diff --git a/src/dec/idec.c b/src/dec/idec.c index 1879bed4..2998ec1c 100644 --- a/src/dec/idec.c +++ b/src/dec/idec.c @@ -20,8 +20,6 @@ extern "C" { #endif -#define RIFF_HEADER_SIZE 12 -#define VP8_HEADER_SIZE 10 #define CHUNK_SIZE 4096 #define MAX_MB_SIZE 4096 @@ -30,14 +28,20 @@ extern "C" { // Decoding states. State normally flows like HEADER->PARTS0->DATA->DONE. // If there is any error the decoder goes into state ERROR. -typedef enum { STATE_HEADER = 0, STATE_PARTS0 = 1, - STATE_DATA = 2, STATE_DONE = 3, - STATE_ERROR = 4 +typedef enum { + STATE_PRE_VP8, // All data before that of the first VP8 chunk. + STATE_VP8_FRAME_HEADER, // For VP8 Frame header (within VP8 chunk). + STATE_VP8_PARTS0, + STATE_VP8_DATA, + STATE_DONE, + STATE_ERROR } DecState; // Operating state for the MemBuffer -typedef enum { MEM_MODE_NONE = 0, - MEM_MODE_APPEND, MEM_MODE_MAP +typedef enum { + MEM_MODE_NONE = 0, + MEM_MODE_APPEND, + MEM_MODE_MAP } MemBufferMode; // storage for partition #0 and partial data (in a rolling fashion) @@ -60,6 +64,7 @@ struct WebPIDecoder { MemBuffer mem_; // input memory buffer. WebPDecBuffer output_; // output buffer (when no external one is supplied) + uint32_t vp8_size_; // VP8 size extracted from VP8 Header. }; // MB context to restore in case VP8DecodeMB() fails @@ -228,7 +233,7 @@ static void RestoreContext(const MBContext* context, VP8Decoder* const dec, //------------------------------------------------------------------------------ static VP8StatusCode IDecError(WebPIDecoder* idec, VP8StatusCode error) { - if (idec->state_ == STATE_DATA) { + if (idec->state_ == STATE_VP8_DATA) { VP8Io* const io = &idec->io_; if (io->teardown) { io->teardown(io); @@ -238,59 +243,52 @@ static VP8StatusCode IDecError(WebPIDecoder* idec, VP8StatusCode error) { return error; } -// Header -static VP8StatusCode DecodeHeader(WebPIDecoder* const idec) { - uint32_t riff_header_size, bits; +static void ChangeState(WebPIDecoder* idec, DecState new_state, + uint32_t consumed_bytes) { + idec->state_ = new_state; + idec->mem_.start_ += consumed_bytes; + assert(idec->mem_.start_ <= idec->mem_.end_); +} + +// Headers +static VP8StatusCode DecodeWebPHeaders(WebPIDecoder* const idec) { const uint8_t* data = idec->mem_.buf_ + idec->mem_.start_; uint32_t curr_size = MemDataSize(&idec->mem_); - uint32_t chunk_size; - uint32_t riff_size; - int is_vp8x_chunk = 0; - int is_vp8_chunk = 0; + uint32_t vp8_size; + uint32_t bytes_skipped; + VP8StatusCode status; - if (curr_size < RIFF_HEADER_SIZE) { + status = WebPParseHeaders(&data, &curr_size, &vp8_size, &bytes_skipped); + if (status == VP8_STATUS_NOT_ENOUGH_DATA) { + return VP8_STATUS_SUSPENDED; // We haven't found a VP8 chunk yet. + } else if (status == VP8_STATUS_OK) { + idec->vp8_size_ = vp8_size; + ChangeState(idec, STATE_VP8_FRAME_HEADER, bytes_skipped); + return VP8_STATUS_OK; // We have skipped all pre-VP8 chunks. + } else { + return IDecError(idec, status); + } +} + +static VP8StatusCode DecodeVP8FrameHeader(WebPIDecoder* const idec) { + const uint8_t* data = idec->mem_.buf_ + idec->mem_.start_; + uint32_t curr_size = MemDataSize(&idec->mem_); + uint32_t bits; + + if (curr_size < VP8_FRAME_HEADER_SIZE) { + // Not enough data bytes to extract VP8 Frame Header. return VP8_STATUS_SUSPENDED; } - - if (!WebPCheckAndSkipRIFFHeader(&data, &curr_size, &riff_size)) { - return IDecError(idec, VP8_STATUS_BITSTREAM_ERROR); // Wrong RIFF Header. - } - - if (!VP8XGetInfo(&data, &curr_size, &is_vp8x_chunk, NULL, NULL, NULL)) { - return IDecError(idec, VP8_STATUS_BITSTREAM_ERROR); // Wrong VP8X Chunk. - } - - if (is_vp8x_chunk == -1) { - return VP8_STATUS_SUSPENDED; // Not enough data bytes to process chunk. - } - - if (!VP8CheckAndSkipHeader(&data, &curr_size, &is_vp8_chunk, &chunk_size, - riff_size)) { - return IDecError(idec, VP8_STATUS_BITSTREAM_ERROR); // Invalid VP8 header. - } - - if ((is_vp8_chunk == -1) && (chunk_size == 0)){ - return VP8_STATUS_SUSPENDED; // Not enough data bytes to extract chunk_size - } - - if (curr_size < VP8_HEADER_SIZE) { - return VP8_STATUS_SUSPENDED; // Not enough data bytes to extract VP8 Header - } - - if (!VP8GetInfo(data, curr_size, chunk_size, NULL, NULL, NULL)) { + if (!VP8GetInfo(data, curr_size, idec->vp8_size_, NULL, NULL, NULL)) { return IDecError(idec, VP8_STATUS_BITSTREAM_ERROR); } - riff_header_size = idec->mem_.end_ - curr_size; bits = data[0] | (data[1] << 8) | (data[2] << 16); + idec->mem_.part0_size_ = (bits >> 5) + VP8_FRAME_HEADER_SIZE; - idec->mem_.part0_size_ = (bits >> 5) + VP8_HEADER_SIZE; - idec->mem_.start_ += riff_header_size; - assert(idec->mem_.start_ <= idec->mem_.end_); - - idec->io_.data_size -= riff_header_size; + idec->io_.data_size = curr_size; idec->io_.data = data; - idec->state_ = STATE_PARTS0; + idec->state_ = STATE_VP8_PARTS0; return VP8_STATUS_OK; } @@ -358,7 +356,7 @@ static VP8StatusCode DecodePartition0(WebPIDecoder* const idec) { // Note: past this point, teardown() must always be called // in case of error. - idec->state_ = STATE_DATA; + idec->state_ = STATE_VP8_DATA; // Allocate memory and prepare everything. if (!VP8InitFrame(dec, io)) { return IDecError(idec, dec->status_); @@ -422,13 +420,16 @@ static VP8StatusCode IDecode(WebPIDecoder* idec) { VP8StatusCode status = VP8_STATUS_SUSPENDED; assert(idec->dec_); - if (idec->state_ == STATE_HEADER) { - status = DecodeHeader(idec); + if (idec->state_ == STATE_PRE_VP8) { + status = DecodeWebPHeaders(idec); } - if (idec->state_ == STATE_PARTS0) { + if (idec->state_ == STATE_VP8_FRAME_HEADER) { + status = DecodeVP8FrameHeader(idec); + } + if (idec->state_ == STATE_VP8_PARTS0) { status = DecodePartition0(idec); } - if (idec->state_ == STATE_DATA) { + if (idec->state_ == STATE_VP8_DATA) { status = DecodeRemaining(idec); } return status; @@ -449,7 +450,7 @@ WebPIDecoder* WebPINewDecoder(WebPDecBuffer* const output_buffer) { return NULL; } - idec->state_ = STATE_HEADER; + idec->state_ = STATE_PRE_VP8; InitMemBuffer(&idec->mem_); WebPInitDecBuffer(&idec->output_); @@ -465,6 +466,7 @@ WebPIDecoder* WebPINewDecoder(WebPDecBuffer* const output_buffer) { #else idec->dec_->use_threads_ = 0; #endif + idec->vp8_size_ = 0; return idec; } @@ -603,7 +605,7 @@ VP8StatusCode WebPIUpdate(WebPIDecoder* const idec, const uint8_t* data, //------------------------------------------------------------------------------ static const WebPDecBuffer* GetOutputBuffer(const WebPIDecoder* const idec) { - if (!idec || !idec->dec_ || idec->state_ <= STATE_PARTS0) { + if (!idec || !idec->dec_ || idec->state_ <= STATE_VP8_PARTS0) { return NULL; } return idec->params_.output; @@ -667,7 +669,7 @@ int WebPISetIOHooks(WebPIDecoder* const idec, VP8IoSetupHook setup, VP8IoTeardownHook teardown, void* user_data) { - if (!idec || !idec->dec_ || idec->state_ > STATE_HEADER) { + if (!idec || !idec->dec_ || idec->state_ > STATE_PRE_VP8) { return 0; } diff --git a/src/dec/vp8.c b/src/dec/vp8.c index 0d944777..2d73d939 100644 --- a/src/dec/vp8.c +++ b/src/dec/vp8.c @@ -17,9 +17,6 @@ extern "C" { #endif -#define RIFF_HEADER_SIZE 12 -#define VP8X_HEADER_SIZE 20 - //------------------------------------------------------------------------------ int WebPGetDecoderVersion(void) { @@ -81,39 +78,6 @@ int VP8SetError(VP8Decoder* const dec, //------------------------------------------------------------------------------ -static inline uint32_t get_le32(const uint8_t* const data) { - return data[0] | (data[1] << 8) | (data[2] << 16) | (data[3] << 24); -} - -int VP8CheckAndSkipHeader(const uint8_t** data_ptr, uint32_t* data_size_ptr, - int* is_vp8_chunk, uint32_t* chunk_size, - uint32_t riff_size) { - if (!data_ptr || !data_size_ptr || !is_vp8_chunk || !chunk_size) { - return 0; // Invalid Args. - } - - if (*data_size_ptr >= 8) { - if (!memcmp(*data_ptr, "VP8 ", 4)) { - *is_vp8_chunk = 1; - *chunk_size = get_le32(*data_ptr + 4); - if ((riff_size >= RIFF_HEADER_SIZE) && - (*chunk_size > riff_size - RIFF_HEADER_SIZE)) { - return 0; // Inconsistent size information. - } - // We have consumed 8 bytes from VP8 Header. Skip it. - *data_ptr += 8; - *data_size_ptr -= 8; - } else { - *is_vp8_chunk = 0; - *chunk_size = 0; - } - } else { - *is_vp8_chunk = -1; // Insufficient data. - *chunk_size = 0; - } - return 1; -} - int VP8GetInfo(const uint8_t* data, uint32_t data_size, uint32_t chunk_size, int* width, int* height, int* has_alpha) { if (data_size < 10) { @@ -161,40 +125,6 @@ int VP8GetInfo(const uint8_t* data, uint32_t data_size, uint32_t chunk_size, } } -int VP8XGetInfo(const uint8_t** data_ptr, uint32_t* data_size_ptr, - int* is_vp8x_chunk, int* width, int* height, uint32_t* flags) { - if (!data_ptr || !data_size_ptr || !is_vp8x_chunk) { - return 0; // Invalid Args. - } - - if (*data_size_ptr >= VP8X_HEADER_SIZE) { - if (!memcmp(*data_ptr, "VP8X", 4)) { - const uint32_t chunk_size = get_le32(*data_ptr + 4); - *is_vp8x_chunk = 1; - if (chunk_size != (VP8X_HEADER_SIZE - 8)) { - return 0; // Wrong chunk size. - } - if (flags) { - *flags = get_le32(*data_ptr + 8); - } - if (width) { - *width = get_le32(*data_ptr + 12); - } - if (height) { - *height = get_le32(*data_ptr + 16); - } - // We have consumed 20 bytes from VP8X Header. Skip it. - *data_ptr += VP8X_HEADER_SIZE; - *data_size_ptr -= VP8X_HEADER_SIZE; - } else { - *is_vp8x_chunk = 0; - } - } else { - *is_vp8x_chunk = -1; // Insufficient data. - } - return 1; -} - //------------------------------------------------------------------------------ // Header parsing @@ -319,10 +249,8 @@ static int ParseFilterHeader(VP8BitReader* br, VP8Decoder* const dec) { int VP8GetHeaders(VP8Decoder* const dec, VP8Io* const io) { const uint8_t* buf; uint32_t buf_size; - uint32_t riff_size; - uint32_t chunk_size; - int is_vp8x_chunk = 0; - int is_vp8_chunk = 0; + uint32_t vp8_chunk_size; + uint32_t bytes_skipped; VP8FrameHeader* frm_hdr; VP8PictureHeader* pic_hdr; VP8BitReader* br; @@ -339,36 +267,17 @@ int VP8GetHeaders(VP8Decoder* const dec, VP8Io* const io) { buf = (uint8_t*)io->data; buf_size = io->data_size; - if (buf == NULL || buf_size <= 4) { - return VP8SetError(dec, VP8_STATUS_NOT_ENOUGH_DATA, - "Not enough data to parse frame header"); - } - - // Skip over valid RIFF headers. - if (!WebPCheckAndSkipRIFFHeader(&buf, &buf_size, &riff_size)) { - return VP8SetError(dec, VP8_STATUS_BITSTREAM_ERROR, - "RIFF: Invalid RIFF container"); - } - - if (!VP8XGetInfo(&buf, &buf_size, &is_vp8x_chunk, NULL, NULL, NULL)) { - return VP8SetError(dec, VP8_STATUS_BITSTREAM_ERROR, - "RIFF: Invalid VP8X container"); - } - - if (!VP8CheckAndSkipHeader(&buf, &buf_size, &is_vp8_chunk, &chunk_size, - riff_size)) { - return VP8SetError(dec, VP8_STATUS_BITSTREAM_ERROR, - "RIFF: Inconsistent size information."); - } - - if (is_vp8_chunk == -1) { - return VP8SetError(dec, VP8_STATUS_BITSTREAM_ERROR, - "Not enough data to parse frame header."); + + // Process Pre-VP8 chunks. + status = WebPParseHeaders(&buf, &buf_size, &vp8_chunk_size, &bytes_skipped); + if (status != VP8_STATUS_OK) { + return VP8SetError(dec, status, "Incorrect/incomplete header."); } + // Process the VP8 frame header. if (buf_size < 4) { return VP8SetError(dec, VP8_STATUS_NOT_ENOUGH_DATA, - "RIFF: Truncated header."); + "Truncated header."); } // Paragraph 9.1 diff --git a/src/dec/vp8i.h b/src/dec/vp8i.h index 0bc2c0a2..2cbdef22 100644 --- a/src/dec/vp8i.h +++ b/src/dec/vp8i.h @@ -288,19 +288,6 @@ struct VP8Decoder { int VP8SetError(VP8Decoder* const dec, VP8StatusCode error, const char * const msg); -// Validates the VP8 Header and skip over it. -// Returns 0 for invalid (chunk_size greater than riff_size) VP8 header. -// Else return 1. -// is_vp8_chunk is set to: -// 0, in case data bytes don't correspond to VP8 chunk. -// 1, in case data bytes correspond to VP8 chunk. -// -1, in case not enough bytes (partial VP8 chunk) are passed. -// chunk_size is set to the chunk size extracted from the VP8 chunk header. For -// partial VP8 chunk, chunk_size is set to 0. -int VP8CheckAndSkipHeader(const uint8_t** data_ptr, uint32_t* data_size_ptr, - int* is_vp8_chunk, uint32_t* chunk_size, - uint32_t riff_size); - // Validates the VP8 data-header and retrieve basic header information viz width // and height. Returns 0 in case of formatting error. *width/*height/*has_alpha // can be passed NULL. @@ -309,17 +296,6 @@ int VP8GetInfo(const uint8_t* data, uint32_t chunk_size, // total data size expect in the chunk int *width, int *height, int *has_alpha); -// Validates the VP8X Header and skip over it. -// Returns 0 for invalid VP8X header. Else return 1. -// is_vp8x_chunk is set to: -// 0, in case data bytes doesn't correspond to VP8X chunk. -// 1, in case data bytes correspond to VP8X chunk. -// -1, in case not enough bytes (partial VP8X chunk) are passed. -// Width, Height & Flags are set to the corresponding fields extracted from the -// VP8X chunk. -int VP8XGetInfo(const uint8_t** data_ptr, uint32_t* data_size_ptr, - int* is_vp8x_chunk, int* width, int* height, uint32_t* flags); - // in tree.c void VP8ResetProba(VP8Proba* const proba); void VP8ParseProba(VP8BitReader* const br, VP8Decoder* const dec); diff --git a/src/dec/webp.c b/src/dec/webp.c index 841cc4d1..aeb5314e 100644 --- a/src/dec/webp.c +++ b/src/dec/webp.c @@ -17,8 +17,6 @@ extern "C" { #endif -#define RIFF_HEADER_SIZE 12 - //------------------------------------------------------------------------------ // RIFF layout is: // 0ffset tag @@ -31,7 +29,7 @@ extern "C" { // 20.... the VP8 bytes // Or, // 12..15 "VP8X": 4-bytes tags, describing the extended-VP8 chunk. -// 16..19 size of the VP8X chunk starting at offset 8. +// 16..19 size of the VP8X chunk starting at offset 20. // 20..23 VP8X flags bit-map corresponding to the chunk-types present. // 24..27 Width of the Canvas Image. // 28..31 Height of the Canvas Image. @@ -44,25 +42,208 @@ static inline uint32_t get_le32(const uint8_t* const data) { return data[0] | (data[1] << 8) | (data[2] << 16) | (data[3] << 24); } -uint32_t WebPCheckAndSkipRIFFHeader(const uint8_t** data_ptr, - uint32_t* data_size_ptr, - uint32_t* riff_size) { - if (*data_size_ptr >= RIFF_HEADER_SIZE && !memcmp(*data_ptr, "RIFF", 4)) { - if (memcmp(*data_ptr + 8, "WEBP", 4)) { - return 0; // Wrong image file signature. +VP8StatusCode WebPParseRIFF(const uint8_t** data, uint32_t* data_size, + uint32_t* riff_size) { + assert(data); + assert(data_size); + assert(riff_size); + + if (*data_size >= RIFF_HEADER_SIZE && + !memcmp(*data, "RIFF", TAG_SIZE)) { + if (memcmp(*data + 8, "WEBP", TAG_SIZE)) { + return VP8_STATUS_BITSTREAM_ERROR; // Wrong image file signature. } else { - *riff_size = get_le32(*data_ptr + 4); - if (*riff_size < RIFF_HEADER_SIZE) { - return 0; // We should have at least one chunk. + *riff_size = get_le32(*data + TAG_SIZE); + // Check that we have at least one chunk (i.e "WEBP" + "VP8?nnnn"). + if (*riff_size < TAG_SIZE + CHUNK_HEADER_SIZE) { + return VP8_STATUS_BITSTREAM_ERROR; } // We have a RIFF container. Skip it. - *data_ptr += RIFF_HEADER_SIZE; - *data_size_ptr -= RIFF_HEADER_SIZE; + *data += RIFF_HEADER_SIZE; + *data_size -= RIFF_HEADER_SIZE; } } else { *riff_size = 0; // Did not get full RIFF Header. } - return 1; + return VP8_STATUS_OK; +} + +VP8StatusCode WebPParseVP8X(const uint8_t** data, uint32_t* data_size, + uint32_t* bytes_skipped, + int* width, int* height, uint32_t* flags) { + assert(data); + assert(data_size); + assert(bytes_skipped); + + *bytes_skipped = 0; + + if (*data_size < CHUNK_HEADER_SIZE + VP8X_CHUNK_SIZE) { + return VP8_STATUS_NOT_ENOUGH_DATA; // Insufficient data. + } + + if (!memcmp(*data, "VP8X", TAG_SIZE)) { + const uint32_t chunk_size = get_le32(*data + TAG_SIZE); + if (chunk_size != VP8X_CHUNK_SIZE) { + return VP8_STATUS_BITSTREAM_ERROR; // Wrong chunk size. + } + if (flags) { + *flags = get_le32(*data + 8); + } + if (width) { + *width = get_le32(*data + 12); + } + if (height) { + *height = get_le32(*data + 16); + } + // We have consumed 20 bytes from VP8X. Skip them. + *bytes_skipped = CHUNK_HEADER_SIZE + VP8X_CHUNK_SIZE; + *data += *bytes_skipped; + *data_size -= *bytes_skipped; + } + return VP8_STATUS_OK; +} + +VP8StatusCode WebPParseOptionalChunks(const uint8_t** data, uint32_t* data_size, + uint32_t riff_size, + uint32_t* bytes_skipped) { + const uint8_t* buf; + uint32_t buf_size; + + assert(data); + assert(data_size); + assert(bytes_skipped); + + buf = *data; + buf_size = *data_size; + *bytes_skipped = 0; + + while (1) { + uint32_t chunk_size; + uint32_t cur_skip_size; + const uint32_t bytes_skipped_header = TAG_SIZE + // "WEBP". + CHUNK_HEADER_SIZE + // "VP8Xnnnn". + VP8X_CHUNK_SIZE; // Data. + *data = buf; + *data_size = buf_size; + + if (buf_size < CHUNK_HEADER_SIZE) { // Insufficient data. + return VP8_STATUS_NOT_ENOUGH_DATA; + } + + chunk_size = get_le32(buf + TAG_SIZE); + cur_skip_size = CHUNK_HEADER_SIZE + chunk_size; + + // Check that total bytes skipped along with current chunk size + // does not exceed riff_size. + if (riff_size > 0 && + (bytes_skipped_header + *bytes_skipped + cur_skip_size > riff_size)) { + return VP8_STATUS_BITSTREAM_ERROR; // Not a valid chunk size. + } + + if (buf_size < cur_skip_size) { // Insufficient data. + return VP8_STATUS_NOT_ENOUGH_DATA; + } + + if (!memcmp(buf, "VP8 ", TAG_SIZE)) { // A valid VP8 header. + return VP8_STATUS_OK; // Found. + } + + // We have a full & valid chunk; skip it. + buf += cur_skip_size; + buf_size -= cur_skip_size; + *bytes_skipped += cur_skip_size; + } +} + +VP8StatusCode WebPParseVP8Header(const uint8_t** data, uint32_t* data_size, + uint32_t riff_size, uint32_t* bytes_skipped, + uint32_t* vp8_chunk_size) { + assert(data); + assert(data_size); + assert(bytes_skipped); + assert(vp8_chunk_size); + + *bytes_skipped = 0; + *vp8_chunk_size = 0; + + if (*data_size < CHUNK_HEADER_SIZE) { + return VP8_STATUS_NOT_ENOUGH_DATA; // Insufficient data. + } + + if (!memcmp(*data, "VP8 ", TAG_SIZE)) { + *vp8_chunk_size = get_le32(*data + TAG_SIZE); + if (riff_size >= TAG_SIZE + CHUNK_HEADER_SIZE && // "WEBP" + "VP8 nnnn". + (*vp8_chunk_size > riff_size - (TAG_SIZE + CHUNK_HEADER_SIZE))) { + return VP8_STATUS_BITSTREAM_ERROR; // Inconsistent size information. + } + // We have consumed CHUNK_HEADER_SIZE bytes from VP8 Header. Skip them. + *bytes_skipped = CHUNK_HEADER_SIZE; + *data += *bytes_skipped; + *data_size -= *bytes_skipped; + } + return VP8_STATUS_OK; +} + +VP8StatusCode WebPParseHeaders(const uint8_t** data, uint32_t* data_size, + uint32_t* vp8_size, uint32_t* bytes_skipped) { + const uint8_t* buf; + uint32_t buf_size; + uint32_t riff_size; + uint32_t vp8_size_tmp; + uint32_t optional_data_size; + uint32_t vp8x_skip_size; + uint32_t vp8_skip_size; + VP8StatusCode status; + + assert(data); + assert(data_size); + assert(vp8_size); + assert(bytes_skipped); + + buf = *data; + buf_size = *data_size; + + *vp8_size = 0; + *bytes_skipped = 0; + + if (buf == NULL || buf_size < RIFF_HEADER_SIZE) { + return VP8_STATUS_NOT_ENOUGH_DATA; + } + + // Skip over RIFF header. + if (WebPParseRIFF(&buf, &buf_size, &riff_size) != VP8_STATUS_OK) { + return VP8_STATUS_BITSTREAM_ERROR; // Wrong RIFF Header. + } + + // Skip over VP8x header. + status = WebPParseVP8X(&buf, &buf_size, &vp8x_skip_size, NULL, NULL, NULL); + if (status != VP8_STATUS_OK) { + return status; // Wrong VP8X Chunk / Insufficient data. + } + if (vp8x_skip_size > 0) { + // Skip over optional chunks. + status = WebPParseOptionalChunks(&buf, &buf_size, riff_size, + &optional_data_size); + if (status != VP8_STATUS_OK) { + return status; // Found an invalid chunk size / Insufficient data. + } + } + + // Skip over VP8 chunk header. + status = WebPParseVP8Header(&buf, &buf_size, riff_size, &vp8_skip_size, + &vp8_size_tmp); + if (status != VP8_STATUS_OK) { + return status; // Invalid VP8 header / Insufficient data. + } + if (vp8_skip_size > 0) { + *vp8_size = vp8_size_tmp; + } + + *bytes_skipped = buf - *data; + assert(*bytes_skipped == *data_size - buf_size); + *data = buf; + *data_size = buf_size; + return VP8_STATUS_OK; } //------------------------------------------------------------------------------ @@ -276,56 +457,58 @@ static void DefaultFeatures(WebPBitstreamFeatures* const features) { features->bitstream_version = 0; } -static VP8StatusCode GetFeatures(const uint8_t** data, uint32_t* data_size, +static VP8StatusCode GetFeatures(const uint8_t* data, uint32_t data_size, WebPBitstreamFeatures* const features) { - uint32_t chunk_size = 0; + uint32_t vp8_chunk_size = 0; uint32_t riff_size = 0; uint32_t flags = 0; - int is_vp8x_chunk = 0; - int is_vp8_chunk = 0; + uint32_t vp8x_skip_size = 0; + uint32_t vp8_skip_size = 0; + VP8StatusCode status; if (features == NULL) { return VP8_STATUS_INVALID_PARAM; } DefaultFeatures(features); - if (data == NULL || *data == NULL || data_size == 0) { + if (data == NULL) { return VP8_STATUS_INVALID_PARAM; } - if (!WebPCheckAndSkipRIFFHeader(data, data_size, &riff_size)) { - return VP8_STATUS_BITSTREAM_ERROR; // Wrong RIFF Header. + // Skip over RIFF header. + status = WebPParseRIFF(&data, &data_size, &riff_size); + if (status != VP8_STATUS_OK) { + return status; // Wrong RIFF Header / Insufficient data. } - if (!VP8XGetInfo(data, data_size, &is_vp8x_chunk, - &features->width, &features->height, &flags)) { - return VP8_STATUS_BITSTREAM_ERROR; // Wrong VP8X Chunk-header. + // Skip over VP8x. + status = WebPParseVP8X(&data, &data_size, &vp8x_skip_size, &features->width, + &features->height, &flags); + if (status != VP8_STATUS_OK) { + return status; // Wrong VP8X / insufficient data. + + } + if (vp8x_skip_size > 0) { + return VP8_STATUS_OK; // Return features from VP8x header. } - if (is_vp8x_chunk > 0) { - return VP8_STATUS_OK; + // Skip over VP8 header. + status = WebPParseVP8Header(&data, &data_size, riff_size, &vp8_skip_size, + &vp8_chunk_size); + if (status != VP8_STATUS_OK) { + return status; // Wrong VP8 Chunk-header / insufficient data. } - - if (!VP8CheckAndSkipHeader(data, data_size, &is_vp8_chunk, &chunk_size, - riff_size)) { - return VP8_STATUS_BITSTREAM_ERROR; // Invalid VP8 header. - } - - if (is_vp8_chunk == -1) { - return VP8_STATUS_BITSTREAM_ERROR; // Insufficient data-bytes. - } - - if (!is_vp8_chunk) { - chunk_size = *data_size; // No VP8 chunk wrapper over raw VP8 data. + if (vp8_skip_size == 0) { + vp8_chunk_size = data_size; // No VP8 chunk wrapper over raw VP8 data. } // Validates raw VP8 data. - if (!VP8GetInfo(*data, *data_size, chunk_size, + if (!VP8GetInfo(data, data_size, vp8_chunk_size, &features->width, &features->height, &features->has_alpha)) { return VP8_STATUS_BITSTREAM_ERROR; } - return VP8_STATUS_OK; + return VP8_STATUS_OK; // Return features from VP8 header. } //------------------------------------------------------------------------------ @@ -335,7 +518,7 @@ int WebPGetInfo(const uint8_t* data, uint32_t data_size, int* width, int* height) { WebPBitstreamFeatures features; - if (GetFeatures(&data, &data_size, &features) != VP8_STATUS_OK) { + if (GetFeatures(data, data_size, &features) != VP8_STATUS_OK) { return 0; } @@ -368,14 +551,20 @@ int WebPInitDecoderConfigInternal(WebPDecoderConfig* const config, VP8StatusCode WebPGetFeaturesInternal(const uint8_t* data, uint32_t data_size, WebPBitstreamFeatures* const features, - int version) { + int version) { + VP8StatusCode status; if (version != WEBP_DECODER_ABI_VERSION) { return VP8_STATUS_INVALID_PARAM; // version mismatch } if (features == NULL) { return VP8_STATUS_INVALID_PARAM; } - return GetFeatures(&data, &data_size, features); + + status = GetFeatures(data, data_size, features); + if (status == VP8_STATUS_NOT_ENOUGH_DATA) { + return VP8_STATUS_BITSTREAM_ERROR; // Not enough data treated as error. + } + return status; } VP8StatusCode WebPDecode(const uint8_t* data, uint32_t data_size, @@ -387,8 +576,11 @@ VP8StatusCode WebPDecode(const uint8_t* data, uint32_t data_size, return VP8_STATUS_INVALID_PARAM; } - status = GetFeatures(&data, &data_size, &config->input); + status = GetFeatures(data, data_size, &config->input); if (status != VP8_STATUS_OK) { + if (status == VP8_STATUS_NOT_ENOUGH_DATA) { + return VP8_STATUS_BITSTREAM_ERROR; // Not enough data treated as error. + } return status; } diff --git a/src/dec/webpi.h b/src/dec/webpi.h index b7336ecd..f3ead259 100644 --- a/src/dec/webpi.h +++ b/src/dec/webpi.h @@ -58,15 +58,74 @@ struct WebPDecParams { void WebPResetDecParams(WebPDecParams* const params); //------------------------------------------------------------------------------ -// Misc utils +// Header parsing helpers -// Validates the RIFF container (if detected) and skip over it. -// If a RIFF container is detected, returns 0 for invalid header. Else return 1. +#define TAG_SIZE 4 +#define CHUNK_HEADER_SIZE 8 +#define RIFF_HEADER_SIZE 12 +#define VP8X_CHUNK_SIZE 12 +#define TILE_CHUNK_SIZE 8 +#define FRAME_CHUNK_SIZE 20 +#define LOOP_CHUNK_SIZE 4 +#define VP8_FRAME_HEADER_SIZE 10 // Size of the frame header within VP8 data. + +// Validates the RIFF container (if detected) and skips over it. +// If a RIFF container is detected, +// Returns VP8_STATUS_BITSTREAM_ERROR for invalid header, and +// VP8_STATUS_OK otherwise. // In case there are not enough bytes (partial RIFF container), return 0 for // riff_size. Else return the riff_size extracted from the header. -uint32_t WebPCheckAndSkipRIFFHeader(const uint8_t** data_ptr, - uint32_t* data_size_ptr, - uint32_t* riff_size_ptr); +VP8StatusCode WebPParseRIFF(const uint8_t** data, uint32_t* data_size, + uint32_t* riff_size); + +// Validates the VP8X Header and skips over it. +// Returns VP8_STATUS_BITSTREAM_ERROR for invalid VP8X header, +// VP8_STATUS_NOT_ENOUGH_DATA in case of insufficient data, and +// VP8_STATUS_OK otherwise. +// If a VP8 chunk is found, bytes_skipped is set to the total number of bytes +// that are skipped; also Width, Height & Flags are set to the corresponding +// fields extracted from the VP8X chunk. +VP8StatusCode WebPParseVP8X(const uint8_t** data, uint32_t* data_size, + uint32_t* bytes_skipped, + int* width, int* height, uint32_t* flags); + +// Skips to the next VP8 chunk header in the data given the size of the RIFF +// chunk 'riff_size'. +// Returns VP8_STATUS_BITSTREAM_ERROR if any invalid chunk size is encountered, +// VP8_STATUS_NOT_ENOUGH_DATA in case of insufficient data, and +// VP8_STATUS_OK otherwise. +// If a VP8 chunk is found, bytes_skipped is set to the total number of bytes +// that are skipped. +VP8StatusCode WebPParseOptionalChunks(const uint8_t** data, uint32_t* data_size, + uint32_t riff_size, + uint32_t* bytes_skipped); + +// Validates the VP8 Header ("VP8 nnnn") and skips over it. +// Returns VP8_STATUS_BITSTREAM_ERROR for invalid (vp8_chunk_size greater than +// riff_size) VP8 header, +// VP8_STATUS_NOT_ENOUGH_DATA in case of insufficient data, and +// VP8_STATUS_OK otherwise. +// If a VP8 chunk is found, bytes_skipped is set to the total number of bytes +// that are skipped and vp8_chunk_size is set to the corresponding size +// extracted from the VP8 chunk header. +// For a partial VP8 chunk, vp8_chunk_size is set to 0. +VP8StatusCode WebPParseVP8Header(const uint8_t** data, uint32_t* data_size, + uint32_t riff_size, uint32_t* bytes_skipped, + uint32_t* vp8_chunk_size); + +// Skips over all valid chunks prior to the first VP8 frame header. +// Returns VP8_STATUS_OK on success, +// VP8_STATUS_BITSTREAM_ERROR if an invalid header/chunk is found, and +// VP8_STATUS_NOT_ENOUGH_DATA if case of insufficient data. +// Also, data, data_size, vp8_size & bytes_skipped are updated appropriately +// on success, where +// vp8_size is the size of VP8 chunk data (extracted from VP8 chunk header) and +// bytes_skipped is set to the total number of bytes that are skipped. +VP8StatusCode WebPParseHeaders(const uint8_t** data, uint32_t* data_size, + uint32_t* vp8_size, uint32_t* bytes_skipped); + +//------------------------------------------------------------------------------ +// Misc utils // Initializes VP8Io with custom setup, io and teardown functions. The default // hooks will use the supplied 'params' as io->opaque handle.