You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
36 lines
1.1 KiB
36 lines
1.1 KiB
diff --git a/pngrtran.c b/pngrtran.c
|
|
index 7f0ff92..b57ce81 100644
|
|
--- a/pngrtran.c
|
|
+++ b/pngrtran.c
|
|
@@ -1216,6 +1216,9 @@ png_read_transform_info(png_structp png_ptr, png_infop info_ptr)
|
|
info_ptr->color_type = PNG_COLOR_TYPE_RGB;
|
|
info_ptr->bit_depth = 8;
|
|
info_ptr->num_trans = 0;
|
|
+
|
|
+ if (png_ptr->palette == NULL)
|
|
+ png_error (png_ptr, "Palette is NULL in indexed image");
|
|
}
|
|
else
|
|
{
|
|
diff --git a/pngset.c b/pngset.c
|
|
index 72d89fc..b1ce91d 100644
|
|
--- a/pngset.c
|
|
+++ b/pngset.c
|
|
@@ -461,6 +461,16 @@ png_set_PLTE(png_structp png_ptr, png_infop info_ptr,
|
|
return;
|
|
}
|
|
}
|
|
+ if ((num_palette > 0 && palette == NULL) ||
|
|
+ (num_palette == 0
|
|
+ # ifdef PNG_MNG_FEATURES_SUPPORTED
|
|
+ && (png_ptr->mng_features_permitted & PNG_FLAG_MNG_EMPTY_PLTE) == 0
|
|
+ # endif
|
|
+ ))
|
|
+ {
|
|
+ png_error(png_ptr, "Invalid palette");
|
|
+ return;
|
|
+ }
|
|
|
|
/* It may not actually be necessary to set png_ptr->palette here;
|
|
* we do it for backward compatibility with the way the png_handle_tRNS
|