/src/libjxl/lib/jxl/box_content_decoder.cc

Source
// Copyright (c) the JPEG XL Project Authors. All rights reserved.
//
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.

#include "lib/jxl/box_content_decoder.h"

#include <brotli/decode.h>
#include <jxl/decode.h>

#include <algorithm>
#include <cstddef>
#include <cstdint>
#include <cstring>

#include "lib/jxl/base/sanitizers.h"

namespace jxl {

JxlBoxContentDecoder::JxlBoxContentDecoder() = default;

JxlBoxContentDecoder::~JxlBoxContentDecoder() {
  if (brotli_dec) {
    BrotliDecoderDestroyInstance(brotli_dec);
  }
}

void JxlBoxContentDecoder::StartBox(bool brob_decode, bool box_until_eof,
                                    size_t contents_size) {
  if (brotli_dec) {
    BrotliDecoderDestroyInstance(brotli_dec);
    brotli_dec = nullptr;
  }
  header_done_ = false;
  brob_decode_ = brob_decode;
  box_until_eof_ = box_until_eof;
  remaining_ = box_until_eof ? 0 : contents_size;
  pos_ = 0;
}

JxlDecoderStatus JxlBoxContentDecoder::Process(const uint8_t* next_in,
                                               size_t avail_in, size_t box_pos,
                                               uint8_t** next_out,
                                               size_t* avail_out) {
  // The caller provides `box_pos` as the current position (in bytes) within
  // the box contents corresponding to `next_in`. Our internal `pos_` tracks
  // how many bytes of box contents have been consumed/processed so far.
  // If `box_pos` ever exceeds `pos_`, adjusting by `pos_ - box_pos` would
  // underflow and cause out-of-bounds reads.
  if (box_pos > pos_) return JXL_DEC_ERROR;
  const size_t offset = pos_ - box_pos;
  if (offset > avail_in) return JXL_DEC_ERROR;
  next_in += offset;
  avail_in -= offset;

  if (brob_decode_) {
    if (!header_done_) {
      if (avail_in < 4) return JXL_DEC_NEED_MORE_INPUT;
      if (!box_until_eof_) {
        if (remaining_ < 4) return JXL_DEC_ERROR;
        remaining_ -= 4;
      }
      next_in += 4;
      avail_in -= 4;
      pos_ += 4;
      header_done_ = true;
    }

    if (!brotli_dec) {
      brotli_dec = BrotliDecoderCreateInstance(nullptr, nullptr, nullptr);
    }

    const uint8_t* next_in_before = next_in;
    uint8_t* next_out_before = *next_out;
    msan::MemoryIsInitialized(next_in, avail_in);
    BrotliDecoderResult res = BrotliDecoderDecompressStream(
        brotli_dec, &avail_in, &next_in, avail_out, next_out, nullptr);
    size_t consumed = next_in - next_in_before;
    size_t produced = *next_out - next_out_before;
    if (res == BROTLI_DECODER_RESULT_ERROR) {
      return JXL_DEC_ERROR;
    }
    msan::UnpoisonMemory(next_out_before, produced);
    pos_ += consumed;
    if (!box_until_eof_) remaining_ -= consumed;
    if (res == BROTLI_DECODER_RESULT_NEEDS_MORE_INPUT) {
      return JXL_DEC_NEED_MORE_INPUT;
    }
    if (res == BROTLI_DECODER_RESULT_NEEDS_MORE_OUTPUT) {
      return JXL_DEC_BOX_NEED_MORE_OUTPUT;
    }
    if (res == BROTLI_DECODER_RESULT_SUCCESS) {
      return JXL_DEC_BOX_COMPLETE;
    }
    // unknown Brotli result
    return JXL_DEC_ERROR;
  } else {
    // remaining box bytes as seen from dec->file_pos
    size_t can_read = avail_in;
    if (!box_until_eof_) can_read = std::min<size_t>(can_read, remaining_);
    size_t to_write = std::min<size_t>(can_read, *avail_out);
    memcpy(*next_out, next_in, to_write);

    *next_out += to_write;
    *avail_out -= to_write;
    if (!box_until_eof_) remaining_ -= to_write;
    pos_ += to_write;

    if (to_write < can_read) return JXL_DEC_BOX_NEED_MORE_OUTPUT;

    if (!box_until_eof_ && remaining_ > 0) return JXL_DEC_NEED_MORE_INPUT;

    return JXL_DEC_BOX_COMPLETE;
  }
}

}  // namespace jxl

Line	Count	Source
1		// Copyright (c) the JPEG XL Project Authors. All rights reserved.
2		//
3		// Use of this source code is governed by a BSD-style
4		// license that can be found in the LICENSE file.
5
6		#include "lib/jxl/box_content_decoder.h"
7
8		#include <brotli/decode.h>
9		#include <jxl/decode.h>
10
11		#include <algorithm>
12		#include <cstddef>
13		#include <cstdint>
14		#include <cstring>
15
16		#include "lib/jxl/base/sanitizers.h"
17
18		namespace jxl {
19
20	3.17k	JxlBoxContentDecoder::JxlBoxContentDecoder() = default;
21
22	3.17k	JxlBoxContentDecoder::~JxlBoxContentDecoder() {
23	3.17k	if (brotli_dec) {
24	33	BrotliDecoderDestroyInstance(brotli_dec);
25	33	}
26	3.17k	}
27
28		void JxlBoxContentDecoder::StartBox(bool brob_decode, bool box_until_eof,
29	12.8k	size_t contents_size) {
30	12.8k	if (brotli_dec) {
31	87	BrotliDecoderDestroyInstance(brotli_dec);
32	87	brotli_dec = nullptr;
33	87	}
34	12.8k	header_done_ = false;
35	12.8k	brob_decode_ = brob_decode;
36	12.8k	box_until_eof_ = box_until_eof;
37	12.8k	remaining_ = box_until_eof ? 0 : contents_size;
38	12.8k	pos_ = 0;
39	12.8k	}
40
41		JxlDecoderStatus JxlBoxContentDecoder::Process(const uint8_t* next_in,
42		size_t avail_in, size_t box_pos,
43		uint8_t** next_out,
44	8.64k	size_t* avail_out) {
45		// The caller provides `box_pos` as the current position (in bytes) within
46		// the box contents corresponding to `next_in`. Our internal `pos_` tracks
47		// how many bytes of box contents have been consumed/processed so far.
48		// If `box_pos` ever exceeds `pos_`, adjusting by `pos_ - box_pos` would
49		// underflow and cause out-of-bounds reads.
50	8.64k	if (box_pos > pos_) return JXL_DEC_ERROR;
51	8.64k	const size_t offset = pos_ - box_pos;
52	8.64k	if (offset > avail_in) return JXL_DEC_ERROR;
53	8.64k	next_in += offset;
54	8.64k	avail_in -= offset;
55
56	8.64k	if (brob_decode_) {
57	5.05k	if (!header_done_) {
58	120	if (avail_in < 4) return JXL_DEC_NEED_MORE_INPUT;
59	120	if (!box_until_eof_) {
60	120	if (remaining_ < 4) return JXL_DEC_ERROR;
61	120	remaining_ -= 4;
62	120	}
63	120	next_in += 4;
64	120	avail_in -= 4;
65	120	pos_ += 4;
66	120	header_done_ = true;
67	120	}
68
69	5.05k	if (!brotli_dec) {
70	120	brotli_dec = BrotliDecoderCreateInstance(nullptr, nullptr, nullptr);
71	120	}
72
73	5.05k	const uint8_t* next_in_before = next_in;
74	5.05k	uint8_t* next_out_before = *next_out;
75	5.05k	msan::MemoryIsInitialized(next_in, avail_in);
76	5.05k	BrotliDecoderResult res = BrotliDecoderDecompressStream(
77	5.05k	brotli_dec, &avail_in, &next_in, avail_out, next_out, nullptr);
78	5.05k	size_t consumed = next_in - next_in_before;
79	5.05k	size_t produced = *next_out - next_out_before;
80	5.05k	if (res == BROTLI_DECODER_RESULT_ERROR) {
81	28	return JXL_DEC_ERROR;
82	28	}
83	5.02k	msan::UnpoisonMemory(next_out_before, produced);
84	5.02k	pos_ += consumed;
85	5.02k	if (!box_until_eof_) remaining_ -= consumed;
86	5.02k	if (res == BROTLI_DECODER_RESULT_NEEDS_MORE_INPUT) {
87	64	return JXL_DEC_NEED_MORE_INPUT;
88	64	}
89	4.96k	if (res == BROTLI_DECODER_RESULT_NEEDS_MORE_OUTPUT) {
90	4.93k	return JXL_DEC_BOX_NEED_MORE_OUTPUT;
91	4.93k	}
92	28	if (res == BROTLI_DECODER_RESULT_SUCCESS) {
93	28	return JXL_DEC_BOX_COMPLETE;
94	28	}
95		// unknown Brotli result
96	0	return JXL_DEC_ERROR;
97	3.59k	} else {
98		// remaining box bytes as seen from dec->file_pos
99	3.59k	size_t can_read = avail_in;
100	3.59k	if (!box_until_eof_) can_read = std::min<size_t>(can_read, remaining_);
101	3.59k	size_t to_write = std::min<size_t>(can_read, *avail_out);
102	3.59k	memcpy(*next_out, next_in, to_write);
103
104	3.59k	*next_out += to_write;
105	3.59k	*avail_out -= to_write;
106	3.59k	if (!box_until_eof_) remaining_ -= to_write;
107	3.59k	pos_ += to_write;
108
109	3.59k	if (to_write < can_read) return JXL_DEC_BOX_NEED_MORE_OUTPUT;
110
111	1.12k	if (!box_until_eof_ && remaining_ > 0) return JXL_DEC_NEED_MORE_INPUT;
112
113	1.12k	return JXL_DEC_BOX_COMPLETE;
114	1.12k	}
115	8.64k	}
116
117		} // namespace jxl

Coverage Report

Created: 2026-04-01 07:24