/src/gdal/frmts/gtiff/libtiff/tif_aux.c
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * Copyright (c) 1991-1997 Sam Leffler |
3 | | * Copyright (c) 1991-1997 Silicon Graphics, Inc. |
4 | | * |
5 | | * Permission to use, copy, modify, distribute, and sell this software and |
6 | | * its documentation for any purpose is hereby granted without fee, provided |
7 | | * that (i) the above copyright notices and this permission notice appear in |
8 | | * all copies of the software and related documentation, and (ii) the names of |
9 | | * Sam Leffler and Silicon Graphics may not be used in any advertising or |
10 | | * publicity relating to the software without the specific, prior written |
11 | | * permission of Sam Leffler and Silicon Graphics. |
12 | | * |
13 | | * THE SOFTWARE IS PROVIDED "AS-IS" AND WITHOUT WARRANTY OF ANY KIND, |
14 | | * EXPRESS, IMPLIED OR OTHERWISE, INCLUDING WITHOUT LIMITATION, ANY |
15 | | * WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. |
16 | | * |
17 | | * IN NO EVENT SHALL SAM LEFFLER OR SILICON GRAPHICS BE LIABLE FOR |
18 | | * ANY SPECIAL, INCIDENTAL, INDIRECT OR CONSEQUENTIAL DAMAGES OF ANY KIND, |
19 | | * OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, |
20 | | * WHETHER OR NOT ADVISED OF THE POSSIBILITY OF DAMAGE, AND ON ANY THEORY OF |
21 | | * LIABILITY, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE |
22 | | * OF THIS SOFTWARE. |
23 | | */ |
24 | | |
25 | | /* |
26 | | * TIFF Library. |
27 | | * |
28 | | * Auxiliary Support Routines. |
29 | | */ |
30 | | #include "tif_predict.h" |
31 | | #include "tiffiop.h" |
32 | | #include <float.h> |
33 | | #include <math.h> |
34 | | |
35 | | uint32_t _TIFFMultiply32(TIFF *tif, uint32_t first, uint32_t second, |
36 | | const char *where) |
37 | 0 | { |
38 | 0 | if (second && first > UINT32_MAX / second) |
39 | 0 | { |
40 | 0 | TIFFErrorExtR(tif, where, "Integer overflow in %s", where); |
41 | 0 | return 0; |
42 | 0 | } |
43 | | |
44 | 0 | return first * second; |
45 | 0 | } |
46 | | |
47 | | uint64_t _TIFFMultiply64(TIFF *tif, uint64_t first, uint64_t second, |
48 | | const char *where) |
49 | 0 | { |
50 | 0 | if (second && first > UINT64_MAX / second) |
51 | 0 | { |
52 | 0 | TIFFErrorExtR(tif, where, "Integer overflow in %s", where); |
53 | 0 | return 0; |
54 | 0 | } |
55 | | |
56 | 0 | return first * second; |
57 | 0 | } |
58 | | |
59 | | tmsize_t _TIFFMultiplySSize(TIFF *tif, tmsize_t first, tmsize_t second, |
60 | | const char *where) |
61 | 0 | { |
62 | 0 | if (first <= 0 || second <= 0) |
63 | 0 | { |
64 | 0 | if (tif != NULL && where != NULL) |
65 | 0 | { |
66 | 0 | TIFFErrorExtR(tif, where, |
67 | 0 | "Invalid argument to _TIFFMultiplySSize() in %s", |
68 | 0 | where); |
69 | 0 | } |
70 | 0 | return 0; |
71 | 0 | } |
72 | | |
73 | 0 | if (first > TIFF_TMSIZE_T_MAX / second) |
74 | 0 | { |
75 | 0 | if (tif != NULL && where != NULL) |
76 | 0 | { |
77 | 0 | TIFFErrorExtR(tif, where, "Integer overflow in %s", where); |
78 | 0 | } |
79 | 0 | return 0; |
80 | 0 | } |
81 | 0 | return first * second; |
82 | 0 | } |
83 | | |
84 | | tmsize_t _TIFFCastUInt64ToSSize(TIFF *tif, uint64_t val, const char *module) |
85 | 0 | { |
86 | 0 | if (val > (uint64_t)TIFF_TMSIZE_T_MAX) |
87 | 0 | { |
88 | 0 | if (tif != NULL && module != NULL) |
89 | 0 | { |
90 | 0 | TIFFErrorExtR(tif, module, "Integer overflow"); |
91 | 0 | } |
92 | 0 | return 0; |
93 | 0 | } |
94 | 0 | return (tmsize_t)val; |
95 | 0 | } |
96 | | |
97 | | void *_TIFFCheckRealloc(TIFF *tif, void *buffer, tmsize_t nmemb, |
98 | | tmsize_t elem_size, const char *what) |
99 | 0 | { |
100 | 0 | void *cp = NULL; |
101 | 0 | tmsize_t count = _TIFFMultiplySSize(tif, nmemb, elem_size, NULL); |
102 | | /* |
103 | | * Check for integer overflow. |
104 | | */ |
105 | 0 | if (count != 0) |
106 | 0 | { |
107 | 0 | cp = _TIFFreallocExt(tif, buffer, count); |
108 | 0 | } |
109 | |
|
110 | 0 | if (cp == NULL) |
111 | 0 | { |
112 | 0 | TIFFErrorExtR(tif, tif->tif_name, |
113 | 0 | "Failed to allocate memory for %s " |
114 | 0 | "(%" TIFF_SSIZE_FORMAT " elements of %" TIFF_SSIZE_FORMAT |
115 | 0 | " bytes each)", |
116 | 0 | what, nmemb, elem_size); |
117 | 0 | } |
118 | |
|
119 | 0 | return cp; |
120 | 0 | } |
121 | | |
122 | | void *_TIFFCheckMalloc(TIFF *tif, tmsize_t nmemb, tmsize_t elem_size, |
123 | | const char *what) |
124 | 0 | { |
125 | 0 | return _TIFFCheckRealloc(tif, NULL, nmemb, elem_size, what); |
126 | 0 | } |
127 | | |
128 | | static int TIFFDefaultTransferFunction(TIFF *tif, TIFFDirectory *td) |
129 | 0 | { |
130 | 0 | uint16_t **tf = td->td_transferfunction; |
131 | 0 | tmsize_t i, n, nbytes; |
132 | |
|
133 | 0 | tf[0] = tf[1] = tf[2] = 0; |
134 | | // Do not try to generate a default TransferFunction beyond 24 bits. |
135 | | // This otherwise leads to insane amounts, resulting in denial of service |
136 | | // See https://github.com/OSGeo/gdal/issues/10875 |
137 | 0 | if (td->td_bitspersample > 24) |
138 | 0 | return 0; |
139 | | |
140 | 0 | n = ((tmsize_t)1) << td->td_bitspersample; |
141 | 0 | nbytes = n * sizeof(uint16_t); |
142 | 0 | tf[0] = (uint16_t *)_TIFFmallocExt(tif, nbytes); |
143 | 0 | if (tf[0] == NULL) |
144 | 0 | return 0; |
145 | 0 | tf[0][0] = 0; |
146 | 0 | for (i = 1; i < n; i++) |
147 | 0 | { |
148 | 0 | double t = (double)i / ((double)n - 1.); |
149 | 0 | tf[0][i] = (uint16_t)floor(65535. * pow(t, 2.2) + .5); |
150 | 0 | } |
151 | |
|
152 | 0 | if (td->td_samplesperpixel - td->td_extrasamples > 1) |
153 | 0 | { |
154 | 0 | tf[1] = (uint16_t *)_TIFFmallocExt(tif, nbytes); |
155 | 0 | if (tf[1] == NULL) |
156 | 0 | goto bad; |
157 | 0 | _TIFFmemcpy(tf[1], tf[0], nbytes); |
158 | 0 | tf[2] = (uint16_t *)_TIFFmallocExt(tif, nbytes); |
159 | 0 | if (tf[2] == NULL) |
160 | 0 | goto bad; |
161 | 0 | _TIFFmemcpy(tf[2], tf[0], nbytes); |
162 | 0 | } |
163 | 0 | return 1; |
164 | | |
165 | 0 | bad: |
166 | 0 | if (tf[0]) |
167 | 0 | _TIFFfreeExt(tif, tf[0]); |
168 | 0 | if (tf[1]) |
169 | 0 | _TIFFfreeExt(tif, tf[1]); |
170 | 0 | if (tf[2]) |
171 | 0 | _TIFFfreeExt(tif, tf[2]); |
172 | 0 | tf[0] = tf[1] = tf[2] = 0; |
173 | 0 | return 0; |
174 | 0 | } |
175 | | |
176 | | static int TIFFDefaultRefBlackWhite(TIFF *tif, TIFFDirectory *td) |
177 | 0 | { |
178 | 0 | int i; |
179 | |
|
180 | 0 | td->td_refblackwhite = (float *)_TIFFmallocExt(tif, 6 * sizeof(float)); |
181 | 0 | if (td->td_refblackwhite == NULL) |
182 | 0 | return 0; |
183 | 0 | if (td->td_photometric == PHOTOMETRIC_YCBCR) |
184 | 0 | { |
185 | | /* |
186 | | * YCbCr (Class Y) images must have the ReferenceBlackWhite |
187 | | * tag set. Fix the broken images, which lacks that tag. |
188 | | */ |
189 | 0 | td->td_refblackwhite[0] = 0.0F; |
190 | 0 | td->td_refblackwhite[1] = td->td_refblackwhite[3] = |
191 | 0 | td->td_refblackwhite[5] = 255.0F; |
192 | 0 | td->td_refblackwhite[2] = td->td_refblackwhite[4] = 128.0F; |
193 | 0 | } |
194 | 0 | else |
195 | 0 | { |
196 | | /* |
197 | | * Assume RGB (Class R) |
198 | | */ |
199 | 0 | for (i = 0; i < 3; i++) |
200 | 0 | { |
201 | 0 | td->td_refblackwhite[2 * i + 0] = 0; |
202 | 0 | td->td_refblackwhite[2 * i + 1] = |
203 | 0 | (float)((1L << td->td_bitspersample) - 1L); |
204 | 0 | } |
205 | 0 | } |
206 | 0 | return 1; |
207 | 0 | } |
208 | | |
209 | | /* |
210 | | * Like TIFFGetField, but return any default |
211 | | * value if the tag is not present in the directory. |
212 | | * |
213 | | * NB: We use the value in the directory, rather than |
214 | | * explicit values so that defaults exist only one |
215 | | * place in the library -- in TIFFDefaultDirectory. |
216 | | */ |
217 | | int TIFFVGetFieldDefaulted(TIFF *tif, uint32_t tag, va_list ap) |
218 | 0 | { |
219 | 0 | TIFFDirectory *td = &tif->tif_dir; |
220 | |
|
221 | 0 | if (TIFFVGetField(tif, tag, ap)) |
222 | 0 | return (1); |
223 | 0 | switch (tag) |
224 | 0 | { |
225 | 0 | case TIFFTAG_SUBFILETYPE: |
226 | 0 | *va_arg(ap, uint32_t *) = td->td_subfiletype; |
227 | 0 | return (1); |
228 | 0 | case TIFFTAG_BITSPERSAMPLE: |
229 | 0 | *va_arg(ap, uint16_t *) = td->td_bitspersample; |
230 | 0 | return (1); |
231 | 0 | case TIFFTAG_THRESHHOLDING: |
232 | 0 | *va_arg(ap, uint16_t *) = td->td_threshholding; |
233 | 0 | return (1); |
234 | 0 | case TIFFTAG_FILLORDER: |
235 | 0 | *va_arg(ap, uint16_t *) = td->td_fillorder; |
236 | 0 | return (1); |
237 | 0 | case TIFFTAG_ORIENTATION: |
238 | 0 | *va_arg(ap, uint16_t *) = td->td_orientation; |
239 | 0 | return (1); |
240 | 0 | case TIFFTAG_SAMPLESPERPIXEL: |
241 | 0 | *va_arg(ap, uint16_t *) = td->td_samplesperpixel; |
242 | 0 | return (1); |
243 | 0 | case TIFFTAG_ROWSPERSTRIP: |
244 | 0 | *va_arg(ap, uint32_t *) = td->td_rowsperstrip; |
245 | 0 | return (1); |
246 | 0 | case TIFFTAG_MINSAMPLEVALUE: |
247 | 0 | *va_arg(ap, uint16_t *) = td->td_minsamplevalue; |
248 | 0 | return (1); |
249 | 0 | case TIFFTAG_MAXSAMPLEVALUE: |
250 | 0 | { |
251 | 0 | uint16_t maxsamplevalue; |
252 | | /* td_bitspersample=1 is always set in TIFFDefaultDirectory(). |
253 | | * Therefore, td_maxsamplevalue has to be re-calculated in |
254 | | * TIFFGetFieldDefaulted(). */ |
255 | 0 | if (td->td_bitspersample > 0) |
256 | 0 | { |
257 | | /* This shift operation into a uint16_t limits the value to |
258 | | * 65535 even if td_bitspersamle is > 16 */ |
259 | 0 | if (td->td_bitspersample <= 16) |
260 | 0 | { |
261 | 0 | maxsamplevalue = (1 << td->td_bitspersample) - |
262 | 0 | 1; /* 2**(BitsPerSample) - 1 */ |
263 | 0 | } |
264 | 0 | else |
265 | 0 | { |
266 | 0 | maxsamplevalue = 65535; |
267 | 0 | } |
268 | 0 | } |
269 | 0 | else |
270 | 0 | { |
271 | 0 | maxsamplevalue = 0; |
272 | 0 | } |
273 | 0 | *va_arg(ap, uint16_t *) = maxsamplevalue; |
274 | 0 | return (1); |
275 | 0 | } |
276 | 0 | case TIFFTAG_PLANARCONFIG: |
277 | 0 | *va_arg(ap, uint16_t *) = td->td_planarconfig; |
278 | 0 | return (1); |
279 | 0 | case TIFFTAG_RESOLUTIONUNIT: |
280 | 0 | *va_arg(ap, uint16_t *) = td->td_resolutionunit; |
281 | 0 | return (1); |
282 | 0 | case TIFFTAG_PREDICTOR: |
283 | 0 | { |
284 | 0 | TIFFPredictorState *sp = (TIFFPredictorState *)tif->tif_data; |
285 | 0 | if (sp == NULL) |
286 | 0 | { |
287 | 0 | TIFFErrorExtR( |
288 | 0 | tif, tif->tif_name, |
289 | 0 | "Cannot get \"Predictor\" tag as plugin is not configured"); |
290 | 0 | *va_arg(ap, uint16_t *) = 0; |
291 | 0 | return 0; |
292 | 0 | } |
293 | 0 | *va_arg(ap, uint16_t *) = (uint16_t)sp->predictor; |
294 | 0 | return 1; |
295 | 0 | } |
296 | 0 | case TIFFTAG_DOTRANGE: |
297 | 0 | *va_arg(ap, uint16_t *) = 0; |
298 | 0 | *va_arg(ap, uint16_t *) = (1 << td->td_bitspersample) - 1; |
299 | 0 | return (1); |
300 | 0 | case TIFFTAG_INKSET: |
301 | 0 | *va_arg(ap, uint16_t *) = INKSET_CMYK; |
302 | 0 | return 1; |
303 | 0 | case TIFFTAG_NUMBEROFINKS: |
304 | 0 | *va_arg(ap, uint16_t *) = 4; |
305 | 0 | return (1); |
306 | 0 | case TIFFTAG_EXTRASAMPLES: |
307 | 0 | *va_arg(ap, uint16_t *) = td->td_extrasamples; |
308 | 0 | *va_arg(ap, const uint16_t **) = td->td_sampleinfo; |
309 | 0 | return (1); |
310 | 0 | case TIFFTAG_MATTEING: |
311 | 0 | *va_arg(ap, uint16_t *) = |
312 | 0 | (td->td_extrasamples == 1 && |
313 | 0 | td->td_sampleinfo[0] == EXTRASAMPLE_ASSOCALPHA); |
314 | 0 | return (1); |
315 | 0 | case TIFFTAG_TILEDEPTH: |
316 | 0 | *va_arg(ap, uint32_t *) = td->td_tiledepth; |
317 | 0 | return (1); |
318 | 0 | case TIFFTAG_DATATYPE: |
319 | 0 | *va_arg(ap, uint16_t *) = td->td_sampleformat - 1; |
320 | 0 | return (1); |
321 | 0 | case TIFFTAG_SAMPLEFORMAT: |
322 | 0 | *va_arg(ap, uint16_t *) = td->td_sampleformat; |
323 | 0 | return (1); |
324 | 0 | case TIFFTAG_IMAGEDEPTH: |
325 | 0 | *va_arg(ap, uint32_t *) = td->td_imagedepth; |
326 | 0 | return (1); |
327 | 0 | case TIFFTAG_YCBCRCOEFFICIENTS: |
328 | 0 | { |
329 | | /* defaults are from CCIR Recommendation 601-1 */ |
330 | 0 | static const float ycbcrcoeffs[] = {0.299f, 0.587f, 0.114f}; |
331 | 0 | *va_arg(ap, const float **) = ycbcrcoeffs; |
332 | 0 | return 1; |
333 | 0 | } |
334 | 0 | case TIFFTAG_YCBCRSUBSAMPLING: |
335 | 0 | *va_arg(ap, uint16_t *) = td->td_ycbcrsubsampling[0]; |
336 | 0 | *va_arg(ap, uint16_t *) = td->td_ycbcrsubsampling[1]; |
337 | 0 | return (1); |
338 | 0 | case TIFFTAG_YCBCRPOSITIONING: |
339 | 0 | *va_arg(ap, uint16_t *) = td->td_ycbcrpositioning; |
340 | 0 | return (1); |
341 | 0 | case TIFFTAG_WHITEPOINT: |
342 | 0 | { |
343 | | /* TIFF 6.0 specification tells that it is no default |
344 | | value for the WhitePoint, but AdobePhotoshop TIFF |
345 | | Technical Note tells that it should be CIE D50. */ |
346 | 0 | static const float whitepoint[] = { |
347 | 0 | D50_X0 / (D50_X0 + D50_Y0 + D50_Z0), |
348 | 0 | D50_Y0 / (D50_X0 + D50_Y0 + D50_Z0)}; |
349 | 0 | *va_arg(ap, const float **) = whitepoint; |
350 | 0 | return 1; |
351 | 0 | } |
352 | 0 | case TIFFTAG_TRANSFERFUNCTION: |
353 | 0 | if (!td->td_transferfunction[0] && |
354 | 0 | !TIFFDefaultTransferFunction(tif, td)) |
355 | 0 | { |
356 | 0 | TIFFErrorExtR(tif, tif->tif_name, |
357 | 0 | "No space for \"TransferFunction\" tag"); |
358 | 0 | return (0); |
359 | 0 | } |
360 | 0 | *va_arg(ap, const uint16_t **) = td->td_transferfunction[0]; |
361 | 0 | if (td->td_samplesperpixel - td->td_extrasamples > 1) |
362 | 0 | { |
363 | 0 | *va_arg(ap, const uint16_t **) = td->td_transferfunction[1]; |
364 | 0 | *va_arg(ap, const uint16_t **) = td->td_transferfunction[2]; |
365 | 0 | } |
366 | 0 | return (1); |
367 | 0 | case TIFFTAG_REFERENCEBLACKWHITE: |
368 | 0 | if (!td->td_refblackwhite && !TIFFDefaultRefBlackWhite(tif, td)) |
369 | 0 | return (0); |
370 | 0 | *va_arg(ap, const float **) = td->td_refblackwhite; |
371 | 0 | return (1); |
372 | 0 | } |
373 | 0 | return 0; |
374 | 0 | } |
375 | | |
376 | | /* |
377 | | * Like TIFFGetField, but return any default |
378 | | * value if the tag is not present in the directory. |
379 | | */ |
380 | | int TIFFGetFieldDefaulted(TIFF *tif, uint32_t tag, ...) |
381 | 0 | { |
382 | 0 | int ok; |
383 | 0 | va_list ap; |
384 | |
|
385 | 0 | va_start(ap, tag); |
386 | 0 | ok = TIFFVGetFieldDefaulted(tif, tag, ap); |
387 | 0 | va_end(ap); |
388 | 0 | return (ok); |
389 | 0 | } |
390 | | |
391 | | float _TIFFClampDoubleToFloat(double val) |
392 | 0 | { |
393 | 0 | if (val > FLT_MAX) |
394 | 0 | return FLT_MAX; |
395 | 0 | if (val < -FLT_MAX) |
396 | 0 | return -FLT_MAX; |
397 | 0 | return (float)val; |
398 | 0 | } |
399 | | |
400 | | uint32_t _TIFFClampDoubleToUInt32(double val) |
401 | 0 | { |
402 | 0 | if (val < 0) |
403 | 0 | return 0; |
404 | 0 | if (val > 0xFFFFFFFFU || val != val) |
405 | 0 | return 0xFFFFFFFFU; |
406 | 0 | return (uint32_t)val; |
407 | 0 | } |
408 | | |
409 | | int _TIFFSeekOK(TIFF *tif, toff_t off) |
410 | 0 | { |
411 | | /* Huge offsets, especially -1 / UINT64_MAX, can cause issues */ |
412 | | /* See http://bugzilla.maptools.org/show_bug.cgi?id=2726 */ |
413 | 0 | return off <= (~(uint64_t)0) / 2 && TIFFSeekFile(tif, off, SEEK_SET) == off; |
414 | 0 | } |