diff -ru4NwbB libpng-1.2.42/png.c libpng-1.2.43beta01/png.c
--- libpng-1.2.42/png.c	2010-01-02 23:04:19.598757954 -0600
+++ libpng-1.2.43beta01/png.c	2010-01-27 07:17:31.272672413 -0600
@@ -1,8 +1,8 @@
 
 /* png.c - location for general purpose libpng functions
  *
- * Last changed in libpng 1.2.42 [January 27, 2010]
+ * Last changed in libpng 1.2.42 [January 3, 2010]
  * Copyright (c) 1998-2010 Glenn Randers-Pehrson
  * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger)
  * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.)
  *
diff -ru4NwbB libpng-1.2.42/png.h libpng-1.2.43beta01/png.h
--- libpng-1.2.42/png.h	2010-01-02 23:04:19.574120328 -0600
+++ libpng-1.2.43beta01/png.h	2010-01-27 07:17:31.247201618 -0600
@@ -253,8 +253,9 @@
  *    1.2.42beta01-02         13    10242  12.so.0.42[.0]
  *    1.2.42rc01-05           13    10242  12.so.0.42[.0]
  *    1.0.52                  10    10052  10.so.0.52[.0]
  *    1.2.42                  13    10242  12.so.0.42[.0]
+ *    1.2.43beta01            13    10243  12.so.0.43[.0]
  *
  *    Henceforth the source version will match the shared-library major
  *    and minor numbers; the shared-library major version number will be
  *    used for changes in backward compatibility, as it is intended.  The
diff -ru4NwbB libpng-1.2.42/pngconf.h libpng-1.2.43beta01/pngconf.h
--- libpng-1.2.42/pngconf.h	2010-01-02 23:04:19.583584354 -0600
+++ libpng-1.2.43beta01/pngconf.h	2010-01-27 07:17:31.256943706 -0600
@@ -621,24 +621,20 @@
 #  endif
 #  ifndef PNG_NO_READ_BACKGROUND
 #    define PNG_READ_BACKGROUND_SUPPORTED
 #  endif
-#ifndef PNG_1_0_X
 #  ifndef PNG_NO_READ_16_TO_8
 #    define PNG_READ_16_TO_8_SUPPORTED
 #  endif
-#endif
 #  ifndef PNG_NO_READ_FILLER
 #    define PNG_READ_FILLER_SUPPORTED
 #  endif
 #  ifndef PNG_NO_READ_GAMMA
 #    define PNG_READ_GAMMA_SUPPORTED
 #  endif
-#ifndef PNG_1_0_X
 #  ifndef PNG_NO_READ_GRAY_TO_RGB
 #    define PNG_READ_GRAY_TO_RGB_SUPPORTED
 #  endif
-#endif
 #  ifndef PNG_NO_READ_SWAP_ALPHA
 #    define PNG_READ_SWAP_ALPHA_SUPPORTED
 #  endif
 #  ifndef PNG_NO_READ_INVERT_ALPHA
diff -ru4NwbB libpng-1.2.42/pngpread.c libpng-1.2.43beta01/pngpread.c
--- libpng-1.2.42/pngpread.c	2010-01-02 23:04:19.630442557 -0600
+++ libpng-1.2.43beta01/pngpread.c	2010-01-27 07:17:31.306350419 -0600
@@ -1,8 +1,8 @@
 
 /* pngpread.c - read a png file in push mode
  *
- * Last changed in libpng 1.2.42 [January 27, 2010]
+ * Last changed in libpng 1.2.42 [January 3, 2010]
  * Copyright (c) 1998-2009 Glenn Randers-Pehrson
  * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger)
  * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.)
  *
diff -ru4NwbB libpng-1.2.42/pngrtran.c libpng-1.2.43beta01/pngrtran.c
--- libpng-1.2.42/pngrtran.c	2010-01-02 23:04:19.660071212 -0600
+++ libpng-1.2.43beta01/pngrtran.c	2010-01-27 07:17:31.337256854 -0600
@@ -1,8 +1,8 @@
 
 /* pngrtran.c - transforms the data in a row for PNG readers
  *
- * Last changed in libpng 1.2.42 [January 27, 2010]
+ * Last changed in libpng 1.2.42 [January 3, 2010]
  * Copyright (c) 1998-2010 Glenn Randers-Pehrson
  * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger)
  * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.)
  *
diff -ru4NwbB libpng-1.2.42/pngrutil.c libpng-1.2.43beta01/pngrutil.c
--- libpng-1.2.42/pngrutil.c	2010-01-02 23:04:19.673407448 -0600
+++ libpng-1.2.43beta01/pngrutil.c	2010-01-27 07:17:31.350893584 -0600
@@ -1,8 +1,8 @@
 
 /* pngrutil.c - utilities to read a PNG file
  *
- * Last changed in libpng 1.2.41 [December 3, 2009]
+ * Last changed in libpng 1.2.43 [January 27, 2010]
  * Copyright (c) 1998-2009 Glenn Randers-Pehrson
  * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger)
  * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.)
  *
@@ -235,15 +235,18 @@
 
    if (comp_type == PNG_COMPRESSION_TYPE_BASE)
    {
       int ret = Z_OK;
+      png_size_t buffer_size;
+
       png_ptr->zstream.next_in = (png_bytep)(png_ptr->chunkdata + prefix_size);
       png_ptr->zstream.avail_in = (uInt)(chunklength - prefix_size);
       png_ptr->zstream.next_out = png_ptr->zbuf;
       png_ptr->zstream.avail_out = (uInt)png_ptr->zbuf_size;
 
       text_size = 0;
       text = NULL;
+      buffer_size = 0;
 
       while (png_ptr->zstream.avail_in)
       {
          ret = inflate(&png_ptr->zstream, Z_PARTIAL_FLUSH);
@@ -261,11 +264,12 @@
                text_size = prefix_size + png_sizeof(msg) + 1;
                text = (png_charp)png_malloc_warn(png_ptr, text_size);
                if (text ==  NULL)
                  {
-                    png_free(png_ptr, png_ptr->chunkdata);
-                    png_ptr->chunkdata = NULL;
-                    png_error(png_ptr, "Not enough memory to decompress chunk");
+                  png_error(png_ptr,
+                     "Not enough memory to decompress chunk");
+                  text_size = 0;
+                  break;
                  }
                png_memcpy(text, png_ptr->chunkdata, prefix_size);
             }
 
@@ -273,57 +277,75 @@
 
             /* Copy what we can of the error message into the text chunk */
             text_size = (png_size_t)(chunklength -
               (text - png_ptr->chunkdata) - 1);
+
             if (text_size > png_sizeof(msg))
                text_size = png_sizeof(msg);
+
             png_memcpy(text + prefix_size, msg, text_size);
+            buffer_size = text_size;
             break;
          }
          if (!png_ptr->zstream.avail_out || ret == Z_STREAM_END)
          {
-            if (text == NULL)
+            if (text == NULL)  /* Initialize the decompression buffer */
             {
                text_size = prefix_size +
                    png_ptr->zbuf_size - png_ptr->zstream.avail_out;
+
                text = (png_charp)png_malloc_warn(png_ptr, text_size + 1);
                if (text ==  NULL)
                {
-                  png_free(png_ptr, png_ptr->chunkdata);
-                  png_ptr->chunkdata = NULL;
                   png_error(png_ptr,
                     "Not enough memory to decompress chunk.");
+                  text_size = 0;
+                  break;
                }
                png_memcpy(text + prefix_size, png_ptr->zbuf,
                     text_size - prefix_size);
                png_memcpy(text, png_ptr->chunkdata, prefix_size);
                *(text + text_size) = 0x00;
+               buffer_size = text_size;
             }
-            else
+            else               /* Enlarge the decompression buffer */
             {
-               png_charp tmp;
+               png_charp tmp = text;
+               png_size_t new_text_size;
+
+               new_text_size = text_size + png_ptr->zbuf_size -
+                   png_ptr->zstream.avail_out;
+
+               if (new_text_size > buffer_size)
+               {
+                  if (png_ptr->zstream.avail_out)
+                     buffer_size = new_text_size;
+                  else
+                     buffer_size += buffer_size;
 
-               tmp = text;
                   text = (png_charp)png_malloc_warn(png_ptr,
-                     (png_uint_32)(text_size +
-                      png_ptr->zbuf_size - png_ptr->zstream.avail_out + 1));
+                    buffer_size + 1);
+
                if (text == NULL)
                {
-                  png_free(png_ptr, tmp);
-                  png_free(png_ptr, png_ptr->chunkdata);
-                  png_ptr->chunkdata = NULL;
-                  png_error(png_ptr,
+                    png_warning(png_ptr,
                     "Not enough memory to decompress chunk..");
+                    break;
                }
+
                png_memcpy(text, tmp, text_size);
                png_free(png_ptr, tmp);
+               }
+            /* FIX ME: zTXt chunk written by pngtest is 6 bytes too large */
                png_memcpy(text + text_size, png_ptr->zbuf,
                   (png_ptr->zbuf_size - png_ptr->zstream.avail_out));
                text_size += png_ptr->zbuf_size - png_ptr->zstream.avail_out;
                *(text + text_size) = 0x00;
             }
+         }
             if (ret == Z_STREAM_END)
                break;
+
             else
             {
                png_ptr->zstream.next_out = png_ptr->zbuf;
                png_ptr->zstream.avail_out = (uInt)png_ptr->zbuf_size;
@@ -328,9 +350,29 @@
                png_ptr->zstream.next_out = png_ptr->zbuf;
                png_ptr->zstream.avail_out = (uInt)png_ptr->zbuf_size;
             }
          }
+
+      if (text != NULL && buffer_size > text_size)
+      {
+         /* Reduce text allocation to actual size */
+         png_charp tmp;
+
+         tmp = text;
+         text = (png_charp)png_malloc_warn(png_ptr,
+             (png_uint_32)(text_size));
+
+         if (text == NULL)
+            text = tmp;
+
+         else
+         {
+            png_memcpy(text, tmp, text_size + 1);
+            png_free(png_ptr, tmp);
       }
+
+      }
+
       if (ret != Z_STREAM_END)
       {
 #if defined(PNG_STDIO_SUPPORTED) && !defined(_WIN32_WCE)
          char umsg[52];
@@ -362,9 +404,9 @@
             if (text == NULL)
               {
                 png_free(png_ptr, png_ptr->chunkdata);
                 png_ptr->chunkdata = NULL;
-                png_error(png_ptr, "Not enough memory for text.");
+               png_error(png_ptr, "Not enough memory for text");
               }
             png_memcpy(text, png_ptr->chunkdata, prefix_size);
          }
          *(text + text_size) = 0x00;
diff -ru4NwbB libpng-1.2.42/pngset.c libpng-1.2.43beta01/pngset.c
--- libpng-1.2.42/pngset.c	2010-01-02 23:04:19.681601636 -0600
+++ libpng-1.2.43beta01/pngset.c	2010-01-27 07:17:31.359250940 -0600
@@ -1,8 +1,8 @@
 
 /* pngset.c - storage of image information into info struct
  *
- * Last changed in libpng 1.2.42 [January 27, 2010]
+ * Last changed in libpng 1.2.42 [January 3, 2010]
  * Copyright (c) 1998-2010 Glenn Randers-Pehrson
  * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger)
  * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.)
  *
diff -ru4NwbB libpng-1.2.42/pngtest.c libpng-1.2.43beta01/pngtest.c
--- libpng-1.2.42/pngtest.c	2010-01-02 23:04:19.690626211 -0600
+++ libpng-1.2.43beta01/pngtest.c	2010-01-27 07:17:31.368429850 -0600
@@ -1535,16 +1535,16 @@
       int allocation_now = current_allocation;
 #endif
       for (i=2; i<argc; ++i)
       {
-#ifdef PNG_READ_USER_TRANSFORM_SUPPORTED
-         int k;
-#endif
          int kerror;
          fprintf(STDERR, "\n Testing %s:", argv[i]);
          kerror = test_one_file(argv[i], outname);
          if (kerror == 0)
          {
+#ifdef PNG_READ_USER_TRANSFORM_SUPPORTED
+            int k;
+#endif
 #ifdef PNG_WRITE_USER_TRANSFORM_SUPPORTED
             fprintf(STDERR, "\n PASS (%lu zero samples)\n",
                (unsigned long)zero_samples);
 #else
@@ -1628,10 +1628,9 @@
 #ifdef PNG_READ_USER_TRANSFORM_SUPPORTED
                 for (k = 0; k<256; k++)
                    if (filters_used[k])
                       fprintf(STDERR, " Filter %d was used %lu times\n",
-                         k,
-                         (unsigned long)filters_used[k]);
+                         k, (unsigned long)filters_used[k]);
 #endif
 #ifdef PNG_TIME_RFC1123_SUPPORTED
              if (tIME_chunk_present != 0)
                 fprintf(STDERR, " tIME = %s\n", tIME_string);
diff -ru4NwbB libpng-1.2.42/pngwrite.c libpng-1.2.43beta01/pngwrite.c
--- libpng-1.2.42/pngwrite.c	2010-01-02 23:04:19.715883080 -0600
+++ libpng-1.2.43beta01/pngwrite.c	2010-01-27 07:17:31.394298885 -0600
@@ -1,8 +1,8 @@
 
 /* pngwrite.c - general routines to write a PNG file
  *
- * Last changed in libpng 1.2.42 [January 27, 2010]
+ * Last changed in libpng 1.2.42 [January 3, 2010]
  * Copyright (c) 1998-2010 Glenn Randers-Pehrson
  * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger)
  * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.)
  *
diff -ru4NwbB libpng-1.2.42/projects/xcode/libpng.xcodeproj/project.pbxproj libpng-1.2.43beta01/projects/xcode/libpng.xcodeproj/project.pbxproj
--- libpng-1.2.42/projects/xcode/libpng.xcodeproj/project.pbxproj	2010-01-02 23:04:21.117778995 -0600
+++ libpng-1.2.43beta01/projects/xcode/libpng.xcodeproj/project.pbxproj	2010-01-27 07:17:33.014021083 -0600
@@ -221,9 +221,9 @@
 			buildSettings = {
 				COPY_PHASE_STRIP = NO;
 				DYLIB_COMPATIBILITY_VERSION = 3;
 				DYLIB_CURRENT_VERSION = 3;
-				FRAMEWORK_VERSION = 1.2.42;
+				FRAMEWORK_VERSION = 1.2.43beta01;
 				GCC_PRECOMPILE_PREFIX_HEADER = NO;
 				GCC_PREFIX_HEADER = "";
 				INFOPLIST_FILE = Info.plist;
 				INSTALL_PATH = "@executable_path/../Frameworks";
@@ -239,9 +239,9 @@
 			isa = XCBuildConfiguration;
 			buildSettings = {
 				DYLIB_COMPATIBILITY_VERSION = 3;
 				DYLIB_CURRENT_VERSION = 3;
-				FRAMEWORK_VERSION = 1.2.42;
+				FRAMEWORK_VERSION = 1.2.43beta01;
 				GCC_PRECOMPILE_PREFIX_HEADER = NO;
 				GCC_PREFIX_HEADER = "";
 				INFOPLIST_FILE = Info.plist;
 				INSTALL_PATH = "@executable_path/../Frameworks";