Go to most recent revision | Details | Last modification | View Log | RSS feed
| Rev | Author | Line No. | Line |
|---|---|---|---|
| 6733 | IgorA | 1 | |
| 2 | |||
| 3 | |||
| 4 | ; Copyright (c) 1998-2002,2004,2006-2014,2016 Glenn Randers-Pehrson |
||
| 5 | ; (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) |
||
| 6 | ; (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) |
||
| 7 | |||
| 8 | |||
| 9 | ; For conditions of distribution and use, see the disclaimer |
||
| 10 | ; and license in png.inc |
||
| 11 | |||
| 12 | |||
| 13 | ; need special memory handling are expected to supply replacement |
||
| 14 | ; functions for png_malloc() and png_free(), and to use |
||
| 15 | ; png_create_read_struct_2() and png_create_write_struct_2() to |
||
| 16 | ; identify the replacement functions. |
||
| 17 | |||
| 18 | |||
| 19 | ;void (png_structrp png_ptr) |
||
| 20 | align 4 |
||
| 21 | proc png_destroy_png_struct uses eax ecx edi esi, png_ptr:dword |
||
| 22 | locals |
||
| 23 | dummy_struct png_struct |
||
| 24 | endl |
||
| 25 | mov edi,[png_ptr] |
||
| 26 | cmp edi,0 |
||
| 27 | je @f ;if (..!=0) |
||
| 28 | ; png_free might call png_error and may certainly call |
||
| 29 | ; png_get_mem_ptr, so fake a temporary png_struct to support this. |
||
| 30 | |||
| 31 | |||
| 32 | mov esi,edi |
||
| 33 | mov edi,ebp |
||
| 34 | sub edi,ecx |
||
| 35 | rep movsb ;dummy_struct = *png_ptr |
||
| 36 | mov edi,[png_ptr] |
||
| 37 | xor eax,eax |
||
| 38 | mov ecx,sizeof.png_struct |
||
| 39 | rep stosb ;memset(png_ptr, 0, (sizeof *png_ptr)) |
||
| 40 | mov esi,ebp |
||
| 41 | sub esi,sizeof.png_struct |
||
| 42 | stdcall png_free, esi, [png_ptr] |
||
| 43 | |||
| 44 | |||
| 45 | ; We may have a jmp_buf left to deallocate. |
||
| 46 | stdcall png_free_jmpbuf, esi |
||
| 47 | end if |
||
| 48 | @@: |
||
| 49 | ret |
||
| 50 | endp |
||
| 51 | |||
| 52 | |||
| 53 | ; 64K. However, zlib may allocate more than 64K if you don't tell |
||
| 54 | ; it not to. See zconf.h and png.h for more information. zlib does |
||
| 55 | ; need to allocate exactly 64K, so whatever you call here must |
||
| 56 | ; have the ability to do that. |
||
| 57 | |||
| 58 | |||
| 59 | align 4 |
||
| 60 | proc png_calloc uses ebx ecx edi, png_ptr:dword, size:dword |
||
| 61 | stdcall png_malloc, [png_ptr], [size] |
||
| 62 | |||
| 63 | |||
| 64 | je @f ;if (..!=0) |
||
| 65 | mov ebx,eax |
||
| 66 | mov edi,eax |
||
| 67 | mov ecx,[size] |
||
| 68 | xor eax,eax |
||
| 69 | rep stosb ;memset(ret, 0, size) |
||
| 70 | mov eax,ebx |
||
| 71 | @@: |
||
| 72 | ret |
||
| 73 | endp |
||
| 74 | |||
| 75 | |||
| 76 | ; allocating memory, taking into account limits and PNG_USER_MEM_SUPPORTED. |
||
| 77 | ; Checking and error handling must happen outside this routine; it returns NULL |
||
| 78 | ; if the allocation cannot be done (for any reason.) |
||
| 79 | |||
| 80 | |||
| 81 | align 4 |
||
| 82 | proc png_malloc_base uses ebx ecx, png_ptr:dword, size:dword |
||
| 83 | ; Moved to png_malloc_base from png_malloc_default in 1.6.0; the DOS |
||
| 84 | ; allocators have also been removed in 1.6.0, so any 16-bit system now has |
||
| 85 | ; to implement a user memory handler. This checks to be sure it isn't |
||
| 86 | ; called with big numbers. |
||
| 87 | |||
| 88 | |||
| 89 | ; can be false when integer overflow happens. |
||
| 90 | |||
| 91 | |||
| 92 | jle .end0 |
||
| 93 | cmp dword[size],PNG_SIZE_MAX |
||
| 94 | jg .end0 ; if (..>.. && ..<=..) |
||
| 95 | if PNG_MAX_MALLOC_64K eq 1 |
||
| 96 | cmp dword[size],65536 |
||
| 97 | jg .end0 |
||
| 98 | end if |
||
| 99 | if PNG_USER_MEM_SUPPORTED eq 1 |
||
| 100 | mov ebx,[png_ptr] |
||
| 101 | cmp ebx,0 |
||
| 102 | je @f |
||
| 103 | cmp dword[ebx+png_struct.malloc_fn],0 |
||
| 104 | je @f ;if (..!=0 && ..!=0) |
||
| 105 | stdcall [ebx+png_struct.malloc_fn], ebx, [size] |
||
| 106 | jmp .end_f |
||
| 107 | @@: ;else |
||
| 108 | end if |
||
| 109 | ;stdcall [mem.alloc], [size] |
||
| 110 | mcall SF_SYS_MISC, SSF_MEM_ALLOC, [size] |
||
| 111 | jmp .end_f ;checked for truncation above |
||
| 112 | .end0: ;else |
||
| 113 | xor eax,eax |
||
| 114 | .end_f: |
||
| 115 | ret |
||
| 116 | endp |
||
| 117 | |||
| 118 | |||
| 119 | ; that arises because of the checks in png_realloc_array that are repeated in |
||
| 120 | ; png_malloc_array. |
||
| 121 | |||
| 122 | |||
| 123 | align 4 |
||
| 124 | proc png_malloc_array_checked, png_ptr:dword, nelements:dword, element_size:dword |
||
| 125 | ; png_alloc_size_t req = nelements; /* known to be > 0 */ |
||
| 126 | |||
| 127 | |||
| 128 | ; return png_malloc_base(png_ptr, req * element_size); |
||
| 129 | |||
| 130 | |||
| 131 | xor eax,eax |
||
| 132 | .end_f: |
||
| 133 | ret |
||
| 134 | endp |
||
| 135 | |||
| 136 | |||
| 137 | align 4 |
||
| 138 | proc png_malloc_array, png_ptr:dword, nelements:dword, element_size:dword |
||
| 139 | ; if (nelements <= 0 || element_size == 0) |
||
| 140 | ; png_error(png_ptr, "internal error: array alloc"); |
||
| 141 | |||
| 142 | |||
| 143 | ret |
||
| 144 | endp |
||
| 145 | |||
| 146 | |||
| 147 | ; int old_elements, int add_elements, size_t element_size) |
||
| 148 | align 4 |
||
| 149 | proc png_realloc_array, png_ptr:dword, old_array:dword, old_elements:dword, add_elements:dword, element_size:dword |
||
| 150 | ; These are internal errors: |
||
| 151 | ; if (add_elements <= 0 || element_size == 0 || old_elements < 0 || |
||
| 152 | ; (old_array == NULL && old_elements > 0)) |
||
| 153 | ; png_error(png_ptr, "internal error: array realloc"); |
||
| 154 | |||
| 155 | |||
| 156 | ; check.) |
||
| 157 | |||
| 158 | |||
| 159 | ; { |
||
| 160 | ; voidp new_array = png_malloc_array_checked(png_ptr, |
||
| 161 | ; old_elements+add_elements, element_size); |
||
| 162 | ; |
||
| 163 | ; if (new_array != NULL) |
||
| 164 | ; { |
||
| 165 | ; Because png_malloc_array worked the size calculations below cannot |
||
| 166 | ; overflow. |
||
| 167 | |||
| 168 | |||
| 169 | ; memcpy(new_array, old_array, element_size*(unsigned)old_elements); |
||
| 170 | ; |
||
| 171 | ; memset((char*)new_array + element_size*(unsigned)old_elements, 0, |
||
| 172 | ; element_size*(unsigned)add_elements); |
||
| 173 | ; |
||
| 174 | ; return new_array; |
||
| 175 | ; } |
||
| 176 | ; } |
||
| 177 | |||
| 178 | |||
| 179 | .end_f: |
||
| 180 | ret |
||
| 181 | endp |
||
| 182 | |||
| 183 | |||
| 184 | ; png_malloc always exists, but if PNG_USER_MEM_SUPPORTED is defined a separate |
||
| 185 | ; function png_malloc_default is also provided. |
||
| 186 | |||
| 187 | |||
| 188 | align 4 |
||
| 189 | proc png_malloc uses edi, png_ptr:dword, size:dword |
||
| 190 | xor eax,eax |
||
| 191 | mov edi,[png_ptr] |
||
| 192 | cmp edi,0 |
||
| 193 | je @f ;if (..==0) return 0 |
||
| 194 | |||
| 195 | |||
| 196 | |||
| 197 | |||
| 198 | jne @f ;if (..==0) |
||
| 199 | png_error edi, 'Out of memory' ;'m' means png_malloc |
||
| 200 | @@: |
||
| 201 | ret |
||
| 202 | endp |
||
| 203 | |||
| 204 | |||
| 205 | align 4 |
||
| 206 | proc png_malloc_default uses edi, png_ptr:dword, size:dword |
||
| 207 | xor eax,eax |
||
| 208 | mov edi,[png_ptr] |
||
| 209 | cmp edi,0 |
||
| 210 | je @f ;if (..==0) return 0 |
||
| 211 | |||
| 212 | |||
| 213 | stdcall png_malloc_base, 0, [size] ;0 - use malloc |
||
| 214 | |||
| 215 | |||
| 216 | jne @f ;if (..==0) |
||
| 217 | png_error edi, 'Out of Memory' ;'M' means png_malloc_default |
||
| 218 | @@: |
||
| 219 | ret |
||
| 220 | endp |
||
| 221 | |||
| 222 | |||
| 223 | ; function will issue a png_warning and return NULL instead of issuing a |
||
| 224 | ; png_error, if it fails to allocate the requested memory. |
||
| 225 | |||
| 226 | |||
| 227 | align 4 |
||
| 228 | proc png_malloc_warn uses edi, png_ptr:dword, size:dword |
||
| 229 | mov edi,[png_ptr] |
||
| 230 | cmp edi,0 |
||
| 231 | je .end0 ;if (..!=0) |
||
| 232 | stdcall png_malloc_base, edi, [size] |
||
| 233 | cmp eax,0 |
||
| 234 | jne .end_f ;if (..!=0) return ret |
||
| 235 | |||
| 236 | |||
| 237 | .end0: |
||
| 238 | xor eax,eax |
||
| 239 | .end_f: |
||
| 240 | ret |
||
| 241 | endp |
||
| 242 | |||
| 243 | |||
| 244 | ; without taking any action. |
||
| 245 | |||
| 246 | |||
| 247 | align 4 |
||
| 248 | proc png_free uses eax ebx ecx, png_ptr:dword, p2ptr:dword |
||
| 249 | mov ebx,[png_ptr] |
||
| 250 | cmp ebx,0 |
||
| 251 | je .end_f |
||
| 252 | mov ecx,[p2ptr] |
||
| 253 | cmp ecx,0 |
||
| 254 | je .end_f ;if (..==0 || ..==0) return |
||
| 255 | |||
| 256 | |||
| 257 | cmp dword[ebx+png_struct.free_fn],0 |
||
| 258 | je @f ;if (..!=0) |
||
| 259 | stdcall dword[ebx+png_struct.free_fn], ebx, [p2ptr] |
||
| 260 | jmp .end_f |
||
| 261 | @@: ;else |
||
| 262 | end if |
||
| 263 | mcall SF_SYS_MISC, SSF_MEM_FREE, [p2ptr] |
||
| 264 | .end_f: |
||
| 265 | ret |
||
| 266 | endp |
||
| 267 | |||
| 268 | |||
| 269 | ; of allocating and freeing memory. |
||
| 270 | |||
| 271 | |||
| 272 | align 4 |
||
| 273 | proc png_set_mem_fn uses eax edi, png_ptr:dword, mem_ptr:dword, malloc_fn:dword, free_fn:dword |
||
| 274 | mov edi,[png_ptr] |
||
| 275 | cmp edi,0 |
||
| 276 | je @f ;if (..!=0) |
||
| 277 | mov eax,[mem_ptr] |
||
| 278 | mov [edi+png_struct.mem_ptr],eax |
||
| 279 | mov eax,[malloc_fn] |
||
| 280 | mov [edi+png_struct.malloc_fn],eax |
||
| 281 | mov eax,[free_fn] |
||
| 282 | mov [edi+png_struct.free_fn],eax |
||
| 283 | @@: |
||
| 284 | ret |
||
| 285 | endp |
||
| 286 | |||
| 287 | |||
| 288 | ; functions. The application should free any memory associated with this |
||
| 289 | ; pointer before png_write_destroy and png_read_destroy are called. |
||
| 290 | |||
| 291 | |||
| 292 | align 4 |
||
| 293 | proc png_get_mem_ptr uses edi, png_ptr:dword |
||
| 294 | xor eax,eax |
||
| 295 | mov edi,[png_ptr] |
||
| 296 | cmp edi,0 |
||
| 297 | je @f ;if (..==0) return 0 |
||
| 298 | mov eax,[edi+png_struct.mem_ptr] |
||
| 299 | @@: |
||
| 300 | ret |
||
| 301 | endp |
||
| 302 | if> |
||
| 303 |