summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/stb_image.h214
-rw-r--r--src/stb_truetype.h4
2 files changed, 162 insertions, 56 deletions
diff --git a/src/stb_image.h b/src/stb_image.h
index 2857f05d..accef483 100644
--- a/src/stb_image.h
+++ b/src/stb_image.h
@@ -1,4 +1,4 @@
1/* stb_image - v2.25 - public domain image loader - http://nothings.org/stb 1/* stb_image - v2.26 - public domain image loader - http://nothings.org/stb
2 no warranty implied; use at your own risk 2 no warranty implied; use at your own risk
3 3
4 Do this: 4 Do this:
@@ -48,6 +48,7 @@ LICENSE
48 48
49RECENT REVISION HISTORY: 49RECENT REVISION HISTORY:
50 50
51 2.26 (2020-07-13) many minor fixes
51 2.25 (2020-02-02) fix warnings 52 2.25 (2020-02-02) fix warnings
52 2.24 (2020-02-02) fix warnings; thread-local failure_reason and flip_vertically 53 2.24 (2020-02-02) fix warnings; thread-local failure_reason and flip_vertically
53 2.23 (2019-08-11) fix clang static analysis warning 54 2.23 (2019-08-11) fix clang static analysis warning
@@ -93,22 +94,30 @@ RECENT REVISION HISTORY:
93 Carmelo J Fdez-Aguera 94 Carmelo J Fdez-Aguera
94 95
95 Bug & warning fixes 96 Bug & warning fixes
96 Marc LeBlanc David Woo Guillaume George Martins Mozeiko 97 Marc LeBlanc David Woo Guillaume George Martins Mozeiko
97 Christpher Lloyd Jerry Jansson Joseph Thomson Phil Jordan 98 Christpher Lloyd Jerry Jansson Joseph Thomson Blazej Dariusz Roszkowski
98 Dave Moore Roy Eltham Hayaki Saito Nathan Reed 99 Phil Jordan Dave Moore Roy Eltham
99 Won Chun Luke Graham Johan Duparc Nick Verigakis 100 Hayaki Saito Nathan Reed Won Chun
100 the Horde3D community Thomas Ruf Ronny Chevalier github:rlyeh 101 Luke Graham Johan Duparc Nick Verigakis the Horde3D community
101 Janez Zemva John Bartholomew Michal Cichon github:romigrou 102 Thomas Ruf Ronny Chevalier github:rlyeh
102 Jonathan Blow Ken Hamada Tero Hanninen github:svdijk 103 Janez Zemva John Bartholomew Michal Cichon github:romigrou
103 Laurent Gomila Cort Stratton Sergio Gonzalez github:snagar 104 Jonathan Blow Ken Hamada Tero Hanninen github:svdijk
104 Aruelien Pocheville Thibault Reuille Cass Everitt github:Zelex 105 Laurent Gomila Cort Stratton github:snagar
105 Ryamond Barbiero Paul Du Bois Engin Manap github:grim210 106 Aruelien Pocheville Sergio Gonzalez Thibault Reuille github:Zelex
106 Aldo Culquicondor Philipp Wiesemann Dale Weiler github:sammyhw 107 Cass Everitt Ryamond Barbiero github:grim210
107 Oriol Ferrer Mesia Josh Tobin Matthew Gregan github:phprus 108 Paul Du Bois Engin Manap Aldo Culquicondor github:sammyhw
108 Julian Raschke Gregory Mullen Baldur Karlsson github:poppolopoppo 109 Philipp Wiesemann Dale Weiler Oriol Ferrer Mesia github:phprus
109 Christian Floisand Kevin Schmidt JR Smith github:darealshinji 110 Josh Tobin Matthew Gregan github:poppolopoppo
110 Brad Weinberger Matvey Cherevko github:Michaelangel007 111 Julian Raschke Gregory Mullen Christian Floisand github:darealshinji
111 Blazej Dariusz Roszkowski Alexander Veselov 112 Baldur Karlsson Kevin Schmidt JR Smith github:Michaelangel007
113 Brad Weinberger Matvey Cherevko [reserved]
114 Luca Sas Alexander Veselov Zack Middleton [reserved]
115 Ryan C. Gordon [reserved] [reserved]
116 DO NOT ADD YOUR NAME HERE
117
118 To add your name to the credits, pick a random blank space in the middle and fill it.
119 80% of merge conflicts on stb PRs are due to people adding their name at the end
120 of the credits.
112*/ 121*/
113 122
114#ifndef STBI_INCLUDE_STB_IMAGE_H 123#ifndef STBI_INCLUDE_STB_IMAGE_H
@@ -318,7 +327,14 @@ RECENT REVISION HISTORY:
318// - If you use STBI_NO_PNG (or _ONLY_ without PNG), and you still 327// - If you use STBI_NO_PNG (or _ONLY_ without PNG), and you still
319// want the zlib decoder to be available, #define STBI_SUPPORT_ZLIB 328// want the zlib decoder to be available, #define STBI_SUPPORT_ZLIB
320// 329//
321 330// - If you define STBI_MAX_DIMENSIONS, stb_image will reject images greater
331// than that size (in either width or height) without further processing.
332// This is to let programs in the wild set an upper bound to prevent
333// denial-of-service attacks on untrusted data, as one could generate a
334// valid image of gigantic dimensions and force stb_image to allocate a
335// huge block of memory and spend disproportionate time decoding it. By
336// default this is set to (1 << 24), which is 16777216, but that's still
337// very big.
322 338
323#ifndef STBI_NO_STDIO 339#ifndef STBI_NO_STDIO
324#include <stdio.h> 340#include <stdio.h>
@@ -574,13 +590,19 @@ STBIDEF int stbi_zlib_decode_noheader_buffer(char *obuffer, int olen, const ch
574#ifndef STBI_NO_THREAD_LOCALS 590#ifndef STBI_NO_THREAD_LOCALS
575 #if defined(__cplusplus) && __cplusplus >= 201103L 591 #if defined(__cplusplus) && __cplusplus >= 201103L
576 #define STBI_THREAD_LOCAL thread_local 592 #define STBI_THREAD_LOCAL thread_local
577 #elif defined (__STDC_VERSION__) && __STDC_VERSION__ >= 201112L 593 #elif defined(__GNUC__) && __GNUC__ < 5
578 #define STBI_THREAD_LOCAL _Thread_local
579 #elif defined(__GNUC__)
580 #define STBI_THREAD_LOCAL __thread 594 #define STBI_THREAD_LOCAL __thread
581 #elif defined(_MSC_VER) 595 #elif defined(_MSC_VER)
582 #define STBI_THREAD_LOCAL __declspec(thread) 596 #define STBI_THREAD_LOCAL __declspec(thread)
583#endif 597 #elif defined (__STDC_VERSION__) && __STDC_VERSION__ >= 201112L && !defined(__STDC_NO_THREADS__)
598 #define STBI_THREAD_LOCAL _Thread_local
599 #endif
600
601 #ifndef STBI_THREAD_LOCAL
602 #if defined(__GNUC__)
603 #define STBI_THREAD_LOCAL __thread
604 #endif
605 #endif
584#endif 606#endif
585 607
586#ifdef _MSC_VER 608#ifdef _MSC_VER
@@ -734,6 +756,10 @@ static int stbi__sse2_available(void)
734#define STBI_SIMD_ALIGN(type, name) type name 756#define STBI_SIMD_ALIGN(type, name) type name
735#endif 757#endif
736 758
759#ifndef STBI_MAX_DIMENSIONS
760#define STBI_MAX_DIMENSIONS (1 << 24)
761#endif
762
737/////////////////////////////////////////////// 763///////////////////////////////////////////////
738// 764//
739// stbi__context struct and start_xxx functions 765// stbi__context struct and start_xxx functions
@@ -751,6 +777,7 @@ typedef struct
751 int read_from_callbacks; 777 int read_from_callbacks;
752 int buflen; 778 int buflen;
753 stbi_uc buffer_start[128]; 779 stbi_uc buffer_start[128];
780 int callback_already_read;
754 781
755 stbi_uc *img_buffer, *img_buffer_end; 782 stbi_uc *img_buffer, *img_buffer_end;
756 stbi_uc *img_buffer_original, *img_buffer_original_end; 783 stbi_uc *img_buffer_original, *img_buffer_original_end;
@@ -764,6 +791,7 @@ static void stbi__start_mem(stbi__context *s, stbi_uc const *buffer, int len)
764{ 791{
765 s->io.read = NULL; 792 s->io.read = NULL;
766 s->read_from_callbacks = 0; 793 s->read_from_callbacks = 0;
794 s->callback_already_read = 0;
767 s->img_buffer = s->img_buffer_original = (stbi_uc *) buffer; 795 s->img_buffer = s->img_buffer_original = (stbi_uc *) buffer;
768 s->img_buffer_end = s->img_buffer_original_end = (stbi_uc *) buffer+len; 796 s->img_buffer_end = s->img_buffer_original_end = (stbi_uc *) buffer+len;
769} 797}
@@ -775,7 +803,8 @@ static void stbi__start_callbacks(stbi__context *s, stbi_io_callbacks *c, void *
775 s->io_user_data = user; 803 s->io_user_data = user;
776 s->buflen = sizeof(s->buffer_start); 804 s->buflen = sizeof(s->buffer_start);
777 s->read_from_callbacks = 1; 805 s->read_from_callbacks = 1;
778 s->img_buffer_original = s->buffer_start; 806 s->callback_already_read = 0;
807 s->img_buffer = s->img_buffer_original = s->buffer_start;
779 stbi__refill_buffer(s); 808 stbi__refill_buffer(s);
780 s->img_buffer_original_end = s->img_buffer_end; 809 s->img_buffer_original_end = s->img_buffer_end;
781} 810}
@@ -789,12 +818,17 @@ static int stbi__stdio_read(void *user, char *data, int size)
789 818
790static void stbi__stdio_skip(void *user, int n) 819static void stbi__stdio_skip(void *user, int n)
791{ 820{
821 int ch;
792 fseek((FILE*) user, n, SEEK_CUR); 822 fseek((FILE*) user, n, SEEK_CUR);
823 ch = fgetc((FILE*) user); /* have to read a byte to reset feof()'s flag */
824 if (ch != EOF) {
825 ungetc(ch, (FILE *) user); /* push byte back onto stream if valid. */
826 }
793} 827}
794 828
795static int stbi__stdio_eof(void *user) 829static int stbi__stdio_eof(void *user)
796{ 830{
797 return feof((FILE*) user); 831 return feof((FILE*) user) || ferror((FILE *) user);
798} 832}
799 833
800static stbi_io_callbacks stbi__stdio_callbacks = 834static stbi_io_callbacks stbi__stdio_callbacks =
@@ -1171,8 +1205,10 @@ static unsigned char *stbi__load_and_postprocess_8bit(stbi__context *s, int *x,
1171 if (result == NULL) 1205 if (result == NULL)
1172 return NULL; 1206 return NULL;
1173 1207
1208 // it is the responsibility of the loaders to make sure we get either 8 or 16 bit.
1209 STBI_ASSERT(ri.bits_per_channel == 8 || ri.bits_per_channel == 16);
1210
1174 if (ri.bits_per_channel != 8) { 1211 if (ri.bits_per_channel != 8) {
1175 STBI_ASSERT(ri.bits_per_channel == 16);
1176 result = stbi__convert_16_to_8((stbi__uint16 *) result, *x, *y, req_comp == 0 ? *comp : req_comp); 1212 result = stbi__convert_16_to_8((stbi__uint16 *) result, *x, *y, req_comp == 0 ? *comp : req_comp);
1177 ri.bits_per_channel = 8; 1213 ri.bits_per_channel = 8;
1178 } 1214 }
@@ -1195,8 +1231,10 @@ static stbi__uint16 *stbi__load_and_postprocess_16bit(stbi__context *s, int *x,
1195 if (result == NULL) 1231 if (result == NULL)
1196 return NULL; 1232 return NULL;
1197 1233
1234 // it is the responsibility of the loaders to make sure we get either 8 or 16 bit.
1235 STBI_ASSERT(ri.bits_per_channel == 8 || ri.bits_per_channel == 16);
1236
1198 if (ri.bits_per_channel != 16) { 1237 if (ri.bits_per_channel != 16) {
1199 STBI_ASSERT(ri.bits_per_channel == 8);
1200 result = stbi__convert_8_to_16((stbi_uc *) result, *x, *y, req_comp == 0 ? *comp : req_comp); 1238 result = stbi__convert_8_to_16((stbi_uc *) result, *x, *y, req_comp == 0 ? *comp : req_comp);
1201 ri.bits_per_channel = 16; 1239 ri.bits_per_channel = 16;
1202 } 1240 }
@@ -1499,6 +1537,7 @@ enum
1499static void stbi__refill_buffer(stbi__context *s) 1537static void stbi__refill_buffer(stbi__context *s)
1500{ 1538{
1501 int n = (s->io.read)(s->io_user_data,(char*)s->buffer_start,s->buflen); 1539 int n = (s->io.read)(s->io_user_data,(char*)s->buffer_start,s->buflen);
1540 s->callback_already_read += (int) (s->img_buffer - s->img_buffer_original);
1502 if (n == 0) { 1541 if (n == 0) {
1503 // at end of file, treat same as if from memory, but need to handle case 1542 // at end of file, treat same as if from memory, but need to handle case
1504 // where s->img_buffer isn't pointing to safe memory, e.g. 0-byte file 1543 // where s->img_buffer isn't pointing to safe memory, e.g. 0-byte file
@@ -1544,6 +1583,7 @@ stbi_inline static int stbi__at_eof(stbi__context *s)
1544#else 1583#else
1545static void stbi__skip(stbi__context *s, int n) 1584static void stbi__skip(stbi__context *s, int n)
1546{ 1585{
1586 if (n == 0) return; // already there!
1547 if (n < 0) { 1587 if (n < 0) {
1548 s->img_buffer = s->img_buffer_end; 1588 s->img_buffer = s->img_buffer_end;
1549 return; 1589 return;
@@ -1686,7 +1726,7 @@ static unsigned char *stbi__convert_format(unsigned char *data, int img_n, int r
1686 STBI__CASE(4,1) { dest[0]=stbi__compute_y(src[0],src[1],src[2]); } break; 1726 STBI__CASE(4,1) { dest[0]=stbi__compute_y(src[0],src[1],src[2]); } break;
1687 STBI__CASE(4,2) { dest[0]=stbi__compute_y(src[0],src[1],src[2]); dest[1] = src[3]; } break; 1727 STBI__CASE(4,2) { dest[0]=stbi__compute_y(src[0],src[1],src[2]); dest[1] = src[3]; } break;
1688 STBI__CASE(4,3) { dest[0]=src[0];dest[1]=src[1];dest[2]=src[2]; } break; 1728 STBI__CASE(4,3) { dest[0]=src[0];dest[1]=src[1];dest[2]=src[2]; } break;
1689 default: STBI_ASSERT(0); 1729 default: STBI_ASSERT(0); STBI_FREE(data); STBI_FREE(good); return stbi__errpuc("unsupported", "Unsupported format conversion");
1690 } 1730 }
1691 #undef STBI__CASE 1731 #undef STBI__CASE
1692 } 1732 }
@@ -1743,7 +1783,7 @@ static stbi__uint16 *stbi__convert_format16(stbi__uint16 *data, int img_n, int r
1743 STBI__CASE(4,1) { dest[0]=stbi__compute_y_16(src[0],src[1],src[2]); } break; 1783 STBI__CASE(4,1) { dest[0]=stbi__compute_y_16(src[0],src[1],src[2]); } break;
1744 STBI__CASE(4,2) { dest[0]=stbi__compute_y_16(src[0],src[1],src[2]); dest[1] = src[3]; } break; 1784 STBI__CASE(4,2) { dest[0]=stbi__compute_y_16(src[0],src[1],src[2]); dest[1] = src[3]; } break;
1745 STBI__CASE(4,3) { dest[0]=src[0];dest[1]=src[1];dest[2]=src[2]; } break; 1785 STBI__CASE(4,3) { dest[0]=src[0];dest[1]=src[1];dest[2]=src[2]; } break;
1746 default: STBI_ASSERT(0); 1786 default: STBI_ASSERT(0); STBI_FREE(data); STBI_FREE(good); return (stbi__uint16*) stbi__errpuc("unsupported", "Unsupported format conversion");
1747 } 1787 }
1748 #undef STBI__CASE 1788 #undef STBI__CASE
1749 } 1789 }
@@ -2052,7 +2092,7 @@ stbi_inline static int stbi__extend_receive(stbi__jpeg *j, int n)
2052 2092
2053 sgn = (stbi__int32)j->code_buffer >> 31; // sign bit is always in MSB 2093 sgn = (stbi__int32)j->code_buffer >> 31; // sign bit is always in MSB
2054 k = stbi_lrot(j->code_buffer, n); 2094 k = stbi_lrot(j->code_buffer, n);
2055 STBI_ASSERT(n >= 0 && n < (int) (sizeof(stbi__bmask)/sizeof(*stbi__bmask))); 2095 if (n < 0 || n >= (int) (sizeof(stbi__bmask)/sizeof(*stbi__bmask))) return 0;
2056 j->code_buffer = k & ~stbi__bmask[n]; 2096 j->code_buffer = k & ~stbi__bmask[n];
2057 k &= stbi__bmask[n]; 2097 k &= stbi__bmask[n];
2058 j->code_bits -= n; 2098 j->code_bits -= n;
@@ -2163,6 +2203,7 @@ static int stbi__jpeg_decode_block_prog_dc(stbi__jpeg *j, short data[64], stbi__
2163 // first scan for DC coefficient, must be first 2203 // first scan for DC coefficient, must be first
2164 memset(data,0,64*sizeof(data[0])); // 0 all the ac values now 2204 memset(data,0,64*sizeof(data[0])); // 0 all the ac values now
2165 t = stbi__jpeg_huff_decode(j, hdc); 2205 t = stbi__jpeg_huff_decode(j, hdc);
2206 if (t == -1) return stbi__err("can't merge dc and ac", "Corrupt JPEG");
2166 diff = t ? stbi__extend_receive(j, t) : 0; 2207 diff = t ? stbi__extend_receive(j, t) : 0;
2167 2208
2168 dc = j->img_comp[b].dc_pred + diff; 2209 dc = j->img_comp[b].dc_pred + diff;
@@ -3153,6 +3194,8 @@ static int stbi__process_frame_header(stbi__jpeg *z, int scan)
3153 p = stbi__get8(s); if (p != 8) return stbi__err("only 8-bit","JPEG format not supported: 8-bit only"); // JPEG baseline 3194 p = stbi__get8(s); if (p != 8) return stbi__err("only 8-bit","JPEG format not supported: 8-bit only"); // JPEG baseline
3154 s->img_y = stbi__get16be(s); if (s->img_y == 0) return stbi__err("no header height", "JPEG format not supported: delayed height"); // Legal, but we don't handle it--but neither does IJG 3195 s->img_y = stbi__get16be(s); if (s->img_y == 0) return stbi__err("no header height", "JPEG format not supported: delayed height"); // Legal, but we don't handle it--but neither does IJG
3155 s->img_x = stbi__get16be(s); if (s->img_x == 0) return stbi__err("0 width","Corrupt JPEG"); // JPEG requires 3196 s->img_x = stbi__get16be(s); if (s->img_x == 0) return stbi__err("0 width","Corrupt JPEG"); // JPEG requires
3197 if (s->img_y > STBI_MAX_DIMENSIONS) return stbi__err("too large","Very large image (corrupt?)");
3198 if (s->img_x > STBI_MAX_DIMENSIONS) return stbi__err("too large","Very large image (corrupt?)");
3156 c = stbi__get8(s); 3199 c = stbi__get8(s);
3157 if (c != 3 && c != 1 && c != 4) return stbi__err("bad component count","Corrupt JPEG"); 3200 if (c != 3 && c != 1 && c != 4) return stbi__err("bad component count","Corrupt JPEG");
3158 s->img_n = c; 3201 s->img_n = c;
@@ -4033,16 +4076,23 @@ typedef struct
4033 stbi__zhuffman z_length, z_distance; 4076 stbi__zhuffman z_length, z_distance;
4034} stbi__zbuf; 4077} stbi__zbuf;
4035 4078
4079stbi_inline static int stbi__zeof(stbi__zbuf *z)
4080{
4081 return (z->zbuffer >= z->zbuffer_end);
4082}
4083
4036stbi_inline static stbi_uc stbi__zget8(stbi__zbuf *z) 4084stbi_inline static stbi_uc stbi__zget8(stbi__zbuf *z)
4037{ 4085{
4038 if (z->zbuffer >= z->zbuffer_end) return 0; 4086 return stbi__zeof(z) ? 0 : *z->zbuffer++;
4039 return *z->zbuffer++;
4040} 4087}
4041 4088
4042static void stbi__fill_bits(stbi__zbuf *z) 4089static void stbi__fill_bits(stbi__zbuf *z)
4043{ 4090{
4044 do { 4091 do {
4045 STBI_ASSERT(z->code_buffer < (1U << z->num_bits)); 4092 if (z->code_buffer >= (1U << z->num_bits)) {
4093 z->zbuffer = z->zbuffer_end; /* treat this as EOF so we fail. */
4094 return;
4095 }
4046 z->code_buffer |= (unsigned int) stbi__zget8(z) << z->num_bits; 4096 z->code_buffer |= (unsigned int) stbi__zget8(z) << z->num_bits;
4047 z->num_bits += 8; 4097 z->num_bits += 8;
4048 } while (z->num_bits <= 24); 4098 } while (z->num_bits <= 24);
@@ -4067,10 +4117,11 @@ static int stbi__zhuffman_decode_slowpath(stbi__zbuf *a, stbi__zhuffman *z)
4067 for (s=STBI__ZFAST_BITS+1; ; ++s) 4117 for (s=STBI__ZFAST_BITS+1; ; ++s)
4068 if (k < z->maxcode[s]) 4118 if (k < z->maxcode[s])
4069 break; 4119 break;
4070 if (s == 16) return -1; // invalid code! 4120 if (s >= 16) return -1; // invalid code!
4071 // code size is s, so: 4121 // code size is s, so:
4072 b = (k >> (16-s)) - z->firstcode[s] + z->firstsymbol[s]; 4122 b = (k >> (16-s)) - z->firstcode[s] + z->firstsymbol[s];
4073 STBI_ASSERT(z->size[b] == s); 4123 if (b >= sizeof (z->size)) return -1; // some data was corrupt somewhere!
4124 if (z->size[b] != s) return -1; // was originally an assert, but report failure instead.
4074 a->code_buffer >>= s; 4125 a->code_buffer >>= s;
4075 a->num_bits -= s; 4126 a->num_bits -= s;
4076 return z->value[b]; 4127 return z->value[b];
@@ -4079,7 +4130,12 @@ static int stbi__zhuffman_decode_slowpath(stbi__zbuf *a, stbi__zhuffman *z)
4079stbi_inline static int stbi__zhuffman_decode(stbi__zbuf *a, stbi__zhuffman *z) 4130stbi_inline static int stbi__zhuffman_decode(stbi__zbuf *a, stbi__zhuffman *z)
4080{ 4131{
4081 int b,s; 4132 int b,s;
4082 if (a->num_bits < 16) stbi__fill_bits(a); 4133 if (a->num_bits < 16) {
4134 if (stbi__zeof(a)) {
4135 return -1; /* report error for unexpected end of data. */
4136 }
4137 stbi__fill_bits(a);
4138 }
4083 b = z->fast[a->code_buffer & STBI__ZFAST_MASK]; 4139 b = z->fast[a->code_buffer & STBI__ZFAST_MASK];
4084 if (b) { 4140 if (b) {
4085 s = b >> 9; 4141 s = b >> 9;
@@ -4093,13 +4149,16 @@ stbi_inline static int stbi__zhuffman_decode(stbi__zbuf *a, stbi__zhuffman *z)
4093static int stbi__zexpand(stbi__zbuf *z, char *zout, int n) // need to make room for n bytes 4149static int stbi__zexpand(stbi__zbuf *z, char *zout, int n) // need to make room for n bytes
4094{ 4150{
4095 char *q; 4151 char *q;
4096 int cur, limit, old_limit; 4152 unsigned int cur, limit, old_limit;
4097 z->zout = zout; 4153 z->zout = zout;
4098 if (!z->z_expandable) return stbi__err("output buffer limit","Corrupt PNG"); 4154 if (!z->z_expandable) return stbi__err("output buffer limit","Corrupt PNG");
4099 cur = (int) (z->zout - z->zout_start); 4155 cur = (unsigned int) (z->zout - z->zout_start);
4100 limit = old_limit = (int) (z->zout_end - z->zout_start); 4156 limit = old_limit = (unsigned) (z->zout_end - z->zout_start);
4101 while (cur + n > limit) 4157 if (UINT_MAX - cur < (unsigned) n) return stbi__err("outofmem", "Out of memory");
4158 while (cur + n > limit) {
4159 if(limit > UINT_MAX / 2) return stbi__err("outofmem", "Out of memory");
4102 limit *= 2; 4160 limit *= 2;
4161 }
4103 q = (char *) STBI_REALLOC_SIZED(z->zout_start, old_limit, limit); 4162 q = (char *) STBI_REALLOC_SIZED(z->zout_start, old_limit, limit);
4104 STBI_NOTUSED(old_limit); 4163 STBI_NOTUSED(old_limit);
4105 if (q == NULL) return stbi__err("outofmem", "Out of memory"); 4164 if (q == NULL) return stbi__err("outofmem", "Out of memory");
@@ -4197,11 +4256,12 @@ static int stbi__compute_huffman_codes(stbi__zbuf *a)
4197 c = stbi__zreceive(a,2)+3; 4256 c = stbi__zreceive(a,2)+3;
4198 if (n == 0) return stbi__err("bad codelengths", "Corrupt PNG"); 4257 if (n == 0) return stbi__err("bad codelengths", "Corrupt PNG");
4199 fill = lencodes[n-1]; 4258 fill = lencodes[n-1];
4200 } else if (c == 17) 4259 } else if (c == 17) {
4201 c = stbi__zreceive(a,3)+3; 4260 c = stbi__zreceive(a,3)+3;
4202 else { 4261 } else if (c == 18) {
4203 STBI_ASSERT(c == 18);
4204 c = stbi__zreceive(a,7)+11; 4262 c = stbi__zreceive(a,7)+11;
4263 } else {
4264 return stbi__err("bad codelengths", "Corrupt PNG");
4205 } 4265 }
4206 if (ntot - n < c) return stbi__err("bad codelengths", "Corrupt PNG"); 4266 if (ntot - n < c) return stbi__err("bad codelengths", "Corrupt PNG");
4207 memset(lencodes+n, fill, c); 4267 memset(lencodes+n, fill, c);
@@ -4227,7 +4287,7 @@ static int stbi__parse_uncompressed_block(stbi__zbuf *a)
4227 a->code_buffer >>= 8; 4287 a->code_buffer >>= 8;
4228 a->num_bits -= 8; 4288 a->num_bits -= 8;
4229 } 4289 }
4230 STBI_ASSERT(a->num_bits == 0); 4290 if (a->num_bits < 0) return stbi__err("zlib corrupt","Corrupt PNG");
4231 // now fill header the normal way 4291 // now fill header the normal way
4232 while (k < 4) 4292 while (k < 4)
4233 header[k++] = stbi__zget8(a); 4293 header[k++] = stbi__zget8(a);
@@ -4249,6 +4309,7 @@ static int stbi__parse_zlib_header(stbi__zbuf *a)
4249 int cm = cmf & 15; 4309 int cm = cmf & 15;
4250 /* int cinfo = cmf >> 4; */ 4310 /* int cinfo = cmf >> 4; */
4251 int flg = stbi__zget8(a); 4311 int flg = stbi__zget8(a);
4312 if (stbi__zeof(a)) return stbi__err("bad zlib header","Corrupt PNG"); // zlib spec
4252 if ((cmf*256+flg) % 31 != 0) return stbi__err("bad zlib header","Corrupt PNG"); // zlib spec 4313 if ((cmf*256+flg) % 31 != 0) return stbi__err("bad zlib header","Corrupt PNG"); // zlib spec
4253 if (flg & 32) return stbi__err("no preset dict","Corrupt PNG"); // preset dictionary not allowed in png 4314 if (flg & 32) return stbi__err("no preset dict","Corrupt PNG"); // preset dictionary not allowed in png
4254 if (cm != 8) return stbi__err("bad compression","Corrupt PNG"); // DEFLATE required for png 4315 if (cm != 8) return stbi__err("bad compression","Corrupt PNG"); // DEFLATE required for png
@@ -4510,7 +4571,7 @@ static int stbi__create_png_image_raw(stbi__png *a, stbi_uc *raw, stbi__uint32 r
4510 return stbi__err("invalid filter","Corrupt PNG"); 4571 return stbi__err("invalid filter","Corrupt PNG");
4511 4572
4512 if (depth < 8) { 4573 if (depth < 8) {
4513 STBI_ASSERT(img_width_bytes <= x); 4574 if (img_width_bytes > x) return stbi__err("invalid width","Corrupt PNG");
4514 cur += x*out_n - img_width_bytes; // store output to the rightmost img_len bytes, so we can decode in place 4575 cur += x*out_n - img_width_bytes; // store output to the rightmost img_len bytes, so we can decode in place
4515 filter_bytes = 1; 4576 filter_bytes = 1;
4516 width = img_width_bytes; 4577 width = img_width_bytes;
@@ -4905,8 +4966,10 @@ static int stbi__parse_png_file(stbi__png *z, int scan, int req_comp)
4905 if (!first) return stbi__err("multiple IHDR","Corrupt PNG"); 4966 if (!first) return stbi__err("multiple IHDR","Corrupt PNG");
4906 first = 0; 4967 first = 0;
4907 if (c.length != 13) return stbi__err("bad IHDR len","Corrupt PNG"); 4968 if (c.length != 13) return stbi__err("bad IHDR len","Corrupt PNG");
4908 s->img_x = stbi__get32be(s); if (s->img_x > (1 << 24)) return stbi__err("too large","Very large image (corrupt?)"); 4969 s->img_x = stbi__get32be(s);
4909 s->img_y = stbi__get32be(s); if (s->img_y > (1 << 24)) return stbi__err("too large","Very large image (corrupt?)"); 4970 s->img_y = stbi__get32be(s);
4971 if (s->img_y > STBI_MAX_DIMENSIONS) return stbi__err("too large","Very large image (corrupt?)");
4972 if (s->img_x > STBI_MAX_DIMENSIONS) return stbi__err("too large","Very large image (corrupt?)");
4910 z->depth = stbi__get8(s); if (z->depth != 1 && z->depth != 2 && z->depth != 4 && z->depth != 8 && z->depth != 16) return stbi__err("1/2/4/8/16-bit only","PNG not supported: 1/2/4/8/16-bit only"); 4973 z->depth = stbi__get8(s); if (z->depth != 1 && z->depth != 2 && z->depth != 4 && z->depth != 8 && z->depth != 16) return stbi__err("1/2/4/8/16-bit only","PNG not supported: 1/2/4/8/16-bit only");
4911 color = stbi__get8(s); if (color > 6) return stbi__err("bad ctype","Corrupt PNG"); 4974 color = stbi__get8(s); if (color > 6) return stbi__err("bad ctype","Corrupt PNG");
4912 if (color == 3 && z->depth == 16) return stbi__err("bad ctype","Corrupt PNG"); 4975 if (color == 3 && z->depth == 16) return stbi__err("bad ctype","Corrupt PNG");
@@ -5055,10 +5118,12 @@ static void *stbi__do_png(stbi__png *p, int *x, int *y, int *n, int req_comp, st
5055 void *result=NULL; 5118 void *result=NULL;
5056 if (req_comp < 0 || req_comp > 4) return stbi__errpuc("bad req_comp", "Internal error"); 5119 if (req_comp < 0 || req_comp > 4) return stbi__errpuc("bad req_comp", "Internal error");
5057 if (stbi__parse_png_file(p, STBI__SCAN_load, req_comp)) { 5120 if (stbi__parse_png_file(p, STBI__SCAN_load, req_comp)) {
5058 if (p->depth < 8) 5121 if (p->depth <= 8)
5059 ri->bits_per_channel = 8; 5122 ri->bits_per_channel = 8;
5123 else if (p->depth == 16)
5124 ri->bits_per_channel = 16;
5060 else 5125 else
5061 ri->bits_per_channel = p->depth; 5126 return stbi__errpuc("bad bits_per_channel", "PNG not supported: unsupported color depth");
5062 result = p->out; 5127 result = p->out;
5063 p->out = NULL; 5128 p->out = NULL;
5064 if (req_comp && req_comp != p->s->img_out_n) { 5129 if (req_comp && req_comp != p->s->img_out_n) {
@@ -5219,6 +5284,8 @@ static void *stbi__bmp_parse_header(stbi__context *s, stbi__bmp_data *info)
5219 info->mr = info->mg = info->mb = info->ma = 0; 5284 info->mr = info->mg = info->mb = info->ma = 0;
5220 info->extra_read = 14; 5285 info->extra_read = 14;
5221 5286
5287 if (info->offset < 0) return stbi__errpuc("bad BMP", "bad BMP");
5288
5222 if (hsz != 12 && hsz != 40 && hsz != 56 && hsz != 108 && hsz != 124) return stbi__errpuc("unknown BMP", "BMP type not supported: unknown"); 5289 if (hsz != 12 && hsz != 40 && hsz != 56 && hsz != 108 && hsz != 124) return stbi__errpuc("unknown BMP", "BMP type not supported: unknown");
5223 if (hsz == 12) { 5290 if (hsz == 12) {
5224 s->img_x = stbi__get16le(s); 5291 s->img_x = stbi__get16le(s);
@@ -5310,6 +5377,9 @@ static void *stbi__bmp_load(stbi__context *s, int *x, int *y, int *comp, int req
5310 flip_vertically = ((int) s->img_y) > 0; 5377 flip_vertically = ((int) s->img_y) > 0;
5311 s->img_y = abs((int) s->img_y); 5378 s->img_y = abs((int) s->img_y);
5312 5379
5380 if (s->img_y > STBI_MAX_DIMENSIONS) return stbi__errpuc("too large","Very large image (corrupt?)");
5381 if (s->img_x > STBI_MAX_DIMENSIONS) return stbi__errpuc("too large","Very large image (corrupt?)");
5382
5313 mr = info.mr; 5383 mr = info.mr;
5314 mg = info.mg; 5384 mg = info.mg;
5315 mb = info.mb; 5385 mb = info.mb;
@@ -5324,7 +5394,10 @@ static void *stbi__bmp_load(stbi__context *s, int *x, int *y, int *comp, int req
5324 psize = (info.offset - info.extra_read - info.hsz) >> 2; 5394 psize = (info.offset - info.extra_read - info.hsz) >> 2;
5325 } 5395 }
5326 if (psize == 0) { 5396 if (psize == 0) {
5327 STBI_ASSERT(info.offset == (s->img_buffer - s->buffer_start)); 5397 STBI_ASSERT(info.offset == s->callback_already_read + (int) (s->img_buffer - s->img_buffer_original));
5398 if (info.offset != s->callback_already_read + (s->img_buffer - s->buffer_start)) {
5399 return stbi__errpuc("bad offset", "Corrupt BMP");
5400 }
5328 } 5401 }
5329 5402
5330 if (info.bpp == 24 && ma == 0xff000000) 5403 if (info.bpp == 24 && ma == 0xff000000)
@@ -5419,6 +5492,7 @@ static void *stbi__bmp_load(stbi__context *s, int *x, int *y, int *comp, int req
5419 gshift = stbi__high_bit(mg)-7; gcount = stbi__bitcount(mg); 5492 gshift = stbi__high_bit(mg)-7; gcount = stbi__bitcount(mg);
5420 bshift = stbi__high_bit(mb)-7; bcount = stbi__bitcount(mb); 5493 bshift = stbi__high_bit(mb)-7; bcount = stbi__bitcount(mb);
5421 ashift = stbi__high_bit(ma)-7; acount = stbi__bitcount(ma); 5494 ashift = stbi__high_bit(ma)-7; acount = stbi__bitcount(ma);
5495 if (rcount > 8 || gcount > 8 || bcount > 8 || acount > 8) { STBI_FREE(out); return stbi__errpuc("bad masks", "Corrupt BMP"); }
5422 } 5496 }
5423 for (j=0; j < (int) s->img_y; ++j) { 5497 for (j=0; j < (int) s->img_y; ++j) {
5424 if (easy) { 5498 if (easy) {
@@ -5643,6 +5717,9 @@ static void *stbi__tga_load(stbi__context *s, int *x, int *y, int *comp, int req
5643 STBI_NOTUSED(tga_x_origin); // @TODO 5717 STBI_NOTUSED(tga_x_origin); // @TODO
5644 STBI_NOTUSED(tga_y_origin); // @TODO 5718 STBI_NOTUSED(tga_y_origin); // @TODO
5645 5719
5720 if (tga_height > STBI_MAX_DIMENSIONS) return stbi__errpuc("too large","Very large image (corrupt?)");
5721 if (tga_width > STBI_MAX_DIMENSIONS) return stbi__errpuc("too large","Very large image (corrupt?)");
5722
5646 // do a tiny bit of precessing 5723 // do a tiny bit of precessing
5647 if ( tga_image_type >= 8 ) 5724 if ( tga_image_type >= 8 )
5648 { 5725 {
@@ -5682,6 +5759,11 @@ static void *stbi__tga_load(stbi__context *s, int *x, int *y, int *comp, int req
5682 // do I need to load a palette? 5759 // do I need to load a palette?
5683 if ( tga_indexed) 5760 if ( tga_indexed)
5684 { 5761 {
5762 if (tga_palette_len == 0) { /* you have to have at least one entry! */
5763 STBI_FREE(tga_data);
5764 return stbi__errpuc("bad palette", "Corrupt TGA");
5765 }
5766
5685 // any data to skip? (offset usually = 0) 5767 // any data to skip? (offset usually = 0)
5686 stbi__skip(s, tga_palette_start ); 5768 stbi__skip(s, tga_palette_start );
5687 // load the palette 5769 // load the palette
@@ -5890,6 +5972,9 @@ static void *stbi__psd_load(stbi__context *s, int *x, int *y, int *comp, int req
5890 h = stbi__get32be(s); 5972 h = stbi__get32be(s);
5891 w = stbi__get32be(s); 5973 w = stbi__get32be(s);
5892 5974
5975 if (h > STBI_MAX_DIMENSIONS) return stbi__errpuc("too large","Very large image (corrupt?)");
5976 if (w > STBI_MAX_DIMENSIONS) return stbi__errpuc("too large","Very large image (corrupt?)");
5977
5893 // Make sure the depth is 8 bits. 5978 // Make sure the depth is 8 bits.
5894 bitdepth = stbi__get16be(s); 5979 bitdepth = stbi__get16be(s);
5895 if (bitdepth != 8 && bitdepth != 16) 5980 if (bitdepth != 8 && bitdepth != 16)
@@ -6244,6 +6329,10 @@ static void *stbi__pic_load(stbi__context *s,int *px,int *py,int *comp,int req_c
6244 6329
6245 x = stbi__get16be(s); 6330 x = stbi__get16be(s);
6246 y = stbi__get16be(s); 6331 y = stbi__get16be(s);
6332
6333 if (y > STBI_MAX_DIMENSIONS) return stbi__errpuc("too large","Very large image (corrupt?)");
6334 if (x > STBI_MAX_DIMENSIONS) return stbi__errpuc("too large","Very large image (corrupt?)");
6335
6247 if (stbi__at_eof(s)) return stbi__errpuc("bad file","file too short (pic header)"); 6336 if (stbi__at_eof(s)) return stbi__errpuc("bad file","file too short (pic header)");
6248 if (!stbi__mad3sizes_valid(x, y, 4, 0)) return stbi__errpuc("too large", "PIC image too large to decode"); 6337 if (!stbi__mad3sizes_valid(x, y, 4, 0)) return stbi__errpuc("too large", "PIC image too large to decode");
6249 6338
@@ -6352,6 +6441,9 @@ static int stbi__gif_header(stbi__context *s, stbi__gif *g, int *comp, int is_in
6352 g->ratio = stbi__get8(s); 6441 g->ratio = stbi__get8(s);
6353 g->transparent = -1; 6442 g->transparent = -1;
6354 6443
6444 if (g->w > STBI_MAX_DIMENSIONS) return stbi__err("too large","Very large image (corrupt?)");
6445 if (g->h > STBI_MAX_DIMENSIONS) return stbi__err("too large","Very large image (corrupt?)");
6446
6355 if (comp != 0) *comp = 4; // can't actually tell whether it's 3 or 4 until we parse the comments 6447 if (comp != 0) *comp = 4; // can't actually tell whether it's 3 or 4 until we parse the comments
6356 6448
6357 if (is_info) return 1; 6449 if (is_info) return 1;
@@ -6529,7 +6621,7 @@ static stbi_uc *stbi__gif_load_next(stbi__context *s, stbi__gif *g, int *comp, i
6529 memset(g->history, 0x00, pcount); // pixels that were affected previous frame 6621 memset(g->history, 0x00, pcount); // pixels that were affected previous frame
6530 first_frame = 1; 6622 first_frame = 1;
6531 } else { 6623 } else {
6532 // second frame - how do we dispoase of the previous one? 6624 // second frame - how do we dispose of the previous one?
6533 dispose = (g->eflags & 0x1C) >> 2; 6625 dispose = (g->eflags & 0x1C) >> 2;
6534 pcount = g->w * g->h; 6626 pcount = g->w * g->h;
6535 6627
@@ -6683,6 +6775,8 @@ static void *stbi__load_gif_main(stbi__context *s, int **delays, int *x, int *y,
6683 stbi_uc *two_back = 0; 6775 stbi_uc *two_back = 0;
6684 stbi__gif g; 6776 stbi__gif g;
6685 int stride; 6777 int stride;
6778 int out_size = 0;
6779 int delays_size = 0;
6686 memset(&g, 0, sizeof(g)); 6780 memset(&g, 0, sizeof(g));
6687 if (delays) { 6781 if (delays) {
6688 *delays = 0; 6782 *delays = 0;
@@ -6699,22 +6793,28 @@ static void *stbi__load_gif_main(stbi__context *s, int **delays, int *x, int *y,
6699 stride = g.w * g.h * 4; 6793 stride = g.w * g.h * 4;
6700 6794
6701 if (out) { 6795 if (out) {
6702 void *tmp = (stbi_uc*) STBI_REALLOC( out, layers * stride ); 6796 void *tmp = (stbi_uc*) STBI_REALLOC_SIZED( out, out_size, layers * stride );
6703 if (NULL == tmp) { 6797 if (NULL == tmp) {
6704 STBI_FREE(g.out); 6798 STBI_FREE(g.out);
6705 STBI_FREE(g.history); 6799 STBI_FREE(g.history);
6706 STBI_FREE(g.background); 6800 STBI_FREE(g.background);
6707 return stbi__errpuc("outofmem", "Out of memory"); 6801 return stbi__errpuc("outofmem", "Out of memory");
6708 } 6802 }
6709 else 6803 else {
6710 out = (stbi_uc*) tmp; 6804 out = (stbi_uc*) tmp;
6805 out_size = layers * stride;
6806 }
6807
6711 if (delays) { 6808 if (delays) {
6712 *delays = (int*) STBI_REALLOC( *delays, sizeof(int) * layers ); 6809 *delays = (int*) STBI_REALLOC_SIZED( *delays, delays_size, sizeof(int) * layers );
6810 delays_size = layers * sizeof(int);
6713 } 6811 }
6714 } else { 6812 } else {
6715 out = (stbi_uc*)stbi__malloc( layers * stride ); 6813 out = (stbi_uc*)stbi__malloc( layers * stride );
6814 out_size = layers * stride;
6716 if (delays) { 6815 if (delays) {
6717 *delays = (int*) stbi__malloc( layers * sizeof(int) ); 6816 *delays = (int*) stbi__malloc( layers * sizeof(int) );
6817 delays_size = layers * sizeof(int);
6718 } 6818 }
6719 } 6819 }
6720 memcpy( out + ((layers - 1) * stride), u, stride ); 6820 memcpy( out + ((layers - 1) * stride), u, stride );
@@ -6893,6 +6993,9 @@ static float *stbi__hdr_load(stbi__context *s, int *x, int *y, int *comp, int re
6893 token += 3; 6993 token += 3;
6894 width = (int) strtol(token, NULL, 10); 6994 width = (int) strtol(token, NULL, 10);
6895 6995
6996 if (height > STBI_MAX_DIMENSIONS) return stbi__errpf("too large","Very large image (corrupt?)");
6997 if (width > STBI_MAX_DIMENSIONS) return stbi__errpf("too large","Very large image (corrupt?)");
6998
6896 *x = width; 6999 *x = width;
6897 *y = height; 7000 *y = height;
6898 7001
@@ -7207,6 +7310,9 @@ static void *stbi__pnm_load(stbi__context *s, int *x, int *y, int *comp, int req
7207 if (!stbi__pnm_info(s, (int *)&s->img_x, (int *)&s->img_y, (int *)&s->img_n)) 7310 if (!stbi__pnm_info(s, (int *)&s->img_x, (int *)&s->img_y, (int *)&s->img_n))
7208 return 0; 7311 return 0;
7209 7312
7313 if (s->img_y > STBI_MAX_DIMENSIONS) return stbi__errpuc("too large","Very large image (corrupt?)");
7314 if (s->img_x > STBI_MAX_DIMENSIONS) return stbi__errpuc("too large","Very large image (corrupt?)");
7315
7210 *x = s->img_x; 7316 *x = s->img_x;
7211 *y = s->img_y; 7317 *y = s->img_y;
7212 if (comp) *comp = s->img_n; 7318 if (comp) *comp = s->img_n;
diff --git a/src/stb_truetype.h b/src/stb_truetype.h
index 935a6de2..62595a15 100644
--- a/src/stb_truetype.h
+++ b/src/stb_truetype.h
@@ -53,8 +53,8 @@
53// Johan Duparc Thomas Fields 53// Johan Duparc Thomas Fields
54// Hou Qiming Derek Vinyard 54// Hou Qiming Derek Vinyard
55// Rob Loach Cort Stratton 55// Rob Loach Cort Stratton
56// Kenney Phillis Jr. Brian Costabile 56// Kenney Phillis Jr. Brian Costabile
57// Ken Voskuil (kaesve) 57// Ken Voskuil (kaesve)
58// 58//
59// VERSION HISTORY 59// VERSION HISTORY
60// 60//
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-01 23:22:25 +0000