This change addresses an integer underflow appearing only on systems
using a 32-bit int type. The patch addresses the problem by limiting the
length of unknown chunks to 0x7fffffff. This value appears to already be
checked for when parsing other chunk types, so the bug shouldn't appear
elsewhere in the package. The PNG spec recommends the maximum size for
any chunk to remain under 2^31, so this shouldn't cause errors with
valid images.
Fixes#12687
Change-Id: I17f0e1683515532c661cf2b0b2bc65309d1b7bb7
Reviewed-on: https://go-review.googlesource.com/14766
Reviewed-by: Nigel Tao <nigeltao@golang.org>
http://www.w3.org/TR/PNG/#11IHDR says that "Zero is an invalid value".
This change only affects the decoder. The encoder already checks
non-positive instead of negative.
Fixes#12545.
Change-Id: Iba40e1a2f4e0eec8b2fbcd3bbdae886311434da7
Reviewed-on: https://go-review.googlesource.com/14411
Reviewed-by: Rob Pike <r@golang.org>