[libpng16] Initialize entire palette array to zero in png_handle_PLTE().
diff --git a/ANNOUNCE b/ANNOUNCE
index a845c5e..8c17a93 100644
--- a/ANNOUNCE
+++ b/ANNOUNCE
@@ -1,4 +1,4 @@
-Libpng 1.6.35beta01 - October 16, 2017
+Libpng 1.6.35beta01 - October 17, 2017
This is not intended to be a public release. It will be replaced
within a few weeks by a public version or by another test version.
@@ -24,12 +24,12 @@
Changes since the last public release (1.6.34):
-Version 1.6.35beta01 [October 16, 2017]
+Version 1.6.35beta01 [October 17, 2017]
Restored 21 of the contrib/pngsuite/i*.png, which do not cause test
failures. Placed the remainder in contrib/pngsuite/interlaced/i*.png.
Added calls to png_set_*() transforms commonly used by browsers to
the fuzzer.
- Do not enable tRNS having trans_color with out-of-range value.
+ Initialize entire palette array to zero in png_handle_PLTE().
Send comments/corrections/commendations to png-mng-implement at lists.sf.net
(subscription required; visit
diff --git a/CHANGES b/CHANGES
index 18c9846..f5528de 100644
--- a/CHANGES
+++ b/CHANGES
@@ -6040,12 +6040,12 @@
Version 1.6.34 [September 29, 2017]
Removed contrib/pngsuite/i*.png; some of caused test failures.
-Version 1.6.35beta01 [October 16, 2017]
+Version 1.6.35beta01 [October 17, 2017]
Restored 21 of the contrib/pngsuite/i*.png, which do not cause test
failures. Placed the remainder in contrib/pngsuite/interlaced/i*.png.
Added calls to png_set_*() transforms commonly used by browsers to
the fuzzer.
- Do not enable tRNS having trans_color with out-of-range value.
+ Initialize entire palette array to zero in png_handle_PLTE().
Send comments/corrections/commendations to png-mng-implement at lists.sf.net
(subscription required; visit
diff --git a/pngrutil.c b/pngrutil.c
index 8692933..966a4ff 100644
--- a/pngrutil.c
+++ b/pngrutil.c
@@ -1,7 +1,7 @@
/* pngrutil.c - utilities to read a PNG file
*
- * Last changed in libpng 1.6.33 [September 28, 2017]
+ * Last changed in libpng 1.6.35 [(PENDING RELEASE)]
* Copyright (c) 1998-2002,2004,2006-2017 Glenn Randers-Pehrson
* (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger)
* (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.)
@@ -912,7 +912,7 @@
void /* PRIVATE */
png_handle_PLTE(png_structrp png_ptr, png_inforp info_ptr, png_uint_32 length)
{
- png_color palette[PNG_MAX_PALETTE_LENGTH];
+ png_color palette[PNG_MAX_PALETTE_LENGTH] = {0};
int max_palette_length, num, i;
#ifdef PNG_POINTER_INDEXING_SUPPORTED
png_colorp pal_ptr;
diff --git a/pngset.c b/pngset.c
index 572ce3a..6f3a1ee 100644
--- a/pngset.c
+++ b/pngset.c
@@ -1,7 +1,7 @@
/* pngset.c - storage of image information into info struct
*
- * Last changed in libpng 1.6.35 [(PENDING RELEASE)]
+ * Last changed in libpng 1.6.32 [August 24, 2017]
* Copyright (c) 1998-2017 Glenn Randers-Pehrson
* (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger)
* (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.)
@@ -1025,6 +1025,7 @@
if (trans_color != NULL)
{
+#ifdef PNG_WARNINGS_SUPPORTED
if (info_ptr->bit_depth < 16)
{
int sample_max = (1 << info_ptr->bit_depth) - 1;
@@ -1038,6 +1039,7 @@
png_warning(png_ptr,
"tRNS chunk has out-of-range samples for bit_depth");
}
+#endif
info_ptr->trans_color = *trans_color;
