/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/*
*
* Copyright (C) 1991-1998, Thomas G. Lane.
* This file is part of the Independent JPEG Group's software.
* For conditions of distribution and use, see the accompanying README file.
*
* This file contains routines to decode JPEG datastream markers.
* Most of the complexity arises from our desire to support input
* suspension: if not all of the data for a marker is available,
* we must exit back to the application. On resumption, we reprocess
* the marker.
*/
#define JPEG_INTERNALS
#include "jinclude.h"
#include "jpeglib.h"
typedef enum { /* JPEG marker codes */
} JPEG_MARKER;
/* Private state */
typedef struct {
/* Application-overridable marker processing methods */
/* Limit on marker data length to save for each marker type */
unsigned int length_limit_COM;
/* Note: cur_marker is not linked into marker_list until it's all read. */
/*
* Macros for fetching data from the data source module.
*
* At all times, cinfo->src->next_input_byte and ->bytes_in_buffer reflect
* the current restart point; we update them only when we have reached a
* suitable place to restart if a suspension occurs.
*/
/* Unload the local copies --- do this only at a restart boundary */
/* Reload the local copies --- used only in MAKE_BYTE_AVAIL */
/* Internal macro for INPUT_BYTE and INPUT_2BYTES: make a byte available.
* Note we do *not* do INPUT_SYNC before calling fill_input_buffer,
* but we must reload the local copies after a successful fill.
*/
if (bytes_in_buffer == 0) { \
{ action; } \
INPUT_RELOAD(cinfo); \
}
/* Read a byte into variable V.
* If must suspend, take the specified action (typically "return FALSE").
*/
bytes_in_buffer--; \
V = GETJOCTET(*next_input_byte++); )
/* As above, but read two bytes interpreted as an unsigned 16-bit integer.
* V should be declared unsigned int or perhaps INT32.
*/
bytes_in_buffer--; \
bytes_in_buffer--; \
V += GETJOCTET(*next_input_byte++); )
/*
* Routines to process JPEG markers.
*
* Entry condition: JPEG marker itself has been read and its code saved
* in cinfo->unread_marker; input restart point is just after the marker.
*
* Exit: if return TRUE, have read and processed any parameters, and have
* updated the restart point to point after the parameters.
* If return FALSE, was forced to suspend before reaching end of
* marker parameters; restart point has not been moved. Same routine
* will be called again after application supplies more input data.
*
* This approach to suspension assumes that all of a marker's parameters
* can fit into a single input bufferload. This should hold for "normal"
* that might not fit. If we are simply dropping such a marker, we use
* skip_input_data to get past it, and thereby put the problem on the
* source manager's shoulders. If we are saving the marker's contents
* into memory, we use a slightly different convention: when forced to
* suspend, the marker processor updates the restart point to the end of
* what it's consumed (ie, the end of the buffer) before returning FALSE.
* On resumption, cinfo->unread_marker still contains the marker code,
* but the data source will point to the next chunk of marker data.
* The marker processor must retain internal state to deal with this.
*
* Note that we don't bother to avoid duplicate trace messages if a
* suspension occurs within marker parameters. Other side effects
* require more care.
*/
/* Process an SOI marker */
{
int i;
/* Reset all parameters that are defined to be reset by SOI */
for (i = 0; i < NUM_ARITH_TBLS; i++) {
cinfo->arith_dc_L[i] = 0;
}
cinfo->restart_interval = 0;
/* Set initial assumptions for colorspace etc */
cinfo->density_unit = 0;
cinfo->Adobe_transform = 0;
return TRUE;
}
/* Process a SOFn marker */
{
int c, ci;
length -= 8;
/* We don't support files in which the image height is initially specified */
/* as 0 and is later redefined by DNL. As long as we have to check that, */
/* might as well have a general sanity check. */
|| cinfo->num_components <= 0)
}
}
return TRUE;
}
/* Process a SOS marker */
{
cinfo->comps_in_scan = n;
/* Collect the component-spec parameters */
for (i = 0; i < n; i++) {
goto id_found;
}
}
/* Prepare to scan data & restart markers */
/* Count another SOS marker */
return TRUE;
}
#ifdef D_ARITH_CODING_SUPPORTED
/* Process a DAC marker */
{
length -= 2;
while (length > 0) {
length -= 2;
} else { /* define DC table */
}
}
if (length != 0)
return TRUE;
}
#else /* ! D_ARITH_CODING_SUPPORTED */
#endif /* D_ARITH_CODING_SUPPORTED */
/* Process a DHT marker */
{
length -= 2;
while (length > 16) {
bits[0] = 0;
count = 0;
for (i = 1; i <= 16; i++) {
}
/* Here we just do minimal validation of the counts to avoid walking
* off the end of our table space. jdhuff.c will check more carefully.
*/
for (i = 0; i < count; i++)
index -= 0x10;
} else { /* DC table definition */
}
}
if (length != 0)
return TRUE;
}
/* Process a DQT marker */
{
int n, i, prec;
unsigned int tmp;
length -= 2;
while (length > 0) {
prec = n >> 4;
n &= 0x0F;
if (n >= NUM_QUANT_TBLS)
for (i = 0; i < DCTSIZE2; i++) {
if (prec)
else
/* We convert the zigzag-order table to natural array order. */
}
for (i = 0; i < DCTSIZE2; i += 8) {
}
}
}
if (length != 0)
return TRUE;
}
/* Process a DRI marker */
{
unsigned int tmp;
if (length != 4)
return TRUE;
}
/*
* Routines for processing APPn and COM markers.
* These are either saved in memory or discarded, per application request.
* APP0 and APP14 are specially checked to see if they are
* JFIF and Adobe markers, respectively.
*/
LOCAL(void)
/* Examine first few bytes from an APP0.
* Take appropriate action if it is a JFIF marker.
* datalen is # of bytes at data[], remaining is length of rest of marker data.
*/
{
if (datalen >= APP0_DATA_LEN &&
/* Found JFIF APP0 marker: save info */
/* Check version.
* Major version must be 1, anything else signals an incompatible change.
* (We used to treat this as an error, but now it's a nonfatal warning,
* because some bozo at Hijaak couldn't read the spec.)
* Minor version should be 0..2, but process anyway if newer.
*/
/* Generate trace messages */
/* Validate thumbnail dimensions and issue appropriate messages */
if (totallen !=
} else if (datalen >= 6 &&
/* Found JFIF "JFXX" extension APP0 marker */
/* The library doesn't actually do anything with these,
* but we try to produce a helpful trace message.
*/
case 0x10:
break;
case 0x11:
break;
case 0x13:
break;
default:
break;
}
} else {
/* Start of APP0 does not match "JFIF" or "JFXX", or too short */
/*
* In this case we have seen the APP0 marker but the remaining
* APP0 section may be corrupt. Regardless, we will set the
* saw_JFIF_marker flag as it is important for making the
* correct choice of JPEG color space later (we will assume
* YCbCr in this case). The version and density fields will
* contain default values, which should be sufficient for our needs.
*/
}
}
LOCAL(void)
/* Examine first few bytes from an APP14.
* Take appropriate action if it is an Adobe marker.
* datalen is # of bytes at data[], remaining is length of rest of marker data.
*/
{
if (datalen >= APP14_DATA_LEN &&
/* Found Adobe APP14 marker */
} else {
/* Start of APP14 does not match "Adobe", or too short */
}
}
/* Process an APP0 or APP14 marker without saving it */
{
JOCTET b[APPN_DATA_LEN];
unsigned int i, numtoread;
length -= 2;
/* get the interesting part of the marker data */
if (length >= APPN_DATA_LEN)
else if (length > 0)
else
numtoread = 0;
for (i = 0; i < numtoread; i++)
/* process it */
switch (cinfo->unread_marker) {
case M_APP0:
break;
case M_APP14:
break;
default:
/* can't get here unless jpeg_save_markers chooses wrong processor */
break;
}
/* skip any remaining data -- could be lots */
if (length > 0)
return TRUE;
}
#ifdef SAVE_MARKERS_SUPPORTED
/* Save an APPn or COM marker into the marker list */
{
if (cur_marker == NULL) {
/* begin reading a marker */
length -= 2;
if (length >= 0) { /* watch out for bogus length word */
/* figure out how much we want to save */
unsigned int limit;
else
/* allocate and initialize the marker item */
/* data area is just beyond the jpeg_marker_struct */
marker->bytes_read = 0;
bytes_read = 0;
data_length = limit;
} else {
/* deal with bogus length word */
bytes_read = data_length = 0;
}
} else {
/* resume reading a marker */
}
while (bytes_read < data_length) {
/* If there's not at least one byte in buffer, suspend */
/* Copy bytes with reasonable rapidity */
*data++ = *next_input_byte++;
bytes_read++;
}
}
/* Done reading what we want to read */
/* Add new marker to end of list */
} else {
}
/* Reset pointer & calc remaining data length */
}
/* Reset to initial state for next marker */
/* Process the marker if interesting; else just make a generic trace msg */
switch (cinfo->unread_marker) {
case M_APP0:
break;
case M_APP14:
break;
default:
(int) (data_length + length));
break;
}
/* skip any remaining data -- could be lots */
if (length > 0)
return TRUE;
}
#endif /* SAVE_MARKERS_SUPPORTED */
/* Skip over an unknown or uninteresting variable-length marker */
{
length -= 2;
if (length > 0)
return TRUE;
}
/*
* Find the next JPEG marker, save it in cinfo->unread_marker.
* Returns FALSE if had to suspend before reaching a marker;
* in that case cinfo->unread_marker is unchanged.
*
* Note that the result might not be a valid marker code,
* but it will never be 0 or FF.
*/
{
int c;
for (;;) {
/* Skip any non-FF bytes.
* This may look a bit inefficient, but it will not occur in a valid file.
* We sync after each discarded byte so that a suspending data source
* can discard the byte from its buffer.
*/
while (c != 0xFF) {
}
/* This loop swallows any duplicate FF bytes. Extra FFs are legal as
* pad bytes, so don't count them in discarded_bytes. We assume there
* will not be so many consecutive FF bytes as to overflow a suspending
* data source's input buffer.
*/
do {
} while (c == 0xFF);
if (c != 0)
break; /* found a valid marker, exit loop */
/* Reach here if we found a stuffed-zero data sequence (FF/00).
* Discard it and loop back to try again.
*/
}
}
cinfo->unread_marker = c;
return TRUE;
}
/* Like next_marker, but used to obtain the initial SOI marker. */
/* For this marker, we do not allow preceding garbage or fill; otherwise,
* we might well scan an entire input file before realizing it ain't JPEG.
* If an application wants to process non-JFIF files, it must seek to the
* SOI before calling the JPEG library.
*/
{
int c, c2;
return TRUE;
}
/*
* Read markers until SOS or EOI.
*
* Returns same codes as are defined for jpeg_consume_input:
* JPEG_SUSPENDED, JPEG_REACHED_SOS, or JPEG_REACHED_EOI.
*/
METHODDEF(int)
{
/* Outer loop repeats once for each marker. */
for (;;) {
/* Collect the marker proper, unless we already did. */
/* NB: first_marker() enforces the requirement that SOI appear first. */
if (cinfo->unread_marker == 0) {
if (! first_marker(cinfo))
return JPEG_SUSPENDED;
} else {
if (! next_marker(cinfo))
return JPEG_SUSPENDED;
}
}
/* At this point cinfo->unread_marker contains the marker code and the
* input point is just past the marker proper, but before any parameters.
* A suspension will cause us to return with this state still true.
*/
switch (cinfo->unread_marker) {
case M_SOI:
return JPEG_SUSPENDED;
break;
case M_SOF0: /* Baseline */
case M_SOF1: /* Extended sequential, Huffman */
return JPEG_SUSPENDED;
break;
case M_SOF2: /* Progressive, Huffman */
return JPEG_SUSPENDED;
break;
case M_SOF9: /* Extended sequential, arithmetic */
return JPEG_SUSPENDED;
break;
case M_SOF10: /* Progressive, arithmetic */
return JPEG_SUSPENDED;
break;
/* Currently unsupported SOFn types */
case M_SOF3: /* Lossless, Huffman */
case M_SOF5: /* Differential sequential, Huffman */
case M_SOF6: /* Differential progressive, Huffman */
case M_SOF7: /* Differential lossless, Huffman */
case M_JPG: /* Reserved for JPEG extensions */
case M_SOF11: /* Lossless, arithmetic */
case M_SOF13: /* Differential sequential, arithmetic */
case M_SOF14: /* Differential progressive, arithmetic */
case M_SOF15: /* Differential lossless, arithmetic */
break;
case M_SOS:
return JPEG_SUSPENDED;
return JPEG_REACHED_SOS;
case M_EOI:
return JPEG_REACHED_EOI;
case M_DAC:
return JPEG_SUSPENDED;
break;
case M_DHT:
return JPEG_SUSPENDED;
break;
case M_DQT:
return JPEG_SUSPENDED;
break;
case M_DRI:
return JPEG_SUSPENDED;
break;
case M_APP0:
case M_APP1:
case M_APP2:
case M_APP3:
case M_APP4:
case M_APP5:
case M_APP6:
case M_APP7:
case M_APP8:
case M_APP9:
case M_APP10:
case M_APP11:
case M_APP12:
case M_APP13:
case M_APP14:
case M_APP15:
return JPEG_SUSPENDED;
break;
case M_COM:
return JPEG_SUSPENDED;
break;
case M_RST0: /* these are all parameterless */
case M_RST1:
case M_RST2:
case M_RST3:
case M_RST4:
case M_RST5:
case M_RST6:
case M_RST7:
case M_TEM:
break;
case M_DNL: /* Ignore DNL ... perhaps the wrong thing */
if (! skip_variable(cinfo))
return JPEG_SUSPENDED;
break;
default: /* must be DHP, EXP, JPGn, or RESn */
/* For now, we treat the reserved markers as fatal errors since they are
* likely to be used to signal incompatible JPEG Part 3 extensions.
* Once the JPEG 3 version-number marker is well defined, this code
* ought to change!
* [To be behaviorally compatible with other popular image display
* applications, we are now treating these unknown markers as warnings,
* rather than errors. This allows processing to continue, although
* any portions of the image after the bad marker may be corrupted
*/
break;
}
/* Successfully processed marker, so reset state variable */
cinfo->unread_marker = 0;
} /* end loop */
}
/*
* Read a restart marker, which is expected to appear next in the datastream;
* if the marker is not there, take appropriate recovery action.
* Returns FALSE if suspension is required.
*
* This is called by the entropy decoder after it has read an appropriate
* number of MCUs. cinfo->unread_marker may be nonzero if the entropy decoder
* has already read a marker from the data source. Under normal conditions
* cinfo->unread_marker will be reset to 0 before returning; if not reset,
* it holds a marker which the decoder will be unable to read past.
*/
{
/* Obtain a marker unless we already did. */
/* Note that next_marker will complain if it skips any data. */
if (cinfo->unread_marker == 0) {
if (! next_marker(cinfo))
return FALSE;
}
if (cinfo->unread_marker ==
/* Normal case --- swallow the marker and let entropy decoder continue */
cinfo->unread_marker = 0;
} else {
/* Uh-oh, the restart markers have been messed up. */
/* Let the data source manager determine how to resync. */
return FALSE;
}
/* Update next-restart state */
return TRUE;
}
/*
* This is the default resync_to_restart method for data source managers
* to use if they don't have any better approach. Some data source managers
* may be able to back up, or may have additional knowledge about the data
* which permits a more intelligent recovery strategy; such managers would
* presumably supply their own resync method.
*
* read_restart_marker calls resync_to_restart if it finds a marker other than
* the restart marker it was expecting. (This code is *not* used unless
* a nonzero restart interval has been declared.) cinfo->unread_marker is
* the marker code actually found (might be anything, except 0 or FF).
* The desired restart marker number (0..7) is passed as a parameter.
* This routine is supposed to apply whatever error recovery strategy seems
* appropriate in order to position the input stream to the next data segment.
* Note that cinfo->unread_marker is treated as a marker appearing before
* the current data-source input point; usually it should be reset to zero
* before returning.
* Returns FALSE if suspension is required.
*
* This implementation is substantially constrained by wanting to treat the
* input as a data stream; this means we can't back up. Therefore, we have
* only the following actions to work with:
* 1. Simply discard the marker and let the entropy decoder resume at next
* byte of file.
* 2. Read forward until we find another marker, discarding intervening
* data. (In theory we could look ahead within the current bufferload,
* without having to discard data if we don't find the desired marker.
* This idea is not implemented here, in part because it makes behavior
* dependent on buffer size and chance buffer-boundary positions.)
* 3. Leave the marker unread (by failing to zero cinfo->unread_marker).
* This will cause the entropy decoder to process an empty data segment,
* inserting dummy zeroes, and then we will reprocess the marker.
*
* #2 is appropriate if we think the desired marker lies ahead, while #3 is
* appropriate if the found marker is a future restart marker (indicating
* that we have missed the desired restart marker, probably because it got
* corrupted).
* We apply #2 or #3 if the found marker is a restart marker no more than
* two counts behind or ahead of the expected one. We also apply #2 if the
* found marker is not a legal JPEG marker code (it's certainly bogus data).
* If the found marker is a restart marker more than 2 counts away, we do #1
* (too much risk that the marker is erroneous; with luck we will be able to
* resync at some future point).
* For any valid non-restart JPEG marker, we apply #3. This keeps us from
* overrunning the end of a scan. An implementation limited to single-scan
* files might find it better to apply #2 for markers other than EOI, since
* any other marker would have to be bogus data in that case.
*/
{
/* Always put up a warning. */
/* Outer loop handles repeated decision after scanning forward. */
for (;;) {
else {
else
}
switch (action) {
case 1:
/* Discard marker and let entropy decoder resume processing. */
cinfo->unread_marker = 0;
return TRUE;
case 2:
/* Scan to the next marker, and repeat the decision loop. */
if (! next_marker(cinfo))
return FALSE;
break;
case 3:
/* Return without advancing past this marker. */
/* Entropy decoder will be forced to process an empty segment. */
return TRUE;
}
} /* end loop */
}
/*
* Reset marker processing state to begin a fresh datastream.
*/
METHODDEF(void)
{
}
/*
* Initialize the marker reader module.
* This is called only once, when the decompression object is created.
*/
GLOBAL(void)
{
int i;
/* Create subobject in permanent pool */
marker = (my_marker_ptr)
/* Initialize public method pointers */
* By default, we examine and then discard APP0 and APP14.
* We also may need to save APP1 to detect the case of EXIF images (see 4881314).
* COM and all other APPn are simply discarded.
*/
marker->length_limit_COM = 0;
for (i = 0; i < 16; i++) {
marker->length_limit_APPn[i] = 0;
}
/* Reset marker processing state */
}
/*
* Control saving of COM and APPn markers into marker_list.
*/
#ifdef SAVE_MARKERS_SUPPORTED
GLOBAL(void)
unsigned int length_limit)
{
/* Length limit mustn't be larger than what we can allocate
* (should only be a concern in a 16-bit environment).
*/
if (length_limit > maxlength)
length_limit = (unsigned int) maxlength;
/* Choose processor routine to use.
*/
if (length_limit) {
} else {
}
if (marker_code == (int) M_COM) {
} else
}
#endif /* SAVE_MARKERS_SUPPORTED */
/*
* Install a special processing method for COM or APPn markers.
*/
GLOBAL(void)
{
if (marker_code == (int) M_COM)
else
}