[libpng16] Revert recent changes that did not help with oss-fuzz issues

ANNOUNCE

-Libpng 1.6.35beta01 - October 17, 2017
+Libpng 1.6.35beta01 - October 29, 2017
 
 This is not intended to be a public release. It will be replaced
 within a few weeks by a public version or by another test version.
@@ -24,12 +24,11 @@ Other information:
 
 Changes since the last public release (1.6.34):
 
-Version 1.6.35beta01 [October 17, 2017]
+Version 1.6.35beta01 [October 29, 2017]
   Restored 21 of the contrib/pngsuite/i*.png, which do not cause test
     failures. Placed the remainder in contrib/pngsuite/interlaced/i*.png.
   Added calls to png_set_*() transforms commonly used by browsers to
     the fuzzer.
-  Initialize entire palette array to zero in png_handle_PLTE().
 
 Send comments/corrections/commendations to png-mng-implement at lists.sf.net
 (subscription required; visit

CHANGES

@@ -6040,12 +6040,11 @@ Version 1.6.33 [September 28, 2017]
 Version 1.6.34 [September 29, 2017]
   Removed contrib/pngsuite/i*.png; some of caused test failures.
 
-Version 1.6.35beta01 [October 17, 2017]
+Version 1.6.35beta01 [October 29, 2017]
   Restored 21 of the contrib/pngsuite/i*.png, which do not cause test
     failures. Placed the remainder in contrib/pngsuite/interlaced/i*.png.
   Added calls to png_set_*() transforms commonly used by browsers to
     the fuzzer.
-  Initialize entire palette array to zero in png_handle_PLTE().
 
 Send comments/corrections/commendations to png-mng-implement at lists.sf.net
 (subscription required; visit

pngrutil.c

 
 /* pngrutil.c - utilities to read a PNG file
  *
- * Last changed in libpng 1.6.35 [(PENDING RELEASE)]
+ * Last changed in libpng 1.6.33 [September 28, 2017]
  * Copyright (c) 1998-2002,2004,2006-2017 Glenn Randers-Pehrson
  * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger)
  * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.)
@@ -912,7 +912,7 @@ png_handle_IHDR(png_structrp png_ptr, png_inforp info_ptr, png_uint_32 length)
 void /* PRIVATE */
 png_handle_PLTE(png_structrp png_ptr, png_inforp info_ptr, png_uint_32 length)
 {
-   png_color palette[PNG_MAX_PALETTE_LENGTH] = {0};
+   png_color palette[PNG_MAX_PALETTE_LENGTH];
    int max_palette_length, num, i;
 #ifdef PNG_POINTER_INDEXING_SUPPORTED
    png_colorp pal_ptr;
@@ -1817,7 +1817,7 @@ png_handle_sPLT(png_structrp png_ptr, png_inforp info_ptr, png_uint_32 length)
 void /* PRIVATE */
 png_handle_tRNS(png_structrp png_ptr, png_inforp info_ptr, png_uint_32 length)
 {
-   png_byte readbuf[PNG_MAX_PALETTE_LENGTH]={0};
+   png_byte readbuf[PNG_MAX_PALETTE_LENGTH];
 
    png_debug(1, "in png_handle_tRNS");
 
@@ -1840,7 +1840,7 @@ png_handle_tRNS(png_structrp png_ptr, png_inforp info_ptr, png_uint_32 length)
 
    if (png_ptr->color_type == PNG_COLOR_TYPE_GRAY)
    {
-      png_byte buf[2]={0};
+      png_byte buf[2];
 
       if (length != 2)
       {
@@ -1856,7 +1856,7 @@ png_handle_tRNS(png_structrp png_ptr, png_inforp info_ptr, png_uint_32 length)
 
    else if (png_ptr->color_type == PNG_COLOR_TYPE_RGB)
    {
-      png_byte buf[6]={0};
+      png_byte buf[6];
 
       if (length != 6)
       {

pngset.c

@@ -1017,7 +1017,7 @@ png_set_tRNS(png_structrp png_ptr, png_inforp info_ptr,
        {
          /* Changed from num_trans to PNG_MAX_PALETTE_LENGTH in version 1.2.1 */
           info_ptr->trans_alpha = png_voidcast(png_bytep,
-              png_calloc(png_ptr, PNG_MAX_PALETTE_LENGTH));
+              png_malloc(png_ptr, PNG_MAX_PALETTE_LENGTH));
           memcpy(info_ptr->trans_alpha, trans_alpha, (png_size_t)num_trans);
        }
        png_ptr->trans_alpha = info_ptr->trans_alpha;