Learn how easy it is to sync an existing GitHub or Google Code repo to a SourceForge project! See Demo

Close

#176 png_set_user_limits doesn't override limits

closed-fixed
5
2011-07-10
2011-06-11
Tony Cook
No

The documentation states:

>The PNG specification allows the width and height of an image to be as
>large as 2^31-1 (0x7fffffff), or about 2.147 billion rows and columns.
>Since very few applications really need to process such large images,
>we have imposed an arbitrary 1-million limit on rows and columns.
>Larger images will be rejected immediately with a png_error() call. If
>you wish to override this limit, you can use
>
> png_set_user_limits(png_ptr, width_max, height_max);
>
>to set your own limits, or use width_max = height_max = 0x7fffffffL
>to allow all valid dimensions (libpng may reject some very large images
>anyway because of potential buffer overflow conditions).

>You should put this statement after you create the PNG structure and
>before calling png_read_info(), png_read_png(), or png_process_data().
>If you need to retrieve the limits that are being applied, use

First, this doesn't document that these limits also apply to writing PNG images.

Secondly, this doesn't override the limits, it only allows you to use lower (tighter) limits. From png.c:

#ifdef PNG_SET_USER_LIMITS_SUPPORTED
if (width > png_ptr->user_width_max || width > PNG_USER_WIDTH_MAX)
#else
if (width > PNG_USER_WIDTH_MAX)
#endif
{
png_warning(png_ptr, "Image width exceeds user limit in IHDR");
error = 1;
}

So the hard limit is always applied and cannot be overwritten, despite the documentation.

Depending on the desired behaviour, this could be fixed in the documentation (removing the "override" phrase), or by removing the hard coded comparisons to PNG_USER_WIDTH_MAX and PNG_USER_HEIGHT_MAX.

My use of libpng is as the implementer Imager (http://search.cpan.org/dist/Imager), so I'm typically stuck with libpng as I find it.

Discussion

    • assigned_to: nobody --> glennrp
    • status: open --> open-accepted
     
  • Thanks for the report.

     
  • Please see if libpng-1.5.3beta11 meets your expectations.

    Glenn

     
  • Tony Cook
    Tony Cook
    2011-06-13

    Thank you, that fixed it.

     
    • status: open-accepted --> closed-fixed
     
  • Fixed in libpng-1.5.4.