1 /*
2 * jdmarker.c
3 *
4 * Copyright (C) 1991-1994, Thomas G. Lane.
5 * This file is part of the Independent JPEG Group's software.
6 * For conditions of distribution and use, see the accompanying README file.
7 *
8 * This file contains routines to decode JPEG datastream markers.
9 * Most of the complexity arises from our desire to support input
10 * suspension: if not all of the data for a marker is available,
11 * we must exit back to the application. On resumption, we reprocess
12 * the marker.
13 */
14
15 #define JPEG_INTERNALS
16 #include "jinclude.h"
17 #include "jpeglib.h"
18
19
20 typedef enum { /* JPEG marker codes */
21 M_SOF0 = 0xc0,
22 M_SOF1 = 0xc1,
23 M_SOF2 = 0xc2,
24 M_SOF3 = 0xc3,
25
26 M_SOF5 = 0xc5,
27 M_SOF6 = 0xc6,
28 M_SOF7 = 0xc7,
29
30 M_JPG = 0xc8,
31 M_SOF9 = 0xc9,
32 M_SOF10 = 0xca,
33 M_SOF11 = 0xcb,
34
35 M_SOF13 = 0xcd,
36 M_SOF14 = 0xce,
37 M_SOF15 = 0xcf,
38
39 M_DHT = 0xc4,
40
41 M_DAC = 0xcc,
42
43 M_RST0 = 0xd0,
44 M_RST1 = 0xd1,
45 M_RST2 = 0xd2,
46 M_RST3 = 0xd3,
47 M_RST4 = 0xd4,
48 M_RST5 = 0xd5,
49 M_RST6 = 0xd6,
50 M_RST7 = 0xd7,
51
52 M_SOI = 0xd8,
53 M_EOI = 0xd9,
54 M_SOS = 0xda,
55 M_DQT = 0xdb,
56 M_DNL = 0xdc,
57 M_DRI = 0xdd,
58 M_DHP = 0xde,
59 M_EXP = 0xdf,
60
61 M_APP0 = 0xe0,
62 M_APP1 = 0xe1,
63 M_APP2 = 0xe2,
64 M_APP3 = 0xe3,
65 M_APP4 = 0xe4,
66 M_APP5 = 0xe5,
67 M_APP6 = 0xe6,
68 M_APP7 = 0xe7,
69 M_APP8 = 0xe8,
70 M_APP9 = 0xe9,
71 M_APP10 = 0xea,
72 M_APP11 = 0xeb,
73 M_APP12 = 0xec,
74 M_APP13 = 0xed,
75 M_APP14 = 0xee,
76 M_APP15 = 0xef,
77
78 M_JPG0 = 0xf0,
79 M_JPG13 = 0xfd,
80 M_COM = 0xfe,
81
82 M_TEM = 0x01,
83
84 M_ERROR = 0x100
85 } JPEG_MARKER;
86
87
88 /*
89 * Macros for fetching data from the data source module.
90 *
91 * At all times, cinfo->src->next_input_byte and ->bytes_in_buffer reflect
92 * the current restart point; we update them only when we have reached a
93 * suitable place to restart if a suspension occurs.
94 */
95
96 /* Declare and initialize local copies of input pointer/count */
97 #define INPUT_VARS(cinfo) \
98 struct jpeg_source_mgr * datasrc = (cinfo)->src; \
99 const JOCTET * next_input_byte = datasrc->next_input_byte; \
100 size_t bytes_in_buffer = datasrc->bytes_in_buffer
101
102 /* Unload the local copies --- do this only at a restart boundary */
103 #define INPUT_SYNC(cinfo) \
104 ( datasrc->next_input_byte = next_input_byte, \
105 datasrc->bytes_in_buffer = bytes_in_buffer )
106
107 /* Reload the local copies --- seldom used except in MAKE_BYTE_AVAIL */
108 #define INPUT_RELOAD(cinfo) \
109 ( next_input_byte = datasrc->next_input_byte, \
110 bytes_in_buffer = datasrc->bytes_in_buffer )
111
112 /* Internal macro for INPUT_BYTE and INPUT_2BYTES: make a byte available.
113 * Note we do *not* do INPUT_SYNC before calling fill_input_buffer,
114 * but we must reload the local copies after a successful fill.
115 */
116 #define MAKE_BYTE_AVAIL(cinfo,action) \
117 if (bytes_in_buffer == 0) { \
118 if (! (*datasrc->fill_input_buffer) (cinfo)) \
119 { action; } \
120 INPUT_RELOAD(cinfo); \
121 } \
122 bytes_in_buffer--
123
124 /* Read a byte into variable V.
125 * If must suspend, take the specified action (typically "return FALSE").
126 */
127 #define INPUT_BYTE(cinfo,V,action) \
128 MAKESTMT( MAKE_BYTE_AVAIL(cinfo,action); \
129 V = GETJOCTET(*next_input_byte++); )
130
131 /* As above, but read two bytes interpreted as an unsigned 16-bit integer.
132 * V should be declared unsigned int or perhaps INT32.
133 */
134 #define INPUT_2BYTES(cinfo,V,action) \
135 MAKESTMT( MAKE_BYTE_AVAIL(cinfo,action); \
136 V = ((unsigned int) GETJOCTET(*next_input_byte++)) << 8; \
137 MAKE_BYTE_AVAIL(cinfo,action); \
138 V += GETJOCTET(*next_input_byte++); )
139
140
141 /*
142 * Routines to process JPEG markers.
143 *
144 * Entry condition: JPEG marker itself has been read and its code saved
145 * in cinfo->unread_marker; input restart point is just after the marker.
146 *
147 * Exit: if return TRUE, have read and processed any parameters, and have
148 * updated the restart point to point after the parameters.
149 * If return FALSE, was forced to suspend before reaching end of
150 * marker parameters; restart point has not been moved. Same routine
151 * will be called again after application supplies more input data.
152 *
153 * This approach to suspension assumes that all of a marker's parameters can
154 * fit into a single input bufferload. This should hold for "normal"
155 * markers. Some COM/APPn markers might have large parameter segments,
156 * but we use skip_input_data to get past those, and thereby put the problem
157 * on the source manager's shoulders.
158 *
159 * Note that we don't bother to avoid duplicate trace messages if a
160 * suspension occurs within marker parameters. Other side effects
161 * require more care.
162 */
163
164
165 LOCAL boolean
get_soi(j_decompress_ptr cinfo)166 get_soi (j_decompress_ptr cinfo)
167 /* Process an SOI marker */
168 {
169 int i;
170
171 TRACEMS(cinfo, 1, JTRC_SOI);
172
173 if (cinfo->marker->saw_SOI)
174 ERREXIT(cinfo, JERR_SOI_DUPLICATE);
175
176 /* Reset all parameters that are defined to be reset by SOI */
177
178 for (i = 0; i < NUM_ARITH_TBLS; i++) {
179 cinfo->arith_dc_L[i] = 0;
180 cinfo->arith_dc_U[i] = 1;
181 cinfo->arith_ac_K[i] = 5;
182 }
183 cinfo->restart_interval = 0;
184
185 /* Set initial assumptions for colorspace etc */
186
187 cinfo->jpeg_color_space = JCS_UNKNOWN;
188 cinfo->CCIR601_sampling = FALSE; /* Assume non-CCIR sampling??? */
189
190 cinfo->saw_JFIF_marker = FALSE;
191 cinfo->density_unit = 0; /* set default JFIF APP0 values */
192 cinfo->X_density = 1;
193 cinfo->Y_density = 1;
194 cinfo->saw_Adobe_marker = FALSE;
195 cinfo->Adobe_transform = 0;
196
197 cinfo->marker->saw_SOI = TRUE;
198
199 return TRUE;
200 }
201
202
203 LOCAL boolean
get_sof(j_decompress_ptr cinfo)204 get_sof (j_decompress_ptr cinfo)
205 /* Process a SOFn marker */
206 {
207 INT32 length;
208 int c, ci;
209 jpeg_component_info * compptr;
210 INPUT_VARS(cinfo);
211
212 INPUT_2BYTES(cinfo, length, return FALSE);
213
214 INPUT_BYTE(cinfo, cinfo->data_precision, return FALSE);
215 INPUT_2BYTES(cinfo, cinfo->image_height, return FALSE);
216 INPUT_2BYTES(cinfo, cinfo->image_width, return FALSE);
217 INPUT_BYTE(cinfo, cinfo->num_components, return FALSE);
218
219 length -= 8;
220
221 TRACEMS4(cinfo, 1, JTRC_SOF, cinfo->unread_marker,
222 (int) cinfo->image_width, (int) cinfo->image_height,
223 cinfo->num_components);
224
225 if (cinfo->marker->saw_SOF)
226 ERREXIT(cinfo, JERR_SOF_DUPLICATE);
227
228 /* We don't support files in which the image height is initially specified */
229 /* as 0 and is later redefined by DNL. As long as we have to check that, */
230 /* might as well have a general sanity check. */
231 if (cinfo->image_height <= 0 || cinfo->image_width <= 0
232 || cinfo->num_components <= 0)
233 ERREXIT(cinfo, JERR_EMPTY_IMAGE);
234
235 /* Make sure image isn't bigger than I can handle */
236 if ((long) cinfo->image_height > (long) JPEG_MAX_DIMENSION ||
237 (long) cinfo->image_width > (long) JPEG_MAX_DIMENSION)
238 ERREXIT1(cinfo, JERR_IMAGE_TOO_BIG, (unsigned int) JPEG_MAX_DIMENSION);
239
240 /* For now, precision must match compiled-in value... */
241 if (cinfo->data_precision != BITS_IN_JSAMPLE)
242 ERREXIT1(cinfo, JERR_BAD_PRECISION, cinfo->data_precision);
243
244 /* Check that number of components won't exceed internal array sizes */
245 if (cinfo->num_components > MAX_COMPONENTS)
246 ERREXIT2(cinfo, JERR_COMPONENT_COUNT, cinfo->num_components,
247 MAX_COMPONENTS);
248
249 if (length != (cinfo->num_components * 3))
250 ERREXIT(cinfo, JERR_BAD_LENGTH);
251
252 if (cinfo->comp_info == NULL) /* do only once, even if suspend */
253 cinfo->comp_info = (jpeg_component_info *) (*cinfo->mem->alloc_small)
254 ((j_common_ptr) cinfo, JPOOL_IMAGE,
255 cinfo->num_components * SIZEOF(jpeg_component_info));
256
257 for (ci = 0, compptr = cinfo->comp_info; ci < cinfo->num_components;
258 ci++, compptr++) {
259 compptr->component_index = ci;
260 INPUT_BYTE(cinfo, compptr->component_id, return FALSE);
261 INPUT_BYTE(cinfo, c, return FALSE);
262 compptr->h_samp_factor = (c >> 4) & 15;
263 compptr->v_samp_factor = (c ) & 15;
264 INPUT_BYTE(cinfo, compptr->quant_tbl_no, return FALSE);
265
266 TRACEMS4(cinfo, 1, JTRC_SOF_COMPONENT,
267 compptr->component_id, compptr->h_samp_factor,
268 compptr->v_samp_factor, compptr->quant_tbl_no);
269 }
270
271 cinfo->marker->saw_SOF = TRUE;
272
273 INPUT_SYNC(cinfo);
274 return TRUE;
275 }
276
277
278 LOCAL boolean
get_sos(j_decompress_ptr cinfo)279 get_sos (j_decompress_ptr cinfo)
280 /* Process a SOS marker */
281 {
282 INT32 length;
283 int i, ci, n, c, cc, ccc;
284 jpeg_component_info * compptr;
285 INPUT_VARS(cinfo);
286
287 if (! cinfo->marker->saw_SOF)
288 ERREXIT(cinfo, JERR_SOS_NO_SOF);
289
290 INPUT_2BYTES(cinfo, length, return FALSE);
291
292 INPUT_BYTE(cinfo, n, return FALSE); /* Number of components */
293
294 if (length != (n * 2 + 6) || n < 1 || n > MAX_COMPS_IN_SCAN)
295 ERREXIT(cinfo, JERR_BAD_LENGTH);
296
297 TRACEMS1(cinfo, 1, JTRC_SOS, n);
298
299 cinfo->comps_in_scan = n;
300
301 /* Collect the component-spec parameters */
302
303 for (i = 0; i < n; i++) {
304 INPUT_BYTE(cinfo, cc, return FALSE);
305 INPUT_BYTE(cinfo, c, return FALSE);
306
307 for (ci = 0, compptr = cinfo->comp_info; ci < cinfo->num_components;
308 ci++, compptr++) {
309 if (cc == compptr->component_id)
310 goto id_found;
311 }
312
313 ERREXIT1(cinfo, JERR_BAD_COMPONENT_ID, cc);
314
315 id_found:
316
317 cinfo->cur_comp_info[i] = compptr;
318 compptr->dc_tbl_no = (c >> 4) & 15;
319 compptr->ac_tbl_no = (c ) & 15;
320
321 TRACEMS3(cinfo, 1, JTRC_SOS_COMPONENT, cc,
322 compptr->dc_tbl_no, compptr->ac_tbl_no);
323 }
324
325 /* Collect the additional scan parameters Ss, Se, Ah/Al.
326 * Currently we just validate that they are right for sequential JPEG.
327 * This ought to be an error condition, but we make it a warning because
328 * there are some baseline files out there with all zeroes in these bytes.
329 * (Thank you, Logitech :-(.)
330 */
331 INPUT_BYTE(cinfo, c, return FALSE);
332 INPUT_BYTE(cinfo, cc, return FALSE);
333 INPUT_BYTE(cinfo, ccc, return FALSE);
334 if (c != 0 || cc != DCTSIZE2-1 || ccc != 0)
335 WARNMS(cinfo, JWRN_NOT_SEQUENTIAL);
336
337 /* Prepare to scan data & restart markers */
338 cinfo->marker->next_restart_num = 0;
339
340 INPUT_SYNC(cinfo);
341 return TRUE;
342 }
343
344
345 METHODDEF boolean
get_app0(j_decompress_ptr cinfo)346 get_app0 (j_decompress_ptr cinfo)
347 /* Process an APP0 marker */
348 {
349 #define JFIF_LEN 14
350 INT32 length;
351 UINT8 b[JFIF_LEN];
352 int buffp;
353 INPUT_VARS(cinfo);
354
355 INPUT_2BYTES(cinfo, length, return FALSE);
356 length -= 2;
357
358 /* See if a JFIF APP0 marker is present */
359
360 if (length >= JFIF_LEN) {
361 for (buffp = 0; buffp < JFIF_LEN; buffp++)
362 INPUT_BYTE(cinfo, b[buffp], return FALSE);
363 length -= JFIF_LEN;
364
365 if (b[0]==0x4A && b[1]==0x46 && b[2]==0x49 && b[3]==0x46 && b[4]==0) {
366 /* Found JFIF APP0 marker: check version */
367 /* Major version must be 1 */
368 if (b[5] != 1)
369 ERREXIT2(cinfo, JERR_JFIF_MAJOR, b[5], b[6]);
370 /* Minor version should be 0..2, but try to process anyway if newer */
371 if (b[6] > 2)
372 TRACEMS2(cinfo, 1, JTRC_JFIF_MINOR, b[5], b[6]);
373 /* Save info */
374 cinfo->saw_JFIF_marker = TRUE;
375 cinfo->density_unit = b[7];
376 cinfo->X_density = (b[8] << 8) + b[9];
377 cinfo->Y_density = (b[10] << 8) + b[11];
378 TRACEMS3(cinfo, 1, JTRC_JFIF,
379 cinfo->X_density, cinfo->Y_density, cinfo->density_unit);
380 if (b[12] | b[13])
381 TRACEMS2(cinfo, 1, JTRC_JFIF_THUMBNAIL, b[12], b[13]);
382 if (length != ((INT32) b[12] * (INT32) b[13] * (INT32) 3))
383 TRACEMS1(cinfo, 1, JTRC_JFIF_BADTHUMBNAILSIZE, (int) length);
384 } else {
385 /* Start of APP0 does not match "JFIF" */
386 TRACEMS1(cinfo, 1, JTRC_APP0, (int) length + JFIF_LEN);
387 }
388 } else {
389 /* Too short to be JFIF marker */
390 TRACEMS1(cinfo, 1, JTRC_APP0, (int) length);
391 }
392
393 INPUT_SYNC(cinfo);
394 if (length > 0) /* skip any remaining data -- could be lots */
395 (*cinfo->src->skip_input_data) (cinfo, (long) length);
396
397 return TRUE;
398 }
399
400
401 METHODDEF boolean
get_app14(j_decompress_ptr cinfo)402 get_app14 (j_decompress_ptr cinfo)
403 /* Process an APP14 marker */
404 {
405 #define ADOBE_LEN 12
406 INT32 length;
407 UINT8 b[ADOBE_LEN];
408 int buffp;
409 unsigned int version, flags0, flags1, transform;
410 INPUT_VARS(cinfo);
411
412 INPUT_2BYTES(cinfo, length, return FALSE);
413 length -= 2;
414
415 /* See if an Adobe APP14 marker is present */
416
417 if (length >= ADOBE_LEN) {
418 for (buffp = 0; buffp < ADOBE_LEN; buffp++)
419 INPUT_BYTE(cinfo, b[buffp], return FALSE);
420 length -= ADOBE_LEN;
421
422 if (b[0]==0x41 && b[1]==0x64 && b[2]==0x6F && b[3]==0x62 && b[4]==0x65) {
423 /* Found Adobe APP14 marker */
424 version = (b[5] << 8) + b[6];
425 flags0 = (b[7] << 8) + b[8];
426 flags1 = (b[9] << 8) + b[10];
427 transform = b[11];
428 TRACEMS4(cinfo, 1, JTRC_ADOBE, version, flags0, flags1, transform);
429 cinfo->saw_Adobe_marker = TRUE;
430 cinfo->Adobe_transform = (UINT8) transform;
431 } else {
432 /* Start of APP14 does not match "Adobe" */
433 TRACEMS1(cinfo, 1, JTRC_APP14, (int) length + ADOBE_LEN);
434 }
435 } else {
436 /* Too short to be Adobe marker */
437 TRACEMS1(cinfo, 1, JTRC_APP14, (int) length);
438 }
439
440 INPUT_SYNC(cinfo);
441 if (length > 0) /* skip any remaining data -- could be lots */
442 (*cinfo->src->skip_input_data) (cinfo, (long) length);
443
444 return TRUE;
445 }
446
447
448 LOCAL boolean
get_dac(j_decompress_ptr cinfo)449 get_dac (j_decompress_ptr cinfo)
450 /* Process a DAC marker */
451 {
452 INT32 length;
453 int index, val;
454 INPUT_VARS(cinfo);
455
456 INPUT_2BYTES(cinfo, length, return FALSE);
457 length -= 2;
458
459 while (length > 0) {
460 INPUT_BYTE(cinfo, index, return FALSE);
461 INPUT_BYTE(cinfo, val, return FALSE);
462
463 length -= 2;
464
465 TRACEMS2(cinfo, 1, JTRC_DAC, index, val);
466
467 if (index < 0 || index >= (2*NUM_ARITH_TBLS))
468 ERREXIT1(cinfo, JERR_DAC_INDEX, index);
469
470 if (index >= NUM_ARITH_TBLS) { /* define AC table */
471 cinfo->arith_ac_K[index-NUM_ARITH_TBLS] = (UINT8) val;
472 } else { /* define DC table */
473 cinfo->arith_dc_L[index] = (UINT8) (val & 0x0F);
474 cinfo->arith_dc_U[index] = (UINT8) (val >> 4);
475 if (cinfo->arith_dc_L[index] > cinfo->arith_dc_U[index])
476 ERREXIT1(cinfo, JERR_DAC_VALUE, val);
477 }
478 }
479
480 INPUT_SYNC(cinfo);
481 return TRUE;
482 }
483
484
485 LOCAL boolean
get_dht(j_decompress_ptr cinfo)486 get_dht (j_decompress_ptr cinfo)
487 /* Process a DHT marker */
488 {
489 INT32 length;
490 UINT8 bits[17];
491 UINT8 huffval[256];
492 int i, index, count;
493 JHUFF_TBL **htblptr;
494 INPUT_VARS(cinfo);
495
496 INPUT_2BYTES(cinfo, length, return FALSE);
497 length -= 2;
498
499 while (length > 0) {
500 INPUT_BYTE(cinfo, index, return FALSE);
501
502 TRACEMS1(cinfo, 1, JTRC_DHT, index);
503
504 bits[0] = 0;
505 count = 0;
506 for (i = 1; i <= 16; i++) {
507 INPUT_BYTE(cinfo, bits[i], return FALSE);
508 count += bits[i];
509 }
510
511 length -= 1 + 16;
512
513 TRACEMS8(cinfo, 2, JTRC_HUFFBITS,
514 bits[1], bits[2], bits[3], bits[4],
515 bits[5], bits[6], bits[7], bits[8]);
516 TRACEMS8(cinfo, 2, JTRC_HUFFBITS,
517 bits[9], bits[10], bits[11], bits[12],
518 bits[13], bits[14], bits[15], bits[16]);
519
520 if (count > 256 || ((INT32) count) > length)
521 ERREXIT(cinfo, JERR_DHT_COUNTS);
522
523 for (i = 0; i < count; i++)
524 INPUT_BYTE(cinfo, huffval[i], return FALSE);
525
526 length -= count;
527
528 if (index & 0x10) { /* AC table definition */
529 index -= 0x10;
530 htblptr = &cinfo->ac_huff_tbl_ptrs[index];
531 } else { /* DC table definition */
532 htblptr = &cinfo->dc_huff_tbl_ptrs[index];
533 }
534
535 if (index < 0 || index >= NUM_HUFF_TBLS)
536 ERREXIT1(cinfo, JERR_DHT_INDEX, index);
537
538 if (*htblptr == NULL)
539 *htblptr = jpeg_alloc_huff_table((j_common_ptr) cinfo);
540
541 MEMCOPY((*htblptr)->bits, bits, SIZEOF((*htblptr)->bits));
542 MEMCOPY((*htblptr)->huffval, huffval, SIZEOF((*htblptr)->huffval));
543 }
544
545 INPUT_SYNC(cinfo);
546 return TRUE;
547 }
548
549
550 LOCAL boolean
get_dqt(j_decompress_ptr cinfo)551 get_dqt (j_decompress_ptr cinfo)
552 /* Process a DQT marker */
553 {
554 INT32 length;
555 int n, i, prec;
556 unsigned int tmp;
557 JQUANT_TBL *quant_ptr;
558 INPUT_VARS(cinfo);
559
560 INPUT_2BYTES(cinfo, length, return FALSE);
561 length -= 2;
562
563 while (length > 0) {
564 INPUT_BYTE(cinfo, n, return FALSE);
565 prec = n >> 4;
566 n &= 0x0F;
567
568 TRACEMS2(cinfo, 1, JTRC_DQT, n, prec);
569
570 if (n >= NUM_QUANT_TBLS)
571 ERREXIT1(cinfo, JERR_DQT_INDEX, n);
572
573 if (cinfo->quant_tbl_ptrs[n] == NULL)
574 cinfo->quant_tbl_ptrs[n] = jpeg_alloc_quant_table((j_common_ptr) cinfo);
575 quant_ptr = cinfo->quant_tbl_ptrs[n];
576
577 for (i = 0; i < DCTSIZE2; i++) {
578 if (prec)
579 INPUT_2BYTES(cinfo, tmp, return FALSE);
580 else
581 INPUT_BYTE(cinfo, tmp, return FALSE);
582 quant_ptr->quantval[i] = (UINT16) tmp;
583 }
584
585 for (i = 0; i < DCTSIZE2; i += 8) {
586 TRACEMS8(cinfo, 2, JTRC_QUANTVALS,
587 quant_ptr->quantval[i ], quant_ptr->quantval[i+1],
588 quant_ptr->quantval[i+2], quant_ptr->quantval[i+3],
589 quant_ptr->quantval[i+4], quant_ptr->quantval[i+5],
590 quant_ptr->quantval[i+6], quant_ptr->quantval[i+7]);
591 }
592
593 length -= DCTSIZE2+1;
594 if (prec) length -= DCTSIZE2;
595 }
596
597 INPUT_SYNC(cinfo);
598 return TRUE;
599 }
600
601
602 LOCAL boolean
get_dri(j_decompress_ptr cinfo)603 get_dri (j_decompress_ptr cinfo)
604 /* Process a DRI marker */
605 {
606 INT32 length;
607 unsigned int tmp;
608 INPUT_VARS(cinfo);
609
610 INPUT_2BYTES(cinfo, length, return FALSE);
611
612 if (length != 4)
613 ERREXIT(cinfo, JERR_BAD_LENGTH);
614
615 INPUT_2BYTES(cinfo, tmp, return FALSE);
616
617 TRACEMS1(cinfo, 1, JTRC_DRI, tmp);
618
619 cinfo->restart_interval = tmp;
620
621 INPUT_SYNC(cinfo);
622 return TRUE;
623 }
624
625
626 METHODDEF boolean
skip_variable(j_decompress_ptr cinfo)627 skip_variable (j_decompress_ptr cinfo)
628 /* Skip over an unknown or uninteresting variable-length marker */
629 {
630 INT32 length;
631 INPUT_VARS(cinfo);
632
633 INPUT_2BYTES(cinfo, length, return FALSE);
634
635 TRACEMS2(cinfo, 1, JTRC_MISC_MARKER, cinfo->unread_marker, (int) length);
636
637 INPUT_SYNC(cinfo); /* do before skip_input_data */
638 (*cinfo->src->skip_input_data) (cinfo, (long) length - 2L);
639
640 return TRUE;
641 }
642
643
644 /*
645 * Find the next JPEG marker, save it in cinfo->unread_marker.
646 * Returns FALSE if had to suspend before reaching a marker;
647 * in that case cinfo->unread_marker is unchanged.
648 *
649 * Note that the result might not be a valid marker code,
650 * but it will never be 0 or FF.
651 */
652
653 LOCAL boolean
next_marker(j_decompress_ptr cinfo)654 next_marker (j_decompress_ptr cinfo)
655 {
656 int c;
657 INPUT_VARS(cinfo);
658
659 for (;;) {
660 INPUT_BYTE(cinfo, c, return FALSE);
661 /* Skip any non-FF bytes.
662 * This may look a bit inefficient, but it will not occur in a valid file.
663 * We sync after each discarded byte so that a suspending data source
664 * can discard the byte from its buffer.
665 */
666 while (c != 0xFF) {
667 cinfo->marker->discarded_bytes++;
668 INPUT_SYNC(cinfo);
669 INPUT_BYTE(cinfo, c, return FALSE);
670 }
671 /* This loop swallows any duplicate FF bytes. Extra FFs are legal as
672 * pad bytes, so don't count them in discarded_bytes. We assume there
673 * will not be so many consecutive FF bytes as to overflow a suspending
674 * data source's input buffer.
675 */
676 do {
677 INPUT_BYTE(cinfo, c, return FALSE);
678 } while (c == 0xFF);
679 if (c != 0)
680 break; /* found a valid marker, exit loop */
681 /* Reach here if we found a stuffed-zero data sequence (FF/00).
682 * Discard it and loop back to try again.
683 */
684 cinfo->marker->discarded_bytes += 2;
685 INPUT_SYNC(cinfo);
686 }
687
688 if (cinfo->marker->discarded_bytes != 0) {
689 WARNMS2(cinfo, JWRN_EXTRANEOUS_DATA, cinfo->marker->discarded_bytes, c);
690 cinfo->marker->discarded_bytes = 0;
691 }
692
693 cinfo->unread_marker = c;
694
695 INPUT_SYNC(cinfo);
696 return TRUE;
697 }
698
699
700 LOCAL boolean
first_marker(j_decompress_ptr cinfo)701 first_marker (j_decompress_ptr cinfo)
702 /* Like next_marker, but used to obtain the initial SOI marker. */
703 /* For this marker, we do not allow preceding garbage or fill; otherwise,
704 * we might well scan an entire input file before realizing it ain't JPEG.
705 * If an application wants to process non-JFIF files, it must seek to the
706 * SOI before calling the JPEG library.
707 */
708 {
709 int c, c2;
710 INPUT_VARS(cinfo);
711
712 INPUT_BYTE(cinfo, c, return FALSE);
713 INPUT_BYTE(cinfo, c2, return FALSE);
714 if (c != 0xFF || c2 != (int) M_SOI)
715 ERREXIT2(cinfo, JERR_NO_SOI, c, c2);
716
717 cinfo->unread_marker = c2;
718
719 INPUT_SYNC(cinfo);
720 return TRUE;
721 }
722
723
724 /*
725 * Read markers until SOS or EOI.
726 *
727 * Returns same codes as are defined for jpeg_read_header,
728 * but HEADER_OK and HEADER_TABLES_ONLY merely indicate which marker type
729 * stopped the scan --- they do not necessarily mean the file is valid.
730 */
731
732 METHODDEF int
read_markers(j_decompress_ptr cinfo)733 read_markers (j_decompress_ptr cinfo)
734 {
735 /* Outer loop repeats once for each marker. */
736 for (;;) {
737 /* Collect the marker proper, unless we already did. */
738 /* NB: first_marker() enforces the requirement that SOI appear first. */
739 if (cinfo->unread_marker == 0) {
740 if (! cinfo->marker->saw_SOI) {
741 if (! first_marker(cinfo))
742 return JPEG_SUSPENDED;
743 } else {
744 if (! next_marker(cinfo))
745 return JPEG_SUSPENDED;
746 }
747 }
748 /* At this point cinfo->unread_marker contains the marker code and the
749 * input point is just past the marker proper, but before any parameters.
750 * A suspension will cause us to return with this state still true.
751 */
752 switch (cinfo->unread_marker) {
753 case M_SOI:
754 if (! get_soi(cinfo))
755 return JPEG_SUSPENDED;
756 break;
757
758 case M_SOF0: /* Baseline */
759 case M_SOF1: /* Extended sequential, Huffman */
760 cinfo->arith_code = FALSE;
761 if (! get_sof(cinfo))
762 return JPEG_SUSPENDED;
763 break;
764
765 case M_SOF9: /* Extended sequential, arithmetic */
766 cinfo->arith_code = TRUE;
767 if (! get_sof(cinfo))
768 return JPEG_SUSPENDED;
769 break;
770
771 /* Currently unsupported SOFn types */
772 case M_SOF2: /* Progressive, Huffman */
773 case M_SOF3: /* Lossless, Huffman */
774 case M_SOF5: /* Differential sequential, Huffman */
775 case M_SOF6: /* Differential progressive, Huffman */
776 case M_SOF7: /* Differential lossless, Huffman */
777 case M_JPG: /* Reserved for JPEG extensions */
778 case M_SOF10: /* Progressive, arithmetic */
779 case M_SOF11: /* Lossless, arithmetic */
780 case M_SOF13: /* Differential sequential, arithmetic */
781 case M_SOF14: /* Differential progressive, arithmetic */
782 case M_SOF15: /* Differential lossless, arithmetic */
783 ERREXIT1(cinfo, JERR_SOF_UNSUPPORTED, cinfo->unread_marker);
784 break;
785
786 case M_SOS:
787 if (! get_sos(cinfo))
788 return JPEG_SUSPENDED;
789 cinfo->unread_marker = 0; /* processed the marker */
790 return JPEG_HEADER_OK; /* return value for SOS found */
791
792 case M_EOI:
793 TRACEMS(cinfo, 1, JTRC_EOI);
794 cinfo->unread_marker = 0; /* processed the marker */
795 return JPEG_HEADER_TABLES_ONLY; /* return value for EOI found */
796
797 case M_DAC:
798 if (! get_dac(cinfo))
799 return JPEG_SUSPENDED;
800 break;
801
802 case M_DHT:
803 if (! get_dht(cinfo))
804 return JPEG_SUSPENDED;
805 break;
806
807 case M_DQT:
808 if (! get_dqt(cinfo))
809 return JPEG_SUSPENDED;
810 break;
811
812 case M_DRI:
813 if (! get_dri(cinfo))
814 return JPEG_SUSPENDED;
815 break;
816
817 case M_APP0:
818 case M_APP1:
819 case M_APP2:
820 case M_APP3:
821 case M_APP4:
822 case M_APP5:
823 case M_APP6:
824 case M_APP7:
825 case M_APP8:
826 case M_APP9:
827 case M_APP10:
828 case M_APP11:
829 case M_APP12:
830 case M_APP13:
831 case M_APP14:
832 case M_APP15:
833 if (! (*cinfo->marker->process_APPn[cinfo->unread_marker - (int) M_APP0]) (cinfo))
834 return JPEG_SUSPENDED;
835 break;
836
837 case M_COM:
838 if (! (*cinfo->marker->process_COM) (cinfo))
839 return JPEG_SUSPENDED;
840 break;
841
842 case M_RST0: /* these are all parameterless */
843 case M_RST1:
844 case M_RST2:
845 case M_RST3:
846 case M_RST4:
847 case M_RST5:
848 case M_RST6:
849 case M_RST7:
850 case M_TEM:
851 TRACEMS1(cinfo, 1, JTRC_PARMLESS_MARKER, cinfo->unread_marker);
852 break;
853
854 case M_DNL: /* Ignore DNL ... perhaps the wrong thing */
855 if (! skip_variable(cinfo))
856 return JPEG_SUSPENDED;
857 break;
858
859 default: /* must be DHP, EXP, JPGn, or RESn */
860 /* For now, we treat the reserved markers as fatal errors since they are
861 * likely to be used to signal incompatible JPEG Part 3 extensions.
862 * Once the JPEG 3 version-number marker is well defined, this code
863 * ought to change!
864 */
865 ERREXIT1(cinfo, JERR_UNKNOWN_MARKER, cinfo->unread_marker);
866 break;
867 }
868 /* Successfully processed marker, so reset state variable */
869 cinfo->unread_marker = 0;
870 } /* end loop */
871 }
872
873
874 /*
875 * Read a restart marker, which is expected to appear next in the datastream;
876 * if the marker is not there, take appropriate recovery action.
877 * Returns FALSE if suspension is required.
878 *
879 * This is called by the entropy decoder after it has read an appropriate
880 * number of MCUs. cinfo->unread_marker may be nonzero if the entropy decoder
881 * has already read a marker from the data source. Under normal conditions
882 * cinfo->unread_marker will be reset to 0 before returning; if not reset,
883 * it holds a marker which the decoder will be unable to read past.
884 */
885
886 METHODDEF boolean
read_restart_marker(j_decompress_ptr cinfo)887 read_restart_marker (j_decompress_ptr cinfo)
888 {
889 /* Obtain a marker unless we already did. */
890 /* Note that next_marker will complain if it skips any data. */
891 if (cinfo->unread_marker == 0) {
892 if (! next_marker(cinfo))
893 return FALSE;
894 }
895
896 if (cinfo->unread_marker ==
897 ((int) M_RST0 + cinfo->marker->next_restart_num)) {
898 /* Normal case --- swallow the marker and let entropy decoder continue */
899 TRACEMS1(cinfo, 2, JTRC_RST, cinfo->marker->next_restart_num);
900 cinfo->unread_marker = 0;
901 } else {
902 /* Uh-oh, the restart markers have been messed up. */
903 /* Let the data source manager determine how to resync. */
904 if (! (*cinfo->src->resync_to_restart) (cinfo))
905 return FALSE;
906 }
907
908 /* Update next-restart state */
909 cinfo->marker->next_restart_num = (cinfo->marker->next_restart_num + 1) & 7;
910
911 return TRUE;
912 }
913
914
915 /*
916 * This is the default resync_to_restart method for data source managers
917 * to use if they don't have any better approach. Some data source managers
918 * may be able to back up, or may have additional knowledge about the data
919 * which permits a more intelligent recovery strategy; such managers would
920 * presumably supply their own resync method.
921 *
922 * read_restart_marker calls resync_to_restart if it finds a marker other than
923 * the restart marker it was expecting. (This code is *not* used unless
924 * a nonzero restart interval has been declared.) cinfo->unread_marker is
925 * the marker code actually found (might be anything, except 0 or FF).
926 * The desired restart marker is indicated by cinfo->marker->next_restart_num.
927 * This routine is supposed to apply whatever error recovery strategy seems
928 * appropriate in order to position the input stream to the next data segment.
929 * Note that cinfo->unread_marker is treated as a marker appearing before
930 * the current data-source input point; usually it should be reset to zero
931 * before returning.
932 * Returns FALSE if suspension is required.
933 *
934 * This implementation is substantially constrained by wanting to treat the
935 * input as a data stream; this means we can't back up. Therefore, we have
936 * only the following actions to work with:
937 * 1. Simply discard the marker and let the entropy decoder resume at next
938 * byte of file.
939 * 2. Read forward until we find another marker, discarding intervening
940 * data. (In theory we could look ahead within the current bufferload,
941 * without having to discard data if we don't find the desired marker.
942 * This idea is not implemented here, in part because it makes behavior
943 * dependent on buffer size and chance buffer-boundary positions.)
944 * 3. Leave the marker unread (by failing to zero cinfo->unread_marker).
945 * This will cause the entropy decoder to process an empty data segment,
946 * inserting dummy zeroes, and then we will reprocess the marker.
947 *
948 * #2 is appropriate if we think the desired marker lies ahead, while #3 is
949 * appropriate if the found marker is a future restart marker (indicating
950 * that we have missed the desired restart marker, probably because it got
951 * corrupted).
952 * We apply #2 or #3 if the found marker is a restart marker no more than
953 * two counts behind or ahead of the expected one. We also apply #2 if the
954 * found marker is not a legal JPEG marker code (it's certainly bogus data).
955 * If the found marker is a restart marker more than 2 counts away, we do #1
956 * (too much risk that the marker is erroneous; with luck we will be able to
957 * resync at some future point).
958 * For any valid non-restart JPEG marker, we apply #3. This keeps us from
959 * overrunning the end of a scan. An implementation limited to single-scan
960 * files might find it better to apply #2 for markers other than EOI, since
961 * any other marker would have to be bogus data in that case.
962 */
963
964 GLOBAL boolean
jpeg_resync_to_restart(j_decompress_ptr cinfo)965 jpeg_resync_to_restart (j_decompress_ptr cinfo)
966 {
967 int marker = cinfo->unread_marker;
968 int desired = cinfo->marker->next_restart_num;
969 int action = 1;
970
971 /* Always put up a warning. */
972 WARNMS2(cinfo, JWRN_MUST_RESYNC, marker, desired);
973
974 /* Outer loop handles repeated decision after scanning forward. */
975 for (;;) {
976 if (marker < (int) M_SOF0)
977 action = 2; /* invalid marker */
978 else if (marker < (int) M_RST0 || marker > (int) M_RST7)
979 action = 3; /* valid non-restart marker */
980 else {
981 if (marker == ((int) M_RST0 + ((desired+1) & 7)) ||
982 marker == ((int) M_RST0 + ((desired+2) & 7)))
983 action = 3; /* one of the next two expected restarts */
984 else if (marker == ((int) M_RST0 + ((desired-1) & 7)) ||
985 marker == ((int) M_RST0 + ((desired-2) & 7)))
986 action = 2; /* a prior restart, so advance */
987 else
988 action = 1; /* desired restart or too far away */
989 }
990 TRACEMS2(cinfo, 4, JTRC_RECOVERY_ACTION, marker, action);
991 switch (action) {
992 case 1:
993 /* Discard marker and let entropy decoder resume processing. */
994 cinfo->unread_marker = 0;
995 return TRUE;
996 case 2:
997 /* Scan to the next marker, and repeat the decision loop. */
998 if (! next_marker(cinfo))
999 return FALSE;
1000 marker = cinfo->unread_marker;
1001 break;
1002 case 3:
1003 /* Return without advancing past this marker. */
1004 /* Entropy decoder will be forced to process an empty segment. */
1005 return TRUE;
1006 }
1007 } /* end loop */
1008 }
1009
1010
1011 /*
1012 * Reset marker processing state to begin a fresh datastream.
1013 */
1014
1015 METHODDEF void
reset_marker_reader(j_decompress_ptr cinfo)1016 reset_marker_reader (j_decompress_ptr cinfo)
1017 {
1018 cinfo->unread_marker = 0; /* no pending marker */
1019 cinfo->marker->saw_SOI = FALSE; /* set internal state too */
1020 cinfo->marker->saw_SOF = FALSE;
1021 cinfo->marker->discarded_bytes = 0;
1022 cinfo->comp_info = NULL; /* until allocated by get_sof */
1023 }
1024
1025
1026 /*
1027 * Initialize the marker reader module.
1028 */
1029
1030 GLOBAL void
jinit_marker_reader(j_decompress_ptr cinfo)1031 jinit_marker_reader (j_decompress_ptr cinfo)
1032 {
1033 int i;
1034
1035 /* Create subobject in permanent pool */
1036 if (cinfo->marker == NULL) { /* first time for this JPEG object? */
1037 cinfo->marker = (struct jpeg_marker_reader *)
1038 (*cinfo->mem->alloc_small) ((j_common_ptr) cinfo, JPOOL_PERMANENT,
1039 SIZEOF(struct jpeg_marker_reader));
1040 }
1041 /* Initialize method pointers */
1042 cinfo->marker->reset_marker_reader = reset_marker_reader;
1043 cinfo->marker->read_markers = read_markers;
1044 cinfo->marker->read_restart_marker = read_restart_marker;
1045 cinfo->marker->process_COM = skip_variable;
1046 for (i = 0; i < 16; i++)
1047 cinfo->marker->process_APPn[i] = skip_variable;
1048 cinfo->marker->process_APPn[0] = get_app0;
1049 cinfo->marker->process_APPn[14] = get_app14;
1050 /* Reset marker processing state */
1051 reset_marker_reader(cinfo);
1052 }
1053