mirror of
https://github.com/superseriousbusiness/gotosocial
synced 2024-11-10 06:54:16 +00:00
[chore]: Bump golang.org/x/image from 0.4.0 to 0.5.0 (#1516)
Bumps [golang.org/x/image](https://github.com/golang/image) from 0.4.0 to 0.5.0. - [Release notes](https://github.com/golang/image/releases) - [Commits](https://github.com/golang/image/compare/v0.4.0...v0.5.0) --- updated-dependencies: - dependency-name: golang.org/x/image dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
This commit is contained in:
parent
b4d18887d3
commit
a822198ebf
4 changed files with 55 additions and 10 deletions
2
go.mod
2
go.mod
|
@ -54,7 +54,7 @@ require (
|
|||
go.uber.org/automaxprocs v1.5.1
|
||||
golang.org/x/crypto v0.5.0
|
||||
golang.org/x/exp v0.0.0-20220613132600-b0d781184e0d
|
||||
golang.org/x/image v0.4.0
|
||||
golang.org/x/image v0.5.0
|
||||
golang.org/x/net v0.5.0
|
||||
golang.org/x/oauth2 v0.4.0
|
||||
golang.org/x/text v0.7.0
|
||||
|
|
4
go.sum
4
go.sum
|
@ -668,8 +668,8 @@ golang.org/x/exp v0.0.0-20220613132600-b0d781184e0d/go.mod h1:Kr81I6Kryrl9sr8s2F
|
|||
golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js=
|
||||
golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
|
||||
golang.org/x/image v0.0.0-20191009234506-e7c1f5e7dbb8/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
|
||||
golang.org/x/image v0.4.0 h1:x1RWAiZIvERqkltrFjtQP1ycmiR5pmhjtCfVOtdURuQ=
|
||||
golang.org/x/image v0.4.0/go.mod h1:FVC7BI/5Ym8R25iw5OLsgshdUBbT1h5jZTpA+mvAdZ4=
|
||||
golang.org/x/image v0.5.0 h1:5JMiNunQeQw++mMOz48/ISeNu3Iweh/JaZU8ZLqHRrI=
|
||||
golang.org/x/image v0.5.0/go.mod h1:FVC7BI/5Ym8R25iw5OLsgshdUBbT1h5jZTpA+mvAdZ4=
|
||||
golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
|
||||
golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
|
||||
golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
|
||||
|
|
57
vendor/golang.org/x/image/tiff/reader.go
generated
vendored
57
vendor/golang.org/x/image/tiff/reader.go
generated
vendored
|
@ -38,6 +38,52 @@ func (e UnsupportedError) Error() string {
|
|||
|
||||
var errNoPixels = FormatError("not enough pixel data")
|
||||
|
||||
const maxChunkSize = 10 << 20 // 10M
|
||||
|
||||
// safeReadtAt is a verbatim copy of internal/saferio.ReadDataAt from the
|
||||
// standard library, which is used to read data from a reader using a length
|
||||
// provided by untrusted data, without allocating the entire slice ahead of time
|
||||
// if it is large (>maxChunkSize). This allows us to avoid allocating giant
|
||||
// slices before learning that we can't actually read that much data from the
|
||||
// reader.
|
||||
func safeReadAt(r io.ReaderAt, n uint64, off int64) ([]byte, error) {
|
||||
if int64(n) < 0 || n != uint64(int(n)) {
|
||||
// n is too large to fit in int, so we can't allocate
|
||||
// a buffer large enough. Treat this as a read failure.
|
||||
return nil, io.ErrUnexpectedEOF
|
||||
}
|
||||
|
||||
if n < maxChunkSize {
|
||||
buf := make([]byte, n)
|
||||
_, err := r.ReadAt(buf, off)
|
||||
if err != nil {
|
||||
// io.SectionReader can return EOF for n == 0,
|
||||
// but for our purposes that is a success.
|
||||
if err != io.EOF || n > 0 {
|
||||
return nil, err
|
||||
}
|
||||
}
|
||||
return buf, nil
|
||||
}
|
||||
|
||||
var buf []byte
|
||||
buf1 := make([]byte, maxChunkSize)
|
||||
for n > 0 {
|
||||
next := n
|
||||
if next > maxChunkSize {
|
||||
next = maxChunkSize
|
||||
}
|
||||
_, err := r.ReadAt(buf1[:next], off)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
buf = append(buf, buf1[:next]...)
|
||||
n -= next
|
||||
off += int64(next)
|
||||
}
|
||||
return buf, nil
|
||||
}
|
||||
|
||||
type decoder struct {
|
||||
r io.ReaderAt
|
||||
byteOrder binary.ByteOrder
|
||||
|
@ -82,8 +128,7 @@ func (d *decoder) ifdUint(p []byte) (u []uint, err error) {
|
|||
}
|
||||
if datalen := lengths[datatype] * count; datalen > 4 {
|
||||
// The IFD contains a pointer to the real value.
|
||||
raw = make([]byte, datalen)
|
||||
_, err = d.r.ReadAt(raw, int64(d.byteOrder.Uint32(p[8:12])))
|
||||
raw, err = safeReadAt(d.r, uint64(datalen), int64(d.byteOrder.Uint32(p[8:12])))
|
||||
} else {
|
||||
raw = p[8 : 8+datalen]
|
||||
}
|
||||
|
@ -427,8 +472,9 @@ func newDecoder(r io.Reader) (*decoder, error) {
|
|||
numItems := int(d.byteOrder.Uint16(p[0:2]))
|
||||
|
||||
// All IFD entries are read in one chunk.
|
||||
p = make([]byte, ifdLen*numItems)
|
||||
if _, err := d.r.ReadAt(p, ifdOffset+2); err != nil {
|
||||
var err error
|
||||
p, err = safeReadAt(d.r, uint64(ifdLen*numItems), ifdOffset+2)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
|
@ -656,8 +702,7 @@ func Decode(r io.Reader) (img image.Image, err error) {
|
|||
if b, ok := d.r.(*buffer); ok {
|
||||
d.buf, err = b.Slice(int(offset), int(n))
|
||||
} else {
|
||||
d.buf = make([]byte, n)
|
||||
_, err = d.r.ReadAt(d.buf, offset)
|
||||
d.buf, err = safeReadAt(d.r, uint64(n), offset)
|
||||
}
|
||||
case cG3:
|
||||
inv := d.firstVal(tPhotometricInterpretation) == pWhiteIsZero
|
||||
|
|
2
vendor/modules.txt
vendored
2
vendor/modules.txt
vendored
|
@ -713,7 +713,7 @@ golang.org/x/crypto/ssh/internal/bcrypt_pbkdf
|
|||
## explicit; go 1.18
|
||||
golang.org/x/exp/constraints
|
||||
golang.org/x/exp/slices
|
||||
# golang.org/x/image v0.4.0
|
||||
# golang.org/x/image v0.5.0
|
||||
## explicit; go 1.12
|
||||
golang.org/x/image/bmp
|
||||
golang.org/x/image/ccitt
|
||||
|
|
Loading…
Reference in a new issue