libspng is a C library for reading and writing Portable Network Graphics (PNG) format files with a focus on security and ease of use.
It is licensed under the BSD 2-clause “Simplified” License.
The goal is to provide a fast PNG library with a simpler API than libpng.
|Decode from stream||✅||✅||✅||❌|
|No known security bugs||✅||✅||❌||✅|
|Progressive image read||✅||✅||❌||❌|
|Parses all standard chunks||✅||✅||❌||❌|
|Doesn’t require zlib||✅||❌||✅||✅|
 The project is fuzz tested on OSS-Fuzz and vulnerabilities are fixed before they become public.
 Building with miniz is supported.
 With a 3rd party patch
Download and extract the latest release
spng.c/spng.h in your project, you can also build with CMake or Meson.
/* Create a context */ spng_ctx *ctx = spng_ctx_new(0); /* Set an input buffer */ spng_set_png_buffer(ctx, buf, buf_size); /* Determine output image size */ spng_decoded_image_size(ctx, SPNG_FMT_RGBA8, &out_size); /* Decode to 8-bit RGBA */ spng_decode_image(ctx, out, out_size, SPNG_FMT_RGBA8, 0); /* Free context memory */ spng_ctx_free(ctx);
Security & Testing¶
Code is written according to the rules of the CERT C Coding Standard. All integer arithmetic is checked for overflow and all error conditions are handled gracefully.
The library is continuously fuzzed by OSS-Fuzz, releases are scanned with Clang Static Analyzer, PVS-Studio, and Coverity Scan.
How does it compare to libpng?¶
See the comparison page.
Will it be drop-in compatible with libpng?¶
A compatibility layer was considered but it would need a lot of features implemented outside of libspng.
Are there any size limits?¶
Images exceeding 4GB per row are not decoded, there are no other limits, at worst it will run out of memory or fail an integer overflow check, all errors are handled gracefully.
Is libspng threadsafe?¶
libspng is threadsafe as long as contexts are not shared across threads. It is safe to create multiple contexts on a thread.
Why are some functions returning
A previous function call encountered an irrecoverable error, most decoding errors are not recoverable. Refer to the documentation on error handling.
How is spng pronounced?¶
The letters are spelled.