/src/libexif/libexif/exif-data.c
Line | Count | Source (jump to first uncovered line) |
1 | | /* exif-data.c |
2 | | * |
3 | | * Copyright (c) 2001 Lutz Mueller <lutz@users.sourceforge.net> |
4 | | * |
5 | | * This library is free software; you can redistribute it and/or |
6 | | * modify it under the terms of the GNU Lesser General Public |
7 | | * License as published by the Free Software Foundation; either |
8 | | * version 2 of the License, or (at your option) any later version. |
9 | | * |
10 | | * This library is distributed in the hope that it will be useful, |
11 | | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
12 | | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
13 | | * Lesser General Public License for more details. |
14 | | * |
15 | | * You should have received a copy of the GNU Lesser General Public |
16 | | * License along with this library; if not, write to the |
17 | | * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, |
18 | | * Boston, MA 02110-1301 USA. |
19 | | * |
20 | | * SPDX-License-Identifier: LGPL-2.0-or-later |
21 | | */ |
22 | | |
23 | | #include <config.h> |
24 | | |
25 | | #include <libexif/exif-mnote-data.h> |
26 | | #include <libexif/exif-data.h> |
27 | | #include <libexif/exif-ifd.h> |
28 | | #include <libexif/exif-mnote-data-priv.h> |
29 | | #include <libexif/exif-utils.h> |
30 | | #include <libexif/exif-loader.h> |
31 | | #include <libexif/exif-log.h> |
32 | | #include <libexif/i18n.h> |
33 | | #include <libexif/exif-system.h> |
34 | | |
35 | | /*#include <libexif/apple/exif-mnote-data-apple.h>*/ |
36 | | #include <libexif/canon/exif-mnote-data-canon.h> |
37 | | #include <libexif/fuji/exif-mnote-data-fuji.h> |
38 | | #include <libexif/olympus/exif-mnote-data-olympus.h> |
39 | | #include <libexif/pentax/exif-mnote-data-pentax.h> |
40 | | |
41 | | #include <math.h> |
42 | | #include <stdlib.h> |
43 | | #include <stdio.h> |
44 | | #include <string.h> |
45 | | |
46 | | #undef JPEG_MARKER_SOI |
47 | 2.26k | #define JPEG_MARKER_SOI 0xd8 |
48 | | #undef JPEG_MARKER_APP0 |
49 | | #define JPEG_MARKER_APP0 0xe0 |
50 | | #undef JPEG_MARKER_APP1 |
51 | 1.38k | #define JPEG_MARKER_APP1 0xe1 |
52 | | |
53 | 5.22M | #define CHECKOVERFLOW(offset,datasize,structsize) (( (offset) >= (datasize)) || ((structsize) > (datasize)) || ((offset) > (datasize) - (structsize) )) |
54 | | |
55 | | static const unsigned char ExifHeader[] = {0x45, 0x78, 0x69, 0x66, 0x00, 0x00}; |
56 | | |
57 | | struct _ExifDataPrivate |
58 | | { |
59 | | ExifByteOrder order; |
60 | | |
61 | | ExifMnoteData *md; |
62 | | |
63 | | ExifLog *log; |
64 | | ExifMem *mem; |
65 | | |
66 | | unsigned int ref_count; |
67 | | |
68 | | /* Temporarily used while loading data */ |
69 | | unsigned int offset_mnote; |
70 | | |
71 | | ExifDataOption options; |
72 | | ExifDataType data_type; |
73 | | }; |
74 | | |
75 | | static void * |
76 | | exif_data_alloc (ExifData *data, unsigned int i) |
77 | 89.3k | { |
78 | 89.3k | void *d; |
79 | | |
80 | 89.3k | if (!data || !i) |
81 | 0 | return NULL; |
82 | | |
83 | 89.3k | d = exif_mem_alloc (data->priv->mem, i); |
84 | 89.3k | if (d) |
85 | 89.3k | return d; |
86 | | |
87 | 0 | EXIF_LOG_NO_MEMORY (data->priv->log, "ExifData", i); |
88 | 0 | return NULL; |
89 | 89.3k | } |
90 | | |
91 | | ExifMnoteData * |
92 | | exif_data_get_mnote_data (ExifData *d) |
93 | 30.8k | { |
94 | 30.8k | return (d && d->priv) ? d->priv->md : NULL; |
95 | 30.8k | } |
96 | | |
97 | | ExifData * |
98 | | exif_data_new (void) |
99 | 10.5k | { |
100 | 10.5k | ExifMem *mem = exif_mem_new_default (); |
101 | 10.5k | ExifData *d = exif_data_new_mem (mem); |
102 | | |
103 | 10.5k | exif_mem_unref (mem); |
104 | | |
105 | 10.5k | return d; |
106 | 10.5k | } |
107 | | |
108 | | ExifData * |
109 | | exif_data_new_mem (ExifMem *mem) |
110 | 20.2k | { |
111 | 20.2k | ExifData *data; |
112 | 20.2k | unsigned int i; |
113 | | |
114 | 20.2k | if (!mem) |
115 | 0 | return NULL; |
116 | | |
117 | 20.2k | data = exif_mem_alloc (mem, sizeof (ExifData)); |
118 | 20.2k | if (!data) |
119 | 0 | return (NULL); |
120 | 20.2k | data->priv = exif_mem_alloc (mem, sizeof (ExifDataPrivate)); |
121 | 20.2k | if (!data->priv) { |
122 | 0 | exif_mem_free (mem, data); |
123 | 0 | return (NULL); |
124 | 0 | } |
125 | 20.2k | data->priv->ref_count = 1; |
126 | | |
127 | 20.2k | data->priv->mem = mem; |
128 | 20.2k | exif_mem_ref (mem); |
129 | | |
130 | 121k | for (i = 0; i < EXIF_IFD_COUNT; i++) { |
131 | 101k | data->ifd[i] = exif_content_new_mem (data->priv->mem); |
132 | 101k | if (!data->ifd[i]) { |
133 | 0 | exif_data_free (data); |
134 | 0 | return (NULL); |
135 | 0 | } |
136 | 101k | data->ifd[i]->parent = data; |
137 | 101k | } |
138 | | |
139 | | /* Default options */ |
140 | 20.2k | #ifndef NO_VERBOSE_TAG_STRINGS |
141 | | /* |
142 | | * When the tag list is compiled away, setting this option prevents |
143 | | * any tags from being loaded |
144 | | */ |
145 | 20.2k | exif_data_set_option (data, EXIF_DATA_OPTION_IGNORE_UNKNOWN_TAGS); |
146 | 20.2k | #endif |
147 | 20.2k | exif_data_set_option (data, EXIF_DATA_OPTION_FOLLOW_SPECIFICATION); |
148 | | |
149 | | /* Default data type: none */ |
150 | 20.2k | exif_data_set_data_type (data, EXIF_DATA_TYPE_COUNT); |
151 | | |
152 | 20.2k | return (data); |
153 | 20.2k | } |
154 | | |
155 | | ExifData * |
156 | | exif_data_new_from_data (const unsigned char *data, unsigned int size) |
157 | 10.5k | { |
158 | 10.5k | ExifData *edata; |
159 | | |
160 | 10.5k | edata = exif_data_new (); |
161 | 10.5k | exif_data_load_data (edata, data, size); |
162 | 10.5k | return (edata); |
163 | 10.5k | } |
164 | | |
165 | | static int |
166 | | exif_data_load_data_entry (ExifData *data, ExifEntry *entry, |
167 | | const unsigned char *d, |
168 | | unsigned int size, unsigned int offset) |
169 | 818k | { |
170 | 818k | unsigned int s, doff; |
171 | | |
172 | 818k | entry->tag = exif_get_short (d + offset + 0, data->priv->order); |
173 | 818k | entry->format = exif_get_short (d + offset + 2, data->priv->order); |
174 | 818k | entry->components = exif_get_long (d + offset + 4, data->priv->order); |
175 | | |
176 | | /* FIXME: should use exif_tag_get_name_in_ifd here but entry->parent |
177 | | * has not been set yet |
178 | | */ |
179 | 818k | exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData", |
180 | 818k | "Loading entry 0x%x ('%s')...", entry->tag, |
181 | 818k | exif_tag_get_name (entry->tag)); |
182 | | |
183 | | /* {0,1,2,4,8} x { 0x00000000 .. 0xffffffff } |
184 | | * -> { 0x000000000 .. 0x7fffffff8 } */ |
185 | 818k | s = exif_format_get_size(entry->format) * entry->components; |
186 | 818k | if ((s < entry->components) || (s == 0)){ |
187 | 653k | return 0; |
188 | 653k | } |
189 | | |
190 | | /* |
191 | | * Size? If bigger than 4 bytes, the actual data is not |
192 | | * in the entry but somewhere else (offset). |
193 | | */ |
194 | 165k | if (s > 4) |
195 | 138k | doff = exif_get_long (d + offset + 8, data->priv->order); |
196 | 26.5k | else |
197 | 26.5k | doff = offset + 8; |
198 | | |
199 | | /* Sanity checks */ |
200 | 165k | if (doff >= size) { |
201 | 73.2k | exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData", |
202 | 73.2k | "Tag starts past end of buffer (%u > %u)", doff, size); |
203 | 73.2k | return 0; |
204 | 73.2k | } |
205 | | |
206 | 92.1k | if (s > size - doff) { |
207 | 16.8k | exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData", |
208 | 16.8k | "Tag data goes past end of buffer (%u > %u)", doff+s, size); |
209 | 16.8k | return 0; |
210 | 16.8k | } |
211 | | |
212 | 75.3k | entry->data = exif_data_alloc (data, s); |
213 | 75.3k | if (entry->data) { |
214 | 75.3k | entry->size = s; |
215 | 75.3k | memcpy (entry->data, d + doff, s); |
216 | 75.3k | } else { |
217 | 0 | EXIF_LOG_NO_MEMORY(data->priv->log, "ExifData", s); |
218 | 0 | return 0; |
219 | 0 | } |
220 | | |
221 | | /* If this is the MakerNote, remember the offset */ |
222 | 75.3k | if (entry->tag == EXIF_TAG_MAKER_NOTE) { |
223 | 19.2k | if (!entry->data) { |
224 | 0 | exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData", |
225 | 0 | "MakerNote found with empty data"); |
226 | 19.2k | } else if (entry->size > 6) { |
227 | 16.8k | exif_log (data->priv->log, |
228 | 16.8k | EXIF_LOG_CODE_DEBUG, "ExifData", |
229 | 16.8k | "MakerNote found (%02x %02x %02x %02x " |
230 | 16.8k | "%02x %02x %02x...).", |
231 | 16.8k | entry->data[0], entry->data[1], entry->data[2], |
232 | 16.8k | entry->data[3], entry->data[4], entry->data[5], |
233 | 16.8k | entry->data[6]); |
234 | 16.8k | } |
235 | 19.2k | data->priv->offset_mnote = doff; |
236 | 19.2k | } |
237 | 75.3k | return 1; |
238 | 75.3k | } |
239 | | |
240 | | static void |
241 | | exif_data_save_data_entry (ExifData *data, ExifEntry *e, |
242 | | unsigned char **d, unsigned int *ds, |
243 | | unsigned int offset) |
244 | 72.5k | { |
245 | 72.5k | unsigned int doff, s; |
246 | 72.5k | unsigned int ts; |
247 | | |
248 | 72.5k | if (!data || !data->priv) |
249 | 0 | return; |
250 | | |
251 | | /* |
252 | | * Each entry is 12 bytes long. The memory for the entry has |
253 | | * already been allocated. |
254 | | */ |
255 | 72.5k | exif_set_short (*d + 6 + offset + 0, |
256 | 72.5k | data->priv->order, (ExifShort) e->tag); |
257 | 72.5k | exif_set_short (*d + 6 + offset + 2, |
258 | 72.5k | data->priv->order, (ExifShort) e->format); |
259 | | |
260 | 72.5k | if (!(data->priv->options & EXIF_DATA_OPTION_DONT_CHANGE_MAKER_NOTE)) { |
261 | | /* If this is the maker note tag, update it. */ |
262 | 72.5k | if ((e->tag == EXIF_TAG_MAKER_NOTE) && data->priv->md) { |
263 | | /* TODO: this is using the wrong ExifMem to free e->data */ |
264 | 7.25k | exif_mem_free (data->priv->mem, e->data); |
265 | 7.25k | e->data = NULL; |
266 | 7.25k | e->size = 0; |
267 | 7.25k | exif_mnote_data_set_offset (data->priv->md, *ds - 6); |
268 | 7.25k | exif_mnote_data_save (data->priv->md, &e->data, &e->size); |
269 | 7.25k | e->components = e->size; |
270 | 7.25k | if (exif_format_get_size (e->format) != 1) { |
271 | | /* e->format is taken from input code, |
272 | | * but we need to make sure it is a 1 byte |
273 | | * entity due to the multiplication below. */ |
274 | 1.29k | e->format = EXIF_FORMAT_UNDEFINED; |
275 | 1.29k | } |
276 | 7.25k | } |
277 | 72.5k | } |
278 | | |
279 | 72.5k | exif_set_long (*d + 6 + offset + 4, |
280 | 72.5k | data->priv->order, e->components); |
281 | | |
282 | | /* |
283 | | * Size? If bigger than 4 bytes, the actual data is not in |
284 | | * the entry but somewhere else. |
285 | | */ |
286 | 72.5k | s = exif_format_get_size (e->format) * e->components; |
287 | 72.5k | if (s > 4) { |
288 | 34.1k | unsigned char *t; |
289 | 34.1k | doff = *ds - 6; |
290 | 34.1k | ts = *ds + s; |
291 | | |
292 | | /* |
293 | | * According to the TIFF specification, |
294 | | * the offset must be an even number. If we need to introduce |
295 | | * a padding byte, we set it to 0. |
296 | | */ |
297 | 34.1k | if (s & 1) |
298 | 1.86k | ts++; |
299 | 34.1k | t = exif_mem_realloc (data->priv->mem, *d, ts); |
300 | 34.1k | if (!t) { |
301 | 0 | EXIF_LOG_NO_MEMORY (data->priv->log, "ExifData", ts); |
302 | 0 | return; |
303 | 0 | } |
304 | 34.1k | *d = t; |
305 | 34.1k | *ds = ts; |
306 | 34.1k | exif_set_long (*d + 6 + offset + 8, data->priv->order, doff); |
307 | 34.1k | if (s & 1) |
308 | 1.86k | *(*d + *ds - 1) = '\0'; |
309 | | |
310 | 34.1k | } else |
311 | 38.3k | doff = offset + 8; |
312 | | |
313 | | /* Write the data. Fill unneeded bytes with 0. Do not crash with |
314 | | * e->data is NULL */ |
315 | 72.5k | if (e->data) { |
316 | 72.4k | unsigned int len = s; |
317 | 72.4k | if (e->size < s) len = e->size; |
318 | 72.4k | memcpy (*d + 6 + doff, e->data, len); |
319 | 72.4k | } else { |
320 | 72 | memset (*d + 6 + doff, 0, s); |
321 | 72 | } |
322 | 72.5k | if (s < 4) |
323 | 20.9k | memset (*d + 6 + doff + s, 0, (4 - s)); |
324 | 72.5k | } |
325 | | |
326 | | static void |
327 | | exif_data_load_data_thumbnail (ExifData *data, const unsigned char *d, |
328 | | unsigned int ds, ExifLong o, ExifLong s) |
329 | 5.04k | { |
330 | | /* Sanity checks */ |
331 | 5.04k | if (o >= ds) { |
332 | 0 | exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData", "Bogus thumbnail offset (%u).", o); |
333 | 0 | return; |
334 | 0 | } |
335 | 5.04k | if (CHECKOVERFLOW(o,ds,s)) { |
336 | 1.48k | exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData", "Bogus thumbnail size (%u), max would be %u.", s, ds-o); |
337 | 1.48k | return; |
338 | 1.48k | } |
339 | 3.55k | if (data->data) |
340 | 2.92k | exif_mem_free (data->priv->mem, data->data); |
341 | 3.55k | if (!(data->data = exif_data_alloc (data, s))) { |
342 | 0 | EXIF_LOG_NO_MEMORY (data->priv->log, "ExifData", s); |
343 | 0 | data->size = 0; |
344 | 0 | return; |
345 | 0 | } |
346 | 3.55k | data->size = s; |
347 | 3.55k | memcpy (data->data, d + o, s); |
348 | 3.55k | } |
349 | | |
350 | | #undef CHECK_REC |
351 | 71.6M | #define CHECK_REC(i) \ |
352 | 71.6M | if ((i) == ifd) { \ |
353 | 34.5M | exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, \ |
354 | 34.5M | "ExifData", "Recursive entry in IFD " \ |
355 | 34.5M | "'%s' detected. Skipping...", \ |
356 | 34.5M | exif_ifd_get_name (i)); \ |
357 | 34.5M | break; \ |
358 | 37.1M | } \ |
359 | 37.1M | if (data->ifd[(i)]->count) { \ |
360 | 14.6k | exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, \ |
361 | 14.6k | "ExifData", "Attempt to load IFD " \ |
362 | 14.6k | "'%s' multiple times detected. " \ |
363 | 14.6k | "Skipping...", \ |
364 | 14.6k | exif_ifd_get_name (i)); \ |
365 | 14.6k | break; \ |
366 | 14.6k | } |
367 | | |
368 | | /*! Calculate the recursion cost added by one level of IFD loading. |
369 | | * |
370 | | * The work performed is related to the cost in the exponential relation |
371 | | * work=1.1**cost |
372 | | */ |
373 | | static unsigned int |
374 | | level_cost(unsigned int n) |
375 | 37.1M | { |
376 | 37.1M | static const double log_1_1 = 0.09531017980432493; |
377 | | |
378 | | /* Adding 0.1 protects against the case where n==1 */ |
379 | 37.1M | return ceil(log(n + 0.1)/log_1_1); |
380 | 37.1M | } |
381 | | |
382 | | /*! Load data for an IFD. |
383 | | * |
384 | | * \param[in,out] data #ExifData |
385 | | * \param[in] ifd IFD to load |
386 | | * \param[in] d pointer to buffer containing raw IFD data |
387 | | * \param[in] ds size of raw data in buffer at \c d |
388 | | * \param[in] offset offset into buffer at \c d at which IFD starts |
389 | | * \param[in] recursion_cost factor indicating how expensive this recursive |
390 | | * call could be |
391 | | */ |
392 | | static void |
393 | | exif_data_load_data_content (ExifData *data, ExifIfd ifd, |
394 | | const unsigned char *d, |
395 | | unsigned int ds, unsigned int offset, unsigned int recursion_cost) |
396 | 37.1M | { |
397 | 37.1M | ExifLong o, thumbnail_offset = 0, thumbnail_length = 0; |
398 | 37.1M | ExifShort n; |
399 | 37.1M | ExifEntry *entry; |
400 | 37.1M | unsigned int i; |
401 | 37.1M | ExifTag tag; |
402 | | |
403 | 37.1M | if (!data || !data->priv) |
404 | 0 | return; |
405 | | |
406 | | /* check for valid ExifIfd enum range */ |
407 | 37.1M | if ((((int)ifd) < 0) || ( ((int)ifd) >= EXIF_IFD_COUNT)) |
408 | 0 | return; |
409 | | |
410 | 37.1M | if (recursion_cost > 170) { |
411 | | /* |
412 | | * recursion_cost is a logarithmic-scale indicator of how expensive this |
413 | | * recursive call might end up being. It is an indicator of the depth of |
414 | | * recursion as well as the potential for worst-case future recursive |
415 | | * calls. Since it's difficult to tell ahead of time how often recursion |
416 | | * will occur, this assumes the worst by assuming every tag could end up |
417 | | * causing recursion. |
418 | | * The value of 170 was chosen to limit typical EXIF structures to a |
419 | | * recursive depth of about 6, but pathological ones (those with very |
420 | | * many tags) to only 2. |
421 | | */ |
422 | 34.5M | exif_log (data->priv->log, EXIF_LOG_CODE_CORRUPT_DATA, "ExifData", |
423 | 34.5M | "Deep/expensive recursion detected!"); |
424 | 34.5M | return; |
425 | 34.5M | } |
426 | | |
427 | | /* Read the number of entries */ |
428 | 2.61M | if (CHECKOVERFLOW(offset, ds, 2)) { |
429 | 1.64k | exif_log (data->priv->log, EXIF_LOG_CODE_CORRUPT_DATA, "ExifData", |
430 | 1.64k | "Tag data past end of buffer (%u+2 > %u)", offset, ds); |
431 | 1.64k | return; |
432 | 1.64k | } |
433 | 2.60M | n = exif_get_short (d + offset, data->priv->order); |
434 | 2.60M | exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData", |
435 | 2.60M | "Loading %hu entries...", n); |
436 | 2.60M | offset += 2; |
437 | | |
438 | | /* Check if we have enough data. */ |
439 | 2.60M | if (CHECKOVERFLOW(offset, ds, 12*n)) { |
440 | 2.54M | n = (ds - offset) / 12; |
441 | 2.54M | exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData", |
442 | 2.54M | "Short data; only loading %hu entries...", n); |
443 | 2.54M | } |
444 | | |
445 | 116M | for (i = 0; i < n; i++) { |
446 | | |
447 | 113M | tag = exif_get_short (d + offset + 12 * i, data->priv->order); |
448 | 113M | switch (tag) { |
449 | 1.30M | case EXIF_TAG_EXIF_IFD_POINTER: |
450 | 36.2M | case EXIF_TAG_GPS_INFO_IFD_POINTER: |
451 | 71.6M | case EXIF_TAG_INTEROPERABILITY_IFD_POINTER: |
452 | 71.6M | case EXIF_TAG_JPEG_INTERCHANGE_FORMAT_LENGTH: |
453 | 71.7M | case EXIF_TAG_JPEG_INTERCHANGE_FORMAT: |
454 | 71.7M | o = exif_get_long (d + offset + 12 * i + 8, |
455 | 71.7M | data->priv->order); |
456 | 71.7M | if (o >= ds) { |
457 | 9.51k | exif_log (data->priv->log, EXIF_LOG_CODE_CORRUPT_DATA, "ExifData", |
458 | 9.51k | "Tag data past end of buffer (%u > %u)", offset+2, ds); |
459 | 9.51k | return; |
460 | 9.51k | } |
461 | | /* FIXME: IFD_POINTER tags aren't marked as being in a |
462 | | * specific IFD, so exif_tag_get_name_in_ifd won't work |
463 | | */ |
464 | 71.6M | exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData", |
465 | 71.6M | "Sub-IFD entry 0x%x ('%s') at %u.", tag, |
466 | 71.6M | exif_tag_get_name(tag), o); |
467 | 71.6M | switch (tag) { |
468 | 1.30M | case EXIF_TAG_EXIF_IFD_POINTER: |
469 | 1.30M | CHECK_REC (EXIF_IFD_EXIF); |
470 | 1.28M | exif_data_load_data_content (data, EXIF_IFD_EXIF, d, ds, o, |
471 | 1.28M | recursion_cost + level_cost(n)); |
472 | 1.28M | break; |
473 | 34.9M | case EXIF_TAG_GPS_INFO_IFD_POINTER: |
474 | 34.9M | CHECK_REC (EXIF_IFD_GPS); |
475 | 17.8M | exif_data_load_data_content (data, EXIF_IFD_GPS, d, ds, o, |
476 | 17.8M | recursion_cost + level_cost(n)); |
477 | 17.8M | break; |
478 | 35.4M | case EXIF_TAG_INTEROPERABILITY_IFD_POINTER: |
479 | 35.4M | CHECK_REC (EXIF_IFD_INTEROPERABILITY); |
480 | 18.0M | exif_data_load_data_content (data, EXIF_IFD_INTEROPERABILITY, d, ds, o, |
481 | 18.0M | recursion_cost + level_cost(n)); |
482 | 18.0M | break; |
483 | 10.9k | case EXIF_TAG_JPEG_INTERCHANGE_FORMAT: |
484 | 10.9k | thumbnail_offset = o; |
485 | 10.9k | if (thumbnail_offset && thumbnail_length) |
486 | 2.38k | exif_data_load_data_thumbnail (data, d, |
487 | 2.38k | ds, thumbnail_offset, |
488 | 2.38k | thumbnail_length); |
489 | 10.9k | break; |
490 | 7.20k | case EXIF_TAG_JPEG_INTERCHANGE_FORMAT_LENGTH: |
491 | 7.20k | thumbnail_length = o; |
492 | 7.20k | if (thumbnail_offset && thumbnail_length) |
493 | 2.65k | exif_data_load_data_thumbnail (data, d, |
494 | 2.65k | ds, thumbnail_offset, |
495 | 2.65k | thumbnail_length); |
496 | 7.20k | break; |
497 | 0 | default: |
498 | 0 | return; |
499 | 71.6M | } |
500 | 71.6M | break; |
501 | 71.6M | default: |
502 | | |
503 | | /* |
504 | | * If we don't know the tag, don't fail. It could be that new |
505 | | * versions of the standard have defined additional tags. Note that |
506 | | * 0 is a valid tag in the GPS IFD. |
507 | | */ |
508 | 42.0M | if (!exif_tag_get_name_in_ifd (tag, ifd)) { |
509 | | |
510 | | /* |
511 | | * Special case: Tag and format 0. That's against specification |
512 | | * (at least up to 2.2). But Photoshop writes it anyways. |
513 | | */ |
514 | 41.1M | if (!memcmp (d + offset + 12 * i, "\0\0\0\0", 4)) { |
515 | 757k | exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData", |
516 | 757k | "Skipping empty entry at position %u in '%s'.", i, |
517 | 757k | exif_ifd_get_name (ifd)); |
518 | 757k | break; |
519 | 757k | } |
520 | 40.4M | exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData", |
521 | 40.4M | "Unknown tag 0x%04x (entry %u in '%s'). Please report this tag " |
522 | 40.4M | "to <libexif-devel@lists.sourceforge.net>.", tag, i, |
523 | 40.4M | exif_ifd_get_name (ifd)); |
524 | 40.4M | if (data->priv->options & EXIF_DATA_OPTION_IGNORE_UNKNOWN_TAGS) |
525 | 40.4M | break; |
526 | 40.4M | } |
527 | 818k | entry = exif_entry_new_mem (data->priv->mem); |
528 | 818k | if (!entry) { |
529 | 0 | exif_log (data->priv->log, EXIF_LOG_CODE_NO_MEMORY, "ExifData", |
530 | 0 | "Could not allocate memory"); |
531 | 0 | return; |
532 | 0 | } |
533 | 818k | if (exif_data_load_data_entry (data, entry, d, ds, |
534 | 818k | offset + 12 * i)) |
535 | 75.3k | exif_content_add_entry (data->ifd[ifd], entry); |
536 | 818k | exif_entry_unref (entry); |
537 | 818k | break; |
538 | 113M | } |
539 | 113M | } |
540 | 2.60M | } |
541 | | |
542 | | static int |
543 | | cmp_func (const unsigned char *p1, const unsigned char *p2, ExifByteOrder o) |
544 | 102k | { |
545 | 102k | ExifShort tag1 = exif_get_short (p1, o); |
546 | 102k | ExifShort tag2 = exif_get_short (p2, o); |
547 | | |
548 | 102k | return (tag1 < tag2) ? -1 : (tag1 > tag2) ? 1 : 0; |
549 | 102k | } |
550 | | |
551 | | static int |
552 | | cmp_func_intel (const void *elem1, const void *elem2) |
553 | 100k | { |
554 | 100k | return cmp_func ((const unsigned char *) elem1, |
555 | 100k | (const unsigned char *) elem2, EXIF_BYTE_ORDER_INTEL); |
556 | 100k | } |
557 | | |
558 | | static int |
559 | | cmp_func_motorola (const void *elem1, const void *elem2) |
560 | 2.37k | { |
561 | 2.37k | return cmp_func ((const unsigned char *) elem1, |
562 | 2.37k | (const unsigned char *) elem2, EXIF_BYTE_ORDER_MOTOROLA); |
563 | 2.37k | } |
564 | | |
565 | | static void |
566 | | exif_data_save_data_content (ExifData *data, ExifContent *ifd, |
567 | | unsigned char **d, unsigned int *ds, |
568 | | unsigned int offset) |
569 | 20.9k | { |
570 | 20.9k | unsigned int j, n_ptr = 0, n_thumb = 0; |
571 | 20.9k | ExifIfd i; |
572 | 20.9k | unsigned char *t; |
573 | 20.9k | unsigned int ts; |
574 | | |
575 | 20.9k | if (!data || !data->priv || !ifd || !d || !ds) |
576 | 0 | return; |
577 | | |
578 | 43.0k | for (i = 0; i < EXIF_IFD_COUNT; i++) |
579 | 43.0k | if (ifd == data->ifd[i]) |
580 | 20.9k | break; |
581 | 20.9k | if (i == EXIF_IFD_COUNT) |
582 | 0 | return; /* error */ |
583 | | |
584 | | /* |
585 | | * Check if we need some extra entries for pointers or the thumbnail. |
586 | | */ |
587 | 20.9k | switch (i) { |
588 | 10.5k | case EXIF_IFD_0: |
589 | | |
590 | | /* |
591 | | * The pointer to IFD_EXIF is in IFD_0. The pointer to |
592 | | * IFD_INTEROPERABILITY is in IFD_EXIF. |
593 | | */ |
594 | 10.5k | if (data->ifd[EXIF_IFD_EXIF]->count || |
595 | 10.5k | data->ifd[EXIF_IFD_INTEROPERABILITY]->count) |
596 | 8.97k | n_ptr++; |
597 | | |
598 | | /* The pointer to IFD_GPS is in IFD_0. */ |
599 | 10.5k | if (data->ifd[EXIF_IFD_GPS]->count) |
600 | 694 | n_ptr++; |
601 | | |
602 | 10.5k | break; |
603 | 414 | case EXIF_IFD_1: |
604 | 414 | if (data->size) |
605 | 414 | n_thumb = 2; |
606 | 414 | break; |
607 | 8.97k | case EXIF_IFD_EXIF: |
608 | 8.97k | if (data->ifd[EXIF_IFD_INTEROPERABILITY]->count) |
609 | 396 | n_ptr++; |
610 | 10.0k | default: |
611 | 10.0k | break; |
612 | 20.9k | } |
613 | | |
614 | | /* |
615 | | * Allocate enough memory for all entries |
616 | | * and the number of entries. |
617 | | */ |
618 | 20.9k | ts = *ds + (2 + (ifd->count + n_ptr + n_thumb) * 12 + 4); |
619 | 20.9k | t = exif_mem_realloc (data->priv->mem, *d, ts); |
620 | 20.9k | if (!t) { |
621 | 0 | EXIF_LOG_NO_MEMORY (data->priv->log, "ExifData", ts); |
622 | 0 | return; |
623 | 0 | } |
624 | 20.9k | *d = t; |
625 | 20.9k | *ds = ts; |
626 | | |
627 | | /* Save the number of entries */ |
628 | 20.9k | exif_set_short (*d + 6 + offset, data->priv->order, |
629 | 20.9k | (ExifShort) (ifd->count + n_ptr + n_thumb)); |
630 | 20.9k | offset += 2; |
631 | | |
632 | | /* |
633 | | * Save each entry. Make sure that no memcpys from NULL pointers are |
634 | | * performed |
635 | | */ |
636 | 20.9k | exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData", |
637 | 20.9k | "Saving %i entries (IFD '%s', offset: %i)...", |
638 | 20.9k | ifd->count, exif_ifd_get_name (i), offset); |
639 | 93.5k | for (j = 0; j < ifd->count; j++) { |
640 | 72.5k | if (ifd->entries[j]) { |
641 | 72.5k | exif_data_save_data_entry (data, ifd->entries[j], d, ds, |
642 | 72.5k | offset + 12 * j); |
643 | 72.5k | } |
644 | 72.5k | } |
645 | | |
646 | 20.9k | offset += 12 * ifd->count; |
647 | | |
648 | | /* Now save special entries. */ |
649 | 20.9k | switch (i) { |
650 | 10.5k | case EXIF_IFD_0: |
651 | | |
652 | | /* |
653 | | * The pointer to IFD_EXIF is in IFD_0. |
654 | | * However, the pointer to IFD_INTEROPERABILITY is in IFD_EXIF, |
655 | | * therefore, if IFD_INTEROPERABILITY is not empty, we need |
656 | | * IFD_EXIF even if latter is empty. |
657 | | */ |
658 | 10.5k | if (data->ifd[EXIF_IFD_EXIF]->count || |
659 | 10.5k | data->ifd[EXIF_IFD_INTEROPERABILITY]->count) { |
660 | 8.97k | exif_set_short (*d + 6 + offset + 0, data->priv->order, |
661 | 8.97k | EXIF_TAG_EXIF_IFD_POINTER); |
662 | 8.97k | exif_set_short (*d + 6 + offset + 2, data->priv->order, |
663 | 8.97k | EXIF_FORMAT_LONG); |
664 | 8.97k | exif_set_long (*d + 6 + offset + 4, data->priv->order, |
665 | 8.97k | 1); |
666 | 8.97k | exif_set_long (*d + 6 + offset + 8, data->priv->order, |
667 | 8.97k | *ds - 6); |
668 | 8.97k | exif_data_save_data_content (data, |
669 | 8.97k | data->ifd[EXIF_IFD_EXIF], d, ds, *ds - 6); |
670 | 8.97k | offset += 12; |
671 | 8.97k | } |
672 | | |
673 | | /* The pointer to IFD_GPS is in IFD_0, too. */ |
674 | 10.5k | if (data->ifd[EXIF_IFD_GPS]->count) { |
675 | 694 | exif_set_short (*d + 6 + offset + 0, data->priv->order, |
676 | 694 | EXIF_TAG_GPS_INFO_IFD_POINTER); |
677 | 694 | exif_set_short (*d + 6 + offset + 2, data->priv->order, |
678 | 694 | EXIF_FORMAT_LONG); |
679 | 694 | exif_set_long (*d + 6 + offset + 4, data->priv->order, |
680 | 694 | 1); |
681 | 694 | exif_set_long (*d + 6 + offset + 8, data->priv->order, |
682 | 694 | *ds - 6); |
683 | 694 | exif_data_save_data_content (data, |
684 | 694 | data->ifd[EXIF_IFD_GPS], d, ds, *ds - 6); |
685 | 694 | offset += 12; |
686 | 694 | } |
687 | | |
688 | 10.5k | break; |
689 | 8.97k | case EXIF_IFD_EXIF: |
690 | | |
691 | | /* |
692 | | * The pointer to IFD_INTEROPERABILITY is in IFD_EXIF. |
693 | | * See note above. |
694 | | */ |
695 | 8.97k | if (data->ifd[EXIF_IFD_INTEROPERABILITY]->count) { |
696 | 396 | exif_set_short (*d + 6 + offset + 0, data->priv->order, |
697 | 396 | EXIF_TAG_INTEROPERABILITY_IFD_POINTER); |
698 | 396 | exif_set_short (*d + 6 + offset + 2, data->priv->order, |
699 | 396 | EXIF_FORMAT_LONG); |
700 | 396 | exif_set_long (*d + 6 + offset + 4, data->priv->order, |
701 | 396 | 1); |
702 | 396 | exif_set_long (*d + 6 + offset + 8, data->priv->order, |
703 | 396 | *ds - 6); |
704 | 396 | exif_data_save_data_content (data, |
705 | 396 | data->ifd[EXIF_IFD_INTEROPERABILITY], d, ds, |
706 | 396 | *ds - 6); |
707 | 396 | offset += 12; |
708 | 396 | } |
709 | | |
710 | 8.97k | break; |
711 | 414 | case EXIF_IFD_1: |
712 | | |
713 | | /* |
714 | | * Information about the thumbnail (if any) is saved in |
715 | | * IFD_1. |
716 | | */ |
717 | 414 | if (data->size) { |
718 | | |
719 | | /* EXIF_TAG_JPEG_INTERCHANGE_FORMAT */ |
720 | 414 | exif_set_short (*d + 6 + offset + 0, data->priv->order, |
721 | 414 | EXIF_TAG_JPEG_INTERCHANGE_FORMAT); |
722 | 414 | exif_set_short (*d + 6 + offset + 2, data->priv->order, |
723 | 414 | EXIF_FORMAT_LONG); |
724 | 414 | exif_set_long (*d + 6 + offset + 4, data->priv->order, |
725 | 414 | 1); |
726 | 414 | exif_set_long (*d + 6 + offset + 8, data->priv->order, |
727 | 414 | *ds - 6); |
728 | 414 | ts = *ds + data->size; |
729 | 414 | t = exif_mem_realloc (data->priv->mem, *d, ts); |
730 | 414 | if (!t) { |
731 | 0 | EXIF_LOG_NO_MEMORY (data->priv->log, "ExifData", |
732 | 0 | ts); |
733 | 0 | return; |
734 | 0 | } |
735 | 414 | *d = t; |
736 | 414 | *ds = ts; |
737 | 414 | memcpy (*d + *ds - data->size, data->data, data->size); |
738 | 414 | offset += 12; |
739 | | |
740 | | /* EXIF_TAG_JPEG_INTERCHANGE_FORMAT_LENGTH */ |
741 | 414 | exif_set_short (*d + 6 + offset + 0, data->priv->order, |
742 | 414 | EXIF_TAG_JPEG_INTERCHANGE_FORMAT_LENGTH); |
743 | 414 | exif_set_short (*d + 6 + offset + 2, data->priv->order, |
744 | 414 | EXIF_FORMAT_LONG); |
745 | 414 | exif_set_long (*d + 6 + offset + 4, data->priv->order, |
746 | 414 | 1); |
747 | 414 | exif_set_long (*d + 6 + offset + 8, data->priv->order, |
748 | 414 | data->size); |
749 | 414 | offset += 12; |
750 | 414 | } |
751 | | |
752 | 414 | break; |
753 | 1.09k | default: |
754 | 1.09k | break; |
755 | 20.9k | } |
756 | | |
757 | | /* Sort the directory according to TIFF specification */ |
758 | 20.9k | qsort (*d + 6 + offset - (ifd->count + n_ptr + n_thumb) * 12, |
759 | 20.9k | (ifd->count + n_ptr + n_thumb), 12, |
760 | 20.9k | (data->priv->order == EXIF_BYTE_ORDER_INTEL) ? cmp_func_intel : cmp_func_motorola); |
761 | | |
762 | | /* Correctly terminate the directory */ |
763 | 20.9k | if (i == EXIF_IFD_0 && (data->ifd[EXIF_IFD_1]->count || |
764 | 10.5k | data->size)) { |
765 | | |
766 | | /* |
767 | | * We are saving IFD 0. Tell where IFD 1 starts and save |
768 | | * IFD 1. |
769 | | */ |
770 | 414 | exif_set_long (*d + 6 + offset, data->priv->order, *ds - 6); |
771 | 414 | exif_data_save_data_content (data, data->ifd[EXIF_IFD_1], d, ds, |
772 | 414 | *ds - 6); |
773 | 414 | } else |
774 | 20.5k | exif_set_long (*d + 6 + offset, data->priv->order, 0); |
775 | 20.9k | } |
776 | | |
777 | | typedef enum { |
778 | | EXIF_DATA_TYPE_MAKER_NOTE_NONE = 0, |
779 | | EXIF_DATA_TYPE_MAKER_NOTE_CANON = 1, |
780 | | EXIF_DATA_TYPE_MAKER_NOTE_OLYMPUS = 2, |
781 | | EXIF_DATA_TYPE_MAKER_NOTE_PENTAX = 3, |
782 | | EXIF_DATA_TYPE_MAKER_NOTE_NIKON = 4, |
783 | | EXIF_DATA_TYPE_MAKER_NOTE_CASIO = 5, |
784 | | EXIF_DATA_TYPE_MAKER_NOTE_FUJI = 6 |
785 | | } ExifDataTypeMakerNote; |
786 | | |
787 | | /*! If MakerNote is recognized, load it. |
788 | | * |
789 | | * \param[in,out] data #ExifData |
790 | | * \param[in] d pointer to raw EXIF data |
791 | | * \param[in] ds length of data at d |
792 | | */ |
793 | | static void |
794 | | interpret_maker_note(ExifData *data, const unsigned char *d, unsigned int ds) |
795 | 15.5k | { |
796 | 15.5k | int mnoteid; |
797 | 15.5k | ExifEntry* e = exif_data_get_entry (data, EXIF_TAG_MAKER_NOTE); |
798 | 15.5k | if (!e) |
799 | 1.43k | return; |
800 | | |
801 | 14.1k | if ((mnoteid = exif_mnote_data_olympus_identify (data, e)) != 0) { |
802 | 7.47k | exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, |
803 | 7.47k | "ExifData", "Olympus MakerNote variant type %d", mnoteid); |
804 | 7.47k | data->priv->md = exif_mnote_data_olympus_new (data->priv->mem); |
805 | | |
806 | 7.47k | } else if ((mnoteid = exif_mnote_data_canon_identify (data, e)) != 0) { |
807 | 2.22k | exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, |
808 | 2.22k | "ExifData", "Canon MakerNote variant type %d", mnoteid); |
809 | 2.22k | data->priv->md = exif_mnote_data_canon_new (data->priv->mem, data->priv->options); |
810 | | |
811 | 4.43k | } else if ((mnoteid = exif_mnote_data_fuji_identify (data, e)) != 0) { |
812 | 1.81k | exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, |
813 | 1.81k | "ExifData", "Fuji MakerNote variant type %d", mnoteid); |
814 | 1.81k | data->priv->md = exif_mnote_data_fuji_new (data->priv->mem); |
815 | | |
816 | | /* NOTE: Must do Pentax detection last because some of the |
817 | | * heuristics are pretty general. */ |
818 | 2.61k | } else if ((mnoteid = exif_mnote_data_pentax_identify (data, e)) != 0) { |
819 | 2.27k | exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, |
820 | 2.27k | "ExifData", "Pentax MakerNote variant type %d", mnoteid); |
821 | 2.27k | data->priv->md = exif_mnote_data_pentax_new (data->priv->mem); |
822 | 2.27k | } |
823 | | /* Marcus: disabled until apple makernote can also be saved |
824 | | else if ((mnoteid = exif_mnote_data_apple_identify (data, e)) != 0) { |
825 | | exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, |
826 | | "ExifData", "Apple MakerNote variant type %d", mnoteid); |
827 | | data->priv->md = exif_mnote_data_apple_new (data->priv->mem); |
828 | | } |
829 | | */ |
830 | | |
831 | | /* |
832 | | * If we are able to interpret the maker note, do so. |
833 | | */ |
834 | 14.1k | if (data->priv->md) { |
835 | 13.7k | exif_mnote_data_log (data->priv->md, data->priv->log); |
836 | 13.7k | exif_mnote_data_set_byte_order (data->priv->md, |
837 | 13.7k | data->priv->order); |
838 | 13.7k | exif_mnote_data_set_offset (data->priv->md, |
839 | 13.7k | data->priv->offset_mnote); |
840 | 13.7k | exif_mnote_data_load (data->priv->md, d, ds); |
841 | 13.7k | } |
842 | 14.1k | } |
843 | | |
844 | 60 | #define LOG_TOO_SMALL \ |
845 | 60 | exif_log (data->priv->log, EXIF_LOG_CODE_CORRUPT_DATA, "ExifData", \ |
846 | 60 | _("Size of data too small to allow for EXIF data.")); |
847 | | |
848 | | void |
849 | | exif_data_load_data (ExifData *data, const unsigned char *d_orig, |
850 | | unsigned int ds) |
851 | 20.2k | { |
852 | 20.2k | unsigned int l; |
853 | 20.2k | ExifLong offset; |
854 | 20.2k | ExifShort n; |
855 | 20.2k | const unsigned char *d = d_orig; |
856 | 20.2k | unsigned int len, fullds; |
857 | | |
858 | 20.2k | if (!data || !data->priv || !d || !ds) |
859 | 0 | return; |
860 | | |
861 | 20.2k | exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData", |
862 | 20.2k | "Parsing %i byte(s) EXIF data...\n", ds); |
863 | | |
864 | | /* |
865 | | * It can be that the data starts with the EXIF header. If it does |
866 | | * not, search the EXIF marker. |
867 | | */ |
868 | 20.2k | if (ds < 6) { |
869 | 13 | LOG_TOO_SMALL; |
870 | 13 | return; |
871 | 13 | } |
872 | 20.2k | if (!memcmp (d, ExifHeader, 6)) { |
873 | 19.8k | exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData", |
874 | 19.8k | "Found EXIF header at start."); |
875 | 19.8k | } else { |
876 | 2.32k | while (ds >= 3) { |
877 | 2.87k | while (ds && (d[0] == 0xff)) { |
878 | 589 | d++; |
879 | 589 | ds--; |
880 | 589 | } |
881 | | |
882 | | /* JPEG_MARKER_SOI */ |
883 | 2.28k | if (ds && d[0] == JPEG_MARKER_SOI) { |
884 | 889 | d++; |
885 | 889 | ds--; |
886 | 889 | continue; |
887 | 889 | } |
888 | | |
889 | | /* JPEG_MARKER_APP1 */ |
890 | 1.39k | if (ds && d[0] == JPEG_MARKER_APP1) { |
891 | | /* |
892 | | * Verify the exif header |
893 | | * (offset 3, length 6). |
894 | | * FF E1 NN NN EXIFHEADER |
895 | | * ^^ d points here currently |
896 | | */ |
897 | 598 | if ((ds >= 9) && !memcmp (d+3, ExifHeader, 6)) |
898 | 121 | break; |
899 | | /* fallthrough */ |
900 | 598 | } |
901 | | /* Skip irrelevant APP markers. The branch for APP1 must come before this, |
902 | | otherwise this code block will cause APP1 to be skipped. This code path |
903 | | is only relevant for files that are nonconformant to the EXIF |
904 | | specification. For conformant files, the APP1 code path above will be |
905 | | taken. */ |
906 | 1.27k | if (ds >= 3 && d[0] >= 0xe0 && d[0] <= 0xef) { /* JPEG_MARKER_APPn */ |
907 | 1.02k | d++; |
908 | 1.02k | ds--; |
909 | 1.02k | l = (((unsigned int)d[0]) << 8) | d[1]; |
910 | 1.02k | if (l > ds) |
911 | 43 | return; |
912 | 979 | d += l; |
913 | 979 | ds -= l; |
914 | 979 | continue; |
915 | 1.02k | } |
916 | | |
917 | | /* Unknown marker or data. Give up. */ |
918 | 249 | exif_log (data->priv->log, EXIF_LOG_CODE_CORRUPT_DATA, |
919 | 249 | "ExifData", _("EXIF marker not found.")); |
920 | 249 | return; |
921 | 1.27k | } |
922 | 160 | if (ds < 3) { |
923 | 39 | LOG_TOO_SMALL; |
924 | 39 | return; |
925 | 39 | } |
926 | 121 | d++; |
927 | 121 | ds--; |
928 | 121 | len = (((unsigned int)d[0]) << 8) | d[1]; |
929 | 121 | if (len > ds) { |
930 | 71 | exif_log (data->priv->log, EXIF_LOG_CODE_CORRUPT_DATA, |
931 | 71 | "ExifData", _("Read length %d is longer than data length %d."), len, ds); |
932 | 71 | return; |
933 | 71 | } |
934 | 50 | if (len < 2) { |
935 | 6 | exif_log (data->priv->log, EXIF_LOG_CODE_CORRUPT_DATA, |
936 | 6 | "ExifData", _("APP Tag too short.")); |
937 | 6 | return; |
938 | 6 | } |
939 | 44 | exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData", |
940 | 44 | "We have to deal with %i byte(s) of EXIF data.", |
941 | 44 | len); |
942 | 44 | d += 2; |
943 | 44 | ds = len - 2; /* we do not want the full rest size, but only the size of the tag */ |
944 | 44 | } |
945 | | |
946 | | /* |
947 | | * Verify the exif header |
948 | | * (offset 2, length 6). |
949 | | */ |
950 | 19.8k | if (ds < 6) { |
951 | 8 | LOG_TOO_SMALL; |
952 | 8 | return; |
953 | 8 | } |
954 | 19.8k | if (memcmp (d, ExifHeader, 6)) { |
955 | 0 | exif_log (data->priv->log, EXIF_LOG_CODE_CORRUPT_DATA, |
956 | 0 | "ExifData", _("EXIF header not found.")); |
957 | 0 | return; |
958 | 0 | } |
959 | | |
960 | 19.8k | exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData", |
961 | 19.8k | "Found EXIF header."); |
962 | | |
963 | | /* Sanity check the data length */ |
964 | 19.8k | if (ds < 14) |
965 | 48 | return; |
966 | | |
967 | | /* The JPEG APP1 section can be no longer than 64 KiB (including a |
968 | | 16-bit length), so cap the data length to protect against overflow |
969 | | in future offset calculations */ |
970 | 19.8k | fullds = ds; |
971 | 19.8k | if (ds > 0xfffe) |
972 | 464 | ds = 0xfffe; |
973 | | |
974 | | /* Byte order (offset 6, length 2) */ |
975 | 19.8k | if (!memcmp (d + 6, "II", 2)) |
976 | 15.9k | data->priv->order = EXIF_BYTE_ORDER_INTEL; |
977 | 3.85k | else if (!memcmp (d + 6, "MM", 2)) |
978 | 3.74k | data->priv->order = EXIF_BYTE_ORDER_MOTOROLA; |
979 | 114 | else { |
980 | 114 | exif_log (data->priv->log, EXIF_LOG_CODE_CORRUPT_DATA, |
981 | 114 | "ExifData", _("Unknown encoding.")); |
982 | 114 | return; |
983 | 114 | } |
984 | | |
985 | | /* Fixed value */ |
986 | 19.7k | if (exif_get_short (d + 8, data->priv->order) != 0x002a) |
987 | 43 | return; |
988 | | |
989 | | /* IFD 0 offset */ |
990 | 19.6k | offset = exif_get_long (d + 10, data->priv->order); |
991 | 19.6k | exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData", |
992 | 19.6k | "IFD 0 at %i.", (int) offset); |
993 | | |
994 | | /* ds is restricted to 16 bit above, so offset is restricted too, and offset+8 should not overflow. */ |
995 | 19.6k | if (offset > ds || offset + 6 + 2 > ds) |
996 | 126 | return; |
997 | | |
998 | | /* Parse the actual exif data (usually offset 14 from start) */ |
999 | 19.5k | exif_data_load_data_content (data, EXIF_IFD_0, d + 6, ds - 6, offset, 0); |
1000 | | |
1001 | | /* IFD 1 offset */ |
1002 | 19.5k | n = exif_get_short (d + 6 + offset, data->priv->order); |
1003 | | /* offset < 2<<16, n is 16 bit at most, so this op will not overflow */ |
1004 | 19.5k | if (offset + 6 + 2 + 12 * n + 4 > ds) |
1005 | 3.97k | return; |
1006 | | |
1007 | 15.5k | offset = exif_get_long (d + 6 + offset + 2 + 12 * n, data->priv->order); |
1008 | 15.5k | if (offset) { |
1009 | 15.1k | exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData", |
1010 | 15.1k | "IFD 1 at %i.", (int) offset); |
1011 | | |
1012 | | /* Sanity check. ds is ensured to be above 6 above, offset is 16bit */ |
1013 | 15.1k | if (offset > ds - 6) { |
1014 | 2.92k | exif_log (data->priv->log, EXIF_LOG_CODE_CORRUPT_DATA, |
1015 | 2.92k | "ExifData", "Bogus offset of IFD1."); |
1016 | 12.2k | } else { |
1017 | 12.2k | exif_data_load_data_content (data, EXIF_IFD_1, d + 6, ds - 6, offset, 0); |
1018 | 12.2k | } |
1019 | 15.1k | } |
1020 | | |
1021 | | /* |
1022 | | * If we got an EXIF_TAG_MAKER_NOTE, try to interpret it. Some |
1023 | | * cameras use pointers in the maker note tag that point to the |
1024 | | * space between IFDs. Here is the only place where we have access |
1025 | | * to that data. |
1026 | | */ |
1027 | 15.5k | interpret_maker_note(data, d, fullds); |
1028 | | |
1029 | | /* Fixup tags if requested */ |
1030 | 15.5k | if (data->priv->options & EXIF_DATA_OPTION_FOLLOW_SPECIFICATION) |
1031 | 15.5k | exif_data_fix (data); |
1032 | 15.5k | } |
1033 | | |
1034 | | void |
1035 | | exif_data_save_data (ExifData *data, unsigned char **d, unsigned int *ds) |
1036 | 10.5k | { |
1037 | 10.5k | if (ds) |
1038 | 10.5k | *ds = 0; /* This means something went wrong */ |
1039 | | |
1040 | 10.5k | if (!data || !d || !ds) |
1041 | 0 | return; |
1042 | | |
1043 | | /* Header */ |
1044 | 10.5k | *ds = 14; |
1045 | 10.5k | *d = exif_data_alloc (data, *ds); |
1046 | 10.5k | if (!*d) { |
1047 | 0 | *ds = 0; |
1048 | 0 | return; |
1049 | 0 | } |
1050 | 10.5k | memcpy (*d, ExifHeader, 6); |
1051 | | |
1052 | | /* Order (offset 6) */ |
1053 | 10.5k | if (data->priv->order == EXIF_BYTE_ORDER_INTEL) { |
1054 | 9.44k | memcpy (*d + 6, "II", 2); |
1055 | 9.44k | } else { |
1056 | 1.07k | memcpy (*d + 6, "MM", 2); |
1057 | 1.07k | } |
1058 | | |
1059 | | /* Fixed value (2 bytes, offset 8) */ |
1060 | 10.5k | exif_set_short (*d + 8, data->priv->order, 0x002a); |
1061 | | |
1062 | | /* |
1063 | | * IFD 0 offset (4 bytes, offset 10). |
1064 | | * We will start 8 bytes after the |
1065 | | * EXIF header (2 bytes for order, another 2 for the test, and |
1066 | | * 4 bytes for the IFD 0 offset make 8 bytes together). |
1067 | | */ |
1068 | 10.5k | exif_set_long (*d + 10, data->priv->order, 8); |
1069 | | |
1070 | | /* Now save IFD 0. IFD 1 will be saved automatically. */ |
1071 | 10.5k | exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData", |
1072 | 10.5k | "Saving IFDs..."); |
1073 | 10.5k | exif_data_save_data_content (data, data->ifd[EXIF_IFD_0], d, ds, |
1074 | 10.5k | *ds - 6); |
1075 | 10.5k | exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData", |
1076 | 10.5k | "Saved %i byte(s) EXIF data.", *ds); |
1077 | 10.5k | } |
1078 | | |
1079 | | ExifData * |
1080 | | exif_data_new_from_file (const char *path) |
1081 | 0 | { |
1082 | 0 | ExifData *edata; |
1083 | 0 | ExifLoader *loader; |
1084 | |
|
1085 | 0 | loader = exif_loader_new (); |
1086 | 0 | exif_loader_write_file (loader, path); |
1087 | 0 | edata = exif_loader_get_data (loader); |
1088 | 0 | exif_loader_unref (loader); |
1089 | |
|
1090 | 0 | return (edata); |
1091 | 0 | } |
1092 | | |
1093 | | void |
1094 | | exif_data_ref (ExifData *data) |
1095 | 0 | { |
1096 | 0 | if (!data) |
1097 | 0 | return; |
1098 | | |
1099 | 0 | data->priv->ref_count++; |
1100 | 0 | } |
1101 | | |
1102 | | void |
1103 | | exif_data_unref (ExifData *data) |
1104 | 20.2k | { |
1105 | 20.2k | if (!data) |
1106 | 0 | return; |
1107 | | |
1108 | 20.2k | data->priv->ref_count--; |
1109 | 20.2k | if (!data->priv->ref_count) |
1110 | 20.2k | exif_data_free (data); |
1111 | 20.2k | } |
1112 | | |
1113 | | void |
1114 | | exif_data_free (ExifData *data) |
1115 | 20.2k | { |
1116 | 20.2k | unsigned int i; |
1117 | 20.2k | ExifMem *mem = (data && data->priv) ? data->priv->mem : NULL; |
1118 | | |
1119 | 20.2k | if (!data) |
1120 | 0 | return; |
1121 | | |
1122 | 121k | for (i = 0; i < EXIF_IFD_COUNT; i++) { |
1123 | 101k | if (data->ifd[i]) { |
1124 | 101k | exif_content_unref (data->ifd[i]); |
1125 | 101k | data->ifd[i] = NULL; |
1126 | 101k | } |
1127 | 101k | } |
1128 | | |
1129 | 20.2k | if (data->data) { |
1130 | 627 | exif_mem_free (mem, data->data); |
1131 | 627 | data->data = NULL; |
1132 | 627 | } |
1133 | | |
1134 | 20.2k | if (data->priv) { |
1135 | 20.2k | if (data->priv->log) { |
1136 | 0 | exif_log_unref (data->priv->log); |
1137 | 0 | data->priv->log = NULL; |
1138 | 0 | } |
1139 | 20.2k | if (data->priv->md) { |
1140 | 13.7k | exif_mnote_data_unref (data->priv->md); |
1141 | 13.7k | data->priv->md = NULL; |
1142 | 13.7k | } |
1143 | 20.2k | exif_mem_free (mem, data->priv); |
1144 | 20.2k | exif_mem_free (mem, data); |
1145 | 20.2k | } |
1146 | | |
1147 | 20.2k | exif_mem_unref (mem); |
1148 | 20.2k | } |
1149 | | |
1150 | | void |
1151 | | exif_data_dump (ExifData *data) |
1152 | 0 | { |
1153 | 0 | unsigned int i; |
1154 | |
|
1155 | 0 | if (!data) |
1156 | 0 | return; |
1157 | | |
1158 | 0 | for (i = 0; i < EXIF_IFD_COUNT; i++) { |
1159 | 0 | if (data->ifd[i] && data->ifd[i]->count) { |
1160 | 0 | printf ("Dumping IFD '%s'...\n", |
1161 | 0 | exif_ifd_get_name (i)); |
1162 | 0 | exif_content_dump (data->ifd[i], 0); |
1163 | 0 | } |
1164 | 0 | } |
1165 | |
|
1166 | 0 | if (data->data) { |
1167 | 0 | printf ("%i byte(s) thumbnail data available: ", data->size); |
1168 | 0 | if (data->size >= 4) { |
1169 | 0 | printf ("0x%02x 0x%02x ... 0x%02x 0x%02x\n", |
1170 | 0 | data->data[0], data->data[1], |
1171 | 0 | data->data[data->size - 2], |
1172 | 0 | data->data[data->size - 1]); |
1173 | 0 | } |
1174 | 0 | } |
1175 | 0 | } |
1176 | | |
1177 | | ExifByteOrder |
1178 | | exif_data_get_byte_order (ExifData *data) |
1179 | 320k | { |
1180 | 320k | if (!data) |
1181 | 0 | return (0); |
1182 | | |
1183 | 320k | return (data->priv->order); |
1184 | 320k | } |
1185 | | |
1186 | | void |
1187 | | exif_data_foreach_content (ExifData *data, ExifDataForeachContentFunc func, |
1188 | | void *user_data) |
1189 | 46.3k | { |
1190 | 46.3k | unsigned int i; |
1191 | | |
1192 | 46.3k | if (!data || !func) |
1193 | 0 | return; |
1194 | | |
1195 | 278k | for (i = 0; i < EXIF_IFD_COUNT; i++) |
1196 | 231k | func (data->ifd[i], user_data); |
1197 | 46.3k | } |
1198 | | |
1199 | | typedef struct _ByteOrderChangeData ByteOrderChangeData; |
1200 | | struct _ByteOrderChangeData { |
1201 | | ExifByteOrder old, new; |
1202 | | }; |
1203 | | |
1204 | | static void |
1205 | | entry_set_byte_order (ExifEntry *e, void *data) |
1206 | 0 | { |
1207 | 0 | ByteOrderChangeData *d = data; |
1208 | |
|
1209 | 0 | if (!e) |
1210 | 0 | return; |
1211 | | |
1212 | 0 | exif_array_set_byte_order (e->format, e->data, e->components, d->old, d->new); |
1213 | 0 | } |
1214 | | |
1215 | | static void |
1216 | | content_set_byte_order (ExifContent *content, void *data) |
1217 | 0 | { |
1218 | 0 | exif_content_foreach_entry (content, entry_set_byte_order, data); |
1219 | 0 | } |
1220 | | |
1221 | | void |
1222 | | exif_data_set_byte_order (ExifData *data, ExifByteOrder order) |
1223 | 0 | { |
1224 | 0 | ByteOrderChangeData d; |
1225 | |
|
1226 | 0 | if (!data || (order == data->priv->order)) |
1227 | 0 | return; |
1228 | | |
1229 | 0 | d.old = data->priv->order; |
1230 | 0 | d.new = order; |
1231 | 0 | exif_data_foreach_content (data, content_set_byte_order, &d); |
1232 | 0 | data->priv->order = order; |
1233 | 0 | if (data->priv->md) |
1234 | 0 | exif_mnote_data_set_byte_order (data->priv->md, order); |
1235 | 0 | } |
1236 | | |
1237 | | void |
1238 | | exif_data_log (ExifData *data, ExifLog *log) |
1239 | 9.77k | { |
1240 | 9.77k | unsigned int i; |
1241 | | |
1242 | 9.77k | if (!data || !data->priv) |
1243 | 0 | return; |
1244 | 9.77k | exif_log_unref (data->priv->log); |
1245 | 9.77k | data->priv->log = log; |
1246 | 9.77k | exif_log_ref (log); |
1247 | | |
1248 | 58.6k | for (i = 0; i < EXIF_IFD_COUNT; i++) |
1249 | 48.8k | exif_content_log (data->ifd[i], log); |
1250 | 9.77k | } |
1251 | | |
1252 | | /* Used internally within libexif */ |
1253 | | ExifLog *exif_data_get_log (ExifData *); |
1254 | | ExifLog * |
1255 | | exif_data_get_log (ExifData *data) |
1256 | 37.5k | { |
1257 | 37.5k | if (!data || !data->priv) |
1258 | 0 | return NULL; |
1259 | 37.5k | return data->priv->log; |
1260 | 37.5k | } |
1261 | | |
1262 | | static const struct { |
1263 | | ExifDataOption option; |
1264 | | const char *name; |
1265 | | const char *description; |
1266 | | } exif_data_option[] = { |
1267 | | {EXIF_DATA_OPTION_IGNORE_UNKNOWN_TAGS, N_("Ignore unknown tags"), |
1268 | | N_("Ignore unknown tags when loading EXIF data.")}, |
1269 | | {EXIF_DATA_OPTION_FOLLOW_SPECIFICATION, N_("Follow specification"), |
1270 | | N_("Add, correct and remove entries to get EXIF data that follows " |
1271 | | "the specification.")}, |
1272 | | {EXIF_DATA_OPTION_DONT_CHANGE_MAKER_NOTE, N_("Do not change maker note"), |
1273 | | N_("When loading and resaving Exif data, save the maker note unmodified." |
1274 | | " Be aware that the maker note can get corrupted.")}, |
1275 | | {0, NULL, NULL} |
1276 | | }; |
1277 | | |
1278 | | const char * |
1279 | | exif_data_option_get_name (ExifDataOption o) |
1280 | 0 | { |
1281 | 0 | unsigned int i; |
1282 | |
|
1283 | 0 | for (i = 0; exif_data_option[i].name; i++) |
1284 | 0 | if (exif_data_option[i].option == o) |
1285 | 0 | break; |
1286 | 0 | return _(exif_data_option[i].name); |
1287 | 0 | } |
1288 | | |
1289 | | const char * |
1290 | | exif_data_option_get_description (ExifDataOption o) |
1291 | 0 | { |
1292 | 0 | unsigned int i; |
1293 | |
|
1294 | 0 | for (i = 0; exif_data_option[i].description; i++) |
1295 | 0 | if (exif_data_option[i].option == o) |
1296 | 0 | break; |
1297 | 0 | return _(exif_data_option[i].description); |
1298 | 0 | } |
1299 | | |
1300 | | void |
1301 | | exif_data_set_option (ExifData *d, ExifDataOption o) |
1302 | 40.5k | { |
1303 | 40.5k | if (!d) |
1304 | 0 | return; |
1305 | | |
1306 | 40.5k | d->priv->options |= o; |
1307 | 40.5k | } |
1308 | | |
1309 | | void |
1310 | | exif_data_unset_option (ExifData *d, ExifDataOption o) |
1311 | 0 | { |
1312 | 0 | if (!d) |
1313 | 0 | return; |
1314 | | |
1315 | 0 | d->priv->options &= ~o; |
1316 | 0 | } |
1317 | | |
1318 | | static void |
1319 | | fix_func (ExifContent *c, void *UNUSED(data)) |
1320 | 130k | { |
1321 | 130k | switch (exif_content_get_ifd (c)) { |
1322 | 26.0k | case EXIF_IFD_1: |
1323 | 26.0k | if (c->parent->data) |
1324 | 987 | exif_content_fix (c); |
1325 | 25.0k | else if (c->count) { |
1326 | 1.91k | exif_log (c->parent->priv->log, EXIF_LOG_CODE_DEBUG, "exif-data", |
1327 | 1.91k | "No thumbnail but entries on thumbnail. These entries have been " |
1328 | 1.91k | "removed."); |
1329 | 5.05k | while (c->count) { |
1330 | 3.14k | unsigned int cnt = c->count; |
1331 | 3.14k | exif_content_remove_entry (c, c->entries[c->count - 1]); |
1332 | 3.14k | if (cnt == c->count) { |
1333 | | /* safety net */ |
1334 | 0 | exif_log (c->parent->priv->log, EXIF_LOG_CODE_DEBUG, "exif-data", |
1335 | 0 | "failed to remove last entry from entries."); |
1336 | 0 | c->count--; |
1337 | 0 | } |
1338 | 3.14k | } |
1339 | 1.91k | } |
1340 | 26.0k | break; |
1341 | 104k | default: |
1342 | 104k | exif_content_fix (c); |
1343 | 130k | } |
1344 | 130k | } |
1345 | | |
1346 | | void |
1347 | | exif_data_fix (ExifData *d) |
1348 | 26.0k | { |
1349 | 26.0k | exif_data_foreach_content (d, fix_func, NULL); |
1350 | 26.0k | } |
1351 | | |
1352 | | void |
1353 | | exif_data_set_data_type (ExifData *d, ExifDataType dt) |
1354 | 20.2k | { |
1355 | 20.2k | if (!d || !d->priv) |
1356 | 0 | return; |
1357 | | |
1358 | 20.2k | d->priv->data_type = dt; |
1359 | 20.2k | } |
1360 | | |
1361 | | ExifDataType |
1362 | | exif_data_get_data_type (ExifData *d) |
1363 | 214k | { |
1364 | 214k | return (d && d->priv) ? d->priv->data_type : EXIF_DATA_TYPE_UNKNOWN; |
1365 | 214k | } |