1 /* exif-mnote-data-pentax.c
2 *
3 * Copyright (c) 2002, 2003 Lutz Mueller <lutz@users.sourceforge.net>
4 *
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2 of the License, or (at your option) any later version.
9 *
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
14 *
15 * You should have received a copy of the GNU Lesser General Public
16 * License along with this library; if not, write to the
17 * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
18 * Boston, MA 02110-1301 USA.
19 */
20
21 #include "config.h"
22 #include "exif-mnote-data-pentax.h"
23
24 #include <stdlib.h>
25 #include <string.h>
26 #include <stdio.h>
27
28 #include <libexif/exif-byte-order.h>
29 #include <libexif/exif-utils.h>
30
31 #define CHECKOVERFLOW(offset,datasize,structsize) (( offset >= datasize) || (structsize > datasize) || (offset > datasize - structsize ))
32
33 static void
exif_mnote_data_pentax_clear(ExifMnoteDataPentax * n)34 exif_mnote_data_pentax_clear (ExifMnoteDataPentax *n)
35 {
36 ExifMnoteData *d = (ExifMnoteData *) n;
37 unsigned int i;
38
39 if (!n) return;
40
41 if (n->entries) {
42 for (i = 0; i < n->count; i++)
43 if (n->entries[i].data) {
44 exif_mem_free (d->mem, n->entries[i].data);
45 n->entries[i].data = NULL;
46 }
47 exif_mem_free (d->mem, n->entries);
48 n->entries = NULL;
49 n->count = 0;
50 }
51 }
52
53 static void
exif_mnote_data_pentax_free(ExifMnoteData * n)54 exif_mnote_data_pentax_free (ExifMnoteData *n)
55 {
56 if (!n) return;
57
58 exif_mnote_data_pentax_clear ((ExifMnoteDataPentax *) n);
59 }
60
61 static char *
exif_mnote_data_pentax_get_value(ExifMnoteData * d,unsigned int i,char * val,unsigned int maxlen)62 exif_mnote_data_pentax_get_value (ExifMnoteData *d, unsigned int i, char *val, unsigned int maxlen)
63 {
64 ExifMnoteDataPentax *n = (ExifMnoteDataPentax *) d;
65
66 if (!n) return NULL;
67 if (n->count <= i) return NULL;
68 return mnote_pentax_entry_get_value (&n->entries[i], val, maxlen);
69 }
70
71 /**
72 * @brief save the MnoteData from ne to buf
73 *
74 * @param ne extract the data from this structure
75 * @param *buf write the mnoteData to this buffer (buffer will be allocated)
76 * @param buf_size the final size of the buffer
77 */
78 static void
exif_mnote_data_pentax_save(ExifMnoteData * ne,unsigned char ** buf,unsigned int * buf_size)79 exif_mnote_data_pentax_save (ExifMnoteData *ne,
80 unsigned char **buf, unsigned int *buf_size)
81 {
82 ExifMnoteDataPentax *n = (ExifMnoteDataPentax *) ne;
83 size_t i, datao,
84 base = 0, /* internal MakerNote tag number offset */
85 o2 = 4 + 2; /* offset to first tag entry, past header */
86
87 if (!n || !buf || !buf_size) return;
88 datao = n->offset; /* this MakerNote style uses offsets
89 based on main IFD, not makernote IFD */
90
91 /*
92 * Allocate enough memory for header, the number of entries, entries,
93 * and next IFD pointer
94 */
95 *buf_size = o2 + 2 + n->count * 12 + 4;
96 switch (n->version) {
97 case casioV2:
98 base = MNOTE_PENTAX2_TAG_BASE;
99 *buf = exif_mem_alloc (ne->mem, *buf_size);
100 if (!*buf) {
101 EXIF_LOG_NO_MEMORY(ne->log, "ExifMnoteDataPentax", *buf_size);
102 return;
103 }
104 /* Write the magic header */
105 strcpy ((char *)*buf, "QVC");
106 exif_set_short (*buf + 4, n->order, (ExifShort) 0);
107
108 break;
109
110 case pentaxV3:
111 base = MNOTE_PENTAX2_TAG_BASE;
112 *buf = exif_mem_alloc (ne->mem, *buf_size);
113 if (!*buf) {
114 EXIF_LOG_NO_MEMORY(ne->log, "ExifMnoteDataPentax", *buf_size);
115 return;
116 }
117
118 /* Write the magic header */
119 strcpy ((char *)*buf, "AOC");
120 exif_set_short (*buf + 4, n->order, (ExifShort) (
121 (n->order == EXIF_BYTE_ORDER_INTEL) ?
122 ('I' << 8) | 'I' :
123 ('M' << 8) | 'M'));
124 break;
125
126 case pentaxV2:
127 base = MNOTE_PENTAX2_TAG_BASE;
128 *buf = exif_mem_alloc (ne->mem, *buf_size);
129 if (!*buf) {
130 EXIF_LOG_NO_MEMORY(ne->log, "ExifMnoteDataPentax", *buf_size);
131 return;
132 }
133
134 /* Write the magic header */
135 strcpy ((char *)*buf, "AOC");
136 exif_set_short (*buf + 4, n->order, (ExifShort) 0);
137 break;
138
139 case pentaxV1:
140 /* It looks like this format doesn't have a magic header as
141 * such, just has a fixed number of entries equal to 0x001b */
142 *buf_size -= 6;
143 o2 -= 6;
144 *buf = exif_mem_alloc (ne->mem, *buf_size);
145 if (!*buf) {
146 EXIF_LOG_NO_MEMORY(ne->log, "ExifMnoteDataPentax", *buf_size);
147 return;
148 }
149 break;
150
151 default:
152 /* internal error */
153 return;
154 }
155
156 /* Write the number of entries. */
157 exif_set_short (*buf + o2, n->order, (ExifShort) n->count);
158 o2 += 2;
159
160 /* Save each entry */
161 for (i = 0; i < n->count; i++) {
162 size_t doff; /* offset to current data portion of tag */
163 size_t s;
164 unsigned char *t;
165 size_t o = o2 + i * 12; /* current offset into output buffer */
166 exif_set_short (*buf + o + 0, n->order,
167 (ExifShort) (n->entries[i].tag - base));
168 exif_set_short (*buf + o + 2, n->order,
169 (ExifShort) n->entries[i].format);
170 exif_set_long (*buf + o + 4, n->order,
171 n->entries[i].components);
172 o += 8;
173 s = exif_format_get_size (n->entries[i].format) *
174 n->entries[i].components;
175 if (s > 65536) {
176 /* Corrupt data: EXIF data size is limited to the
177 * maximum size of a JPEG segment (64 kb).
178 */
179 continue;
180 }
181 if (s > 4) {
182 size_t ts = *buf_size + s;
183 doff = *buf_size;
184 t = exif_mem_realloc (ne->mem, *buf,
185 sizeof (char) * ts);
186 if (!t) {
187 EXIF_LOG_NO_MEMORY(ne->log, "ExifMnoteDataPentax", ts);
188 return;
189 }
190 *buf = t;
191 *buf_size = ts;
192 exif_set_long (*buf + o, n->order, datao + doff);
193 } else
194 doff = o;
195
196 /* Write the data. */
197 if (n->entries[i].data) {
198 memcpy (*buf + doff, n->entries[i].data, s);
199 } else {
200 /* Most certainly damaged input file */
201 memset (*buf + doff, 0, s);
202 }
203 }
204
205 /* Sanity check the buffer size */
206 if (*buf_size < (o2 + n->count * 12 + 4)) {
207 exif_log (ne->log, EXIF_LOG_CODE_CORRUPT_DATA, "ExifMnoteDataPentax",
208 "Buffer overflow");
209 }
210
211 /* Reset next IFD pointer */
212 exif_set_long (*buf + o2 + n->count * 12, n->order, 0);
213 }
214
215 static void
exif_mnote_data_pentax_load(ExifMnoteData * en,const unsigned char * buf,unsigned int buf_size)216 exif_mnote_data_pentax_load (ExifMnoteData *en,
217 const unsigned char *buf, unsigned int buf_size)
218 {
219 ExifMnoteDataPentax *n = (ExifMnoteDataPentax *) en;
220 size_t i, tcount, o, datao, base = 0;
221 ExifShort c;
222
223 if (!n || !buf || !buf_size) {
224 exif_log (en->log, EXIF_LOG_CODE_CORRUPT_DATA,
225 "ExifMnoteDataPentax", "Short MakerNote");
226 return;
227 }
228 datao = 6 + n->offset;
229 if (CHECKOVERFLOW(datao, buf_size, 8)) {
230 exif_log (en->log, EXIF_LOG_CODE_CORRUPT_DATA,
231 "ExifMnoteDataPentax", "Short MakerNote");
232 return;
233 }
234
235 /* Detect variant of Pentax/Casio MakerNote found */
236 if (!memcmp(buf + datao, "AOC", 4)) {
237 if ((buf[datao + 4] == 'I') && (buf[datao + 5] == 'I')) {
238 n->version = pentaxV3;
239 n->order = EXIF_BYTE_ORDER_INTEL;
240 } else if ((buf[datao + 4] == 'M') && (buf[datao + 5] == 'M')) {
241 n->version = pentaxV3;
242 n->order = EXIF_BYTE_ORDER_MOTOROLA;
243 } else {
244 /* Uses Casio v2 tags */
245 n->version = pentaxV2;
246 }
247 exif_log (en->log, EXIF_LOG_CODE_DEBUG, "ExifMnoteDataPentax",
248 "Parsing Pentax maker note v%d...", (int)n->version);
249 datao += 4 + 2;
250 base = MNOTE_PENTAX2_TAG_BASE;
251 } else if (!memcmp(buf + datao, "QVC", 4)) {
252 exif_log (en->log, EXIF_LOG_CODE_DEBUG, "ExifMnoteDataPentax",
253 "Parsing Casio maker note v2...");
254 n->version = casioV2;
255 base = MNOTE_CASIO2_TAG_BASE;
256 datao += 4 + 2;
257 } else {
258 /* probably assert(!memcmp(buf + datao, "\x00\x1b", 2)) */
259 exif_log (en->log, EXIF_LOG_CODE_DEBUG, "ExifMnoteDataPentax",
260 "Parsing Pentax maker note v1...");
261 n->version = pentaxV1;
262 }
263
264 /* Read the number of tags */
265 c = exif_get_short (buf + datao, n->order);
266 datao += 2;
267
268 /* Just use an arbitrary max tag limit here to avoid needing to much memory or time. There are 102 named tags currently.
269 * The format allows specifying the same range of memory as often as it can, so this multiplies quickly. */
270 if (c > 200) {
271 exif_log (en->log, EXIF_LOG_CODE_CORRUPT_DATA, "ExifMnoteDataPentax", "Too much tags (%d) in Pentax MakerNote", c);
272 return;
273 }
274
275
276 /* Remove any old entries */
277 exif_mnote_data_pentax_clear (n);
278
279 /* Reserve enough space for all the possible MakerNote tags */
280 n->entries = exif_mem_alloc (en->mem, sizeof (MnotePentaxEntry) * c);
281 if (!n->entries) {
282 EXIF_LOG_NO_MEMORY(en->log, "ExifMnoteDataPentax", sizeof (MnotePentaxEntry) * c);
283 return;
284 }
285
286 /* Parse all c entries, storing ones that are successfully parsed */
287 tcount = 0;
288 for (i = c, o = datao; i; --i, o += 12) {
289 size_t s;
290
291 memset(&n->entries[tcount], 0, sizeof(MnotePentaxEntry));
292 if (CHECKOVERFLOW(o,buf_size,12)) {
293 exif_log (en->log, EXIF_LOG_CODE_CORRUPT_DATA,
294 "ExifMnoteDataPentax", "Short MakerNote");
295 break;
296 }
297
298 n->entries[tcount].tag = exif_get_short (buf + o + 0, n->order) + base;
299 n->entries[tcount].format = exif_get_short (buf + o + 2, n->order);
300 n->entries[tcount].components = exif_get_long (buf + o + 4, n->order);
301 n->entries[tcount].order = n->order;
302
303 exif_log (en->log, EXIF_LOG_CODE_DEBUG, "ExifMnotePentax",
304 "Loading entry 0x%x ('%s')...", n->entries[tcount].tag,
305 mnote_pentax_tag_get_name (n->entries[tcount].tag));
306
307 /* Check if we overflow the multiplication. Use buf_size as the max size for integer overflow detection,
308 * we will check the buffer sizes closer later. */
309 if ( exif_format_get_size (n->entries[tcount].format) &&
310 buf_size / exif_format_get_size (n->entries[tcount].format) < n->entries[tcount].components
311 ) {
312 exif_log (en->log, EXIF_LOG_CODE_CORRUPT_DATA,
313 "ExifMnoteDataPentax", "Tag size overflow detected (%u * %lu)", exif_format_get_size (n->entries[tcount].format), n->entries[tcount].components);
314 break;
315 }
316 /*
317 * Size? If bigger than 4 bytes, the actual data is not
318 * in the entry but somewhere else (offset).
319 */
320 s = exif_format_get_size (n->entries[tcount].format) *
321 n->entries[tcount].components;
322 n->entries[tcount].size = s;
323 if (s) {
324 size_t dataofs = o + 8;
325 if (s > 4)
326 /* The data in this case is merely a pointer */
327 dataofs = exif_get_long (buf + dataofs, n->order) + 6;
328
329 if (CHECKOVERFLOW(dataofs, buf_size, s)) {
330 exif_log (en->log, EXIF_LOG_CODE_DEBUG,
331 "ExifMnoteDataPentax", "Tag data past end "
332 "of buffer (%u > %u)", (unsigned)(dataofs + s), buf_size);
333 continue;
334 }
335
336 n->entries[tcount].data = exif_mem_alloc (en->mem, s);
337 if (!n->entries[tcount].data) {
338 EXIF_LOG_NO_MEMORY(en->log, "ExifMnoteDataPentax", s);
339 continue;
340 }
341 memcpy (n->entries[tcount].data, buf + dataofs, s);
342 }
343
344 /* Tag was successfully parsed */
345 ++tcount;
346 }
347 /* Store the count of successfully parsed tags */
348 n->count = tcount;
349 }
350
351 static unsigned int
exif_mnote_data_pentax_count(ExifMnoteData * n)352 exif_mnote_data_pentax_count (ExifMnoteData *n)
353 {
354 return n ? ((ExifMnoteDataPentax *) n)->count : 0;
355 }
356
357 static unsigned int
exif_mnote_data_pentax_get_id(ExifMnoteData * d,unsigned int n)358 exif_mnote_data_pentax_get_id (ExifMnoteData *d, unsigned int n)
359 {
360 ExifMnoteDataPentax *note = (ExifMnoteDataPentax *) d;
361
362 if (!note) return 0;
363 if (note->count <= n) return 0;
364 return note->entries[n].tag;
365 }
366
367 static const char *
exif_mnote_data_pentax_get_name(ExifMnoteData * d,unsigned int n)368 exif_mnote_data_pentax_get_name (ExifMnoteData *d, unsigned int n)
369 {
370 ExifMnoteDataPentax *note = (ExifMnoteDataPentax *) d;
371
372 if (!note) return NULL;
373 if (note->count <= n) return NULL;
374 return mnote_pentax_tag_get_name (note->entries[n].tag);
375 }
376
377 static const char *
exif_mnote_data_pentax_get_title(ExifMnoteData * d,unsigned int n)378 exif_mnote_data_pentax_get_title (ExifMnoteData *d, unsigned int n)
379 {
380 ExifMnoteDataPentax *note = (ExifMnoteDataPentax *) d;
381
382 if (!note) return NULL;
383 if (note->count <= n) return NULL;
384 return mnote_pentax_tag_get_title (note->entries[n].tag);
385 }
386
387 static const char *
exif_mnote_data_pentax_get_description(ExifMnoteData * d,unsigned int n)388 exif_mnote_data_pentax_get_description (ExifMnoteData *d, unsigned int n)
389 {
390 ExifMnoteDataPentax *note = (ExifMnoteDataPentax *) d;
391
392 if (!note) return NULL;
393 if (note->count <= n) return NULL;
394 return mnote_pentax_tag_get_description (note->entries[n].tag);
395 }
396
397 static void
exif_mnote_data_pentax_set_offset(ExifMnoteData * d,unsigned int o)398 exif_mnote_data_pentax_set_offset (ExifMnoteData *d, unsigned int o)
399 {
400 if (d) ((ExifMnoteDataPentax *) d)->offset = o;
401 }
402
403 static void
exif_mnote_data_pentax_set_byte_order(ExifMnoteData * d,ExifByteOrder o)404 exif_mnote_data_pentax_set_byte_order (ExifMnoteData *d, ExifByteOrder o)
405 {
406 ExifByteOrder o_orig;
407 ExifMnoteDataPentax *n = (ExifMnoteDataPentax *) d;
408 unsigned int i;
409
410 if (!n) return;
411
412 o_orig = n->order;
413 n->order = o;
414 for (i = 0; i < n->count; i++) {
415 if (n->entries[i].components && (n->entries[i].size/n->entries[i].components < exif_format_get_size (n->entries[i].format)))
416 continue;
417 n->entries[i].order = o;
418 exif_array_set_byte_order (n->entries[i].format, n->entries[i].data,
419 n->entries[i].components, o_orig, o);
420 }
421 }
422
423 int
exif_mnote_data_pentax_identify(const ExifData * ed,const ExifEntry * e)424 exif_mnote_data_pentax_identify (const ExifData *ed, const ExifEntry *e)
425 {
426 (void) ed; /* unused */
427 if ((e->size >= 8) && !memcmp (e->data, "AOC", 4)) {
428 if (((e->data[4] == 'I') && (e->data[5] == 'I')) ||
429 ((e->data[4] == 'M') && (e->data[5] == 'M')))
430 return pentaxV3;
431 else
432 /* Uses Casio v2 tags */
433 return pentaxV2;
434 }
435
436 if ((e->size >= 8) && !memcmp (e->data, "QVC", 4))
437 return casioV2;
438
439 /* This isn't a very robust test, so make sure it's done last */
440 /* Maybe we should additionally check for a make of Asahi or Pentax */
441 if ((e->size >= 2) && (e->data[0] == 0x00) && (e->data[1] == 0x1b))
442 return pentaxV1;
443
444 return 0;
445 }
446
447 ExifMnoteData *
exif_mnote_data_pentax_new(ExifMem * mem)448 exif_mnote_data_pentax_new (ExifMem *mem)
449 {
450 ExifMnoteData *d;
451
452 if (!mem) return NULL;
453
454 d = exif_mem_alloc (mem, sizeof (ExifMnoteDataPentax));
455 if (!d) return NULL;
456
457 exif_mnote_data_construct (d, mem);
458
459 /* Set up function pointers */
460 d->methods.free = exif_mnote_data_pentax_free;
461 d->methods.set_byte_order = exif_mnote_data_pentax_set_byte_order;
462 d->methods.set_offset = exif_mnote_data_pentax_set_offset;
463 d->methods.load = exif_mnote_data_pentax_load;
464 d->methods.save = exif_mnote_data_pentax_save;
465 d->methods.count = exif_mnote_data_pentax_count;
466 d->methods.get_id = exif_mnote_data_pentax_get_id;
467 d->methods.get_name = exif_mnote_data_pentax_get_name;
468 d->methods.get_title = exif_mnote_data_pentax_get_title;
469 d->methods.get_description = exif_mnote_data_pentax_get_description;
470 d->methods.get_value = exif_mnote_data_pentax_get_value;
471
472 return d;
473 }
474