/src/libjxl/lib/jxl/box_content_decoder.cc

Source
// Copyright (c) the JPEG XL Project Authors. All rights reserved.
//
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.

#include "lib/jxl/box_content_decoder.h"

#include <brotli/decode.h>
#include <jxl/decode.h>

#include <algorithm>
#include <cstddef>
#include <cstdint>
#include <cstring>

#include "lib/jxl/base/sanitizers.h"

namespace jxl {

JxlBoxContentDecoder::JxlBoxContentDecoder() = default;

JxlBoxContentDecoder::~JxlBoxContentDecoder() {
  if (brotli_dec) {
    BrotliDecoderDestroyInstance(brotli_dec);
  }
}

void JxlBoxContentDecoder::StartBox(bool brob_decode, bool box_until_eof,
                                    size_t contents_size) {
  if (brotli_dec) {
    BrotliDecoderDestroyInstance(brotli_dec);
    brotli_dec = nullptr;
  }
  header_done_ = false;
  brob_decode_ = brob_decode;
  box_until_eof_ = box_until_eof;
  remaining_ = box_until_eof ? 0 : contents_size;
  pos_ = 0;
}

JxlDecoderStatus JxlBoxContentDecoder::Process(const uint8_t* next_in,
                                               size_t avail_in, size_t box_pos,
                                               uint8_t** next_out,
                                               size_t* avail_out) {
  // The caller provides `box_pos` as the current position (in bytes) within
  // the box contents corresponding to `next_in`. Our internal `pos_` tracks
  // how many bytes of box contents have been consumed/processed so far.
  // If `box_pos` ever exceeds `pos_`, adjusting by `pos_ - box_pos` would
  // underflow and cause out-of-bounds reads.
  if (box_pos > pos_) return JXL_DEC_ERROR;
  const size_t offset = pos_ - box_pos;
  if (offset > avail_in) return JXL_DEC_ERROR;
  next_in += offset;
  avail_in -= offset;

  if (brob_decode_) {
    if (!header_done_) {
      if (avail_in < 4) return JXL_DEC_NEED_MORE_INPUT;
      if (!box_until_eof_) {
        if (remaining_ < 4) return JXL_DEC_ERROR;
        remaining_ -= 4;
      }
      next_in += 4;
      avail_in -= 4;
      pos_ += 4;
      header_done_ = true;
    }

    if (!brotli_dec) {
      brotli_dec = BrotliDecoderCreateInstance(nullptr, nullptr, nullptr);
    }

    const uint8_t* next_in_before = next_in;
    uint8_t* next_out_before = *next_out;
    msan::MemoryIsInitialized(next_in, avail_in);
    BrotliDecoderResult res = BrotliDecoderDecompressStream(
        brotli_dec, &avail_in, &next_in, avail_out, next_out, nullptr);
    size_t consumed = next_in - next_in_before;
    size_t produced = *next_out - next_out_before;
    if (res == BROTLI_DECODER_RESULT_ERROR) {
      return JXL_DEC_ERROR;
    }
    msan::UnpoisonMemory(next_out_before, produced);
    pos_ += consumed;
    if (!box_until_eof_) remaining_ -= consumed;
    if (res == BROTLI_DECODER_RESULT_NEEDS_MORE_INPUT) {
      return JXL_DEC_NEED_MORE_INPUT;
    }
    if (res == BROTLI_DECODER_RESULT_NEEDS_MORE_OUTPUT) {
      return JXL_DEC_BOX_NEED_MORE_OUTPUT;
    }
    if (res == BROTLI_DECODER_RESULT_SUCCESS) {
      return JXL_DEC_BOX_COMPLETE;
    }
    // unknown Brotli result
    return JXL_DEC_ERROR;
  } else {
    // remaining box bytes as seen from dec->file_pos
    size_t can_read = avail_in;
    if (!box_until_eof_) can_read = std::min<size_t>(can_read, remaining_);
    size_t to_write = std::min<size_t>(can_read, *avail_out);
    memcpy(*next_out, next_in, to_write);

    *next_out += to_write;
    *avail_out -= to_write;
    if (!box_until_eof_) remaining_ -= to_write;
    pos_ += to_write;

    if (to_write < can_read) return JXL_DEC_BOX_NEED_MORE_OUTPUT;

    if (!box_until_eof_ && remaining_ > 0) return JXL_DEC_NEED_MORE_INPUT;

    return JXL_DEC_BOX_COMPLETE;
  }
}

}  // namespace jxl

Line	Count	Source
1		// Copyright (c) the JPEG XL Project Authors. All rights reserved.
2		//
3		// Use of this source code is governed by a BSD-style
4		// license that can be found in the LICENSE file.
5
6		#include "lib/jxl/box_content_decoder.h"
7
8		#include <brotli/decode.h>
9		#include <jxl/decode.h>
10
11		#include <algorithm>
12		#include <cstddef>
13		#include <cstdint>
14		#include <cstring>
15
16		#include "lib/jxl/base/sanitizers.h"
17
18		namespace jxl {
19
20	2.45k	JxlBoxContentDecoder::JxlBoxContentDecoder() = default;
21
22	2.45k	JxlBoxContentDecoder::~JxlBoxContentDecoder() {
23	2.45k	if (brotli_dec) {
24	25	BrotliDecoderDestroyInstance(brotli_dec);
25	25	}
26	2.45k	}
27
28		void JxlBoxContentDecoder::StartBox(bool brob_decode, bool box_until_eof,
29	13.4k	size_t contents_size) {
30	13.4k	if (brotli_dec) {
31	78	BrotliDecoderDestroyInstance(brotli_dec);
32	78	brotli_dec = nullptr;
33	78	}
34	13.4k	header_done_ = false;
35	13.4k	brob_decode_ = brob_decode;
36	13.4k	box_until_eof_ = box_until_eof;
37	13.4k	remaining_ = box_until_eof ? 0 : contents_size;
38	13.4k	pos_ = 0;
39	13.4k	}
40
41		JxlDecoderStatus JxlBoxContentDecoder::Process(const uint8_t* next_in,
42		size_t avail_in, size_t box_pos,
43		uint8_t** next_out,
44	3.34k	size_t* avail_out) {
45		// The caller provides `box_pos` as the current position (in bytes) within
46		// the box contents corresponding to `next_in`. Our internal `pos_` tracks
47		// how many bytes of box contents have been consumed/processed so far.
48		// If `box_pos` ever exceeds `pos_`, adjusting by `pos_ - box_pos` would
49		// underflow and cause out-of-bounds reads.
50	3.34k	if (box_pos > pos_) return JXL_DEC_ERROR;
51	3.34k	const size_t offset = pos_ - box_pos;
52	3.34k	if (offset > avail_in) return JXL_DEC_ERROR;
53	3.34k	next_in += offset;
54	3.34k	avail_in -= offset;
55
56	3.34k	if (brob_decode_) {
57	750	if (!header_done_) {
58	103	if (avail_in < 4) return JXL_DEC_NEED_MORE_INPUT;
59	103	if (!box_until_eof_) {
60	103	if (remaining_ < 4) return JXL_DEC_ERROR;
61	103	remaining_ -= 4;
62	103	}
63	103	next_in += 4;
64	103	avail_in -= 4;
65	103	pos_ += 4;
66	103	header_done_ = true;
67	103	}
68
69	750	if (!brotli_dec) {
70	103	brotli_dec = BrotliDecoderCreateInstance(nullptr, nullptr, nullptr);
71	103	}
72
73	750	const uint8_t* next_in_before = next_in;
74	750	uint8_t* next_out_before = *next_out;
75	750	msan::MemoryIsInitialized(next_in, avail_in);
76	750	BrotliDecoderResult res = BrotliDecoderDecompressStream(
77	750	brotli_dec, &avail_in, &next_in, avail_out, next_out, nullptr);
78	750	size_t consumed = next_in - next_in_before;
79	750	size_t produced = *next_out - next_out_before;
80	750	if (res == BROTLI_DECODER_RESULT_ERROR) {
81	21	return JXL_DEC_ERROR;
82	21	}
83	729	msan::UnpoisonMemory(next_out_before, produced);
84	729	pos_ += consumed;
85	729	if (!box_until_eof_) remaining_ -= consumed;
86	729	if (res == BROTLI_DECODER_RESULT_NEEDS_MORE_INPUT) {
87	56	return JXL_DEC_NEED_MORE_INPUT;
88	56	}
89	673	if (res == BROTLI_DECODER_RESULT_NEEDS_MORE_OUTPUT) {
90	648	return JXL_DEC_BOX_NEED_MORE_OUTPUT;
91	648	}
92	25	if (res == BROTLI_DECODER_RESULT_SUCCESS) {
93	25	return JXL_DEC_BOX_COMPLETE;
94	25	}
95		// unknown Brotli result
96	0	return JXL_DEC_ERROR;
97	2.59k	} else {
98		// remaining box bytes as seen from dec->file_pos
99	2.59k	size_t can_read = avail_in;
100	2.59k	if (!box_until_eof_) can_read = std::min<size_t>(can_read, remaining_);
101	2.59k	size_t to_write = std::min<size_t>(can_read, *avail_out);
102	2.59k	memcpy(*next_out, next_in, to_write);
103
104	2.59k	*next_out += to_write;
105	2.59k	*avail_out -= to_write;
106	2.59k	if (!box_until_eof_) remaining_ -= to_write;
107	2.59k	pos_ += to_write;
108
109	2.59k	if (to_write < can_read) return JXL_DEC_BOX_NEED_MORE_OUTPUT;
110
111	935	if (!box_until_eof_ && remaining_ > 0) return JXL_DEC_NEED_MORE_INPUT;
112
113	935	return JXL_DEC_BOX_COMPLETE;
114	935	}
115	3.34k	}
116
117		} // namespace jxl

Coverage Report

Created: 2026-02-14 07:09