yyc12345/stb
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

stb_image: Relax raw_len validation for non-interlaced PNGs.

Browse Source 
We used to require exact match between img_len and raw_len for
non-interlaced PNGs, but the PNG in issue #276 has extra bytes
(all zeros) at the end of the compressed DEFLATE stream.

The PNG spec doesn't have anything to say about it (that I
can tell), and if libpng accepts this, who are we to judge.

Fixes issue #276.
This commit is contained in:
Fabian Giesen 2017-07-21 21:55:37 -07:00
parent 423298e071
commit 0674660451
1 changed files with 4 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
stb_image.h
View File

@ -4297,11 +4297,10 @@ static int stbi__create_png_image_raw(stbi__png *a, stbi_uc *raw, stbi__uint32 r
img_width_bytes = (((img_n * x * depth) + 7) >> 3);
img_len = (img_width_bytes + 1) * y;
if (s->img_x == x && s->img_y == y) {
if (raw_len != img_len) return stbi__err("not enough pixels","Corrupt PNG");
} else { // interlaced:
// we used to check for exact match between raw_len and img_len on non-interlaced PNGs,
// but issue #276 reported a PNG in the wild that had extra data at the end (all zeros),
// so just check for raw_len < img_len always.
if (raw_len < img_len) return stbi__err("not enough pixels","Corrupt PNG");
}
for (j=0; j < y; ++j) {
stbi_uc *cur = a->out + stride*j;