Fixes: the png_handle_cHRM crash bug in bundled libpng 1.5.4
authoraavit <qt-info@nokia.com>
Wed, 19 Oct 2011 12:02:24 +0000 (14:02 +0200)
committeraavit <qt-info@nokia.com>
Wed, 19 Oct 2011 13:11:44 +0000 (15:11 +0200)
commite5098123c12880d922923d1117f7b82995c6b5a0
treea5bfa68fcf41808cf00a68205a6602e12ca97507
parente9712d60c6e40c2b81b10611a3573c4638121a85
Fixes: the png_handle_cHRM crash bug in bundled libpng 1.5.4

The PNG Development Group explains that libpng 1.5.4 (only) introduced
a divide-by-zero bug in png_handle_cHRM(), which could lead to crashes
(denial of service) for certain malformed PNGs.
Ref. http://www.libpng.org/pub/png/libpng.html

This commit contains the patch recommended by the PNG Development
Group, ref. http://www.kb.cert.org/vuls/id/477046

Task-number: QTBUG-22168

(cherry picked from commit 55c2ea18c522bd8700f43884124e02b460cdb5e2)
src/3rdparty/libpng/pngrutil.c