Opened 6 years ago

Closed 6 years ago

#9682 closed enhancement (fixed)


Reported by: bdubbs@… Owned by: bdubbs@…
Priority: normal Milestone: 8.2
Component: BOOK Version: SVN
Severity: normal Keywords:


New point version.

Change History (4)

comment:1 by bdubbs@…, 6 years ago

Owner: changed from blfs-book@… to bdubbs@…
Status: newassigned

comment:2 by bdubbs@…, 6 years ago


Version 1.6.32beta01 [July 31, 2017]
-  Avoid possible NULL dereference in png_handle_eXIf when benign_errors
    are allowed. Avoid leaking the input buffer "eXIf_buf".
-  Eliminated png_ptr->num_exif member from pngstruct.h and added num_exif
    to arguments for png_get_eXIf() and png_set_eXIf().
-  Added calls to png_handle_eXIf(() in pngread.c and png_write_eXIf() in
   pngwrite.c, and made various other fixes to png_write_eXIf().
-  Changed name of png_get_eXIF and png_set_eXIf() to png_get_eXIf_1() and
   png_set_eXIf_1(), respectively, to avoid breaking API compatibility
   with libpng-1.6.31.
Version 1.6.32beta02 [August 1, 2017]
-  Updated contrib/libtests/pngunknown.c with eXIf chunk.
Version 1.6.32beta03 [August 2, 2017] 
-  Initialized btoa[] in pngstest.c
-  Stop memory leak when returning from png_handle_eXIf() with an error
   (Bug report from the OSS-fuzz project).

Version 1.6.32beta04 [August 2, 2017]
-  Replaced local eXIf_buf with info_ptr-eXIf_buf in png_handle_eXIf().
-  Update libpng.3 and libpng-manual.txt about eXIf functions.
Version 1.6.32beta05 [August 2, 2017]
-  Restored png_get_eXIf() and png_set_eXIf() to maintain API compatability.
Version 1.6.32beta06 [August 2, 2017]
-  Removed png_get_eXIf_1() and png_set_eXIf_1().

Version 1.6.32beta07 [August 3, 2017]
-  Check length of all chunks except IDAT against user limit to fix an
   OSS-fuzz issue.

Version 1.6.32beta08 [August 3, 2017]
-  Check length of IDAT against maximum possible IDAT size, accounting
   for height, rowbytes, interlacing and zlib/deflate overhead.
-  Restored png_get_eXIf_1() and png_set_eXIf_1(), because strlen(eXIf_buf)
   does not work (the eXIf chunk data can contain zeroes).

Version 1.6.32beta09 [August 3, 2017]
-  Require cmake-2.8.8 in CMakeLists.txt. Revised symlink creation,
   no longer using deprecated cmake LOCATION feature (Clifford Yapp).
-  Fixed five-byte error in the calculation of IDAT maximum possible size.

Version 1.6.32beta10 [August 5, 2017]
-  Moved chunk-length check into a png_check_chunk_length() private
   function (Suggested by Max Stepin).
-  Moved bad pngs from tests to contrib/libtests/crashers
-  Moved testing of bad pngs into a separate tests/pngtest-badpngs script
-  Added the --xfail (expected FAIL) option to pngtest.c. It writes XFAIL
   in the output but PASS for the libpng test.
-  Require cmake-3.0.2 in CMakeLists.txt (Clifford Yapp).
-  Fix "const" declaration info_ptr argument to png_get_eXIf_1() and the
   num_exif argument to png_get_eXIf_1() (Github Issue 171).

Version 1.6.32beta11 [August 7, 2017]
-  Added "eXIf" to "chunks_to_ignore[]" in png_set_keep_unknown_chunks().
-  Added huge_IDAT.png and empty_ancillary_chunks.png to testpngs/crashers.
-  Make pngtest --strict, --relax, --xfail options imply -m (multiple).
-  Removed unused chunk_name parameter from png_check_chunk_length().
-  Relocated setting free_me for eXIf data, to stop an OSS-fuzz leak.
-  Initialize profile_header[] in png_handle_iCCP() to fix OSS-fuzz issue.
-  Initialize png_ptr->row_buf[0] to 255 in png_read_row() to fix OSS-fuzz UMR.
-  Attempt to fix a UMR in png_set_text_2() to fix OSS-fuzz issue.
-  Increase minimum zlib stream from 9 to 14 in png_handle_iCCP(), to account
   for the minimum 'deflate' stream, and relocate the test to a point
   after the keyword has been read.
-  Check that the eXIf chunk has at least 2 bytes and begins with "II" or "MM".

Version 1.6.32rc01 [August 18, 2017]
-  Added a set of "huge_xxxx_chunk.png" files to contrib/testpngs/crashers,
   one for each known chunk type, with length = 2GB-1.
-  Check for 0 return from png_get_rowbytes() and added some (size_t) typecasts
   in contrib/pngminus/*.c to stop some Coverity issues (162705, 162706,
   and 162707).
-  Renamed chunks in contrib/testpngs/crashers to avoid having files whose
   names differ only in case; this causes problems with some platforms
   (github issue #172).

Version 1.6.32rc02 [August 22, 2017]
-  Added contrib/oss-fuzz directory which contains files used by the oss-fuzz
   project (

Version 1.6.32 [August 24, 2017]
-  No changes.
Last edited 6 years ago by bdubbs@… (previous) (diff)

comment:3 by bdubbs@…, 6 years ago

There seems to be two different libpng-1.6.32-apng.patch.gz files on sourceforge:
-rw-rw-r-- 1 bdubbs bdubbs 10790 Aug 26 08:11 libpng-1.6.32-apng.patch.gz
1760dbaa13c2569fdda6d83f6483701e  libpng-1.6.32-apng.patch.gz
-rw-rw-r-- 1 bdubbs bdubbs 10382 Aug 24 16:04 libpng-1.6.32-apng.patch.gz
86b44700cfcf5000b99bfff7d28f4345  libpng-1.6.32-apng.patch.gz

The first one works. The second one causes the checks to fail.

comment:4 by bdubbs@…, 6 years ago

Resolution: fixed
Status: assignedclosed

Fixed at revision 19185.

Note: See TracTickets for help on using tickets.