gosu 0.15.2 → 1.0.0.pre1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (234) hide show
  1. checksums.yaml +4 -4
  2. data/dependencies/SDL/include/SDL.h +138 -0
  3. data/dependencies/SDL/include/SDL_assert.h +293 -0
  4. data/dependencies/SDL/include/SDL_atomic.h +295 -0
  5. data/dependencies/SDL/include/SDL_audio.h +859 -0
  6. data/dependencies/SDL/include/SDL_bits.h +121 -0
  7. data/dependencies/SDL/include/SDL_blendmode.h +123 -0
  8. data/dependencies/SDL/include/SDL_clipboard.h +71 -0
  9. data/dependencies/SDL/include/SDL_config.h +55 -0
  10. data/dependencies/SDL/include/SDL_config_android.h +182 -0
  11. data/dependencies/SDL/include/SDL_config_iphoneos.h +207 -0
  12. data/dependencies/SDL/include/SDL_config_macosx.h +266 -0
  13. data/dependencies/SDL/include/SDL_config_minimal.h +85 -0
  14. data/dependencies/SDL/include/SDL_config_os2.h +188 -0
  15. data/dependencies/SDL/include/SDL_config_pandora.h +135 -0
  16. data/dependencies/SDL/include/SDL_config_psp.h +165 -0
  17. data/dependencies/SDL/include/SDL_config_windows.h +288 -0
  18. data/dependencies/SDL/include/SDL_config_winrt.h +243 -0
  19. data/dependencies/SDL/include/SDL_config_wiz.h +149 -0
  20. data/dependencies/SDL/include/SDL_copying.h +20 -0
  21. data/dependencies/SDL/include/SDL_cpuinfo.h +299 -0
  22. data/dependencies/SDL/include/SDL_egl.h +1676 -0
  23. data/dependencies/SDL/include/SDL_endian.h +263 -0
  24. data/dependencies/SDL/include/SDL_error.h +112 -0
  25. data/dependencies/SDL/include/SDL_events.h +827 -0
  26. data/dependencies/SDL/include/SDL_filesystem.h +136 -0
  27. data/dependencies/SDL/include/SDL_gamecontroller.h +541 -0
  28. data/dependencies/SDL/include/SDL_gesture.h +87 -0
  29. data/dependencies/SDL/include/SDL_haptic.h +1247 -0
  30. data/dependencies/SDL/include/SDL_hints.h +1578 -0
  31. data/dependencies/SDL/include/SDL_joystick.h +499 -0
  32. data/dependencies/SDL/include/SDL_keyboard.h +217 -0
  33. data/dependencies/SDL/include/SDL_keycode.h +351 -0
  34. data/dependencies/SDL/include/SDL_loadso.h +81 -0
  35. data/dependencies/SDL/include/SDL_locale.h +101 -0
  36. data/dependencies/SDL/include/SDL_log.h +211 -0
  37. data/dependencies/SDL/include/SDL_main.h +180 -0
  38. data/dependencies/SDL/include/SDL_messagebox.h +146 -0
  39. data/dependencies/SDL/include/SDL_metal.h +117 -0
  40. data/dependencies/SDL/include/SDL_misc.h +75 -0
  41. data/dependencies/SDL/include/SDL_mouse.h +302 -0
  42. data/dependencies/SDL/include/SDL_mutex.h +251 -0
  43. data/dependencies/SDL/include/SDL_name.h +33 -0
  44. data/dependencies/SDL/include/SDL_opengl.h +2183 -0
  45. data/dependencies/SDL/include/SDL_opengl_glext.h +11180 -0
  46. data/dependencies/SDL/include/SDL_opengles.h +39 -0
  47. data/dependencies/SDL/include/SDL_opengles2.h +52 -0
  48. data/dependencies/SDL/include/SDL_opengles2_gl2.h +621 -0
  49. data/dependencies/SDL/include/SDL_opengles2_gl2ext.h +2050 -0
  50. data/dependencies/SDL/include/SDL_opengles2_gl2platform.h +30 -0
  51. data/dependencies/SDL/include/SDL_opengles2_khrplatform.h +282 -0
  52. data/dependencies/SDL/include/SDL_pixels.h +479 -0
  53. data/dependencies/SDL/include/SDL_platform.h +198 -0
  54. data/dependencies/SDL/include/SDL_power.h +75 -0
  55. data/dependencies/SDL/include/SDL_quit.h +58 -0
  56. data/dependencies/SDL/include/SDL_rect.h +174 -0
  57. data/dependencies/SDL/include/SDL_render.h +1158 -0
  58. data/dependencies/SDL/include/SDL_revision.h +2 -0
  59. data/dependencies/SDL/include/SDL_rwops.h +283 -0
  60. data/dependencies/SDL/include/SDL_scancode.h +413 -0
  61. data/dependencies/SDL/include/SDL_sensor.h +267 -0
  62. data/dependencies/SDL/include/SDL_shape.h +144 -0
  63. data/dependencies/SDL/include/SDL_stdinc.h +647 -0
  64. data/dependencies/SDL/include/SDL_surface.h +563 -0
  65. data/dependencies/SDL/include/SDL_system.h +325 -0
  66. data/dependencies/SDL/include/SDL_syswm.h +354 -0
  67. data/dependencies/SDL/include/SDL_test.h +69 -0
  68. data/dependencies/SDL/include/SDL_test_assert.h +105 -0
  69. data/dependencies/SDL/include/SDL_test_common.h +218 -0
  70. data/dependencies/SDL/include/SDL_test_compare.h +69 -0
  71. data/dependencies/SDL/include/SDL_test_crc32.h +124 -0
  72. data/dependencies/SDL/include/SDL_test_font.h +81 -0
  73. data/dependencies/SDL/include/SDL_test_fuzzer.h +384 -0
  74. data/dependencies/SDL/include/SDL_test_harness.h +134 -0
  75. data/dependencies/SDL/include/SDL_test_images.h +78 -0
  76. data/dependencies/SDL/include/SDL_test_log.h +67 -0
  77. data/dependencies/SDL/include/SDL_test_md5.h +129 -0
  78. data/dependencies/SDL/include/SDL_test_memory.h +63 -0
  79. data/dependencies/SDL/include/SDL_test_random.h +115 -0
  80. data/dependencies/SDL/include/SDL_thread.h +366 -0
  81. data/dependencies/SDL/include/SDL_timer.h +115 -0
  82. data/dependencies/SDL/include/SDL_touch.h +102 -0
  83. data/dependencies/SDL/include/SDL_types.h +29 -0
  84. data/dependencies/SDL/include/SDL_version.h +162 -0
  85. data/dependencies/SDL/include/SDL_video.h +1282 -0
  86. data/dependencies/SDL/include/SDL_vulkan.h +276 -0
  87. data/dependencies/SDL/include/begin_code.h +166 -0
  88. data/dependencies/SDL/include/close_code.h +40 -0
  89. data/dependencies/SDL/lib/x64/libSDL2.dll.a +0 -0
  90. data/dependencies/SDL/lib/x86/libSDL2.dll.a +0 -0
  91. data/dependencies/SDL_sound/SDL_sound.c +795 -0
  92. data/dependencies/SDL_sound/SDL_sound.h +725 -0
  93. data/dependencies/SDL_sound/SDL_sound_aiff.c +537 -0
  94. data/dependencies/SDL_sound/SDL_sound_au.c +352 -0
  95. data/dependencies/SDL_sound/SDL_sound_coreaudio.c +747 -0
  96. data/dependencies/SDL_sound/SDL_sound_flac.c +182 -0
  97. data/dependencies/SDL_sound/SDL_sound_internal.h +304 -0
  98. data/dependencies/SDL_sound/SDL_sound_modplug.c +228 -0
  99. data/dependencies/SDL_sound/SDL_sound_mp3.c +184 -0
  100. data/dependencies/SDL_sound/SDL_sound_raw.c +164 -0
  101. data/dependencies/SDL_sound/SDL_sound_shn.c +1309 -0
  102. data/dependencies/SDL_sound/SDL_sound_voc.c +550 -0
  103. data/dependencies/SDL_sound/SDL_sound_vorbis.c +223 -0
  104. data/dependencies/SDL_sound/SDL_sound_wav.c +783 -0
  105. data/dependencies/SDL_sound/dr_flac.h +5906 -0
  106. data/dependencies/SDL_sound/dr_mp3.h +2832 -0
  107. data/dependencies/SDL_sound/libmodplug/fastmix.c +1748 -0
  108. data/dependencies/SDL_sound/libmodplug/libmodplug.h +1001 -0
  109. data/dependencies/SDL_sound/libmodplug/load_669.c +188 -0
  110. data/dependencies/SDL_sound/libmodplug/load_abc.c +4725 -0
  111. data/dependencies/SDL_sound/libmodplug/load_amf.c +403 -0
  112. data/dependencies/SDL_sound/libmodplug/load_ams.c +587 -0
  113. data/dependencies/SDL_sound/libmodplug/load_dbm.c +357 -0
  114. data/dependencies/SDL_sound/libmodplug/load_dmf.c +531 -0
  115. data/dependencies/SDL_sound/libmodplug/load_dsm.c +232 -0
  116. data/dependencies/SDL_sound/libmodplug/load_far.c +253 -0
  117. data/dependencies/SDL_sound/libmodplug/load_it.c +796 -0
  118. data/dependencies/SDL_sound/libmodplug/load_mdl.c +488 -0
  119. data/dependencies/SDL_sound/libmodplug/load_med.c +757 -0
  120. data/dependencies/SDL_sound/libmodplug/load_mid.c +1405 -0
  121. data/dependencies/SDL_sound/libmodplug/load_mod.c +269 -0
  122. data/dependencies/SDL_sound/libmodplug/load_mt2.c +546 -0
  123. data/dependencies/SDL_sound/libmodplug/load_mtm.c +142 -0
  124. data/dependencies/SDL_sound/libmodplug/load_okt.c +192 -0
  125. data/dependencies/SDL_sound/libmodplug/load_pat.c +1143 -0
  126. data/dependencies/SDL_sound/libmodplug/load_pat.h +25 -0
  127. data/dependencies/SDL_sound/libmodplug/load_psm.c +350 -0
  128. data/dependencies/SDL_sound/libmodplug/load_ptm.c +204 -0
  129. data/dependencies/SDL_sound/libmodplug/load_s3m.c +325 -0
  130. data/dependencies/SDL_sound/libmodplug/load_stm.c +180 -0
  131. data/dependencies/SDL_sound/libmodplug/load_ult.c +206 -0
  132. data/dependencies/SDL_sound/libmodplug/load_umx.c +51 -0
  133. data/dependencies/SDL_sound/libmodplug/load_xm.c +554 -0
  134. data/dependencies/SDL_sound/libmodplug/mmcmp.c +382 -0
  135. data/dependencies/SDL_sound/libmodplug/modplug.c +170 -0
  136. data/dependencies/SDL_sound/libmodplug/modplug.h +90 -0
  137. data/dependencies/SDL_sound/libmodplug/snd_dsp.c +301 -0
  138. data/dependencies/SDL_sound/libmodplug/snd_flt.c +63 -0
  139. data/dependencies/SDL_sound/libmodplug/snd_fx.c +2350 -0
  140. data/dependencies/SDL_sound/libmodplug/sndfile.c +1169 -0
  141. data/dependencies/SDL_sound/libmodplug/sndmix.c +1034 -0
  142. data/dependencies/SDL_sound/libmodplug/tables.h +371 -0
  143. data/{src/stb_vorbis.c → dependencies/SDL_sound/stb_vorbis.h} +143 -78
  144. data/dependencies/al_soft/AL/al.h +655 -0
  145. data/dependencies/al_soft/AL/alc.h +270 -0
  146. data/dependencies/al_soft/AL/alext.h +585 -0
  147. data/dependencies/al_soft/AL/efx-creative.h +3 -0
  148. data/dependencies/al_soft/AL/efx-presets.h +402 -0
  149. data/dependencies/al_soft/AL/efx.h +762 -0
  150. data/dependencies/al_soft/x64/libOpenAL32.dll.a +0 -0
  151. data/dependencies/al_soft/x86/libOpenAL32.dll.a +0 -0
  152. data/{src → dependencies/stb}/stb_image.h +330 -127
  153. data/{src → dependencies/stb}/stb_image_write.h +156 -85
  154. data/{src → dependencies/stb}/stb_truetype.h +192 -69
  155. data/{src → dependencies/utf8proc}/utf8proc.c +0 -0
  156. data/{src → dependencies/utf8proc}/utf8proc.h +0 -0
  157. data/{src → dependencies/utf8proc}/utf8proc_data.h +0 -0
  158. data/ext/gosu/extconf.rb +56 -22
  159. data/{Gosu → include/Gosu}/Audio.hpp +6 -8
  160. data/{Gosu → include/Gosu}/AutoLink.hpp +0 -0
  161. data/include/Gosu/Bitmap.hpp +100 -0
  162. data/{Gosu → include/Gosu}/Buttons.hpp +94 -35
  163. data/{Gosu → include/Gosu}/Channel.h +0 -0
  164. data/{Gosu → include/Gosu}/Color.h +0 -0
  165. data/{Gosu → include/Gosu}/Color.hpp +0 -0
  166. data/{Gosu → include/Gosu}/Directories.hpp +0 -0
  167. data/{Gosu → include/Gosu}/Font.h +0 -0
  168. data/{Gosu → include/Gosu}/Font.hpp +0 -0
  169. data/{Gosu → include/Gosu}/Fwd.hpp +0 -0
  170. data/{Gosu → include/Gosu}/Gosu.h +3 -0
  171. data/{Gosu → include/Gosu}/Gosu.hpp +0 -0
  172. data/{Gosu → include/Gosu}/Graphics.hpp +0 -0
  173. data/{Gosu → include/Gosu}/GraphicsBase.hpp +0 -0
  174. data/{Gosu → include/Gosu}/IO.hpp +0 -0
  175. data/{Gosu → include/Gosu}/Image.h +0 -0
  176. data/{Gosu → include/Gosu}/Image.hpp +7 -6
  177. data/{Gosu → include/Gosu}/ImageData.hpp +0 -0
  178. data/{Gosu → include/Gosu}/Input.hpp +30 -15
  179. data/{Gosu → include/Gosu}/Inspection.hpp +0 -0
  180. data/{Gosu → include/Gosu}/Math.hpp +0 -0
  181. data/{Gosu → include/Gosu}/Platform.hpp +0 -0
  182. data/{Gosu → include/Gosu}/Sample.h +0 -0
  183. data/{Gosu → include/Gosu}/Song.h +0 -0
  184. data/{Gosu → include/Gosu}/Text.hpp +0 -0
  185. data/{Gosu → include/Gosu}/TextInput.h +0 -0
  186. data/{Gosu → include/Gosu}/TextInput.hpp +0 -0
  187. data/{Gosu → include/Gosu}/Timing.hpp +0 -0
  188. data/{Gosu → include/Gosu}/Utility.hpp +1 -1
  189. data/{Gosu → include/Gosu}/Version.hpp +0 -0
  190. data/{Gosu → include/Gosu}/Window.h +2 -0
  191. data/{Gosu → include/Gosu}/Window.hpp +21 -13
  192. data/lib/OpenAL32.dll +0 -0
  193. data/lib/SDL2.dll +0 -0
  194. data/lib/gosu.rb +0 -3
  195. data/lib/gosu/patches.rb +0 -9
  196. data/lib/gosu/swig_patches.rb +3 -2
  197. data/lib/libmpg123.dll +0 -0
  198. data/lib/libsndfile.dll +0 -0
  199. data/lib64/OpenAL32.dll +0 -0
  200. data/lib64/SDL2.dll +0 -0
  201. data/lib64/libmpg123.dll +0 -0
  202. data/lib64/libsndfile.dll +0 -0
  203. data/rdoc/gosu.rb +95 -20
  204. data/src/Audio.cpp +50 -224
  205. data/src/AudioFile.hpp +17 -37
  206. data/src/AudioFileAudioToolbox.cpp +237 -0
  207. data/src/AudioFileSDLSound.cpp +147 -0
  208. data/src/AudioImpl.cpp +3 -12
  209. data/src/AudioImpl.hpp +3 -1
  210. data/src/Bitmap.cpp +85 -83
  211. data/src/BitmapIO.cpp +52 -58
  212. data/src/Constants.cpp +80 -33
  213. data/src/Font.cpp +3 -1
  214. data/src/GosuWrapper.cpp +19 -0
  215. data/src/Graphics.cpp +7 -4
  216. data/src/Image.cpp +13 -16
  217. data/src/Input.cpp +408 -159
  218. data/src/LargeImageData.cpp +1 -1
  219. data/src/MarkupParser.cpp +2 -1
  220. data/src/RubyGosu.cxx +349 -83
  221. data/src/RubyGosu.h +4 -2
  222. data/src/TexChunk.cpp +1 -1
  223. data/src/TextBuilder.cpp +3 -1
  224. data/src/Texture.cpp +1 -1
  225. data/src/TrueTypeFont.cpp +1 -1
  226. data/src/Utility.cpp +11 -7
  227. data/src/Window.cpp +30 -39
  228. data/src/WindowWrapper.cpp +28 -0
  229. metadata +207 -52
  230. data/Gosu/Bitmap.hpp +0 -113
  231. data/src/AudioToolboxFile.hpp +0 -210
  232. data/src/OggFile.hpp +0 -92
  233. data/src/SndFile.hpp +0 -174
  234. data/src/WinMain.cpp +0 -64
@@ -1,4 +1,4 @@
1
- /* stb_image - v2.23 - public domain image loader - http://nothings.org/stb
1
+ /* stb_image - v2.26 - public domain image loader - http://nothings.org/stb
2
2
  no warranty implied; use at your own risk
3
3
 
4
4
  Do this:
@@ -48,10 +48,13 @@ LICENSE
48
48
 
49
49
  RECENT REVISION HISTORY:
50
50
 
51
+ 2.26 (2020-07-13) many minor fixes
52
+ 2.25 (2020-02-02) fix warnings
53
+ 2.24 (2020-02-02) fix warnings; thread-local failure_reason and flip_vertically
51
54
  2.23 (2019-08-11) fix clang static analysis warning
52
55
  2.22 (2019-03-04) gif fixes, fix warnings
53
56
  2.21 (2019-02-25) fix typo in comment
54
- 2.20 (2019-02-07) support utf8 filenames in Windows; fix warnings and platform ifdefs
57
+ 2.20 (2019-02-07) support utf8 filenames in Windows; fix warnings and platform ifdefs
55
58
  2.19 (2018-02-11) fix warning
56
59
  2.18 (2018-01-30) fix warnings
57
60
  2.17 (2018-01-29) bugfix, 1-bit BMP, 16-bitness query, fix warnings
@@ -91,21 +94,30 @@ RECENT REVISION HISTORY:
91
94
  Carmelo J Fdez-Aguera
92
95
 
93
96
  Bug & warning fixes
94
- Marc LeBlanc David Woo Guillaume George Martins Mozeiko
95
- Christpher Lloyd Jerry Jansson Joseph Thomson Phil Jordan
96
- Dave Moore Roy Eltham Hayaki Saito Nathan Reed
97
- Won Chun Luke Graham Johan Duparc Nick Verigakis
98
- the Horde3D community Thomas Ruf Ronny Chevalier github:rlyeh
99
- Janez Zemva John Bartholomew Michal Cichon github:romigrou
100
- Jonathan Blow Ken Hamada Tero Hanninen github:svdijk
101
- Laurent Gomila Cort Stratton Sergio Gonzalez github:snagar
102
- Aruelien Pocheville Thibault Reuille Cass Everitt github:Zelex
103
- Ryamond Barbiero Paul Du Bois Engin Manap github:grim210
104
- Aldo Culquicondor Philipp Wiesemann Dale Weiler github:sammyhw
105
- Oriol Ferrer Mesia Josh Tobin Matthew Gregan github:phprus
106
- Julian Raschke Gregory Mullen Baldur Karlsson github:poppolopoppo
107
- Christian Floisand Kevin Schmidt JR Smith github:darealshinji
108
- Blazej Dariusz Roszkowski github:Michaelangel007
97
+ Marc LeBlanc David Woo Guillaume George Martins Mozeiko
98
+ Christpher Lloyd Jerry Jansson Joseph Thomson Blazej Dariusz Roszkowski
99
+ Phil Jordan Dave Moore Roy Eltham
100
+ Hayaki Saito Nathan Reed Won Chun
101
+ Luke Graham Johan Duparc Nick Verigakis the Horde3D community
102
+ Thomas Ruf Ronny Chevalier github:rlyeh
103
+ Janez Zemva John Bartholomew Michal Cichon github:romigrou
104
+ Jonathan Blow Ken Hamada Tero Hanninen github:svdijk
105
+ Laurent Gomila Cort Stratton github:snagar
106
+ Aruelien Pocheville Sergio Gonzalez Thibault Reuille github:Zelex
107
+ Cass Everitt Ryamond Barbiero github:grim210
108
+ Paul Du Bois Engin Manap Aldo Culquicondor github:sammyhw
109
+ Philipp Wiesemann Dale Weiler Oriol Ferrer Mesia github:phprus
110
+ Josh Tobin Matthew Gregan github:poppolopoppo
111
+ Julian Raschke Gregory Mullen Christian Floisand github:darealshinji
112
+ Baldur Karlsson Kevin Schmidt JR Smith github:Michaelangel007
113
+ Brad Weinberger Matvey Cherevko [reserved]
114
+ Luca Sas Alexander Veselov Zack Middleton [reserved]
115
+ Ryan C. Gordon [reserved] [reserved]
116
+ DO NOT ADD YOUR NAME HERE
117
+
118
+ To add your name to the credits, pick a random blank space in the middle and fill it.
119
+ 80% of merge conflicts on stb PRs are due to people adding their name at the end
120
+ of the credits.
109
121
  */
110
122
 
111
123
  #ifndef STBI_INCLUDE_STB_IMAGE_H
@@ -315,7 +327,14 @@ RECENT REVISION HISTORY:
315
327
  // - If you use STBI_NO_PNG (or _ONLY_ without PNG), and you still
316
328
  // want the zlib decoder to be available, #define STBI_SUPPORT_ZLIB
317
329
  //
318
-
330
+ // - If you define STBI_MAX_DIMENSIONS, stb_image will reject images greater
331
+ // than that size (in either width or height) without further processing.
332
+ // This is to let programs in the wild set an upper bound to prevent
333
+ // denial-of-service attacks on untrusted data, as one could generate a
334
+ // valid image of gigantic dimensions and force stb_image to allocate a
335
+ // huge block of memory and spend disproportionate time decoding it. By
336
+ // default this is set to (1 << 24), which is 16777216, but that's still
337
+ // very big.
319
338
 
320
339
  #ifndef STBI_NO_STDIO
321
340
  #include <stdio.h>
@@ -434,7 +453,7 @@ STBIDEF int stbi_is_hdr_from_file(FILE *f);
434
453
 
435
454
 
436
455
  // get a VERY brief reason for failure
437
- // NOT THREADSAFE
456
+ // on most compilers (and ALL modern mainstream compilers) this is threadsafe
438
457
  STBIDEF const char *stbi_failure_reason (void);
439
458
 
440
459
  // free the loaded image -- this is just free()
@@ -467,6 +486,11 @@ STBIDEF void stbi_convert_iphone_png_to_rgb(int flag_true_if_should_convert);
467
486
  // flip the image vertically, so the first pixel in the output array is the bottom left
468
487
  STBIDEF void stbi_set_flip_vertically_on_load(int flag_true_if_should_flip);
469
488
 
489
+ // as above, but only applies to images loaded on the thread that calls the function
490
+ // this function is only available if your compiler supports thread-local variables;
491
+ // calling it will fail to link if your compiler doesn't
492
+ STBIDEF void stbi_set_flip_vertically_on_load_thread(int flag_true_if_should_flip);
493
+
470
494
  // ZLIB client - used by PNG, available for other purposes
471
495
 
472
496
  STBIDEF char *stbi_zlib_decode_malloc_guesssize(const char *buffer, int len, int initial_size, int *outlen);
@@ -563,6 +587,23 @@ STBIDEF int stbi_zlib_decode_noheader_buffer(char *obuffer, int olen, const ch
563
587
  #define stbi_inline __forceinline
564
588
  #endif
565
589
 
590
+ #ifndef STBI_NO_THREAD_LOCALS
591
+ #if defined(__cplusplus) && __cplusplus >= 201103L
592
+ #define STBI_THREAD_LOCAL thread_local
593
+ #elif defined(__GNUC__) && __GNUC__ < 5
594
+ #define STBI_THREAD_LOCAL __thread
595
+ #elif defined(_MSC_VER)
596
+ #define STBI_THREAD_LOCAL __declspec(thread)
597
+ #elif defined (__STDC_VERSION__) && __STDC_VERSION__ >= 201112L && !defined(__STDC_NO_THREADS__)
598
+ #define STBI_THREAD_LOCAL _Thread_local
599
+ #endif
600
+
601
+ #ifndef STBI_THREAD_LOCAL
602
+ #if defined(__GNUC__)
603
+ #define STBI_THREAD_LOCAL __thread
604
+ #endif
605
+ #endif
606
+ #endif
566
607
 
567
608
  #ifdef _MSC_VER
568
609
  typedef unsigned short stbi__uint16;
@@ -715,6 +756,10 @@ static int stbi__sse2_available(void)
715
756
  #define STBI_SIMD_ALIGN(type, name) type name
716
757
  #endif
717
758
 
759
+ #ifndef STBI_MAX_DIMENSIONS
760
+ #define STBI_MAX_DIMENSIONS (1 << 24)
761
+ #endif
762
+
718
763
  ///////////////////////////////////////////////
719
764
  //
720
765
  // stbi__context struct and start_xxx functions
@@ -732,6 +777,7 @@ typedef struct
732
777
  int read_from_callbacks;
733
778
  int buflen;
734
779
  stbi_uc buffer_start[128];
780
+ int callback_already_read;
735
781
 
736
782
  stbi_uc *img_buffer, *img_buffer_end;
737
783
  stbi_uc *img_buffer_original, *img_buffer_original_end;
@@ -745,6 +791,7 @@ static void stbi__start_mem(stbi__context *s, stbi_uc const *buffer, int len)
745
791
  {
746
792
  s->io.read = NULL;
747
793
  s->read_from_callbacks = 0;
794
+ s->callback_already_read = 0;
748
795
  s->img_buffer = s->img_buffer_original = (stbi_uc *) buffer;
749
796
  s->img_buffer_end = s->img_buffer_original_end = (stbi_uc *) buffer+len;
750
797
  }
@@ -756,7 +803,8 @@ static void stbi__start_callbacks(stbi__context *s, stbi_io_callbacks *c, void *
756
803
  s->io_user_data = user;
757
804
  s->buflen = sizeof(s->buffer_start);
758
805
  s->read_from_callbacks = 1;
759
- s->img_buffer_original = s->buffer_start;
806
+ s->callback_already_read = 0;
807
+ s->img_buffer = s->img_buffer_original = s->buffer_start;
760
808
  stbi__refill_buffer(s);
761
809
  s->img_buffer_original_end = s->img_buffer_end;
762
810
  }
@@ -770,12 +818,17 @@ static int stbi__stdio_read(void *user, char *data, int size)
770
818
 
771
819
  static void stbi__stdio_skip(void *user, int n)
772
820
  {
821
+ int ch;
773
822
  fseek((FILE*) user, n, SEEK_CUR);
823
+ ch = fgetc((FILE*) user); /* have to read a byte to reset feof()'s flag */
824
+ if (ch != EOF) {
825
+ ungetc(ch, (FILE *) user); /* push byte back onto stream if valid. */
826
+ }
774
827
  }
775
828
 
776
829
  static int stbi__stdio_eof(void *user)
777
830
  {
778
- return feof((FILE*) user);
831
+ return feof((FILE*) user) || ferror((FILE *) user);
779
832
  }
780
833
 
781
834
  static stbi_io_callbacks stbi__stdio_callbacks =
@@ -873,19 +926,24 @@ static void *stbi__pnm_load(stbi__context *s, int *x, int *y, int *comp, int
873
926
  static int stbi__pnm_info(stbi__context *s, int *x, int *y, int *comp);
874
927
  #endif
875
928
 
876
- // this is not threadsafe
877
- static const char *stbi__g_failure_reason;
929
+ static
930
+ #ifdef STBI_THREAD_LOCAL
931
+ STBI_THREAD_LOCAL
932
+ #endif
933
+ const char *stbi__g_failure_reason;
878
934
 
879
935
  STBIDEF const char *stbi_failure_reason(void)
880
936
  {
881
937
  return stbi__g_failure_reason;
882
938
  }
883
939
 
940
+ #ifndef STBI_NO_FAILURE_STRINGS
884
941
  static int stbi__err(const char *str)
885
942
  {
886
943
  stbi__g_failure_reason = str;
887
944
  return 0;
888
945
  }
946
+ #endif
889
947
 
890
948
  static void *stbi__malloc(size_t size)
891
949
  {
@@ -924,11 +982,13 @@ static int stbi__mul2sizes_valid(int a, int b)
924
982
  return a <= INT_MAX/b;
925
983
  }
926
984
 
985
+ #if !defined(STBI_NO_JPEG) || !defined(STBI_NO_PNG) || !defined(STBI_NO_TGA) || !defined(STBI_NO_HDR)
927
986
  // returns 1 if "a*b + add" has no negative terms/factors and doesn't overflow
928
987
  static int stbi__mad2sizes_valid(int a, int b, int add)
929
988
  {
930
989
  return stbi__mul2sizes_valid(a, b) && stbi__addsizes_valid(a*b, add);
931
990
  }
991
+ #endif
932
992
 
933
993
  // returns 1 if "a*b*c + add" has no negative terms/factors and doesn't overflow
934
994
  static int stbi__mad3sizes_valid(int a, int b, int c, int add)
@@ -946,12 +1006,14 @@ static int stbi__mad4sizes_valid(int a, int b, int c, int d, int add)
946
1006
  }
947
1007
  #endif
948
1008
 
1009
+ #if !defined(STBI_NO_JPEG) || !defined(STBI_NO_PNG) || !defined(STBI_NO_TGA) || !defined(STBI_NO_HDR)
949
1010
  // mallocs with size overflow checking
950
1011
  static void *stbi__malloc_mad2(int a, int b, int add)
951
1012
  {
952
1013
  if (!stbi__mad2sizes_valid(a, b, add)) return NULL;
953
1014
  return stbi__malloc(a*b + add);
954
1015
  }
1016
+ #endif
955
1017
 
956
1018
  static void *stbi__malloc_mad3(int a, int b, int c, int add)
957
1019
  {
@@ -995,13 +1057,29 @@ static float *stbi__ldr_to_hdr(stbi_uc *data, int x, int y, int comp);
995
1057
  static stbi_uc *stbi__hdr_to_ldr(float *data, int x, int y, int comp);
996
1058
  #endif
997
1059
 
998
- static int stbi__vertically_flip_on_load = 0;
1060
+ static int stbi__vertically_flip_on_load_global = 0;
999
1061
 
1000
1062
  STBIDEF void stbi_set_flip_vertically_on_load(int flag_true_if_should_flip)
1001
1063
  {
1002
- stbi__vertically_flip_on_load = flag_true_if_should_flip;
1064
+ stbi__vertically_flip_on_load_global = flag_true_if_should_flip;
1003
1065
  }
1004
1066
 
1067
+ #ifndef STBI_THREAD_LOCAL
1068
+ #define stbi__vertically_flip_on_load stbi__vertically_flip_on_load_global
1069
+ #else
1070
+ static STBI_THREAD_LOCAL int stbi__vertically_flip_on_load_local, stbi__vertically_flip_on_load_set;
1071
+
1072
+ STBIDEF void stbi_set_flip_vertically_on_load_thread(int flag_true_if_should_flip)
1073
+ {
1074
+ stbi__vertically_flip_on_load_local = flag_true_if_should_flip;
1075
+ stbi__vertically_flip_on_load_set = 1;
1076
+ }
1077
+
1078
+ #define stbi__vertically_flip_on_load (stbi__vertically_flip_on_load_set \
1079
+ ? stbi__vertically_flip_on_load_local \
1080
+ : stbi__vertically_flip_on_load_global)
1081
+ #endif // STBI_THREAD_LOCAL
1082
+
1005
1083
  static void *stbi__load_main(stbi__context *s, int *x, int *y, int *comp, int req_comp, stbi__result_info *ri, int bpc)
1006
1084
  {
1007
1085
  memset(ri, 0, sizeof(*ri)); // make sure it's initialized if we add new fields
@@ -1023,6 +1101,8 @@ static void *stbi__load_main(stbi__context *s, int *x, int *y, int *comp, int re
1023
1101
  #endif
1024
1102
  #ifndef STBI_NO_PSD
1025
1103
  if (stbi__psd_test(s)) return stbi__psd_load(s,x,y,comp,req_comp, ri, bpc);
1104
+ #else
1105
+ STBI_NOTUSED(bpc);
1026
1106
  #endif
1027
1107
  #ifndef STBI_NO_PIC
1028
1108
  if (stbi__pic_test(s)) return stbi__pic_load(s,x,y,comp,req_comp, ri);
@@ -1111,8 +1191,8 @@ static void stbi__vertical_flip_slices(void *image, int w, int h, int z, int byt
1111
1191
 
1112
1192
  stbi_uc *bytes = (stbi_uc *)image;
1113
1193
  for (slice = 0; slice < z; ++slice) {
1114
- stbi__vertical_flip(bytes, w, h, bytes_per_pixel);
1115
- bytes += slice_size;
1194
+ stbi__vertical_flip(bytes, w, h, bytes_per_pixel);
1195
+ bytes += slice_size;
1116
1196
  }
1117
1197
  }
1118
1198
  #endif
@@ -1125,8 +1205,10 @@ static unsigned char *stbi__load_and_postprocess_8bit(stbi__context *s, int *x,
1125
1205
  if (result == NULL)
1126
1206
  return NULL;
1127
1207
 
1208
+ // it is the responsibility of the loaders to make sure we get either 8 or 16 bit.
1209
+ STBI_ASSERT(ri.bits_per_channel == 8 || ri.bits_per_channel == 16);
1210
+
1128
1211
  if (ri.bits_per_channel != 8) {
1129
- STBI_ASSERT(ri.bits_per_channel == 16);
1130
1212
  result = stbi__convert_16_to_8((stbi__uint16 *) result, *x, *y, req_comp == 0 ? *comp : req_comp);
1131
1213
  ri.bits_per_channel = 8;
1132
1214
  }
@@ -1149,8 +1231,10 @@ static stbi__uint16 *stbi__load_and_postprocess_16bit(stbi__context *s, int *x,
1149
1231
  if (result == NULL)
1150
1232
  return NULL;
1151
1233
 
1234
+ // it is the responsibility of the loaders to make sure we get either 8 or 16 bit.
1235
+ STBI_ASSERT(ri.bits_per_channel == 8 || ri.bits_per_channel == 16);
1236
+
1152
1237
  if (ri.bits_per_channel != 16) {
1153
- STBI_ASSERT(ri.bits_per_channel == 8);
1154
1238
  result = stbi__convert_8_to_16((stbi_uc *) result, *x, *y, req_comp == 0 ? *comp : req_comp);
1155
1239
  ri.bits_per_channel = 16;
1156
1240
  }
@@ -1198,7 +1282,7 @@ static FILE *stbi__fopen(char const *filename, char const *mode)
1198
1282
  wchar_t wFilename[1024];
1199
1283
  if (0 == MultiByteToWideChar(65001 /* UTF8 */, 0, filename, -1, wFilename, sizeof(wFilename)))
1200
1284
  return 0;
1201
-
1285
+
1202
1286
  if (0 == MultiByteToWideChar(65001 /* UTF8 */, 0, mode, -1, wMode, sizeof(wMode)))
1203
1287
  return 0;
1204
1288
 
@@ -1300,15 +1384,15 @@ STBIDEF stbi_uc *stbi_load_from_callbacks(stbi_io_callbacks const *clbk, void *u
1300
1384
  STBIDEF stbi_uc *stbi_load_gif_from_memory(stbi_uc const *buffer, int len, int **delays, int *x, int *y, int *z, int *comp, int req_comp)
1301
1385
  {
1302
1386
  unsigned char *result;
1303
- stbi__context s;
1304
- stbi__start_mem(&s,buffer,len);
1305
-
1387
+ stbi__context s;
1388
+ stbi__start_mem(&s,buffer,len);
1389
+
1306
1390
  result = (unsigned char*) stbi__load_gif_main(&s, delays, x, y, z, comp, req_comp);
1307
1391
  if (stbi__vertically_flip_on_load) {
1308
- stbi__vertical_flip_slices( result, *x, *y, *z, *comp );
1392
+ stbi__vertical_flip_slices( result, *x, *y, *z, *comp );
1309
1393
  }
1310
1394
 
1311
- return result;
1395
+ return result;
1312
1396
  }
1313
1397
  #endif
1314
1398
 
@@ -1453,6 +1537,7 @@ enum
1453
1537
  static void stbi__refill_buffer(stbi__context *s)
1454
1538
  {
1455
1539
  int n = (s->io.read)(s->io_user_data,(char*)s->buffer_start,s->buflen);
1540
+ s->callback_already_read += (int) (s->img_buffer - s->img_buffer_original);
1456
1541
  if (n == 0) {
1457
1542
  // at end of file, treat same as if from memory, but need to handle case
1458
1543
  // where s->img_buffer isn't pointing to safe memory, e.g. 0-byte file
@@ -1477,6 +1562,9 @@ stbi_inline static stbi_uc stbi__get8(stbi__context *s)
1477
1562
  return 0;
1478
1563
  }
1479
1564
 
1565
+ #if defined(STBI_NO_JPEG) && defined(STBI_NO_HDR) && defined(STBI_NO_PIC) && defined(STBI_NO_PNM)
1566
+ // nothing
1567
+ #else
1480
1568
  stbi_inline static int stbi__at_eof(stbi__context *s)
1481
1569
  {
1482
1570
  if (s->io.read) {
@@ -1488,9 +1576,14 @@ stbi_inline static int stbi__at_eof(stbi__context *s)
1488
1576
 
1489
1577
  return s->img_buffer >= s->img_buffer_end;
1490
1578
  }
1579
+ #endif
1491
1580
 
1581
+ #if defined(STBI_NO_JPEG) && defined(STBI_NO_PNG) && defined(STBI_NO_BMP) && defined(STBI_NO_PSD) && defined(STBI_NO_TGA) && defined(STBI_NO_GIF) && defined(STBI_NO_PIC)
1582
+ // nothing
1583
+ #else
1492
1584
  static void stbi__skip(stbi__context *s, int n)
1493
1585
  {
1586
+ if (n == 0) return; // already there!
1494
1587
  if (n < 0) {
1495
1588
  s->img_buffer = s->img_buffer_end;
1496
1589
  return;
@@ -1505,7 +1598,11 @@ static void stbi__skip(stbi__context *s, int n)
1505
1598
  }
1506
1599
  s->img_buffer += n;
1507
1600
  }
1601
+ #endif
1508
1602
 
1603
+ #if defined(STBI_NO_PNG) && defined(STBI_NO_TGA) && defined(STBI_NO_HDR) && defined(STBI_NO_PNM)
1604
+ // nothing
1605
+ #else
1509
1606
  static int stbi__getn(stbi__context *s, stbi_uc *buffer, int n)
1510
1607
  {
1511
1608
  if (s->io.read) {
@@ -1529,18 +1626,27 @@ static int stbi__getn(stbi__context *s, stbi_uc *buffer, int n)
1529
1626
  } else
1530
1627
  return 0;
1531
1628
  }
1629
+ #endif
1532
1630
 
1631
+ #if defined(STBI_NO_JPEG) && defined(STBI_NO_PNG) && defined(STBI_NO_PSD) && defined(STBI_NO_PIC)
1632
+ // nothing
1633
+ #else
1533
1634
  static int stbi__get16be(stbi__context *s)
1534
1635
  {
1535
1636
  int z = stbi__get8(s);
1536
1637
  return (z << 8) + stbi__get8(s);
1537
1638
  }
1639
+ #endif
1538
1640
 
1641
+ #if defined(STBI_NO_PNG) && defined(STBI_NO_PSD) && defined(STBI_NO_PIC)
1642
+ // nothing
1643
+ #else
1539
1644
  static stbi__uint32 stbi__get32be(stbi__context *s)
1540
1645
  {
1541
1646
  stbi__uint32 z = stbi__get16be(s);
1542
1647
  return (z << 16) + stbi__get16be(s);
1543
1648
  }
1649
+ #endif
1544
1650
 
1545
1651
  #if defined(STBI_NO_BMP) && defined(STBI_NO_TGA) && defined(STBI_NO_GIF)
1546
1652
  // nothing
@@ -1562,7 +1668,9 @@ static stbi__uint32 stbi__get32le(stbi__context *s)
1562
1668
 
1563
1669
  #define STBI__BYTECAST(x) ((stbi_uc) ((x) & 255)) // truncate int to byte without warnings
1564
1670
 
1565
-
1671
+ #if defined(STBI_NO_JPEG) && defined(STBI_NO_PNG) && defined(STBI_NO_BMP) && defined(STBI_NO_PSD) && defined(STBI_NO_TGA) && defined(STBI_NO_GIF) && defined(STBI_NO_PIC) && defined(STBI_NO_PNM)
1672
+ // nothing
1673
+ #else
1566
1674
  //////////////////////////////////////////////////////////////////////////////
1567
1675
  //
1568
1676
  // generic converter from built-in img_n to req_comp
@@ -1578,7 +1686,11 @@ static stbi_uc stbi__compute_y(int r, int g, int b)
1578
1686
  {
1579
1687
  return (stbi_uc) (((r*77) + (g*150) + (29*b)) >> 8);
1580
1688
  }
1689
+ #endif
1581
1690
 
1691
+ #if defined(STBI_NO_PNG) && defined(STBI_NO_BMP) && defined(STBI_NO_PSD) && defined(STBI_NO_TGA) && defined(STBI_NO_GIF) && defined(STBI_NO_PIC) && defined(STBI_NO_PNM)
1692
+ // nothing
1693
+ #else
1582
1694
  static unsigned char *stbi__convert_format(unsigned char *data, int img_n, int req_comp, unsigned int x, unsigned int y)
1583
1695
  {
1584
1696
  int i,j;
@@ -1614,7 +1726,7 @@ static unsigned char *stbi__convert_format(unsigned char *data, int img_n, int r
1614
1726
  STBI__CASE(4,1) { dest[0]=stbi__compute_y(src[0],src[1],src[2]); } break;
1615
1727
  STBI__CASE(4,2) { dest[0]=stbi__compute_y(src[0],src[1],src[2]); dest[1] = src[3]; } break;
1616
1728
  STBI__CASE(4,3) { dest[0]=src[0];dest[1]=src[1];dest[2]=src[2]; } break;
1617
- default: STBI_ASSERT(0);
1729
+ default: STBI_ASSERT(0); STBI_FREE(data); STBI_FREE(good); return stbi__errpuc("unsupported", "Unsupported format conversion");
1618
1730
  }
1619
1731
  #undef STBI__CASE
1620
1732
  }
@@ -1622,12 +1734,20 @@ static unsigned char *stbi__convert_format(unsigned char *data, int img_n, int r
1622
1734
  STBI_FREE(data);
1623
1735
  return good;
1624
1736
  }
1737
+ #endif
1625
1738
 
1739
+ #if defined(STBI_NO_PNG) && defined(STBI_NO_PSD)
1740
+ // nothing
1741
+ #else
1626
1742
  static stbi__uint16 stbi__compute_y_16(int r, int g, int b)
1627
1743
  {
1628
1744
  return (stbi__uint16) (((r*77) + (g*150) + (29*b)) >> 8);
1629
1745
  }
1746
+ #endif
1630
1747
 
1748
+ #if defined(STBI_NO_PNG) && defined(STBI_NO_PSD)
1749
+ // nothing
1750
+ #else
1631
1751
  static stbi__uint16 *stbi__convert_format16(stbi__uint16 *data, int img_n, int req_comp, unsigned int x, unsigned int y)
1632
1752
  {
1633
1753
  int i,j;
@@ -1663,7 +1783,7 @@ static stbi__uint16 *stbi__convert_format16(stbi__uint16 *data, int img_n, int r
1663
1783
  STBI__CASE(4,1) { dest[0]=stbi__compute_y_16(src[0],src[1],src[2]); } break;
1664
1784
  STBI__CASE(4,2) { dest[0]=stbi__compute_y_16(src[0],src[1],src[2]); dest[1] = src[3]; } break;
1665
1785
  STBI__CASE(4,3) { dest[0]=src[0];dest[1]=src[1];dest[2]=src[2]; } break;
1666
- default: STBI_ASSERT(0);
1786
+ default: STBI_ASSERT(0); STBI_FREE(data); STBI_FREE(good); return (stbi__uint16*) stbi__errpuc("unsupported", "Unsupported format conversion");
1667
1787
  }
1668
1788
  #undef STBI__CASE
1669
1789
  }
@@ -1671,6 +1791,7 @@ static stbi__uint16 *stbi__convert_format16(stbi__uint16 *data, int img_n, int r
1671
1791
  STBI_FREE(data);
1672
1792
  return good;
1673
1793
  }
1794
+ #endif
1674
1795
 
1675
1796
  #ifndef STBI_NO_LINEAR
1676
1797
  static float *stbi__ldr_to_hdr(stbi_uc *data, int x, int y, int comp)
@@ -1971,7 +2092,7 @@ stbi_inline static int stbi__extend_receive(stbi__jpeg *j, int n)
1971
2092
 
1972
2093
  sgn = (stbi__int32)j->code_buffer >> 31; // sign bit is always in MSB
1973
2094
  k = stbi_lrot(j->code_buffer, n);
1974
- STBI_ASSERT(n >= 0 && n < (int) (sizeof(stbi__bmask)/sizeof(*stbi__bmask)));
2095
+ if (n < 0 || n >= (int) (sizeof(stbi__bmask)/sizeof(*stbi__bmask))) return 0;
1975
2096
  j->code_buffer = k & ~stbi__bmask[n];
1976
2097
  k &= stbi__bmask[n];
1977
2098
  j->code_bits -= n;
@@ -2082,6 +2203,7 @@ static int stbi__jpeg_decode_block_prog_dc(stbi__jpeg *j, short data[64], stbi__
2082
2203
  // first scan for DC coefficient, must be first
2083
2204
  memset(data,0,64*sizeof(data[0])); // 0 all the ac values now
2084
2205
  t = stbi__jpeg_huff_decode(j, hdc);
2206
+ if (t == -1) return stbi__err("can't merge dc and ac", "Corrupt JPEG");
2085
2207
  diff = t ? stbi__extend_receive(j, t) : 0;
2086
2208
 
2087
2209
  dc = j->img_comp[b].dc_pred + diff;
@@ -3072,6 +3194,8 @@ static int stbi__process_frame_header(stbi__jpeg *z, int scan)
3072
3194
  p = stbi__get8(s); if (p != 8) return stbi__err("only 8-bit","JPEG format not supported: 8-bit only"); // JPEG baseline
3073
3195
  s->img_y = stbi__get16be(s); if (s->img_y == 0) return stbi__err("no header height", "JPEG format not supported: delayed height"); // Legal, but we don't handle it--but neither does IJG
3074
3196
  s->img_x = stbi__get16be(s); if (s->img_x == 0) return stbi__err("0 width","Corrupt JPEG"); // JPEG requires
3197
+ if (s->img_y > STBI_MAX_DIMENSIONS) return stbi__err("too large","Very large image (corrupt?)");
3198
+ if (s->img_x > STBI_MAX_DIMENSIONS) return stbi__err("too large","Very large image (corrupt?)");
3075
3199
  c = stbi__get8(s);
3076
3200
  if (c != 3 && c != 1 && c != 4) return stbi__err("bad component count","Corrupt JPEG");
3077
3201
  s->img_n = c;
@@ -3952,16 +4076,23 @@ typedef struct
3952
4076
  stbi__zhuffman z_length, z_distance;
3953
4077
  } stbi__zbuf;
3954
4078
 
4079
+ stbi_inline static int stbi__zeof(stbi__zbuf *z)
4080
+ {
4081
+ return (z->zbuffer >= z->zbuffer_end);
4082
+ }
4083
+
3955
4084
  stbi_inline static stbi_uc stbi__zget8(stbi__zbuf *z)
3956
4085
  {
3957
- if (z->zbuffer >= z->zbuffer_end) return 0;
3958
- return *z->zbuffer++;
4086
+ return stbi__zeof(z) ? 0 : *z->zbuffer++;
3959
4087
  }
3960
4088
 
3961
4089
  static void stbi__fill_bits(stbi__zbuf *z)
3962
4090
  {
3963
4091
  do {
3964
- STBI_ASSERT(z->code_buffer < (1U << z->num_bits));
4092
+ if (z->code_buffer >= (1U << z->num_bits)) {
4093
+ z->zbuffer = z->zbuffer_end; /* treat this as EOF so we fail. */
4094
+ return;
4095
+ }
3965
4096
  z->code_buffer |= (unsigned int) stbi__zget8(z) << z->num_bits;
3966
4097
  z->num_bits += 8;
3967
4098
  } while (z->num_bits <= 24);
@@ -3986,10 +4117,11 @@ static int stbi__zhuffman_decode_slowpath(stbi__zbuf *a, stbi__zhuffman *z)
3986
4117
  for (s=STBI__ZFAST_BITS+1; ; ++s)
3987
4118
  if (k < z->maxcode[s])
3988
4119
  break;
3989
- if (s == 16) return -1; // invalid code!
4120
+ if (s >= 16) return -1; // invalid code!
3990
4121
  // code size is s, so:
3991
4122
  b = (k >> (16-s)) - z->firstcode[s] + z->firstsymbol[s];
3992
- STBI_ASSERT(z->size[b] == s);
4123
+ if (b >= sizeof (z->size)) return -1; // some data was corrupt somewhere!
4124
+ if (z->size[b] != s) return -1; // was originally an assert, but report failure instead.
3993
4125
  a->code_buffer >>= s;
3994
4126
  a->num_bits -= s;
3995
4127
  return z->value[b];
@@ -3998,7 +4130,12 @@ static int stbi__zhuffman_decode_slowpath(stbi__zbuf *a, stbi__zhuffman *z)
3998
4130
  stbi_inline static int stbi__zhuffman_decode(stbi__zbuf *a, stbi__zhuffman *z)
3999
4131
  {
4000
4132
  int b,s;
4001
- if (a->num_bits < 16) stbi__fill_bits(a);
4133
+ if (a->num_bits < 16) {
4134
+ if (stbi__zeof(a)) {
4135
+ return -1; /* report error for unexpected end of data. */
4136
+ }
4137
+ stbi__fill_bits(a);
4138
+ }
4002
4139
  b = z->fast[a->code_buffer & STBI__ZFAST_MASK];
4003
4140
  if (b) {
4004
4141
  s = b >> 9;
@@ -4012,13 +4149,16 @@ stbi_inline static int stbi__zhuffman_decode(stbi__zbuf *a, stbi__zhuffman *z)
4012
4149
  static int stbi__zexpand(stbi__zbuf *z, char *zout, int n) // need to make room for n bytes
4013
4150
  {
4014
4151
  char *q;
4015
- int cur, limit, old_limit;
4152
+ unsigned int cur, limit, old_limit;
4016
4153
  z->zout = zout;
4017
4154
  if (!z->z_expandable) return stbi__err("output buffer limit","Corrupt PNG");
4018
- cur = (int) (z->zout - z->zout_start);
4019
- limit = old_limit = (int) (z->zout_end - z->zout_start);
4020
- while (cur + n > limit)
4155
+ cur = (unsigned int) (z->zout - z->zout_start);
4156
+ limit = old_limit = (unsigned) (z->zout_end - z->zout_start);
4157
+ if (UINT_MAX - cur < (unsigned) n) return stbi__err("outofmem", "Out of memory");
4158
+ while (cur + n > limit) {
4159
+ if(limit > UINT_MAX / 2) return stbi__err("outofmem", "Out of memory");
4021
4160
  limit *= 2;
4161
+ }
4022
4162
  q = (char *) STBI_REALLOC_SIZED(z->zout_start, old_limit, limit);
4023
4163
  STBI_NOTUSED(old_limit);
4024
4164
  if (q == NULL) return stbi__err("outofmem", "Out of memory");
@@ -4116,11 +4256,12 @@ static int stbi__compute_huffman_codes(stbi__zbuf *a)
4116
4256
  c = stbi__zreceive(a,2)+3;
4117
4257
  if (n == 0) return stbi__err("bad codelengths", "Corrupt PNG");
4118
4258
  fill = lencodes[n-1];
4119
- } else if (c == 17)
4259
+ } else if (c == 17) {
4120
4260
  c = stbi__zreceive(a,3)+3;
4121
- else {
4122
- STBI_ASSERT(c == 18);
4261
+ } else if (c == 18) {
4123
4262
  c = stbi__zreceive(a,7)+11;
4263
+ } else {
4264
+ return stbi__err("bad codelengths", "Corrupt PNG");
4124
4265
  }
4125
4266
  if (ntot - n < c) return stbi__err("bad codelengths", "Corrupt PNG");
4126
4267
  memset(lencodes+n, fill, c);
@@ -4146,7 +4287,7 @@ static int stbi__parse_uncompressed_block(stbi__zbuf *a)
4146
4287
  a->code_buffer >>= 8;
4147
4288
  a->num_bits -= 8;
4148
4289
  }
4149
- STBI_ASSERT(a->num_bits == 0);
4290
+ if (a->num_bits < 0) return stbi__err("zlib corrupt","Corrupt PNG");
4150
4291
  // now fill header the normal way
4151
4292
  while (k < 4)
4152
4293
  header[k++] = stbi__zget8(a);
@@ -4168,6 +4309,7 @@ static int stbi__parse_zlib_header(stbi__zbuf *a)
4168
4309
  int cm = cmf & 15;
4169
4310
  /* int cinfo = cmf >> 4; */
4170
4311
  int flg = stbi__zget8(a);
4312
+ if (stbi__zeof(a)) return stbi__err("bad zlib header","Corrupt PNG"); // zlib spec
4171
4313
  if ((cmf*256+flg) % 31 != 0) return stbi__err("bad zlib header","Corrupt PNG"); // zlib spec
4172
4314
  if (flg & 32) return stbi__err("no preset dict","Corrupt PNG"); // preset dictionary not allowed in png
4173
4315
  if (cm != 8) return stbi__err("bad compression","Corrupt PNG"); // DEFLATE required for png
@@ -4429,7 +4571,7 @@ static int stbi__create_png_image_raw(stbi__png *a, stbi_uc *raw, stbi__uint32 r
4429
4571
  return stbi__err("invalid filter","Corrupt PNG");
4430
4572
 
4431
4573
  if (depth < 8) {
4432
- STBI_ASSERT(img_width_bytes <= x);
4574
+ if (img_width_bytes > x) return stbi__err("invalid width","Corrupt PNG");
4433
4575
  cur += x*out_n - img_width_bytes; // store output to the rightmost img_len bytes, so we can decode in place
4434
4576
  filter_bytes = 1;
4435
4577
  width = img_width_bytes;
@@ -4824,8 +4966,10 @@ static int stbi__parse_png_file(stbi__png *z, int scan, int req_comp)
4824
4966
  if (!first) return stbi__err("multiple IHDR","Corrupt PNG");
4825
4967
  first = 0;
4826
4968
  if (c.length != 13) return stbi__err("bad IHDR len","Corrupt PNG");
4827
- s->img_x = stbi__get32be(s); if (s->img_x > (1 << 24)) return stbi__err("too large","Very large image (corrupt?)");
4828
- s->img_y = stbi__get32be(s); if (s->img_y > (1 << 24)) return stbi__err("too large","Very large image (corrupt?)");
4969
+ s->img_x = stbi__get32be(s);
4970
+ s->img_y = stbi__get32be(s);
4971
+ if (s->img_y > STBI_MAX_DIMENSIONS) return stbi__err("too large","Very large image (corrupt?)");
4972
+ if (s->img_x > STBI_MAX_DIMENSIONS) return stbi__err("too large","Very large image (corrupt?)");
4829
4973
  z->depth = stbi__get8(s); if (z->depth != 1 && z->depth != 2 && z->depth != 4 && z->depth != 8 && z->depth != 16) return stbi__err("1/2/4/8/16-bit only","PNG not supported: 1/2/4/8/16-bit only");
4830
4974
  color = stbi__get8(s); if (color > 6) return stbi__err("bad ctype","Corrupt PNG");
4831
4975
  if (color == 3 && z->depth == 16) return stbi__err("bad ctype","Corrupt PNG");
@@ -4942,6 +5086,8 @@ static int stbi__parse_png_file(stbi__png *z, int scan, int req_comp)
4942
5086
  ++s->img_n;
4943
5087
  }
4944
5088
  STBI_FREE(z->expanded); z->expanded = NULL;
5089
+ // end of PNG chunk, read and skip CRC
5090
+ stbi__get32be(s);
4945
5091
  return 1;
4946
5092
  }
4947
5093
 
@@ -4972,10 +5118,12 @@ static void *stbi__do_png(stbi__png *p, int *x, int *y, int *n, int req_comp, st
4972
5118
  void *result=NULL;
4973
5119
  if (req_comp < 0 || req_comp > 4) return stbi__errpuc("bad req_comp", "Internal error");
4974
5120
  if (stbi__parse_png_file(p, STBI__SCAN_load, req_comp)) {
4975
- if (p->depth < 8)
5121
+ if (p->depth <= 8)
4976
5122
  ri->bits_per_channel = 8;
5123
+ else if (p->depth == 16)
5124
+ ri->bits_per_channel = 16;
4977
5125
  else
4978
- ri->bits_per_channel = p->depth;
5126
+ return stbi__errpuc("bad bits_per_channel", "PNG not supported: unsupported color depth");
4979
5127
  result = p->out;
4980
5128
  p->out = NULL;
4981
5129
  if (req_comp && req_comp != p->s->img_out_n) {
@@ -5111,7 +5259,7 @@ static int stbi__shiftsigned(unsigned int v, int shift, int bits)
5111
5259
  v <<= -shift;
5112
5260
  else
5113
5261
  v >>= shift;
5114
- STBI_ASSERT(v >= 0 && v < 256);
5262
+ STBI_ASSERT(v < 256);
5115
5263
  v >>= (8-bits);
5116
5264
  STBI_ASSERT(bits >= 0 && bits <= 8);
5117
5265
  return (int) ((unsigned) v * mul_table[bits]) >> shift_table[bits];
@@ -5121,6 +5269,7 @@ typedef struct
5121
5269
  {
5122
5270
  int bpp, offset, hsz;
5123
5271
  unsigned int mr,mg,mb,ma, all_a;
5272
+ int extra_read;
5124
5273
  } stbi__bmp_data;
5125
5274
 
5126
5275
  static void *stbi__bmp_parse_header(stbi__context *s, stbi__bmp_data *info)
@@ -5133,6 +5282,9 @@ static void *stbi__bmp_parse_header(stbi__context *s, stbi__bmp_data *info)
5133
5282
  info->offset = stbi__get32le(s);
5134
5283
  info->hsz = hsz = stbi__get32le(s);
5135
5284
  info->mr = info->mg = info->mb = info->ma = 0;
5285
+ info->extra_read = 14;
5286
+
5287
+ if (info->offset < 0) return stbi__errpuc("bad BMP", "bad BMP");
5136
5288
 
5137
5289
  if (hsz != 12 && hsz != 40 && hsz != 56 && hsz != 108 && hsz != 124) return stbi__errpuc("unknown BMP", "BMP type not supported: unknown");
5138
5290
  if (hsz == 12) {
@@ -5176,6 +5328,7 @@ static void *stbi__bmp_parse_header(stbi__context *s, stbi__bmp_data *info)
5176
5328
  info->mr = stbi__get32le(s);
5177
5329
  info->mg = stbi__get32le(s);
5178
5330
  info->mb = stbi__get32le(s);
5331
+ info->extra_read += 12;
5179
5332
  // not documented, but generated by photoshop and handled by mspaint
5180
5333
  if (info->mr == info->mg && info->mg == info->mb) {
5181
5334
  // ?!?!?
@@ -5224,6 +5377,9 @@ static void *stbi__bmp_load(stbi__context *s, int *x, int *y, int *comp, int req
5224
5377
  flip_vertically = ((int) s->img_y) > 0;
5225
5378
  s->img_y = abs((int) s->img_y);
5226
5379
 
5380
+ if (s->img_y > STBI_MAX_DIMENSIONS) return stbi__errpuc("too large","Very large image (corrupt?)");
5381
+ if (s->img_x > STBI_MAX_DIMENSIONS) return stbi__errpuc("too large","Very large image (corrupt?)");
5382
+
5227
5383
  mr = info.mr;
5228
5384
  mg = info.mg;
5229
5385
  mb = info.mb;
@@ -5232,10 +5388,16 @@ static void *stbi__bmp_load(stbi__context *s, int *x, int *y, int *comp, int req
5232
5388
 
5233
5389
  if (info.hsz == 12) {
5234
5390
  if (info.bpp < 24)
5235
- psize = (info.offset - 14 - 24) / 3;
5391
+ psize = (info.offset - info.extra_read - 24) / 3;
5236
5392
  } else {
5237
5393
  if (info.bpp < 16)
5238
- psize = (info.offset - 14 - info.hsz) >> 2;
5394
+ psize = (info.offset - info.extra_read - info.hsz) >> 2;
5395
+ }
5396
+ if (psize == 0) {
5397
+ STBI_ASSERT(info.offset == s->callback_already_read + (int) (s->img_buffer - s->img_buffer_original));
5398
+ if (info.offset != s->callback_already_read + (s->img_buffer - s->buffer_start)) {
5399
+ return stbi__errpuc("bad offset", "Corrupt BMP");
5400
+ }
5239
5401
  }
5240
5402
 
5241
5403
  if (info.bpp == 24 && ma == 0xff000000)
@@ -5263,7 +5425,7 @@ static void *stbi__bmp_load(stbi__context *s, int *x, int *y, int *comp, int req
5263
5425
  if (info.hsz != 12) stbi__get8(s);
5264
5426
  pal[i][3] = 255;
5265
5427
  }
5266
- stbi__skip(s, info.offset - 14 - info.hsz - psize * (info.hsz == 12 ? 3 : 4));
5428
+ stbi__skip(s, info.offset - info.extra_read - info.hsz - psize * (info.hsz == 12 ? 3 : 4));
5267
5429
  if (info.bpp == 1) width = (s->img_x + 7) >> 3;
5268
5430
  else if (info.bpp == 4) width = (s->img_x + 1) >> 1;
5269
5431
  else if (info.bpp == 8) width = s->img_x;
@@ -5312,7 +5474,7 @@ static void *stbi__bmp_load(stbi__context *s, int *x, int *y, int *comp, int req
5312
5474
  int rshift=0,gshift=0,bshift=0,ashift=0,rcount=0,gcount=0,bcount=0,acount=0;
5313
5475
  int z = 0;
5314
5476
  int easy=0;
5315
- stbi__skip(s, info.offset - 14 - info.hsz);
5477
+ stbi__skip(s, info.offset - info.extra_read - info.hsz);
5316
5478
  if (info.bpp == 24) width = 3 * s->img_x;
5317
5479
  else if (info.bpp == 16) width = 2*s->img_x;
5318
5480
  else /* bpp = 32 and pad = 0 */ width=0;
@@ -5330,6 +5492,7 @@ static void *stbi__bmp_load(stbi__context *s, int *x, int *y, int *comp, int req
5330
5492
  gshift = stbi__high_bit(mg)-7; gcount = stbi__bitcount(mg);
5331
5493
  bshift = stbi__high_bit(mb)-7; bcount = stbi__bitcount(mb);
5332
5494
  ashift = stbi__high_bit(ma)-7; acount = stbi__bitcount(ma);
5495
+ if (rcount > 8 || gcount > 8 || bcount > 8 || acount > 8) { STBI_FREE(out); return stbi__errpuc("bad masks", "Corrupt BMP"); }
5333
5496
  }
5334
5497
  for (j=0; j < (int) s->img_y; ++j) {
5335
5498
  if (easy) {
@@ -5554,6 +5717,9 @@ static void *stbi__tga_load(stbi__context *s, int *x, int *y, int *comp, int req
5554
5717
  STBI_NOTUSED(tga_x_origin); // @TODO
5555
5718
  STBI_NOTUSED(tga_y_origin); // @TODO
5556
5719
 
5720
+ if (tga_height > STBI_MAX_DIMENSIONS) return stbi__errpuc("too large","Very large image (corrupt?)");
5721
+ if (tga_width > STBI_MAX_DIMENSIONS) return stbi__errpuc("too large","Very large image (corrupt?)");
5722
+
5557
5723
  // do a tiny bit of precessing
5558
5724
  if ( tga_image_type >= 8 )
5559
5725
  {
@@ -5593,6 +5759,11 @@ static void *stbi__tga_load(stbi__context *s, int *x, int *y, int *comp, int req
5593
5759
  // do I need to load a palette?
5594
5760
  if ( tga_indexed)
5595
5761
  {
5762
+ if (tga_palette_len == 0) { /* you have to have at least one entry! */
5763
+ STBI_FREE(tga_data);
5764
+ return stbi__errpuc("bad palette", "Corrupt TGA");
5765
+ }
5766
+
5596
5767
  // any data to skip? (offset usually = 0)
5597
5768
  stbi__skip(s, tga_palette_start );
5598
5769
  // load the palette
@@ -5801,6 +5972,9 @@ static void *stbi__psd_load(stbi__context *s, int *x, int *y, int *comp, int req
5801
5972
  h = stbi__get32be(s);
5802
5973
  w = stbi__get32be(s);
5803
5974
 
5975
+ if (h > STBI_MAX_DIMENSIONS) return stbi__errpuc("too large","Very large image (corrupt?)");
5976
+ if (w > STBI_MAX_DIMENSIONS) return stbi__errpuc("too large","Very large image (corrupt?)");
5977
+
5804
5978
  // Make sure the depth is 8 bits.
5805
5979
  bitdepth = stbi__get16be(s);
5806
5980
  if (bitdepth != 8 && bitdepth != 16)
@@ -6155,6 +6329,10 @@ static void *stbi__pic_load(stbi__context *s,int *px,int *py,int *comp,int req_c
6155
6329
 
6156
6330
  x = stbi__get16be(s);
6157
6331
  y = stbi__get16be(s);
6332
+
6333
+ if (y > STBI_MAX_DIMENSIONS) return stbi__errpuc("too large","Very large image (corrupt?)");
6334
+ if (x > STBI_MAX_DIMENSIONS) return stbi__errpuc("too large","Very large image (corrupt?)");
6335
+
6158
6336
  if (stbi__at_eof(s)) return stbi__errpuc("bad file","file too short (pic header)");
6159
6337
  if (!stbi__mad3sizes_valid(x, y, 4, 0)) return stbi__errpuc("too large", "PIC image too large to decode");
6160
6338
 
@@ -6202,7 +6380,7 @@ typedef struct
6202
6380
  int w,h;
6203
6381
  stbi_uc *out; // output buffer (always 4 components)
6204
6382
  stbi_uc *background; // The current "background" as far as a gif is concerned
6205
- stbi_uc *history;
6383
+ stbi_uc *history;
6206
6384
  int flags, bgindex, ratio, transparent, eflags;
6207
6385
  stbi_uc pal[256][4];
6208
6386
  stbi_uc lpal[256][4];
@@ -6263,6 +6441,9 @@ static int stbi__gif_header(stbi__context *s, stbi__gif *g, int *comp, int is_in
6263
6441
  g->ratio = stbi__get8(s);
6264
6442
  g->transparent = -1;
6265
6443
 
6444
+ if (g->w > STBI_MAX_DIMENSIONS) return stbi__err("too large","Very large image (corrupt?)");
6445
+ if (g->h > STBI_MAX_DIMENSIONS) return stbi__err("too large","Very large image (corrupt?)");
6446
+
6266
6447
  if (comp != 0) *comp = 4; // can't actually tell whether it's 3 or 4 until we parse the comments
6267
6448
 
6268
6449
  if (is_info) return 1;
@@ -6290,7 +6471,7 @@ static int stbi__gif_info_raw(stbi__context *s, int *x, int *y, int *comp)
6290
6471
  static void stbi__out_gif_code(stbi__gif *g, stbi__uint16 code)
6291
6472
  {
6292
6473
  stbi_uc *p, *c;
6293
- int idx;
6474
+ int idx;
6294
6475
 
6295
6476
  // recurse to decode the prefixes, since the linked-list is backwards,
6296
6477
  // and working backwards through an interleaved image would be nasty
@@ -6299,12 +6480,12 @@ static void stbi__out_gif_code(stbi__gif *g, stbi__uint16 code)
6299
6480
 
6300
6481
  if (g->cur_y >= g->max_y) return;
6301
6482
 
6302
- idx = g->cur_x + g->cur_y;
6483
+ idx = g->cur_x + g->cur_y;
6303
6484
  p = &g->out[idx];
6304
- g->history[idx / 4] = 1;
6485
+ g->history[idx / 4] = 1;
6305
6486
 
6306
6487
  c = &g->color_table[g->codes[code].suffix * 4];
6307
- if (c[3] > 128) { // don't render transparent pixels;
6488
+ if (c[3] > 128) { // don't render transparent pixels;
6308
6489
  p[0] = c[2];
6309
6490
  p[1] = c[1];
6310
6491
  p[2] = c[0];
@@ -6413,14 +6594,14 @@ static stbi_uc *stbi__process_gif_raster(stbi__context *s, stbi__gif *g)
6413
6594
  // two back is the image from two frames ago, used for a very specific disposal format
6414
6595
  static stbi_uc *stbi__gif_load_next(stbi__context *s, stbi__gif *g, int *comp, int req_comp, stbi_uc *two_back)
6415
6596
  {
6416
- int dispose;
6417
- int first_frame;
6418
- int pi;
6419
- int pcount;
6597
+ int dispose;
6598
+ int first_frame;
6599
+ int pi;
6600
+ int pcount;
6420
6601
  STBI_NOTUSED(req_comp);
6421
6602
 
6422
6603
  // on first frame, any non-written pixels get the background colour (non-transparent)
6423
- first_frame = 0;
6604
+ first_frame = 0;
6424
6605
  if (g->out == 0) {
6425
6606
  if (!stbi__gif_header(s, g, comp,0)) return 0; // stbi__g_failure_reason set by stbi__gif_header
6426
6607
  if (!stbi__mad3sizes_valid(4, g->w, g->h, 0))
@@ -6432,17 +6613,17 @@ static stbi_uc *stbi__gif_load_next(stbi__context *s, stbi__gif *g, int *comp, i
6432
6613
  if (!g->out || !g->background || !g->history)
6433
6614
  return stbi__errpuc("outofmem", "Out of memory");
6434
6615
 
6435
- // image is treated as "transparent" at the start - ie, nothing overwrites the current background;
6616
+ // image is treated as "transparent" at the start - ie, nothing overwrites the current background;
6436
6617
  // background colour is only used for pixels that are not rendered first frame, after that "background"
6437
- // color refers to the color that was there the previous frame.
6618
+ // color refers to the color that was there the previous frame.
6438
6619
  memset(g->out, 0x00, 4 * pcount);
6439
6620
  memset(g->background, 0x00, 4 * pcount); // state of the background (starts transparent)
6440
6621
  memset(g->history, 0x00, pcount); // pixels that were affected previous frame
6441
- first_frame = 1;
6622
+ first_frame = 1;
6442
6623
  } else {
6443
- // second frame - how do we dispoase of the previous one?
6444
- dispose = (g->eflags & 0x1C) >> 2;
6445
- pcount = g->w * g->h;
6624
+ // second frame - how do we dispose of the previous one?
6625
+ dispose = (g->eflags & 0x1C) >> 2;
6626
+ pcount = g->w * g->h;
6446
6627
 
6447
6628
  if ((dispose == 3) && (two_back == 0)) {
6448
6629
  dispose = 2; // if I don't have an image to revert back to, default to the old background
@@ -6451,32 +6632,32 @@ static stbi_uc *stbi__gif_load_next(stbi__context *s, stbi__gif *g, int *comp, i
6451
6632
  if (dispose == 3) { // use previous graphic
6452
6633
  for (pi = 0; pi < pcount; ++pi) {
6453
6634
  if (g->history[pi]) {
6454
- memcpy( &g->out[pi * 4], &two_back[pi * 4], 4 );
6635
+ memcpy( &g->out[pi * 4], &two_back[pi * 4], 4 );
6455
6636
  }
6456
6637
  }
6457
- } else if (dispose == 2) {
6458
- // restore what was changed last frame to background before that frame;
6638
+ } else if (dispose == 2) {
6639
+ // restore what was changed last frame to background before that frame;
6459
6640
  for (pi = 0; pi < pcount; ++pi) {
6460
6641
  if (g->history[pi]) {
6461
- memcpy( &g->out[pi * 4], &g->background[pi * 4], 4 );
6642
+ memcpy( &g->out[pi * 4], &g->background[pi * 4], 4 );
6462
6643
  }
6463
6644
  }
6464
6645
  } else {
6465
- // This is a non-disposal case eithe way, so just
6646
+ // This is a non-disposal case eithe way, so just
6466
6647
  // leave the pixels as is, and they will become the new background
6467
6648
  // 1: do not dispose
6468
6649
  // 0: not specified.
6469
6650
  }
6470
6651
 
6471
- // background is what out is after the undoing of the previou frame;
6472
- memcpy( g->background, g->out, 4 * g->w * g->h );
6652
+ // background is what out is after the undoing of the previou frame;
6653
+ memcpy( g->background, g->out, 4 * g->w * g->h );
6473
6654
  }
6474
6655
 
6475
- // clear my history;
6656
+ // clear my history;
6476
6657
  memset( g->history, 0x00, g->w * g->h ); // pixels that were affected previous frame
6477
6658
 
6478
6659
  for (;;) {
6479
- int tag = stbi__get8(s);
6660
+ int tag = stbi__get8(s);
6480
6661
  switch (tag) {
6481
6662
  case 0x2C: /* Image Descriptor */
6482
6663
  {
@@ -6521,19 +6702,19 @@ static stbi_uc *stbi__gif_load_next(stbi__context *s, stbi__gif *g, int *comp, i
6521
6702
  } else if (g->flags & 0x80) {
6522
6703
  g->color_table = (stbi_uc *) g->pal;
6523
6704
  } else
6524
- return stbi__errpuc("missing color table", "Corrupt GIF");
6525
-
6705
+ return stbi__errpuc("missing color table", "Corrupt GIF");
6706
+
6526
6707
  o = stbi__process_gif_raster(s, g);
6527
6708
  if (!o) return NULL;
6528
6709
 
6529
- // if this was the first frame,
6530
- pcount = g->w * g->h;
6710
+ // if this was the first frame,
6711
+ pcount = g->w * g->h;
6531
6712
  if (first_frame && (g->bgindex > 0)) {
6532
6713
  // if first frame, any pixel not drawn to gets the background color
6533
6714
  for (pi = 0; pi < pcount; ++pi) {
6534
6715
  if (g->history[pi] == 0) {
6535
- g->pal[g->bgindex][3] = 255; // just in case it was made transparent, undo that; It will be reset next frame if need be;
6536
- memcpy( &g->out[pi * 4], &g->pal[g->bgindex], 4 );
6716
+ g->pal[g->bgindex][3] = 255; // just in case it was made transparent, undo that; It will be reset next frame if need be;
6717
+ memcpy( &g->out[pi * 4], &g->pal[g->bgindex], 4 );
6537
6718
  }
6538
6719
  }
6539
6720
  }
@@ -6544,7 +6725,7 @@ static stbi_uc *stbi__gif_load_next(stbi__context *s, stbi__gif *g, int *comp, i
6544
6725
  case 0x21: // Comment Extension.
6545
6726
  {
6546
6727
  int len;
6547
- int ext = stbi__get8(s);
6728
+ int ext = stbi__get8(s);
6548
6729
  if (ext == 0xF9) { // Graphic Control Extension.
6549
6730
  len = stbi__get8(s);
6550
6731
  if (len == 4) {
@@ -6553,23 +6734,23 @@ static stbi_uc *stbi__gif_load_next(stbi__context *s, stbi__gif *g, int *comp, i
6553
6734
 
6554
6735
  // unset old transparent
6555
6736
  if (g->transparent >= 0) {
6556
- g->pal[g->transparent][3] = 255;
6557
- }
6737
+ g->pal[g->transparent][3] = 255;
6738
+ }
6558
6739
  if (g->eflags & 0x01) {
6559
6740
  g->transparent = stbi__get8(s);
6560
6741
  if (g->transparent >= 0) {
6561
- g->pal[g->transparent][3] = 0;
6742
+ g->pal[g->transparent][3] = 0;
6562
6743
  }
6563
6744
  } else {
6564
6745
  // don't need transparent
6565
- stbi__skip(s, 1);
6566
- g->transparent = -1;
6746
+ stbi__skip(s, 1);
6747
+ g->transparent = -1;
6567
6748
  }
6568
6749
  } else {
6569
6750
  stbi__skip(s, len);
6570
6751
  break;
6571
6752
  }
6572
- }
6753
+ }
6573
6754
  while ((len = stbi__get8(s)) != 0) {
6574
6755
  stbi__skip(s, len);
6575
6756
  }
@@ -6588,15 +6769,17 @@ static stbi_uc *stbi__gif_load_next(stbi__context *s, stbi__gif *g, int *comp, i
6588
6769
  static void *stbi__load_gif_main(stbi__context *s, int **delays, int *x, int *y, int *z, int *comp, int req_comp)
6589
6770
  {
6590
6771
  if (stbi__gif_test(s)) {
6591
- int layers = 0;
6772
+ int layers = 0;
6592
6773
  stbi_uc *u = 0;
6593
6774
  stbi_uc *out = 0;
6594
- stbi_uc *two_back = 0;
6775
+ stbi_uc *two_back = 0;
6595
6776
  stbi__gif g;
6596
- int stride;
6777
+ int stride;
6778
+ int out_size = 0;
6779
+ int delays_size = 0;
6597
6780
  memset(&g, 0, sizeof(g));
6598
6781
  if (delays) {
6599
- *delays = 0;
6782
+ *delays = 0;
6600
6783
  }
6601
6784
 
6602
6785
  do {
@@ -6606,44 +6789,58 @@ static void *stbi__load_gif_main(stbi__context *s, int **delays, int *x, int *y,
6606
6789
  if (u) {
6607
6790
  *x = g.w;
6608
6791
  *y = g.h;
6609
- ++layers;
6610
- stride = g.w * g.h * 4;
6611
-
6792
+ ++layers;
6793
+ stride = g.w * g.h * 4;
6794
+
6612
6795
  if (out) {
6613
- out = (stbi_uc*) STBI_REALLOC( out, layers * stride );
6796
+ void *tmp = (stbi_uc*) STBI_REALLOC_SIZED( out, out_size, layers * stride );
6797
+ if (NULL == tmp) {
6798
+ STBI_FREE(g.out);
6799
+ STBI_FREE(g.history);
6800
+ STBI_FREE(g.background);
6801
+ return stbi__errpuc("outofmem", "Out of memory");
6802
+ }
6803
+ else {
6804
+ out = (stbi_uc*) tmp;
6805
+ out_size = layers * stride;
6806
+ }
6807
+
6614
6808
  if (delays) {
6615
- *delays = (int*) STBI_REALLOC( *delays, sizeof(int) * layers );
6809
+ *delays = (int*) STBI_REALLOC_SIZED( *delays, delays_size, sizeof(int) * layers );
6810
+ delays_size = layers * sizeof(int);
6616
6811
  }
6617
6812
  } else {
6618
- out = (stbi_uc*)stbi__malloc( layers * stride );
6813
+ out = (stbi_uc*)stbi__malloc( layers * stride );
6814
+ out_size = layers * stride;
6619
6815
  if (delays) {
6620
- *delays = (int*) stbi__malloc( layers * sizeof(int) );
6816
+ *delays = (int*) stbi__malloc( layers * sizeof(int) );
6817
+ delays_size = layers * sizeof(int);
6621
6818
  }
6622
6819
  }
6623
- memcpy( out + ((layers - 1) * stride), u, stride );
6820
+ memcpy( out + ((layers - 1) * stride), u, stride );
6624
6821
  if (layers >= 2) {
6625
- two_back = out - 2 * stride;
6822
+ two_back = out - 2 * stride;
6626
6823
  }
6627
6824
 
6628
6825
  if (delays) {
6629
- (*delays)[layers - 1U] = g.delay;
6826
+ (*delays)[layers - 1U] = g.delay;
6630
6827
  }
6631
6828
  }
6632
- } while (u != 0);
6829
+ } while (u != 0);
6633
6830
 
6634
- // free temp buffer;
6635
- STBI_FREE(g.out);
6636
- STBI_FREE(g.history);
6637
- STBI_FREE(g.background);
6831
+ // free temp buffer;
6832
+ STBI_FREE(g.out);
6833
+ STBI_FREE(g.history);
6834
+ STBI_FREE(g.background);
6638
6835
 
6639
- // do the final conversion after loading everything;
6836
+ // do the final conversion after loading everything;
6640
6837
  if (req_comp && req_comp != 4)
6641
6838
  out = stbi__convert_format(out, 4, req_comp, layers * g.w, g.h);
6642
6839
 
6643
- *z = layers;
6840
+ *z = layers;
6644
6841
  return out;
6645
6842
  } else {
6646
- return stbi__errpuc("not GIF", "Image was not as a gif type.");
6843
+ return stbi__errpuc("not GIF", "Image was not as a gif type.");
6647
6844
  }
6648
6845
  }
6649
6846
 
@@ -6661,7 +6858,7 @@ static void *stbi__gif_load(stbi__context *s, int *x, int *y, int *comp, int req
6661
6858
  *y = g.h;
6662
6859
 
6663
6860
  // moved conversion to after successful load so that the same
6664
- // can be done for multiple frames.
6861
+ // can be done for multiple frames.
6665
6862
  if (req_comp && req_comp != 4)
6666
6863
  u = stbi__convert_format(u, 4, req_comp, g.w, g.h);
6667
6864
  } else if (g.out) {
@@ -6669,9 +6866,9 @@ static void *stbi__gif_load(stbi__context *s, int *x, int *y, int *comp, int req
6669
6866
  STBI_FREE(g.out);
6670
6867
  }
6671
6868
 
6672
- // free buffers needed for multiple frame loading;
6869
+ // free buffers needed for multiple frame loading;
6673
6870
  STBI_FREE(g.history);
6674
- STBI_FREE(g.background);
6871
+ STBI_FREE(g.background);
6675
6872
 
6676
6873
  return u;
6677
6874
  }
@@ -6796,6 +6993,9 @@ static float *stbi__hdr_load(stbi__context *s, int *x, int *y, int *comp, int re
6796
6993
  token += 3;
6797
6994
  width = (int) strtol(token, NULL, 10);
6798
6995
 
6996
+ if (height > STBI_MAX_DIMENSIONS) return stbi__errpf("too large","Very large image (corrupt?)");
6997
+ if (width > STBI_MAX_DIMENSIONS) return stbi__errpf("too large","Very large image (corrupt?)");
6998
+
6799
6999
  *x = width;
6800
7000
  *y = height;
6801
7001
 
@@ -7110,6 +7310,9 @@ static void *stbi__pnm_load(stbi__context *s, int *x, int *y, int *comp, int req
7110
7310
  if (!stbi__pnm_info(s, (int *)&s->img_x, (int *)&s->img_y, (int *)&s->img_n))
7111
7311
  return 0;
7112
7312
 
7313
+ if (s->img_y > STBI_MAX_DIMENSIONS) return stbi__errpuc("too large","Very large image (corrupt?)");
7314
+ if (s->img_x > STBI_MAX_DIMENSIONS) return stbi__errpuc("too large","Very large image (corrupt?)");
7315
+
7113
7316
  *x = s->img_x;
7114
7317
  *y = s->img_y;
7115
7318
  if (comp) *comp = s->img_n;
@@ -7334,7 +7537,7 @@ STBIDEF int stbi_is_16_bit_from_callbacks(stbi_io_callbacks const *c, void *user
7334
7537
 
7335
7538
  /*
7336
7539
  revision history:
7337
- 2.20 (2019-02-07) support utf8 filenames in Windows; fix warnings and platform ifdefs
7540
+ 2.20 (2019-02-07) support utf8 filenames in Windows; fix warnings and platform ifdefs
7338
7541
  2.19 (2018-02-11) fix warning
7339
7542
  2.18 (2018-01-30) fix warnings
7340
7543
  2.17 (2018-01-29) change sbti__shiftsigned to avoid clang -O2 bug