From 18ab7d09dd297a27b863a9ab28c84563fa57f146 Mon Sep 17 00:00:00 2001 From: Cosmin Truta Date: Sun, 15 Sep 2024 20:03:45 +0300 Subject: [PATCH 1/6] [libpng16] chore: Reorganize and update .gitignore Ignore the files and the directories that are typically produced by text editors, development tools, development environments, etc. This is a cherry-pick of commit 050aa7bb936c8889a41942b0b83f5db8582bce17 from branch 'libpng18'. --- .gitignore | 96 ++++++++++++++++++++++++++++++++++++++++++++++-------- 1 file changed, 82 insertions(+), 14 deletions(-) diff --git a/.gitignore b/.gitignore index 52e789d2b1..d00305acf2 100644 --- a/.gitignore +++ b/.gitignore @@ -31,6 +31,7 @@ # Compiled executables *.app/ *.exe +a.out # Debug files *.dSYM/ @@ -38,24 +39,95 @@ *.pdb *.su +# Tag files +TAGS +.TAGS +!TAGS/ +tags +.tags +!tags/ +gtags.files +GTAGS +GRTAGS +GPATH +GSYMS +cscope.files +cscope.out +cscope.*.out + +# Text editing and text processing artifacts +\#*\# +.\#* +[._]*.sw[a-p] +[._]sw[a-p] +*.bak +*.orig +*.rej +*.tmp +*~ + +# IDE files and directories +## Eclipse +.cproject/ +.project/ +.settings/ +## JetBrains +.idea/ +## NetBeans +nbbuild/ +nbdist/ +nbproject/ +## Visual Studio +.vs/ +### Visual Studio user files +*.rsuser +*.sln.docstates +*.suo +*.user +*.userosscache +*.userprefs +### Visual Studio cache files (for older versions) +*.aps +*.cachefile +*.ncb +*.opensdf +*.sdf +*.VC.db +*.VC.opendb +ipch/ +## Visual Studio Code +.vscode/* +!.vscode/extensions.json +!.vscode/launch.json +!.vscode/settings.json +!.vscode/tasks.json +## (Various) +[._]*_history +.history/ + +# Build, test and CI output directories +*[Dd]ebug/ +*[Rr]elease/ +*[Rr]eleases/ +[Ll]og/ +[Ll]ogs/ +[Oo]ut/ + # Libpng configuration and build artifacts *.out +*out.png .deps/ .dirstamp /Makefile /autom4te.cache/ -/config.guess~ -/config.h.in~ +/config*~ +/config.h /config.log /config.status -/config.sub~ -/configure~ -/install-sh~ -/libpng-config -/libpng.pc +/install*~ +/libpng*-config +/libpng*.pc /libpng.vers -/libpng16-config -/libpng16.pc /libtool /stamp-h1 pnglibconf.[ch] @@ -63,7 +135,7 @@ pnglibconf.dfn pnglibconf.pre pngprefix.h -# Libpng test artifacts +# Libpng test programs png-fix-itxt pngcp pngfix @@ -73,7 +145,3 @@ pngtest pngunknown pngvalid timepng -pngout.png - -# Libpng CI artifacts -out/ From cb08862674242d071c39045c43ac38ff1b3c5910 Mon Sep 17 00:00:00 2001 From: Cosmin Truta Date: Sun, 15 Sep 2024 22:33:31 +0300 Subject: [PATCH 2/6] [libpng16] chore: Set the `indent_size` fields in .editorconfig Also add an .editorconfig-checker.json file. We need to instruct the editorconfig-checker program to skip the checks for the indent size. (As of this commit time, editorconfig-checker is too rigid to recognize "smart indentations".) This is a cherry-pick of commit 67c99f75cf05b354f89c01c8fc15948300e84143 from branch 'libpng18'. Co-authored-by: John Bowler Signed-off-by: John Bowler Signed-off-by: Cosmin Truta --- .editorconfig | 16 ++++++++++++++-- .editorconfig-checker.json | 9 +++++++++ contrib/.editorconfig | 2 ++ contrib/pngexif/.editorconfig | 1 + contrib/visupng/.editorconfig | 3 ++- 5 files changed, 28 insertions(+), 3 deletions(-) create mode 100644 .editorconfig-checker.json diff --git a/.editorconfig b/.editorconfig index f49b2a3e47..3497949882 100644 --- a/.editorconfig +++ b/.editorconfig @@ -8,29 +8,41 @@ insert_final_newline = true trim_trailing_whitespace = true [*.txt] +indent_size = unset indent_style = space [*.[chS]] +indent_size = 3 indent_style = space max_doc_length = 80 max_line_length = 80 [*.dfa] +indent_size = 3 indent_style = space max_doc_length = 80 max_line_length = 80 -[*.{awk,cmake}] +[*.awk] +indent_size = 3 indent_style = space max_doc_length = 80 max_line_length = 100 -[*.{in,sh}] +[*.cmake] +indent_size = 2 +indent_style = space +max_doc_length = 80 +max_line_length = 100 + +[*.sh] +indent_size = 4 indent_style = space max_doc_length = 100 max_line_length = 100 [{Makefile.in,ltmain.sh}] +indent_size = unset indent_style = unset insert_final_newline = unset max_doc_length = unset diff --git a/.editorconfig-checker.json b/.editorconfig-checker.json new file mode 100644 index 0000000000..ef08e0801e --- /dev/null +++ b/.editorconfig-checker.json @@ -0,0 +1,9 @@ +{ + "Disable": { + "IndentSize": true + }, + "Exclude": [ + ".git/", + "out/" + ] +} diff --git a/contrib/.editorconfig b/contrib/.editorconfig index e1b551df73..8b1466b1d9 100644 --- a/contrib/.editorconfig +++ b/contrib/.editorconfig @@ -3,5 +3,7 @@ root = false [*.[ch]] +indent_size = unset +indent_style = unset max_doc_length = unset max_line_length = unset diff --git a/contrib/pngexif/.editorconfig b/contrib/pngexif/.editorconfig index ce8fbbfc1b..e00082696d 100644 --- a/contrib/pngexif/.editorconfig +++ b/contrib/pngexif/.editorconfig @@ -4,6 +4,7 @@ root = true [*] charset = utf-8 +indent_size = 4 indent_style = space insert_final_newline = true max_doc_length = 79 diff --git a/contrib/visupng/.editorconfig b/contrib/visupng/.editorconfig index d946b14461..d5bcb53121 100644 --- a/contrib/visupng/.editorconfig +++ b/contrib/visupng/.editorconfig @@ -5,7 +5,8 @@ root = true [*] charset = utf-8 end_of_line = unset -indent_style = unset +indent_size = 4 +indent_style = space insert_final_newline = true max_doc_length = 80 max_line_length = 100 From bcb312414161d339fa97fec4d8d14e483a1efc07 Mon Sep 17 00:00:00 2001 From: Cosmin Truta Date: Tue, 17 Sep 2024 16:00:48 +0300 Subject: [PATCH 3/6] [libpng16] ci: Update ci_lint.sh to recognize .editorconfig-checker.json As the editorconfig-checker program is transitioning from using the .ecrc config file to the .editorconfig-checker.json config file, the older program versions do not recognize the new config file name. Update ci_lint.sh to instruct editorconfig-checker to pick up its configuration from the new config file name, regardless of the program version. Also update ci_lint.sh to instruct yamllint to check all *.json files, including .editorconfig-checker.json. This is a cherry-pick of commit 77f88338a19a223cc678e1a6a04888a31c78dabf from branch 'libpng18'. --- ci/ci_lint.sh | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/ci/ci_lint.sh b/ci/ci_lint.sh index d1754715d2..163d955ded 100755 --- a/ci/ci_lint.sh +++ b/ci/ci_lint.sh @@ -80,7 +80,7 @@ function ci_lint_text_files { } ci_info "## LINTING: text files ##" ci_spawn "$CI_EDITORCONFIG_CHECKER" --version - ci_spawn "$CI_EDITORCONFIG_CHECKER" || { + ci_spawn "$CI_EDITORCONFIG_CHECKER" --config .editorconfig-checker.json || { # Linting failed. return 1 } @@ -93,7 +93,9 @@ function ci_lint_yaml_files { } ci_info "## LINTING: YAML files ##" ci_spawn "$CI_YAMLLINT" --version - find . \( -iname "*.yml" -o -iname "*.yaml" \) -not -path "./out/*" | { + # Considering that the YAML format is an extension of the JSON format, + # we can lint both the YAML files and the plain JSON files here. + find . \( -iname "*.yml" -o -iname "*.yaml" -o -iname "*.json" \) -not -path "./out/*" | { local my_file while IFS="" read -r my_file do From cd5e582fd6217fad4a2f5b1535089f328318335a Mon Sep 17 00:00:00 2001 From: Cosmin Truta Date: Thu, 19 Sep 2024 21:26:25 +0300 Subject: [PATCH 4/6] Revert "oss-fuzz: Transfer to an external repo and remove from this repo" This reverts commit b7276eca0182bb6ad174ef044bb5f6f0504451af. Although the brand new pngfuzz repo is coming up next, it turned out that the deletion of contrib/oss-fuzz/ from the 'libpng16' branch was premature. (Oopsie!) Signed-off-by: Cosmin Truta --- contrib/oss-fuzz/Dockerfile | 28 +++ contrib/oss-fuzz/README.txt | 40 ++++ contrib/oss-fuzz/build.sh | 47 ++++ contrib/oss-fuzz/libpng_read_fuzzer.cc | 224 ++++++++++++++++++++ contrib/oss-fuzz/libpng_read_fuzzer.options | 2 + contrib/oss-fuzz/png.dict | 39 ++++ 6 files changed, 380 insertions(+) create mode 100644 contrib/oss-fuzz/Dockerfile create mode 100644 contrib/oss-fuzz/README.txt create mode 100755 contrib/oss-fuzz/build.sh create mode 100644 contrib/oss-fuzz/libpng_read_fuzzer.cc create mode 100644 contrib/oss-fuzz/libpng_read_fuzzer.options create mode 100644 contrib/oss-fuzz/png.dict diff --git a/contrib/oss-fuzz/Dockerfile b/contrib/oss-fuzz/Dockerfile new file mode 100644 index 0000000000..c9bc4145e0 --- /dev/null +++ b/contrib/oss-fuzz/Dockerfile @@ -0,0 +1,28 @@ +# Copyright 2024 Cosmin Truta +# Copyright 2017 Glenn Randers-Pehrson +# Copyright 2016 Google Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +################################################################################ + +FROM gcr.io/oss-fuzz-base/base-builder + +RUN apt-get update && \ + apt-get install -y make autoconf automake libtool zlib1g-dev + +RUN git clone --depth=1 https://github.com/pnggroup/libpng.git && \ + git clone --depth=1 https://github.com/madler/zlib.git && \ + cp libpng/contrib/oss-fuzz/build.sh $SRC + +WORKDIR /home/libpng diff --git a/contrib/oss-fuzz/README.txt b/contrib/oss-fuzz/README.txt new file mode 100644 index 0000000000..b01af52acc --- /dev/null +++ b/contrib/oss-fuzz/README.txt @@ -0,0 +1,40 @@ +libpng additions to oss-fuzz +============================ + +Copyright (c) 2024 Cosmin Truta +Copyright (c) 2017 Glenn Randers-Pehrson + +This code is released under the libpng license. +For conditions of distribution and use, see the disclaimer +and license in png.h + +Files in this directory are used by the oss-fuzz project +(https://github.com/google/oss-fuzz/tree/master/projects/libpng). +for "fuzzing" libpng. + +They were licensed by Google Inc, using the BSD-like Chromium license, +which may be found at https://cs.chromium.org/chromium/src/LICENSE, or, if +noted in the source, under the Apache-2.0 license, which may +be found at http://www.apache.org/licenses/LICENSE-2.0 . +If they have been modified, the derivatives are copyright Glenn Randers-Pehrson +and are released under the same licenses as the originals. Several of +the original files (libpng_read_fuzzer.options, png.dict, project.yaml) +had no licensing information; we assumed that these were under the Chromium +license. Any new files are released under the libpng license (see png.h). + +The files are + Original + Filename or derived Copyright License + ========================= ========== ================ ========== + Dockerfile* derived 2017, Glenn R-P Apache 2.0 + build.sh derived 2017, Glenn R-P Apache 2.0 + libpng_read_fuzzer.cc derived 2017, Glenn R-P Chromium + libpng_read_fuzzer.options original 2015, Chrome Devs Chromium + png.dict original 2015, Chrome Devs Chromium + README.txt (this file) original 2017, Glenn R-P libpng + + * Dockerfile is a copy of the file used by oss-fuzz. build.sh, + png.dict and libpng_read_fuzzer.* are the actual files used by oss-fuzz, + which retrieves them from the libpng repository at Github. + +To do: exercise the progressive reader and the png encoder. diff --git a/contrib/oss-fuzz/build.sh b/contrib/oss-fuzz/build.sh new file mode 100755 index 0000000000..1970f9c06c --- /dev/null +++ b/contrib/oss-fuzz/build.sh @@ -0,0 +1,47 @@ +#!/usr/bin/env bash +set -eu + +# Copyright 2024 Cosmin Truta +# Copyright 2017 Glenn Randers-Pehrson +# Copyright 2016 Google Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +################################################################################ + +# Disable logging via library build configuration control. +sed -e "s/option STDIO/option STDIO disabled/" \ + -e "s/option WARNING /option WARNING disabled/" \ + -e "s/option WRITE enables WRITE_INT_FUNCTIONS/option WRITE disabled/" \ + scripts/pnglibconf.dfa >scripts/pnglibconf.dfa.tmp +mv -f scripts/pnglibconf.dfa.tmp scripts/pnglibconf.dfa + +# Build the libpng library ("libpng16.la"), excluding the auxiliary tools. +autoreconf -f -i +./configure --with-libpng-prefix=OSS_FUZZ_ +make -j$(nproc) clean +make -j$(nproc) libpng16.la + +# Build libpng_read_fuzzer. +$CXX $CXXFLAGS -std=c++11 -I. \ + $SRC/libpng/contrib/oss-fuzz/libpng_read_fuzzer.cc \ + -o $OUT/libpng_read_fuzzer \ + -lFuzzingEngine .libs/libpng16.a -lz + +# Add seed corpus. +find $SRC/libpng -name "*.png" | grep -v crashers | \ + xargs zip $OUT/libpng_read_fuzzer_seed_corpus.zip + +cp $SRC/libpng/contrib/oss-fuzz/*.dict \ + $SRC/libpng/contrib/oss-fuzz/*.options \ + $OUT/ diff --git a/contrib/oss-fuzz/libpng_read_fuzzer.cc b/contrib/oss-fuzz/libpng_read_fuzzer.cc new file mode 100644 index 0000000000..ad9f9adc6a --- /dev/null +++ b/contrib/oss-fuzz/libpng_read_fuzzer.cc @@ -0,0 +1,224 @@ + +// libpng_read_fuzzer.cc +// Copyright 2017-2018 Glenn Randers-Pehrson +// Copyright 2015 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that may +// be found in the LICENSE file https://cs.chromium.org/chromium/src/LICENSE + +// The modifications in 2017 by Glenn Randers-Pehrson include +// 1. addition of a PNG_CLEANUP macro, +// 2. setting the option to ignore ADLER32 checksums, +// 3. adding "#include " which is needed on some platforms +// to provide memcpy(). +// 4. adding read_end_info() and creating an end_info structure. +// 5. adding calls to png_set_*() transforms commonly used by browsers. + +#include +#include +#include +#include + +#include + +#define PNG_INTERNAL +#include "png.h" + +#define PNG_CLEANUP \ + if(png_handler.png_ptr) \ + { \ + if (png_handler.row_ptr) \ + png_free(png_handler.png_ptr, png_handler.row_ptr); \ + if (png_handler.end_info_ptr) \ + png_destroy_read_struct(&png_handler.png_ptr, &png_handler.info_ptr,\ + &png_handler.end_info_ptr); \ + else if (png_handler.info_ptr) \ + png_destroy_read_struct(&png_handler.png_ptr, &png_handler.info_ptr,\ + nullptr); \ + else \ + png_destroy_read_struct(&png_handler.png_ptr, nullptr, nullptr); \ + png_handler.png_ptr = nullptr; \ + png_handler.row_ptr = nullptr; \ + png_handler.info_ptr = nullptr; \ + png_handler.end_info_ptr = nullptr; \ + } + +struct BufState { + const uint8_t* data; + size_t bytes_left; +}; + +struct PngObjectHandler { + png_infop info_ptr = nullptr; + png_structp png_ptr = nullptr; + png_infop end_info_ptr = nullptr; + png_voidp row_ptr = nullptr; + BufState* buf_state = nullptr; + + ~PngObjectHandler() { + if (row_ptr) + png_free(png_ptr, row_ptr); + if (end_info_ptr) + png_destroy_read_struct(&png_ptr, &info_ptr, &end_info_ptr); + else if (info_ptr) + png_destroy_read_struct(&png_ptr, &info_ptr, nullptr); + else + png_destroy_read_struct(&png_ptr, nullptr, nullptr); + delete buf_state; + } +}; + +void user_read_data(png_structp png_ptr, png_bytep data, size_t length) { + BufState* buf_state = static_cast(png_get_io_ptr(png_ptr)); + if (length > buf_state->bytes_left) { + png_error(png_ptr, "read error"); + } + memcpy(data, buf_state->data, length); + buf_state->bytes_left -= length; + buf_state->data += length; +} + +void* limited_malloc(png_structp, png_alloc_size_t size) { + // libpng may allocate large amounts of memory that the fuzzer reports as + // an error. In order to silence these errors, make libpng fail when trying + // to allocate a large amount. This allocator used to be in the Chromium + // version of this fuzzer. + // This number is chosen to match the default png_user_chunk_malloc_max. + if (size > 8000000) + return nullptr; + + return malloc(size); +} + +void default_free(png_structp, png_voidp ptr) { + return free(ptr); +} + +static const int kPngHeaderSize = 8; + +// Entry point for LibFuzzer. +// Roughly follows the libpng book example: +// http://www.libpng.org/pub/png/book/chapter13.html +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { + if (size < kPngHeaderSize) { + return 0; + } + + std::vector v(data, data + size); + if (png_sig_cmp(v.data(), 0, kPngHeaderSize)) { + // not a PNG. + return 0; + } + + PngObjectHandler png_handler; + png_handler.png_ptr = nullptr; + png_handler.row_ptr = nullptr; + png_handler.info_ptr = nullptr; + png_handler.end_info_ptr = nullptr; + + png_handler.png_ptr = png_create_read_struct + (PNG_LIBPNG_VER_STRING, nullptr, nullptr, nullptr); + if (!png_handler.png_ptr) { + return 0; + } + + png_handler.info_ptr = png_create_info_struct(png_handler.png_ptr); + if (!png_handler.info_ptr) { + PNG_CLEANUP + return 0; + } + + png_handler.end_info_ptr = png_create_info_struct(png_handler.png_ptr); + if (!png_handler.end_info_ptr) { + PNG_CLEANUP + return 0; + } + + // Use a custom allocator that fails for large allocations to avoid OOM. + png_set_mem_fn(png_handler.png_ptr, nullptr, limited_malloc, default_free); + + png_set_crc_action(png_handler.png_ptr, PNG_CRC_QUIET_USE, PNG_CRC_QUIET_USE); +#ifdef PNG_IGNORE_ADLER32 + png_set_option(png_handler.png_ptr, PNG_IGNORE_ADLER32, PNG_OPTION_ON); +#endif + + // Setting up reading from buffer. + png_handler.buf_state = new BufState(); + png_handler.buf_state->data = data + kPngHeaderSize; + png_handler.buf_state->bytes_left = size - kPngHeaderSize; + png_set_read_fn(png_handler.png_ptr, png_handler.buf_state, user_read_data); + png_set_sig_bytes(png_handler.png_ptr, kPngHeaderSize); + + if (setjmp(png_jmpbuf(png_handler.png_ptr))) { + PNG_CLEANUP + return 0; + } + + // Reading. + png_read_info(png_handler.png_ptr, png_handler.info_ptr); + + // reset error handler to put png_deleter into scope. + if (setjmp(png_jmpbuf(png_handler.png_ptr))) { + PNG_CLEANUP + return 0; + } + + png_uint_32 width, height; + int bit_depth, color_type, interlace_type, compression_type; + int filter_type; + + if (!png_get_IHDR(png_handler.png_ptr, png_handler.info_ptr, &width, + &height, &bit_depth, &color_type, &interlace_type, + &compression_type, &filter_type)) { + PNG_CLEANUP + return 0; + } + + // This is going to be too slow. + if (width && height > 100000000 / width) { + PNG_CLEANUP + return 0; + } + + // Set several transforms that browsers typically use: + png_set_gray_to_rgb(png_handler.png_ptr); + png_set_expand(png_handler.png_ptr); + png_set_packing(png_handler.png_ptr); + png_set_scale_16(png_handler.png_ptr); + png_set_tRNS_to_alpha(png_handler.png_ptr); + + int passes = png_set_interlace_handling(png_handler.png_ptr); + + png_read_update_info(png_handler.png_ptr, png_handler.info_ptr); + + png_handler.row_ptr = png_malloc( + png_handler.png_ptr, png_get_rowbytes(png_handler.png_ptr, + png_handler.info_ptr)); + + for (int pass = 0; pass < passes; ++pass) { + for (png_uint_32 y = 0; y < height; ++y) { + png_read_row(png_handler.png_ptr, + static_cast(png_handler.row_ptr), nullptr); + } + } + + png_read_end(png_handler.png_ptr, png_handler.end_info_ptr); + + PNG_CLEANUP + +#ifdef PNG_SIMPLIFIED_READ_SUPPORTED + // Simplified READ API + png_image image; + memset(&image, 0, (sizeof image)); + image.version = PNG_IMAGE_VERSION; + + if (!png_image_begin_read_from_memory(&image, data, size)) { + return 0; + } + + image.format = PNG_FORMAT_RGBA; + std::vector buffer(PNG_IMAGE_SIZE(image)); + png_image_finish_read(&image, NULL, buffer.data(), 0, NULL); +#endif + + return 0; +} diff --git a/contrib/oss-fuzz/libpng_read_fuzzer.options b/contrib/oss-fuzz/libpng_read_fuzzer.options new file mode 100644 index 0000000000..2005291a0f --- /dev/null +++ b/contrib/oss-fuzz/libpng_read_fuzzer.options @@ -0,0 +1,2 @@ +[libfuzzer] +dict = png.dict diff --git a/contrib/oss-fuzz/png.dict b/contrib/oss-fuzz/png.dict new file mode 100644 index 0000000000..3a8a113830 --- /dev/null +++ b/contrib/oss-fuzz/png.dict @@ -0,0 +1,39 @@ +# +# AFL dictionary for PNG images +# ----------------------------- +# +# Just the basic, standard-originating sections; does not include vendor +# extensions. +# +# Created by Michal Zalewski +# + +header_png="\x89PNG\x0d\x0a\x1a\x0a" + +section_IDAT="IDAT" +section_IEND="IEND" +section_IHDR="IHDR" +section_PLTE="PLTE" +section_bKGD="bKGD" +section_cHRM="cHRM" +section_eXIf="eXIf" +section_fRAc="fRAc" +section_gAMA="gAMA" +section_gIFg="gIFg" +section_gIFt="gIFt" +section_gIFx="gIFx" +section_hIST="hIST" +section_iCCP="iCCP" +section_iTXt="iTXt" +section_oFFs="oFFs" +section_pCAL="pCAL" +section_pHYs="pHYs" +section_sBIT="sBIT" +section_sCAL="sCAL" +section_sPLT="sPLT" +section_sRGB="sRGB" +section_sTER="sTER" +section_tEXt="tEXt" +section_tIME="tIME" +section_tRNS="tRNS" +section_zTXt="zTXt" From 529e69e76a82af577cd2871db7da1ab3c7a0aaf7 Mon Sep 17 00:00:00 2001 From: Cosmin Truta Date: Thu, 19 Sep 2024 21:37:52 +0300 Subject: [PATCH 5/6] Revert "oss-fuzz: Update the README file, the Docker file and the build script" This reverts commit 3117b5f94a06aaf52a7365074e8199909680e52e. A regression was introduced. (Oopsie!) Signed-off-by: Cosmin Truta --- contrib/oss-fuzz/Dockerfile | 15 ++++++--------- contrib/oss-fuzz/README.txt | 4 ---- contrib/oss-fuzz/build.sh | 31 +++++++++++++++++-------------- 3 files changed, 23 insertions(+), 27 deletions(-) diff --git a/contrib/oss-fuzz/Dockerfile b/contrib/oss-fuzz/Dockerfile index c9bc4145e0..f5bc1a985d 100644 --- a/contrib/oss-fuzz/Dockerfile +++ b/contrib/oss-fuzz/Dockerfile @@ -1,5 +1,3 @@ -# Copyright 2024 Cosmin Truta -# Copyright 2017 Glenn Randers-Pehrson # Copyright 2016 Google Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -17,12 +15,11 @@ ################################################################################ FROM gcr.io/oss-fuzz-base/base-builder - +MAINTAINER glennrp@gmail.com RUN apt-get update && \ - apt-get install -y make autoconf automake libtool zlib1g-dev - -RUN git clone --depth=1 https://github.com/pnggroup/libpng.git && \ - git clone --depth=1 https://github.com/madler/zlib.git && \ - cp libpng/contrib/oss-fuzz/build.sh $SRC + apt-get install -y make autoconf automake libtool -WORKDIR /home/libpng +RUN git clone --depth 1 https://github.com/madler/zlib.git +RUN git clone --depth 1 https://github.com/glennrp/libpng.git +RUN cp libpng/contrib/oss-fuzz/build.sh $SRC +WORKDIR libpng diff --git a/contrib/oss-fuzz/README.txt b/contrib/oss-fuzz/README.txt index b01af52acc..66d5242c57 100644 --- a/contrib/oss-fuzz/README.txt +++ b/contrib/oss-fuzz/README.txt @@ -1,7 +1,3 @@ -libpng additions to oss-fuzz -============================ - -Copyright (c) 2024 Cosmin Truta Copyright (c) 2017 Glenn Randers-Pehrson This code is released under the libpng license. diff --git a/contrib/oss-fuzz/build.sh b/contrib/oss-fuzz/build.sh index 1970f9c06c..7b8f026397 100755 --- a/contrib/oss-fuzz/build.sh +++ b/contrib/oss-fuzz/build.sh @@ -1,8 +1,6 @@ -#!/usr/bin/env bash -set -eu +#!/bin/bash -eu -# Copyright 2024 Cosmin Truta -# Copyright 2017 Glenn Randers-Pehrson +# Copyright 2017-2018 Glenn Randers-Pehrson # Copyright 2016 Google Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -17,31 +15,36 @@ set -eu # See the License for the specific language governing permissions and # limitations under the License. # +# Revisions by Glenn Randers-Pehrson, 2017: +# 1. Build only the library, not the tools (changed "make -j$(nproc) all" to +# "make -j$(nproc) libpng16.la"). +# 2. Disabled WARNING and WRITE options in pnglibconf.dfa. +# 3. Build zlib alongside libpng ################################################################################ # Disable logging via library build configuration control. -sed -e "s/option STDIO/option STDIO disabled/" \ - -e "s/option WARNING /option WARNING disabled/" \ - -e "s/option WRITE enables WRITE_INT_FUNCTIONS/option WRITE disabled/" \ - scripts/pnglibconf.dfa >scripts/pnglibconf.dfa.tmp -mv -f scripts/pnglibconf.dfa.tmp scripts/pnglibconf.dfa +cat scripts/pnglibconf.dfa | \ + sed -e "s/option STDIO/option STDIO disabled/" \ + -e "s/option WARNING /option WARNING disabled/" \ + -e "s/option WRITE enables WRITE_INT_FUNCTIONS/option WRITE disabled/" \ +> scripts/pnglibconf.dfa.temp +mv scripts/pnglibconf.dfa.temp scripts/pnglibconf.dfa -# Build the libpng library ("libpng16.la"), excluding the auxiliary tools. +# build the libpng library. autoreconf -f -i ./configure --with-libpng-prefix=OSS_FUZZ_ make -j$(nproc) clean make -j$(nproc) libpng16.la -# Build libpng_read_fuzzer. +# build libpng_read_fuzzer. $CXX $CXXFLAGS -std=c++11 -I. \ $SRC/libpng/contrib/oss-fuzz/libpng_read_fuzzer.cc \ -o $OUT/libpng_read_fuzzer \ -lFuzzingEngine .libs/libpng16.a -lz -# Add seed corpus. +# add seed corpus. find $SRC/libpng -name "*.png" | grep -v crashers | \ xargs zip $OUT/libpng_read_fuzzer_seed_corpus.zip cp $SRC/libpng/contrib/oss-fuzz/*.dict \ - $SRC/libpng/contrib/oss-fuzz/*.options \ - $OUT/ + $SRC/libpng/contrib/oss-fuzz/*.options $OUT/ From b8a0a5401f5bf27180ae94e1479be8a13305cfea Mon Sep 17 00:00:00 2001 From: John Bowler Date: Sun, 15 Sep 2024 10:43:41 -0700 Subject: [PATCH 6/6] [libpng16] test: Fix "make check" in all branches beyond 'libpng16' This corrects the checks to that libpng 10800 does not turn on the enhanced transform checks in either pngvalid or pngstest. The correct fix is to change the 10700 code for comments which explain what aspect or aspects of the transforms are broken (ideally) or at least state that the transforms are broken. This is a cherry-pick of commit aec888ab80f5d2241b3515b60f0f9337108fb624 from branch 'libpng18'. Reviewed-by: Cosmin Truta Signed-off-by: John Bowler Signed-off-by: Cosmin Truta --- contrib/libtests/pngstest.c | 2 +- contrib/libtests/pngvalid.c | 52 ++++++++++++++++++------------------- 2 files changed, 27 insertions(+), 27 deletions(-) diff --git a/contrib/libtests/pngstest.c b/contrib/libtests/pngstest.c index 973e60f525..b4e9c5e6bb 100644 --- a/contrib/libtests/pngstest.c +++ b/contrib/libtests/pngstest.c @@ -3500,7 +3500,7 @@ main(int argc, char **argv) int retval = 0; int c; -#if PNG_LIBPNG_VER >= 10700 +#if PNG_LIBPNG_VER == 10700 /* This error should not exist in 1.7 or later: */ opts |= GBG_ERROR; #endif diff --git a/contrib/libtests/pngvalid.c b/contrib/libtests/pngvalid.c index 3d66154dd4..71b7b52784 100644 --- a/contrib/libtests/pngvalid.c +++ b/contrib/libtests/pngvalid.c @@ -2574,7 +2574,7 @@ modifier_init(png_modifier *pm) * in the rgb_to_gray check, replacing it with an exact copy of the libpng 1.5 * algorithm. */ -#define DIGITIZE PNG_LIBPNG_VER < 10700 +#define DIGITIZE PNG_LIBPNG_VER != 10700 /* If pm->calculations_use_input_precision is set then operations will happen * with the precision of the input, not the precision of the output depth. @@ -3986,7 +3986,7 @@ transform_row(png_const_structp pp, png_byte buffer[TRANSFORM_ROWMAX], # define check_interlace_type(type) ((void)(type)) # define set_write_interlace_handling(pp,type) png_set_interlace_handling(pp) # define do_own_interlace 0 -#elif PNG_LIBPNG_VER < 10700 +#elif PNG_LIBPNG_VER != 10700 # define set_write_interlace_handling(pp,type) (1) static void check_interlace_type(int const interlace_type) @@ -4014,7 +4014,7 @@ check_interlace_type(int const interlace_type) # define do_own_interlace 1 #endif /* WRITE_INTERLACING tests */ -#if PNG_LIBPNG_VER >= 10700 || defined PNG_WRITE_INTERLACING_SUPPORTED +#if PNG_LIBPNG_VER == 10700 || defined PNG_WRITE_INTERLACING_SUPPORTED # define CAN_WRITE_INTERLACE 1 #else # define CAN_WRITE_INTERLACE 0 @@ -4633,10 +4633,10 @@ static const struct { /* no warnings makes these errors undetectable prior to 1.7.0 */ { sBIT0_error_fn, "sBIT(0): failed to detect error", - PNG_LIBPNG_VER < 10700 }, + PNG_LIBPNG_VER != 10700 }, { sBIT_error_fn, "sBIT(too big): failed to detect error", - PNG_LIBPNG_VER < 10700 }, + PNG_LIBPNG_VER != 10700 }, }; static void @@ -6236,7 +6236,7 @@ image_pixel_add_alpha(image_pixel *this, const standard_display *display, { if (this->colour_type == PNG_COLOR_TYPE_GRAY) { -# if PNG_LIBPNG_VER < 10700 +# if PNG_LIBPNG_VER != 10700 if (!for_background && this->bit_depth < 8) this->bit_depth = this->sample_depth = 8; # endif @@ -6246,7 +6246,7 @@ image_pixel_add_alpha(image_pixel *this, const standard_display *display, /* After 1.7 the expansion of bit depth only happens if there is a * tRNS chunk to expand at this point. */ -# if PNG_LIBPNG_VER >= 10700 +# if PNG_LIBPNG_VER == 10700 if (!for_background && this->bit_depth < 8) this->bit_depth = this->sample_depth = 8; # endif @@ -7127,7 +7127,7 @@ image_transform_png_set_tRNS_to_alpha_mod(const image_transform *this, image_pixel *that, png_const_structp pp, const transform_display *display) { -#if PNG_LIBPNG_VER < 10700 +#if PNG_LIBPNG_VER != 10700 /* LIBPNG BUG: this always forces palette images to RGB. */ if (that->colour_type == PNG_COLOR_TYPE_PALETTE) image_pixel_convert_PLTE(that); @@ -7137,13 +7137,13 @@ image_transform_png_set_tRNS_to_alpha_mod(const image_transform *this, * convert to an alpha channel. */ if (that->have_tRNS) -# if PNG_LIBPNG_VER >= 10700 +# if PNG_LIBPNG_VER == 10700 if (that->colour_type != PNG_COLOR_TYPE_PALETTE && (that->colour_type & PNG_COLOR_MASK_ALPHA) == 0) # endif image_pixel_add_alpha(that, &display->this, 0/*!for background*/); -#if PNG_LIBPNG_VER < 10700 +#if PNG_LIBPNG_VER != 10700 /* LIBPNG BUG: otherwise libpng still expands to 8 bits! */ else { @@ -7172,7 +7172,7 @@ image_transform_png_set_tRNS_to_alpha_add(image_transform *this, * any action on a palette image. */ return -# if PNG_LIBPNG_VER >= 10700 +# if PNG_LIBPNG_VER == 10700 colour_type != PNG_COLOR_TYPE_PALETTE && # endif (colour_type & PNG_COLOR_MASK_ALPHA) == 0; @@ -7313,7 +7313,7 @@ image_transform_png_set_expand_gray_1_2_4_to_8_mod( const image_transform *this, image_pixel *that, png_const_structp pp, const transform_display *display) { -#if PNG_LIBPNG_VER < 10700 +#if PNG_LIBPNG_VER != 10700 image_transform_png_set_expand_mod(this, that, pp, display); #else /* Only expand grayscale of bit depth less than 8: */ @@ -7329,7 +7329,7 @@ static int image_transform_png_set_expand_gray_1_2_4_to_8_add(image_transform *this, const image_transform **that, png_byte colour_type, png_byte bit_depth) { -#if PNG_LIBPNG_VER < 10700 +#if PNG_LIBPNG_VER != 10700 return image_transform_png_set_expand_add(this, that, colour_type, bit_depth); #else @@ -7359,7 +7359,7 @@ image_transform_png_set_expand_16_set(const image_transform *this, png_set_expand_16(pp); /* NOTE: prior to 1.7 libpng does SET_EXPAND as well, so tRNS is expanded. */ -# if PNG_LIBPNG_VER < 10700 +# if PNG_LIBPNG_VER != 10700 if (that->this.has_tRNS) that->this.is_transparent = 1; # endif @@ -7412,7 +7412,7 @@ image_transform_png_set_scale_16_set(const image_transform *this, transform_display *that, png_structp pp, png_infop pi) { png_set_scale_16(pp); -# if PNG_LIBPNG_VER < 10700 +# if PNG_LIBPNG_VER != 10700 /* libpng will limit the gamma table size: */ that->max_gamma_8 = PNG_MAX_GAMMA_8; # endif @@ -7460,7 +7460,7 @@ image_transform_png_set_strip_16_set(const image_transform *this, transform_display *that, png_structp pp, png_infop pi) { png_set_strip_16(pp); -# if PNG_LIBPNG_VER < 10700 +# if PNG_LIBPNG_VER != 10700 /* libpng will limit the gamma table size: */ that->max_gamma_8 = PNG_MAX_GAMMA_8; # endif @@ -7647,7 +7647,7 @@ image_transform_png_set_rgb_to_gray_ini(const image_transform *this, else { /* The default (built in) coefficients, as above: */ -# if PNG_LIBPNG_VER < 10700 +# if PNG_LIBPNG_VER != 10700 data.red_coefficient = 6968 / 32768.; data.green_coefficient = 23434 / 32768.; data.blue_coefficient = 2366 / 32768.; @@ -7730,7 +7730,7 @@ image_transform_png_set_rgb_to_gray_ini(const image_transform *this, * conversion adds another +/-2 in the 16-bit case and * +/-(1<<(15-PNG_MAX_GAMMA_8)) in the 8-bit case. */ -# if PNG_LIBPNG_VER < 10700 +# if PNG_LIBPNG_VER != 10700 if (that->this.bit_depth < 16) that->max_gamma_8 = PNG_MAX_GAMMA_8; # endif @@ -7907,7 +7907,7 @@ image_transform_png_set_rgb_to_gray_mod(const image_transform *this, { double gray, err; -# if PNG_LIBPNG_VER < 10700 +# if PNG_LIBPNG_VER != 10700 if (that->colour_type == PNG_COLOR_TYPE_PALETTE) image_pixel_convert_PLTE(that); # endif @@ -8094,7 +8094,7 @@ image_transform_png_set_rgb_to_gray_mod(const image_transform *this, double b = that->bluef; double be = that->bluee; -# if PNG_LIBPNG_VER < 10700 +# if PNG_LIBPNG_VER != 10700 /* The true gray case involves no math in earlier versions (not * true, there was some if gamma correction was happening too.) */ @@ -9873,7 +9873,7 @@ gamma_component_validate(const char *name, const validate_info *vi, * lost. This can result in up to a +/-1 error in the presence of * an sbit less than the bit depth. */ -# if PNG_LIBPNG_VER < 10700 +# if PNG_LIBPNG_VER != 10700 # define SBIT_ERROR .5 # else # define SBIT_ERROR 1. @@ -10733,7 +10733,7 @@ static void perform_gamma_scale16_tests(png_modifier *pm) # ifndef PNG_MAX_GAMMA_8 # define PNG_MAX_GAMMA_8 11 # endif -# if defined PNG_MAX_GAMMA_8 || PNG_LIBPNG_VER < 10700 +# if defined PNG_MAX_GAMMA_8 || PNG_LIBPNG_VER != 10700 # define SBIT_16_TO_8 PNG_MAX_GAMMA_8 # else # define SBIT_16_TO_8 16 @@ -11736,7 +11736,7 @@ int main(int argc, char **argv) * code that 16-bit arithmetic is used for 8-bit samples when it would make a * difference. */ - pm.assume_16_bit_calculations = PNG_LIBPNG_VER >= 10700; + pm.assume_16_bit_calculations = PNG_LIBPNG_VER == 10700; /* Currently 16 bit expansion happens at the end of the pipeline, so the * calculations are done in the input bit depth not the output. @@ -11760,13 +11760,13 @@ int main(int argc, char **argv) pm.test_lbg_gamma_threshold = 1; pm.test_lbg_gamma_transform = PNG_LIBPNG_VER >= 10600; pm.test_lbg_gamma_sbit = 1; - pm.test_lbg_gamma_composition = PNG_LIBPNG_VER >= 10700; + pm.test_lbg_gamma_composition = PNG_LIBPNG_VER == 10700; /* And the test encodings */ pm.encodings = test_encodings; pm.nencodings = ARRAY_SIZE(test_encodings); -# if PNG_LIBPNG_VER < 10700 +# if PNG_LIBPNG_VER != 10700 pm.sbitlow = 8U; /* because libpng doesn't do sBIT below 8! */ # else pm.sbitlow = 1U; @@ -11796,7 +11796,7 @@ int main(int argc, char **argv) pm.maxout16 = .499; /* Error in *encoded* value */ pm.maxabs16 = .00005;/* 1/20000 */ pm.maxcalc16 =1./65535;/* +/-1 in 16 bits for compose errors */ -# if PNG_LIBPNG_VER < 10700 +# if PNG_LIBPNG_VER != 10700 pm.maxcalcG = 1./((1<