Qt
Internal/Contributor docs for the Qt SDK. Note: These are NOT official API docs; those are found at https://doc.qt.io/
Loading...
Searching...
No Matches
jpegmodule.cpp
Go to the documentation of this file.
1// Copyright 2014 The PDFium Authors
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5// Original code copyright 2014 Foxit Software Inc. http://www.foxitsoftware.com
6
7#include "core/fxcodec/jpeg/jpegmodule.h"
8
9#include <setjmp.h>
10#include <stdint.h>
11#include <string.h>
12
13#include <memory>
14#include <utility>
15
16#include "build/build_config.h"
17#include "core/fxcodec/cfx_codec_memory.h"
18#include "core/fxcodec/jpeg/jpeg_common.h"
19#include "core/fxcodec/scanlinedecoder.h"
20#include "core/fxcrt/data_vector.h"
21#include "core/fxcrt/fx_safe_types.h"
22#include "core/fxge/dib/cfx_dibbase.h"
23#include "core/fxge/dib/fx_dib.h"
24#include "third_party/abseil-cpp/absl/types/optional.h"
25#include "third_party/base/check.h"
26#include "third_party/base/check_op.h"
27
28static pdfium::span<const uint8_t> JpegScanSOI(
29 pdfium::span<const uint8_t> src_span) {
30 DCHECK(!src_span.empty());
31
32 for (size_t offset = 0; offset + 1 < src_span.size(); ++offset) {
33 if (src_span[offset] == 0xff && src_span[offset + 1] == 0xd8)
34 return src_span.subspan(offset);
35 }
36 return src_span;
37}
38
39extern "C" {
40
41static void error_fatal(j_common_ptr cinfo) {
42 longjmp(*(jmp_buf*)cinfo->client_data, -1);
43}
44
45static void src_skip_data(jpeg_decompress_struct* cinfo, long num) {
46 if (num > (long)cinfo->src->bytes_in_buffer) {
47 error_fatal((j_common_ptr)cinfo);
48 }
49 cinfo->src->next_input_byte += num;
50 cinfo->src->bytes_in_buffer -= num;
51}
52
53#if BUILDFLAG(IS_WIN)
54static void dest_do_nothing(j_compress_ptr cinfo) {}
55
56static boolean dest_empty(j_compress_ptr cinfo) {
57 return false;
58}
59#endif // BUILDFLAG(IS_WIN)
60
61} // extern "C"
62
63static bool JpegLoadInfo(pdfium::span<const uint8_t> src_span,
64 JpegModule::ImageInfo* pInfo) {
65 src_span = JpegScanSOI(src_span);
66 jpeg_decompress_struct cinfo;
67 jpeg_error_mgr jerr;
68 jerr.error_exit = error_fatal;
69 jerr.emit_message = error_do_nothing_int;
70 jerr.output_message = error_do_nothing;
71 jerr.format_message = error_do_nothing_char;
72 jerr.reset_error_mgr = error_do_nothing;
73 jerr.trace_level = 0;
74 cinfo.err = &jerr;
75 jmp_buf mark;
76 cinfo.client_data = &mark;
77 if (setjmp(mark) == -1)
78 return false;
79
80 jpeg_create_decompress(&cinfo);
81 jpeg_source_mgr src;
82 src.init_source = src_do_nothing;
83 src.term_source = src_do_nothing;
84 src.skip_input_data = src_skip_data;
85 src.fill_input_buffer = src_fill_buffer;
86 src.resync_to_restart = src_resync;
87 src.bytes_in_buffer = src_span.size();
88 src.next_input_byte = src_span.data();
89 cinfo.src = &src;
90 if (setjmp(mark) == -1) {
91 jpeg_destroy_decompress(&cinfo);
92 return false;
93 }
94 int ret = jpeg_read_header(&cinfo, TRUE);
95 if (ret != JPEG_HEADER_OK) {
96 jpeg_destroy_decompress(&cinfo);
97 return false;
98 }
99 pInfo->width = cinfo.image_width;
100 pInfo->height = cinfo.image_height;
101 pInfo->num_components = cinfo.num_components;
102 pInfo->color_transform =
103 cinfo.jpeg_color_space == JCS_YCbCr || cinfo.jpeg_color_space == JCS_YCCK;
104 pInfo->bits_per_components = cinfo.data_precision;
105 jpeg_destroy_decompress(&cinfo);
106 return true;
107}
108
109namespace fxcodec {
110
111namespace {
112
113constexpr size_t kKnownBadHeaderWithInvalidHeightByteOffsetStarts[] = {94, 163};
114
115class JpegDecoder final : public ScanlineDecoder {
116 public:
117 JpegDecoder();
118 ~JpegDecoder() override;
119
120 bool Create(pdfium::span<const uint8_t> src_span,
121 uint32_t width,
122 uint32_t height,
123 int nComps,
124 bool ColorTransform);
125
126 // ScanlineDecoder:
127 bool Rewind() override;
128 pdfium::span<uint8_t> GetNextLine() override;
129 uint32_t GetSrcOffset() override;
130
131 bool InitDecode(bool bAcceptKnownBadHeader);
132
133 private:
134 void CalcPitch();
135 void InitDecompressSrc();
136
137 // Can only be called inside a jpeg_read_header() setjmp handler.
138 bool HasKnownBadHeaderWithInvalidHeight(size_t dimension_offset) const;
139
140 // Is a JPEG SOFn marker, which is defined as 0xff, 0xc[0-9a-f].
141 bool IsSofSegment(size_t marker_offset) const;
142
143 // Patch up the in-memory JPEG header for known bad JPEGs.
144 void PatchUpKnownBadHeaderWithInvalidHeight(size_t dimension_offset);
145
146 // Patch up the JPEG trailer, even if it is correct.
147 void PatchUpTrailer();
148
149 uint8_t* GetWritableSrcData();
150
151 // For a given invalid height byte offset in
152 // |kKnownBadHeaderWithInvalidHeightByteOffsetStarts|, the SOFn marker should
153 // be this many bytes before that.
154 static constexpr size_t kSofMarkerByteOffset = 5;
155
156 jmp_buf m_JmpBuf;
157 jpeg_decompress_struct m_Cinfo;
158 jpeg_error_mgr m_Jerr;
159 jpeg_source_mgr m_Src;
160 pdfium::span<const uint8_t> m_SrcSpan;
161 DataVector<uint8_t> m_ScanlineBuf;
162 bool m_bInited = false;
163 bool m_bStarted = false;
164 bool m_bJpegTransform = false;
165 uint32_t m_nDefaultScaleDenom = 1;
166};
167
168JpegDecoder::JpegDecoder() {
169 memset(&m_Cinfo, 0, sizeof(m_Cinfo));
170 memset(&m_Jerr, 0, sizeof(m_Jerr));
171 memset(&m_Src, 0, sizeof(m_Src));
172}
173
174JpegDecoder::~JpegDecoder() {
175 if (m_bInited)
176 jpeg_destroy_decompress(&m_Cinfo);
177
178 // Span in superclass can't outlive our buffer.
179 m_pLastScanline = pdfium::span<uint8_t>();
180}
181
182bool JpegDecoder::InitDecode(bool bAcceptKnownBadHeader) {
183 m_Cinfo.err = &m_Jerr;
184 m_Cinfo.client_data = &m_JmpBuf;
185 if (setjmp(m_JmpBuf) == -1)
186 return false;
187
188 jpeg_create_decompress(&m_Cinfo);
189 InitDecompressSrc();
190 m_bInited = true;
191
192 if (setjmp(m_JmpBuf) == -1) {
193 absl::optional<size_t> known_bad_header_offset;
194 if (bAcceptKnownBadHeader) {
195 for (size_t offset : kKnownBadHeaderWithInvalidHeightByteOffsetStarts) {
196 if (HasKnownBadHeaderWithInvalidHeight(offset)) {
197 known_bad_header_offset = offset;
198 break;
199 }
200 }
201 }
202 jpeg_destroy_decompress(&m_Cinfo);
203 if (!known_bad_header_offset.has_value()) {
204 m_bInited = false;
205 return false;
206 }
207
208 PatchUpKnownBadHeaderWithInvalidHeight(known_bad_header_offset.value());
209
210 jpeg_create_decompress(&m_Cinfo);
211 InitDecompressSrc();
212 }
213 m_Cinfo.image_width = m_OrigWidth;
214 m_Cinfo.image_height = m_OrigHeight;
215 int ret = jpeg_read_header(&m_Cinfo, TRUE);
216 if (ret != JPEG_HEADER_OK)
217 return false;
218
219 if (m_Cinfo.saw_Adobe_marker)
220 m_bJpegTransform = true;
221
222 if (m_Cinfo.num_components == 3 && !m_bJpegTransform)
223 m_Cinfo.out_color_space = m_Cinfo.jpeg_color_space;
224
225 m_OrigWidth = m_Cinfo.image_width;
226 m_OrigHeight = m_Cinfo.image_height;
227 m_OutputWidth = m_OrigWidth;
228 m_OutputHeight = m_OrigHeight;
229 m_nDefaultScaleDenom = m_Cinfo.scale_denom;
230 return true;
231}
232
233bool JpegDecoder::Create(pdfium::span<const uint8_t> src_span,
234 uint32_t width,
235 uint32_t height,
236 int nComps,
237 bool ColorTransform) {
238 m_SrcSpan = JpegScanSOI(src_span);
239 if (m_SrcSpan.size() < 2)
240 return false;
241
242 PatchUpTrailer();
243
244 m_Jerr.error_exit = error_fatal;
245 m_Jerr.emit_message = error_do_nothing_int;
246 m_Jerr.output_message = error_do_nothing;
247 m_Jerr.format_message = error_do_nothing_char;
248 m_Jerr.reset_error_mgr = error_do_nothing;
249 m_Src.init_source = src_do_nothing;
250 m_Src.term_source = src_do_nothing;
251 m_Src.skip_input_data = src_skip_data;
252 m_Src.fill_input_buffer = src_fill_buffer;
253 m_Src.resync_to_restart = src_resync;
254 m_bJpegTransform = ColorTransform;
255 m_OutputWidth = m_OrigWidth = width;
256 m_OutputHeight = m_OrigHeight = height;
257 if (!InitDecode(/*bAcceptKnownBadHeader=*/true))
258 return false;
259
260 if (m_Cinfo.num_components < nComps)
261 return false;
262
263 if (m_Cinfo.image_width < width)
264 return false;
265
266 CalcPitch();
267 m_ScanlineBuf = DataVector<uint8_t>(m_Pitch);
268 m_nComps = m_Cinfo.num_components;
269 m_bpc = 8;
270 m_bStarted = false;
271 return true;
272}
273
274bool JpegDecoder::Rewind() {
275 if (m_bStarted) {
276 jpeg_destroy_decompress(&m_Cinfo);
277 if (!InitDecode(/*bAcceptKnownBadHeader=*/false)) {
278 return false;
279 }
280 }
281 if (setjmp(m_JmpBuf) == -1) {
282 return false;
283 }
284 m_Cinfo.scale_denom = m_nDefaultScaleDenom;
285 m_OutputWidth = m_OrigWidth;
286 m_OutputHeight = m_OrigHeight;
287 if (!jpeg_start_decompress(&m_Cinfo)) {
288 jpeg_destroy_decompress(&m_Cinfo);
289 return false;
290 }
291 CHECK_LE(static_cast<int>(m_Cinfo.output_width), m_OrigWidth);
292 m_bStarted = true;
293 return true;
294}
295
296pdfium::span<uint8_t> JpegDecoder::GetNextLine() {
297 if (setjmp(m_JmpBuf) == -1)
298 return pdfium::span<uint8_t>();
299
300 uint8_t* row_array[] = {m_ScanlineBuf.data()};
301 int nlines = jpeg_read_scanlines(&m_Cinfo, row_array, 1);
302 if (nlines <= 0)
303 return pdfium::span<uint8_t>();
304
305 return m_ScanlineBuf;
306}
307
308uint32_t JpegDecoder::GetSrcOffset() {
309 return static_cast<uint32_t>(m_SrcSpan.size() - m_Src.bytes_in_buffer);
310}
311
312void JpegDecoder::CalcPitch() {
313 m_Pitch = static_cast<uint32_t>(m_Cinfo.image_width) * m_Cinfo.num_components;
314 m_Pitch += 3;
315 m_Pitch /= 4;
316 m_Pitch *= 4;
317}
318
319void JpegDecoder::InitDecompressSrc() {
320 m_Cinfo.src = &m_Src;
321 m_Src.bytes_in_buffer = m_SrcSpan.size();
322 m_Src.next_input_byte = m_SrcSpan.data();
323}
324
325bool JpegDecoder::HasKnownBadHeaderWithInvalidHeight(
326 size_t dimension_offset) const {
327 // Perform lots of possibly redundant checks to make sure this has no false
328 // positives.
329 bool bDimensionChecks = m_Cinfo.err->msg_code == JERR_IMAGE_TOO_BIG &&
330 m_Cinfo.image_width < JPEG_MAX_DIMENSION &&
331 m_Cinfo.image_height == 0xffff && m_OrigWidth > 0 &&
332 m_OrigWidth <= JPEG_MAX_DIMENSION &&
333 m_OrigHeight > 0 &&
334 m_OrigHeight <= JPEG_MAX_DIMENSION;
335 if (!bDimensionChecks)
336 return false;
337
338 if (m_SrcSpan.size() <= dimension_offset + 3u)
339 return false;
340
341 if (!IsSofSegment(dimension_offset - kSofMarkerByteOffset))
342 return false;
343
344 const uint8_t* pHeaderDimensions = &m_SrcSpan[dimension_offset];
345 uint8_t nExpectedWidthByte1 = (m_OrigWidth >> 8) & 0xff;
346 uint8_t nExpectedWidthByte2 = m_OrigWidth & 0xff;
347 // Height high byte, height low byte, width high byte, width low byte.
348 return pHeaderDimensions[0] == 0xff && pHeaderDimensions[1] == 0xff &&
349 pHeaderDimensions[2] == nExpectedWidthByte1 &&
350 pHeaderDimensions[3] == nExpectedWidthByte2;
351}
352
353bool JpegDecoder::IsSofSegment(size_t marker_offset) const {
354 const uint8_t* pHeaderMarker = &m_SrcSpan[marker_offset];
355 return pHeaderMarker[0] == 0xff && pHeaderMarker[1] >= 0xc0 &&
356 pHeaderMarker[1] <= 0xcf;
357}
358
359void JpegDecoder::PatchUpKnownBadHeaderWithInvalidHeight(
360 size_t dimension_offset) {
361 DCHECK(m_SrcSpan.size() > dimension_offset + 1u);
362 uint8_t* pData = GetWritableSrcData() + dimension_offset;
363 pData[0] = (m_OrigHeight >> 8) & 0xff;
364 pData[1] = m_OrigHeight & 0xff;
365}
366
367void JpegDecoder::PatchUpTrailer() {
368 uint8_t* pData = GetWritableSrcData();
369 pData[m_SrcSpan.size() - 2] = 0xff;
370 pData[m_SrcSpan.size() - 1] = 0xd9;
371}
372
373uint8_t* JpegDecoder::GetWritableSrcData() {
374 return const_cast<uint8_t*>(m_SrcSpan.data());
375}
376
377} // namespace
378
379// static
380std::unique_ptr<ScanlineDecoder> JpegModule::CreateDecoder(
381 pdfium::span<const uint8_t> src_span,
382 uint32_t width,
383 uint32_t height,
384 int nComps,
385 bool ColorTransform) {
386 DCHECK(!src_span.empty());
387
388 auto pDecoder = std::make_unique<JpegDecoder>();
389 if (!pDecoder->Create(src_span, width, height, nComps, ColorTransform))
390 return nullptr;
391
392 return std::move(pDecoder);
393}
394
395// static
396absl::optional<JpegModule::ImageInfo> JpegModule::LoadInfo(
397 pdfium::span<const uint8_t> src_span) {
398 ImageInfo info;
399 if (!JpegLoadInfo(src_span, &info))
400 return absl::nullopt;
401
402 return info;
403}
404
405#if BUILDFLAG(IS_WIN)
406bool JpegModule::JpegEncode(const RetainPtr<const CFX_DIBBase>& pSource,
407 uint8_t** dest_buf,
408 size_t* dest_size) {
409 jpeg_error_mgr jerr;
410 jerr.error_exit = error_do_nothing;
411 jerr.emit_message = error_do_nothing_int;
412 jerr.output_message = error_do_nothing;
413 jerr.format_message = error_do_nothing_char;
414 jerr.reset_error_mgr = error_do_nothing;
415
416 jpeg_compress_struct cinfo;
417 memset(&cinfo, 0, sizeof(cinfo));
418 cinfo.err = &jerr;
419 jpeg_create_compress(&cinfo);
420 int Bpp = pSource->GetBPP() / 8;
421 uint32_t nComponents = Bpp >= 3 ? 3 : 1;
422 uint32_t pitch = pSource->GetPitch();
423 uint32_t width = pdfium::base::checked_cast<uint32_t>(pSource->GetWidth());
424 uint32_t height = pdfium::base::checked_cast<uint32_t>(pSource->GetHeight());
425 FX_SAFE_UINT32 safe_buf_len = width;
426 safe_buf_len *= height;
427 safe_buf_len *= nComponents;
428 safe_buf_len += 1024;
429 if (!safe_buf_len.IsValid())
430 return false;
431
432 uint32_t dest_buf_length = safe_buf_len.ValueOrDie();
433 *dest_buf = FX_TryAlloc(uint8_t, dest_buf_length);
434 const int MIN_TRY_BUF_LEN = 1024;
435 while (!(*dest_buf) && dest_buf_length > MIN_TRY_BUF_LEN) {
436 dest_buf_length >>= 1;
437 *dest_buf = FX_TryAlloc(uint8_t, dest_buf_length);
438 }
439 if (!(*dest_buf))
440 return false;
441
442 jpeg_destination_mgr dest;
443 dest.init_destination = dest_do_nothing;
444 dest.term_destination = dest_do_nothing;
445 dest.empty_output_buffer = dest_empty;
446 dest.next_output_byte = *dest_buf;
447 dest.free_in_buffer = dest_buf_length;
448 cinfo.dest = &dest;
449 cinfo.image_width = width;
450 cinfo.image_height = height;
451 cinfo.input_components = nComponents;
452 if (nComponents == 1) {
453 cinfo.in_color_space = JCS_GRAYSCALE;
454 } else if (nComponents == 3) {
455 cinfo.in_color_space = JCS_RGB;
456 } else {
457 cinfo.in_color_space = JCS_CMYK;
458 }
459 uint8_t* line_buf = nullptr;
460 if (nComponents > 1)
461 line_buf = FX_Alloc2D(uint8_t, width, nComponents);
462
463 jpeg_set_defaults(&cinfo);
464 jpeg_start_compress(&cinfo, TRUE);
465 JSAMPROW row_pointer[1];
466 JDIMENSION row;
467 while (cinfo.next_scanline < cinfo.image_height) {
468 pdfium::span<const uint8_t> src_scan =
469 pSource->GetScanline(cinfo.next_scanline);
470 if (nComponents > 1) {
471 uint8_t* dest_scan = line_buf;
472 if (nComponents == 3) {
473 for (uint32_t i = 0; i < width; i++) {
474 ReverseCopy3Bytes(dest_scan, src_scan.data());
475 dest_scan += 3;
476 src_scan = src_scan.subspan(Bpp);
477 }
478 } else {
479 for (uint32_t i = 0; i < pitch; i++) {
480 *dest_scan++ = ~src_scan.front();
481 src_scan = src_scan.subspan(1);
482 }
483 }
484 row_pointer[0] = line_buf;
485 } else {
486 row_pointer[0] = const_cast<uint8_t*>(src_scan.data());
487 }
488 row = cinfo.next_scanline;
489 jpeg_write_scanlines(&cinfo, row_pointer, 1);
490 if (cinfo.next_scanline == row) {
491 constexpr size_t kJpegBlockSize = 1048576;
492 *dest_buf =
493 FX_Realloc(uint8_t, *dest_buf, dest_buf_length + kJpegBlockSize);
494 dest.next_output_byte = *dest_buf + dest_buf_length - dest.free_in_buffer;
495 dest_buf_length += kJpegBlockSize;
496 dest.free_in_buffer += kJpegBlockSize;
497 }
498 }
499 jpeg_finish_compress(&cinfo);
500 jpeg_destroy_compress(&cinfo);
501 FX_Free(line_buf);
502 *dest_size = dest_buf_length - static_cast<size_t>(dest.free_in_buffer);
503
504 return true;
505}
506#endif // BUILDFLAG(IS_WIN)
507
508} // namespace fxcodec
src_skip_data
static void src_skip_data(jpeg_decompress_struct *cinfo, long num)
Definition jpegmodule.cpp:45
JpegScanSOI
static pdfium::span< const uint8_t > JpegScanSOI(pdfium::span< const uint8_t > src_span)
Definition jpegmodule.cpp:28
JpegLoadInfo
static bool JpegLoadInfo(pdfium::span< const uint8_t > src_span, JpegModule::ImageInfo *pInfo)
Definition jpegmodule.cpp:63
error_fatal
static void error_fatal(j_common_ptr cinfo)
Definition jpegmodule.cpp:41