2 /* pngpread.c - read a png file in push mode
4 * Last changed in libpng 1.5.9 [February 18, 2012]
5 * Copyright (c) 1998-2011 Glenn Randers-Pehrson
6 * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger)
7 * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.)
9 * This code is released under the libpng license.
10 * For conditions of distribution and use, see the disclaimer
11 * and license in png.h
16 #ifdef PNG_PROGRESSIVE_READ_SUPPORTED
18 /* Push model modes */
19 #define PNG_READ_SIG_MODE 0
20 #define PNG_READ_CHUNK_MODE 1
21 #define PNG_READ_IDAT_MODE 2
22 #define PNG_SKIP_MODE 3
23 #define PNG_READ_tEXt_MODE 4
24 #define PNG_READ_zTXt_MODE 5
25 #define PNG_READ_DONE_MODE 6
26 #define PNG_READ_iTXt_MODE 7
27 #define PNG_ERROR_MODE 8
30 png_process_data(png_structp png_ptr, png_infop info_ptr,
31 png_bytep buffer, png_size_t buffer_size)
33 if (png_ptr == NULL || info_ptr == NULL)
36 png_push_restore_buffer(png_ptr, buffer, buffer_size);
38 while (png_ptr->buffer_size)
40 png_process_some_data(png_ptr, info_ptr);
45 png_process_data_pause(png_structp png_ptr, int save)
49 /* It's easiest for the caller if we do the save, then the caller doesn't
50 * have to supply the same data again:
53 png_push_save_buffer(png_ptr);
56 /* This includes any pending saved bytes: */
57 png_size_t remaining = png_ptr->buffer_size;
58 png_ptr->buffer_size = 0;
60 /* So subtract the saved buffer size, unless all the data
61 * is actually 'saved', in which case we just return 0
63 if (png_ptr->save_buffer_size < remaining)
64 return remaining - png_ptr->save_buffer_size;
72 png_process_data_skip(png_structp png_ptr)
74 png_uint_32 remaining = 0;
76 if (png_ptr != NULL && png_ptr->process_mode == PNG_SKIP_MODE &&
77 png_ptr->skip_length > 0)
79 /* At the end of png_process_data the buffer size must be 0 (see the loop
80 * above) so we can detect a broken call here:
82 if (png_ptr->buffer_size != 0)
84 "png_process_data_skip called inside png_process_data");
86 /* If is impossible for there to be a saved buffer at this point -
87 * otherwise we could not be in SKIP mode. This will also happen if
88 * png_process_skip is called inside png_process_data (but only very
91 if (png_ptr->save_buffer_size != 0)
92 png_error(png_ptr, "png_process_data_skip called with saved data");
94 remaining = png_ptr->skip_length;
95 png_ptr->skip_length = 0;
96 png_ptr->process_mode = PNG_READ_CHUNK_MODE;
102 /* What we do with the incoming data depends on what we were previously
103 * doing before we ran out of data...
106 png_process_some_data(png_structp png_ptr, png_infop info_ptr)
111 switch (png_ptr->process_mode)
113 case PNG_READ_SIG_MODE:
115 png_push_read_sig(png_ptr, info_ptr);
119 case PNG_READ_CHUNK_MODE:
121 png_push_read_chunk(png_ptr, info_ptr);
125 case PNG_READ_IDAT_MODE:
127 png_push_read_IDAT(png_ptr);
131 #ifdef PNG_READ_tEXt_SUPPORTED
132 case PNG_READ_tEXt_MODE:
134 png_push_read_tEXt(png_ptr, info_ptr);
139 #ifdef PNG_READ_zTXt_SUPPORTED
140 case PNG_READ_zTXt_MODE:
142 png_push_read_zTXt(png_ptr, info_ptr);
147 #ifdef PNG_READ_iTXt_SUPPORTED
148 case PNG_READ_iTXt_MODE:
150 png_push_read_iTXt(png_ptr, info_ptr);
157 png_push_crc_finish(png_ptr);
163 png_ptr->buffer_size = 0;
169 /* Read any remaining signature bytes from the stream and compare them with
170 * the correct PNG signature. It is possible that this routine is called
171 * with bytes already read from the signature, either because they have been
172 * checked by the calling application, or because of multiple calls to this
176 png_push_read_sig(png_structp png_ptr, png_infop info_ptr)
178 png_size_t num_checked = png_ptr->sig_bytes,
179 num_to_check = 8 - num_checked;
181 if (png_ptr->buffer_size < num_to_check)
183 num_to_check = png_ptr->buffer_size;
186 png_push_fill_buffer(png_ptr, &(info_ptr->signature[num_checked]),
188 png_ptr->sig_bytes = (png_byte)(png_ptr->sig_bytes + num_to_check);
190 if (png_sig_cmp(info_ptr->signature, num_checked, num_to_check))
192 if (num_checked < 4 &&
193 png_sig_cmp(info_ptr->signature, num_checked, num_to_check - 4))
194 png_error(png_ptr, "Not a PNG file");
197 png_error(png_ptr, "PNG file corrupted by ASCII conversion");
201 if (png_ptr->sig_bytes >= 8)
203 png_ptr->process_mode = PNG_READ_CHUNK_MODE;
209 png_push_read_chunk(png_structp png_ptr, png_infop info_ptr)
211 png_uint_32 chunk_name;
213 /* First we make sure we have enough data for the 4 byte chunk name
214 * and the 4 byte chunk length before proceeding with decoding the
215 * chunk data. To fully decode each of these chunks, we also make
216 * sure we have enough data in the buffer for the 4 byte CRC at the
217 * end of every chunk (except IDAT, which is handled separately).
219 if (!(png_ptr->mode & PNG_HAVE_CHUNK_HEADER))
221 png_byte chunk_length[4];
222 png_byte chunk_tag[4];
224 if (png_ptr->buffer_size < 8)
226 png_push_save_buffer(png_ptr);
230 png_push_fill_buffer(png_ptr, chunk_length, 4);
231 png_ptr->push_length = png_get_uint_31(png_ptr, chunk_length);
232 png_reset_crc(png_ptr);
233 png_crc_read(png_ptr, chunk_tag, 4);
234 png_ptr->chunk_name = PNG_CHUNK_FROM_STRING(chunk_tag);
235 png_check_chunk_name(png_ptr, png_ptr->chunk_name);
236 png_ptr->mode |= PNG_HAVE_CHUNK_HEADER;
239 chunk_name = png_ptr->chunk_name;
241 if (chunk_name == png_IDAT)
243 /* This is here above the if/else case statement below because if the
244 * unknown handling marks 'IDAT' as unknown then the IDAT handling case is
245 * completely skipped.
247 * TODO: there must be a better way of doing this.
249 if (png_ptr->mode & PNG_AFTER_IDAT)
250 png_ptr->mode |= PNG_HAVE_CHUNK_AFTER_IDAT;
253 if (chunk_name == png_IHDR)
255 if (png_ptr->push_length != 13)
256 png_error(png_ptr, "Invalid IHDR length");
258 if (png_ptr->push_length + 4 > png_ptr->buffer_size)
260 png_push_save_buffer(png_ptr);
264 png_handle_IHDR(png_ptr, info_ptr, png_ptr->push_length);
267 else if (chunk_name == png_IEND)
269 if (png_ptr->push_length + 4 > png_ptr->buffer_size)
271 png_push_save_buffer(png_ptr);
275 png_handle_IEND(png_ptr, info_ptr, png_ptr->push_length);
277 png_ptr->process_mode = PNG_READ_DONE_MODE;
278 png_push_have_end(png_ptr, info_ptr);
281 #ifdef PNG_HANDLE_AS_UNKNOWN_SUPPORTED
282 else if (png_chunk_unknown_handling(png_ptr, chunk_name))
284 if (png_ptr->push_length + 4 > png_ptr->buffer_size)
286 png_push_save_buffer(png_ptr);
290 if (chunk_name == png_IDAT)
291 png_ptr->mode |= PNG_HAVE_IDAT;
293 png_handle_unknown(png_ptr, info_ptr, png_ptr->push_length);
295 if (chunk_name == png_PLTE)
296 png_ptr->mode |= PNG_HAVE_PLTE;
298 else if (chunk_name == png_IDAT)
300 if (!(png_ptr->mode & PNG_HAVE_IHDR))
301 png_error(png_ptr, "Missing IHDR before IDAT");
303 else if (png_ptr->color_type == PNG_COLOR_TYPE_PALETTE &&
304 !(png_ptr->mode & PNG_HAVE_PLTE))
305 png_error(png_ptr, "Missing PLTE before IDAT");
310 else if (chunk_name == png_PLTE)
312 if (png_ptr->push_length + 4 > png_ptr->buffer_size)
314 png_push_save_buffer(png_ptr);
317 png_handle_PLTE(png_ptr, info_ptr, png_ptr->push_length);
320 else if (chunk_name == png_IDAT)
322 /* If we reach an IDAT chunk, this means we have read all of the
323 * header chunks, and we can start reading the image (or if this
324 * is called after the image has been read - we have an error).
327 if (!(png_ptr->mode & PNG_HAVE_IHDR))
328 png_error(png_ptr, "Missing IHDR before IDAT");
330 else if (png_ptr->color_type == PNG_COLOR_TYPE_PALETTE &&
331 !(png_ptr->mode & PNG_HAVE_PLTE))
332 png_error(png_ptr, "Missing PLTE before IDAT");
334 if (png_ptr->mode & PNG_HAVE_IDAT)
336 if (!(png_ptr->mode & PNG_HAVE_CHUNK_AFTER_IDAT))
337 if (png_ptr->push_length == 0)
340 if (png_ptr->mode & PNG_AFTER_IDAT)
341 png_benign_error(png_ptr, "Too many IDATs found");
344 png_ptr->idat_size = png_ptr->push_length;
345 png_ptr->mode |= PNG_HAVE_IDAT;
346 png_ptr->process_mode = PNG_READ_IDAT_MODE;
347 png_push_have_info(png_ptr, info_ptr);
348 png_ptr->zstream.avail_out =
349 (uInt) PNG_ROWBYTES(png_ptr->pixel_depth,
350 png_ptr->iwidth) + 1;
351 png_ptr->zstream.next_out = png_ptr->row_buf;
355 #ifdef PNG_READ_gAMA_SUPPORTED
356 else if (png_ptr->chunk_name == png_gAMA)
358 if (png_ptr->push_length + 4 > png_ptr->buffer_size)
360 png_push_save_buffer(png_ptr);
364 png_handle_gAMA(png_ptr, info_ptr, png_ptr->push_length);
368 #ifdef PNG_READ_sBIT_SUPPORTED
369 else if (png_ptr->chunk_name == png_sBIT)
371 if (png_ptr->push_length + 4 > png_ptr->buffer_size)
373 png_push_save_buffer(png_ptr);
377 png_handle_sBIT(png_ptr, info_ptr, png_ptr->push_length);
381 #ifdef PNG_READ_cHRM_SUPPORTED
382 else if (png_ptr->chunk_name == png_cHRM)
384 if (png_ptr->push_length + 4 > png_ptr->buffer_size)
386 png_push_save_buffer(png_ptr);
390 png_handle_cHRM(png_ptr, info_ptr, png_ptr->push_length);
394 #ifdef PNG_READ_sRGB_SUPPORTED
395 else if (chunk_name == png_sRGB)
397 if (png_ptr->push_length + 4 > png_ptr->buffer_size)
399 png_push_save_buffer(png_ptr);
403 png_handle_sRGB(png_ptr, info_ptr, png_ptr->push_length);
407 #ifdef PNG_READ_iCCP_SUPPORTED
408 else if (png_ptr->chunk_name == png_iCCP)
410 if (png_ptr->push_length + 4 > png_ptr->buffer_size)
412 png_push_save_buffer(png_ptr);
416 png_handle_iCCP(png_ptr, info_ptr, png_ptr->push_length);
420 #ifdef PNG_READ_sPLT_SUPPORTED
421 else if (chunk_name == png_sPLT)
423 if (png_ptr->push_length + 4 > png_ptr->buffer_size)
425 png_push_save_buffer(png_ptr);
429 png_handle_sPLT(png_ptr, info_ptr, png_ptr->push_length);
433 #ifdef PNG_READ_tRNS_SUPPORTED
434 else if (chunk_name == png_tRNS)
436 if (png_ptr->push_length + 4 > png_ptr->buffer_size)
438 png_push_save_buffer(png_ptr);
442 png_handle_tRNS(png_ptr, info_ptr, png_ptr->push_length);
446 #ifdef PNG_READ_bKGD_SUPPORTED
447 else if (chunk_name == png_bKGD)
449 if (png_ptr->push_length + 4 > png_ptr->buffer_size)
451 png_push_save_buffer(png_ptr);
455 png_handle_bKGD(png_ptr, info_ptr, png_ptr->push_length);
459 #ifdef PNG_READ_hIST_SUPPORTED
460 else if (chunk_name == png_hIST)
462 if (png_ptr->push_length + 4 > png_ptr->buffer_size)
464 png_push_save_buffer(png_ptr);
468 png_handle_hIST(png_ptr, info_ptr, png_ptr->push_length);
472 #ifdef PNG_READ_pHYs_SUPPORTED
473 else if (chunk_name == png_pHYs)
475 if (png_ptr->push_length + 4 > png_ptr->buffer_size)
477 png_push_save_buffer(png_ptr);
481 png_handle_pHYs(png_ptr, info_ptr, png_ptr->push_length);
485 #ifdef PNG_READ_oFFs_SUPPORTED
486 else if (chunk_name == png_oFFs)
488 if (png_ptr->push_length + 4 > png_ptr->buffer_size)
490 png_push_save_buffer(png_ptr);
494 png_handle_oFFs(png_ptr, info_ptr, png_ptr->push_length);
498 #ifdef PNG_READ_pCAL_SUPPORTED
499 else if (chunk_name == png_pCAL)
501 if (png_ptr->push_length + 4 > png_ptr->buffer_size)
503 png_push_save_buffer(png_ptr);
507 png_handle_pCAL(png_ptr, info_ptr, png_ptr->push_length);
511 #ifdef PNG_READ_sCAL_SUPPORTED
512 else if (chunk_name == png_sCAL)
514 if (png_ptr->push_length + 4 > png_ptr->buffer_size)
516 png_push_save_buffer(png_ptr);
520 png_handle_sCAL(png_ptr, info_ptr, png_ptr->push_length);
524 #ifdef PNG_READ_tIME_SUPPORTED
525 else if (chunk_name == png_tIME)
527 if (png_ptr->push_length + 4 > png_ptr->buffer_size)
529 png_push_save_buffer(png_ptr);
533 png_handle_tIME(png_ptr, info_ptr, png_ptr->push_length);
537 #ifdef PNG_READ_tEXt_SUPPORTED
538 else if (chunk_name == png_tEXt)
540 if (png_ptr->push_length + 4 > png_ptr->buffer_size)
542 png_push_save_buffer(png_ptr);
546 png_push_handle_tEXt(png_ptr, info_ptr, png_ptr->push_length);
550 #ifdef PNG_READ_zTXt_SUPPORTED
551 else if (chunk_name == png_zTXt)
553 if (png_ptr->push_length + 4 > png_ptr->buffer_size)
555 png_push_save_buffer(png_ptr);
559 png_push_handle_zTXt(png_ptr, info_ptr, png_ptr->push_length);
563 #ifdef PNG_READ_iTXt_SUPPORTED
564 else if (chunk_name == png_iTXt)
566 if (png_ptr->push_length + 4 > png_ptr->buffer_size)
568 png_push_save_buffer(png_ptr);
572 png_push_handle_iTXt(png_ptr, info_ptr, png_ptr->push_length);
578 if (png_ptr->push_length + 4 > png_ptr->buffer_size)
580 png_push_save_buffer(png_ptr);
583 png_push_handle_unknown(png_ptr, info_ptr, png_ptr->push_length);
586 png_ptr->mode &= ~PNG_HAVE_CHUNK_HEADER;
590 png_push_crc_skip(png_structp png_ptr, png_uint_32 skip)
592 png_ptr->process_mode = PNG_SKIP_MODE;
593 png_ptr->skip_length = skip;
597 png_push_crc_finish(png_structp png_ptr)
599 if (png_ptr->skip_length && png_ptr->save_buffer_size)
601 png_size_t save_size = png_ptr->save_buffer_size;
602 png_uint_32 skip_length = png_ptr->skip_length;
604 /* We want the smaller of 'skip_length' and 'save_buffer_size', but
605 * they are of different types and we don't know which variable has the
606 * fewest bits. Carefully select the smaller and cast it to the type of
607 * the larger - this cannot overflow. Do not cast in the following test
608 * - it will break on either 16 or 64 bit platforms.
610 if (skip_length < save_size)
611 save_size = (png_size_t)skip_length;
614 skip_length = (png_uint_32)save_size;
616 png_calculate_crc(png_ptr, png_ptr->save_buffer_ptr, save_size);
618 png_ptr->skip_length -= skip_length;
619 png_ptr->buffer_size -= save_size;
620 png_ptr->save_buffer_size -= save_size;
621 png_ptr->save_buffer_ptr += save_size;
623 if (png_ptr->skip_length && png_ptr->current_buffer_size)
625 png_size_t save_size = png_ptr->current_buffer_size;
626 png_uint_32 skip_length = png_ptr->skip_length;
628 /* We want the smaller of 'skip_length' and 'current_buffer_size', here,
629 * the same problem exists as above and the same solution.
631 if (skip_length < save_size)
632 save_size = (png_size_t)skip_length;
635 skip_length = (png_uint_32)save_size;
637 png_calculate_crc(png_ptr, png_ptr->current_buffer_ptr, save_size);
639 png_ptr->skip_length -= skip_length;
640 png_ptr->buffer_size -= save_size;
641 png_ptr->current_buffer_size -= save_size;
642 png_ptr->current_buffer_ptr += save_size;
644 if (!png_ptr->skip_length)
646 if (png_ptr->buffer_size < 4)
648 png_push_save_buffer(png_ptr);
652 png_crc_finish(png_ptr, 0);
653 png_ptr->process_mode = PNG_READ_CHUNK_MODE;
658 png_push_fill_buffer(png_structp png_ptr, png_bytep buffer, png_size_t length)
666 if (png_ptr->save_buffer_size)
668 png_size_t save_size;
670 if (length < png_ptr->save_buffer_size)
674 save_size = png_ptr->save_buffer_size;
676 png_memcpy(ptr, png_ptr->save_buffer_ptr, save_size);
679 png_ptr->buffer_size -= save_size;
680 png_ptr->save_buffer_size -= save_size;
681 png_ptr->save_buffer_ptr += save_size;
683 if (length && png_ptr->current_buffer_size)
685 png_size_t save_size;
687 if (length < png_ptr->current_buffer_size)
691 save_size = png_ptr->current_buffer_size;
693 png_memcpy(ptr, png_ptr->current_buffer_ptr, save_size);
694 png_ptr->buffer_size -= save_size;
695 png_ptr->current_buffer_size -= save_size;
696 png_ptr->current_buffer_ptr += save_size;
701 png_push_save_buffer(png_structp png_ptr)
703 if (png_ptr->save_buffer_size)
705 if (png_ptr->save_buffer_ptr != png_ptr->save_buffer)
711 istop = png_ptr->save_buffer_size;
712 for (i = 0, sp = png_ptr->save_buffer_ptr, dp = png_ptr->save_buffer;
713 i < istop; i++, sp++, dp++)
719 if (png_ptr->save_buffer_size + png_ptr->current_buffer_size >
720 png_ptr->save_buffer_max)
723 png_bytep old_buffer;
725 if (png_ptr->save_buffer_size > PNG_SIZE_MAX -
726 (png_ptr->current_buffer_size + 256))
728 png_error(png_ptr, "Potential overflow of save_buffer");
731 new_max = png_ptr->save_buffer_size + png_ptr->current_buffer_size + 256;
732 old_buffer = png_ptr->save_buffer;
733 png_ptr->save_buffer = (png_bytep)png_malloc_warn(png_ptr, new_max);
735 if (png_ptr->save_buffer == NULL)
737 png_free(png_ptr, old_buffer);
738 png_error(png_ptr, "Insufficient memory for save_buffer");
741 png_memcpy(png_ptr->save_buffer, old_buffer, png_ptr->save_buffer_size);
742 png_free(png_ptr, old_buffer);
743 png_ptr->save_buffer_max = new_max;
745 if (png_ptr->current_buffer_size)
747 png_memcpy(png_ptr->save_buffer + png_ptr->save_buffer_size,
748 png_ptr->current_buffer_ptr, png_ptr->current_buffer_size);
749 png_ptr->save_buffer_size += png_ptr->current_buffer_size;
750 png_ptr->current_buffer_size = 0;
752 png_ptr->save_buffer_ptr = png_ptr->save_buffer;
753 png_ptr->buffer_size = 0;
757 png_push_restore_buffer(png_structp png_ptr, png_bytep buffer,
758 png_size_t buffer_length)
760 png_ptr->current_buffer = buffer;
761 png_ptr->current_buffer_size = buffer_length;
762 png_ptr->buffer_size = buffer_length + png_ptr->save_buffer_size;
763 png_ptr->current_buffer_ptr = png_ptr->current_buffer;
767 png_push_read_IDAT(png_structp png_ptr)
769 if (!(png_ptr->mode & PNG_HAVE_CHUNK_HEADER))
771 png_byte chunk_length[4];
772 png_byte chunk_tag[4];
774 /* TODO: this code can be commoned up with the same code in push_read */
775 if (png_ptr->buffer_size < 8)
777 png_push_save_buffer(png_ptr);
781 png_push_fill_buffer(png_ptr, chunk_length, 4);
782 png_ptr->push_length = png_get_uint_31(png_ptr, chunk_length);
783 png_reset_crc(png_ptr);
784 png_crc_read(png_ptr, chunk_tag, 4);
785 png_ptr->chunk_name = PNG_CHUNK_FROM_STRING(chunk_tag);
786 png_ptr->mode |= PNG_HAVE_CHUNK_HEADER;
788 if (png_ptr->chunk_name != png_IDAT)
790 png_ptr->process_mode = PNG_READ_CHUNK_MODE;
792 if (!(png_ptr->flags & PNG_FLAG_ZLIB_FINISHED))
793 png_error(png_ptr, "Not enough compressed data");
798 png_ptr->idat_size = png_ptr->push_length;
801 if (png_ptr->idat_size && png_ptr->save_buffer_size)
803 png_size_t save_size = png_ptr->save_buffer_size;
804 png_uint_32 idat_size = png_ptr->idat_size;
806 /* We want the smaller of 'idat_size' and 'current_buffer_size', but they
807 * are of different types and we don't know which variable has the fewest
808 * bits. Carefully select the smaller and cast it to the type of the
809 * larger - this cannot overflow. Do not cast in the following test - it
810 * will break on either 16 or 64 bit platforms.
812 if (idat_size < save_size)
813 save_size = (png_size_t)idat_size;
816 idat_size = (png_uint_32)save_size;
818 png_calculate_crc(png_ptr, png_ptr->save_buffer_ptr, save_size);
820 png_process_IDAT_data(png_ptr, png_ptr->save_buffer_ptr, save_size);
822 png_ptr->idat_size -= idat_size;
823 png_ptr->buffer_size -= save_size;
824 png_ptr->save_buffer_size -= save_size;
825 png_ptr->save_buffer_ptr += save_size;
828 if (png_ptr->idat_size && png_ptr->current_buffer_size)
830 png_size_t save_size = png_ptr->current_buffer_size;
831 png_uint_32 idat_size = png_ptr->idat_size;
833 /* We want the smaller of 'idat_size' and 'current_buffer_size', but they
834 * are of different types and we don't know which variable has the fewest
835 * bits. Carefully select the smaller and cast it to the type of the
836 * larger - this cannot overflow.
838 if (idat_size < save_size)
839 save_size = (png_size_t)idat_size;
842 idat_size = (png_uint_32)save_size;
844 png_calculate_crc(png_ptr, png_ptr->current_buffer_ptr, save_size);
846 png_process_IDAT_data(png_ptr, png_ptr->current_buffer_ptr, save_size);
848 png_ptr->idat_size -= idat_size;
849 png_ptr->buffer_size -= save_size;
850 png_ptr->current_buffer_size -= save_size;
851 png_ptr->current_buffer_ptr += save_size;
853 if (!png_ptr->idat_size)
855 if (png_ptr->buffer_size < 4)
857 png_push_save_buffer(png_ptr);
861 png_crc_finish(png_ptr, 0);
862 png_ptr->mode &= ~PNG_HAVE_CHUNK_HEADER;
863 png_ptr->mode |= PNG_AFTER_IDAT;
868 png_process_IDAT_data(png_structp png_ptr, png_bytep buffer,
869 png_size_t buffer_length)
871 /* The caller checks for a non-zero buffer length. */
872 if (!(buffer_length > 0) || buffer == NULL)
873 png_error(png_ptr, "No IDAT data (internal error)");
875 /* This routine must process all the data it has been given
876 * before returning, calling the row callback as required to
877 * handle the uncompressed results.
879 png_ptr->zstream.next_in = buffer;
880 png_ptr->zstream.avail_in = (uInt)buffer_length;
882 /* Keep going until the decompressed data is all processed
883 * or the stream marked as finished.
885 while (png_ptr->zstream.avail_in > 0 &&
886 !(png_ptr->flags & PNG_FLAG_ZLIB_FINISHED))
890 /* We have data for zlib, but we must check that zlib
891 * has someplace to put the results. It doesn't matter
892 * if we don't expect any results -- it may be the input
893 * data is just the LZ end code.
895 if (!(png_ptr->zstream.avail_out > 0))
897 png_ptr->zstream.avail_out =
898 (uInt) PNG_ROWBYTES(png_ptr->pixel_depth,
899 png_ptr->iwidth) + 1;
901 png_ptr->zstream.next_out = png_ptr->row_buf;
904 /* Using Z_SYNC_FLUSH here means that an unterminated
905 * LZ stream (a stream with a missing end code) can still
906 * be handled, otherwise (Z_NO_FLUSH) a future zlib
907 * implementation might defer output and therefore
908 * change the current behavior (see comments in inflate.c
909 * for why this doesn't happen at present with zlib 1.2.5).
911 ret = inflate(&png_ptr->zstream, Z_SYNC_FLUSH);
913 /* Check for any failure before proceeding. */
914 if (ret != Z_OK && ret != Z_STREAM_END)
916 /* Terminate the decompression. */
917 png_ptr->flags |= PNG_FLAG_ZLIB_FINISHED;
919 /* This may be a truncated stream (missing or
920 * damaged end code). Treat that as a warning.
922 if (png_ptr->row_number >= png_ptr->num_rows ||
924 png_warning(png_ptr, "Truncated compressed data in IDAT");
927 png_error(png_ptr, "Decompression error in IDAT");
929 /* Skip the check on unprocessed input */
933 /* Did inflate output any data? */
934 if (png_ptr->zstream.next_out != png_ptr->row_buf)
936 /* Is this unexpected data after the last row?
937 * If it is, artificially terminate the LZ output
940 if (png_ptr->row_number >= png_ptr->num_rows ||
944 png_warning(png_ptr, "Extra compressed data in IDAT");
945 png_ptr->flags |= PNG_FLAG_ZLIB_FINISHED;
947 /* Do no more processing; skip the unprocessed
953 /* Do we have a complete row? */
954 if (png_ptr->zstream.avail_out == 0)
955 png_push_process_row(png_ptr);
958 /* And check for the end of the stream. */
959 if (ret == Z_STREAM_END)
960 png_ptr->flags |= PNG_FLAG_ZLIB_FINISHED;
963 /* All the data should have been processed, if anything
964 * is left at this point we have bytes of IDAT data
965 * after the zlib end code.
967 if (png_ptr->zstream.avail_in > 0)
968 png_warning(png_ptr, "Extra compression data in IDAT");
972 png_push_process_row(png_structp png_ptr)
974 /* 1.5.6: row_info moved out of png_struct to a local here. */
975 png_row_info row_info;
977 row_info.width = png_ptr->iwidth; /* NOTE: width of current interlaced row */
978 row_info.color_type = png_ptr->color_type;
979 row_info.bit_depth = png_ptr->bit_depth;
980 row_info.channels = png_ptr->channels;
981 row_info.pixel_depth = png_ptr->pixel_depth;
982 row_info.rowbytes = PNG_ROWBYTES(row_info.pixel_depth, row_info.width);
984 if (png_ptr->row_buf[0] > PNG_FILTER_VALUE_NONE)
986 if (png_ptr->row_buf[0] < PNG_FILTER_VALUE_LAST)
987 png_read_filter_row(png_ptr, &row_info, png_ptr->row_buf + 1,
988 png_ptr->prev_row + 1, png_ptr->row_buf[0]);
990 png_error(png_ptr, "bad adaptive filter value");
993 /* libpng 1.5.6: the following line was copying png_ptr->rowbytes before
994 * 1.5.6, while the buffer really is this big in current versions of libpng
995 * it may not be in the future, so this was changed just to copy the
996 * interlaced row count:
998 png_memcpy(png_ptr->prev_row, png_ptr->row_buf, row_info.rowbytes + 1);
1000 #ifdef PNG_READ_TRANSFORMS_SUPPORTED
1001 if (png_ptr->transformations)
1002 png_do_read_transformations(png_ptr, &row_info);
1005 /* The transformed pixel depth should match the depth now in row_info. */
1006 if (png_ptr->transformed_pixel_depth == 0)
1008 png_ptr->transformed_pixel_depth = row_info.pixel_depth;
1009 if (row_info.pixel_depth > png_ptr->maximum_pixel_depth)
1010 png_error(png_ptr, "progressive row overflow");
1013 else if (png_ptr->transformed_pixel_depth != row_info.pixel_depth)
1014 png_error(png_ptr, "internal progressive row size calculation error");
1017 #ifdef PNG_READ_INTERLACING_SUPPORTED
1018 /* Blow up interlaced rows to full size */
1019 if (png_ptr->interlaced && (png_ptr->transformations & PNG_INTERLACE))
1021 if (png_ptr->pass < 6)
1022 png_do_read_interlace(&row_info, png_ptr->row_buf + 1, png_ptr->pass,
1023 png_ptr->transformations);
1025 switch (png_ptr->pass)
1030 for (i = 0; i < 8 && png_ptr->pass == 0; i++)
1032 png_push_have_row(png_ptr, png_ptr->row_buf + 1);
1033 png_read_push_finish_row(png_ptr); /* Updates png_ptr->pass */
1036 if (png_ptr->pass == 2) /* Pass 1 might be empty */
1038 for (i = 0; i < 4 && png_ptr->pass == 2; i++)
1040 png_push_have_row(png_ptr, NULL);
1041 png_read_push_finish_row(png_ptr);
1045 if (png_ptr->pass == 4 && png_ptr->height <= 4)
1047 for (i = 0; i < 2 && png_ptr->pass == 4; i++)
1049 png_push_have_row(png_ptr, NULL);
1050 png_read_push_finish_row(png_ptr);
1054 if (png_ptr->pass == 6 && png_ptr->height <= 4)
1056 png_push_have_row(png_ptr, NULL);
1057 png_read_push_finish_row(png_ptr);
1066 for (i = 0; i < 8 && png_ptr->pass == 1; i++)
1068 png_push_have_row(png_ptr, png_ptr->row_buf + 1);
1069 png_read_push_finish_row(png_ptr);
1072 if (png_ptr->pass == 2) /* Skip top 4 generated rows */
1074 for (i = 0; i < 4 && png_ptr->pass == 2; i++)
1076 png_push_have_row(png_ptr, NULL);
1077 png_read_push_finish_row(png_ptr);
1088 for (i = 0; i < 4 && png_ptr->pass == 2; i++)
1090 png_push_have_row(png_ptr, png_ptr->row_buf + 1);
1091 png_read_push_finish_row(png_ptr);
1094 for (i = 0; i < 4 && png_ptr->pass == 2; i++)
1096 png_push_have_row(png_ptr, NULL);
1097 png_read_push_finish_row(png_ptr);
1100 if (png_ptr->pass == 4) /* Pass 3 might be empty */
1102 for (i = 0; i < 2 && png_ptr->pass == 4; i++)
1104 png_push_have_row(png_ptr, NULL);
1105 png_read_push_finish_row(png_ptr);
1116 for (i = 0; i < 4 && png_ptr->pass == 3; i++)
1118 png_push_have_row(png_ptr, png_ptr->row_buf + 1);
1119 png_read_push_finish_row(png_ptr);
1122 if (png_ptr->pass == 4) /* Skip top two generated rows */
1124 for (i = 0; i < 2 && png_ptr->pass == 4; i++)
1126 png_push_have_row(png_ptr, NULL);
1127 png_read_push_finish_row(png_ptr);
1138 for (i = 0; i < 2 && png_ptr->pass == 4; i++)
1140 png_push_have_row(png_ptr, png_ptr->row_buf + 1);
1141 png_read_push_finish_row(png_ptr);
1144 for (i = 0; i < 2 && png_ptr->pass == 4; i++)
1146 png_push_have_row(png_ptr, NULL);
1147 png_read_push_finish_row(png_ptr);
1150 if (png_ptr->pass == 6) /* Pass 5 might be empty */
1152 png_push_have_row(png_ptr, NULL);
1153 png_read_push_finish_row(png_ptr);
1163 for (i = 0; i < 2 && png_ptr->pass == 5; i++)
1165 png_push_have_row(png_ptr, png_ptr->row_buf + 1);
1166 png_read_push_finish_row(png_ptr);
1169 if (png_ptr->pass == 6) /* Skip top generated row */
1171 png_push_have_row(png_ptr, NULL);
1172 png_read_push_finish_row(png_ptr);
1181 png_push_have_row(png_ptr, png_ptr->row_buf + 1);
1182 png_read_push_finish_row(png_ptr);
1184 if (png_ptr->pass != 6)
1187 png_push_have_row(png_ptr, NULL);
1188 png_read_push_finish_row(png_ptr);
1195 png_push_have_row(png_ptr, png_ptr->row_buf + 1);
1196 png_read_push_finish_row(png_ptr);
1201 png_read_push_finish_row(png_structp png_ptr)
1203 #ifdef PNG_READ_INTERLACING_SUPPORTED
1204 /* Arrays to facilitate easy interlacing - use pass (0 - 6) as index */
1206 /* Start of interlace block */
1207 static PNG_CONST png_byte FARDATA png_pass_start[] = {0, 4, 0, 2, 0, 1, 0};
1209 /* Offset to next interlace block */
1210 static PNG_CONST png_byte FARDATA png_pass_inc[] = {8, 8, 4, 4, 2, 2, 1};
1212 /* Start of interlace block in the y direction */
1213 static PNG_CONST png_byte FARDATA png_pass_ystart[] = {0, 0, 4, 0, 2, 0, 1};
1215 /* Offset to next interlace block in the y direction */
1216 static PNG_CONST png_byte FARDATA png_pass_yinc[] = {8, 8, 8, 4, 4, 2, 2};
1218 /* Height of interlace block. This is not currently used - if you need
1219 * it, uncomment it here and in png.h
1220 static PNG_CONST png_byte FARDATA png_pass_height[] = {8, 8, 4, 4, 2, 2, 1};
1224 png_ptr->row_number++;
1225 if (png_ptr->row_number < png_ptr->num_rows)
1228 #ifdef PNG_READ_INTERLACING_SUPPORTED
1229 if (png_ptr->interlaced)
1231 png_ptr->row_number = 0;
1232 png_memset(png_ptr->prev_row, 0, png_ptr->rowbytes + 1);
1237 if ((png_ptr->pass == 1 && png_ptr->width < 5) ||
1238 (png_ptr->pass == 3 && png_ptr->width < 3) ||
1239 (png_ptr->pass == 5 && png_ptr->width < 2))
1242 if (png_ptr->pass > 7)
1245 if (png_ptr->pass >= 7)
1248 png_ptr->iwidth = (png_ptr->width +
1249 png_pass_inc[png_ptr->pass] - 1 -
1250 png_pass_start[png_ptr->pass]) /
1251 png_pass_inc[png_ptr->pass];
1253 if (png_ptr->transformations & PNG_INTERLACE)
1256 png_ptr->num_rows = (png_ptr->height +
1257 png_pass_yinc[png_ptr->pass] - 1 -
1258 png_pass_ystart[png_ptr->pass]) /
1259 png_pass_yinc[png_ptr->pass];
1261 } while (png_ptr->iwidth == 0 || png_ptr->num_rows == 0);
1263 #endif /* PNG_READ_INTERLACING_SUPPORTED */
1266 #ifdef PNG_READ_tEXt_SUPPORTED
1268 png_push_handle_tEXt(png_structp png_ptr, png_infop info_ptr, png_uint_32
1271 if (!(png_ptr->mode & PNG_HAVE_IHDR) || (png_ptr->mode & PNG_HAVE_IEND))
1273 PNG_UNUSED(info_ptr) /* To quiet some compiler warnings */
1274 png_error(png_ptr, "Out of place tEXt");
1278 #ifdef PNG_MAX_MALLOC_64K
1279 png_ptr->skip_length = 0; /* This may not be necessary */
1281 if (length > (png_uint_32)65535L) /* Can't hold entire string in memory */
1283 png_warning(png_ptr, "tEXt chunk too large to fit in memory");
1284 png_ptr->skip_length = length - (png_uint_32)65535L;
1285 length = (png_uint_32)65535L;
1289 png_ptr->current_text = (png_charp)png_malloc(png_ptr, length + 1);
1290 png_ptr->current_text[length] = '\0';
1291 png_ptr->current_text_ptr = png_ptr->current_text;
1292 png_ptr->current_text_size = (png_size_t)length;
1293 png_ptr->current_text_left = (png_size_t)length;
1294 png_ptr->process_mode = PNG_READ_tEXt_MODE;
1298 png_push_read_tEXt(png_structp png_ptr, png_infop info_ptr)
1300 if (png_ptr->buffer_size && png_ptr->current_text_left)
1302 png_size_t text_size;
1304 if (png_ptr->buffer_size < png_ptr->current_text_left)
1305 text_size = png_ptr->buffer_size;
1308 text_size = png_ptr->current_text_left;
1310 png_crc_read(png_ptr, (png_bytep)png_ptr->current_text_ptr, text_size);
1311 png_ptr->current_text_left -= text_size;
1312 png_ptr->current_text_ptr += text_size;
1314 if (!(png_ptr->current_text_left))
1321 if (png_ptr->buffer_size < 4)
1323 png_push_save_buffer(png_ptr);
1327 png_push_crc_finish(png_ptr);
1329 #ifdef PNG_MAX_MALLOC_64K
1330 if (png_ptr->skip_length)
1334 key = png_ptr->current_text;
1336 for (text = key; *text; text++)
1339 if (text < key + png_ptr->current_text_size)
1342 text_ptr = (png_textp)png_malloc(png_ptr, png_sizeof(png_text));
1343 text_ptr->compression = PNG_TEXT_COMPRESSION_NONE;
1344 text_ptr->key = key;
1345 text_ptr->itxt_length = 0;
1346 text_ptr->lang = NULL;
1347 text_ptr->lang_key = NULL;
1348 text_ptr->text = text;
1350 ret = png_set_text_2(png_ptr, info_ptr, text_ptr, 1);
1352 png_free(png_ptr, key);
1353 png_free(png_ptr, text_ptr);
1354 png_ptr->current_text = NULL;
1357 png_warning(png_ptr, "Insufficient memory to store text chunk");
1362 #ifdef PNG_READ_zTXt_SUPPORTED
1364 png_push_handle_zTXt(png_structp png_ptr, png_infop info_ptr, png_uint_32
1367 if (!(png_ptr->mode & PNG_HAVE_IHDR) || (png_ptr->mode & PNG_HAVE_IEND))
1369 PNG_UNUSED(info_ptr) /* To quiet some compiler warnings */
1370 png_error(png_ptr, "Out of place zTXt");
1374 #ifdef PNG_MAX_MALLOC_64K
1375 /* We can't handle zTXt chunks > 64K, since we don't have enough space
1376 * to be able to store the uncompressed data. Actually, the threshold
1377 * is probably around 32K, but it isn't as definite as 64K is.
1379 if (length > (png_uint_32)65535L)
1381 png_warning(png_ptr, "zTXt chunk too large to fit in memory");
1382 png_push_crc_skip(png_ptr, length);
1387 png_ptr->current_text = (png_charp)png_malloc(png_ptr, length + 1);
1388 png_ptr->current_text[length] = '\0';
1389 png_ptr->current_text_ptr = png_ptr->current_text;
1390 png_ptr->current_text_size = (png_size_t)length;
1391 png_ptr->current_text_left = (png_size_t)length;
1392 png_ptr->process_mode = PNG_READ_zTXt_MODE;
1396 png_push_read_zTXt(png_structp png_ptr, png_infop info_ptr)
1398 if (png_ptr->buffer_size && png_ptr->current_text_left)
1400 png_size_t text_size;
1402 if (png_ptr->buffer_size < (png_uint_32)png_ptr->current_text_left)
1403 text_size = png_ptr->buffer_size;
1406 text_size = png_ptr->current_text_left;
1408 png_crc_read(png_ptr, (png_bytep)png_ptr->current_text_ptr, text_size);
1409 png_ptr->current_text_left -= text_size;
1410 png_ptr->current_text_ptr += text_size;
1412 if (!(png_ptr->current_text_left))
1418 png_size_t text_size, key_size;
1420 if (png_ptr->buffer_size < 4)
1422 png_push_save_buffer(png_ptr);
1426 png_push_crc_finish(png_ptr);
1428 key = png_ptr->current_text;
1430 for (text = key; *text; text++)
1433 /* zTXt can't have zero text */
1434 if (text >= key + png_ptr->current_text_size)
1436 png_ptr->current_text = NULL;
1437 png_free(png_ptr, key);
1443 if (*text != PNG_TEXT_COMPRESSION_zTXt) /* Check compression byte */
1445 png_ptr->current_text = NULL;
1446 png_free(png_ptr, key);
1452 png_ptr->zstream.next_in = (png_bytep)text;
1453 png_ptr->zstream.avail_in = (uInt)(png_ptr->current_text_size -
1455 png_ptr->zstream.next_out = png_ptr->zbuf;
1456 png_ptr->zstream.avail_out = (uInt)png_ptr->zbuf_size;
1458 key_size = text - key;
1463 while (png_ptr->zstream.avail_in)
1465 ret = inflate(&png_ptr->zstream, Z_PARTIAL_FLUSH);
1466 if (ret != Z_OK && ret != Z_STREAM_END)
1468 inflateReset(&png_ptr->zstream);
1469 png_ptr->zstream.avail_in = 0;
1470 png_ptr->current_text = NULL;
1471 png_free(png_ptr, key);
1472 png_free(png_ptr, text);
1476 if (!(png_ptr->zstream.avail_out) || ret == Z_STREAM_END)
1480 text = (png_charp)png_malloc(png_ptr,
1482 - png_ptr->zstream.avail_out + key_size + 1));
1484 png_memcpy(text + key_size, png_ptr->zbuf,
1485 png_ptr->zbuf_size - png_ptr->zstream.avail_out);
1487 png_memcpy(text, key, key_size);
1489 text_size = key_size + png_ptr->zbuf_size -
1490 png_ptr->zstream.avail_out;
1492 *(text + text_size) = '\0';
1500 text = (png_charp)png_malloc(png_ptr, text_size +
1502 - png_ptr->zstream.avail_out + 1));
1504 png_memcpy(text, tmp, text_size);
1505 png_free(png_ptr, tmp);
1507 png_memcpy(text + text_size, png_ptr->zbuf,
1508 png_ptr->zbuf_size - png_ptr->zstream.avail_out);
1510 text_size += png_ptr->zbuf_size - png_ptr->zstream.avail_out;
1511 *(text + text_size) = '\0';
1514 if (ret != Z_STREAM_END)
1516 png_ptr->zstream.next_out = png_ptr->zbuf;
1517 png_ptr->zstream.avail_out = (uInt)png_ptr->zbuf_size;
1525 if (ret == Z_STREAM_END)
1529 inflateReset(&png_ptr->zstream);
1530 png_ptr->zstream.avail_in = 0;
1532 if (ret != Z_STREAM_END)
1534 png_ptr->current_text = NULL;
1535 png_free(png_ptr, key);
1536 png_free(png_ptr, text);
1540 png_ptr->current_text = NULL;
1541 png_free(png_ptr, key);
1545 text_ptr = (png_textp)png_malloc(png_ptr,
1546 png_sizeof(png_text));
1547 text_ptr->compression = PNG_TEXT_COMPRESSION_zTXt;
1548 text_ptr->key = key;
1549 text_ptr->itxt_length = 0;
1550 text_ptr->lang = NULL;
1551 text_ptr->lang_key = NULL;
1552 text_ptr->text = text;
1554 ret = png_set_text_2(png_ptr, info_ptr, text_ptr, 1);
1556 png_free(png_ptr, key);
1557 png_free(png_ptr, text_ptr);
1560 png_warning(png_ptr, "Insufficient memory to store text chunk");
1565 #ifdef PNG_READ_iTXt_SUPPORTED
1567 png_push_handle_iTXt(png_structp png_ptr, png_infop info_ptr, png_uint_32
1570 if (!(png_ptr->mode & PNG_HAVE_IHDR) || (png_ptr->mode & PNG_HAVE_IEND))
1572 PNG_UNUSED(info_ptr) /* To quiet some compiler warnings */
1573 png_error(png_ptr, "Out of place iTXt");
1577 #ifdef PNG_MAX_MALLOC_64K
1578 png_ptr->skip_length = 0; /* This may not be necessary */
1580 if (length > (png_uint_32)65535L) /* Can't hold entire string in memory */
1582 png_warning(png_ptr, "iTXt chunk too large to fit in memory");
1583 png_ptr->skip_length = length - (png_uint_32)65535L;
1584 length = (png_uint_32)65535L;
1588 png_ptr->current_text = (png_charp)png_malloc(png_ptr, length + 1);
1589 png_ptr->current_text[length] = '\0';
1590 png_ptr->current_text_ptr = png_ptr->current_text;
1591 png_ptr->current_text_size = (png_size_t)length;
1592 png_ptr->current_text_left = (png_size_t)length;
1593 png_ptr->process_mode = PNG_READ_iTXt_MODE;
1597 png_push_read_iTXt(png_structp png_ptr, png_infop info_ptr)
1600 if (png_ptr->buffer_size && png_ptr->current_text_left)
1602 png_size_t text_size;
1604 if (png_ptr->buffer_size < png_ptr->current_text_left)
1605 text_size = png_ptr->buffer_size;
1608 text_size = png_ptr->current_text_left;
1610 png_crc_read(png_ptr, (png_bytep)png_ptr->current_text_ptr, text_size);
1611 png_ptr->current_text_left -= text_size;
1612 png_ptr->current_text_ptr += text_size;
1615 if (!(png_ptr->current_text_left))
1625 if (png_ptr->buffer_size < 4)
1627 png_push_save_buffer(png_ptr);
1631 png_push_crc_finish(png_ptr);
1633 #ifdef PNG_MAX_MALLOC_64K
1634 if (png_ptr->skip_length)
1638 key = png_ptr->current_text;
1640 for (lang = key; *lang; lang++)
1643 if (lang < key + png_ptr->current_text_size - 3)
1646 comp_flag = *lang++;
1647 lang++; /* Skip comp_type, always zero */
1649 for (lang_key = lang; *lang_key; lang_key++)
1652 lang_key++; /* Skip NUL separator */
1656 if (lang_key < key + png_ptr->current_text_size - 1)
1658 for (; *text; text++)
1662 if (text < key + png_ptr->current_text_size)
1665 text_ptr = (png_textp)png_malloc(png_ptr,
1666 png_sizeof(png_text));
1668 text_ptr->compression = comp_flag + 2;
1669 text_ptr->key = key;
1670 text_ptr->lang = lang;
1671 text_ptr->lang_key = lang_key;
1672 text_ptr->text = text;
1673 text_ptr->text_length = 0;
1674 text_ptr->itxt_length = png_strlen(text);
1676 ret = png_set_text_2(png_ptr, info_ptr, text_ptr, 1);
1678 png_ptr->current_text = NULL;
1680 png_free(png_ptr, text_ptr);
1682 png_warning(png_ptr, "Insufficient memory to store iTXt chunk");
1687 /* This function is called when we haven't found a handler for this
1688 * chunk. If there isn't a problem with the chunk itself (ie a bad chunk
1689 * name or a critical chunk), the chunk is (currently) silently ignored.
1692 png_push_handle_unknown(png_structp png_ptr, png_infop info_ptr, png_uint_32
1695 png_uint_32 skip = 0;
1696 png_uint_32 chunk_name = png_ptr->chunk_name;
1698 if (PNG_CHUNK_CRITICAL(chunk_name))
1700 #ifdef PNG_READ_UNKNOWN_CHUNKS_SUPPORTED
1701 if (png_chunk_unknown_handling(png_ptr, chunk_name) !=
1702 PNG_HANDLE_CHUNK_ALWAYS
1703 #ifdef PNG_READ_USER_CHUNKS_SUPPORTED
1704 && png_ptr->read_user_chunk_fn == NULL
1708 png_chunk_error(png_ptr, "unknown critical chunk");
1710 PNG_UNUSED(info_ptr) /* To quiet some compiler warnings */
1713 #ifdef PNG_READ_UNKNOWN_CHUNKS_SUPPORTED
1714 /* TODO: the code below is apparently just using the
1715 * png_struct::unknown_chunk member as a temporarily variable, it should be
1716 * possible to eliminate both it and the temporary buffer.
1718 if (png_ptr->flags & PNG_FLAG_KEEP_UNKNOWN_CHUNKS)
1720 #ifdef PNG_MAX_MALLOC_64K
1723 png_warning(png_ptr, "unknown chunk too large to fit in memory");
1724 skip = length - 65535;
1728 /* This is just a record for the user; libpng doesn't use the character
1731 PNG_CSTRING_FROM_CHUNK(png_ptr->unknown_chunk.name, png_ptr->chunk_name);
1733 png_ptr->unknown_chunk.size = length;
1736 png_ptr->unknown_chunk.data = NULL;
1740 png_ptr->unknown_chunk.data = (png_bytep)png_malloc(png_ptr,
1741 png_ptr->unknown_chunk.size);
1742 png_crc_read(png_ptr, (png_bytep)png_ptr->unknown_chunk.data,
1743 png_ptr->unknown_chunk.size);
1746 #ifdef PNG_READ_USER_CHUNKS_SUPPORTED
1747 if (png_ptr->read_user_chunk_fn != NULL)
1749 /* Callback to user unknown chunk handler */
1751 ret = (*(png_ptr->read_user_chunk_fn))
1752 (png_ptr, &png_ptr->unknown_chunk);
1755 png_chunk_error(png_ptr, "error in user chunk");
1759 if (PNG_CHUNK_CRITICAL(png_ptr->chunk_name))
1760 if (png_chunk_unknown_handling(png_ptr, chunk_name) !=
1761 PNG_HANDLE_CHUNK_ALWAYS)
1762 png_chunk_error(png_ptr, "unknown critical chunk");
1763 png_set_unknown_chunks(png_ptr, info_ptr,
1764 &png_ptr->unknown_chunk, 1);
1770 png_set_unknown_chunks(png_ptr, info_ptr, &png_ptr->unknown_chunk, 1);
1771 png_free(png_ptr, png_ptr->unknown_chunk.data);
1772 png_ptr->unknown_chunk.data = NULL;
1778 png_push_crc_skip(png_ptr, skip);
1782 png_push_have_info(png_structp png_ptr, png_infop info_ptr)
1784 if (png_ptr->info_fn != NULL)
1785 (*(png_ptr->info_fn))(png_ptr, info_ptr);
1789 png_push_have_end(png_structp png_ptr, png_infop info_ptr)
1791 if (png_ptr->end_fn != NULL)
1792 (*(png_ptr->end_fn))(png_ptr, info_ptr);
1796 png_push_have_row(png_structp png_ptr, png_bytep row)
1798 if (png_ptr->row_fn != NULL)
1799 (*(png_ptr->row_fn))(png_ptr, row, png_ptr->row_number,
1800 (int)png_ptr->pass);
1803 #ifdef PNG_READ_INTERLACING_SUPPORTED
1805 png_progressive_combine_row (png_structp png_ptr, png_bytep old_row,
1806 png_const_bytep new_row)
1808 if (png_ptr == NULL)
1811 /* new_row is a flag here - if it is NULL then the app callback was called
1812 * from an empty row (see the calls to png_struct::row_fn below), otherwise
1813 * it must be png_ptr->row_buf+1
1815 if (new_row != NULL)
1816 png_combine_row(png_ptr, old_row, 1/*display*/);
1818 #endif /* PNG_READ_INTERLACING_SUPPORTED */
1821 png_set_progressive_read_fn(png_structp png_ptr, png_voidp progressive_ptr,
1822 png_progressive_info_ptr info_fn, png_progressive_row_ptr row_fn,
1823 png_progressive_end_ptr end_fn)
1825 if (png_ptr == NULL)
1828 png_ptr->info_fn = info_fn;
1829 png_ptr->row_fn = row_fn;
1830 png_ptr->end_fn = end_fn;
1832 png_set_read_fn(png_ptr, progressive_ptr, png_push_fill_buffer);
1836 png_get_progressive_ptr(png_const_structp png_ptr)
1838 if (png_ptr == NULL)
1841 return png_ptr->io_ptr;
1843 #endif /* PNG_PROGRESSIVE_READ_SUPPORTED */
projects / apitrace / blob