summaryrefslogtreecommitdiffstats
path: root/src/3rdparty/libpng/README.trolltech
blob: d443f80e31e281699484c5437f6fa9ac0699c395 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
This is libPNG 1.2.5, patched by Trolltech to fix a serious security vulnerability (CERT VU#388984)

The patch is as follows:

--- //depot/qt/3/src/3rdparty/libpng/pngrutil.c#4       Thu Aug  5 15:37:03 CEST 2004
+++ /home/dev/qt/3/src/3rdparty/libpng/pngrutil.c  Thu Aug  5 15:37:03 CEST 2004
@@ -1241,7 +1241,7 @@
          /* Should be an error, but we can cope with it */
          png_warning(png_ptr, "Missing PLTE before tRNS");
       }
-      else if (length > (png_uint_32)png_ptr->num_palette)
+      if (length > (png_uint_32)png_ptr->num_palette)
       {
          png_warning(png_ptr, "Incorrect tRNS chunk length");
          png_crc_finish(png_ptr, length);