diff --git a/go.mod b/go.mod index 5463320..41736fe 100644 --- a/go.mod +++ b/go.mod @@ -25,11 +25,11 @@ require ( github.com/stretchr/testify v1.8.4 // indirect github.com/tevino/abool v1.2.0 // indirect github.com/yuin/goldmark v1.6.0 // indirect - golang.org/x/image v0.14.0 // indirect + golang.org/x/image v0.18.0 // indirect golang.org/x/mobile v0.0.0-20231108233038-35478a0c49da // indirect golang.org/x/net v0.18.0 // indirect golang.org/x/sys v0.14.0 // indirect - golang.org/x/text v0.14.0 // indirect + golang.org/x/text v0.16.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect honnef.co/go/js/dom v0.0.0-20210725211120-f030747120f2 // indirect ) diff --git a/go.sum b/go.sum index 969caa7..29899b3 100644 --- a/go.sum +++ b/go.sum @@ -311,8 +311,8 @@ golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EH golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU= golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= -golang.org/x/image v0.14.0 h1:tNgSxAFe3jC4uYqvZdTr84SZoM1KfwdC9SKIFrLjFn4= -golang.org/x/image v0.14.0/go.mod h1:HUYqC05R2ZcZ3ejNQsIHQDQiwWM4JBqmm6MKANTp4LE= +golang.org/x/image v0.18.0 h1:jGzIakQa/ZXI1I0Fxvaa9W7yP25TqT6cHIHn+6CqvSQ= +golang.org/x/image v0.18.0/go.mod h1:4yyo5vMFQjVjUcVk4jEQcU9MGy/rulF5WvUILseCM2E= golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= @@ -458,8 +458,8 @@ golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= -golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= +golang.org/x/text v0.16.0 h1:a94ExnEXNtEwYLGJSIUxnWoxoRz/ZcCsV63ROupILh4= +golang.org/x/text v0.16.0/go.mod h1:GhwF1Be+LQoKShO3cGOHzqOgRrGaYc9AvblQOmPVHnI= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= diff --git a/vendor/fyne.io/fyne/v2/internal/driver/mobile/gl/work_windows_386.s b/vendor/fyne.io/fyne/v2/internal/driver/mobile/gl/work_windows_386.s index b1ec187..c80e98a 100644 --- a/vendor/fyne.io/fyne/v2/internal/driver/mobile/gl/work_windows_386.s +++ b/vendor/fyne.io/fyne/v2/internal/driver/mobile/gl/work_windows_386.s @@ -1,9 +1,9 @@ -// Copyright 2016 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -#include "textflag.h" - -// fixFloat is unnecessary for windows/386 -TEXT ·fixFloat(SB),NOSPLIT,$0-16 - RET +// Copyright 2016 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +#include "textflag.h" + +// fixFloat is unnecessary for windows/386 +TEXT ·fixFloat(SB),NOSPLIT,$0-16 + RET diff --git a/vendor/golang.org/x/image/tiff/reader.go b/vendor/golang.org/x/image/tiff/reader.go index f31569b..1b8fcb8 100644 --- a/vendor/golang.org/x/image/tiff/reader.go +++ b/vendor/golang.org/x/image/tiff/reader.go @@ -36,11 +36,14 @@ func (e UnsupportedError) Error() string { return "tiff: unsupported feature: " + string(e) } -var errNoPixels = FormatError("not enough pixel data") +var ( + errNoPixels = FormatError("not enough pixel data") + errInvalidColorIndex = FormatError("invalid color index") +) const maxChunkSize = 10 << 20 // 10M -// safeReadtAt is a verbatim copy of internal/saferio.ReadDataAt from the +// safeReadAt is a verbatim copy of internal/saferio.ReadDataAt from the // standard library, which is used to read data from a reader using a length // provided by untrusted data, without allocating the entire slice ahead of time // if it is large (>maxChunkSize). This allows us to avoid allocating giant @@ -337,13 +340,18 @@ func (d *decoder) decode(dst image.Image, xmin, ymin, xmax, ymax int) error { } case mPaletted: img := dst.(*image.Paletted) + pLen := len(d.palette) for y := ymin; y < rMaxY; y++ { for x := xmin; x < rMaxX; x++ { v, ok := d.readBits(d.bpp) if !ok { return errNoPixels } - img.SetColorIndex(x, y, uint8(v)) + idx := uint8(v) + if int(idx) >= pLen { + return errInvalidColorIndex + } + img.SetColorIndex(x, y, idx) } d.flushBits() } diff --git a/vendor/modules.txt b/vendor/modules.txt index 5f2da0c..d84c285 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -135,7 +135,7 @@ github.com/yuin/goldmark/renderer github.com/yuin/goldmark/renderer/html github.com/yuin/goldmark/text github.com/yuin/goldmark/util -# golang.org/x/image v0.14.0 +# golang.org/x/image v0.18.0 ## explicit; go 1.18 golang.org/x/image/ccitt golang.org/x/image/colornames @@ -159,7 +159,7 @@ golang.org/x/sys/execabs golang.org/x/sys/unix golang.org/x/sys/windows golang.org/x/sys/windows/registry -# golang.org/x/text v0.14.0 +# golang.org/x/text v0.16.0 ## explicit; go 1.18 golang.org/x/text/encoding golang.org/x/text/encoding/charmap