Menu
▾
▴
[png-mng-implement] Avoid serializing PLTE chunks larger than allowed by bit_depth
|
From: Cosmin T. <ct...@gm...> - 2015-10-29 02:45:52
|
Hi, The PNG spec mentions in Section 11.2.3 (PLTE): "The number of palette entries shall not exceed the range that can be represented in the image bit depth (for example, 2^4 = 16 for a bit depth of 4)." However, libpng has always allowed reading and writing invalid images of this type. I noticed it after analyzing a bug report filed against OptiPNG on Debian. See the test case "crash.png" at https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=787647 I can, of course, patch OptiPNG to disallow it, independently of libpng. However, libpng should take care of it also. The libpng patch is available in my fork at BitBucket: https://bitbucket.org/ctruta/libpng-cos/commits/4998f0af89091f758456805563d6cf96ea661b35 Sincerely, Cosmin |