Update bundled libpng to version 1.6.34

This fixes an upstream bug in the existing version 1.6.32 which would
cause certain valid png files to be rejected.

The remaining diff to clean 1.6.34 is archived in the qtpatches.diff file.

[ChangeLog][Third-Party Code] libpng was updated to version 1.6.34

Task-number: QTBUG-63950
Change-Id: Ie6f2a09c78a93b6e5623848776b75650bb5bca66
Reviewed-by: André Klitzing <aklitzing@gmail.com>
Reviewed-by: Eskil Abrahamsen Blomfeldt <eskil.abrahamsen-blomfeldt@qt.io>

1 files changed, 11 insertions, 66 deletions

diff --git a/src/3rdparty/libpng/ANNOUNCE b/src/3rdparty/libpng/ANNOUNCE
index 3cbe5a926e..0f66c0d1da 100644
--- a/src/3rdparty/libpng/ANNOUNCE
+++ b/src/3rdparty/libpng/ANNOUNCE
@@ -1,4 +1,4 @@
-Libpng 1.6.32 - August 24, 2017
+Libpng 1.6.34 - September 29, 2017
 
 This is a public release of libpng, intended for use in production codes.
 
@@ -7,79 +7,24 @@ Files available for download:
 Source files with LF line endings (for Unix/Linux) and with a
 "configure" script
 
-   libpng-1.6.32.tar.xz (LZMA-compressed, recommended)
-   libpng-1.6.32.tar.gz
+   libpng-1.6.34.tar.xz (LZMA-compressed, recommended)
+   libpng-1.6.34.tar.gz
 
 Source files with CRLF line endings (for Windows), without the
 "configure" script
 
-   lpng1632.7z  (LZMA-compressed, recommended)
-   lpng1632.zip
+   lpng1634.7z  (LZMA-compressed, recommended)
+   lpng1634.zip
 
 Other information:
 
-   libpng-1.6.32-README.txt
-   libpng-1.6.32-LICENSE.txt
-   libpng-1.6.32-*.asc (armored detached GPG signatures)
+   libpng-1.6.34-README.txt
+   libpng-1.6.34-LICENSE.txt
+   libpng-1.6.34-*.asc (armored detached GPG signatures)
 
-Changes since the last public release (1.6.31):
-  Avoid possible NULL dereference in png_handle_eXIf when benign_errors
-    are allowed. Avoid leaking the input buffer "eXIf_buf".
-  Eliminated png_ptr->num_exif member from pngstruct.h and added num_exif
-    to arguments for png_get_eXIf() and png_set_eXIf().
-  Added calls to png_handle_eXIf(() in pngread.c and png_write_eXIf() in
-    pngwrite.c, and made various other fixes to png_write_eXIf().
-  Changed name of png_get_eXIF and png_set_eXIf() to png_get_eXIf_1() and
-    png_set_eXIf_1(), respectively, to avoid breaking API compatibility
-    with libpng-1.6.31.
-  Updated contrib/libtests/pngunknown.c with eXIf chunk.
-  Initialized btoa[] in pngstest.c
-  Stop memory leak when returning from png_handle_eXIf() with an error
-    (Bug report from the OSS-fuzz project).
-  Replaced local eXIf_buf with info_ptr-eXIf_buf in png_handle_eXIf().
-  Update libpng.3 and libpng-manual.txt about eXIf functions.
-  Restored png_get_eXIf() and png_set_eXIf() to maintain API compatability.
-  Removed png_get_eXIf_1() and png_set_eXIf_1().
-  Check length of all chunks except IDAT against user limit to fix an
-    OSS-fuzz issue.
-  Check length of IDAT against maximum possible IDAT size, accounting
-    for height, rowbytes, interlacing and zlib/deflate overhead.
-  Restored png_get_eXIf_1() and png_set_eXIf_1(), because strlen(eXIf_buf)
-    does not work (the eXIf chunk data can contain zeroes).
-  Require cmake-2.8.8 in CMakeLists.txt. Revised symlink creation,
-    no longer using deprecated cmake LOCATION feature (Clifford Yapp).
-  Fixed five-byte error in the calculation of IDAT maximum possible size.
-  Moved chunk-length check into a png_check_chunk_length() private
-    function (Suggested by Max Stepin).
-  Moved bad pngs from tests to contrib/libtests/crashers
-  Moved testing of bad pngs into a separate tests/pngtest-badpngs script
-  Added the --xfail (expected FAIL) option to pngtest.c. It writes XFAIL
-    in the output but PASS for the libpng test.
-  Require cmake-3.0.2 in CMakeLists.txt (Clifford Yapp).
-  Fix "const" declaration info_ptr argument to png_get_eXIf_1() and the
-    num_exif argument to png_get_eXIf_1() (Github Issue 171).
-  Added "eXIf" to "chunks_to_ignore[]" in png_set_keep_unknown_chunks().
-  Added huge_IDAT.png and empty_ancillary_chunks.png to testpngs/crashers.
-  Make pngtest --strict, --relax, --xfail options imply -m (multiple).
-  Removed unused chunk_name parameter from png_check_chunk_length().
-  Relocated setting free_me for eXIf data, to stop an OSS-fuzz leak.
-  Initialize profile_header[] in png_handle_iCCP() to fix OSS-fuzz issue.
-  Initialize png_ptr->row_buf[0] to 255 in png_read_row() to fix OSS-fuzz UMR.
-  Attempt to fix a UMR in png_set_text_2() to fix OSS-fuzz issue.
-  Increase minimum zlib stream from 9 to 14 in png_handle_iCCP(), to account
-    for the minimum 'deflate' stream, and relocate the test to a point
-    after the keyword has been read.
-  Check that the eXIf chunk has at least 2 bytes and begins with "II" or "MM".
-  Added a set of "huge_xxxx_chunk.png" files to contrib/testpngs/crashers,
-    one for each known chunk type, with length = 2GB-1.
-  Check for 0 return from png_get_rowbytes() and added some (size_t) typecasts
-    in contrib/pngminus/*.c to stop some Coverity issues (162705, 162706,
-    and 162707).
-  Renamed chunks in contrib/testpngs/crashers to avoid having files whose
-    names differ only in case; this causes problems with some platforms
-    (github issue #172).
-  Added contrib/oss-fuzz directory which contains files used by the oss-fuzz
-    project (https://github.com/google/oss-fuzz/tree/master/projects/libpng).
+Changes since the last public release (1.6.33):
+  Removed contrib/pngsuite/i*.png; some of these were incorrect and caused
+    test failures.
 
 Send comments/corrections/commendations to png-mng-implement at lists.sf.net
 (subscription required; visit