid 1052 * underflow. Because we are using a 32-bit signed representation we cannot 1053 * match this; the best is a little over 9 decimal digits, less than 10. 1054 * 1055 * The approach used here is to preserve the maximum precision within the 1056 * signed representation. Because the red-scale calculation above uses the 1057 * difference between two products of values that must be in the range -1..+1 1058 * it is sufficient to divide the product by 7; ceil(100,000/32767*2). The 1059 * factor is irrelevant in the calculation because it is applied to both 1060 * numerator and denominator. 1061 * 1062 * Note that the values of the differences of the products of the 1063 * chromaticities in the above equations tend to be small, for example for 1064 * the sRGB chromaticities they are: 1065 * 1066 * red numerator: -0.04751 1067 * green numerator: -0.08788 1068 * denominator: -0.2241 (without white-y multiplication) 1069 * 1070 * The resultant Y coefficients from the chromaticities of some widely used 1071 * color space definitions are (to 15 decimal places): 1072 * 1073 * sRGB 1074 * 0.212639005871510 0.715168678767756 0.072192315360734 1075 * Kodak ProPhoto 1076 * 0.288071128229293 0.711843217810102 0.000085653960605 1077 * Adobe RGB 1078 * 0.297344975250536 0.627363566255466 0.075291458493998 1079 * Adobe Wide Gamut RGB 1080 * 0.258728243040113 0.724682314948566 0.016589442011321 1081 */ 1082 /* By the argument, above overflow should be impossible here. The return 1083 * value of 2 indicates an internal error to the caller. 1084 */ 1085 if (!png_muldiv(&left, xy.greenx-xy.bluex, xy.redy - xy.bluey, 7)) return 2; 1086 if (!png_muldiv(&right, xy.greeny-xy.bluey, xy.redx - xy.bluex, 7)) return 2; 1087 denominator = left - right; 1088 1089 /* Now find the red numerator. */ 1090 if (!png_muldiv(&left, xy.greenx-xy.bluex, xy.whitey-xy.bluey, 7)) return 2; 1091 if (!png_muldiv(&right, xy.greeny-xy.bluey, xy.whitex-xy.bluex, 7)) return 2; 1092 1093 /* Overflow is possible here and it indicates an extreme set of PNG cHRM 1094 * chunk values. This calculation actually returns the reciprocal of the 1095 * scale value because this allows us to delay the multiplication of white-y 1096 * into the denominator, which tends to produce a small number. 1097 */ 1098 if (!png_muldiv(&red_inverse, xy.whitey, denominator, left-right) || 1099 red_inverse <= xy.whitey /* r+g+b scales = white scale */) 1100 return 1; 1101 1102 /* Similarly for green_inverse: */ 1103 if (!png_muldiv(&left, xy.redy-xy.bluey, xy.whitex-xy.bluex, 7)) return 2; 1104 if (!png_muldiv(&right, xy.redx-xy.bluex, xy.whitey-xy.bluey, 7)) return 2; 1105 if (!png_muldiv(&green_inverse, xy.whitey, denominator, left-right) || 1106 green_inverse <= xy.whitey) 1107 return 1; 1108 1109 /* And the blue scale, the checks above guarantee this can't overflow but it 1110 * can still produce 0 for extreme cHRM values. 1111 */ 1112 blue_scale = png_reciprocal(xy.whitey) - png_reciprocal(red_inverse) - 1113 png_reciprocal(green_inverse); 1114 if (blue_scale <= 0) return 1; 1115 1116 1117 /* And fill in the png_XYZ: */ 1118 if (!png_muldiv(&XYZ->redX, xy.redx, PNG_FP_1, red_inverse)) return 1; 1119 if (!png_muldiv(&XYZ->redY, xy.redy, PNG_FP_1, red_inverse)) return 1; 1120 if (!png_muldiv(&XYZ->redZ, PNG_FP_1 - xy.redx - xy.redy, PNG_FP_1, 1121 red_inverse)) 1122 return 1; 1123 1124 if (!png_muldiv(&XYZ->greenX, xy.greenx, PNG_FP_1, green_inverse)) return 1; 1125 if (!png_muldiv(&XYZ->greenY, xy.greeny, PNG_FP_1, green_inverse)) return 1; 1126 if (!png_muldiv(&XYZ->greenZ, PNG_FP_1 - xy.greenx - xy.greeny, PNG_FP_1, 1127 green_inverse)) 1128 return 1; 1129 1130 if (!png_muldiv(&XYZ->blueX, xy.bluex, blue_scale, PNG_FP_1)) return 1; 1131 if (!png_muldiv(&XYZ->blueY, xy.bluey, blue_scale, PNG_FP_1)) return 1; 1132 if (!png_muldiv(&XYZ->blueZ, PNG_FP_1 - xy.bluex - xy.bluey, blue_scale, 1133 PNG_FP_1)) 1134 return 1; 1135 1136 return 0; /*success*/ 1137} 1138 1139int png_XYZ_from_xy_checked(png_structp png_ptr, png_XYZ *XYZ, png_xy xy) 1140{ 1141 switch (png_XYZ_from_xy(XYZ, xy)) 1142 { 1143 case 0: /* success */ 1144 return 1; 1145 1146 case 1: 1147 /* The chunk may be technically valid, but we got png_fixed_point 1148 * overflow while trying to get XYZ values out of it. This is 1149 * entirely benign - the cHRM chunk is pretty extreme. 1150 */ 1151 png_warning(png_ptr, 1152 "extreme cHRM chunk cannot be converted to tristimulus values"); 1153 break; 1154 1155 default: 1156 /* libpng is broken; this should be a warning but if it happens we 1157 * want error reports so for the moment it is an error. 1158 */ 1159 png_error(png_ptr, "internal error in png_XYZ_from_xy"); 1160 break; 1161 } 1162 1163 /* ERROR RETURN */ 1164 return 0; 1165} 1166#endif 1167 1168void /* PRIVATE */ 1169png_check_IHDR(png_structp png_ptr, 1170 png_uint_32 width, png_uint_32 height, int bit_depth, 1171 int color_type, int interlace_type, int compression_type, 1172 int filter_type) 1173{ 1174 int error = 0; 1175 1176 /* Check for width and height valid values */ 1177 if (width == 0) 1178 { 1179 png_warning(png_ptr, "Image width is zero in IHDR"); 1180 error = 1; 1181 } 1182 1183 if (height == 0) 1184 { 1185 png_warning(png_ptr, "Image height is zero in IHDR"); 1186 error = 1; 1187 } 1188 1189# ifdef PNG_SET_USER_LIMITS_SUPPORTED 1190 if (width > png_ptr->user_width_max) 1191 1192# else 1193 if (width > PNG_USER_WIDTH_MAX) 1194# endif 1195 { 1196 png_warning(png_ptr, "Image width exceeds user limit in IHDR"); 1197 error = 1; 1198 } 1199 1200# ifdef PNG_SET_USER_LIMITS_SUPPORTED 1201 if (height > png_ptr->user_height_max) 1202# else 1203 if (height > PNG_USER_HEIGHT_MAX) 1204# endif 1205 { 1206 png_warning(png_ptr, "Image height exceeds user limit in IHDR"); 1207 error = 1; 1208 } 1209 1210 if (width > PNG_UINT_31_MAX) 1211 { 1212 png_warning(png_ptr, "Invalid image width in IHDR"); 1213 error = 1; 1214 } 1215 1216 if (height > PNG_UINT_31_MAX) 1217 { 1218 png_warning(png_ptr, "Invalid image height in IHDR"); 1219 error = 1; 1220 } 1221 1222 if (width > (PNG_UINT_32_MAX 1223 >> 3) /* 8-byte RGBA pixels */ 1224 - 48 /* bigrowbuf hack */ 1225 - 1 /* filter byte */ 1226 - 7*8 /* rounding of width to multiple of 8 pixels */ 1227 - 8) /* extra max_pixel_depth pad */ 1228 png_warning(png_ptr, "Width is too large for libpng to process pixels"); 1229 1230 /* Check other values */ 1231 if (bit_depth != 1 && bit_depth != 2 && bit_depth != 4 && 1232 bit_depth != 8 && bit_depth != 16) 1233 { 1234 png_warning(png_ptr, "Invalid bit depth in IHDR"); 1235 error = 1; 1236 } 1237 1238 if (color_type < 0 || color_type == 1 || 1239 color_type == 5 || color_type > 6) 1240 { 1241 png_warning(png_ptr, "Invalid color type in IHDR"); 1242 error = 1; 1243 } 1244 1245 if (((color_type == PNG_COLOR_TYPE_PALETTE) && bit_depth > 8) || 1246 ((color_type == PNG_COLOR_TYPE_RGB || 1247 color_type == PNG_COLOR_TYPE_GRAY_ALPHA || 1248 color_type == PNG_COLOR_TYPE_RGB_ALPHA) && bit_depth < 8)) 1249 { 1250 png_warning(png_ptr, "Invalid color type/bit depth combination in IHDR"); 1251 error = 1; 1252 } 1253 1254 if (interlace_type >= PNG_INTERLACE_LAST) 1255 { 1256 png_warning(png_ptr, "Unknown interlace method in IHDR"); 1257 error = 1; 1258 } 1259 1260 if (compression_type != PNG_COMPRESSION_TYPE_BASE) 1261 { 1262 png_warning(png_ptr, "Unknown compression method in IHDR"); 1263 error = 1; 1264 } 1265 1266# ifdef PNG_MNG_FEATURES_SUPPORTED 1267 /* Accept filter_method 64 (intrapixel differencing) only if 1268 * 1. Libpng was compiled with PNG_MNG_FEATURES_SUPPORTED and 1269 * 2. Libpng did not read a PNG signature (this filter_method is only 1270 * used in PNG datastreams that are embedded in MNG datastreams) and 1271 * 3. The application called png_permit_mng_features with a mask that 1272 * included PNG_FLAG_MNG_FILTER_64 and 1273 * 4. The filter_method is 64 and 1274 * 5. The color_type is RGB or RGBA 1275 */ 1276 if ((png_ptr->mode & PNG_HAVE_PNG_SIGNATURE) && 1277 png_ptr->mng_features_permitted) 1278 png_warning(png_ptr, "MNG features are not allowed in a PNG datastream"); 1279 1280 if (filter_type != PNG_FILTER_TYPE_BASE) 1281 { 1282 if (!((png_ptr->mng_features_permitted & PNG_FLAG_MNG_FILTER_64) && 1283 (filter_type == PNG_INTRAPIXEL_DIFFERENCING) && 1284 ((png_ptr->mode & PNG_HAVE_PNG_SIGNATURE) == 0) && 1285 (color_type == PNG_COLOR_TYPE_RGB || 1286 color_type == PNG_COLOR_TYPE_RGB_ALPHA))) 1287 { 1288 png_warning(png_ptr, "Unknown filter method in IHDR"); 1289 error = 1; 1290 } 1291 1292 if (png_ptr->mode & PNG_HAVE_PNG_SIGNATURE) 1293 { 1294 png_warning(png_ptr, "Invalid filter method in IHDR"); 1295 error = 1; 1296 } 1297 } 1298 1299# else 1300 if (filter_type != PNG_FILTER_TYPE_BASE) 1301 { 1302 png_warning(png_ptr, "Unknown filter method in IHDR"); 1303 error = 1; 1304 } 1305# endif 1306 1307 if (error == 1) 1308 png_error(png_ptr, "Invalid IHDR data"); 1309} 1310 1311#if defined(PNG_sCAL_SUPPORTED) || defined(PNG_pCAL_SUPPORTED) 1312/* ASCII to fp functions */ 1313/* Check an ASCII formated floating point value, see the more detailed 1314 * comments in pngpriv.h 1315 */ 1316/* The following is used internally to preserve the sticky flags */ 1317#define png_fp_add(state, flags) ((state) |= (flags)) 1318#define png_fp_set(state, value) ((state) = (value) | ((state) & PNG_FP_STICKY)) 1319 1320int /* PRIVATE */ 1321png_check_fp_number(png_const_charp string, png_size_t size, int *statep, 1322 png_size_tp whereami) 1323{ 1324 int state = *statep; 1325 png_size_t i = *whereami; 1326 1327 while (i < size) 1328 { 1329 int type; 1330 /* First find the type of the next character */ 1331 switch (string[i]) 1332 { 1333 case 43: type = PNG_FP_SAW_SIGN; break; 1334 case 45: type = PNG_FP_SAW_SIGN + PNG_FP_NEGATIVE; break; 1335 case 46: type = PNG_FP_SAW_DOT; break; 1336 case 48: type = PNG_FP_SAW_DIGIT; break; 1337 case 49: case 50: case 51: case 52: 1338 case 53: case 54: case 55: case 56: 1339 case 57: type = PNG_FP_SAW_DIGIT + PNG_FP_NONZERO; break; 1340 case 69: 1341 case 101: type = PNG_FP_SAW_E; break; 1342 default: goto PNG_FP_End; 1343 } 1344 1345 /* Now deal with this type according to the current 1346 * state, the type is arranged to not overlap the 1347 * bits of the PNG_FP_STATE. 1348 */ 1349 switch ((state & PNG_FP_STATE) + (type & PNG_FP_SAW_ANY)) 1350 { 1351 case PNG_FP_INTEGER + PNG_FP_SAW_SIGN: 1352 if (state & PNG_FP_SAW_ANY) 1353 goto PNG_FP_End; /* not a part of the number */ 1354 1355 png_fp_add(state, type); 1356 break; 1357 1358 case PNG_FP_INTEGER + PNG_FP_SAW_DOT: 1359 /* Ok as trailer, ok as lead of fraction. */ 1360 if (state & PNG_FP_SAW_DOT) /* two dots */ 1361 goto PNG_FP_End; 1362 1363 else if (state & PNG_FP_SAW_DIGIT) /* trailing dot? */ 1364 png_fp_add(state, type); 1365 1366 else 1367 png_fp_set(state, PNG_FP_FRACTION | type); 1368 1369 break; 1370 1371 case PNG_FP_INTEGER + PNG_FP_SAW_DIGIT: 1372 if (state & PNG_FP_SAW_DOT) /* delayed fraction */ 1373 png_fp_set(state, PNG_FP_FRACTION | PNG_FP_SAW_DOT); 1374 1375 png_fp_add(state, type | PNG_FP_WAS_VALID); 1376 1377 break; 1378 1379 case PNG_FP_INTEGER + PNG_FP_SAW_E: 1380 if ((state & PNG_FP_SAW_DIGIT) == 0) 1381 goto PNG_FP_End; 1382 1383 png_fp_set(state, PNG_FP_EXPONENT); 1384 1385 break; 1386 1387 /* case PNG_FP_FRACTION + PNG_FP_SAW_SIGN: 1388 goto PNG_FP_End; ** no sign in fraction */ 1389 1390 /* case PNG_FP_FRACTION + PNG_FP_SAW_DOT: 1391 goto PNG_FP_End; ** Because SAW_DOT is always set */ 1392 1393 case PNG_FP_FRACTION + PNG_FP_SAW_DIGIT: 1394 png_fp_add(state, type | PNG_FP_WAS_VALID); 1395 break; 1396 1397 case PNG_FP_FRACTION + PNG_FP_SAW_E: 1398 /* This is correct because the trailing '.' on an 1399 * integer is handled above - so we can only get here 1400 * with the sequence ".E" (with no preceding digits). 1401 */ 1402 if ((state & PNG_FP_SAW_DIGIT) == 0) 1403 goto PNG_FP_End; 1404 1405 png_fp_set(state, PNG_FP_EXPONENT); 1406 1407 break; 1408 1409 case PNG_FP_EXPONENT + PNG_FP_SAW_SIGN: 1410 if (state & PNG_FP_SAW_ANY) 1411 goto PNG_FP_End; /* not a part of the number */ 1412 1413 png_fp_add(state, PNG_FP_SAW_SIGN); 1414 1415 break; 1416 1417 /* case PNG_FP_EXPONENT + PNG_FP_SAW_DOT: 1418 goto PNG_FP_End; */ 1419 1420 case PNG_FP_EXPONENT + PNG_FP_SAW_DIGIT: 1421 png_fp_add(state, PNG_FP_SAW_DIGIT | PNG_FP_WAS_VALID); 1422 1423 break; 1424 1425 /* case PNG_FP_EXPONEXT + PNG_FP_SAW_E: 1426 goto PNG_FP_End; */ 1427 1428 default: goto PNG_FP_End; /* I.e. break 2 */ 1429 } 1430 1431 /* The character seems ok, continue. */ 1432 ++i; 1433 } 1434 1435PNG_FP_End: 1436 /* Here at the end, update the state and return the correct 1437 * return code. 1438 */ 1439 *statep = state; 1440 *whereami = i; 1441 1442 return (state & PNG_FP_SAW_DIGIT) != 0; 1443} 1444 1445 1446/* The same but for a complete string. */ 1447int 1448png_check_fp_string(png_const_charp string, png_size_t size) 1449{ 1450 int state=0; 1451 png_size_t char_index=0; 1452 1453 if (png_check_fp_number(string, size, &state, &char_index) && 1454 (char_index == size || string[char_index] == 0)) 1455 return state /* must be non-zero - see above */; 1456 1457 return 0; /* i.e. fail */ 1458} 1459#endif /* pCAL or sCAL */ 1460 1461#ifdef PNG_READ_sCAL_SUPPORTED 1462# ifdef PNG_FLOATING_POINT_SUPPORTED 1463/* Utility used below - a simple accurate power of ten from an integral 1464 * exponent. 1465 */ 1466static double 1467png_pow10(int power) 1468{ 1469 int recip = 0; 1470 double d = 1; 1471 1472 /* Handle negative exponent with a reciprocal at the end because 1473 * 10 is exact whereas .1 is inexact in base 2 1474 */ 1475 if (power < 0) 1476 { 1477 if (power < DBL_MIN_10_EXP) return 0; 1478 recip = 1, power = -power; 1479 } 1480 1481 if (power > 0) 1482 { 1483 /* Decompose power bitwise. */ 1484 double mult = 10; 1485 do 1486 { 1487 if (power & 1) d *= mult; 1488 mult *= mult; 1489 power >>= 1; 1490 } 1491 while (power > 0); 1492 1493 if (recip) d = 1/d; 1494 } 1495 /* else power is 0 and d is 1 */ 1496 1497 return d; 1498} 1499 1500/* Function to format a floating point value in ASCII with a given 1501 * precision. 1502 */ 1503void /* PRIVATE */ 1504png_ascii_from_fp(png_structp png_ptr, png_charp ascii, png_size_t size, 1505 double fp, unsigned int precision) 1506{ 1507 /* We use standard functions from math.h, but not printf because 1508 * that would require stdio. The caller must supply a buffer of 1509 * sufficient size or we will png_error. The tests on size and 1510 * the space in ascii[] consumed are indicated below. 1511 */ 1512 if (precision < 1) 1513 precision = DBL_DIG; 1514 1515 /* Enforce the limit of the implementation precision too. */ 1516 if (precision > DBL_DIG+1) 1517 precision = DBL_DIG+1; 1518 1519 /* Basic sanity checks */ 1520 if (size >= precision+5) /* See the requirements below. */ 1521 { 1522 if (fp < 0) 1523 { 1524 fp = -fp; 1525 *ascii++ = 45; /* '-' PLUS 1 TOTAL 1 */ 1526 --size; 1527 } 1528 1529 if (fp >= DBL_MIN && fp <= DBL_MAX) 1530 { 1531 int exp_b10; /* A base 10 exponent */ 1532 double base; /* 10^exp_b10 */ 1533 1534 /* First extract a base 10 exponent of the number, 1535 * the calculation below rounds down when converting 1536 * from base 2 to base 10 (multiply by log10(2) - 1537 * 0.3010, but 77/256 is 0.3008, so exp_b10 needs to 1538 * be increased. Note that the arithmetic shift 1539 * performs a floor() unlike C arithmetic - using a 1540 * C multiply would break the following for negative 1541 * exponents. 1542 */ 1543 (void)frexp(fp, &exp_b10); /* exponent to base 2 */ 1544 1545 exp_b10 = (exp_b10 * 77) >> 8; /* <= exponent to base 10 */ 1546 1547 /* Avoid underflow here. */ 1548 base = png_pow10(exp_b10); /* May underflow */ 1549 1550 while (base < DBL_MIN || base < fp) 1551 { 1552 /* And this may overflow. */ 1553 double test = png_pow10(exp_b10+1); 1554 1555 if (test <= DBL_MAX) 1556 ++exp_b10, base = test; 1557 1558 else 1559 break; 1560 } 1561 1562 /* Normalize fp and correct exp_b10, after this fp is in the 1563 * range [.1,1) and exp_b10 is both the exponent and the digit 1564 * *before* which the decimal point should be inserted 1565 * (starting with 0 for the first digit). Note that this 1566 * works even if 10^exp_b10 is out of range because of the 1567 * test on DBL_MAX above. 1568 */ 1569 fp /= base; 1570 while (fp >= 1) fp /= 10, ++exp_b10; 1571 1572 /* Because of the code above fp may, at this point, be 1573 * less than .1, this is ok …
Large files files are truncated, but you can click here to view the full file