• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /* $Id: tif_ojpeg.c,v 1.56 2012-05-24 03:15:18 fwarmerdam Exp $ */
2 
3 /* WARNING: The type of JPEG encapsulation defined by the TIFF Version 6.0
4    specification is now totally obsolete and deprecated for new applications and
5    images. This file was was created solely in order to read unconverted images
6    still present on some users' computer systems. It will never be extended
7    to write such files. Writing new-style JPEG compressed TIFFs is implemented
8    in tif_jpeg.c.
9 
10    The code is carefully crafted to robustly read all gathered JPEG-in-TIFF
11    testfiles, and anticipate as much as possible all other... But still, it may
12    fail on some. If you encounter problems, please report them on the TIFF
13    mailing list and/or to Joris Van Damme <info@awaresystems.be>.
14 
15    Please read the file called "TIFF Technical Note #2" if you need to be
16    convinced this compression scheme is bad and breaks TIFF. That document
17    is linked to from the LibTiff site <http://www.remotesensing.org/libtiff/>
18    and from AWare Systems' TIFF section
19    <http://www.awaresystems.be/imaging/tiff.html>. It is also absorbed
20    in Adobe's specification supplements, marked "draft" up to this day, but
21    supported by the TIFF community.
22 
23    This file interfaces with Release 6B of the JPEG Library written by the
24    Independent JPEG Group. Previous versions of this file required a hack inside
25    the LibJpeg library. This version no longer requires that. Remember to
26    remove the hack if you update from the old version.
27 
28    Copyright (c) Joris Van Damme <info@awaresystems.be>
29    Copyright (c) AWare Systems <http://www.awaresystems.be/>
30 
31    The licence agreement for this file is the same as the rest of the LibTiff
32    library.
33 
34    IN NO EVENT SHALL JORIS VAN DAMME OR AWARE SYSTEMS BE LIABLE FOR
35    ANY SPECIAL, INCIDENTAL, INDIRECT OR CONSEQUENTIAL DAMAGES OF ANY KIND,
36    OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS,
37    WHETHER OR NOT ADVISED OF THE POSSIBILITY OF DAMAGE, AND ON ANY THEORY OF
38    LIABILITY, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE
39    OF THIS SOFTWARE.
40 
41    Joris Van Damme and/or AWare Systems may be available for custom
42    developement. If you like what you see, and need anything similar or related,
43    contact <info@awaresystems.be>.
44 */
45 
46 /* What is what, and what is not?
47 
48    This decoder starts with an input stream, that is essentially the JpegInterchangeFormat
49    stream, if any, followed by the strile data, if any. This stream is read in
50    OJPEGReadByte and related functions.
51 
52    It analyzes the start of this stream, until it encounters non-marker data, i.e.
53    compressed image data. Some of the header markers it sees have no actual content,
54    like the SOI marker, and APP/COM markers that really shouldn't even be there. Some
55    other markers do have content, and the valuable bits and pieces of information
56    in these markers are saved, checking all to verify that the stream is more or
57    less within expected bounds. This happens inside the OJPEGReadHeaderInfoSecStreamXxx
58    functions.
59 
60    Some OJPEG imagery contains no valid JPEG header markers. This situation is picked
61    up on if we've seen no SOF marker when we're at the start of the compressed image
62    data. In this case, the tables are read from JpegXxxTables tags, and the other
63    bits and pieces of information is initialized to its most basic value. This is
64    implemented in the OJPEGReadHeaderInfoSecTablesXxx functions.
65 
66    When this is complete, a good and valid JPEG header can be assembled, and this is
67    passed through to LibJpeg. When that's done, the remainder of the input stream, i.e.
68    the compressed image data, can be passed through unchanged. This is done in
69    OJPEGWriteStream functions.
70 
71    LibTiff rightly expects to know the subsampling values before decompression. Just like
72    in new-style JPEG-in-TIFF, though, or even more so, actually, the YCbCrsubsampling
73    tag is notoriously unreliable. To correct these tag values with the ones inside
74    the JPEG stream, the first part of the input stream is pre-scanned in
75    OJPEGSubsamplingCorrect, making no note of any other data, reporting no warnings
76    or errors, up to the point where either these values are read, or it's clear they
77    aren't there. This means that some of the data is read twice, but we feel speed
78    in correcting these values is important enough to warrant this sacrifice. Allthough
79    there is currently no define or other configuration mechanism to disable this behaviour,
80    the actual header scanning is build to robustly respond with error report if it
81    should encounter an uncorrected mismatch of subsampling values. See
82    OJPEGReadHeaderInfoSecStreamSof.
83 
84    The restart interval and restart markers are the most tricky part... The restart
85    interval can be specified in a tag. It can also be set inside the input JPEG stream.
86    It can be used inside the input JPEG stream. If reading from strile data, we've
87    consistenly discovered the need to insert restart markers in between the different
88    striles, as is also probably the most likely interpretation of the original TIFF 6.0
89    specification. With all this setting of interval, and actual use of markers that is not
90    predictable at the time of valid JPEG header assembly, the restart thing may turn
91    out the Achilles heel of this implementation. Fortunately, most OJPEG writer vendors
92    succeed in reading back what they write, which may be the reason why we've been able
93    to discover ways that seem to work.
94 
95    Some special provision is made for planarconfig separate OJPEG files. These seem
96    to consistently contain header info, a SOS marker, a plane, SOS marker, plane, SOS,
97    and plane. This may or may not be a valid JPEG configuration, we don't know and don't
98    care. We want LibTiff to be able to access the planes individually, without huge
99    buffering inside LibJpeg, anyway. So we compose headers to feed to LibJpeg, in this
100    case, that allow us to pass a single plane such that LibJpeg sees a valid
101    single-channel JPEG stream. Locating subsequent SOS markers, and thus subsequent
102    planes, is done inside OJPEGReadSecondarySos.
103 
104    The benefit of the scheme is... that it works, basically. We know of no other that
105    does. It works without checking software tag, or otherwise going about things in an
106    OJPEG flavor specific manner. Instead, it is a single scheme, that covers the cases
107    with and without JpegInterchangeFormat, with and without striles, with part of
108    the header in JpegInterchangeFormat and remainder in first strile, etc. It is forgiving
109    and robust, may likely work with OJPEG flavors we've not seen yet, and makes most out
110    of the data.
111 
112    Another nice side-effect is that a complete JPEG single valid stream is build if
113    planarconfig is not separate (vast majority). We may one day use that to build
114    converters to JPEG, and/or to new-style JPEG compression inside TIFF.
115 
116    A dissadvantage is the lack of random access to the individual striles. This is the
117    reason for much of the complicated restart-and-position stuff inside OJPEGPreDecode.
118    Applications would do well accessing all striles in order, as this will result in
119    a single sequential scan of the input stream, and no restarting of LibJpeg decoding
120    session.
121 */
122 
123 #define WIN32_LEAN_AND_MEAN
124 #define VC_EXTRALEAN
125 
126 #include "tiffiop.h"
127 #ifdef OJPEG_SUPPORT
128 
129 /* Configuration defines here are:
130  * JPEG_ENCAP_EXTERNAL: The normal way to call libjpeg, uses longjump. In some environments,
131  * 	like eg LibTiffDelphi, this is not possible. For this reason, the actual calls to
132  * 	libjpeg, with longjump stuff, are encapsulated in dedicated functions. When
133  * 	JPEG_ENCAP_EXTERNAL is defined, these encapsulating functions are declared external
134  * 	to this unit, and can be defined elsewhere to use stuff other then longjump.
135  * 	The default mode, without JPEG_ENCAP_EXTERNAL, implements the call encapsulators
136  * 	here, internally, with normal longjump.
137  * SETJMP, LONGJMP, JMP_BUF: On some machines/environments a longjump equivalent is
138  * 	conviniently available, but still it may be worthwhile to use _setjmp or sigsetjmp
139  * 	in place of plain setjmp. These macros will make it easier. It is useless
140  * 	to fiddle with these if you define JPEG_ENCAP_EXTERNAL.
141  * OJPEG_BUFFER: Define the size of the desired buffer here. Should be small enough so as to guarantee
142  * 	instant processing, optimal streaming and optimal use of processor cache, but also big
143  * 	enough so as to not result in significant call overhead. It should be at least a few
144  * 	bytes to accomodate some structures (this is verified in asserts), but it would not be
145  * 	sensible to make it this small anyway, and it should be at most 64K since it is indexed
146  * 	with uint16. We recommend 2K.
147  * EGYPTIANWALK: You could also define EGYPTIANWALK here, but it is not used anywhere and has
148  * 	absolutely no effect. That is why most people insist the EGYPTIANWALK is a bit silly.
149  */
150 
151 /* define LIBJPEG_ENCAP_EXTERNAL */
152 #define SETJMP(jbuf) setjmp(jbuf)
153 #define LONGJMP(jbuf,code) longjmp(jbuf,code)
154 #define JMP_BUF jmp_buf
155 #define OJPEG_BUFFER 2048
156 /* define EGYPTIANWALK */
157 
158 #define JPEG_MARKER_SOF0 0xC0
159 #define JPEG_MARKER_SOF1 0xC1
160 #define JPEG_MARKER_SOF3 0xC3
161 #define JPEG_MARKER_DHT 0xC4
162 #define JPEG_MARKER_RST0 0XD0
163 #define JPEG_MARKER_SOI 0xD8
164 #define JPEG_MARKER_EOI 0xD9
165 #define JPEG_MARKER_SOS 0xDA
166 #define JPEG_MARKER_DQT 0xDB
167 #define JPEG_MARKER_DRI 0xDD
168 #define JPEG_MARKER_APP0 0xE0
169 #define JPEG_MARKER_COM 0xFE
170 
171 #define FIELD_OJPEG_JPEGINTERCHANGEFORMAT (FIELD_CODEC+0)
172 #define FIELD_OJPEG_JPEGINTERCHANGEFORMATLENGTH (FIELD_CODEC+1)
173 #define FIELD_OJPEG_JPEGQTABLES (FIELD_CODEC+2)
174 #define FIELD_OJPEG_JPEGDCTABLES (FIELD_CODEC+3)
175 #define FIELD_OJPEG_JPEGACTABLES (FIELD_CODEC+4)
176 #define FIELD_OJPEG_JPEGPROC (FIELD_CODEC+5)
177 #define FIELD_OJPEG_JPEGRESTARTINTERVAL (FIELD_CODEC+6)
178 
179 static const TIFFField ojpegFields[] = {
180     {TIFFTAG_JPEGIFOFFSET,1,1,TIFF_LONG8,0,TIFF_SETGET_UINT64,TIFF_SETGET_UNDEFINED,FIELD_OJPEG_JPEGINTERCHANGEFORMAT,TRUE,FALSE,"JpegInterchangeFormat",NULL},
181     {TIFFTAG_JPEGIFBYTECOUNT,1,1,TIFF_LONG8,0,TIFF_SETGET_UINT64,TIFF_SETGET_UNDEFINED,FIELD_OJPEG_JPEGINTERCHANGEFORMATLENGTH,TRUE,FALSE,"JpegInterchangeFormatLength",NULL},
182     {TIFFTAG_JPEGQTABLES,TIFF_VARIABLE2,TIFF_VARIABLE2,TIFF_LONG8,0,TIFF_SETGET_C32_UINT64,TIFF_SETGET_UNDEFINED,FIELD_OJPEG_JPEGQTABLES,FALSE,TRUE,"JpegQTables",NULL},
183     {TIFFTAG_JPEGDCTABLES,TIFF_VARIABLE2,TIFF_VARIABLE2,TIFF_LONG8,0,TIFF_SETGET_C32_UINT64,TIFF_SETGET_UNDEFINED,FIELD_OJPEG_JPEGDCTABLES,FALSE,TRUE,"JpegDcTables",NULL},
184     {TIFFTAG_JPEGACTABLES,TIFF_VARIABLE2,TIFF_VARIABLE2,TIFF_LONG8,0,TIFF_SETGET_C32_UINT64,TIFF_SETGET_UNDEFINED,FIELD_OJPEG_JPEGACTABLES,FALSE,TRUE,"JpegAcTables",NULL},
185     {TIFFTAG_JPEGPROC,1,1,TIFF_SHORT,0,TIFF_SETGET_UINT16,TIFF_SETGET_UNDEFINED,FIELD_OJPEG_JPEGPROC,FALSE,FALSE,"JpegProc",NULL},
186     {TIFFTAG_JPEGRESTARTINTERVAL,1,1,TIFF_SHORT,0,TIFF_SETGET_UINT16,TIFF_SETGET_UNDEFINED,FIELD_OJPEG_JPEGRESTARTINTERVAL,FALSE,FALSE,"JpegRestartInterval",NULL},
187 };
188 
189 #ifndef LIBJPEG_ENCAP_EXTERNAL
190 #include <setjmp.h>
191 #endif
192 
193 /* We undefine FAR to avoid conflict with JPEG definition */
194 
195 #ifdef FAR
196 #undef FAR
197 #endif
198 
199 /*
200   Libjpeg's jmorecfg.h defines INT16 and INT32, but only if XMD_H is
201   not defined.  Unfortunately, the MinGW and Borland compilers include
202   a typedef for INT32, which causes a conflict.  MSVC does not include
203   a conficting typedef given the headers which are included.
204 */
205 #if defined(__BORLANDC__) || defined(__MINGW32__)
206 # define XMD_H 1
207 #endif
208 
209 /* Define "boolean" as unsigned char, not int, per Windows custom. */
210 #if defined(__WIN32__) && !defined(__MINGW32__)
211 # ifndef __RPCNDR_H__            /* don't conflict if rpcndr.h already read */
212    typedef unsigned char boolean;
213 # endif
214 # define HAVE_BOOLEAN            /* prevent jmorecfg.h from redefining it */
215 #endif
216 
217 #include "jpeglib.h"
218 #include "jerror.h"
219 
220 typedef struct jpeg_error_mgr jpeg_error_mgr;
221 typedef struct jpeg_common_struct jpeg_common_struct;
222 typedef struct jpeg_decompress_struct jpeg_decompress_struct;
223 typedef struct jpeg_source_mgr jpeg_source_mgr;
224 
225 typedef enum {
226     osibsNotSetYet,
227     osibsJpegInterchangeFormat,
228     osibsStrile,
229     osibsEof
230 } OJPEGStateInBufferSource;
231 
232 typedef enum {
233     ososSoi,
234     ososQTable0,ososQTable1,ososQTable2,ososQTable3,
235     ososDcTable0,ososDcTable1,ososDcTable2,ososDcTable3,
236     ososAcTable0,ososAcTable1,ososAcTable2,ososAcTable3,
237     ososDri,
238     ososSof,
239     ososSos,
240     ososCompressed,
241     ososRst,
242     ososEoi
243 } OJPEGStateOutState;
244 
245 typedef struct {
246     TIFF* tif;
247     #ifndef LIBJPEG_ENCAP_EXTERNAL
248     JMP_BUF exit_jmpbuf;
249     #endif
250     TIFFVGetMethod vgetparent;
251     TIFFVSetMethod vsetparent;
252     TIFFPrintMethod printdir;
253     uint64 file_size;
254     uint32 image_width;
255     uint32 image_length;
256     uint32 strile_width;
257     uint32 strile_length;
258     uint32 strile_length_total;
259     uint8 samples_per_pixel;
260     uint8 plane_sample_offset;
261     uint8 samples_per_pixel_per_plane;
262     uint64 jpeg_interchange_format;
263     uint64 jpeg_interchange_format_length;
264     uint8 jpeg_proc;
265     uint8 subsamplingcorrect;
266     uint8 subsamplingcorrect_done;
267     uint8 subsampling_tag;
268     uint8 subsampling_hor;
269     uint8 subsampling_ver;
270     uint8 subsampling_force_desubsampling_inside_decompression;
271     uint8 qtable_offset_count;
272     uint8 dctable_offset_count;
273     uint8 actable_offset_count;
274     uint64 qtable_offset[3];
275     uint64 dctable_offset[3];
276     uint64 actable_offset[3];
277     uint8* qtable[4];
278     uint8* dctable[4];
279     uint8* actable[4];
280     uint16 restart_interval;
281     uint8 restart_index;
282     uint8 sof_log;
283     uint8 sof_marker_id;
284     uint32 sof_x;
285     uint32 sof_y;
286     uint8 sof_c[3];
287     uint8 sof_hv[3];
288     uint8 sof_tq[3];
289     uint8 sos_cs[3];
290     uint8 sos_tda[3];
291     struct {
292         uint8 log;
293         OJPEGStateInBufferSource in_buffer_source;
294         uint32 in_buffer_next_strile;
295         uint64 in_buffer_file_pos;
296         uint64 in_buffer_file_togo;
297     } sos_end[3];
298     uint8 readheader_done;
299     uint8 writeheader_done;
300     uint16 write_cursample;
301     uint32 write_curstrile;
302     uint8 libjpeg_session_active;
303     uint8 libjpeg_jpeg_query_style;
304     jpeg_error_mgr libjpeg_jpeg_error_mgr;
305     jpeg_decompress_struct libjpeg_jpeg_decompress_struct;
306     jpeg_source_mgr libjpeg_jpeg_source_mgr;
307     uint8 subsampling_convert_log;
308     uint32 subsampling_convert_ylinelen;
309     uint32 subsampling_convert_ylines;
310     uint32 subsampling_convert_clinelen;
311     uint32 subsampling_convert_clines;
312     uint32 subsampling_convert_ybuflen;
313     uint32 subsampling_convert_cbuflen;
314     uint32 subsampling_convert_ycbcrbuflen;
315     uint8* subsampling_convert_ycbcrbuf;
316     uint8* subsampling_convert_ybuf;
317     uint8* subsampling_convert_cbbuf;
318     uint8* subsampling_convert_crbuf;
319     uint32 subsampling_convert_ycbcrimagelen;
320     uint8** subsampling_convert_ycbcrimage;
321     uint32 subsampling_convert_clinelenout;
322     uint32 subsampling_convert_state;
323     uint32 bytes_per_line;   /* if the codec outputs subsampled data, a 'line' in bytes_per_line */
324     uint32 lines_per_strile; /* and lines_per_strile means subsampling_ver desubsampled rows     */
325     OJPEGStateInBufferSource in_buffer_source;
326     uint32 in_buffer_next_strile;
327     uint32 in_buffer_strile_count;
328     uint64 in_buffer_file_pos;
329     uint8 in_buffer_file_pos_log;
330     uint64 in_buffer_file_togo;
331     uint16 in_buffer_togo;
332     uint8* in_buffer_cur;
333     uint8 in_buffer[OJPEG_BUFFER];
334     OJPEGStateOutState out_state;
335     uint8 out_buffer[OJPEG_BUFFER];
336     uint8* skip_buffer;
337 } OJPEGState;
338 
339 static int OJPEGVGetField(TIFF* tif, uint32 tag, va_list ap);
340 static int OJPEGVSetField(TIFF* tif, uint32 tag, va_list ap);
341 static void OJPEGPrintDir(TIFF* tif, FILE* fd, long flags);
342 
343 static int OJPEGFixupTags(TIFF* tif);
344 static int OJPEGSetupDecode(TIFF* tif);
345 static int OJPEGPreDecode(TIFF* tif, uint16 s);
346 static int OJPEGPreDecodeSkipRaw(TIFF* tif);
347 static int OJPEGPreDecodeSkipScanlines(TIFF* tif);
348 static int OJPEGDecode(TIFF* tif, uint8* buf, tmsize_t cc, uint16 s);
349 static int OJPEGDecodeRaw(TIFF* tif, uint8* buf, tmsize_t cc);
350 static int OJPEGDecodeScanlines(TIFF* tif, uint8* buf, tmsize_t cc);
351 static void OJPEGPostDecode(TIFF* tif, uint8* buf, tmsize_t cc);
352 static int OJPEGSetupEncode(TIFF* tif);
353 static int OJPEGPreEncode(TIFF* tif, uint16 s);
354 static int OJPEGEncode(TIFF* tif, uint8* buf, tmsize_t cc, uint16 s);
355 static int OJPEGPostEncode(TIFF* tif);
356 static void OJPEGCleanup(TIFF* tif);
357 
358 static void OJPEGSubsamplingCorrect(TIFF* tif);
359 static int OJPEGReadHeaderInfo(TIFF* tif);
360 static int OJPEGReadSecondarySos(TIFF* tif, uint16 s);
361 static int OJPEGWriteHeaderInfo(TIFF* tif);
362 static void OJPEGLibjpegSessionAbort(TIFF* tif);
363 
364 static int OJPEGReadHeaderInfoSec(TIFF* tif);
365 static int OJPEGReadHeaderInfoSecStreamDri(TIFF* tif);
366 static int OJPEGReadHeaderInfoSecStreamDqt(TIFF* tif);
367 static int OJPEGReadHeaderInfoSecStreamDht(TIFF* tif);
368 static int OJPEGReadHeaderInfoSecStreamSof(TIFF* tif, uint8 marker_id);
369 static int OJPEGReadHeaderInfoSecStreamSos(TIFF* tif);
370 static int OJPEGReadHeaderInfoSecTablesQTable(TIFF* tif);
371 static int OJPEGReadHeaderInfoSecTablesDcTable(TIFF* tif);
372 static int OJPEGReadHeaderInfoSecTablesAcTable(TIFF* tif);
373 
374 static int OJPEGReadBufferFill(OJPEGState* sp);
375 static int OJPEGReadByte(OJPEGState* sp, uint8* byte);
376 static int OJPEGReadBytePeek(OJPEGState* sp, uint8* byte);
377 static void OJPEGReadByteAdvance(OJPEGState* sp);
378 static int OJPEGReadWord(OJPEGState* sp, uint16* word);
379 static int OJPEGReadBlock(OJPEGState* sp, uint16 len, void* mem);
380 static void OJPEGReadSkip(OJPEGState* sp, uint16 len);
381 
382 static int OJPEGWriteStream(TIFF* tif, void** mem, uint32* len);
383 static void OJPEGWriteStreamSoi(TIFF* tif, void** mem, uint32* len);
384 static void OJPEGWriteStreamQTable(TIFF* tif, uint8 table_index, void** mem, uint32* len);
385 static void OJPEGWriteStreamDcTable(TIFF* tif, uint8 table_index, void** mem, uint32* len);
386 static void OJPEGWriteStreamAcTable(TIFF* tif, uint8 table_index, void** mem, uint32* len);
387 static void OJPEGWriteStreamDri(TIFF* tif, void** mem, uint32* len);
388 static void OJPEGWriteStreamSof(TIFF* tif, void** mem, uint32* len);
389 static void OJPEGWriteStreamSos(TIFF* tif, void** mem, uint32* len);
390 static int OJPEGWriteStreamCompressed(TIFF* tif, void** mem, uint32* len);
391 static void OJPEGWriteStreamRst(TIFF* tif, void** mem, uint32* len);
392 static void OJPEGWriteStreamEoi(TIFF* tif, void** mem, uint32* len);
393 
394 #ifdef LIBJPEG_ENCAP_EXTERNAL
395 extern int jpeg_create_decompress_encap(OJPEGState* sp, jpeg_decompress_struct* cinfo);
396 extern int jpeg_read_header_encap(OJPEGState* sp, jpeg_decompress_struct* cinfo, uint8 require_image);
397 extern int jpeg_start_decompress_encap(OJPEGState* sp, jpeg_decompress_struct* cinfo);
398 extern int jpeg_read_scanlines_encap(OJPEGState* sp, jpeg_decompress_struct* cinfo, void* scanlines, uint32 max_lines);
399 extern int jpeg_read_raw_data_encap(OJPEGState* sp, jpeg_decompress_struct* cinfo, void* data, uint32 max_lines);
400 extern void jpeg_encap_unwind(TIFF* tif);
401 #else
402 static int jpeg_create_decompress_encap(OJPEGState* sp, jpeg_decompress_struct* j);
403 static int jpeg_read_header_encap(OJPEGState* sp, jpeg_decompress_struct* cinfo, uint8 require_image);
404 static int jpeg_start_decompress_encap(OJPEGState* sp, jpeg_decompress_struct* cinfo);
405 static int jpeg_read_scanlines_encap(OJPEGState* sp, jpeg_decompress_struct* cinfo, void* scanlines, uint32 max_lines);
406 static int jpeg_read_raw_data_encap(OJPEGState* sp, jpeg_decompress_struct* cinfo, void* data, uint32 max_lines);
407 static void jpeg_encap_unwind(TIFF* tif);
408 #endif
409 
410 static void OJPEGLibjpegJpegErrorMgrOutputMessage(jpeg_common_struct* cinfo);
411 static void OJPEGLibjpegJpegErrorMgrErrorExit(jpeg_common_struct* cinfo);
412 static void OJPEGLibjpegJpegSourceMgrInitSource(jpeg_decompress_struct* cinfo);
413 static boolean OJPEGLibjpegJpegSourceMgrFillInputBuffer(jpeg_decompress_struct* cinfo);
414 static void OJPEGLibjpegJpegSourceMgrSkipInputData(jpeg_decompress_struct* cinfo, long num_bytes);
415 static boolean OJPEGLibjpegJpegSourceMgrResyncToRestart(jpeg_decompress_struct* cinfo, int desired);
416 static void OJPEGLibjpegJpegSourceMgrTermSource(jpeg_decompress_struct* cinfo);
417 
418 int
TIFFInitOJPEG(TIFF * tif,int scheme)419 TIFFInitOJPEG(TIFF* tif, int scheme)
420 {
421     static const char module[]="TIFFInitOJPEG";
422     OJPEGState* sp;
423 
424     assert(scheme==COMPRESSION_OJPEG);
425 
426         /*
427      * Merge codec-specific tag information.
428      */
429     if (!_TIFFMergeFields(tif, ojpegFields, TIFFArrayCount(ojpegFields))) {
430         TIFFErrorExt(tif->tif_clientdata, module,
431             "Merging Old JPEG codec-specific tags failed");
432         return 0;
433     }
434 
435     /* state block */
436     sp=_TIFFmalloc(sizeof(OJPEGState));
437     if (sp==NULL)
438     {
439         TIFFErrorExt(tif->tif_clientdata,module,"No space for OJPEG state block");
440         return(0);
441     }
442     _TIFFmemset(sp,0,sizeof(OJPEGState));
443     sp->tif=tif;
444     sp->jpeg_proc=1;
445     sp->subsampling_hor=2;
446     sp->subsampling_ver=2;
447     TIFFSetField(tif,TIFFTAG_YCBCRSUBSAMPLING,2,2);
448     /* tif codec methods */
449     tif->tif_fixuptags=OJPEGFixupTags;
450     tif->tif_setupdecode=OJPEGSetupDecode;
451     tif->tif_predecode=OJPEGPreDecode;
452     tif->tif_postdecode=OJPEGPostDecode;
453     tif->tif_decoderow=OJPEGDecode;
454     tif->tif_decodestrip=OJPEGDecode;
455     tif->tif_decodetile=OJPEGDecode;
456     tif->tif_setupencode=OJPEGSetupEncode;
457     tif->tif_preencode=OJPEGPreEncode;
458     tif->tif_postencode=OJPEGPostEncode;
459     tif->tif_encoderow=OJPEGEncode;
460     tif->tif_encodestrip=OJPEGEncode;
461     tif->tif_encodetile=OJPEGEncode;
462     tif->tif_cleanup=OJPEGCleanup;
463     tif->tif_data=(uint8*)sp;
464     /* tif tag methods */
465     sp->vgetparent=tif->tif_tagmethods.vgetfield;
466     tif->tif_tagmethods.vgetfield=OJPEGVGetField;
467     sp->vsetparent=tif->tif_tagmethods.vsetfield;
468     tif->tif_tagmethods.vsetfield=OJPEGVSetField;
469     sp->printdir=tif->tif_tagmethods.printdir;
470     tif->tif_tagmethods.printdir=OJPEGPrintDir;
471     /* Some OJPEG files don't have strip or tile offsets or bytecounts tags.
472        Some others do, but have totally meaningless or corrupt values
473        in these tags. In these cases, the JpegInterchangeFormat stream is
474        reliable. In any case, this decoder reads the compressed data itself,
475        from the most reliable locations, and we need to notify encapsulating
476        LibTiff not to read raw strips or tiles for us. */
477     tif->tif_flags|=TIFF_NOREADRAW;
478     return(1);
479 }
480 
481 static int
OJPEGVGetField(TIFF * tif,uint32 tag,va_list ap)482 OJPEGVGetField(TIFF* tif, uint32 tag, va_list ap)
483 {
484     OJPEGState* sp=(OJPEGState*)tif->tif_data;
485     switch(tag)
486     {
487         case TIFFTAG_JPEGIFOFFSET:
488             *va_arg(ap,uint64*)=(uint64)sp->jpeg_interchange_format;
489             break;
490         case TIFFTAG_JPEGIFBYTECOUNT:
491             *va_arg(ap,uint64*)=(uint64)sp->jpeg_interchange_format_length;
492             break;
493         case TIFFTAG_YCBCRSUBSAMPLING:
494             if (sp->subsamplingcorrect_done==0)
495                 OJPEGSubsamplingCorrect(tif);
496             *va_arg(ap,uint16*)=(uint16)sp->subsampling_hor;
497             *va_arg(ap,uint16*)=(uint16)sp->subsampling_ver;
498             break;
499         case TIFFTAG_JPEGQTABLES:
500             *va_arg(ap,uint32*)=(uint32)sp->qtable_offset_count;
501             *va_arg(ap,void**)=(void*)sp->qtable_offset;
502             break;
503         case TIFFTAG_JPEGDCTABLES:
504             *va_arg(ap,uint32*)=(uint32)sp->dctable_offset_count;
505             *va_arg(ap,void**)=(void*)sp->dctable_offset;
506             break;
507         case TIFFTAG_JPEGACTABLES:
508             *va_arg(ap,uint32*)=(uint32)sp->actable_offset_count;
509             *va_arg(ap,void**)=(void*)sp->actable_offset;
510             break;
511         case TIFFTAG_JPEGPROC:
512             *va_arg(ap,uint16*)=(uint16)sp->jpeg_proc;
513             break;
514         case TIFFTAG_JPEGRESTARTINTERVAL:
515             *va_arg(ap,uint16*)=sp->restart_interval;
516             break;
517         default:
518             return (*sp->vgetparent)(tif,tag,ap);
519     }
520     return (1);
521 }
522 
523 static int
OJPEGVSetField(TIFF * tif,uint32 tag,va_list ap)524 OJPEGVSetField(TIFF* tif, uint32 tag, va_list ap)
525 {
526     static const char module[]="OJPEGVSetField";
527     OJPEGState* sp=(OJPEGState*)tif->tif_data;
528     uint32 ma;
529     uint64* mb;
530     uint32 n;
531     switch(tag)
532     {
533         case TIFFTAG_JPEGIFOFFSET:
534             sp->jpeg_interchange_format=(uint64)va_arg(ap,uint64);
535             break;
536         case TIFFTAG_JPEGIFBYTECOUNT:
537             sp->jpeg_interchange_format_length=(uint64)va_arg(ap,uint64);
538             break;
539         case TIFFTAG_YCBCRSUBSAMPLING:
540             sp->subsampling_tag=1;
541             sp->subsampling_hor=(uint8)va_arg(ap,uint16_vap);
542             sp->subsampling_ver=(uint8)va_arg(ap,uint16_vap);
543             tif->tif_dir.td_ycbcrsubsampling[0]=sp->subsampling_hor;
544             tif->tif_dir.td_ycbcrsubsampling[1]=sp->subsampling_ver;
545             break;
546         case TIFFTAG_JPEGQTABLES:
547             ma=(uint32)va_arg(ap,uint32);
548             if (ma!=0)
549             {
550                 if (ma>3)
551                 {
552                     TIFFErrorExt(tif->tif_clientdata,module,"JpegQTables tag has incorrect count");
553                     return(0);
554                 }
555                 sp->qtable_offset_count=(uint8)ma;
556                 mb=(uint64*)va_arg(ap,uint64*);
557                 for (n=0; n<ma; n++)
558                     sp->qtable_offset[n]=mb[n];
559             }
560             break;
561         case TIFFTAG_JPEGDCTABLES:
562             ma=(uint32)va_arg(ap,uint32);
563             if (ma!=0)
564             {
565                 if (ma>3)
566                 {
567                     TIFFErrorExt(tif->tif_clientdata,module,"JpegDcTables tag has incorrect count");
568                     return(0);
569                 }
570                 sp->dctable_offset_count=(uint8)ma;
571                 mb=(uint64*)va_arg(ap,uint64*);
572                 for (n=0; n<ma; n++)
573                     sp->dctable_offset[n]=mb[n];
574             }
575             break;
576         case TIFFTAG_JPEGACTABLES:
577             ma=(uint32)va_arg(ap,uint32);
578             if (ma!=0)
579             {
580                 if (ma>3)
581                 {
582                     TIFFErrorExt(tif->tif_clientdata,module,"JpegAcTables tag has incorrect count");
583                     return(0);
584                 }
585                 sp->actable_offset_count=(uint8)ma;
586                 mb=(uint64*)va_arg(ap,uint64*);
587                 for (n=0; n<ma; n++)
588                     sp->actable_offset[n]=mb[n];
589             }
590             break;
591         case TIFFTAG_JPEGPROC:
592             sp->jpeg_proc=(uint8)va_arg(ap,uint16_vap);
593             break;
594         case TIFFTAG_JPEGRESTARTINTERVAL:
595             sp->restart_interval=(uint16)va_arg(ap,uint16_vap);
596             break;
597         default:
598             return (*sp->vsetparent)(tif,tag,ap);
599     }
600     TIFFSetFieldBit(tif,TIFFFieldWithTag(tif,tag)->field_bit);
601     tif->tif_flags|=TIFF_DIRTYDIRECT;
602     return(1);
603 }
604 
605 static void
OJPEGPrintDir(TIFF * tif,FILE * fd,long flags)606 OJPEGPrintDir(TIFF* tif, FILE* fd, long flags)
607 {
608     OJPEGState* sp=(OJPEGState*)tif->tif_data;
609     uint8 m;
610     (void)flags;
611     assert(sp!=NULL);
612     if (TIFFFieldSet(tif,FIELD_OJPEG_JPEGINTERCHANGEFORMAT))
613         fprintf(fd,"  JpegInterchangeFormat: " TIFF_UINT64_FORMAT "\n",(TIFF_UINT64_T)sp->jpeg_interchange_format);
614     if (TIFFFieldSet(tif,FIELD_OJPEG_JPEGINTERCHANGEFORMATLENGTH))
615         fprintf(fd,"  JpegInterchangeFormatLength: " TIFF_UINT64_FORMAT "\n",(TIFF_UINT64_T)sp->jpeg_interchange_format_length);
616     if (TIFFFieldSet(tif,FIELD_OJPEG_JPEGQTABLES))
617     {
618         fprintf(fd,"  JpegQTables:");
619         for (m=0; m<sp->qtable_offset_count; m++)
620             fprintf(fd," " TIFF_UINT64_FORMAT,(TIFF_UINT64_T)sp->qtable_offset[m]);
621         fprintf(fd,"\n");
622     }
623     if (TIFFFieldSet(tif,FIELD_OJPEG_JPEGDCTABLES))
624     {
625         fprintf(fd,"  JpegDcTables:");
626         for (m=0; m<sp->dctable_offset_count; m++)
627             fprintf(fd," " TIFF_UINT64_FORMAT,(TIFF_UINT64_T)sp->dctable_offset[m]);
628         fprintf(fd,"\n");
629     }
630     if (TIFFFieldSet(tif,FIELD_OJPEG_JPEGACTABLES))
631     {
632         fprintf(fd,"  JpegAcTables:");
633         for (m=0; m<sp->actable_offset_count; m++)
634             fprintf(fd," " TIFF_UINT64_FORMAT,(TIFF_UINT64_T)sp->actable_offset[m]);
635         fprintf(fd,"\n");
636     }
637     if (TIFFFieldSet(tif,FIELD_OJPEG_JPEGPROC))
638         fprintf(fd,"  JpegProc: %u\n",(unsigned int)sp->jpeg_proc);
639     if (TIFFFieldSet(tif,FIELD_OJPEG_JPEGRESTARTINTERVAL))
640         fprintf(fd,"  JpegRestartInterval: %u\n",(unsigned int)sp->restart_interval);
641     if (sp->printdir)
642         (*sp->printdir)(tif, fd, flags);
643 }
644 
645 static int
OJPEGFixupTags(TIFF * tif)646 OJPEGFixupTags(TIFF* tif)
647 {
648     (void) tif;
649     return(1);
650 }
651 
652 static int
OJPEGSetupDecode(TIFF * tif)653 OJPEGSetupDecode(TIFF* tif)
654 {
655     static const char module[]="OJPEGSetupDecode";
656     TIFFWarningExt(tif->tif_clientdata,module,"Depreciated and troublesome old-style JPEG compression mode, please convert to new-style JPEG compression and notify vendor of writing software");
657     return(1);
658 }
659 
660 static int
OJPEGPreDecode(TIFF * tif,uint16 s)661 OJPEGPreDecode(TIFF* tif, uint16 s)
662 {
663     OJPEGState* sp=(OJPEGState*)tif->tif_data;
664     uint32 m;
665     if (sp->subsamplingcorrect_done==0)
666         OJPEGSubsamplingCorrect(tif);
667     if (sp->readheader_done==0)
668     {
669         if (OJPEGReadHeaderInfo(tif)==0)
670             return(0);
671     }
672     if (sp->sos_end[s].log==0)
673     {
674         if (OJPEGReadSecondarySos(tif,s)==0)
675             return(0);
676     }
677     if isTiled(tif)
678         m=tif->tif_curtile;
679     else
680         m=tif->tif_curstrip;
681     if ((sp->writeheader_done!=0) && ((sp->write_cursample!=s) || (sp->write_curstrile>m)))
682     {
683         if (sp->libjpeg_session_active!=0)
684             OJPEGLibjpegSessionAbort(tif);
685         sp->writeheader_done=0;
686     }
687     if (sp->writeheader_done==0)
688     {
689         sp->plane_sample_offset=(uint8)s;
690         sp->write_cursample=s;
691         sp->write_curstrile=s*tif->tif_dir.td_stripsperimage;
692         if ((sp->in_buffer_file_pos_log==0) ||
693             (sp->in_buffer_file_pos-sp->in_buffer_togo!=sp->sos_end[s].in_buffer_file_pos))
694         {
695             sp->in_buffer_source=sp->sos_end[s].in_buffer_source;
696             sp->in_buffer_next_strile=sp->sos_end[s].in_buffer_next_strile;
697             sp->in_buffer_file_pos=sp->sos_end[s].in_buffer_file_pos;
698             sp->in_buffer_file_pos_log=0;
699             sp->in_buffer_file_togo=sp->sos_end[s].in_buffer_file_togo;
700             sp->in_buffer_togo=0;
701             sp->in_buffer_cur=0;
702         }
703         if (OJPEGWriteHeaderInfo(tif)==0)
704             return(0);
705     }
706     while (sp->write_curstrile<m)
707     {
708         if (sp->libjpeg_jpeg_query_style==0)
709         {
710             if (OJPEGPreDecodeSkipRaw(tif)==0)
711                 return(0);
712         }
713         else
714         {
715             if (OJPEGPreDecodeSkipScanlines(tif)==0)
716                 return(0);
717         }
718         sp->write_curstrile++;
719     }
720     return(1);
721 }
722 
723 static int
OJPEGPreDecodeSkipRaw(TIFF * tif)724 OJPEGPreDecodeSkipRaw(TIFF* tif)
725 {
726     OJPEGState* sp=(OJPEGState*)tif->tif_data;
727     uint32 m;
728     m=sp->lines_per_strile;
729     if (sp->subsampling_convert_state!=0)
730     {
731         if (sp->subsampling_convert_clines-sp->subsampling_convert_state>=m)
732         {
733             sp->subsampling_convert_state+=m;
734             if (sp->subsampling_convert_state==sp->subsampling_convert_clines)
735                 sp->subsampling_convert_state=0;
736             return(1);
737         }
738         m-=sp->subsampling_convert_clines-sp->subsampling_convert_state;
739         sp->subsampling_convert_state=0;
740     }
741     while (m>=sp->subsampling_convert_clines)
742     {
743         if (jpeg_read_raw_data_encap(sp,&(sp->libjpeg_jpeg_decompress_struct),sp->subsampling_convert_ycbcrimage,sp->subsampling_ver*8)==0)
744             return(0);
745         m-=sp->subsampling_convert_clines;
746     }
747     if (m>0)
748     {
749         if (jpeg_read_raw_data_encap(sp,&(sp->libjpeg_jpeg_decompress_struct),sp->subsampling_convert_ycbcrimage,sp->subsampling_ver*8)==0)
750             return(0);
751         sp->subsampling_convert_state=m;
752     }
753     return(1);
754 }
755 
756 static int
OJPEGPreDecodeSkipScanlines(TIFF * tif)757 OJPEGPreDecodeSkipScanlines(TIFF* tif)
758 {
759     static const char module[]="OJPEGPreDecodeSkipScanlines";
760     OJPEGState* sp=(OJPEGState*)tif->tif_data;
761     uint32 m;
762     if (sp->skip_buffer==NULL)
763     {
764         sp->skip_buffer=_TIFFmalloc(sp->bytes_per_line);
765         if (sp->skip_buffer==NULL)
766         {
767             TIFFErrorExt(tif->tif_clientdata,module,"Out of memory");
768             return(0);
769         }
770     }
771     for (m=0; m<sp->lines_per_strile; m++)
772     {
773         if (jpeg_read_scanlines_encap(sp,&(sp->libjpeg_jpeg_decompress_struct),&sp->skip_buffer,1)==0)
774             return(0);
775     }
776     return(1);
777 }
778 
779 static int
OJPEGDecode(TIFF * tif,uint8 * buf,tmsize_t cc,uint16 s)780 OJPEGDecode(TIFF* tif, uint8* buf, tmsize_t cc, uint16 s)
781 {
782     OJPEGState* sp=(OJPEGState*)tif->tif_data;
783     (void)s;
784     if (sp->libjpeg_jpeg_query_style==0)
785     {
786         if (OJPEGDecodeRaw(tif,buf,cc)==0)
787             return(0);
788     }
789     else
790     {
791         if (OJPEGDecodeScanlines(tif,buf,cc)==0)
792             return(0);
793     }
794     return(1);
795 }
796 
797 static int
OJPEGDecodeRaw(TIFF * tif,uint8 * buf,tmsize_t cc)798 OJPEGDecodeRaw(TIFF* tif, uint8* buf, tmsize_t cc)
799 {
800     static const char module[]="OJPEGDecodeRaw";
801     OJPEGState* sp=(OJPEGState*)tif->tif_data;
802     uint8* m;
803     tmsize_t n;
804     uint8* oy;
805     uint8* ocb;
806     uint8* ocr;
807     uint8* p;
808     uint32 q;
809     uint8* r;
810     uint8 sx,sy;
811     if (cc%sp->bytes_per_line!=0)
812     {
813         TIFFErrorExt(tif->tif_clientdata,module,"Fractional scanline not read");
814         return(0);
815     }
816     assert(cc>0);
817     m=buf;
818     n=cc;
819     do
820     {
821         if (sp->subsampling_convert_state==0)
822         {
823             if (jpeg_read_raw_data_encap(sp,&(sp->libjpeg_jpeg_decompress_struct),sp->subsampling_convert_ycbcrimage,sp->subsampling_ver*8)==0)
824                 return(0);
825         }
826         oy=sp->subsampling_convert_ybuf+sp->subsampling_convert_state*sp->subsampling_ver*sp->subsampling_convert_ylinelen;
827         ocb=sp->subsampling_convert_cbbuf+sp->subsampling_convert_state*sp->subsampling_convert_clinelen;
828         ocr=sp->subsampling_convert_crbuf+sp->subsampling_convert_state*sp->subsampling_convert_clinelen;
829         p=m;
830         for (q=0; q<sp->subsampling_convert_clinelenout; q++)
831         {
832             r=oy;
833             for (sy=0; sy<sp->subsampling_ver; sy++)
834             {
835                 for (sx=0; sx<sp->subsampling_hor; sx++)
836                     *p++=*r++;
837                 r+=sp->subsampling_convert_ylinelen-sp->subsampling_hor;
838             }
839             oy+=sp->subsampling_hor;
840             *p++=*ocb++;
841             *p++=*ocr++;
842         }
843         sp->subsampling_convert_state++;
844         if (sp->subsampling_convert_state==sp->subsampling_convert_clines)
845             sp->subsampling_convert_state=0;
846         m+=sp->bytes_per_line;
847         n-=sp->bytes_per_line;
848     } while(n>0);
849     return(1);
850 }
851 
852 static int
OJPEGDecodeScanlines(TIFF * tif,uint8 * buf,tmsize_t cc)853 OJPEGDecodeScanlines(TIFF* tif, uint8* buf, tmsize_t cc)
854 {
855     static const char module[]="OJPEGDecodeScanlines";
856     OJPEGState* sp=(OJPEGState*)tif->tif_data;
857     uint8* m;
858     tmsize_t n;
859     if (cc%sp->bytes_per_line!=0)
860     {
861         TIFFErrorExt(tif->tif_clientdata,module,"Fractional scanline not read");
862         return(0);
863     }
864     assert(cc>0);
865     m=buf;
866     n=cc;
867     do
868     {
869         if (jpeg_read_scanlines_encap(sp,&(sp->libjpeg_jpeg_decompress_struct),&m,1)==0)
870             return(0);
871         m+=sp->bytes_per_line;
872         n-=sp->bytes_per_line;
873     } while(n>0);
874     return(1);
875 }
876 
877 static void
OJPEGPostDecode(TIFF * tif,uint8 * buf,tmsize_t cc)878 OJPEGPostDecode(TIFF* tif, uint8* buf, tmsize_t cc)
879 {
880     OJPEGState* sp=(OJPEGState*)tif->tif_data;
881     (void)buf;
882     (void)cc;
883     sp->write_curstrile++;
884     if (sp->write_curstrile%tif->tif_dir.td_stripsperimage==0)
885     {
886         assert(sp->libjpeg_session_active!=0);
887         OJPEGLibjpegSessionAbort(tif);
888         sp->writeheader_done=0;
889     }
890 }
891 
892 static int
OJPEGSetupEncode(TIFF * tif)893 OJPEGSetupEncode(TIFF* tif)
894 {
895     static const char module[]="OJPEGSetupEncode";
896     TIFFErrorExt(tif->tif_clientdata,module,"OJPEG encoding not supported; use new-style JPEG compression instead");
897     return(0);
898 }
899 
900 static int
OJPEGPreEncode(TIFF * tif,uint16 s)901 OJPEGPreEncode(TIFF* tif, uint16 s)
902 {
903     static const char module[]="OJPEGPreEncode";
904     (void)s;
905     TIFFErrorExt(tif->tif_clientdata,module,"OJPEG encoding not supported; use new-style JPEG compression instead");
906     return(0);
907 }
908 
909 static int
OJPEGEncode(TIFF * tif,uint8 * buf,tmsize_t cc,uint16 s)910 OJPEGEncode(TIFF* tif, uint8* buf, tmsize_t cc, uint16 s)
911 {
912     static const char module[]="OJPEGEncode";
913     (void)buf;
914     (void)cc;
915     (void)s;
916     TIFFErrorExt(tif->tif_clientdata,module,"OJPEG encoding not supported; use new-style JPEG compression instead");
917     return(0);
918 }
919 
920 static int
OJPEGPostEncode(TIFF * tif)921 OJPEGPostEncode(TIFF* tif)
922 {
923     static const char module[]="OJPEGPostEncode";
924     TIFFErrorExt(tif->tif_clientdata,module,"OJPEG encoding not supported; use new-style JPEG compression instead");
925     return(0);
926 }
927 
928 static void
OJPEGCleanup(TIFF * tif)929 OJPEGCleanup(TIFF* tif)
930 {
931     OJPEGState* sp=(OJPEGState*)tif->tif_data;
932     if (sp!=0)
933     {
934         tif->tif_tagmethods.vgetfield=sp->vgetparent;
935         tif->tif_tagmethods.vsetfield=sp->vsetparent;
936         tif->tif_tagmethods.printdir=sp->printdir;
937         if (sp->qtable[0]!=0)
938             _TIFFfree(sp->qtable[0]);
939         if (sp->qtable[1]!=0)
940             _TIFFfree(sp->qtable[1]);
941         if (sp->qtable[2]!=0)
942             _TIFFfree(sp->qtable[2]);
943         if (sp->qtable[3]!=0)
944             _TIFFfree(sp->qtable[3]);
945         if (sp->dctable[0]!=0)
946             _TIFFfree(sp->dctable[0]);
947         if (sp->dctable[1]!=0)
948             _TIFFfree(sp->dctable[1]);
949         if (sp->dctable[2]!=0)
950             _TIFFfree(sp->dctable[2]);
951         if (sp->dctable[3]!=0)
952             _TIFFfree(sp->dctable[3]);
953         if (sp->actable[0]!=0)
954             _TIFFfree(sp->actable[0]);
955         if (sp->actable[1]!=0)
956             _TIFFfree(sp->actable[1]);
957         if (sp->actable[2]!=0)
958             _TIFFfree(sp->actable[2]);
959         if (sp->actable[3]!=0)
960             _TIFFfree(sp->actable[3]);
961         if (sp->libjpeg_session_active!=0)
962             OJPEGLibjpegSessionAbort(tif);
963         if (sp->subsampling_convert_ycbcrbuf!=0)
964             _TIFFfree(sp->subsampling_convert_ycbcrbuf);
965         if (sp->subsampling_convert_ycbcrimage!=0)
966             _TIFFfree(sp->subsampling_convert_ycbcrimage);
967         if (sp->skip_buffer!=0)
968             _TIFFfree(sp->skip_buffer);
969         _TIFFfree(sp);
970         tif->tif_data=NULL;
971         _TIFFSetDefaultCompressionState(tif);
972     }
973 }
974 
975 static void
OJPEGSubsamplingCorrect(TIFF * tif)976 OJPEGSubsamplingCorrect(TIFF* tif)
977 {
978     static const char module[]="OJPEGSubsamplingCorrect";
979     OJPEGState* sp=(OJPEGState*)tif->tif_data;
980     uint8 mh;
981     uint8 mv;
982         _TIFFFillStriles( tif );
983 
984     assert(sp->subsamplingcorrect_done==0);
985     if ((tif->tif_dir.td_samplesperpixel!=3) || ((tif->tif_dir.td_photometric!=PHOTOMETRIC_YCBCR) &&
986         (tif->tif_dir.td_photometric!=PHOTOMETRIC_ITULAB)))
987     {
988         if (sp->subsampling_tag!=0)
989             TIFFWarningExt(tif->tif_clientdata,module,"Subsampling tag not appropriate for this Photometric and/or SamplesPerPixel");
990         sp->subsampling_hor=1;
991         sp->subsampling_ver=1;
992         sp->subsampling_force_desubsampling_inside_decompression=0;
993     }
994     else
995     {
996         sp->subsamplingcorrect_done=1;
997         mh=sp->subsampling_hor;
998         mv=sp->subsampling_ver;
999         sp->subsamplingcorrect=1;
1000         OJPEGReadHeaderInfoSec(tif);
1001         if (sp->subsampling_force_desubsampling_inside_decompression!=0)
1002         {
1003             sp->subsampling_hor=1;
1004             sp->subsampling_ver=1;
1005         }
1006         sp->subsamplingcorrect=0;
1007         if (((sp->subsampling_hor!=mh) || (sp->subsampling_ver!=mv)) && (sp->subsampling_force_desubsampling_inside_decompression==0))
1008         {
1009             if (sp->subsampling_tag==0)
1010                 TIFFWarningExt(tif->tif_clientdata,module,"Subsampling tag is not set, yet subsampling inside JPEG data [%d,%d] does not match default values [2,2]; assuming subsampling inside JPEG data is correct",sp->subsampling_hor,sp->subsampling_ver);
1011             else
1012                 TIFFWarningExt(tif->tif_clientdata,module,"Subsampling inside JPEG data [%d,%d] does not match subsampling tag values [%d,%d]; assuming subsampling inside JPEG data is correct",sp->subsampling_hor,sp->subsampling_ver,mh,mv);
1013         }
1014         if (sp->subsampling_force_desubsampling_inside_decompression!=0)
1015         {
1016             if (sp->subsampling_tag==0)
1017                 TIFFWarningExt(tif->tif_clientdata,module,"Subsampling tag is not set, yet subsampling inside JPEG data does not match default values [2,2] (nor any other values allowed in TIFF); assuming subsampling inside JPEG data is correct and desubsampling inside JPEG decompression");
1018             else
1019                 TIFFWarningExt(tif->tif_clientdata,module,"Subsampling inside JPEG data does not match subsampling tag values [%d,%d] (nor any other values allowed in TIFF); assuming subsampling inside JPEG data is correct and desubsampling inside JPEG decompression",mh,mv);
1020         }
1021         if (sp->subsampling_force_desubsampling_inside_decompression==0)
1022         {
1023             if (sp->subsampling_hor<sp->subsampling_ver)
1024                 TIFFWarningExt(tif->tif_clientdata,module,"Subsampling values [%d,%d] are not allowed in TIFF",sp->subsampling_hor,sp->subsampling_ver);
1025         }
1026     }
1027     sp->subsamplingcorrect_done=1;
1028 }
1029 
1030 static int
OJPEGReadHeaderInfo(TIFF * tif)1031 OJPEGReadHeaderInfo(TIFF* tif)
1032 {
1033     static const char module[]="OJPEGReadHeaderInfo";
1034     OJPEGState* sp=(OJPEGState*)tif->tif_data;
1035     assert(sp->readheader_done==0);
1036     sp->image_width=tif->tif_dir.td_imagewidth;
1037     sp->image_length=tif->tif_dir.td_imagelength;
1038     if isTiled(tif)
1039     {
1040         sp->strile_width=tif->tif_dir.td_tilewidth;
1041         sp->strile_length=tif->tif_dir.td_tilelength;
1042         sp->strile_length_total=((sp->image_length+sp->strile_length-1)/sp->strile_length)*sp->strile_length;
1043     }
1044     else
1045     {
1046         sp->strile_width=sp->image_width;
1047         sp->strile_length=tif->tif_dir.td_rowsperstrip;
1048         sp->strile_length_total=sp->image_length;
1049     }
1050     if (tif->tif_dir.td_samplesperpixel==1)
1051     {
1052         sp->samples_per_pixel=1;
1053         sp->plane_sample_offset=0;
1054         sp->samples_per_pixel_per_plane=sp->samples_per_pixel;
1055         sp->subsampling_hor=1;
1056         sp->subsampling_ver=1;
1057     }
1058     else
1059     {
1060         if (tif->tif_dir.td_samplesperpixel!=3)
1061         {
1062             TIFFErrorExt(tif->tif_clientdata,module,"SamplesPerPixel %d not supported for this compression scheme",sp->samples_per_pixel);
1063             return(0);
1064         }
1065         sp->samples_per_pixel=3;
1066         sp->plane_sample_offset=0;
1067         if (tif->tif_dir.td_planarconfig==PLANARCONFIG_CONTIG)
1068             sp->samples_per_pixel_per_plane=3;
1069         else
1070             sp->samples_per_pixel_per_plane=1;
1071     }
1072     if (sp->strile_length<sp->image_length)
1073     {
1074         if (sp->strile_length%(sp->subsampling_ver*8)!=0)
1075         {
1076             TIFFErrorExt(tif->tif_clientdata,module,"Incompatible vertical subsampling and image strip/tile length");
1077             return(0);
1078         }
1079         sp->restart_interval=((sp->strile_width+sp->subsampling_hor*8-1)/(sp->subsampling_hor*8))*(sp->strile_length/(sp->subsampling_ver*8));
1080     }
1081     if (OJPEGReadHeaderInfoSec(tif)==0)
1082         return(0);
1083     sp->sos_end[0].log=1;
1084     sp->sos_end[0].in_buffer_source=sp->in_buffer_source;
1085     sp->sos_end[0].in_buffer_next_strile=sp->in_buffer_next_strile;
1086     sp->sos_end[0].in_buffer_file_pos=sp->in_buffer_file_pos-sp->in_buffer_togo;
1087     sp->sos_end[0].in_buffer_file_togo=sp->in_buffer_file_togo+sp->in_buffer_togo;
1088     sp->readheader_done=1;
1089     return(1);
1090 }
1091 
1092 static int
OJPEGReadSecondarySos(TIFF * tif,uint16 s)1093 OJPEGReadSecondarySos(TIFF* tif, uint16 s)
1094 {
1095     OJPEGState* sp=(OJPEGState*)tif->tif_data;
1096     uint8 m;
1097     assert(s>0);
1098     assert(s<3);
1099     assert(sp->sos_end[0].log!=0);
1100     assert(sp->sos_end[s].log==0);
1101     sp->plane_sample_offset=s-1;
1102     while(sp->sos_end[sp->plane_sample_offset].log==0)
1103         sp->plane_sample_offset--;
1104     sp->in_buffer_source=sp->sos_end[sp->plane_sample_offset].in_buffer_source;
1105     sp->in_buffer_next_strile=sp->sos_end[sp->plane_sample_offset].in_buffer_next_strile;
1106     sp->in_buffer_file_pos=sp->sos_end[sp->plane_sample_offset].in_buffer_file_pos;
1107     sp->in_buffer_file_pos_log=0;
1108     sp->in_buffer_file_togo=sp->sos_end[sp->plane_sample_offset].in_buffer_file_togo;
1109     sp->in_buffer_togo=0;
1110     sp->in_buffer_cur=0;
1111     while(sp->plane_sample_offset<s)
1112     {
1113         do
1114         {
1115             if (OJPEGReadByte(sp,&m)==0)
1116                 return(0);
1117             if (m==255)
1118             {
1119                 do
1120                 {
1121                     if (OJPEGReadByte(sp,&m)==0)
1122                         return(0);
1123                     if (m!=255)
1124                         break;
1125                 } while(1);
1126                 if (m==JPEG_MARKER_SOS)
1127                     break;
1128             }
1129         } while(1);
1130         sp->plane_sample_offset++;
1131         if (OJPEGReadHeaderInfoSecStreamSos(tif)==0)
1132             return(0);
1133         sp->sos_end[sp->plane_sample_offset].log=1;
1134         sp->sos_end[sp->plane_sample_offset].in_buffer_source=sp->in_buffer_source;
1135         sp->sos_end[sp->plane_sample_offset].in_buffer_next_strile=sp->in_buffer_next_strile;
1136         sp->sos_end[sp->plane_sample_offset].in_buffer_file_pos=sp->in_buffer_file_pos-sp->in_buffer_togo;
1137         sp->sos_end[sp->plane_sample_offset].in_buffer_file_togo=sp->in_buffer_file_togo+sp->in_buffer_togo;
1138     }
1139     return(1);
1140 }
1141 
1142 static int
OJPEGWriteHeaderInfo(TIFF * tif)1143 OJPEGWriteHeaderInfo(TIFF* tif)
1144 {
1145     static const char module[]="OJPEGWriteHeaderInfo";
1146     OJPEGState* sp=(OJPEGState*)tif->tif_data;
1147     uint8** m;
1148     uint32 n;
1149     /* if a previous attempt failed, don't try again */
1150     if (sp->libjpeg_session_active != 0)
1151         return 0;
1152     sp->out_state=ososSoi;
1153     sp->restart_index=0;
1154     jpeg_std_error(&(sp->libjpeg_jpeg_error_mgr));
1155     sp->libjpeg_jpeg_error_mgr.output_message=OJPEGLibjpegJpegErrorMgrOutputMessage;
1156     sp->libjpeg_jpeg_error_mgr.error_exit=OJPEGLibjpegJpegErrorMgrErrorExit;
1157     sp->libjpeg_jpeg_decompress_struct.err=&(sp->libjpeg_jpeg_error_mgr);
1158     sp->libjpeg_jpeg_decompress_struct.client_data=(void*)tif;
1159     if (jpeg_create_decompress_encap(sp,&(sp->libjpeg_jpeg_decompress_struct))==0)
1160         return(0);
1161     sp->libjpeg_session_active=1;
1162     sp->libjpeg_jpeg_source_mgr.bytes_in_buffer=0;
1163     sp->libjpeg_jpeg_source_mgr.init_source=OJPEGLibjpegJpegSourceMgrInitSource;
1164     sp->libjpeg_jpeg_source_mgr.fill_input_buffer=OJPEGLibjpegJpegSourceMgrFillInputBuffer;
1165     sp->libjpeg_jpeg_source_mgr.skip_input_data=OJPEGLibjpegJpegSourceMgrSkipInputData;
1166     sp->libjpeg_jpeg_source_mgr.resync_to_restart=OJPEGLibjpegJpegSourceMgrResyncToRestart;
1167     sp->libjpeg_jpeg_source_mgr.term_source=OJPEGLibjpegJpegSourceMgrTermSource;
1168     sp->libjpeg_jpeg_decompress_struct.src=&(sp->libjpeg_jpeg_source_mgr);
1169     if (jpeg_read_header_encap(sp,&(sp->libjpeg_jpeg_decompress_struct),1)==0)
1170         return(0);
1171     if ((sp->subsampling_force_desubsampling_inside_decompression==0) && (sp->samples_per_pixel_per_plane>1))
1172     {
1173         sp->libjpeg_jpeg_decompress_struct.raw_data_out=1;
1174 #if JPEG_LIB_VERSION >= 70
1175         sp->libjpeg_jpeg_decompress_struct.do_fancy_upsampling=FALSE;
1176 #endif
1177         sp->libjpeg_jpeg_query_style=0;
1178         if (sp->subsampling_convert_log==0)
1179         {
1180             assert(sp->subsampling_convert_ycbcrbuf==0);
1181             assert(sp->subsampling_convert_ycbcrimage==0);
1182             sp->subsampling_convert_ylinelen=((sp->strile_width+sp->subsampling_hor*8-1)/(sp->subsampling_hor*8)*sp->subsampling_hor*8);
1183             sp->subsampling_convert_ylines=sp->subsampling_ver*8;
1184             sp->subsampling_convert_clinelen=sp->subsampling_convert_ylinelen/sp->subsampling_hor;
1185             sp->subsampling_convert_clines=8;
1186             sp->subsampling_convert_ybuflen=sp->subsampling_convert_ylinelen*sp->subsampling_convert_ylines;
1187             sp->subsampling_convert_cbuflen=sp->subsampling_convert_clinelen*sp->subsampling_convert_clines;
1188             sp->subsampling_convert_ycbcrbuflen=sp->subsampling_convert_ybuflen+2*sp->subsampling_convert_cbuflen;
1189             sp->subsampling_convert_ycbcrbuf=_TIFFmalloc(sp->subsampling_convert_ycbcrbuflen);
1190             if (sp->subsampling_convert_ycbcrbuf==0)
1191             {
1192                 TIFFErrorExt(tif->tif_clientdata,module,"Out of memory");
1193                 return(0);
1194             }
1195             sp->subsampling_convert_ybuf=sp->subsampling_convert_ycbcrbuf;
1196             sp->subsampling_convert_cbbuf=sp->subsampling_convert_ybuf+sp->subsampling_convert_ybuflen;
1197             sp->subsampling_convert_crbuf=sp->subsampling_convert_cbbuf+sp->subsampling_convert_cbuflen;
1198             sp->subsampling_convert_ycbcrimagelen=3+sp->subsampling_convert_ylines+2*sp->subsampling_convert_clines;
1199             sp->subsampling_convert_ycbcrimage=_TIFFmalloc(sp->subsampling_convert_ycbcrimagelen*sizeof(uint8*));
1200             if (sp->subsampling_convert_ycbcrimage==0)
1201             {
1202                 TIFFErrorExt(tif->tif_clientdata,module,"Out of memory");
1203                 return(0);
1204             }
1205             m=sp->subsampling_convert_ycbcrimage;
1206             *m++=(uint8*)(sp->subsampling_convert_ycbcrimage+3);
1207             *m++=(uint8*)(sp->subsampling_convert_ycbcrimage+3+sp->subsampling_convert_ylines);
1208             *m++=(uint8*)(sp->subsampling_convert_ycbcrimage+3+sp->subsampling_convert_ylines+sp->subsampling_convert_clines);
1209             for (n=0; n<sp->subsampling_convert_ylines; n++)
1210                 *m++=sp->subsampling_convert_ybuf+n*sp->subsampling_convert_ylinelen;
1211             for (n=0; n<sp->subsampling_convert_clines; n++)
1212                 *m++=sp->subsampling_convert_cbbuf+n*sp->subsampling_convert_clinelen;
1213             for (n=0; n<sp->subsampling_convert_clines; n++)
1214                 *m++=sp->subsampling_convert_crbuf+n*sp->subsampling_convert_clinelen;
1215             sp->subsampling_convert_clinelenout=((sp->strile_width+sp->subsampling_hor-1)/sp->subsampling_hor);
1216             sp->subsampling_convert_state=0;
1217             sp->bytes_per_line=sp->subsampling_convert_clinelenout*(sp->subsampling_ver*sp->subsampling_hor+2);
1218             sp->lines_per_strile=((sp->strile_length+sp->subsampling_ver-1)/sp->subsampling_ver);
1219             sp->subsampling_convert_log=1;
1220         }
1221     }
1222     else
1223     {
1224         sp->libjpeg_jpeg_decompress_struct.jpeg_color_space=JCS_UNKNOWN;
1225         sp->libjpeg_jpeg_decompress_struct.out_color_space=JCS_UNKNOWN;
1226         sp->libjpeg_jpeg_query_style=1;
1227         sp->bytes_per_line=sp->samples_per_pixel_per_plane*sp->strile_width;
1228         sp->lines_per_strile=sp->strile_length;
1229     }
1230     if (jpeg_start_decompress_encap(sp,&(sp->libjpeg_jpeg_decompress_struct))==0)
1231         return(0);
1232     sp->writeheader_done=1;
1233     return(1);
1234 }
1235 
1236 static void
OJPEGLibjpegSessionAbort(TIFF * tif)1237 OJPEGLibjpegSessionAbort(TIFF* tif)
1238 {
1239     OJPEGState* sp=(OJPEGState*)tif->tif_data;
1240     assert(sp->libjpeg_session_active!=0);
1241     jpeg_destroy((jpeg_common_struct*)(&(sp->libjpeg_jpeg_decompress_struct)));
1242     sp->libjpeg_session_active=0;
1243 }
1244 
1245 static int
OJPEGReadHeaderInfoSec(TIFF * tif)1246 OJPEGReadHeaderInfoSec(TIFF* tif)
1247 {
1248     static const char module[]="OJPEGReadHeaderInfoSec";
1249     OJPEGState* sp=(OJPEGState*)tif->tif_data;
1250     uint8 m;
1251     uint16 n;
1252     uint8 o;
1253     if (sp->file_size==0)
1254         sp->file_size=TIFFGetFileSize(tif);
1255     if (sp->jpeg_interchange_format!=0)
1256     {
1257         if (sp->jpeg_interchange_format>=sp->file_size)
1258         {
1259             sp->jpeg_interchange_format=0;
1260             sp->jpeg_interchange_format_length=0;
1261         }
1262         else
1263         {
1264             if ((sp->jpeg_interchange_format_length==0) || (sp->jpeg_interchange_format+sp->jpeg_interchange_format_length>sp->file_size))
1265                 sp->jpeg_interchange_format_length=sp->file_size-sp->jpeg_interchange_format;
1266         }
1267     }
1268     sp->in_buffer_source=osibsNotSetYet;
1269     sp->in_buffer_next_strile=0;
1270     sp->in_buffer_strile_count=tif->tif_dir.td_nstrips;
1271     sp->in_buffer_file_togo=0;
1272     sp->in_buffer_togo=0;
1273     do
1274     {
1275         if (OJPEGReadBytePeek(sp,&m)==0)
1276             return(0);
1277         if (m!=255)
1278             break;
1279         OJPEGReadByteAdvance(sp);
1280         do
1281         {
1282             if (OJPEGReadByte(sp,&m)==0)
1283                 return(0);
1284         } while(m==255);
1285         switch(m)
1286         {
1287             case JPEG_MARKER_SOI:
1288                 /* this type of marker has no data, and should be skipped */
1289                 break;
1290             case JPEG_MARKER_COM:
1291             case JPEG_MARKER_APP0:
1292             case JPEG_MARKER_APP0+1:
1293             case JPEG_MARKER_APP0+2:
1294             case JPEG_MARKER_APP0+3:
1295             case JPEG_MARKER_APP0+4:
1296             case JPEG_MARKER_APP0+5:
1297             case JPEG_MARKER_APP0+6:
1298             case JPEG_MARKER_APP0+7:
1299             case JPEG_MARKER_APP0+8:
1300             case JPEG_MARKER_APP0+9:
1301             case JPEG_MARKER_APP0+10:
1302             case JPEG_MARKER_APP0+11:
1303             case JPEG_MARKER_APP0+12:
1304             case JPEG_MARKER_APP0+13:
1305             case JPEG_MARKER_APP0+14:
1306             case JPEG_MARKER_APP0+15:
1307                 /* this type of marker has data, but it has no use to us (and no place here) and should be skipped */
1308                 if (OJPEGReadWord(sp,&n)==0)
1309                     return(0);
1310                 if (n<2)
1311                 {
1312                     if (sp->subsamplingcorrect==0)
1313                         TIFFErrorExt(tif->tif_clientdata,module,"Corrupt JPEG data");
1314                     return(0);
1315                 }
1316                 if (n>2)
1317                     OJPEGReadSkip(sp,n-2);
1318                 break;
1319             case JPEG_MARKER_DRI:
1320                 if (OJPEGReadHeaderInfoSecStreamDri(tif)==0)
1321                     return(0);
1322                 break;
1323             case JPEG_MARKER_DQT:
1324                 if (OJPEGReadHeaderInfoSecStreamDqt(tif)==0)
1325                     return(0);
1326                 break;
1327             case JPEG_MARKER_DHT:
1328                 if (OJPEGReadHeaderInfoSecStreamDht(tif)==0)
1329                     return(0);
1330                 break;
1331             case JPEG_MARKER_SOF0:
1332             case JPEG_MARKER_SOF1:
1333             case JPEG_MARKER_SOF3:
1334                 if (OJPEGReadHeaderInfoSecStreamSof(tif,m)==0)
1335                     return(0);
1336                 if (sp->subsamplingcorrect!=0)
1337                     return(1);
1338                 break;
1339             case JPEG_MARKER_SOS:
1340                 if (sp->subsamplingcorrect!=0)
1341                     return(1);
1342                 assert(sp->plane_sample_offset==0);
1343                 if (OJPEGReadHeaderInfoSecStreamSos(tif)==0)
1344                     return(0);
1345                 break;
1346             default:
1347                 TIFFErrorExt(tif->tif_clientdata,module,"Unknown marker type %d in JPEG data",m);
1348                 return(0);
1349         }
1350     } while(m!=JPEG_MARKER_SOS);
1351     if (sp->subsamplingcorrect)
1352         return(1);
1353     if (sp->sof_log==0)
1354     {
1355         if (OJPEGReadHeaderInfoSecTablesQTable(tif)==0)
1356             return(0);
1357         sp->sof_marker_id=JPEG_MARKER_SOF0;
1358         for (o=0; o<sp->samples_per_pixel; o++)
1359             sp->sof_c[o]=o;
1360         sp->sof_hv[0]=((sp->subsampling_hor<<4)|sp->subsampling_ver);
1361         for (o=1; o<sp->samples_per_pixel; o++)
1362             sp->sof_hv[o]=17;
1363         sp->sof_x=sp->strile_width;
1364         sp->sof_y=sp->strile_length_total;
1365         sp->sof_log=1;
1366         if (OJPEGReadHeaderInfoSecTablesDcTable(tif)==0)
1367             return(0);
1368         if (OJPEGReadHeaderInfoSecTablesAcTable(tif)==0)
1369             return(0);
1370         for (o=1; o<sp->samples_per_pixel; o++)
1371             sp->sos_cs[o]=o;
1372     }
1373     return(1);
1374 }
1375 
1376 static int
OJPEGReadHeaderInfoSecStreamDri(TIFF * tif)1377 OJPEGReadHeaderInfoSecStreamDri(TIFF* tif)
1378 {
1379     /* this could easilly cause trouble in some cases... but no such cases have occured sofar */
1380     static const char module[]="OJPEGReadHeaderInfoSecStreamDri";
1381     OJPEGState* sp=(OJPEGState*)tif->tif_data;
1382     uint16 m;
1383     if (OJPEGReadWord(sp,&m)==0)
1384         return(0);
1385     if (m!=4)
1386     {
1387         TIFFErrorExt(tif->tif_clientdata,module,"Corrupt DRI marker in JPEG data");
1388         return(0);
1389     }
1390     if (OJPEGReadWord(sp,&m)==0)
1391         return(0);
1392     sp->restart_interval=m;
1393     return(1);
1394 }
1395 
1396 static int
OJPEGReadHeaderInfoSecStreamDqt(TIFF * tif)1397 OJPEGReadHeaderInfoSecStreamDqt(TIFF* tif)
1398 {
1399     /* this is a table marker, and it is to be saved as a whole for exact pushing on the jpeg stream later on */
1400     static const char module[]="OJPEGReadHeaderInfoSecStreamDqt";
1401     OJPEGState* sp=(OJPEGState*)tif->tif_data;
1402     uint16 m;
1403     uint32 na;
1404     uint8* nb;
1405     uint8 o;
1406     if (OJPEGReadWord(sp,&m)==0)
1407         return(0);
1408     if (m<=2)
1409     {
1410         if (sp->subsamplingcorrect==0)
1411             TIFFErrorExt(tif->tif_clientdata,module,"Corrupt DQT marker in JPEG data");
1412         return(0);
1413     }
1414     if (sp->subsamplingcorrect!=0)
1415         OJPEGReadSkip(sp,m-2);
1416     else
1417     {
1418         m-=2;
1419         do
1420         {
1421             if (m<65)
1422             {
1423                 TIFFErrorExt(tif->tif_clientdata,module,"Corrupt DQT marker in JPEG data");
1424                 return(0);
1425             }
1426             na=sizeof(uint32)+69;
1427             nb=_TIFFmalloc(na);
1428             if (nb==0)
1429             {
1430                 TIFFErrorExt(tif->tif_clientdata,module,"Out of memory");
1431                 return(0);
1432             }
1433             *(uint32*)nb=na;
1434             nb[sizeof(uint32)]=255;
1435             nb[sizeof(uint32)+1]=JPEG_MARKER_DQT;
1436             nb[sizeof(uint32)+2]=0;
1437             nb[sizeof(uint32)+3]=67;
1438             if (OJPEGReadBlock(sp,65,&nb[sizeof(uint32)+4])==0) {
1439                 _TIFFfree(nb);
1440                 return(0);
1441             }
1442             o=nb[sizeof(uint32)+4]&15;
1443             if (3<o)
1444             {
1445                 TIFFErrorExt(tif->tif_clientdata,module,"Corrupt DQT marker in JPEG data");
1446                 _TIFFfree(nb);
1447                 return(0);
1448             }
1449             if (sp->qtable[o]!=0)
1450                 _TIFFfree(sp->qtable[o]);
1451             sp->qtable[o]=nb;
1452             m-=65;
1453         } while(m>0);
1454     }
1455     return(1);
1456 }
1457 
1458 static int
OJPEGReadHeaderInfoSecStreamDht(TIFF * tif)1459 OJPEGReadHeaderInfoSecStreamDht(TIFF* tif)
1460 {
1461     /* this is a table marker, and it is to be saved as a whole for exact pushing on the jpeg stream later on */
1462     /* TODO: the following assumes there is only one table in this marker... but i'm not quite sure that assumption is guaranteed correct */
1463     static const char module[]="OJPEGReadHeaderInfoSecStreamDht";
1464     OJPEGState* sp=(OJPEGState*)tif->tif_data;
1465     uint16 m;
1466     uint32 na;
1467     uint8* nb;
1468     uint8 o;
1469     if (OJPEGReadWord(sp,&m)==0)
1470         return(0);
1471     if (m<=2)
1472     {
1473         if (sp->subsamplingcorrect==0)
1474             TIFFErrorExt(tif->tif_clientdata,module,"Corrupt DHT marker in JPEG data");
1475         return(0);
1476     }
1477     if (sp->subsamplingcorrect!=0)
1478     {
1479         OJPEGReadSkip(sp,m-2);
1480     }
1481     else
1482     {
1483         na=sizeof(uint32)+2+m;
1484         nb=_TIFFmalloc(na);
1485         if (nb==0)
1486         {
1487             TIFFErrorExt(tif->tif_clientdata,module,"Out of memory");
1488             return(0);
1489         }
1490         *(uint32*)nb=na;
1491         nb[sizeof(uint32)]=255;
1492         nb[sizeof(uint32)+1]=JPEG_MARKER_DHT;
1493         nb[sizeof(uint32)+2]=(m>>8);
1494         nb[sizeof(uint32)+3]=(m&255);
1495         if (OJPEGReadBlock(sp,m-2,&nb[sizeof(uint32)+4])==0)
1496             return(0);
1497         o=nb[sizeof(uint32)+4];
1498         if ((o&240)==0)
1499         {
1500             if (3<o)
1501             {
1502                 TIFFErrorExt(tif->tif_clientdata,module,"Corrupt DHT marker in JPEG data");
1503                 return(0);
1504             }
1505             if (sp->dctable[o]!=0)
1506                 _TIFFfree(sp->dctable[o]);
1507             sp->dctable[o]=nb;
1508         }
1509         else
1510         {
1511             if ((o&240)!=16)
1512             {
1513                 TIFFErrorExt(tif->tif_clientdata,module,"Corrupt DHT marker in JPEG data");
1514                 return(0);
1515             }
1516             o&=15;
1517             if (3<o)
1518             {
1519                 TIFFErrorExt(tif->tif_clientdata,module,"Corrupt DHT marker in JPEG data");
1520                 return(0);
1521             }
1522             if (sp->actable[o]!=0)
1523                 _TIFFfree(sp->actable[o]);
1524             sp->actable[o]=nb;
1525         }
1526     }
1527     return(1);
1528 }
1529 
1530 static int
OJPEGReadHeaderInfoSecStreamSof(TIFF * tif,uint8 marker_id)1531 OJPEGReadHeaderInfoSecStreamSof(TIFF* tif, uint8 marker_id)
1532 {
1533     /* this marker needs to be checked, and part of its data needs to be saved for regeneration later on */
1534     static const char module[]="OJPEGReadHeaderInfoSecStreamSof";
1535     OJPEGState* sp=(OJPEGState*)tif->tif_data;
1536     uint16 m;
1537     uint16 n;
1538     uint8 o;
1539     uint16 p;
1540     uint16 q;
1541     if (sp->sof_log!=0)
1542     {
1543         TIFFErrorExt(tif->tif_clientdata,module,"Corrupt JPEG data");
1544         return(0);
1545     }
1546     if (sp->subsamplingcorrect==0)
1547         sp->sof_marker_id=marker_id;
1548     /* Lf: data length */
1549     if (OJPEGReadWord(sp,&m)==0)
1550         return(0);
1551     if (m<11)
1552     {
1553         if (sp->subsamplingcorrect==0)
1554             TIFFErrorExt(tif->tif_clientdata,module,"Corrupt SOF marker in JPEG data");
1555         return(0);
1556     }
1557     m-=8;
1558     if (m%3!=0)
1559     {
1560         if (sp->subsamplingcorrect==0)
1561             TIFFErrorExt(tif->tif_clientdata,module,"Corrupt SOF marker in JPEG data");
1562         return(0);
1563     }
1564     n=m/3;
1565     if (sp->subsamplingcorrect==0)
1566     {
1567         if (n!=sp->samples_per_pixel)
1568         {
1569             TIFFErrorExt(tif->tif_clientdata,module,"JPEG compressed data indicates unexpected number of samples");
1570             return(0);
1571         }
1572     }
1573     /* P: Sample precision */
1574     if (OJPEGReadByte(sp,&o)==0)
1575         return(0);
1576     if (o!=8)
1577     {
1578         if (sp->subsamplingcorrect==0)
1579             TIFFErrorExt(tif->tif_clientdata,module,"JPEG compressed data indicates unexpected number of bits per sample");
1580         return(0);
1581     }
1582     /* Y: Number of lines, X: Number of samples per line */
1583     if (sp->subsamplingcorrect)
1584         OJPEGReadSkip(sp,4);
1585     else
1586     {
1587         /* Y: Number of lines */
1588         if (OJPEGReadWord(sp,&p)==0)
1589             return(0);
1590         if (((uint32)p<sp->image_length) && ((uint32)p<sp->strile_length_total))
1591         {
1592             TIFFErrorExt(tif->tif_clientdata,module,"JPEG compressed data indicates unexpected height");
1593             return(0);
1594         }
1595         sp->sof_y=p;
1596         /* X: Number of samples per line */
1597         if (OJPEGReadWord(sp,&p)==0)
1598             return(0);
1599         if (((uint32)p<sp->image_width) && ((uint32)p<sp->strile_width))
1600         {
1601             TIFFErrorExt(tif->tif_clientdata,module,"JPEG compressed data indicates unexpected width");
1602             return(0);
1603         }
1604         if ((uint32)p>sp->strile_width)
1605         {
1606             TIFFErrorExt(tif->tif_clientdata,module,"JPEG compressed data image width exceeds expected image width");
1607             return(0);
1608         }
1609         sp->sof_x=p;
1610     }
1611     /* Nf: Number of image components in frame */
1612     if (OJPEGReadByte(sp,&o)==0)
1613         return(0);
1614     if (o!=n)
1615     {
1616         if (sp->subsamplingcorrect==0)
1617             TIFFErrorExt(tif->tif_clientdata,module,"Corrupt SOF marker in JPEG data");
1618         return(0);
1619     }
1620     /* per component stuff */
1621     /* TODO: double-check that flow implies that n cannot be as big as to make us overflow sof_c, sof_hv and sof_tq arrays */
1622     for (q=0; q<n; q++)
1623     {
1624         /* C: Component identifier */
1625         if (OJPEGReadByte(sp,&o)==0)
1626             return(0);
1627         if (sp->subsamplingcorrect==0)
1628             sp->sof_c[q]=o;
1629         /* H: Horizontal sampling factor, and V: Vertical sampling factor */
1630         if (OJPEGReadByte(sp,&o)==0)
1631             return(0);
1632         if (sp->subsamplingcorrect!=0)
1633         {
1634             if (q==0)
1635             {
1636                 sp->subsampling_hor=(o>>4);
1637                 sp->subsampling_ver=(o&15);
1638                 if (((sp->subsampling_hor!=1) && (sp->subsampling_hor!=2) && (sp->subsampling_hor!=4)) ||
1639                     ((sp->subsampling_ver!=1) && (sp->subsampling_ver!=2) && (sp->subsampling_ver!=4)))
1640                     sp->subsampling_force_desubsampling_inside_decompression=1;
1641             }
1642             else
1643             {
1644                 if (o!=17)
1645                     sp->subsampling_force_desubsampling_inside_decompression=1;
1646             }
1647         }
1648         else
1649         {
1650             sp->sof_hv[q]=o;
1651             if (sp->subsampling_force_desubsampling_inside_decompression==0)
1652             {
1653                 if (q==0)
1654                 {
1655                     if (o!=((sp->subsampling_hor<<4)|sp->subsampling_ver))
1656                     {
1657                         TIFFErrorExt(tif->tif_clientdata,module,"JPEG compressed data indicates unexpected subsampling values");
1658                         return(0);
1659                     }
1660                 }
1661                 else
1662                 {
1663                     if (o!=17)
1664                     {
1665                         TIFFErrorExt(tif->tif_clientdata,module,"JPEG compressed data indicates unexpected subsampling values");
1666                         return(0);
1667                     }
1668                 }
1669             }
1670         }
1671         /* Tq: Quantization table destination selector */
1672         if (OJPEGReadByte(sp,&o)==0)
1673             return(0);
1674         if (sp->subsamplingcorrect==0)
1675             sp->sof_tq[q]=o;
1676     }
1677     if (sp->subsamplingcorrect==0)
1678         sp->sof_log=1;
1679     return(1);
1680 }
1681 
1682 static int
OJPEGReadHeaderInfoSecStreamSos(TIFF * tif)1683 OJPEGReadHeaderInfoSecStreamSos(TIFF* tif)
1684 {
1685     /* this marker needs to be checked, and part of its data needs to be saved for regeneration later on */
1686     static const char module[]="OJPEGReadHeaderInfoSecStreamSos";
1687     OJPEGState* sp=(OJPEGState*)tif->tif_data;
1688     uint16 m;
1689     uint8 n;
1690     uint8 o;
1691     assert(sp->subsamplingcorrect==0);
1692     if (sp->sof_log==0)
1693     {
1694         TIFFErrorExt(tif->tif_clientdata,module,"Corrupt SOS marker in JPEG data");
1695         return(0);
1696     }
1697     /* Ls */
1698     if (OJPEGReadWord(sp,&m)==0)
1699         return(0);
1700     if (m!=6+sp->samples_per_pixel_per_plane*2)
1701     {
1702         TIFFErrorExt(tif->tif_clientdata,module,"Corrupt SOS marker in JPEG data");
1703         return(0);
1704     }
1705     /* Ns */
1706     if (OJPEGReadByte(sp,&n)==0)
1707         return(0);
1708     if (n!=sp->samples_per_pixel_per_plane)
1709     {
1710         TIFFErrorExt(tif->tif_clientdata,module,"Corrupt SOS marker in JPEG data");
1711         return(0);
1712     }
1713     /* Cs, Td, and Ta */
1714     for (o=0; o<sp->samples_per_pixel_per_plane; o++)
1715     {
1716         /* Cs */
1717         if (OJPEGReadByte(sp,&n)==0)
1718             return(0);
1719         sp->sos_cs[sp->plane_sample_offset+o]=n;
1720         /* Td and Ta */
1721         if (OJPEGReadByte(sp,&n)==0)
1722             return(0);
1723         sp->sos_tda[sp->plane_sample_offset+o]=n;
1724     }
1725     /* skip Ss, Se, Ah, en Al -> no check, as per Tom Lane recommendation, as per LibJpeg source */
1726     OJPEGReadSkip(sp,3);
1727     return(1);
1728 }
1729 
1730 static int
OJPEGReadHeaderInfoSecTablesQTable(TIFF * tif)1731 OJPEGReadHeaderInfoSecTablesQTable(TIFF* tif)
1732 {
1733     static const char module[]="OJPEGReadHeaderInfoSecTablesQTable";
1734     OJPEGState* sp=(OJPEGState*)tif->tif_data;
1735     uint8 m;
1736     uint8 n;
1737     uint32 oa;
1738     uint8* ob;
1739     uint32 p;
1740     if (sp->qtable_offset[0]==0)
1741     {
1742         TIFFErrorExt(tif->tif_clientdata,module,"Missing JPEG tables");
1743         return(0);
1744     }
1745     sp->in_buffer_file_pos_log=0;
1746     for (m=0; m<sp->samples_per_pixel; m++)
1747     {
1748         if ((sp->qtable_offset[m]!=0) && ((m==0) || (sp->qtable_offset[m]!=sp->qtable_offset[m-1])))
1749         {
1750             for (n=0; n<m-1; n++)
1751             {
1752                 if (sp->qtable_offset[m]==sp->qtable_offset[n])
1753                 {
1754                     TIFFErrorExt(tif->tif_clientdata,module,"Corrupt JpegQTables tag value");
1755                     return(0);
1756                 }
1757             }
1758             oa=sizeof(uint32)+69;
1759             ob=_TIFFmalloc(oa);
1760             if (ob==0)
1761             {
1762                 TIFFErrorExt(tif->tif_clientdata,module,"Out of memory");
1763                 return(0);
1764             }
1765             *(uint32*)ob=oa;
1766             ob[sizeof(uint32)]=255;
1767             ob[sizeof(uint32)+1]=JPEG_MARKER_DQT;
1768             ob[sizeof(uint32)+2]=0;
1769             ob[sizeof(uint32)+3]=67;
1770             ob[sizeof(uint32)+4]=m;
1771             TIFFSeekFile(tif,sp->qtable_offset[m],SEEK_SET);
1772             p=TIFFReadFile(tif,&ob[sizeof(uint32)+5],64);
1773             if (p!=64)
1774                 return(0);
1775             sp->qtable[m]=ob;
1776             sp->sof_tq[m]=m;
1777         }
1778         else
1779             sp->sof_tq[m]=sp->sof_tq[m-1];
1780     }
1781     return(1);
1782 }
1783 
1784 static int
OJPEGReadHeaderInfoSecTablesDcTable(TIFF * tif)1785 OJPEGReadHeaderInfoSecTablesDcTable(TIFF* tif)
1786 {
1787     static const char module[]="OJPEGReadHeaderInfoSecTablesDcTable";
1788     OJPEGState* sp=(OJPEGState*)tif->tif_data;
1789     uint8 m;
1790     uint8 n;
1791     uint8 o[16];
1792     uint32 p;
1793     uint32 q;
1794     uint32 ra;
1795     uint8* rb;
1796     if (sp->dctable_offset[0]==0)
1797     {
1798         TIFFErrorExt(tif->tif_clientdata,module,"Missing JPEG tables");
1799         return(0);
1800     }
1801     sp->in_buffer_file_pos_log=0;
1802     for (m=0; m<sp->samples_per_pixel; m++)
1803     {
1804         if ((sp->dctable_offset[m]!=0) && ((m==0) || (sp->dctable_offset[m]!=sp->dctable_offset[m-1])))
1805         {
1806             for (n=0; n<m-1; n++)
1807             {
1808                 if (sp->dctable_offset[m]==sp->dctable_offset[n])
1809                 {
1810                     TIFFErrorExt(tif->tif_clientdata,module,"Corrupt JpegDcTables tag value");
1811                     return(0);
1812                 }
1813             }
1814             TIFFSeekFile(tif,sp->dctable_offset[m],SEEK_SET);
1815             p=TIFFReadFile(tif,o,16);
1816             if (p!=16)
1817                 return(0);
1818             q=0;
1819             for (n=0; n<16; n++)
1820                 q+=o[n];
1821             ra=sizeof(uint32)+21+q;
1822             rb=_TIFFmalloc(ra);
1823             if (rb==0)
1824             {
1825                 TIFFErrorExt(tif->tif_clientdata,module,"Out of memory");
1826                 return(0);
1827             }
1828             *(uint32*)rb=ra;
1829             rb[sizeof(uint32)]=255;
1830             rb[sizeof(uint32)+1]=JPEG_MARKER_DHT;
1831             rb[sizeof(uint32)+2]=((19+q)>>8);
1832             rb[sizeof(uint32)+3]=((19+q)&255);
1833             rb[sizeof(uint32)+4]=m;
1834             for (n=0; n<16; n++)
1835                 rb[sizeof(uint32)+5+n]=o[n];
1836             p=TIFFReadFile(tif,&(rb[sizeof(uint32)+21]),q);
1837             if (p!=q)
1838                 return(0);
1839             sp->dctable[m]=rb;
1840             sp->sos_tda[m]=(m<<4);
1841         }
1842         else
1843             sp->sos_tda[m]=sp->sos_tda[m-1];
1844     }
1845     return(1);
1846 }
1847 
1848 static int
OJPEGReadHeaderInfoSecTablesAcTable(TIFF * tif)1849 OJPEGReadHeaderInfoSecTablesAcTable(TIFF* tif)
1850 {
1851     static const char module[]="OJPEGReadHeaderInfoSecTablesAcTable";
1852     OJPEGState* sp=(OJPEGState*)tif->tif_data;
1853     uint8 m;
1854     uint8 n;
1855     uint8 o[16];
1856     uint32 p;
1857     uint32 q;
1858     uint32 ra;
1859     uint8* rb;
1860     if (sp->actable_offset[0]==0)
1861     {
1862         TIFFErrorExt(tif->tif_clientdata,module,"Missing JPEG tables");
1863         return(0);
1864     }
1865     sp->in_buffer_file_pos_log=0;
1866     for (m=0; m<sp->samples_per_pixel; m++)
1867     {
1868         if ((sp->actable_offset[m]!=0) && ((m==0) || (sp->actable_offset[m]!=sp->actable_offset[m-1])))
1869         {
1870             for (n=0; n<m-1; n++)
1871             {
1872                 if (sp->actable_offset[m]==sp->actable_offset[n])
1873                 {
1874                     TIFFErrorExt(tif->tif_clientdata,module,"Corrupt JpegAcTables tag value");
1875                     return(0);
1876                 }
1877             }
1878             TIFFSeekFile(tif,sp->actable_offset[m],SEEK_SET);
1879             p=TIFFReadFile(tif,o,16);
1880             if (p!=16)
1881                 return(0);
1882             q=0;
1883             for (n=0; n<16; n++)
1884                 q+=o[n];
1885             ra=sizeof(uint32)+21+q;
1886             rb=_TIFFmalloc(ra);
1887             if (rb==0)
1888             {
1889                 TIFFErrorExt(tif->tif_clientdata,module,"Out of memory");
1890                 return(0);
1891             }
1892             *(uint32*)rb=ra;
1893             rb[sizeof(uint32)]=255;
1894             rb[sizeof(uint32)+1]=JPEG_MARKER_DHT;
1895             rb[sizeof(uint32)+2]=((19+q)>>8);
1896             rb[sizeof(uint32)+3]=((19+q)&255);
1897             rb[sizeof(uint32)+4]=(16|m);
1898             for (n=0; n<16; n++)
1899                 rb[sizeof(uint32)+5+n]=o[n];
1900             p=TIFFReadFile(tif,&(rb[sizeof(uint32)+21]),q);
1901             if (p!=q)
1902                 return(0);
1903             sp->actable[m]=rb;
1904             sp->sos_tda[m]=(sp->sos_tda[m]|m);
1905         }
1906         else
1907             sp->sos_tda[m]=(sp->sos_tda[m]|(sp->sos_tda[m-1]&15));
1908     }
1909     return(1);
1910 }
1911 
1912 static int
OJPEGReadBufferFill(OJPEGState * sp)1913 OJPEGReadBufferFill(OJPEGState* sp)
1914 {
1915     uint16 m;
1916     tmsize_t n;
1917     /* TODO: double-check: when subsamplingcorrect is set, no call to TIFFErrorExt or TIFFWarningExt should be made
1918      * in any other case, seek or read errors should be passed through */
1919     do
1920     {
1921         if (sp->in_buffer_file_togo!=0)
1922         {
1923             if (sp->in_buffer_file_pos_log==0)
1924             {
1925                 TIFFSeekFile(sp->tif,sp->in_buffer_file_pos,SEEK_SET);
1926                 sp->in_buffer_file_pos_log=1;
1927             }
1928             m=OJPEG_BUFFER;
1929             if ((uint64)m>sp->in_buffer_file_togo)
1930                 m=(uint16)sp->in_buffer_file_togo;
1931             n=TIFFReadFile(sp->tif,sp->in_buffer,(tmsize_t)m);
1932             if (n==0)
1933                 return(0);
1934             assert(n>0);
1935             assert(n<=OJPEG_BUFFER);
1936             assert(n<65536);
1937             assert((uint64)n<=sp->in_buffer_file_togo);
1938             m=(uint16)n;
1939             sp->in_buffer_togo=m;
1940             sp->in_buffer_cur=sp->in_buffer;
1941             sp->in_buffer_file_togo-=m;
1942             sp->in_buffer_file_pos+=m;
1943             break;
1944         }
1945         sp->in_buffer_file_pos_log=0;
1946         switch(sp->in_buffer_source)
1947         {
1948             case osibsNotSetYet:
1949                 if (sp->jpeg_interchange_format!=0)
1950                 {
1951                     sp->in_buffer_file_pos=sp->jpeg_interchange_format;
1952                     sp->in_buffer_file_togo=sp->jpeg_interchange_format_length;
1953                 }
1954                 sp->in_buffer_source=osibsJpegInterchangeFormat;
1955                 break;
1956             case osibsJpegInterchangeFormat:
1957                 sp->in_buffer_source=osibsStrile;
1958             case osibsStrile:
1959                 if (!_TIFFFillStriles( sp->tif )
1960                     || sp->tif->tif_dir.td_stripoffset == NULL
1961                     || sp->tif->tif_dir.td_stripbytecount == NULL)
1962                     return 0;
1963 
1964                 if (sp->in_buffer_next_strile==sp->in_buffer_strile_count)
1965                     sp->in_buffer_source=osibsEof;
1966                 else
1967                 {
1968                     sp->in_buffer_file_pos=sp->tif->tif_dir.td_stripoffset[sp->in_buffer_next_strile];
1969                     if (sp->in_buffer_file_pos!=0)
1970                     {
1971                         if (sp->in_buffer_file_pos>=sp->file_size)
1972                             sp->in_buffer_file_pos=0;
1973                         else if (sp->tif->tif_dir.td_stripbytecount==NULL)
1974                             sp->in_buffer_file_togo=sp->file_size-sp->in_buffer_file_pos;
1975                         else
1976                         {
1977                             if (sp->tif->tif_dir.td_stripbytecount == 0) {
1978                                 TIFFErrorExt(sp->tif->tif_clientdata,sp->tif->tif_name,"Strip byte counts are missing");
1979                                 return(0);
1980                             }
1981                             sp->in_buffer_file_togo=sp->tif->tif_dir.td_stripbytecount[sp->in_buffer_next_strile];
1982                             if (sp->in_buffer_file_togo==0)
1983                                 sp->in_buffer_file_pos=0;
1984                             else if (sp->in_buffer_file_pos+sp->in_buffer_file_togo>sp->file_size)
1985                                 sp->in_buffer_file_togo=sp->file_size-sp->in_buffer_file_pos;
1986                         }
1987                     }
1988                     sp->in_buffer_next_strile++;
1989                 }
1990                 break;
1991             default:
1992                 return(0);
1993         }
1994     } while (1);
1995     return(1);
1996 }
1997 
1998 static int
OJPEGReadByte(OJPEGState * sp,uint8 * byte)1999 OJPEGReadByte(OJPEGState* sp, uint8* byte)
2000 {
2001     if (sp->in_buffer_togo==0)
2002     {
2003         if (OJPEGReadBufferFill(sp)==0)
2004             return(0);
2005         assert(sp->in_buffer_togo>0);
2006     }
2007     *byte=*(sp->in_buffer_cur);
2008     sp->in_buffer_cur++;
2009     sp->in_buffer_togo--;
2010     return(1);
2011 }
2012 
2013 static int
OJPEGReadBytePeek(OJPEGState * sp,uint8 * byte)2014 OJPEGReadBytePeek(OJPEGState* sp, uint8* byte)
2015 {
2016     if (sp->in_buffer_togo==0)
2017     {
2018         if (OJPEGReadBufferFill(sp)==0)
2019             return(0);
2020         assert(sp->in_buffer_togo>0);
2021     }
2022     *byte=*(sp->in_buffer_cur);
2023     return(1);
2024 }
2025 
2026 static void
OJPEGReadByteAdvance(OJPEGState * sp)2027 OJPEGReadByteAdvance(OJPEGState* sp)
2028 {
2029     assert(sp->in_buffer_togo>0);
2030     sp->in_buffer_cur++;
2031     sp->in_buffer_togo--;
2032 }
2033 
2034 static int
OJPEGReadWord(OJPEGState * sp,uint16 * word)2035 OJPEGReadWord(OJPEGState* sp, uint16* word)
2036 {
2037     uint8 m;
2038     if (OJPEGReadByte(sp,&m)==0)
2039         return(0);
2040     *word=(m<<8);
2041     if (OJPEGReadByte(sp,&m)==0)
2042         return(0);
2043     *word|=m;
2044     return(1);
2045 }
2046 
2047 static int
OJPEGReadBlock(OJPEGState * sp,uint16 len,void * mem)2048 OJPEGReadBlock(OJPEGState* sp, uint16 len, void* mem)
2049 {
2050     uint16 mlen;
2051     uint8* mmem;
2052     uint16 n;
2053     assert(len>0);
2054     mlen=len;
2055     mmem=mem;
2056     do
2057     {
2058         if (sp->in_buffer_togo==0)
2059         {
2060             if (OJPEGReadBufferFill(sp)==0)
2061                 return(0);
2062             assert(sp->in_buffer_togo>0);
2063         }
2064         n=mlen;
2065         if (n>sp->in_buffer_togo)
2066             n=sp->in_buffer_togo;
2067         _TIFFmemcpy(mmem,sp->in_buffer_cur,n);
2068         sp->in_buffer_cur+=n;
2069         sp->in_buffer_togo-=n;
2070         mlen-=n;
2071         mmem+=n;
2072     } while(mlen>0);
2073     return(1);
2074 }
2075 
2076 static void
OJPEGReadSkip(OJPEGState * sp,uint16 len)2077 OJPEGReadSkip(OJPEGState* sp, uint16 len)
2078 {
2079     uint16 m;
2080     uint16 n;
2081     m=len;
2082     n=m;
2083     if (n>sp->in_buffer_togo)
2084         n=sp->in_buffer_togo;
2085     sp->in_buffer_cur+=n;
2086     sp->in_buffer_togo-=n;
2087     m-=n;
2088     if (m>0)
2089     {
2090         assert(sp->in_buffer_togo==0);
2091         n=m;
2092         if ((uint64)n>sp->in_buffer_file_togo)
2093             n=(uint16)sp->in_buffer_file_togo;
2094         sp->in_buffer_file_pos+=n;
2095         sp->in_buffer_file_togo-=n;
2096         sp->in_buffer_file_pos_log=0;
2097         /* we don't skip past jpeginterchangeformat/strile block...
2098          * if that is asked from us, we're dealing with totally bazurk
2099          * data anyway, and we've not seen this happening on any
2100          * testfile, so we might as well likely cause some other
2101          * meaningless error to be passed at some later time
2102          */
2103     }
2104 }
2105 
2106 static int
OJPEGWriteStream(TIFF * tif,void ** mem,uint32 * len)2107 OJPEGWriteStream(TIFF* tif, void** mem, uint32* len)
2108 {
2109     OJPEGState* sp=(OJPEGState*)tif->tif_data;
2110     *len=0;
2111     do
2112     {
2113         assert(sp->out_state<=ososEoi);
2114         switch(sp->out_state)
2115         {
2116             case ososSoi:
2117                 OJPEGWriteStreamSoi(tif,mem,len);
2118                 break;
2119             case ososQTable0:
2120                 OJPEGWriteStreamQTable(tif,0,mem,len);
2121                 break;
2122             case ososQTable1:
2123                 OJPEGWriteStreamQTable(tif,1,mem,len);
2124                 break;
2125             case ososQTable2:
2126                 OJPEGWriteStreamQTable(tif,2,mem,len);
2127                 break;
2128             case ososQTable3:
2129                 OJPEGWriteStreamQTable(tif,3,mem,len);
2130                 break;
2131             case ososDcTable0:
2132                 OJPEGWriteStreamDcTable(tif,0,mem,len);
2133                 break;
2134             case ososDcTable1:
2135                 OJPEGWriteStreamDcTable(tif,1,mem,len);
2136                 break;
2137             case ososDcTable2:
2138                 OJPEGWriteStreamDcTable(tif,2,mem,len);
2139                 break;
2140             case ososDcTable3:
2141                 OJPEGWriteStreamDcTable(tif,3,mem,len);
2142                 break;
2143             case ososAcTable0:
2144                 OJPEGWriteStreamAcTable(tif,0,mem,len);
2145                 break;
2146             case ososAcTable1:
2147                 OJPEGWriteStreamAcTable(tif,1,mem,len);
2148                 break;
2149             case ososAcTable2:
2150                 OJPEGWriteStreamAcTable(tif,2,mem,len);
2151                 break;
2152             case ososAcTable3:
2153                 OJPEGWriteStreamAcTable(tif,3,mem,len);
2154                 break;
2155             case ososDri:
2156                 OJPEGWriteStreamDri(tif,mem,len);
2157                 break;
2158             case ososSof:
2159                 OJPEGWriteStreamSof(tif,mem,len);
2160                 break;
2161             case ososSos:
2162                 OJPEGWriteStreamSos(tif,mem,len);
2163                 break;
2164             case ososCompressed:
2165                 if (OJPEGWriteStreamCompressed(tif,mem,len)==0)
2166                     return(0);
2167                 break;
2168             case ososRst:
2169                 OJPEGWriteStreamRst(tif,mem,len);
2170                 break;
2171             case ososEoi:
2172                 OJPEGWriteStreamEoi(tif,mem,len);
2173                 break;
2174         }
2175     } while (*len==0);
2176     return(1);
2177 }
2178 
2179 static void
OJPEGWriteStreamSoi(TIFF * tif,void ** mem,uint32 * len)2180 OJPEGWriteStreamSoi(TIFF* tif, void** mem, uint32* len)
2181 {
2182     OJPEGState* sp=(OJPEGState*)tif->tif_data;
2183     assert(OJPEG_BUFFER>=2);
2184     sp->out_buffer[0]=255;
2185     sp->out_buffer[1]=JPEG_MARKER_SOI;
2186     *len=2;
2187     *mem=(void*)sp->out_buffer;
2188     sp->out_state++;
2189 }
2190 
2191 static void
OJPEGWriteStreamQTable(TIFF * tif,uint8 table_index,void ** mem,uint32 * len)2192 OJPEGWriteStreamQTable(TIFF* tif, uint8 table_index, void** mem, uint32* len)
2193 {
2194     OJPEGState* sp=(OJPEGState*)tif->tif_data;
2195     if (sp->qtable[table_index]!=0)
2196     {
2197         *mem=(void*)(sp->qtable[table_index]+sizeof(uint32));
2198         *len=*((uint32*)sp->qtable[table_index])-sizeof(uint32);
2199     }
2200     sp->out_state++;
2201 }
2202 
2203 static void
OJPEGWriteStreamDcTable(TIFF * tif,uint8 table_index,void ** mem,uint32 * len)2204 OJPEGWriteStreamDcTable(TIFF* tif, uint8 table_index, void** mem, uint32* len)
2205 {
2206     OJPEGState* sp=(OJPEGState*)tif->tif_data;
2207     if (sp->dctable[table_index]!=0)
2208     {
2209         *mem=(void*)(sp->dctable[table_index]+sizeof(uint32));
2210         *len=*((uint32*)sp->dctable[table_index])-sizeof(uint32);
2211     }
2212     sp->out_state++;
2213 }
2214 
2215 static void
OJPEGWriteStreamAcTable(TIFF * tif,uint8 table_index,void ** mem,uint32 * len)2216 OJPEGWriteStreamAcTable(TIFF* tif, uint8 table_index, void** mem, uint32* len)
2217 {
2218     OJPEGState* sp=(OJPEGState*)tif->tif_data;
2219     if (sp->actable[table_index]!=0)
2220     {
2221         *mem=(void*)(sp->actable[table_index]+sizeof(uint32));
2222         *len=*((uint32*)sp->actable[table_index])-sizeof(uint32);
2223     }
2224     sp->out_state++;
2225 }
2226 
2227 static void
OJPEGWriteStreamDri(TIFF * tif,void ** mem,uint32 * len)2228 OJPEGWriteStreamDri(TIFF* tif, void** mem, uint32* len)
2229 {
2230     OJPEGState* sp=(OJPEGState*)tif->tif_data;
2231     assert(OJPEG_BUFFER>=6);
2232     if (sp->restart_interval!=0)
2233     {
2234         sp->out_buffer[0]=255;
2235         sp->out_buffer[1]=JPEG_MARKER_DRI;
2236         sp->out_buffer[2]=0;
2237         sp->out_buffer[3]=4;
2238         sp->out_buffer[4]=(sp->restart_interval>>8);
2239         sp->out_buffer[5]=(sp->restart_interval&255);
2240         *len=6;
2241         *mem=(void*)sp->out_buffer;
2242     }
2243     sp->out_state++;
2244 }
2245 
2246 static void
OJPEGWriteStreamSof(TIFF * tif,void ** mem,uint32 * len)2247 OJPEGWriteStreamSof(TIFF* tif, void** mem, uint32* len)
2248 {
2249     OJPEGState* sp=(OJPEGState*)tif->tif_data;
2250     uint8 m;
2251     assert(OJPEG_BUFFER>=2+8+sp->samples_per_pixel_per_plane*3);
2252     assert(255>=8+sp->samples_per_pixel_per_plane*3);
2253     sp->out_buffer[0]=255;
2254     sp->out_buffer[1]=sp->sof_marker_id;
2255     /* Lf */
2256     sp->out_buffer[2]=0;
2257     sp->out_buffer[3]=8+sp->samples_per_pixel_per_plane*3;
2258     /* P */
2259     sp->out_buffer[4]=8;
2260     /* Y */
2261     sp->out_buffer[5]=(sp->sof_y>>8);
2262     sp->out_buffer[6]=(sp->sof_y&255);
2263     /* X */
2264     sp->out_buffer[7]=(sp->sof_x>>8);
2265     sp->out_buffer[8]=(sp->sof_x&255);
2266     /* Nf */
2267     sp->out_buffer[9]=sp->samples_per_pixel_per_plane;
2268     for (m=0; m<sp->samples_per_pixel_per_plane; m++)
2269     {
2270         /* C */
2271         sp->out_buffer[10+m*3]=sp->sof_c[sp->plane_sample_offset+m];
2272         /* H and V */
2273         sp->out_buffer[10+m*3+1]=sp->sof_hv[sp->plane_sample_offset+m];
2274         /* Tq */
2275         sp->out_buffer[10+m*3+2]=sp->sof_tq[sp->plane_sample_offset+m];
2276     }
2277     *len=10+sp->samples_per_pixel_per_plane*3;
2278     *mem=(void*)sp->out_buffer;
2279     sp->out_state++;
2280 }
2281 
2282 static void
OJPEGWriteStreamSos(TIFF * tif,void ** mem,uint32 * len)2283 OJPEGWriteStreamSos(TIFF* tif, void** mem, uint32* len)
2284 {
2285     OJPEGState* sp=(OJPEGState*)tif->tif_data;
2286     uint8 m;
2287     assert(OJPEG_BUFFER>=2+6+sp->samples_per_pixel_per_plane*2);
2288     assert(255>=6+sp->samples_per_pixel_per_plane*2);
2289     sp->out_buffer[0]=255;
2290     sp->out_buffer[1]=JPEG_MARKER_SOS;
2291     /* Ls */
2292     sp->out_buffer[2]=0;
2293     sp->out_buffer[3]=6+sp->samples_per_pixel_per_plane*2;
2294     /* Ns */
2295     sp->out_buffer[4]=sp->samples_per_pixel_per_plane;
2296     for (m=0; m<sp->samples_per_pixel_per_plane; m++)
2297     {
2298         /* Cs */
2299         sp->out_buffer[5+m*2]=sp->sos_cs[sp->plane_sample_offset+m];
2300         /* Td and Ta */
2301         sp->out_buffer[5+m*2+1]=sp->sos_tda[sp->plane_sample_offset+m];
2302     }
2303     /* Ss */
2304     sp->out_buffer[5+sp->samples_per_pixel_per_plane*2]=0;
2305     /* Se */
2306     sp->out_buffer[5+sp->samples_per_pixel_per_plane*2+1]=63;
2307     /* Ah and Al */
2308     sp->out_buffer[5+sp->samples_per_pixel_per_plane*2+2]=0;
2309     *len=8+sp->samples_per_pixel_per_plane*2;
2310     *mem=(void*)sp->out_buffer;
2311     sp->out_state++;
2312 }
2313 
2314 static int
OJPEGWriteStreamCompressed(TIFF * tif,void ** mem,uint32 * len)2315 OJPEGWriteStreamCompressed(TIFF* tif, void** mem, uint32* len)
2316 {
2317     OJPEGState* sp=(OJPEGState*)tif->tif_data;
2318     if (sp->in_buffer_togo==0)
2319     {
2320         if (OJPEGReadBufferFill(sp)==0)
2321             return(0);
2322         assert(sp->in_buffer_togo>0);
2323     }
2324     *len=sp->in_buffer_togo;
2325     *mem=(void*)sp->in_buffer_cur;
2326     sp->in_buffer_togo=0;
2327     if (sp->in_buffer_file_togo==0)
2328     {
2329         switch(sp->in_buffer_source)
2330         {
2331             case osibsStrile:
2332                 if (sp->in_buffer_next_strile<sp->in_buffer_strile_count)
2333                     sp->out_state=ososRst;
2334                 else
2335                     sp->out_state=ososEoi;
2336                 break;
2337             case osibsEof:
2338                 sp->out_state=ososEoi;
2339                 break;
2340             default:
2341                 break;
2342         }
2343     }
2344     return(1);
2345 }
2346 
2347 static void
OJPEGWriteStreamRst(TIFF * tif,void ** mem,uint32 * len)2348 OJPEGWriteStreamRst(TIFF* tif, void** mem, uint32* len)
2349 {
2350     OJPEGState* sp=(OJPEGState*)tif->tif_data;
2351     assert(OJPEG_BUFFER>=2);
2352     sp->out_buffer[0]=255;
2353     sp->out_buffer[1]=JPEG_MARKER_RST0+sp->restart_index;
2354     sp->restart_index++;
2355     if (sp->restart_index==8)
2356         sp->restart_index=0;
2357     *len=2;
2358     *mem=(void*)sp->out_buffer;
2359     sp->out_state=ososCompressed;
2360 }
2361 
2362 static void
OJPEGWriteStreamEoi(TIFF * tif,void ** mem,uint32 * len)2363 OJPEGWriteStreamEoi(TIFF* tif, void** mem, uint32* len)
2364 {
2365     OJPEGState* sp=(OJPEGState*)tif->tif_data;
2366     assert(OJPEG_BUFFER>=2);
2367     sp->out_buffer[0]=255;
2368     sp->out_buffer[1]=JPEG_MARKER_EOI;
2369     *len=2;
2370     *mem=(void*)sp->out_buffer;
2371 }
2372 
2373 #ifndef LIBJPEG_ENCAP_EXTERNAL
2374 static int
jpeg_create_decompress_encap(OJPEGState * sp,jpeg_decompress_struct * cinfo)2375 jpeg_create_decompress_encap(OJPEGState* sp, jpeg_decompress_struct* cinfo)
2376 {
2377     return(SETJMP(sp->exit_jmpbuf)?0:(jpeg_create_decompress(cinfo),1));
2378 }
2379 #endif
2380 
2381 #ifndef LIBJPEG_ENCAP_EXTERNAL
2382 static int
jpeg_read_header_encap(OJPEGState * sp,jpeg_decompress_struct * cinfo,uint8 require_image)2383 jpeg_read_header_encap(OJPEGState* sp, jpeg_decompress_struct* cinfo, uint8 require_image)
2384 {
2385     return(SETJMP(sp->exit_jmpbuf)?0:(jpeg_read_header(cinfo,require_image),1));
2386 }
2387 #endif
2388 
2389 #ifndef LIBJPEG_ENCAP_EXTERNAL
2390 static int
jpeg_start_decompress_encap(OJPEGState * sp,jpeg_decompress_struct * cinfo)2391 jpeg_start_decompress_encap(OJPEGState* sp, jpeg_decompress_struct* cinfo)
2392 {
2393     return(SETJMP(sp->exit_jmpbuf)?0:(jpeg_start_decompress(cinfo),1));
2394 }
2395 #endif
2396 
2397 #ifndef LIBJPEG_ENCAP_EXTERNAL
2398 static int
jpeg_read_scanlines_encap(OJPEGState * sp,jpeg_decompress_struct * cinfo,void * scanlines,uint32 max_lines)2399 jpeg_read_scanlines_encap(OJPEGState* sp, jpeg_decompress_struct* cinfo, void* scanlines, uint32 max_lines)
2400 {
2401     return(SETJMP(sp->exit_jmpbuf)?0:(jpeg_read_scanlines(cinfo,scanlines,max_lines),1));
2402 }
2403 #endif
2404 
2405 #ifndef LIBJPEG_ENCAP_EXTERNAL
2406 static int
jpeg_read_raw_data_encap(OJPEGState * sp,jpeg_decompress_struct * cinfo,void * data,uint32 max_lines)2407 jpeg_read_raw_data_encap(OJPEGState* sp, jpeg_decompress_struct* cinfo, void* data, uint32 max_lines)
2408 {
2409     return(SETJMP(sp->exit_jmpbuf)?0:(jpeg_read_raw_data(cinfo,data,max_lines),1));
2410 }
2411 #endif
2412 
2413 #ifndef LIBJPEG_ENCAP_EXTERNAL
2414 static void
jpeg_encap_unwind(TIFF * tif)2415 jpeg_encap_unwind(TIFF* tif)
2416 {
2417     OJPEGState* sp=(OJPEGState*)tif->tif_data;
2418     LONGJMP(sp->exit_jmpbuf,1);
2419 }
2420 #endif
2421 
2422 static void
OJPEGLibjpegJpegErrorMgrOutputMessage(jpeg_common_struct * cinfo)2423 OJPEGLibjpegJpegErrorMgrOutputMessage(jpeg_common_struct* cinfo)
2424 {
2425     char buffer[JMSG_LENGTH_MAX];
2426     (*cinfo->err->format_message)(cinfo,buffer);
2427     TIFFWarningExt(((TIFF*)(cinfo->client_data))->tif_clientdata,"LibJpeg","%s",buffer);
2428 }
2429 
2430 static void
OJPEGLibjpegJpegErrorMgrErrorExit(jpeg_common_struct * cinfo)2431 OJPEGLibjpegJpegErrorMgrErrorExit(jpeg_common_struct* cinfo)
2432 {
2433     char buffer[JMSG_LENGTH_MAX];
2434     (*cinfo->err->format_message)(cinfo,buffer);
2435     TIFFErrorExt(((TIFF*)(cinfo->client_data))->tif_clientdata,"LibJpeg","%s",buffer);
2436     jpeg_encap_unwind((TIFF*)(cinfo->client_data));
2437 }
2438 
2439 static void
OJPEGLibjpegJpegSourceMgrInitSource(jpeg_decompress_struct * cinfo)2440 OJPEGLibjpegJpegSourceMgrInitSource(jpeg_decompress_struct* cinfo)
2441 {
2442     (void)cinfo;
2443 }
2444 
2445 static boolean
OJPEGLibjpegJpegSourceMgrFillInputBuffer(jpeg_decompress_struct * cinfo)2446 OJPEGLibjpegJpegSourceMgrFillInputBuffer(jpeg_decompress_struct* cinfo)
2447 {
2448     TIFF* tif=(TIFF*)cinfo->client_data;
2449     OJPEGState* sp=(OJPEGState*)tif->tif_data;
2450     void* mem=0;
2451     uint32 len=0U;
2452     if (OJPEGWriteStream(tif,&mem,&len)==0)
2453     {
2454         TIFFErrorExt(tif->tif_clientdata,"LibJpeg","Premature end of JPEG data");
2455         jpeg_encap_unwind(tif);
2456     }
2457     sp->libjpeg_jpeg_source_mgr.bytes_in_buffer=len;
2458     sp->libjpeg_jpeg_source_mgr.next_input_byte=mem;
2459     return(1);
2460 }
2461 
2462 static void
OJPEGLibjpegJpegSourceMgrSkipInputData(jpeg_decompress_struct * cinfo,long num_bytes)2463 OJPEGLibjpegJpegSourceMgrSkipInputData(jpeg_decompress_struct* cinfo, long num_bytes)
2464 {
2465     TIFF* tif=(TIFF*)cinfo->client_data;
2466     (void)num_bytes;
2467     TIFFErrorExt(tif->tif_clientdata,"LibJpeg","Unexpected error");
2468     jpeg_encap_unwind(tif);
2469 }
2470 
2471 static boolean
OJPEGLibjpegJpegSourceMgrResyncToRestart(jpeg_decompress_struct * cinfo,int desired)2472 OJPEGLibjpegJpegSourceMgrResyncToRestart(jpeg_decompress_struct* cinfo, int desired)
2473 {
2474     TIFF* tif=(TIFF*)cinfo->client_data;
2475     (void)desired;
2476     TIFFErrorExt(tif->tif_clientdata,"LibJpeg","Unexpected error");
2477     jpeg_encap_unwind(tif);
2478     return(0);
2479 }
2480 
2481 static void
OJPEGLibjpegJpegSourceMgrTermSource(jpeg_decompress_struct * cinfo)2482 OJPEGLibjpegJpegSourceMgrTermSource(jpeg_decompress_struct* cinfo)
2483 {
2484     (void)cinfo;
2485 }
2486 
2487 #endif
2488 
2489 
2490 /*
2491  * Local Variables:
2492  * mode: c
2493  * c-basic-offset: 8
2494  * fill-column: 78
2495  * End:
2496  */
2497