Regression test for off-by-one palette check error

[jbowler]

This adds a file to regression-test the previously introduced off-by-one error in the check on read for a colormapped PNG with an out-of-range index (equal or greater than the length of the PLTE).

Previous tests covered all cases except the 8-bit palette case; the "small" test file contains the "bad" entry at index 254, not 255 so it passes even if the final byte is not checked. The new file has the erroneous entry in the last byte.

[jbowler]

I can't easily push this to pnggroup/libpng using github because github will only allow me to make pull requests to, I believe, forks or ancestors of glennrp/libpng. There are a lot of places I could push this but pnggroup is not one of them!

Off topic but I suspect this will be a big problem; forks will have to delete their github repro and create a new one forked from pnggroup unless there is some way of changing the base of a github repro (there is no base for a git clone itself of course.)

[jbowler]

And, indeed, glennrp and pnggroup seem to be currently out of sync, so even when I went through the process of creating a new fork in my github for "pnggroup" ("libpng" was already taken of course) I seemed to be pushing a set of LONGSON patches too... Not sure how that happens and it won't be a problem if glennrp becomes inactive but it looks like a major piece of PR to make the change.

[ctruta]

This one was 100% my bad. I have a script that, whenever I update HEAD on any of the following repos, then I update all HEADs an all the other repos.

$ git remote -v
ctruta  https://ctruta@github.com/ctruta/libpng.git (fetch)
ctruta  https://ctruta@github.com/ctruta/libpng.git (push)
glennrp https://ctruta@github.com/glennrp/libpng.git (fetch)
glennrp https://ctruta@github.com/glennrp/libpng.git (push)
pnggroup    https://ctruta@github.com/pnggroup/libpng.git (fetch)
pnggroup    https://ctruta@github.com/pnggroup/libpng.git (push)
sf  https://cosmin@git.code.sf.net/p/libpng/code (fetch)
sf  https://cosmin@git.code.sf.net/p/libpng/code (push)
simplesystems   ctruta@src.simplesystems.org:/git/libpng.git (fetch)
simplesystems   ctruta@src.simplesystems.org:/git/libpng.git (push)

In here, the ctruta repo is for my own account, where I run the Travis CI and AppVeyor CI verifications, and (sometimes) I store my own experimental junk. glennrp and pnggroup, we know. sf, the same, but at SourceForge. And, finally, simplesystems is our own, i.e. owned by our own @bobfriesenhahn, and it is sometimes behind, but never at release time, or so I claim.

And, indeed, glennrp and pnggroup seem to be currently out of sync

Which happened because I just forgot to run that script, after integrating these last few Loongson commits.

[ctruta]

I can't easily push this to pnggroup/libpng using github because github will only allow me to make pull requests to, I believe, forks or ancestors of glennrp/libpng. There are a lot of places I could push this but pnggroup is not one of them!

Regardless where the commits are being applied to, all of the above-mentioned repos must be updated in lockstep -- in spite of what just happened this time around.

Off topic but I suspect this will be a big problem; forks will have to delete their github repro and create a new one forked from pnggroup unless there is some way of changing the base of a github repro (there is no base for a git clone itself of course.)

They can do it at their own pace. I'm not deleting this repo; if anything, if @github will be able to assist (I have an open ticket BTW) then this repo will be migrated to pnggroup/libpng, followed by a redirection. And if not, then I will still update this repo, but only at release time, so the real users (those who only care for our stable releases) will still have those ones, up-to-date.

[jbowler]

Ok. Once I have synced I'll delete jbowler/libpng and rename jbowler/pnggroup as jbowler/libpng.

Git, despite my many, many criticisms can happily merge with any number of different repos: it was designed as a hierarchy so it doesn't work well as a DAG (unlike monotone, which, yes, had challenges, but did in fact work that way).

It will be done.

[jbowler]

It took me about a minute, somewhat accelerated because I deleted my own github repo and renamed 'pnggroup' to 'libpng', then I just had to edit my .git/config file to replace glennrp by pnggroup (I don't find GIT amenable to any approach other than hand editing the config file.)

The "Issues" need to be redirected to "pnggroup"; I moved my pull requests by resubmitting them but there again they had not originated on github so I have my local copies/clones.

It might be advisable to broadcast this on png-mng-implement and the W3C working group. I assume you will simply close outstanding Issues and Pull Requests on glennrp.

Simplessystems, i.e. @bobfriesenhahn, seems to have been partially down recently; the IP addresses have not changed since I last logged in (perhaps years ago) yet I could get a response from FTP/SFTP (ftp.simplesystems.org); I wanted to check the old WD drafts after Chris's message on the WG (I have a mirror, but from years ago.)

[bobfriesenhahn]

I was away on a trip (to our other residence) for three weeks and on the second day the Internet link to my network stopped working properly. Based on a notice my wife saw on a AT&T bill recently, I assumed the worst in that I assumed it was the sudden end of my network.

There was is nothing one can do when one is 1000 miles from the equipment.

I have just barely started steps to move everything to a cloud server, but that would take months (at least).

Regardless, the actual machines and files are fine. I power-cycled the modem and then all was fine. Actually, my 1500lb rolling gate opener also had a problem, so I assume there was a lightning strike nearby.

The SimpleSystems Git is surely the least significant libpng server.

Bob

⁣Sent from BlueMail ​

On Jan 17, 2024, 7:24 PM, at 7:24 PM, John Bowler @.***> wrote:

It took me about a minute, somewhat accelerated because I deleted my own github repo and renamed 'pnggroup' to 'libpng', then I just had to edit my .git/config file to replace glennrp by pnggroup (I don't find GIT amenable to any approach other than hand editing the config file.)

The "Issues" need to be redirected to "pnggroup"; I moved my pull requests by resubmitting them but there again they had not originated on github so I have my local copies/clones.

It might be advisable to broadcast this on png-mng-implement and the W3C working group. I assume you will simply close outstanding Issues and Pull Requests on glennrp.

Simplessystems, i.e. @bobfriesenhahn, seems to have been partially down recently; the IP addresses have not changed since I last logged in (perhaps years ago) yet I could get a response from FTP/SFTP (ftp.simplesystems.org); I wanted to check the old WD drafts after Chris's message on the WG (I have a mirror, but from years ago.)

-- Reply to this email directly or view it on GitHub: https://github.com/glennrp/libpng/pull/525#issuecomment-1897604882 You are receiving this because you were mentioned.

Message ID: @.***>

[ctruta]

SimpleSystems is important to me in the sense that it's the only Solaris machine that I have access to, for regression testing. Besides that, it serves as a canonical source of truth, for anyone who doesn't care to check our published secure checksums for the verification of data integrity.

For reasons as good as laziness, my push-everything-everywhere scripts only talk to SimpleSystems when I'm on Linux. I did not try hard enough to debug, or to otherwise convince the ssh program to connect from my Mac OS or from my Windows OS. This is why the tip-of-tree on SimpleSystems is sometimes left behind, and this is also why I haven't even noticed that those machines were down over the past few days.

@bobfriesenhahn I hope you had a good trip 😃