Home | History | Annotate | Download | only in libpng16 
      1 
      2 /* pngmem.c - stub functions for memory allocation
      3  *
      4  * Last changed in libpng 1.6.15 [November 20, 2014]
      5  * Copyright (c) 1998-2002,2004,2006-2014 Glenn Randers-Pehrson
      6  * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger)
      7  * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.)
      8  *
      9  * This code is released under the libpng license.
     10  * For conditions of distribution and use, see the disclaimer
     11  * and license in png.h
     12  *
     13  * This file provides a location for all memory allocation.  Users who
     14  * need special memory handling are expected to supply replacement
     15  * functions for png_malloc() and png_free(), and to use
     16  * png_create_read_struct_2() and png_create_write_struct_2() to
     17  * identify the replacement functions.
     18  */
     19 
     20 #include "pngpriv.h"
     21 
     22 void*	FXMEM_DefaultAlloc(size_t byte_size);
     23 void	FXMEM_DefaultFree(void* pointer);
     24 
     25 #if defined(PNG_READ_SUPPORTED) || defined(PNG_WRITE_SUPPORTED)
     26 /* Free a png_struct */
     27 void /* PRIVATE */
     28 png_destroy_png_struct(png_structrp png_ptr)
     29 {
     30    if (png_ptr != NULL)
     31    {
     32       /* png_free might call png_error and may certainly call
     33        * png_get_mem_ptr, so fake a temporary png_struct to support this.
     34        */
     35       png_struct dummy_struct = *png_ptr;
     36       memset(png_ptr, 0, (sizeof *png_ptr));
     37       png_free(&dummy_struct, png_ptr);
     38 
     39 #     ifdef PNG_SETJMP_SUPPORTED
     40          /* We may have a jmp_buf left to deallocate. */
     41          png_free_jmpbuf(&dummy_struct);
     42 #     endif
     43    }
     44 }
     45 
     46 /* Allocate memory.  For reasonable files, size should never exceed
     47  * 64K.  However, zlib may allocate more than 64K if you don't tell
     48  * it not to.  See zconf.h and png.h for more information.  zlib does
     49  * need to allocate exactly 64K, so whatever you call here must
     50  * have the ability to do that.
     51  */
     52 PNG_FUNCTION(png_voidp,PNGAPI
     53 png_calloc,(png_const_structrp png_ptr, png_alloc_size_t size),PNG_ALLOCATED)
     54 {
     55    png_voidp ret;
     56 
     57    ret = png_malloc(png_ptr, size);
     58 
     59    if (ret != NULL)
     60       memset(ret, 0, size);
     61 
     62    return ret;
     63 }
     64 
     65 /* png_malloc_base, an internal function added at libpng 1.6.0, does the work of
     66  * allocating memory, taking into account limits and PNG_USER_MEM_SUPPORTED.
     67  * Checking and error handling must happen outside this routine; it returns NULL
     68  * if the allocation cannot be done (for any reason.)
     69  */
     70 PNG_FUNCTION(png_voidp /* PRIVATE */,
     71 png_malloc_base,(png_const_structrp png_ptr, png_alloc_size_t size),
     72    PNG_ALLOCATED)
     73 {
     74    /* Moved to png_malloc_base from png_malloc_default in 1.6.0; the DOS
     75     * allocators have also been removed in 1.6.0, so any 16-bit system now has
     76     * to implement a user memory handler.  This checks to be sure it isn't
     77     * called with big numbers.
     78     */
     79 #ifndef PNG_USER_MEM_SUPPORTED
     80    PNG_UNUSED(png_ptr)
     81 #endif
     82 
     83    /* Some compilers complain that this is always true.  However, it
     84     * can be false when integer overflow happens.
     85     */
     86    if (size > 0 && size <= PNG_SIZE_MAX
     87 #     ifdef PNG_MAX_MALLOC_64K
     88          && size <= 65536U
     89 #     endif
     90       )
     91    {
     92 #ifdef PNG_USER_MEM_SUPPORTED
     93       if (png_ptr != NULL && png_ptr->malloc_fn != NULL)
     94          return png_ptr->malloc_fn(png_constcast(png_structrp,png_ptr), size);
     95 
     96       else
     97 #endif
     98          return FXMEM_DefaultAlloc(size);
     99    }
    100 
    101    else
    102       return NULL;
    103 }
    104 
    105 #if defined(PNG_TEXT_SUPPORTED) || defined(PNG_sPLT_SUPPORTED) ||\
    106    defined(PNG_STORE_UNKNOWN_CHUNKS_SUPPORTED)
    107 /* This is really here only to work round a spurious warning in GCC 4.6 and 4.7
    108  * that arises because of the checks in png_realloc_array that are repeated in
    109  * png_malloc_array.
    110  */
    111 static png_voidp
    112 png_malloc_array_checked(png_const_structrp png_ptr, int nelements,
    113    size_t element_size)
    114 {
    115    png_alloc_size_t req = nelements; /* known to be > 0 */
    116 
    117    if (req <= PNG_SIZE_MAX/element_size)
    118       return png_malloc_base(png_ptr, req * element_size);
    119 
    120    /* The failure case when the request is too large */
    121    return NULL;
    122 }
    123 
    124 PNG_FUNCTION(png_voidp /* PRIVATE */,
    125 png_malloc_array,(png_const_structrp png_ptr, int nelements,
    126    size_t element_size),PNG_ALLOCATED)
    127 {
    128    if (nelements <= 0 || element_size == 0)
    129       png_error(png_ptr, "internal error: array alloc");
    130 
    131    return png_malloc_array_checked(png_ptr, nelements, element_size);
    132 }
    133 
    134 PNG_FUNCTION(png_voidp /* PRIVATE */,
    135 png_realloc_array,(png_const_structrp png_ptr, png_const_voidp old_array,
    136    int old_elements, int add_elements, size_t element_size),PNG_ALLOCATED)
    137 {
    138    /* These are internal errors: */
    139    if (add_elements <= 0 || element_size == 0 || old_elements < 0 ||
    140       (old_array == NULL && old_elements > 0))
    141       png_error(png_ptr, "internal error: array realloc");
    142 
    143    /* Check for overflow on the elements count (so the caller does not have to
    144     * check.)
    145     */
    146    if (add_elements <= INT_MAX - old_elements)
    147    {
    148       png_voidp new_array = png_malloc_array_checked(png_ptr,
    149          old_elements+add_elements, element_size);
    150 
    151       if (new_array != NULL)
    152       {
    153          /* Because png_malloc_array worked the size calculations below cannot
    154           * overflow.
    155           */
    156          if (old_elements > 0)
    157             memcpy(new_array, old_array, element_size*(unsigned)old_elements);
    158 
    159          memset((char*)new_array + element_size*(unsigned)old_elements, 0,
    160             element_size*(unsigned)add_elements);
    161 
    162          return new_array;
    163       }
    164    }
    165 
    166    return NULL; /* error */
    167 }
    168 #endif /* TEXT || sPLT || STORE_UNKNOWN_CHUNKS */
    169 
    170 /* Various functions that have different error handling are derived from this.
    171  * png_malloc always exists, but if PNG_USER_MEM_SUPPORTED is defined a separate
    172  * function png_malloc_default is also provided.
    173  */
    174 PNG_FUNCTION(png_voidp,PNGAPI
    175 png_malloc,(png_const_structrp png_ptr, png_alloc_size_t size),PNG_ALLOCATED)
    176 {
    177    png_voidp ret;
    178 
    179    if (png_ptr == NULL)
    180       return NULL;
    181 
    182    ret = png_malloc_base(png_ptr, size);
    183 
    184    if (ret == NULL)
    185        png_error(png_ptr, "Out of memory"); /* 'm' means png_malloc */
    186 
    187    return ret;
    188 }
    189 
    190 #ifdef PNG_USER_MEM_SUPPORTED
    191 PNG_FUNCTION(png_voidp,PNGAPI
    192 png_malloc_default,(png_const_structrp png_ptr, png_alloc_size_t size),
    193    PNG_ALLOCATED PNG_DEPRECATED)
    194 {
    195    png_voidp ret;
    196 
    197    if (png_ptr == NULL)
    198       return NULL;
    199 
    200    /* Passing 'NULL' here bypasses the application provided memory handler. */
    201    ret = png_malloc_base(NULL/*use malloc*/, size);
    202 
    203    if (ret == NULL)
    204       png_error(png_ptr, "Out of Memory"); /* 'M' means png_malloc_default */
    205 
    206    return ret;
    207 }
    208 #endif /* USER_MEM */
    209 
    210 /* This function was added at libpng version 1.2.3.  The png_malloc_warn()
    211  * function will issue a png_warning and return NULL instead of issuing a
    212  * png_error, if it fails to allocate the requested memory.
    213  */
    214 PNG_FUNCTION(png_voidp,PNGAPI
    215 png_malloc_warn,(png_const_structrp png_ptr, png_alloc_size_t size),
    216    PNG_ALLOCATED)
    217 {
    218    if (png_ptr != NULL)
    219    {
    220       png_voidp ret = png_malloc_base(png_ptr, size);
    221 
    222       if (ret != NULL)
    223          return ret;
    224 
    225       png_warning(png_ptr, "Out of memory");
    226    }
    227 
    228    return NULL;
    229 }
    230 
    231 /* Free a pointer allocated by png_malloc().  If ptr is NULL, return
    232  * without taking any action.
    233  */
    234 void PNGAPI
    235 png_free(png_const_structrp png_ptr, png_voidp ptr)
    236 {
    237    if (png_ptr == NULL || ptr == NULL)
    238       return;
    239 
    240 #ifdef PNG_USER_MEM_SUPPORTED
    241    if (png_ptr->free_fn != NULL)
    242       png_ptr->free_fn(png_constcast(png_structrp,png_ptr), ptr);
    243 
    244    else
    245       png_free_default(png_ptr, ptr);
    246 }
    247 
    248 PNG_FUNCTION(void,PNGAPI
    249 png_free_default,(png_const_structrp png_ptr, png_voidp ptr),PNG_DEPRECATED)
    250 {
    251    if (png_ptr == NULL || ptr == NULL)
    252       return;
    253 #endif /* USER_MEM */
    254 
    255    FXMEM_DefaultFree(ptr);
    256 }
    257 
    258 #ifdef PNG_USER_MEM_SUPPORTED
    259 /* This function is called when the application wants to use another method
    260  * of allocating and freeing memory.
    261  */
    262 void PNGAPI
    263 png_set_mem_fn(png_structrp png_ptr, png_voidp mem_ptr, png_malloc_ptr
    264   malloc_fn, png_free_ptr free_fn)
    265 {
    266    if (png_ptr != NULL)
    267    {
    268       png_ptr->mem_ptr = mem_ptr;
    269       png_ptr->malloc_fn = malloc_fn;
    270       png_ptr->free_fn = free_fn;
    271    }
    272 }
    273 
    274 /* This function returns a pointer to the mem_ptr associated with the user
    275  * functions.  The application should free any memory associated with this
    276  * pointer before png_write_destroy and png_read_destroy are called.
    277  */
    278 png_voidp PNGAPI
    279 png_get_mem_ptr(png_const_structrp png_ptr)
    280 {
    281    if (png_ptr == NULL)
    282       return NULL;
    283 
    284    return png_ptr->mem_ptr;
    285 }
    286 #endif /* USER_MEM */
    287 #endif /* READ || WRITE */
    288