2 /* pngrutil.c - utilities to read a PNG file
4 * Last changed in libpng 1.4.4 [August 26, 2010]
5 * Copyright (c) 1998-2010 Glenn Randers-Pehrson
6 * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger)
7 * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.)
9 * This code is released under the libpng license.
10 * For conditions of distribution and use, see the disclaimer
11 * and license in png.h
13 * This file contains routines that are only called from within
14 * libpng itself during the course of reading an image.
17 #define PNG_NO_PEDANTIC_WARNINGS
19 #ifdef PNG_READ_SUPPORTED
22 # define png_strtod(p,a,b) strtod(a,b)
24 png_get_uint_31(png_structp png_ptr, png_bytep buf)
26 png_uint_32 i = png_get_uint_32(buf);
27 if (i > PNG_UINT_31_MAX)
28 png_error(png_ptr, "PNG unsigned integer out of range");
31 #ifndef PNG_USE_READ_MACROS
32 /* Grab an unsigned 32-bit integer from a buffer in big-endian format. */
34 png_get_uint_32)(png_bytep buf)
37 ((png_uint_32)(*(buf )) << 24) +
38 ((png_uint_32)(*(buf + 1)) << 16) +
39 ((png_uint_32)(*(buf + 2)) << 8) +
40 ((png_uint_32)(*(buf + 3)) ) ;
45 /* Grab a signed 32-bit integer from a buffer in big-endian format. The
46 * data is stored in the PNG file in two's complement format and there
47 * is no guarantee that a 'png_int_32' is exactly 32 bits, therefore
48 * the following code does a two's complement to native conversion.
51 png_get_int_32)(png_bytep buf)
53 png_uint_32 u = png_get_uint_32(buf);
54 if ((u & 0x80000000) == 0) /* non-negative */
57 u = (u ^ 0xffffffff) + 1; /* 2's complement: -x = ~x+1 */
58 return -(png_int_32)u;
61 /* Grab an unsigned 16-bit integer from a buffer in big-endian format. */
63 png_get_uint_16)(png_bytep buf)
66 ((png_uint_32)(*buf) << 8) +
67 ((png_uint_32)(*(buf + 1)));
71 #endif /* PNG_USE_READ_MACROS */
73 /* Read the chunk header (length + type name).
74 * Put the type name into png_ptr->chunk_name, and return the length.
76 png_uint_32 /* PRIVATE */
77 png_read_chunk_header(png_structp png_ptr)
82 #ifdef PNG_IO_STATE_SUPPORTED
83 /* Inform the I/O callback that the chunk header is being read.
84 * PNG_IO_CHUNK_HDR requires a single I/O call.
86 png_ptr->io_state = PNG_IO_READING | PNG_IO_CHUNK_HDR;
89 /* Read the length and the chunk name */
90 png_read_data(png_ptr, buf, 8);
91 length = png_get_uint_31(png_ptr, buf);
93 /* Put the chunk name into png_ptr->chunk_name */
94 png_memcpy(png_ptr->chunk_name, buf + 4, 4);
96 png_debug2(0, "Reading %s chunk, length = %lu",
97 png_ptr->chunk_name, length);
99 /* Reset the crc and run it over the chunk name */
100 png_reset_crc(png_ptr);
101 png_calculate_crc(png_ptr, png_ptr->chunk_name, 4);
103 /* Check to see if chunk name is valid */
104 png_check_chunk_name(png_ptr, png_ptr->chunk_name);
106 #ifdef PNG_IO_STATE_SUPPORTED
107 /* Inform the I/O callback that chunk data will (possibly) be read.
108 * PNG_IO_CHUNK_DATA does NOT require a specific number of I/O calls.
110 png_ptr->io_state = PNG_IO_READING | PNG_IO_CHUNK_DATA;
116 /* Read data, and (optionally) run it through the CRC. */
118 png_crc_read(png_structp png_ptr, png_bytep buf, png_size_t length)
122 png_read_data(png_ptr, buf, length);
123 png_calculate_crc(png_ptr, buf, length);
126 /* Optionally skip data and then check the CRC. Depending on whether we
127 * are reading a ancillary or critical chunk, and how the program has set
128 * things up, we may calculate the CRC on the data and print a message.
129 * Returns '1' if there was a CRC error, '0' otherwise.
132 png_crc_finish(png_structp png_ptr, png_uint_32 skip)
135 png_size_t istop = png_ptr->zbuf_size;
137 for (i = (png_size_t)skip; i > istop; i -= istop)
139 png_crc_read(png_ptr, png_ptr->zbuf, png_ptr->zbuf_size);
143 png_crc_read(png_ptr, png_ptr->zbuf, i);
146 if (png_crc_error(png_ptr))
148 if (((png_ptr->chunk_name[0] & 0x20) && /* Ancillary */
149 !(png_ptr->flags & PNG_FLAG_CRC_ANCILLARY_NOWARN)) ||
150 (!(png_ptr->chunk_name[0] & 0x20) && /* Critical */
151 (png_ptr->flags & PNG_FLAG_CRC_CRITICAL_USE)))
153 png_chunk_warning(png_ptr, "CRC error");
157 png_chunk_benign_error(png_ptr, "CRC error");
166 /* Compare the CRC stored in the PNG file with that calculated by libpng from
167 * the data it has read thus far.
170 png_crc_error(png_structp png_ptr)
172 png_byte crc_bytes[4];
176 if (png_ptr->chunk_name[0] & 0x20) /* ancillary */
178 if ((png_ptr->flags & PNG_FLAG_CRC_ANCILLARY_MASK) ==
179 (PNG_FLAG_CRC_ANCILLARY_USE | PNG_FLAG_CRC_ANCILLARY_NOWARN))
184 if (png_ptr->flags & PNG_FLAG_CRC_CRITICAL_IGNORE)
188 #ifdef PNG_IO_STATE_SUPPORTED
189 /* Inform the I/O callback that the chunk CRC is being read */
190 /* PNG_IO_CHUNK_CRC requires the I/O to be done at once */
191 png_ptr->io_state = PNG_IO_READING | PNG_IO_CHUNK_CRC;
194 png_read_data(png_ptr, crc_bytes, 4);
198 crc = png_get_uint_32(crc_bytes);
199 return ((int)(crc != png_ptr->crc));
205 #if defined(PNG_READ_zTXt_SUPPORTED) || defined(PNG_READ_iTXt_SUPPORTED) || \
206 defined(PNG_READ_iCCP_SUPPORTED)
208 png_inflate(png_structp png_ptr, const png_byte *data, png_size_t size,
209 png_bytep output, png_size_t output_size)
211 png_size_t count = 0;
213 png_ptr->zstream.next_in = (png_bytep)data; /* const_cast: VALID */
214 png_ptr->zstream.avail_in = size;
220 /* Reset the output buffer each time round - we empty it
221 * after every inflate call.
223 png_ptr->zstream.next_out = png_ptr->zbuf;
224 png_ptr->zstream.avail_out = png_ptr->zbuf_size;
226 ret = inflate(&png_ptr->zstream, Z_NO_FLUSH);
227 avail = png_ptr->zbuf_size - png_ptr->zstream.avail_out;
229 /* First copy/count any new output - but only if we didn't
232 if ((ret == Z_OK || ret == Z_STREAM_END) && avail > 0)
234 if (output != 0 && output_size > count)
236 int copy = output_size - count;
237 if (avail < copy) copy = avail;
238 png_memcpy(output + count, png_ptr->zbuf, copy);
246 /* Termination conditions - always reset the zstream, it
247 * must be left in inflateInit state.
249 png_ptr->zstream.avail_in = 0;
250 inflateReset(&png_ptr->zstream);
252 if (ret == Z_STREAM_END)
253 return count; /* NOTE: may be zero. */
255 /* Now handle the error codes - the API always returns 0
256 * and the error message is dumped into the uncompressed
257 * buffer if available.
261 if (png_ptr->zstream.msg != 0)
262 msg = png_ptr->zstream.msg;
265 #ifdef PNG_STDIO_SUPPORTED
271 msg = "Buffer error in compressed datastream in %s chunk";
274 msg = "Data error in compressed datastream in %s chunk";
277 msg = "Incomplete compressed datastream in %s chunk";
281 png_snprintf(umsg, sizeof umsg, msg, png_ptr->chunk_name);
284 msg = "Damaged compressed datastream in chunk other than IDAT";
288 png_warning(png_ptr, msg);
291 /* 0 means an error - notice that this code simple ignores
292 * zero length compressed chunks as a result.
299 * Decompress trailing data in a chunk. The assumption is that chunkdata
300 * points at an allocated area holding the contents of a chunk with a
301 * trailing compressed part. What we get back is an allocated area
302 * holding the original prefix part and an uncompressed version of the
303 * trailing part (the malloc area passed in is freed).
306 png_decompress_chunk(png_structp png_ptr, int comp_type,
307 png_size_t chunklength,
308 png_size_t prefix_size, png_size_t *newlength)
310 /* The caller should guarantee this */
311 if (prefix_size > chunklength)
313 /* The recovery is to delete the chunk. */
314 png_warning(png_ptr, "invalid chunklength");
315 prefix_size = 0; /* To delete everything */
318 else if (comp_type == PNG_COMPRESSION_TYPE_BASE)
320 png_size_t expanded_size = png_inflate(png_ptr,
321 (png_bytep)(png_ptr->chunkdata + prefix_size),
322 chunklength - prefix_size,
323 0/*output*/, 0/*output size*/);
325 /* Now check the limits on this chunk - if the limit fails the
326 * compressed data will be removed, the prefix will remain.
328 #ifdef PNG_SET_CHUNK_MALLOC_LIMIT_SUPPORTED
329 if (png_ptr->user_chunk_malloc_max &&
330 (prefix_size + expanded_size >= png_ptr->user_chunk_malloc_max - 1))
332 # ifdef PNG_USER_CHUNK_MALLOC_MAX
333 if ((PNG_USER_CHUNK_MALLOC_MAX > 0) &&
334 prefix_size + expanded_size >= PNG_USER_CHUNK_MALLOC_MAX - 1)
337 png_warning(png_ptr, "Exceeded size limit while expanding chunk");
339 /* If the size is zero either there was an error and a message
340 * has already been output (warning) or the size really is zero
341 * and we have nothing to do - the code will exit through the
344 #if defined(PNG_SET_CHUNK_MALLOC_LIMIT_SUPPORTED) || \
345 defined(PNG_USER_CHUNK_MALLOC_MAX)
348 if (expanded_size > 0)
350 /* Success (maybe) - really uncompress the chunk. */
351 png_size_t new_size = 0;
352 png_charp text = png_malloc_warn(png_ptr,
353 prefix_size + expanded_size + 1);
357 png_memcpy(text, png_ptr->chunkdata, prefix_size);
358 new_size = png_inflate(png_ptr,
359 (png_bytep)(png_ptr->chunkdata + prefix_size),
360 chunklength - prefix_size,
361 (png_bytep)(text + prefix_size), expanded_size);
362 text[prefix_size + expanded_size] = 0; /* just in case */
364 if (new_size == expanded_size)
366 png_free(png_ptr, png_ptr->chunkdata);
367 png_ptr->chunkdata = text;
368 *newlength = prefix_size + expanded_size;
369 return; /* The success return! */
372 png_warning(png_ptr, "png_inflate logic error");
373 png_free(png_ptr, text);
376 png_warning(png_ptr, "Not enough memory to decompress chunk");
380 else /* if (comp_type != PNG_COMPRESSION_TYPE_BASE) */
382 #ifdef PNG_STDIO_SUPPORTED
385 png_snprintf(umsg, sizeof umsg, "Unknown zTXt compression type %d",
387 png_warning(png_ptr, umsg);
389 png_warning(png_ptr, "Unknown zTXt compression type");
392 /* The recovery is to simply drop the data. */
395 /* Generic error return - leave the prefix, delete the compressed
396 * data, reallocate the chunkdata to remove the potentially large
397 * amount of compressed data.
400 png_charp text = png_malloc_warn(png_ptr, prefix_size + 1);
404 png_memcpy(text, png_ptr->chunkdata, prefix_size);
405 png_free(png_ptr, png_ptr->chunkdata);
406 png_ptr->chunkdata = text;
408 /* This is an extra zero in the 'uncompressed' part. */
409 *(png_ptr->chunkdata + prefix_size) = 0x00;
411 /* Ignore a malloc error here - it is safe. */
414 *newlength = prefix_size;
418 /* Read and check the IDHR chunk */
420 png_handle_IHDR(png_structp png_ptr, png_infop info_ptr, png_uint_32 length)
423 png_uint_32 width, height;
424 int bit_depth, color_type, compression_type, filter_type;
427 png_debug(1, "in png_handle_IHDR");
429 if (png_ptr->mode & PNG_HAVE_IHDR)
430 png_error(png_ptr, "Out of place IHDR");
432 /* Check the length */
434 png_error(png_ptr, "Invalid IHDR chunk");
436 png_ptr->mode |= PNG_HAVE_IHDR;
438 png_crc_read(png_ptr, buf, 13);
439 png_crc_finish(png_ptr, 0);
441 width = png_get_uint_31(png_ptr, buf);
442 height = png_get_uint_31(png_ptr, buf + 4);
445 compression_type = buf[10];
446 filter_type = buf[11];
447 interlace_type = buf[12];
449 /* Set internal variables */
450 png_ptr->width = width;
451 png_ptr->height = height;
452 png_ptr->bit_depth = (png_byte)bit_depth;
453 png_ptr->interlaced = (png_byte)interlace_type;
454 png_ptr->color_type = (png_byte)color_type;
455 #ifdef PNG_MNG_FEATURES_SUPPORTED
456 png_ptr->filter_type = (png_byte)filter_type;
458 png_ptr->compression_type = (png_byte)compression_type;
460 /* Find number of channels */
461 switch (png_ptr->color_type)
463 case PNG_COLOR_TYPE_GRAY:
464 case PNG_COLOR_TYPE_PALETTE:
465 png_ptr->channels = 1;
468 case PNG_COLOR_TYPE_RGB:
469 png_ptr->channels = 3;
472 case PNG_COLOR_TYPE_GRAY_ALPHA:
473 png_ptr->channels = 2;
476 case PNG_COLOR_TYPE_RGB_ALPHA:
477 png_ptr->channels = 4;
481 /* Set up other useful info */
482 png_ptr->pixel_depth = (png_byte)(png_ptr->bit_depth *
484 png_ptr->rowbytes = PNG_ROWBYTES(png_ptr->pixel_depth, png_ptr->width);
485 png_debug1(3, "bit_depth = %d", png_ptr->bit_depth);
486 png_debug1(3, "channels = %d", png_ptr->channels);
487 png_debug1(3, "rowbytes = %lu", png_ptr->rowbytes);
488 png_set_IHDR(png_ptr, info_ptr, width, height, bit_depth,
489 color_type, interlace_type, compression_type, filter_type);
492 /* Read and check the palette */
494 png_handle_PLTE(png_structp png_ptr, png_infop info_ptr, png_uint_32 length)
496 png_color palette[PNG_MAX_PALETTE_LENGTH];
498 #ifdef PNG_POINTER_INDEXING_SUPPORTED
502 png_debug(1, "in png_handle_PLTE");
504 if (!(png_ptr->mode & PNG_HAVE_IHDR))
505 png_error(png_ptr, "Missing IHDR before PLTE");
507 else if (png_ptr->mode & PNG_HAVE_IDAT)
509 png_warning(png_ptr, "Invalid PLTE after IDAT");
510 png_crc_finish(png_ptr, length);
514 else if (png_ptr->mode & PNG_HAVE_PLTE)
515 png_error(png_ptr, "Duplicate PLTE chunk");
517 png_ptr->mode |= PNG_HAVE_PLTE;
519 if (!(png_ptr->color_type&PNG_COLOR_MASK_COLOR))
522 "Ignoring PLTE chunk in grayscale PNG");
523 png_crc_finish(png_ptr, length);
526 #ifndef PNG_READ_OPT_PLTE_SUPPORTED
527 if (png_ptr->color_type != PNG_COLOR_TYPE_PALETTE)
529 png_crc_finish(png_ptr, length);
534 if (length > 3*PNG_MAX_PALETTE_LENGTH || length % 3)
536 if (png_ptr->color_type != PNG_COLOR_TYPE_PALETTE)
538 png_warning(png_ptr, "Invalid palette chunk");
539 png_crc_finish(png_ptr, length);
545 png_error(png_ptr, "Invalid palette chunk");
549 num = (int)length / 3;
551 #ifdef PNG_POINTER_INDEXING_SUPPORTED
552 for (i = 0, pal_ptr = palette; i < num; i++, pal_ptr++)
556 png_crc_read(png_ptr, buf, 3);
557 pal_ptr->red = buf[0];
558 pal_ptr->green = buf[1];
559 pal_ptr->blue = buf[2];
562 for (i = 0; i < num; i++)
566 png_crc_read(png_ptr, buf, 3);
567 /* Don't depend upon png_color being any order */
568 palette[i].red = buf[0];
569 palette[i].green = buf[1];
570 palette[i].blue = buf[2];
574 /* If we actually NEED the PLTE chunk (ie for a paletted image), we do
575 * whatever the normal CRC configuration tells us. However, if we
576 * have an RGB image, the PLTE can be considered ancillary, so
577 * we will act as though it is.
579 #ifndef PNG_READ_OPT_PLTE_SUPPORTED
580 if (png_ptr->color_type == PNG_COLOR_TYPE_PALETTE)
583 png_crc_finish(png_ptr, 0);
585 #ifndef PNG_READ_OPT_PLTE_SUPPORTED
586 else if (png_crc_error(png_ptr)) /* Only if we have a CRC error */
588 /* If we don't want to use the data from an ancillary chunk,
589 we have two options: an error abort, or a warning and we
590 ignore the data in this chunk (which should be OK, since
591 it's considered ancillary for a RGB or RGBA image). */
592 if (!(png_ptr->flags & PNG_FLAG_CRC_ANCILLARY_USE))
594 if (png_ptr->flags & PNG_FLAG_CRC_ANCILLARY_NOWARN)
596 png_chunk_benign_error(png_ptr, "CRC error");
600 png_chunk_warning(png_ptr, "CRC error");
604 /* Otherwise, we (optionally) emit a warning and use the chunk. */
605 else if (!(png_ptr->flags & PNG_FLAG_CRC_ANCILLARY_NOWARN))
607 png_chunk_warning(png_ptr, "CRC error");
612 png_set_PLTE(png_ptr, info_ptr, palette, num);
614 #ifdef PNG_READ_tRNS_SUPPORTED
615 if (png_ptr->color_type == PNG_COLOR_TYPE_PALETTE)
617 if (info_ptr != NULL && (info_ptr->valid & PNG_INFO_tRNS))
619 if (png_ptr->num_trans > (png_uint_16)num)
621 png_warning(png_ptr, "Truncating incorrect tRNS chunk length");
622 png_ptr->num_trans = (png_uint_16)num;
624 if (info_ptr->num_trans > (png_uint_16)num)
626 png_warning(png_ptr, "Truncating incorrect info tRNS chunk length");
627 info_ptr->num_trans = (png_uint_16)num;
636 png_handle_IEND(png_structp png_ptr, png_infop info_ptr, png_uint_32 length)
638 png_debug(1, "in png_handle_IEND");
640 if (!(png_ptr->mode & PNG_HAVE_IHDR) || !(png_ptr->mode & PNG_HAVE_IDAT))
642 png_error(png_ptr, "No image in file");
645 png_ptr->mode |= (PNG_AFTER_IDAT | PNG_HAVE_IEND);
649 png_warning(png_ptr, "Incorrect IEND chunk length");
651 png_crc_finish(png_ptr, length);
653 info_ptr = info_ptr; /* Quiet compiler warnings about unused info_ptr */
656 #ifdef PNG_READ_gAMA_SUPPORTED
658 png_handle_gAMA(png_structp png_ptr, png_infop info_ptr, png_uint_32 length)
660 png_fixed_point igamma;
661 #ifdef PNG_FLOATING_POINT_SUPPORTED
666 png_debug(1, "in png_handle_gAMA");
668 if (!(png_ptr->mode & PNG_HAVE_IHDR))
669 png_error(png_ptr, "Missing IHDR before gAMA");
670 else if (png_ptr->mode & PNG_HAVE_IDAT)
672 png_warning(png_ptr, "Invalid gAMA after IDAT");
673 png_crc_finish(png_ptr, length);
676 else if (png_ptr->mode & PNG_HAVE_PLTE)
677 /* Should be an error, but we can cope with it */
678 png_warning(png_ptr, "Out of place gAMA chunk");
680 if (info_ptr != NULL && (info_ptr->valid & PNG_INFO_gAMA)
681 #ifdef PNG_READ_sRGB_SUPPORTED
682 && !(info_ptr->valid & PNG_INFO_sRGB)
686 png_warning(png_ptr, "Duplicate gAMA chunk");
687 png_crc_finish(png_ptr, length);
693 png_warning(png_ptr, "Incorrect gAMA chunk length");
694 png_crc_finish(png_ptr, length);
698 png_crc_read(png_ptr, buf, 4);
699 if (png_crc_finish(png_ptr, 0))
702 igamma = (png_fixed_point)png_get_uint_32(buf);
703 /* Check for zero gamma */
707 "Ignoring gAMA chunk with gamma=0");
711 #ifdef PNG_READ_sRGB_SUPPORTED
712 if (info_ptr != NULL && (info_ptr->valid & PNG_INFO_sRGB))
713 if (PNG_OUT_OF_RANGE(igamma, 45500L, 500))
716 "Ignoring incorrect gAMA value when sRGB is also present");
717 #ifdef PNG_CONSOLE_IO_SUPPORTED
718 fprintf(stderr, "gamma = (%d/100000)", (int)igamma);
722 #endif /* PNG_READ_sRGB_SUPPORTED */
724 #ifdef PNG_FLOATING_POINT_SUPPORTED
725 file_gamma = (float)igamma / (float)100000.0;
726 # ifdef PNG_READ_GAMMA_SUPPORTED
727 png_ptr->gamma = file_gamma;
729 png_set_gAMA(png_ptr, info_ptr, file_gamma);
731 #ifdef PNG_FIXED_POINT_SUPPORTED
732 png_set_gAMA_fixed(png_ptr, info_ptr, igamma);
737 #ifdef PNG_READ_sBIT_SUPPORTED
739 png_handle_sBIT(png_structp png_ptr, png_infop info_ptr, png_uint_32 length)
744 png_debug(1, "in png_handle_sBIT");
746 buf[0] = buf[1] = buf[2] = buf[3] = 0;
748 if (!(png_ptr->mode & PNG_HAVE_IHDR))
749 png_error(png_ptr, "Missing IHDR before sBIT");
750 else if (png_ptr->mode & PNG_HAVE_IDAT)
752 png_warning(png_ptr, "Invalid sBIT after IDAT");
753 png_crc_finish(png_ptr, length);
756 else if (png_ptr->mode & PNG_HAVE_PLTE)
758 /* Should be an error, but we can cope with it */
759 png_warning(png_ptr, "Out of place sBIT chunk");
761 if (info_ptr != NULL && (info_ptr->valid & PNG_INFO_sBIT))
763 png_warning(png_ptr, "Duplicate sBIT chunk");
764 png_crc_finish(png_ptr, length);
768 if (png_ptr->color_type == PNG_COLOR_TYPE_PALETTE)
771 truelen = (png_size_t)png_ptr->channels;
773 if (length != truelen || length > 4)
775 png_warning(png_ptr, "Incorrect sBIT chunk length");
776 png_crc_finish(png_ptr, length);
780 png_crc_read(png_ptr, buf, truelen);
781 if (png_crc_finish(png_ptr, 0))
784 if (png_ptr->color_type & PNG_COLOR_MASK_COLOR)
786 png_ptr->sig_bit.red = buf[0];
787 png_ptr->sig_bit.green = buf[1];
788 png_ptr->sig_bit.blue = buf[2];
789 png_ptr->sig_bit.alpha = buf[3];
793 png_ptr->sig_bit.gray = buf[0];
794 png_ptr->sig_bit.red = buf[0];
795 png_ptr->sig_bit.green = buf[0];
796 png_ptr->sig_bit.blue = buf[0];
797 png_ptr->sig_bit.alpha = buf[1];
799 png_set_sBIT(png_ptr, info_ptr, &(png_ptr->sig_bit));
803 #ifdef PNG_READ_cHRM_SUPPORTED
805 png_handle_cHRM(png_structp png_ptr, png_infop info_ptr, png_uint_32 length)
808 #ifdef PNG_FLOATING_POINT_SUPPORTED
809 float white_x, white_y, red_x, red_y, green_x, green_y, blue_x, blue_y;
811 png_fixed_point int_x_white, int_y_white, int_x_red, int_y_red, int_x_green,
812 int_y_green, int_x_blue, int_y_blue;
814 png_uint_32 uint_x, uint_y;
816 png_debug(1, "in png_handle_cHRM");
818 if (!(png_ptr->mode & PNG_HAVE_IHDR))
819 png_error(png_ptr, "Missing IHDR before cHRM");
820 else if (png_ptr->mode & PNG_HAVE_IDAT)
822 png_warning(png_ptr, "Invalid cHRM after IDAT");
823 png_crc_finish(png_ptr, length);
826 else if (png_ptr->mode & PNG_HAVE_PLTE)
827 /* Should be an error, but we can cope with it */
828 png_warning(png_ptr, "Missing PLTE before cHRM");
830 if (info_ptr != NULL && (info_ptr->valid & PNG_INFO_cHRM)
831 #ifdef PNG_READ_sRGB_SUPPORTED
832 && !(info_ptr->valid & PNG_INFO_sRGB)
836 png_warning(png_ptr, "Duplicate cHRM chunk");
837 png_crc_finish(png_ptr, length);
843 png_warning(png_ptr, "Incorrect cHRM chunk length");
844 png_crc_finish(png_ptr, length);
848 png_crc_read(png_ptr, buf, 32);
849 if (png_crc_finish(png_ptr, 0))
852 uint_x = png_get_uint_32(buf);
853 uint_y = png_get_uint_32(buf + 4);
854 int_x_white = (png_fixed_point)uint_x;
855 int_y_white = (png_fixed_point)uint_y;
857 uint_x = png_get_uint_32(buf + 8);
858 uint_y = png_get_uint_32(buf + 12);
859 int_x_red = (png_fixed_point)uint_x;
860 int_y_red = (png_fixed_point)uint_y;
862 uint_x = png_get_uint_32(buf + 16);
863 uint_y = png_get_uint_32(buf + 20);
864 int_x_green = (png_fixed_point)uint_x;
865 int_y_green = (png_fixed_point)uint_y;
867 uint_x = png_get_uint_32(buf + 24);
868 uint_y = png_get_uint_32(buf + 28);
869 int_x_blue = (png_fixed_point)uint_x;
870 int_y_blue = (png_fixed_point)uint_y;
872 #ifdef PNG_FLOATING_POINT_SUPPORTED
873 white_x = (float)int_x_white / (float)100000.0;
874 white_y = (float)int_y_white / (float)100000.0;
875 red_x = (float)int_x_red / (float)100000.0;
876 red_y = (float)int_y_red / (float)100000.0;
877 green_x = (float)int_x_green / (float)100000.0;
878 green_y = (float)int_y_green / (float)100000.0;
879 blue_x = (float)int_x_blue / (float)100000.0;
880 blue_y = (float)int_y_blue / (float)100000.0;
883 #ifdef PNG_READ_sRGB_SUPPORTED
884 if ((info_ptr != NULL) && (info_ptr->valid & PNG_INFO_sRGB))
886 if (PNG_OUT_OF_RANGE(int_x_white, 31270, 1000) ||
887 PNG_OUT_OF_RANGE(int_y_white, 32900, 1000) ||
888 PNG_OUT_OF_RANGE(int_x_red, 64000L, 1000) ||
889 PNG_OUT_OF_RANGE(int_y_red, 33000, 1000) ||
890 PNG_OUT_OF_RANGE(int_x_green, 30000, 1000) ||
891 PNG_OUT_OF_RANGE(int_y_green, 60000L, 1000) ||
892 PNG_OUT_OF_RANGE(int_x_blue, 15000, 1000) ||
893 PNG_OUT_OF_RANGE(int_y_blue, 6000, 1000))
896 "Ignoring incorrect cHRM value when sRGB is also present");
897 #ifdef PNG_CONSOLE_IO_SUPPORTED
898 #ifdef PNG_FLOATING_POINT_SUPPORTED
899 fprintf(stderr, "wx=%f, wy=%f, rx=%f, ry=%f\n",
900 white_x, white_y, red_x, red_y);
901 fprintf(stderr, "gx=%f, gy=%f, bx=%f, by=%f\n",
902 green_x, green_y, blue_x, blue_y);
904 fprintf(stderr, "wx=%ld, wy=%ld, rx=%ld, ry=%ld\n",
905 (long)int_x_white, (long)int_y_white,
906 (long)int_x_red, (long)int_y_red);
907 fprintf(stderr, "gx=%ld, gy=%ld, bx=%ld, by=%ld\n",
908 (long)int_x_green, (long)int_y_green,
909 (long)int_x_blue, (long)int_y_blue);
911 #endif /* PNG_CONSOLE_IO_SUPPORTED */
915 #endif /* PNG_READ_sRGB_SUPPORTED */
917 #ifdef PNG_FLOATING_POINT_SUPPORTED
918 png_set_cHRM(png_ptr, info_ptr,
919 white_x, white_y, red_x, red_y, green_x, green_y, blue_x, blue_y);
921 #ifdef PNG_FIXED_POINT_SUPPORTED
922 png_set_cHRM_fixed(png_ptr, info_ptr,
923 int_x_white, int_y_white, int_x_red, int_y_red, int_x_green,
924 int_y_green, int_x_blue, int_y_blue);
929 #ifdef PNG_READ_sRGB_SUPPORTED
931 png_handle_sRGB(png_structp png_ptr, png_infop info_ptr, png_uint_32 length)
936 png_debug(1, "in png_handle_sRGB");
938 if (!(png_ptr->mode & PNG_HAVE_IHDR))
939 png_error(png_ptr, "Missing IHDR before sRGB");
940 else if (png_ptr->mode & PNG_HAVE_IDAT)
942 png_warning(png_ptr, "Invalid sRGB after IDAT");
943 png_crc_finish(png_ptr, length);
946 else if (png_ptr->mode & PNG_HAVE_PLTE)
947 /* Should be an error, but we can cope with it */
948 png_warning(png_ptr, "Out of place sRGB chunk");
950 if (info_ptr != NULL && (info_ptr->valid & PNG_INFO_sRGB))
952 png_warning(png_ptr, "Duplicate sRGB chunk");
953 png_crc_finish(png_ptr, length);
959 png_warning(png_ptr, "Incorrect sRGB chunk length");
960 png_crc_finish(png_ptr, length);
964 png_crc_read(png_ptr, buf, 1);
965 if (png_crc_finish(png_ptr, 0))
969 /* Check for bad intent */
970 if (intent >= PNG_sRGB_INTENT_LAST)
972 png_warning(png_ptr, "Unknown sRGB intent");
976 #if defined(PNG_READ_gAMA_SUPPORTED) && defined(PNG_READ_GAMMA_SUPPORTED)
977 if (info_ptr != NULL && (info_ptr->valid & PNG_INFO_gAMA))
979 png_fixed_point igamma;
980 #ifdef PNG_FIXED_POINT_SUPPORTED
981 igamma=info_ptr->int_gamma;
983 # ifdef PNG_FLOATING_POINT_SUPPORTED
984 igamma=(png_fixed_point)(info_ptr->gamma * 100000.);
987 if (PNG_OUT_OF_RANGE(igamma, 45500L, 500))
990 "Ignoring incorrect gAMA value when sRGB is also present");
991 #ifdef PNG_CONSOLE_IO_SUPPORTED
992 # ifdef PNG_FIXED_POINT_SUPPORTED
993 fprintf(stderr, "incorrect gamma=(%d/100000)\n",
994 (int)png_ptr->int_gamma);
996 # ifdef PNG_FLOATING_POINT_SUPPORTED
997 fprintf(stderr, "incorrect gamma=%f\n", png_ptr->gamma);
1003 #endif /* PNG_READ_gAMA_SUPPORTED */
1005 #ifdef PNG_READ_cHRM_SUPPORTED
1006 #ifdef PNG_FIXED_POINT_SUPPORTED
1007 if (info_ptr != NULL && (info_ptr->valid & PNG_INFO_cHRM))
1008 if (PNG_OUT_OF_RANGE(info_ptr->int_x_white, 31270, 1000) ||
1009 PNG_OUT_OF_RANGE(info_ptr->int_y_white, 32900, 1000) ||
1010 PNG_OUT_OF_RANGE(info_ptr->int_x_red, 64000L, 1000) ||
1011 PNG_OUT_OF_RANGE(info_ptr->int_y_red, 33000, 1000) ||
1012 PNG_OUT_OF_RANGE(info_ptr->int_x_green, 30000, 1000) ||
1013 PNG_OUT_OF_RANGE(info_ptr->int_y_green, 60000L, 1000) ||
1014 PNG_OUT_OF_RANGE(info_ptr->int_x_blue, 15000, 1000) ||
1015 PNG_OUT_OF_RANGE(info_ptr->int_y_blue, 6000, 1000))
1017 png_warning(png_ptr,
1018 "Ignoring incorrect cHRM value when sRGB is also present");
1020 #endif /* PNG_FIXED_POINT_SUPPORTED */
1021 #endif /* PNG_READ_cHRM_SUPPORTED */
1023 png_set_sRGB_gAMA_and_cHRM(png_ptr, info_ptr, intent);
1025 #endif /* PNG_READ_sRGB_SUPPORTED */
1027 #ifdef PNG_READ_iCCP_SUPPORTED
1029 png_handle_iCCP(png_structp png_ptr, png_infop info_ptr, png_uint_32 length)
1030 /* Note: this does not properly handle chunks that are > 64K under DOS */
1032 png_byte compression_type;
1035 png_uint_32 skip = 0;
1036 png_uint_32 profile_size, profile_length;
1037 png_size_t slength, prefix_length, data_length;
1039 png_debug(1, "in png_handle_iCCP");
1041 if (!(png_ptr->mode & PNG_HAVE_IHDR))
1042 png_error(png_ptr, "Missing IHDR before iCCP");
1043 else if (png_ptr->mode & PNG_HAVE_IDAT)
1045 png_warning(png_ptr, "Invalid iCCP after IDAT");
1046 png_crc_finish(png_ptr, length);
1049 else if (png_ptr->mode & PNG_HAVE_PLTE)
1050 /* Should be an error, but we can cope with it */
1051 png_warning(png_ptr, "Out of place iCCP chunk");
1053 if (info_ptr != NULL && (info_ptr->valid & PNG_INFO_iCCP))
1055 png_warning(png_ptr, "Duplicate iCCP chunk");
1056 png_crc_finish(png_ptr, length);
1060 #ifdef PNG_MAX_MALLOC_64K
1061 if (length > (png_uint_32)65535L)
1063 png_warning(png_ptr, "iCCP chunk too large to fit in memory");
1064 skip = length - (png_uint_32)65535L;
1065 length = (png_uint_32)65535L;
1069 png_free(png_ptr, png_ptr->chunkdata);
1070 png_ptr->chunkdata = (png_charp)png_malloc(png_ptr, length + 1);
1071 slength = (png_size_t)length;
1072 png_crc_read(png_ptr, (png_bytep)png_ptr->chunkdata, slength);
1074 if (png_crc_finish(png_ptr, skip))
1076 png_free(png_ptr, png_ptr->chunkdata);
1077 png_ptr->chunkdata = NULL;
1081 png_ptr->chunkdata[slength] = 0x00;
1083 for (profile = png_ptr->chunkdata; *profile; profile++)
1084 /* Empty loop to find end of name */ ;
1088 /* There should be at least one zero (the compression type byte)
1089 * following the separator, and we should be on it
1091 if ( profile >= png_ptr->chunkdata + slength - 1)
1093 png_free(png_ptr, png_ptr->chunkdata);
1094 png_ptr->chunkdata = NULL;
1095 png_warning(png_ptr, "Malformed iCCP chunk");
1099 /* Compression_type should always be zero */
1100 compression_type = *profile++;
1101 if (compression_type)
1103 png_warning(png_ptr, "Ignoring nonzero compression type in iCCP chunk");
1104 compression_type = 0x00; /* Reset it to zero (libpng-1.0.6 through 1.0.8
1108 prefix_length = profile - png_ptr->chunkdata;
1109 png_decompress_chunk(png_ptr, compression_type,
1110 slength, prefix_length, &data_length);
1112 profile_length = data_length - prefix_length;
1114 if ( prefix_length > data_length || profile_length < 4)
1116 png_free(png_ptr, png_ptr->chunkdata);
1117 png_ptr->chunkdata = NULL;
1118 png_warning(png_ptr, "Profile size field missing from iCCP chunk");
1122 /* Check the profile_size recorded in the first 32 bits of the ICC profile */
1123 pC = (png_bytep)(png_ptr->chunkdata + prefix_length);
1124 profile_size = ((*(pC ))<<24) |
1129 if (profile_size < profile_length)
1130 profile_length = profile_size;
1132 if (profile_size > profile_length)
1134 #ifdef PNG_STDIO_SUPPORTED
1137 png_free(png_ptr, png_ptr->chunkdata);
1138 png_ptr->chunkdata = NULL;
1139 png_warning(png_ptr, "Ignoring truncated iCCP profile");
1140 #ifdef PNG_STDIO_SUPPORTED
1142 png_snprintf(umsg, 50, "declared profile size = %lu",
1143 (unsigned long)profile_size);
1144 png_warning(png_ptr, umsg);
1145 png_snprintf(umsg, 50, "actual profile length = %lu",
1146 (unsigned long)profile_length);
1147 png_warning(png_ptr, umsg);
1152 png_set_iCCP(png_ptr, info_ptr, png_ptr->chunkdata,
1153 compression_type, png_ptr->chunkdata + prefix_length, profile_length);
1154 png_free(png_ptr, png_ptr->chunkdata);
1155 png_ptr->chunkdata = NULL;
1157 #endif /* PNG_READ_iCCP_SUPPORTED */
1159 #ifdef PNG_READ_sPLT_SUPPORTED
1161 png_handle_sPLT(png_structp png_ptr, png_infop info_ptr, png_uint_32 length)
1162 /* Note: this does not properly handle chunks that are > 64K under DOS */
1164 png_bytep entry_start;
1165 png_sPLT_t new_palette;
1166 #ifdef PNG_POINTER_INDEXING_SUPPORTED
1169 int data_length, entry_size, i;
1170 png_uint_32 skip = 0;
1173 png_debug(1, "in png_handle_sPLT");
1175 #ifdef PNG_USER_LIMITS_SUPPORTED
1177 if (png_ptr->user_chunk_cache_max != 0)
1179 if (png_ptr->user_chunk_cache_max == 1)
1181 png_crc_finish(png_ptr, length);
1184 if (--png_ptr->user_chunk_cache_max == 1)
1186 png_warning(png_ptr, "No space in chunk cache for sPLT");
1187 png_crc_finish(png_ptr, length);
1193 if (!(png_ptr->mode & PNG_HAVE_IHDR))
1194 png_error(png_ptr, "Missing IHDR before sPLT");
1195 else if (png_ptr->mode & PNG_HAVE_IDAT)
1197 png_warning(png_ptr, "Invalid sPLT after IDAT");
1198 png_crc_finish(png_ptr, length);
1202 #ifdef PNG_MAX_MALLOC_64K
1203 if (length > (png_uint_32)65535L)
1205 png_warning(png_ptr, "sPLT chunk too large to fit in memory");
1206 skip = length - (png_uint_32)65535L;
1207 length = (png_uint_32)65535L;
1211 png_free(png_ptr, png_ptr->chunkdata);
1212 png_ptr->chunkdata = (png_charp)png_malloc(png_ptr, length + 1);
1213 slength = (png_size_t)length;
1214 png_crc_read(png_ptr, (png_bytep)png_ptr->chunkdata, slength);
1216 if (png_crc_finish(png_ptr, skip))
1218 png_free(png_ptr, png_ptr->chunkdata);
1219 png_ptr->chunkdata = NULL;
1223 png_ptr->chunkdata[slength] = 0x00;
1225 for (entry_start = (png_bytep)png_ptr->chunkdata; *entry_start;
1227 /* Empty loop to find end of name */ ;
1230 /* A sample depth should follow the separator, and we should be on it */
1231 if (entry_start > (png_bytep)png_ptr->chunkdata + slength - 2)
1233 png_free(png_ptr, png_ptr->chunkdata);
1234 png_ptr->chunkdata = NULL;
1235 png_warning(png_ptr, "malformed sPLT chunk");
1239 new_palette.depth = *entry_start++;
1240 entry_size = (new_palette.depth == 8 ? 6 : 10);
1241 data_length = (slength - (entry_start - (png_bytep)png_ptr->chunkdata));
1243 /* Integrity-check the data length */
1244 if (data_length % entry_size)
1246 png_free(png_ptr, png_ptr->chunkdata);
1247 png_ptr->chunkdata = NULL;
1248 png_warning(png_ptr, "sPLT chunk has bad length");
1252 new_palette.nentries = (png_int_32) ( data_length / entry_size);
1253 if ((png_uint_32) new_palette.nentries >
1254 (png_uint_32) (PNG_SIZE_MAX / png_sizeof(png_sPLT_entry)))
1256 png_warning(png_ptr, "sPLT chunk too long");
1259 new_palette.entries = (png_sPLT_entryp)png_malloc_warn(
1260 png_ptr, new_palette.nentries * png_sizeof(png_sPLT_entry));
1261 if (new_palette.entries == NULL)
1263 png_warning(png_ptr, "sPLT chunk requires too much memory");
1267 #ifdef PNG_POINTER_INDEXING_SUPPORTED
1268 for (i = 0; i < new_palette.nentries; i++)
1270 pp = new_palette.entries + i;
1272 if (new_palette.depth == 8)
1274 pp->red = *entry_start++;
1275 pp->green = *entry_start++;
1276 pp->blue = *entry_start++;
1277 pp->alpha = *entry_start++;
1281 pp->red = png_get_uint_16(entry_start); entry_start += 2;
1282 pp->green = png_get_uint_16(entry_start); entry_start += 2;
1283 pp->blue = png_get_uint_16(entry_start); entry_start += 2;
1284 pp->alpha = png_get_uint_16(entry_start); entry_start += 2;
1286 pp->frequency = png_get_uint_16(entry_start); entry_start += 2;
1289 pp = new_palette.entries;
1290 for (i = 0; i < new_palette.nentries; i++)
1293 if (new_palette.depth == 8)
1295 pp[i].red = *entry_start++;
1296 pp[i].green = *entry_start++;
1297 pp[i].blue = *entry_start++;
1298 pp[i].alpha = *entry_start++;
1302 pp[i].red = png_get_uint_16(entry_start); entry_start += 2;
1303 pp[i].green = png_get_uint_16(entry_start); entry_start += 2;
1304 pp[i].blue = png_get_uint_16(entry_start); entry_start += 2;
1305 pp[i].alpha = png_get_uint_16(entry_start); entry_start += 2;
1307 pp->frequency = png_get_uint_16(entry_start); entry_start += 2;
1311 /* Discard all chunk data except the name and stash that */
1312 new_palette.name = png_ptr->chunkdata;
1314 png_set_sPLT(png_ptr, info_ptr, &new_palette, 1);
1316 png_free(png_ptr, png_ptr->chunkdata);
1317 png_ptr->chunkdata = NULL;
1318 png_free(png_ptr, new_palette.entries);
1320 #endif /* PNG_READ_sPLT_SUPPORTED */
1322 #ifdef PNG_READ_tRNS_SUPPORTED
1324 png_handle_tRNS(png_structp png_ptr, png_infop info_ptr, png_uint_32 length)
1326 png_byte readbuf[PNG_MAX_PALETTE_LENGTH];
1328 png_debug(1, "in png_handle_tRNS");
1330 if (!(png_ptr->mode & PNG_HAVE_IHDR))
1331 png_error(png_ptr, "Missing IHDR before tRNS");
1332 else if (png_ptr->mode & PNG_HAVE_IDAT)
1334 png_warning(png_ptr, "Invalid tRNS after IDAT");
1335 png_crc_finish(png_ptr, length);
1338 else if (info_ptr != NULL && (info_ptr->valid & PNG_INFO_tRNS))
1340 png_warning(png_ptr, "Duplicate tRNS chunk");
1341 png_crc_finish(png_ptr, length);
1345 if (png_ptr->color_type == PNG_COLOR_TYPE_GRAY)
1351 png_warning(png_ptr, "Incorrect tRNS chunk length");
1352 png_crc_finish(png_ptr, length);
1356 png_crc_read(png_ptr, buf, 2);
1357 png_ptr->num_trans = 1;
1358 png_ptr->trans_color.gray = png_get_uint_16(buf);
1360 else if (png_ptr->color_type == PNG_COLOR_TYPE_RGB)
1366 png_warning(png_ptr, "Incorrect tRNS chunk length");
1367 png_crc_finish(png_ptr, length);
1370 png_crc_read(png_ptr, buf, (png_size_t)length);
1371 png_ptr->num_trans = 1;
1372 png_ptr->trans_color.red = png_get_uint_16(buf);
1373 png_ptr->trans_color.green = png_get_uint_16(buf + 2);
1374 png_ptr->trans_color.blue = png_get_uint_16(buf + 4);
1376 else if (png_ptr->color_type == PNG_COLOR_TYPE_PALETTE)
1378 if (!(png_ptr->mode & PNG_HAVE_PLTE))
1380 /* Should be an error, but we can cope with it. */
1381 png_warning(png_ptr, "Missing PLTE before tRNS");
1383 if (length > (png_uint_32)png_ptr->num_palette ||
1384 length > PNG_MAX_PALETTE_LENGTH)
1386 png_warning(png_ptr, "Incorrect tRNS chunk length");
1387 png_crc_finish(png_ptr, length);
1392 png_warning(png_ptr, "Zero length tRNS chunk");
1393 png_crc_finish(png_ptr, length);
1396 png_crc_read(png_ptr, readbuf, (png_size_t)length);
1397 png_ptr->num_trans = (png_uint_16)length;
1401 png_warning(png_ptr, "tRNS chunk not allowed with alpha channel");
1402 png_crc_finish(png_ptr, length);
1406 if (png_crc_finish(png_ptr, 0))
1408 png_ptr->num_trans = 0;
1412 png_set_tRNS(png_ptr, info_ptr, readbuf, png_ptr->num_trans,
1413 &(png_ptr->trans_color));
1417 #ifdef PNG_READ_bKGD_SUPPORTED
1419 png_handle_bKGD(png_structp png_ptr, png_infop info_ptr, png_uint_32 length)
1424 png_debug(1, "in png_handle_bKGD");
1426 if (!(png_ptr->mode & PNG_HAVE_IHDR))
1427 png_error(png_ptr, "Missing IHDR before bKGD");
1428 else if (png_ptr->mode & PNG_HAVE_IDAT)
1430 png_warning(png_ptr, "Invalid bKGD after IDAT");
1431 png_crc_finish(png_ptr, length);
1434 else if (png_ptr->color_type == PNG_COLOR_TYPE_PALETTE &&
1435 !(png_ptr->mode & PNG_HAVE_PLTE))
1437 png_warning(png_ptr, "Missing PLTE before bKGD");
1438 png_crc_finish(png_ptr, length);
1441 else if (info_ptr != NULL && (info_ptr->valid & PNG_INFO_bKGD))
1443 png_warning(png_ptr, "Duplicate bKGD chunk");
1444 png_crc_finish(png_ptr, length);
1448 if (png_ptr->color_type == PNG_COLOR_TYPE_PALETTE)
1450 else if (png_ptr->color_type & PNG_COLOR_MASK_COLOR)
1455 if (length != truelen)
1457 png_warning(png_ptr, "Incorrect bKGD chunk length");
1458 png_crc_finish(png_ptr, length);
1462 png_crc_read(png_ptr, buf, truelen);
1463 if (png_crc_finish(png_ptr, 0))
1466 /* We convert the index value into RGB components so that we can allow
1467 * arbitrary RGB values for background when we have transparency, and
1468 * so it is easy to determine the RGB values of the background color
1469 * from the info_ptr struct. */
1470 if (png_ptr->color_type == PNG_COLOR_TYPE_PALETTE)
1472 png_ptr->background.index = buf[0];
1473 if (info_ptr && info_ptr->num_palette)
1475 if (buf[0] >= info_ptr->num_palette)
1477 png_warning(png_ptr, "Incorrect bKGD chunk index value");
1480 png_ptr->background.red =
1481 (png_uint_16)png_ptr->palette[buf[0]].red;
1482 png_ptr->background.green =
1483 (png_uint_16)png_ptr->palette[buf[0]].green;
1484 png_ptr->background.blue =
1485 (png_uint_16)png_ptr->palette[buf[0]].blue;
1488 else if (!(png_ptr->color_type & PNG_COLOR_MASK_COLOR)) /* GRAY */
1490 png_ptr->background.red =
1491 png_ptr->background.green =
1492 png_ptr->background.blue =
1493 png_ptr->background.gray = png_get_uint_16(buf);
1497 png_ptr->background.red = png_get_uint_16(buf);
1498 png_ptr->background.green = png_get_uint_16(buf + 2);
1499 png_ptr->background.blue = png_get_uint_16(buf + 4);
1502 png_set_bKGD(png_ptr, info_ptr, &(png_ptr->background));
1506 #ifdef PNG_READ_hIST_SUPPORTED
1508 png_handle_hIST(png_structp png_ptr, png_infop info_ptr, png_uint_32 length)
1510 unsigned int num, i;
1511 png_uint_16 readbuf[PNG_MAX_PALETTE_LENGTH];
1513 png_debug(1, "in png_handle_hIST");
1515 if (!(png_ptr->mode & PNG_HAVE_IHDR))
1516 png_error(png_ptr, "Missing IHDR before hIST");
1517 else if (png_ptr->mode & PNG_HAVE_IDAT)
1519 png_warning(png_ptr, "Invalid hIST after IDAT");
1520 png_crc_finish(png_ptr, length);
1523 else if (!(png_ptr->mode & PNG_HAVE_PLTE))
1525 png_warning(png_ptr, "Missing PLTE before hIST");
1526 png_crc_finish(png_ptr, length);
1529 else if (info_ptr != NULL && (info_ptr->valid & PNG_INFO_hIST))
1531 png_warning(png_ptr, "Duplicate hIST chunk");
1532 png_crc_finish(png_ptr, length);
1537 if (num != (unsigned int) png_ptr->num_palette || num >
1538 (unsigned int) PNG_MAX_PALETTE_LENGTH)
1540 png_warning(png_ptr, "Incorrect hIST chunk length");
1541 png_crc_finish(png_ptr, length);
1545 for (i = 0; i < num; i++)
1549 png_crc_read(png_ptr, buf, 2);
1550 readbuf[i] = png_get_uint_16(buf);
1553 if (png_crc_finish(png_ptr, 0))
1556 png_set_hIST(png_ptr, info_ptr, readbuf);
1560 #ifdef PNG_READ_pHYs_SUPPORTED
1562 png_handle_pHYs(png_structp png_ptr, png_infop info_ptr, png_uint_32 length)
1565 png_uint_32 res_x, res_y;
1568 png_debug(1, "in png_handle_pHYs");
1570 if (!(png_ptr->mode & PNG_HAVE_IHDR))
1571 png_error(png_ptr, "Missing IHDR before pHYs");
1572 else if (png_ptr->mode & PNG_HAVE_IDAT)
1574 png_warning(png_ptr, "Invalid pHYs after IDAT");
1575 png_crc_finish(png_ptr, length);
1578 else if (info_ptr != NULL && (info_ptr->valid & PNG_INFO_pHYs))
1580 png_warning(png_ptr, "Duplicate pHYs chunk");
1581 png_crc_finish(png_ptr, length);
1587 png_warning(png_ptr, "Incorrect pHYs chunk length");
1588 png_crc_finish(png_ptr, length);
1592 png_crc_read(png_ptr, buf, 9);
1593 if (png_crc_finish(png_ptr, 0))
1596 res_x = png_get_uint_32(buf);
1597 res_y = png_get_uint_32(buf + 4);
1599 png_set_pHYs(png_ptr, info_ptr, res_x, res_y, unit_type);
1603 #ifdef PNG_READ_oFFs_SUPPORTED
1605 png_handle_oFFs(png_structp png_ptr, png_infop info_ptr, png_uint_32 length)
1608 png_int_32 offset_x, offset_y;
1611 png_debug(1, "in png_handle_oFFs");
1613 if (!(png_ptr->mode & PNG_HAVE_IHDR))
1614 png_error(png_ptr, "Missing IHDR before oFFs");
1615 else if (png_ptr->mode & PNG_HAVE_IDAT)
1617 png_warning(png_ptr, "Invalid oFFs after IDAT");
1618 png_crc_finish(png_ptr, length);
1621 else if (info_ptr != NULL && (info_ptr->valid & PNG_INFO_oFFs))
1623 png_warning(png_ptr, "Duplicate oFFs chunk");
1624 png_crc_finish(png_ptr, length);
1630 png_warning(png_ptr, "Incorrect oFFs chunk length");
1631 png_crc_finish(png_ptr, length);
1635 png_crc_read(png_ptr, buf, 9);
1636 if (png_crc_finish(png_ptr, 0))
1639 offset_x = png_get_int_32(buf);
1640 offset_y = png_get_int_32(buf + 4);
1642 png_set_oFFs(png_ptr, info_ptr, offset_x, offset_y, unit_type);
1646 #ifdef PNG_READ_pCAL_SUPPORTED
1647 /* Read the pCAL chunk (described in the PNG Extensions document) */
1649 png_handle_pCAL(png_structp png_ptr, png_infop info_ptr, png_uint_32 length)
1652 png_byte type, nparams;
1653 png_charp buf, units, endptr;
1658 png_debug(1, "in png_handle_pCAL");
1660 if (!(png_ptr->mode & PNG_HAVE_IHDR))
1661 png_error(png_ptr, "Missing IHDR before pCAL");
1662 else if (png_ptr->mode & PNG_HAVE_IDAT)
1664 png_warning(png_ptr, "Invalid pCAL after IDAT");
1665 png_crc_finish(png_ptr, length);
1668 else if (info_ptr != NULL && (info_ptr->valid & PNG_INFO_pCAL))
1670 png_warning(png_ptr, "Duplicate pCAL chunk");
1671 png_crc_finish(png_ptr, length);
1675 png_debug1(2, "Allocating and reading pCAL chunk data (%lu bytes)",
1677 png_free(png_ptr, png_ptr->chunkdata);
1678 png_ptr->chunkdata = (png_charp)png_malloc_warn(png_ptr, length + 1);
1679 if (png_ptr->chunkdata == NULL)
1681 png_warning(png_ptr, "No memory for pCAL purpose");
1684 slength = (png_size_t)length;
1685 png_crc_read(png_ptr, (png_bytep)png_ptr->chunkdata, slength);
1687 if (png_crc_finish(png_ptr, 0))
1689 png_free(png_ptr, png_ptr->chunkdata);
1690 png_ptr->chunkdata = NULL;
1694 png_ptr->chunkdata[slength] = 0x00; /* Null terminate the last string */
1696 png_debug(3, "Finding end of pCAL purpose string");
1697 for (buf = png_ptr->chunkdata; *buf; buf++)
1700 endptr = png_ptr->chunkdata + slength;
1702 /* We need to have at least 12 bytes after the purpose string
1703 in order to get the parameter information. */
1704 if (endptr <= buf + 12)
1706 png_warning(png_ptr, "Invalid pCAL data");
1707 png_free(png_ptr, png_ptr->chunkdata);
1708 png_ptr->chunkdata = NULL;
1712 png_debug(3, "Reading pCAL X0, X1, type, nparams, and units");
1713 X0 = png_get_int_32((png_bytep)buf+1);
1714 X1 = png_get_int_32((png_bytep)buf+5);
1719 png_debug(3, "Checking pCAL equation type and number of parameters");
1720 /* Check that we have the right number of parameters for known
1722 if ((type == PNG_EQUATION_LINEAR && nparams != 2) ||
1723 (type == PNG_EQUATION_BASE_E && nparams != 3) ||
1724 (type == PNG_EQUATION_ARBITRARY && nparams != 3) ||
1725 (type == PNG_EQUATION_HYPERBOLIC && nparams != 4))
1727 png_warning(png_ptr, "Invalid pCAL parameters for equation type");
1728 png_free(png_ptr, png_ptr->chunkdata);
1729 png_ptr->chunkdata = NULL;
1732 else if (type >= PNG_EQUATION_LAST)
1734 png_warning(png_ptr, "Unrecognized equation type for pCAL chunk");
1737 for (buf = units; *buf; buf++)
1738 /* Empty loop to move past the units string. */ ;
1740 png_debug(3, "Allocating pCAL parameters array");
1741 params = (png_charpp)png_malloc_warn(png_ptr,
1742 (png_size_t)(nparams * png_sizeof(png_charp)));
1745 png_free(png_ptr, png_ptr->chunkdata);
1746 png_ptr->chunkdata = NULL;
1747 png_warning(png_ptr, "No memory for pCAL params");
1751 /* Get pointers to the start of each parameter string. */
1752 for (i = 0; i < (int)nparams; i++)
1754 buf++; /* Skip the null string terminator from previous parameter. */
1756 png_debug1(3, "Reading pCAL parameter %d", i);
1757 for (params[i] = buf; buf <= endptr && *buf != 0x00; buf++)
1758 /* Empty loop to move past each parameter string */ ;
1760 /* Make sure we haven't run out of data yet */
1763 png_warning(png_ptr, "Invalid pCAL data");
1764 png_free(png_ptr, png_ptr->chunkdata);
1765 png_ptr->chunkdata = NULL;
1766 png_free(png_ptr, params);
1771 png_set_pCAL(png_ptr, info_ptr, png_ptr->chunkdata, X0, X1, type, nparams,
1774 png_free(png_ptr, png_ptr->chunkdata);
1775 png_ptr->chunkdata = NULL;
1776 png_free(png_ptr, params);
1780 #ifdef PNG_READ_sCAL_SUPPORTED
1781 /* Read the sCAL chunk */
1783 png_handle_sCAL(png_structp png_ptr, png_infop info_ptr, png_uint_32 length)
1786 #ifdef PNG_FLOATING_POINT_SUPPORTED
1787 double width, height;
1790 #ifdef PNG_FIXED_POINT_SUPPORTED
1791 png_charp swidth, sheight;
1796 png_debug(1, "in png_handle_sCAL");
1798 if (!(png_ptr->mode & PNG_HAVE_IHDR))
1799 png_error(png_ptr, "Missing IHDR before sCAL");
1800 else if (png_ptr->mode & PNG_HAVE_IDAT)
1802 png_warning(png_ptr, "Invalid sCAL after IDAT");
1803 png_crc_finish(png_ptr, length);
1806 else if (info_ptr != NULL && (info_ptr->valid & PNG_INFO_sCAL))
1808 png_warning(png_ptr, "Duplicate sCAL chunk");
1809 png_crc_finish(png_ptr, length);
1813 png_debug1(2, "Allocating and reading sCAL chunk data (%lu bytes)",
1815 png_ptr->chunkdata = (png_charp)png_malloc_warn(png_ptr, length + 1);
1816 if (png_ptr->chunkdata == NULL)
1818 png_warning(png_ptr, "Out of memory while processing sCAL chunk");
1819 png_crc_finish(png_ptr, length);
1822 slength = (png_size_t)length;
1823 png_crc_read(png_ptr, (png_bytep)png_ptr->chunkdata, slength);
1825 if (png_crc_finish(png_ptr, 0))
1827 png_free(png_ptr, png_ptr->chunkdata);
1828 png_ptr->chunkdata = NULL;
1832 png_ptr->chunkdata[slength] = 0x00; /* Null terminate the last string */
1834 ep = png_ptr->chunkdata + 1; /* Skip unit byte */
1836 #ifdef PNG_FLOATING_POINT_SUPPORTED
1837 width = png_strtod(png_ptr, ep, &vp);
1840 png_warning(png_ptr, "malformed width string in sCAL chunk");
1841 png_free(png_ptr, png_ptr->chunkdata);
1842 png_ptr->chunkdata = NULL;
1846 #ifdef PNG_FIXED_POINT_SUPPORTED
1847 swidth = (png_charp)png_malloc_warn(png_ptr, png_strlen(ep) + 1);
1850 png_warning(png_ptr, "Out of memory while processing sCAL chunk width");
1851 png_free(png_ptr, png_ptr->chunkdata);
1852 png_ptr->chunkdata = NULL;
1855 png_memcpy(swidth, ep, png_strlen(ep));
1859 for (ep = png_ptr->chunkdata; *ep; ep++)
1863 if (png_ptr->chunkdata + slength < ep)
1865 png_warning(png_ptr, "Truncated sCAL chunk");
1866 #if defined(PNG_FIXED_POINT_SUPPORTED) && !defined(PNG_FLOATING_POINT_SUPPORTED)
1867 png_free(png_ptr, swidth);
1869 png_free(png_ptr, png_ptr->chunkdata);
1870 png_ptr->chunkdata = NULL;
1874 #ifdef PNG_FLOATING_POINT_SUPPORTED
1875 height = png_strtod(png_ptr, ep, &vp);
1878 png_warning(png_ptr, "malformed height string in sCAL chunk");
1879 png_free(png_ptr, png_ptr->chunkdata);
1880 png_ptr->chunkdata = NULL;
1884 #ifdef PNG_FIXED_POINT_SUPPORTED
1885 sheight = (png_charp)png_malloc_warn(png_ptr, png_strlen(ep) + 1);
1886 if (sheight == NULL)
1888 png_warning(png_ptr, "Out of memory while processing sCAL chunk height");
1889 png_free(png_ptr, png_ptr->chunkdata);
1890 png_ptr->chunkdata = NULL;
1891 png_free(png_ptr, swidth);
1894 png_memcpy(sheight, ep, png_strlen(ep));
1898 if (png_ptr->chunkdata + slength < ep
1899 #ifdef PNG_FLOATING_POINT_SUPPORTED
1900 || width <= 0. || height <= 0.
1904 png_warning(png_ptr, "Invalid sCAL data");
1905 png_free(png_ptr, png_ptr->chunkdata);
1906 png_ptr->chunkdata = NULL;
1907 #if defined(PNG_FIXED_POINT_SUPPORTED) && !defined(PNG_FLOATING_POINT_SUPPORTED)
1908 png_free(png_ptr, swidth);
1909 png_free(png_ptr, sheight);
1915 #ifdef PNG_FLOATING_POINT_SUPPORTED
1916 png_set_sCAL(png_ptr, info_ptr, png_ptr->chunkdata[0], width, height);
1918 #ifdef PNG_FIXED_POINT_SUPPORTED
1919 png_set_sCAL_s(png_ptr, info_ptr, png_ptr->chunkdata[0], swidth, sheight);
1923 png_free(png_ptr, png_ptr->chunkdata);
1924 png_ptr->chunkdata = NULL;
1925 #if defined(PNG_FIXED_POINT_SUPPORTED) && !defined(PNG_FLOATING_POINT_SUPPORTED)
1926 png_free(png_ptr, swidth);
1927 png_free(png_ptr, sheight);
1932 #ifdef PNG_READ_tIME_SUPPORTED
1934 png_handle_tIME(png_structp png_ptr, png_infop info_ptr, png_uint_32 length)
1939 png_debug(1, "in png_handle_tIME");
1941 if (!(png_ptr->mode & PNG_HAVE_IHDR))
1942 png_error(png_ptr, "Out of place tIME chunk");
1943 else if (info_ptr != NULL && (info_ptr->valid & PNG_INFO_tIME))
1945 png_warning(png_ptr, "Duplicate tIME chunk");
1946 png_crc_finish(png_ptr, length);
1950 if (png_ptr->mode & PNG_HAVE_IDAT)
1951 png_ptr->mode |= PNG_AFTER_IDAT;
1955 png_warning(png_ptr, "Incorrect tIME chunk length");
1956 png_crc_finish(png_ptr, length);
1960 png_crc_read(png_ptr, buf, 7);
1961 if (png_crc_finish(png_ptr, 0))
1964 mod_time.second = buf[6];
1965 mod_time.minute = buf[5];
1966 mod_time.hour = buf[4];
1967 mod_time.day = buf[3];
1968 mod_time.month = buf[2];
1969 mod_time.year = png_get_uint_16(buf);
1971 png_set_tIME(png_ptr, info_ptr, &mod_time);
1975 #ifdef PNG_READ_tEXt_SUPPORTED
1976 /* Note: this does not properly handle chunks that are > 64K under DOS */
1978 png_handle_tEXt(png_structp png_ptr, png_infop info_ptr, png_uint_32 length)
1983 png_uint_32 skip = 0;
1987 png_debug(1, "in png_handle_tEXt");
1989 #ifdef PNG_USER_LIMITS_SUPPORTED
1990 if (png_ptr->user_chunk_cache_max != 0)
1992 if (png_ptr->user_chunk_cache_max == 1)
1994 png_crc_finish(png_ptr, length);
1997 if (--png_ptr->user_chunk_cache_max == 1)
1999 png_warning(png_ptr, "No space in chunk cache for tEXt");
2000 png_crc_finish(png_ptr, length);
2006 if (!(png_ptr->mode & PNG_HAVE_IHDR))
2007 png_error(png_ptr, "Missing IHDR before tEXt");
2009 if (png_ptr->mode & PNG_HAVE_IDAT)
2010 png_ptr->mode |= PNG_AFTER_IDAT;
2012 #ifdef PNG_MAX_MALLOC_64K
2013 if (length > (png_uint_32)65535L)
2015 png_warning(png_ptr, "tEXt chunk too large to fit in memory");
2016 skip = length - (png_uint_32)65535L;
2017 length = (png_uint_32)65535L;
2021 png_free(png_ptr, png_ptr->chunkdata);
2023 png_ptr->chunkdata = (png_charp)png_malloc_warn(png_ptr, length + 1);
2024 if (png_ptr->chunkdata == NULL)
2026 png_warning(png_ptr, "No memory to process text chunk");
2029 slength = (png_size_t)length;
2030 png_crc_read(png_ptr, (png_bytep)png_ptr->chunkdata, slength);
2032 if (png_crc_finish(png_ptr, skip))
2034 png_free(png_ptr, png_ptr->chunkdata);
2035 png_ptr->chunkdata = NULL;
2039 key = png_ptr->chunkdata;
2041 key[slength] = 0x00;
2043 for (text = key; *text; text++)
2044 /* Empty loop to find end of key */ ;
2046 if (text != key + slength)
2049 text_ptr = (png_textp)png_malloc_warn(png_ptr,
2050 png_sizeof(png_text));
2051 if (text_ptr == NULL)
2053 png_warning(png_ptr, "Not enough memory to process text chunk");
2054 png_free(png_ptr, png_ptr->chunkdata);
2055 png_ptr->chunkdata = NULL;
2058 text_ptr->compression = PNG_TEXT_COMPRESSION_NONE;
2059 text_ptr->key = key;
2060 #ifdef PNG_iTXt_SUPPORTED
2061 text_ptr->lang = NULL;
2062 text_ptr->lang_key = NULL;
2063 text_ptr->itxt_length = 0;
2065 text_ptr->text = text;
2066 text_ptr->text_length = png_strlen(text);
2068 ret = png_set_text_2(png_ptr, info_ptr, text_ptr, 1);
2070 png_free(png_ptr, png_ptr->chunkdata);
2071 png_ptr->chunkdata = NULL;
2072 png_free(png_ptr, text_ptr);
2074 png_warning(png_ptr, "Insufficient memory to process text chunk");
2078 #ifdef PNG_READ_zTXt_SUPPORTED
2079 /* Note: this does not correctly handle chunks that are > 64K under DOS */
2081 png_handle_zTXt(png_structp png_ptr, png_infop info_ptr, png_uint_32 length)
2087 png_size_t slength, prefix_len, data_len;
2089 png_debug(1, "in png_handle_zTXt");
2091 #ifdef PNG_USER_LIMITS_SUPPORTED
2092 if (png_ptr->user_chunk_cache_max != 0)
2094 if (png_ptr->user_chunk_cache_max == 1)
2096 png_crc_finish(png_ptr, length);
2099 if (--png_ptr->user_chunk_cache_max == 1)
2101 png_warning(png_ptr, "No space in chunk cache for zTXt");
2102 png_crc_finish(png_ptr, length);
2108 if (!(png_ptr->mode & PNG_HAVE_IHDR))
2109 png_error(png_ptr, "Missing IHDR before zTXt");
2111 if (png_ptr->mode & PNG_HAVE_IDAT)
2112 png_ptr->mode |= PNG_AFTER_IDAT;
2114 #ifdef PNG_MAX_MALLOC_64K
2115 /* We will no doubt have problems with chunks even half this size, but
2116 there is no hard and fast rule to tell us where to stop. */
2117 if (length > (png_uint_32)65535L)
2119 png_warning(png_ptr, "zTXt chunk too large to fit in memory");
2120 png_crc_finish(png_ptr, length);
2125 png_free(png_ptr, png_ptr->chunkdata);
2126 png_ptr->chunkdata = (png_charp)png_malloc_warn(png_ptr, length + 1);
2127 if (png_ptr->chunkdata == NULL)
2129 png_warning(png_ptr, "Out of memory processing zTXt chunk");
2132 slength = (png_size_t)length;
2133 png_crc_read(png_ptr, (png_bytep)png_ptr->chunkdata, slength);
2134 if (png_crc_finish(png_ptr, 0))
2136 png_free(png_ptr, png_ptr->chunkdata);
2137 png_ptr->chunkdata = NULL;
2141 png_ptr->chunkdata[slength] = 0x00;
2143 for (text = png_ptr->chunkdata; *text; text++)
2146 /* zTXt must have some text after the chunkdataword */
2147 if (text >= png_ptr->chunkdata + slength - 2)
2149 png_warning(png_ptr, "Truncated zTXt chunk");
2150 png_free(png_ptr, png_ptr->chunkdata);
2151 png_ptr->chunkdata = NULL;
2156 comp_type = *(++text);
2157 if (comp_type != PNG_TEXT_COMPRESSION_zTXt)
2159 png_warning(png_ptr, "Unknown compression type in zTXt chunk");
2160 comp_type = PNG_TEXT_COMPRESSION_zTXt;
2162 text++; /* Skip the compression_method byte */
2164 prefix_len = text - png_ptr->chunkdata;
2166 png_decompress_chunk(png_ptr, comp_type,
2167 (png_size_t)length, prefix_len, &data_len);
2169 text_ptr = (png_textp)png_malloc_warn(png_ptr,
2170 png_sizeof(png_text));
2171 if (text_ptr == NULL)
2173 png_warning(png_ptr, "Not enough memory to process zTXt chunk");
2174 png_free(png_ptr, png_ptr->chunkdata);
2175 png_ptr->chunkdata = NULL;
2178 text_ptr->compression = comp_type;
2179 text_ptr->key = png_ptr->chunkdata;
2180 #ifdef PNG_iTXt_SUPPORTED
2181 text_ptr->lang = NULL;
2182 text_ptr->lang_key = NULL;
2183 text_ptr->itxt_length = 0;
2185 text_ptr->text = png_ptr->chunkdata + prefix_len;
2186 text_ptr->text_length = data_len;
2188 ret = png_set_text_2(png_ptr, info_ptr, text_ptr, 1);
2190 png_free(png_ptr, text_ptr);
2191 png_free(png_ptr, png_ptr->chunkdata);
2192 png_ptr->chunkdata = NULL;
2194 png_error(png_ptr, "Insufficient memory to store zTXt chunk");
2198 #ifdef PNG_READ_iTXt_SUPPORTED
2199 /* Note: this does not correctly handle chunks that are > 64K under DOS */
2201 png_handle_iTXt(png_structp png_ptr, png_infop info_ptr, png_uint_32 length)
2204 png_charp key, lang, text, lang_key;
2208 png_size_t slength, prefix_len, data_len;
2210 png_debug(1, "in png_handle_iTXt");
2212 #ifdef PNG_USER_LIMITS_SUPPORTED
2213 if (png_ptr->user_chunk_cache_max != 0)
2215 if (png_ptr->user_chunk_cache_max == 1)
2217 png_crc_finish(png_ptr, length);
2220 if (--png_ptr->user_chunk_cache_max == 1)
2222 png_warning(png_ptr, "No space in chunk cache for iTXt");
2223 png_crc_finish(png_ptr, length);
2229 if (!(png_ptr->mode & PNG_HAVE_IHDR))
2230 png_error(png_ptr, "Missing IHDR before iTXt");
2232 if (png_ptr->mode & PNG_HAVE_IDAT)
2233 png_ptr->mode |= PNG_AFTER_IDAT;
2235 #ifdef PNG_MAX_MALLOC_64K
2236 /* We will no doubt have problems with chunks even half this size, but
2237 there is no hard and fast rule to tell us where to stop. */
2238 if (length > (png_uint_32)65535L)
2240 png_warning(png_ptr, "iTXt chunk too large to fit in memory");
2241 png_crc_finish(png_ptr, length);
2246 png_free(png_ptr, png_ptr->chunkdata);
2247 png_ptr->chunkdata = (png_charp)png_malloc_warn(png_ptr, length + 1);
2248 if (png_ptr->chunkdata == NULL)
2250 png_warning(png_ptr, "No memory to process iTXt chunk");
2253 slength = (png_size_t)length;
2254 png_crc_read(png_ptr, (png_bytep)png_ptr->chunkdata, slength);
2255 if (png_crc_finish(png_ptr, 0))
2257 png_free(png_ptr, png_ptr->chunkdata);
2258 png_ptr->chunkdata = NULL;
2262 png_ptr->chunkdata[slength] = 0x00;
2264 for (lang = png_ptr->chunkdata; *lang; lang++)
2266 lang++; /* Skip NUL separator */
2268 /* iTXt must have a language tag (possibly empty), two compression bytes,
2269 * translated keyword (possibly empty), and possibly some text after the
2273 if (lang >= png_ptr->chunkdata + slength - 3)
2275 png_warning(png_ptr, "Truncated iTXt chunk");
2276 png_free(png_ptr, png_ptr->chunkdata);
2277 png_ptr->chunkdata = NULL;
2282 comp_flag = *lang++;
2283 comp_type = *lang++;
2286 for (lang_key = lang; *lang_key; lang_key++)
2288 lang_key++; /* Skip NUL separator */
2290 if (lang_key >= png_ptr->chunkdata + slength)
2292 png_warning(png_ptr, "Truncated iTXt chunk");
2293 png_free(png_ptr, png_ptr->chunkdata);
2294 png_ptr->chunkdata = NULL;
2298 for (text = lang_key; *text; text++)
2300 text++; /* Skip NUL separator */
2301 if (text >= png_ptr->chunkdata + slength)
2303 png_warning(png_ptr, "Malformed iTXt chunk");
2304 png_free(png_ptr, png_ptr->chunkdata);
2305 png_ptr->chunkdata = NULL;
2309 prefix_len = text - png_ptr->chunkdata;
2311 key=png_ptr->chunkdata;
2313 png_decompress_chunk(png_ptr, comp_type,
2314 (size_t)length, prefix_len, &data_len);
2316 data_len = png_strlen(png_ptr->chunkdata + prefix_len);
2317 text_ptr = (png_textp)png_malloc_warn(png_ptr,
2318 png_sizeof(png_text));
2319 if (text_ptr == NULL)
2321 png_warning(png_ptr, "Not enough memory to process iTXt chunk");
2322 png_free(png_ptr, png_ptr->chunkdata);
2323 png_ptr->chunkdata = NULL;
2326 text_ptr->compression = (int)comp_flag + 1;
2327 text_ptr->lang_key = png_ptr->chunkdata + (lang_key - key);
2328 text_ptr->lang = png_ptr->chunkdata + (lang - key);
2329 text_ptr->itxt_length = data_len;
2330 text_ptr->text_length = 0;
2331 text_ptr->key = png_ptr->chunkdata;
2332 text_ptr->text = png_ptr->chunkdata + prefix_len;
2334 ret = png_set_text_2(png_ptr, info_ptr, text_ptr, 1);
2336 png_free(png_ptr, text_ptr);
2337 png_free(png_ptr, png_ptr->chunkdata);
2338 png_ptr->chunkdata = NULL;
2340 png_error(png_ptr, "Insufficient memory to store iTXt chunk");
2344 /* This function is called when we haven't found a handler for a
2345 chunk. If there isn't a problem with the chunk itself (ie bad
2346 chunk name, CRC, or a critical chunk), the chunk is silently ignored
2347 -- unless the PNG_FLAG_UNKNOWN_CHUNKS_SUPPORTED flag is on in which
2348 case it will be saved away to be written out later. */
2350 png_handle_unknown(png_structp png_ptr, png_infop info_ptr, png_uint_32 length)
2352 png_uint_32 skip = 0;
2354 png_debug(1, "in png_handle_unknown");
2356 #ifdef PNG_USER_LIMITS_SUPPORTED
2357 if (png_ptr->user_chunk_cache_max != 0)
2359 if (png_ptr->user_chunk_cache_max == 1)
2361 png_crc_finish(png_ptr, length);
2364 if (--png_ptr->user_chunk_cache_max == 1)
2366 png_warning(png_ptr, "No space in chunk cache for unknown chunk");
2367 png_crc_finish(png_ptr, length);
2373 if (png_ptr->mode & PNG_HAVE_IDAT)
2376 if (png_memcmp(png_ptr->chunk_name, png_IDAT, 4)) /* Not an IDAT */
2377 png_ptr->mode |= PNG_AFTER_IDAT;
2380 if (!(png_ptr->chunk_name[0] & 0x20))
2382 #ifdef PNG_HANDLE_AS_UNKNOWN_SUPPORTED
2383 if (png_handle_as_unknown(png_ptr, png_ptr->chunk_name) !=
2384 PNG_HANDLE_CHUNK_ALWAYS
2385 #ifdef PNG_READ_USER_CHUNKS_SUPPORTED
2386 && png_ptr->read_user_chunk_fn == NULL
2390 png_chunk_error(png_ptr, "unknown critical chunk");
2393 #ifdef PNG_READ_UNKNOWN_CHUNKS_SUPPORTED
2394 if ((png_ptr->flags & PNG_FLAG_KEEP_UNKNOWN_CHUNKS)
2395 #ifdef PNG_READ_USER_CHUNKS_SUPPORTED
2396 || (png_ptr->read_user_chunk_fn != NULL)
2400 #ifdef PNG_MAX_MALLOC_64K
2401 if (length > (png_uint_32)65535L)
2403 png_warning(png_ptr, "unknown chunk too large to fit in memory");
2404 skip = length - (png_uint_32)65535L;
2405 length = (png_uint_32)65535L;
2408 png_memcpy((png_charp)png_ptr->unknown_chunk.name,
2409 (png_charp)png_ptr->chunk_name,
2410 png_sizeof(png_ptr->unknown_chunk.name));
2411 png_ptr->unknown_chunk.name[png_sizeof(png_ptr->unknown_chunk.name)-1]
2413 png_ptr->unknown_chunk.size = (png_size_t)length;
2415 png_ptr->unknown_chunk.data = NULL;
2418 png_ptr->unknown_chunk.data = (png_bytep)png_malloc(png_ptr, length);
2419 png_crc_read(png_ptr, (png_bytep)png_ptr->unknown_chunk.data, length);
2421 #ifdef PNG_READ_USER_CHUNKS_SUPPORTED
2422 if (png_ptr->read_user_chunk_fn != NULL)
2424 /* Callback to user unknown chunk handler */
2426 ret = (*(png_ptr->read_user_chunk_fn))
2427 (png_ptr, &png_ptr->unknown_chunk);
2429 png_chunk_error(png_ptr, "error in user chunk");
2432 if (!(png_ptr->chunk_name[0] & 0x20))
2433 #ifdef PNG_HANDLE_AS_UNKNOWN_SUPPORTED
2434 if (png_handle_as_unknown(png_ptr, png_ptr->chunk_name) !=
2435 PNG_HANDLE_CHUNK_ALWAYS)
2437 png_chunk_error(png_ptr, "unknown critical chunk");
2438 png_set_unknown_chunks(png_ptr, info_ptr,
2439 &png_ptr->unknown_chunk, 1);
2444 png_set_unknown_chunks(png_ptr, info_ptr, &png_ptr->unknown_chunk, 1);
2445 png_free(png_ptr, png_ptr->unknown_chunk.data);
2446 png_ptr->unknown_chunk.data = NULL;
2452 png_crc_finish(png_ptr, skip);
2454 #ifndef PNG_READ_USER_CHUNKS_SUPPORTED
2455 info_ptr = info_ptr; /* Quiet compiler warnings about unused info_ptr */
2459 /* This function is called to verify that a chunk name is valid.
2460 This function can't have the "critical chunk check" incorporated
2461 into it, since in the future we will need to be able to call user
2462 functions to handle unknown critical chunks after we check that
2463 the chunk name itself is valid. */
2465 #define isnonalpha(c) ((c) < 65 || (c) > 122 || ((c) > 90 && (c) < 97))
2468 png_check_chunk_name(png_structp png_ptr, png_bytep chunk_name)
2470 png_debug(1, "in png_check_chunk_name");
2471 if (isnonalpha(chunk_name[0]) || isnonalpha(chunk_name[1]) ||
2472 isnonalpha(chunk_name[2]) || isnonalpha(chunk_name[3]))
2474 png_chunk_error(png_ptr, "invalid chunk type");
2478 /* Combines the row recently read in with the existing pixels in the
2479 row. This routine takes care of alpha and transparency if requested.
2480 This routine also handles the two methods of progressive display
2481 of interlaced images, depending on the mask value.
2482 The mask value describes which pixels are to be combined with
2483 the row. The pattern always repeats every 8 pixels, so just 8
2484 bits are needed. A one indicates the pixel is to be combined,
2485 a zero indicates the pixel is to be skipped. This is in addition
2486 to any alpha or transparency value associated with the pixel. If
2487 you want all pixels to be combined, pass 0xff (255) in mask. */
2490 png_combine_row(png_structp png_ptr, png_bytep row, int mask)
2492 png_debug(1, "in png_combine_row");
2495 png_memcpy(row, png_ptr->row_buf + 1,
2496 PNG_ROWBYTES(png_ptr->row_info.pixel_depth, png_ptr->width));
2500 switch (png_ptr->row_info.pixel_depth)
2504 png_bytep sp = png_ptr->row_buf + 1;
2506 int s_inc, s_start, s_end;
2510 png_uint_32 row_width = png_ptr->width;
2512 #ifdef PNG_READ_PACKSWAP_SUPPORTED
2513 if (png_ptr->transformations & PNG_PACKSWAP)
2529 for (i = 0; i < row_width; i++)
2535 value = (*sp >> shift) & 0x01;
2536 *dp &= (png_byte)((0x7f7f >> (7 - shift)) & 0xff);
2537 *dp |= (png_byte)(value << shift);
2558 png_bytep sp = png_ptr->row_buf + 1;
2560 int s_start, s_end, s_inc;
2564 png_uint_32 row_width = png_ptr->width;
2567 #ifdef PNG_READ_PACKSWAP_SUPPORTED
2568 if (png_ptr->transformations & PNG_PACKSWAP)
2584 for (i = 0; i < row_width; i++)
2588 value = (*sp >> shift) & 0x03;
2589 *dp &= (png_byte)((0x3f3f >> (6 - shift)) & 0xff);
2590 *dp |= (png_byte)(value << shift);
2610 png_bytep sp = png_ptr->row_buf + 1;
2612 int s_start, s_end, s_inc;
2616 png_uint_32 row_width = png_ptr->width;
2619 #ifdef PNG_READ_PACKSWAP_SUPPORTED
2620 if (png_ptr->transformations & PNG_PACKSWAP)
2635 for (i = 0; i < row_width; i++)
2639 value = (*sp >> shift) & 0xf;
2640 *dp &= (png_byte)((0xf0f >> (4 - shift)) & 0xff);
2641 *dp |= (png_byte)(value << shift);
2661 png_bytep sp = png_ptr->row_buf + 1;
2663 png_size_t pixel_bytes = (png_ptr->row_info.pixel_depth >> 3);
2665 png_uint_32 row_width = png_ptr->width;
2669 for (i = 0; i < row_width; i++)
2673 png_memcpy(dp, sp, pixel_bytes);
2690 #ifdef PNG_READ_INTERLACING_SUPPORTED
2691 /* OLD pre-1.0.9 interface:
2692 void png_do_read_interlace(png_row_infop row_info, png_bytep row, int pass,
2693 png_uint_32 transformations)
2696 png_do_read_interlace(png_structp png_ptr)
2698 png_row_infop row_info = &(png_ptr->row_info);
2699 png_bytep row = png_ptr->row_buf + 1;
2700 int pass = png_ptr->pass;
2701 png_uint_32 transformations = png_ptr->transformations;
2702 /* Arrays to facilitate easy interlacing - use pass (0 - 6) as index */
2703 /* Offset to next interlace block */
2704 PNG_CONST int png_pass_inc[7] = {8, 8, 4, 4, 2, 2, 1};
2706 png_debug(1, "in png_do_read_interlace");
2707 if (row != NULL && row_info != NULL)
2709 png_uint_32 final_width;
2711 final_width = row_info->width * png_pass_inc[pass];
2713 switch (row_info->pixel_depth)
2717 png_bytep sp = row + (png_size_t)((row_info->width - 1) >> 3);
2718 png_bytep dp = row + (png_size_t)((final_width - 1) >> 3);
2720 int s_start, s_end, s_inc;
2721 int jstop = png_pass_inc[pass];
2726 #ifdef PNG_READ_PACKSWAP_SUPPORTED
2727 if (transformations & PNG_PACKSWAP)
2729 sshift = (int)((row_info->width + 7) & 0x07);
2730 dshift = (int)((final_width + 7) & 0x07);
2738 sshift = 7 - (int)((row_info->width + 7) & 0x07);
2739 dshift = 7 - (int)((final_width + 7) & 0x07);
2745 for (i = 0; i < row_info->width; i++)
2747 v = (png_byte)((*sp >> sshift) & 0x01);
2748 for (j = 0; j < jstop; j++)
2750 *dp &= (png_byte)((0x7f7f >> (7 - dshift)) & 0xff);
2751 *dp |= (png_byte)(v << dshift);
2752 if (dshift == s_end)
2760 if (sshift == s_end)
2772 png_bytep sp = row + (png_uint_32)((row_info->width - 1) >> 2);
2773 png_bytep dp = row + (png_uint_32)((final_width - 1) >> 2);
2775 int s_start, s_end, s_inc;
2776 int jstop = png_pass_inc[pass];
2779 #ifdef PNG_READ_PACKSWAP_SUPPORTED
2780 if (transformations & PNG_PACKSWAP)
2782 sshift = (int)(((row_info->width + 3) & 0x03) << 1);
2783 dshift = (int)(((final_width + 3) & 0x03) << 1);
2791 sshift = (int)((3 - ((row_info->width + 3) & 0x03)) << 1);
2792 dshift = (int)((3 - ((final_width + 3) & 0x03)) << 1);
2798 for (i = 0; i < row_info->width; i++)
2803 v = (png_byte)((*sp >> sshift) & 0x03);
2804 for (j = 0; j < jstop; j++)
2806 *dp &= (png_byte)((0x3f3f >> (6 - dshift)) & 0xff);
2807 *dp |= (png_byte)(v << dshift);
2808 if (dshift == s_end)
2816 if (sshift == s_end)
2828 png_bytep sp = row + (png_size_t)((row_info->width - 1) >> 1);
2829 png_bytep dp = row + (png_size_t)((final_width - 1) >> 1);
2831 int s_start, s_end, s_inc;
2833 int jstop = png_pass_inc[pass];
2835 #ifdef PNG_READ_PACKSWAP_SUPPORTED
2836 if (transformations & PNG_PACKSWAP)
2838 sshift = (int)(((row_info->width + 1) & 0x01) << 2);
2839 dshift = (int)(((final_width + 1) & 0x01) << 2);
2847 sshift = (int)((1 - ((row_info->width + 1) & 0x01)) << 2);
2848 dshift = (int)((1 - ((final_width + 1) & 0x01)) << 2);
2854 for (i = 0; i < row_info->width; i++)
2856 png_byte v = (png_byte)((*sp >> sshift) & 0xf);
2859 for (j = 0; j < jstop; j++)
2861 *dp &= (png_byte)((0xf0f >> (4 - dshift)) & 0xff);
2862 *dp |= (png_byte)(v << dshift);
2863 if (dshift == s_end)
2871 if (sshift == s_end)
2883 png_size_t pixel_bytes = (row_info->pixel_depth >> 3);
2884 png_bytep sp = row + (png_size_t)(row_info->width - 1)
2886 png_bytep dp = row + (png_size_t)(final_width - 1) * pixel_bytes;
2888 int jstop = png_pass_inc[pass];
2891 for (i = 0; i < row_info->width; i++)
2896 png_memcpy(v, sp, pixel_bytes);
2897 for (j = 0; j < jstop; j++)
2899 png_memcpy(dp, v, pixel_bytes);
2907 row_info->width = final_width;
2908 row_info->rowbytes = PNG_ROWBYTES(row_info->pixel_depth, final_width);
2910 #ifndef PNG_READ_PACKSWAP_SUPPORTED
2911 transformations = transformations; /* Silence compiler warning */
2914 #endif /* PNG_READ_INTERLACING_SUPPORTED */
2917 png_read_filter_row(png_structp png_ptr, png_row_infop row_info, png_bytep row,
2918 png_bytep prev_row, int filter)
2920 png_debug(1, "in png_read_filter_row");
2921 png_debug2(2, "row = %lu, filter = %d", png_ptr->row_number, filter);
2924 case PNG_FILTER_VALUE_NONE:
2926 case PNG_FILTER_VALUE_SUB:
2929 png_uint_32 istop = row_info->rowbytes;
2930 png_uint_32 bpp = (row_info->pixel_depth + 7) >> 3;
2931 png_bytep rp = row + bpp;
2934 for (i = bpp; i < istop; i++)
2936 *rp = (png_byte)(((int)(*rp) + (int)(*lp++)) & 0xff);
2941 case PNG_FILTER_VALUE_UP:
2944 png_uint_32 istop = row_info->rowbytes;
2946 png_bytep pp = prev_row;
2948 for (i = 0; i < istop; i++)
2950 *rp = (png_byte)(((int)(*rp) + (int)(*pp++)) & 0xff);
2955 case PNG_FILTER_VALUE_AVG:
2959 png_bytep pp = prev_row;
2961 png_uint_32 bpp = (row_info->pixel_depth + 7) >> 3;
2962 png_uint_32 istop = row_info->rowbytes - bpp;
2964 for (i = 0; i < bpp; i++)
2966 *rp = (png_byte)(((int)(*rp) +
2967 ((int)(*pp++) / 2 )) & 0xff);
2971 for (i = 0; i < istop; i++)
2973 *rp = (png_byte)(((int)(*rp) +
2974 (int)(*pp++ + *lp++) / 2 ) & 0xff);
2979 case PNG_FILTER_VALUE_PAETH:
2983 png_bytep pp = prev_row;
2985 png_bytep cp = prev_row;
2986 png_uint_32 bpp = (row_info->pixel_depth + 7) >> 3;
2987 png_uint_32 istop=row_info->rowbytes - bpp;
2989 for (i = 0; i < bpp; i++)
2991 *rp = (png_byte)(((int)(*rp) + (int)(*pp++)) & 0xff);
2995 for (i = 0; i < istop; i++) /* Use leftover rp,pp */
2997 int a, b, c, pa, pb, pc, p;
3011 pa = p < 0 ? -p : p;
3012 pb = pc < 0 ? -pc : pc;
3013 pc = (p + pc) < 0 ? -(p + pc) : p + pc;
3017 if (pa <= pb && pa <= pc)
3025 p = (pa <= pb && pa <= pc) ? a : (pb <= pc) ? b : c;
3027 *rp = (png_byte)(((int)(*rp) + p) & 0xff);
3033 png_warning(png_ptr, "Ignoring bad adaptive filter type");
3039 #ifdef PNG_SEQUENTIAL_READ_SUPPORTED
3041 png_read_finish_row(png_structp png_ptr)
3043 #ifdef PNG_READ_INTERLACING_SUPPORTED
3044 /* Arrays to facilitate easy interlacing - use pass (0 - 6) as index */
3046 /* Start of interlace block */
3047 PNG_CONST int png_pass_start[7] = {0, 4, 0, 2, 0, 1, 0};
3049 /* Offset to next interlace block */
3050 PNG_CONST int png_pass_inc[7] = {8, 8, 4, 4, 2, 2, 1};
3052 /* Start of interlace block in the y direction */
3053 PNG_CONST int png_pass_ystart[7] = {0, 0, 4, 0, 2, 0, 1};
3055 /* Offset to next interlace block in the y direction */
3056 PNG_CONST int png_pass_yinc[7] = {8, 8, 8, 4, 4, 2, 2};
3057 #endif /* PNG_READ_INTERLACING_SUPPORTED */
3059 png_debug(1, "in png_read_finish_row");
3060 png_ptr->row_number++;
3061 if (png_ptr->row_number < png_ptr->num_rows)
3064 #ifdef PNG_READ_INTERLACING_SUPPORTED
3065 if (png_ptr->interlaced)
3067 png_ptr->row_number = 0;
3068 png_memset(png_ptr->prev_row, 0,
3069 png_ptr->rowbytes + 1);
3073 if (png_ptr->pass >= 7)
3075 png_ptr->iwidth = (png_ptr->width +
3076 png_pass_inc[png_ptr->pass] - 1 -
3077 png_pass_start[png_ptr->pass]) /
3078 png_pass_inc[png_ptr->pass];
3080 if (!(png_ptr->transformations & PNG_INTERLACE))
3082 png_ptr->num_rows = (png_ptr->height +
3083 png_pass_yinc[png_ptr->pass] - 1 -
3084 png_pass_ystart[png_ptr->pass]) /
3085 png_pass_yinc[png_ptr->pass];
3086 if (!(png_ptr->num_rows))
3089 else /* if (png_ptr->transformations & PNG_INTERLACE) */
3091 } while (png_ptr->iwidth == 0);
3093 if (png_ptr->pass < 7)
3096 #endif /* PNG_READ_INTERLACING_SUPPORTED */
3098 if (!(png_ptr->flags & PNG_FLAG_ZLIB_FINISHED))
3104 png_ptr->zstream.next_out = (Byte *)&extra;
3105 png_ptr->zstream.avail_out = (uInt)1;
3108 if (!(png_ptr->zstream.avail_in))
3110 while (!png_ptr->idat_size)
3112 png_byte chunk_length[4];
3114 png_crc_finish(png_ptr, 0);
3116 png_read_data(png_ptr, chunk_length, 4);
3117 png_ptr->idat_size = png_get_uint_31(png_ptr, chunk_length);
3118 png_reset_crc(png_ptr);
3119 png_crc_read(png_ptr, png_ptr->chunk_name, 4);
3120 if (png_memcmp(png_ptr->chunk_name, png_IDAT, 4))
3121 png_error(png_ptr, "Not enough image data");
3124 png_ptr->zstream.avail_in = (uInt)png_ptr->zbuf_size;
3125 png_ptr->zstream.next_in = png_ptr->zbuf;
3126 if (png_ptr->zbuf_size > png_ptr->idat_size)
3127 png_ptr->zstream.avail_in = (uInt)png_ptr->idat_size;
3128 png_crc_read(png_ptr, png_ptr->zbuf, png_ptr->zstream.avail_in);
3129 png_ptr->idat_size -= png_ptr->zstream.avail_in;
3131 ret = inflate(&png_ptr->zstream, Z_PARTIAL_FLUSH);
3132 if (ret == Z_STREAM_END)
3134 if (!(png_ptr->zstream.avail_out) || png_ptr->zstream.avail_in ||
3136 png_warning(png_ptr, "Extra compressed data");
3137 png_ptr->mode |= PNG_AFTER_IDAT;
3138 png_ptr->flags |= PNG_FLAG_ZLIB_FINISHED;
3142 png_error(png_ptr, png_ptr->zstream.msg ? png_ptr->zstream.msg :
3143 "Decompression Error");
3145 if (!(png_ptr->zstream.avail_out))
3147 png_warning(png_ptr, "Extra compressed data");
3148 png_ptr->mode |= PNG_AFTER_IDAT;
3149 png_ptr->flags |= PNG_FLAG_ZLIB_FINISHED;
3154 png_ptr->zstream.avail_out = 0;
3157 if (png_ptr->idat_size || png_ptr->zstream.avail_in)
3158 png_warning(png_ptr, "Extra compression data");
3160 inflateReset(&png_ptr->zstream);
3162 png_ptr->mode |= PNG_AFTER_IDAT;
3164 #endif /* PNG_SEQUENTIAL_READ_SUPPORTED */
3167 png_read_start_row(png_structp png_ptr)
3169 #ifdef PNG_READ_INTERLACING_SUPPORTED
3170 /* Arrays to facilitate easy interlacing - use pass (0 - 6) as index */
3172 /* Start of interlace block */
3173 PNG_CONST int png_pass_start[7] = {0, 4, 0, 2, 0, 1, 0};
3175 /* Offset to next interlace block */
3176 PNG_CONST int png_pass_inc[7] = {8, 8, 4, 4, 2, 2, 1};
3178 /* Start of interlace block in the y direction */
3179 PNG_CONST int png_pass_ystart[7] = {0, 0, 4, 0, 2, 0, 1};
3181 /* Offset to next interlace block in the y direction */
3182 PNG_CONST int png_pass_yinc[7] = {8, 8, 8, 4, 4, 2, 2};
3185 int max_pixel_depth;
3186 png_size_t row_bytes;
3188 png_debug(1, "in png_read_start_row");
3189 png_ptr->zstream.avail_in = 0;
3190 png_init_read_transformations(png_ptr);
3191 #ifdef PNG_READ_INTERLACING_SUPPORTED
3192 if (png_ptr->interlaced)
3194 if (!(png_ptr->transformations & PNG_INTERLACE))
3195 png_ptr->num_rows = (png_ptr->height + png_pass_yinc[0] - 1 -
3196 png_pass_ystart[0]) / png_pass_yinc[0];
3198 png_ptr->num_rows = png_ptr->height;
3200 png_ptr->iwidth = (png_ptr->width +
3201 png_pass_inc[png_ptr->pass] - 1 -
3202 png_pass_start[png_ptr->pass]) /
3203 png_pass_inc[png_ptr->pass];
3206 #endif /* PNG_READ_INTERLACING_SUPPORTED */
3208 png_ptr->num_rows = png_ptr->height;
3209 png_ptr->iwidth = png_ptr->width;
3211 max_pixel_depth = png_ptr->pixel_depth;
3213 #ifdef PNG_READ_PACK_SUPPORTED
3214 if ((png_ptr->transformations & PNG_PACK) && png_ptr->bit_depth < 8)
3215 max_pixel_depth = 8;
3218 #ifdef PNG_READ_EXPAND_SUPPORTED
3219 if (png_ptr->transformations & PNG_EXPAND)
3221 if (png_ptr->color_type == PNG_COLOR_TYPE_PALETTE)
3223 if (png_ptr->num_trans)
3224 max_pixel_depth = 32;
3226 max_pixel_depth = 24;
3228 else if (png_ptr->color_type == PNG_COLOR_TYPE_GRAY)
3230 if (max_pixel_depth < 8)
3231 max_pixel_depth = 8;
3232 if (png_ptr->num_trans)
3233 max_pixel_depth *= 2;
3235 else if (png_ptr->color_type == PNG_COLOR_TYPE_RGB)
3237 if (png_ptr->num_trans)
3239 max_pixel_depth *= 4;
3240 max_pixel_depth /= 3;
3246 #ifdef PNG_READ_FILLER_SUPPORTED
3247 if (png_ptr->transformations & (PNG_FILLER))
3249 if (png_ptr->color_type == PNG_COLOR_TYPE_PALETTE)
3250 max_pixel_depth = 32;
3251 else if (png_ptr->color_type == PNG_COLOR_TYPE_GRAY)
3253 if (max_pixel_depth <= 8)
3254 max_pixel_depth = 16;
3256 max_pixel_depth = 32;
3258 else if (png_ptr->color_type == PNG_COLOR_TYPE_RGB)
3260 if (max_pixel_depth <= 32)
3261 max_pixel_depth = 32;
3263 max_pixel_depth = 64;
3268 #ifdef PNG_READ_GRAY_TO_RGB_SUPPORTED
3269 if (png_ptr->transformations & PNG_GRAY_TO_RGB)
3272 #ifdef PNG_READ_EXPAND_SUPPORTED
3273 (png_ptr->num_trans && (png_ptr->transformations & PNG_EXPAND)) ||
3275 #ifdef PNG_READ_FILLER_SUPPORTED
3276 (png_ptr->transformations & (PNG_FILLER)) ||
3278 png_ptr->color_type == PNG_COLOR_TYPE_GRAY_ALPHA)
3280 if (max_pixel_depth <= 16)
3281 max_pixel_depth = 32;
3283 max_pixel_depth = 64;
3287 if (max_pixel_depth <= 8)
3289 if (png_ptr->color_type == PNG_COLOR_TYPE_RGB_ALPHA)
3290 max_pixel_depth = 32;
3292 max_pixel_depth = 24;
3294 else if (png_ptr->color_type == PNG_COLOR_TYPE_RGB_ALPHA)
3295 max_pixel_depth = 64;
3297 max_pixel_depth = 48;
3302 #if defined(PNG_READ_USER_TRANSFORM_SUPPORTED) && \
3303 defined(PNG_USER_TRANSFORM_PTR_SUPPORTED)
3304 if (png_ptr->transformations & PNG_USER_TRANSFORM)
3306 int user_pixel_depth = png_ptr->user_transform_depth*
3307 png_ptr->user_transform_channels;
3308 if (user_pixel_depth > max_pixel_depth)
3309 max_pixel_depth=user_pixel_depth;
3313 /* Align the width on the next larger 8 pixels. Mainly used
3316 row_bytes = ((png_ptr->width + 7) & ~((png_uint_32)7));
3317 /* Calculate the maximum bytes needed, adding a byte and a pixel
3320 row_bytes = PNG_ROWBYTES(max_pixel_depth, row_bytes) +
3321 1 + ((max_pixel_depth + 7) >> 3);
3322 #ifdef PNG_MAX_MALLOC_64K
3323 if (row_bytes > (png_uint_32)65536L)
3324 png_error(png_ptr, "This image requires a row greater than 64KB");
3327 if (row_bytes + 48 > png_ptr->old_big_row_buf_size)
3329 png_free(png_ptr, png_ptr->big_row_buf);
3330 if (png_ptr->interlaced)
3331 png_ptr->big_row_buf = (png_bytep)png_calloc(png_ptr,
3334 png_ptr->big_row_buf = (png_bytep)png_malloc(png_ptr,
3336 png_ptr->old_big_row_buf_size = row_bytes + 48;
3338 #ifdef PNG_ALIGNED_MEMORY_SUPPORTED
3339 /* Use 16-byte aligned memory for row_buf with at least 16 bytes
3340 * of padding before and after row_buf.
3342 png_ptr->row_buf = png_ptr->big_row_buf + 32
3343 - (((png_alloc_size_t)&(png_ptr->big_row_buf[0]) + 15) % 16);
3344 png_ptr->old_big_row_buf_size = row_bytes + 48;
3346 /* Use 32 bytes of padding before and 16 bytes after row_buf. */
3347 png_ptr->row_buf = png_ptr->big_row_buf + 32;
3349 png_ptr->old_big_row_buf_size = row_bytes + 48;
3352 #ifdef PNG_MAX_MALLOC_64K
3353 if ((png_uint_32)png_ptr->rowbytes + 1 > (png_uint_32)65536L)
3354 png_error(png_ptr, "This image requires a row greater than 64KB");
3356 if ((png_uint_32)png_ptr->rowbytes > (png_uint_32)(PNG_SIZE_MAX - 1))
3357 png_error(png_ptr, "Row has too many bytes to allocate in memory");
3359 if (png_ptr->rowbytes + 1 > png_ptr->old_prev_row_size)
3361 png_free(png_ptr, png_ptr->prev_row);
3362 png_ptr->prev_row = (png_bytep)png_malloc(png_ptr, (png_uint_32)(
3363 png_ptr->rowbytes + 1));
3364 png_ptr->old_prev_row_size = png_ptr->rowbytes + 1;
3367 png_memset(png_ptr->prev_row, 0, png_ptr->rowbytes + 1);
3369 png_debug1(3, "width = %lu,", png_ptr->width);
3370 png_debug1(3, "height = %lu,", png_ptr->height);
3371 png_debug1(3, "iwidth = %lu,", png_ptr->iwidth);
3372 png_debug1(3, "num_rows = %lu,", png_ptr->num_rows);
3373 png_debug1(3, "rowbytes = %lu,", png_ptr->rowbytes);
3374 png_debug1(3, "irowbytes = %lu",
3375 PNG_ROWBYTES(png_ptr->pixel_depth, png_ptr->iwidth) + 1);
3377 png_ptr->flags |= PNG_FLAG_ROW_INIT;
3379 #endif /* PNG_READ_SUPPORTED */
projects / apitrace / blob