Coverage Report

Created: 2025-06-13 06:43

/src/php-src/ext/standard/image.c
Line
Count
Source (jump to first uncovered line)
1
/*
2
   +----------------------------------------------------------------------+
3
   | Copyright (c) The PHP Group                                          |
4
   +----------------------------------------------------------------------+
5
   | This source file is subject to version 3.01 of the PHP license,      |
6
   | that is bundled with this package in the file LICENSE, and is        |
7
   | available through the world-wide-web at the following url:           |
8
   | https://www.php.net/license/3_01.txt                                 |
9
   | If you did not receive a copy of the PHP license and are unable to   |
10
   | obtain it through the world-wide-web, please send a note to          |
11
   | license@php.net so we can mail you a copy immediately.               |
12
   +----------------------------------------------------------------------+
13
   | Authors: Rasmus Lerdorf <rasmus@php.net>                             |
14
   |          Marcus Boerger <helly@php.net>                              |
15
   +----------------------------------------------------------------------+
16
 */
17
18
#include "php.h"
19
#include <stdio.h>
20
#ifdef HAVE_FCNTL_H
21
#include <fcntl.h>
22
#endif
23
#include "fopen_wrappers.h"
24
#include "ext/standard/fsock.h"
25
#include "libavifinfo/avifinfo.h"
26
#ifdef HAVE_UNISTD_H
27
#include <unistd.h>
28
#endif
29
#include "php_image.h"
30
31
#if defined(HAVE_ZLIB) && !defined(COMPILE_DL_ZLIB)
32
#include "zlib.h"
33
#endif
34
35
/* file type markers */
36
PHPAPI const char php_sig_gif[3] = {'G', 'I', 'F'};
37
PHPAPI const char php_sig_psd[4] = {'8', 'B', 'P', 'S'};
38
PHPAPI const char php_sig_bmp[2] = {'B', 'M'};
39
PHPAPI const char php_sig_swf[3] = {'F', 'W', 'S'};
40
PHPAPI const char php_sig_swc[3] = {'C', 'W', 'S'};
41
PHPAPI const char php_sig_jpg[3] = {(char) 0xff, (char) 0xd8, (char) 0xff};
42
PHPAPI const char php_sig_png[8] = {(char) 0x89, (char) 0x50, (char) 0x4e, (char) 0x47,
43
                                    (char) 0x0d, (char) 0x0a, (char) 0x1a, (char) 0x0a};
44
PHPAPI const char php_sig_tif_ii[4] = {'I','I', (char)0x2A, (char)0x00};
45
PHPAPI const char php_sig_tif_mm[4] = {'M','M', (char)0x00, (char)0x2A};
46
PHPAPI const char php_sig_jpc[3]  = {(char)0xff, (char)0x4f, (char)0xff};
47
PHPAPI const char php_sig_jp2[12] = {(char)0x00, (char)0x00, (char)0x00, (char)0x0c,
48
                                     (char)0x6a, (char)0x50, (char)0x20, (char)0x20,
49
                                     (char)0x0d, (char)0x0a, (char)0x87, (char)0x0a};
50
PHPAPI const char php_sig_iff[4] = {'F','O','R','M'};
51
PHPAPI const char php_sig_ico[4] = {(char)0x00, (char)0x00, (char)0x01, (char)0x00};
52
PHPAPI const char php_sig_riff[4] = {'R', 'I', 'F', 'F'};
53
PHPAPI const char php_sig_webp[4] = {'W', 'E', 'B', 'P'};
54
55
/* REMEMBER TO ADD MIME-TYPE TO FUNCTION php_image_type_to_mime_type */
56
/* PCX must check first 64bytes and byte 0=0x0a and byte2 < 0x06 */
57
58
/* return info as a struct, to make expansion easier */
59
60
struct gfxinfo {
61
  unsigned int width;
62
  unsigned int height;
63
  unsigned int bits;
64
  unsigned int channels;
65
};
66
67
/* {{{ php_handle_gif
68
 * routine to handle GIF files. If only everything were that easy... ;} */
69
static struct gfxinfo *php_handle_gif (php_stream * stream)
70
0
{
71
0
  struct gfxinfo *result = NULL;
72
0
  unsigned char dim[5];
73
74
0
  if (php_stream_seek(stream, 3, SEEK_CUR))
75
0
    return NULL;
76
77
0
  if (php_stream_read(stream, (char*)dim, sizeof(dim)) != sizeof(dim))
78
0
    return NULL;
79
80
0
  result = (struct gfxinfo *) ecalloc(1, sizeof(struct gfxinfo));
81
0
  result->width    = (unsigned int)dim[0] | (((unsigned int)dim[1])<<8);
82
0
  result->height   = (unsigned int)dim[2] | (((unsigned int)dim[3])<<8);
83
0
  result->bits     = dim[4]&0x80 ? ((((unsigned int)dim[4])&0x07) + 1) : 0;
84
0
  result->channels = 3; /* always */
85
86
0
  return result;
87
0
}
88
/* }}} */
89
90
/* {{{ php_handle_psd */
91
static struct gfxinfo *php_handle_psd (php_stream * stream)
92
0
{
93
0
  struct gfxinfo *result = NULL;
94
0
  unsigned char dim[8];
95
96
0
  if (php_stream_seek(stream, 11, SEEK_CUR))
97
0
    return NULL;
98
99
0
  if (php_stream_read(stream, (char*)dim, sizeof(dim)) != sizeof(dim))
100
0
    return NULL;
101
102
0
  result = (struct gfxinfo *) ecalloc(1, sizeof(struct gfxinfo));
103
0
  result->height   =  (((unsigned int)dim[0]) << 24) + (((unsigned int)dim[1]) << 16) + (((unsigned int)dim[2]) << 8) + ((unsigned int)dim[3]);
104
0
  result->width    =  (((unsigned int)dim[4]) << 24) + (((unsigned int)dim[5]) << 16) + (((unsigned int)dim[6]) << 8) + ((unsigned int)dim[7]);
105
106
0
  return result;
107
0
}
108
/* }}} */
109
110
/* {{{ php_handle_bmp */
111
static struct gfxinfo *php_handle_bmp (php_stream * stream)
112
0
{
113
0
  struct gfxinfo *result = NULL;
114
0
  unsigned char dim[16];
115
0
  int size;
116
117
0
  if (php_stream_seek(stream, 11, SEEK_CUR))
118
0
    return NULL;
119
120
0
  if (php_stream_read(stream, (char*)dim, sizeof(dim)) != sizeof(dim))
121
0
    return NULL;
122
123
0
  size   = (((unsigned int)dim[ 3]) << 24) + (((unsigned int)dim[ 2]) << 16) + (((unsigned int)dim[ 1]) << 8) + ((unsigned int) dim[ 0]);
124
0
  if (size == 12) {
125
0
    result = (struct gfxinfo *) ecalloc (1, sizeof(struct gfxinfo));
126
0
    result->width    =  (((unsigned int)dim[ 5]) << 8) + ((unsigned int) dim[ 4]);
127
0
    result->height   =  (((unsigned int)dim[ 7]) << 8) + ((unsigned int) dim[ 6]);
128
0
    result->bits     =  ((unsigned int)dim[11]);
129
0
  } else if (size > 12 && (size <= 64 || size == 108 || size == 124)) {
130
0
    result = (struct gfxinfo *) ecalloc (1, sizeof(struct gfxinfo));
131
0
    result->width    =  (((unsigned int)dim[ 7]) << 24) + (((unsigned int)dim[ 6]) << 16) + (((unsigned int)dim[ 5]) << 8) + ((unsigned int) dim[ 4]);
132
0
    result->height   =  (((unsigned int)dim[11]) << 24) + (((unsigned int)dim[10]) << 16) + (((unsigned int)dim[ 9]) << 8) + ((unsigned int) dim[ 8]);
133
0
    result->height   =  abs((int32_t)result->height);
134
0
    result->bits     =  (((unsigned int)dim[15]) <<  8) +  ((unsigned int)dim[14]);
135
0
  } else {
136
0
    return NULL;
137
0
  }
138
139
0
  return result;
140
0
}
141
/* }}} */
142
143
/* {{{ php_swf_get_bits
144
 * routines to handle SWF files. */
145
static unsigned long int php_swf_get_bits (unsigned char* buffer, unsigned int pos, unsigned int count)
146
0
{
147
0
  unsigned int loop;
148
0
  unsigned long int result = 0;
149
150
0
  for (loop = pos; loop < pos + count; loop++)
151
0
  {
152
0
    result = result +
153
0
      ((((buffer[loop / 8]) >> (7 - (loop % 8))) & 0x01) << (count - (loop - pos) - 1));
154
0
  }
155
0
  return result;
156
0
}
157
/* }}} */
158
159
#if defined(HAVE_ZLIB) && !defined(COMPILE_DL_ZLIB)
160
/* {{{ php_handle_swc */
161
static struct gfxinfo *php_handle_swc(php_stream * stream)
162
{
163
  struct gfxinfo *result = NULL;
164
165
  long bits;
166
  unsigned char a[64];
167
  unsigned long len=64, szlength;
168
  int factor = 1,maxfactor = 1 << 15;
169
  int status = 0;
170
  unsigned char *b, *buf = NULL;
171
  zend_string *bufz;
172
173
  if (php_stream_seek(stream, 5, SEEK_CUR)) {
174
    return NULL;
175
  }
176
177
  if (php_stream_read(stream, (char *) a, sizeof(a)) != sizeof(a)) {
178
    return NULL;
179
  }
180
181
  b = ecalloc(1, len + 1);
182
183
  if (uncompress(b, &len, a, sizeof(a)) != Z_OK) {
184
    /* failed to decompress the file, will try reading the rest of the file */
185
    if (php_stream_seek(stream, 8, SEEK_SET)) {
186
      efree(b);
187
      return NULL;
188
    }
189
190
    bufz = php_stream_copy_to_mem(stream, PHP_STREAM_COPY_ALL, 0);
191
192
    if (!bufz) {
193
      efree(b);
194
      return NULL;
195
    }
196
197
    /*
198
     * zlib::uncompress() wants to know the output data length
199
     * if none was given as a parameter
200
     * we try from input length * 2 up to input length * 2^15
201
     * doubling it whenever it wasn't big enough
202
     * that should be enough for all real life cases
203
    */
204
205
    do {
206
      factor <<= 1;
207
      if (ZSTR_LEN(bufz) > ULONG_MAX / factor) {
208
        status = Z_MEM_ERROR;
209
        break;
210
      }
211
      szlength = (unsigned long) (ZSTR_LEN(bufz) * factor);
212
      buf = erealloc(buf, szlength);
213
      status = uncompress(buf, &szlength, (unsigned char *) ZSTR_VAL(bufz), (unsigned long) ZSTR_LEN(bufz));
214
    } while ((status==Z_BUF_ERROR)&&(factor<maxfactor));
215
216
    if (bufz) {
217
      zend_string_release_ex(bufz, 0);
218
    }
219
220
    if (status == Z_OK) {
221
       memcpy(b, buf, len);
222
    }
223
224
    if (buf) {
225
      efree(buf);
226
    }
227
  }
228
229
  if (!status) {
230
    result = (struct gfxinfo *) ecalloc (1, sizeof (struct gfxinfo));
231
    bits = php_swf_get_bits (b, 0, 5);
232
    result->width = (php_swf_get_bits (b, 5 + bits, bits) -
233
      php_swf_get_bits (b, 5, bits)) / 20;
234
    result->height = (php_swf_get_bits (b, 5 + (3 * bits), bits) -
235
      php_swf_get_bits (b, 5 + (2 * bits), bits)) / 20;
236
  } else {
237
    result = NULL;
238
  }
239
240
  efree (b);
241
  return result;
242
}
243
/* }}} */
244
#endif
245
246
/* {{{ php_handle_swf */
247
static struct gfxinfo *php_handle_swf (php_stream * stream)
248
0
{
249
0
  struct gfxinfo *result = NULL;
250
0
  long bits;
251
0
  unsigned char a[32];
252
253
0
  if (php_stream_seek(stream, 5, SEEK_CUR))
254
0
    return NULL;
255
256
0
  if (php_stream_read(stream, (char*)a, sizeof(a)) != sizeof(a))
257
0
    return NULL;
258
259
0
  result = (struct gfxinfo *) ecalloc (1, sizeof (struct gfxinfo));
260
0
  bits = php_swf_get_bits (a, 0, 5);
261
0
  result->width = (php_swf_get_bits (a, 5 + bits, bits) -
262
0
    php_swf_get_bits (a, 5, bits)) / 20;
263
0
  result->height = (php_swf_get_bits (a, 5 + (3 * bits), bits) -
264
0
    php_swf_get_bits (a, 5 + (2 * bits), bits)) / 20;
265
0
  result->bits     = 0;
266
0
  result->channels = 0;
267
0
  return result;
268
0
}
269
/* }}} */
270
271
/* {{{ php_handle_png
272
 * routine to handle PNG files */
273
static struct gfxinfo *php_handle_png (php_stream * stream)
274
0
{
275
0
  struct gfxinfo *result = NULL;
276
0
  unsigned char dim[9];
277
/* Width:              4 bytes
278
 * Height:             4 bytes
279
 * Bit depth:          1 byte
280
 * Color type:         1 byte
281
 * Compression method: 1 byte
282
 * Filter method:      1 byte
283
 * Interlace method:   1 byte
284
 */
285
286
0
  if (php_stream_seek(stream, 8, SEEK_CUR))
287
0
    return NULL;
288
289
0
  if((php_stream_read(stream, (char*)dim, sizeof(dim))) < sizeof(dim))
290
0
    return NULL;
291
292
0
  result = (struct gfxinfo *) ecalloc(1, sizeof(struct gfxinfo));
293
0
  result->width  = (((unsigned int)dim[0]) << 24) + (((unsigned int)dim[1]) << 16) + (((unsigned int)dim[2]) << 8) + ((unsigned int)dim[3]);
294
0
  result->height = (((unsigned int)dim[4]) << 24) + (((unsigned int)dim[5]) << 16) + (((unsigned int)dim[6]) << 8) + ((unsigned int)dim[7]);
295
0
  result->bits   = (unsigned int)dim[8];
296
0
  return result;
297
0
}
298
/* }}} */
299
300
/* routines to handle JPEG data */
301
302
/* some defines for the different JPEG block types */
303
0
#define M_SOF0  0xC0      /* Start Of Frame N */
304
0
#define M_SOF1  0xC1      /* N indicates which compression process */
305
0
#define M_SOF2  0xC2      /* Only SOF0-SOF2 are now in common use */
306
0
#define M_SOF3  0xC3
307
0
#define M_SOF5  0xC5      /* NB: codes C4 and CC are NOT SOF markers */
308
0
#define M_SOF6  0xC6
309
0
#define M_SOF7  0xC7
310
0
#define M_SOF9  0xC9
311
0
#define M_SOF10 0xCA
312
0
#define M_SOF11 0xCB
313
0
#define M_SOF13 0xCD
314
0
#define M_SOF14 0xCE
315
0
#define M_SOF15 0xCF
316
#define M_SOI   0xD8
317
0
#define M_EOI   0xD9      /* End Of Image (end of datastream) */
318
0
#define M_SOS   0xDA      /* Start Of Scan (begins compressed data) */
319
0
#define M_APP0  0xe0
320
0
#define M_APP1  0xe1
321
0
#define M_APP2  0xe2
322
0
#define M_APP3  0xe3
323
0
#define M_APP4  0xe4
324
0
#define M_APP5  0xe5
325
0
#define M_APP6  0xe6
326
0
#define M_APP7  0xe7
327
0
#define M_APP8  0xe8
328
0
#define M_APP9  0xe9
329
0
#define M_APP10 0xea
330
0
#define M_APP11 0xeb
331
0
#define M_APP12 0xec
332
0
#define M_APP13 0xed
333
0
#define M_APP14 0xee
334
0
#define M_APP15 0xef
335
#define M_COM   0xFE            /* COMment                                  */
336
337
0
#define M_PSEUDO 0xFFD8      /* pseudo marker for start of image(byte 0) */
338
339
/* {{{ php_read2 */
340
static unsigned short php_read2(php_stream * stream)
341
0
{
342
0
  unsigned char a[2];
343
344
  /* return 0 if we couldn't read enough data */
345
0
  if((php_stream_read(stream, (char *) a, sizeof(a))) < sizeof(a)) return 0;
346
347
0
  return (((unsigned short)a[0]) << 8) + ((unsigned short)a[1]);
348
0
}
349
/* }}} */
350
351
/* {{{ php_next_marker
352
 * get next marker byte from file */
353
static unsigned int php_next_marker(php_stream * stream, int last_marker, int ff_read)
354
0
{
355
0
  int a=0, marker;
356
357
  /* get marker byte, swallowing possible padding                           */
358
0
  if (!ff_read) {
359
0
    size_t extraneous = 0;
360
361
0
    while ((marker = php_stream_getc(stream)) != 0xff) {
362
0
      if (marker == EOF) {
363
0
        return M_EOI;/* we hit EOF */
364
0
  }
365
0
      extraneous++;
366
0
  }
367
0
    if (extraneous) {
368
0
      php_error_docref(NULL, E_WARNING, "Corrupt JPEG data: %zu extraneous bytes before marker", extraneous);
369
0
    }
370
0
  }
371
0
  a = 1;
372
0
  do {
373
0
    if ((marker = php_stream_getc(stream)) == EOF)
374
0
    {
375
0
      return M_EOI;/* we hit EOF */
376
0
    }
377
0
    a++;
378
0
  } while (marker == 0xff);
379
0
  if (a < 2)
380
0
  {
381
0
    return M_EOI; /* at least one 0xff is needed before marker code */
382
0
  }
383
0
  return (unsigned int)marker;
384
0
}
385
/* }}} */
386
387
/* {{{ php_skip_variable
388
 * skip over a variable-length block; assumes proper length marker */
389
static int php_skip_variable(php_stream * stream)
390
0
{
391
0
  zend_off_t length = ((unsigned int)php_read2(stream));
392
393
0
  if (length < 2) {
394
0
    return 0;
395
0
  }
396
0
  length = length - 2;
397
0
  php_stream_seek(stream, (zend_long)length, SEEK_CUR);
398
0
  return 1;
399
0
}
400
/* }}} */
401
402
static size_t php_read_stream_all_chunks(php_stream *stream, char *buffer, size_t length)
403
0
{
404
0
  size_t read_total = 0;
405
0
  do {
406
0
    ssize_t read_now = php_stream_read(stream, buffer, length - read_total);
407
0
    read_total += read_now;
408
0
    if (read_now < stream->chunk_size && read_total != length) {
409
0
      return 0;
410
0
    }
411
0
  } while (read_total < length);
412
413
0
  return read_total;
414
0
}
415
416
/* {{{ php_read_APP */
417
static int php_read_APP(php_stream * stream, unsigned int marker, zval *info)
418
0
{
419
0
  size_t length;
420
0
  char *buffer;
421
0
  char markername[16];
422
0
  zval *tmp;
423
424
0
  length = php_read2(stream);
425
0
  if (length < 2) {
426
0
    return 0;
427
0
  }
428
0
  length -= 2;        /* length includes itself */
429
430
0
  buffer = emalloc(length);
431
432
0
  if (php_read_stream_all_chunks(stream, buffer, length) != length) {
433
0
    efree(buffer);
434
0
    return 0;
435
0
  }
436
437
0
  snprintf(markername, sizeof(markername), "APP%d", marker - M_APP0);
438
439
0
  if ((tmp = zend_hash_str_find(Z_ARRVAL_P(info), markername, strlen(markername))) == NULL) {
440
    /* XXX we only catch the 1st tag of it's kind! */
441
0
    add_assoc_stringl(info, markername, buffer, length);
442
0
  }
443
444
0
  efree(buffer);
445
0
  return 1;
446
0
}
447
/* }}} */
448
449
/* {{{ php_handle_jpeg
450
   main loop to parse JPEG structure */
451
static struct gfxinfo *php_handle_jpeg (php_stream * stream, zval *info)
452
0
{
453
0
  struct gfxinfo *result = NULL;
454
0
  unsigned int marker = M_PSEUDO;
455
0
  unsigned short length, ff_read=1;
456
457
0
  for (;;) {
458
0
    marker = php_next_marker(stream, marker, ff_read);
459
0
    ff_read = 0;
460
0
    switch (marker) {
461
0
      case M_SOF0:
462
0
      case M_SOF1:
463
0
      case M_SOF2:
464
0
      case M_SOF3:
465
0
      case M_SOF5:
466
0
      case M_SOF6:
467
0
      case M_SOF7:
468
0
      case M_SOF9:
469
0
      case M_SOF10:
470
0
      case M_SOF11:
471
0
      case M_SOF13:
472
0
      case M_SOF14:
473
0
      case M_SOF15:
474
0
        if (result == NULL) {
475
          /* handle SOFn block */
476
0
          result = (struct gfxinfo *) ecalloc(1, sizeof(struct gfxinfo));
477
0
          length = php_read2(stream);
478
0
          result->bits     = php_stream_getc(stream);
479
0
          result->height   = php_read2(stream);
480
0
          result->width    = php_read2(stream);
481
0
          result->channels = php_stream_getc(stream);
482
0
          if (!info || length < 8) { /* if we don't want an extanded info -> return */
483
0
            return result;
484
0
          }
485
0
          if (php_stream_seek(stream, length - 8, SEEK_CUR)) { /* file error after info */
486
0
            return result;
487
0
          }
488
0
        } else {
489
0
          if (!php_skip_variable(stream)) {
490
0
            return result;
491
0
          }
492
0
        }
493
0
        break;
494
495
0
      case M_APP0:
496
0
      case M_APP1:
497
0
      case M_APP2:
498
0
      case M_APP3:
499
0
      case M_APP4:
500
0
      case M_APP5:
501
0
      case M_APP6:
502
0
      case M_APP7:
503
0
      case M_APP8:
504
0
      case M_APP9:
505
0
      case M_APP10:
506
0
      case M_APP11:
507
0
      case M_APP12:
508
0
      case M_APP13:
509
0
      case M_APP14:
510
0
      case M_APP15:
511
0
        if (info) {
512
0
          if (!php_read_APP(stream, marker, info)) { /* read all the app marks... */
513
0
            return result;
514
0
          }
515
0
        } else {
516
0
          if (!php_skip_variable(stream)) {
517
0
            return result;
518
0
          }
519
0
        }
520
0
        break;
521
522
0
      case M_SOS:
523
0
      case M_EOI:
524
0
        return result;  /* we're about to hit image data, or are at EOF. stop processing. */
525
526
0
      default:
527
0
        if (!php_skip_variable(stream)) { /* anything else isn't interesting */
528
0
          return result;
529
0
        }
530
0
        break;
531
0
    }
532
0
  }
533
534
0
  return result; /* perhaps image broken -> no info but size */
535
0
}
536
/* }}} */
537
538
/* {{{ php_read4 */
539
static unsigned int php_read4(php_stream * stream)
540
0
{
541
0
  unsigned char a[4];
542
543
  /* just return 0 if we hit the end-of-file */
544
0
  if ((php_stream_read(stream, (char*)a, sizeof(a))) != sizeof(a)) return 0;
545
546
0
  return (((unsigned int)a[0]) << 24)
547
0
       + (((unsigned int)a[1]) << 16)
548
0
       + (((unsigned int)a[2]) <<  8)
549
0
       + (((unsigned int)a[3]));
550
0
}
551
/* }}} */
552
553
/* {{{ JPEG 2000 Marker Codes */
554
#define JPEG2000_MARKER_PREFIX 0xFF /* All marker codes start with this */
555
#define JPEG2000_MARKER_SOC 0x4F /* Start of Codestream */
556
#define JPEG2000_MARKER_SOT 0x90 /* Start of Tile part */
557
#define JPEG2000_MARKER_SOD 0x93 /* Start of Data */
558
#define JPEG2000_MARKER_EOC 0xD9 /* End of Codestream */
559
0
#define JPEG2000_MARKER_SIZ 0x51 /* Image and tile size */
560
#define JPEG2000_MARKER_COD 0x52 /* Coding style default */
561
#define JPEG2000_MARKER_COC 0x53 /* Coding style component */
562
#define JPEG2000_MARKER_RGN 0x5E /* Region of interest */
563
#define JPEG2000_MARKER_QCD 0x5C /* Quantization default */
564
#define JPEG2000_MARKER_QCC 0x5D /* Quantization component */
565
#define JPEG2000_MARKER_POC 0x5F /* Progression order change */
566
#define JPEG2000_MARKER_TLM 0x55 /* Tile-part lengths */
567
#define JPEG2000_MARKER_PLM 0x57 /* Packet length, main header */
568
#define JPEG2000_MARKER_PLT 0x58 /* Packet length, tile-part header */
569
#define JPEG2000_MARKER_PPM 0x60 /* Packed packet headers, main header */
570
#define JPEG2000_MARKER_PPT 0x61 /* Packed packet headers, tile part header */
571
#define JPEG2000_MARKER_SOP 0x91 /* Start of packet */
572
#define JPEG2000_MARKER_EPH 0x92 /* End of packet header */
573
#define JPEG2000_MARKER_CRG 0x63 /* Component registration */
574
#define JPEG2000_MARKER_COM 0x64 /* Comment */
575
/* }}} */
576
577
/* {{{ php_handle_jpc
578
   Main loop to parse JPEG2000 raw codestream structure */
579
static struct gfxinfo *php_handle_jpc(php_stream * stream)
580
0
{
581
0
  struct gfxinfo *result = NULL;
582
0
  int highest_bit_depth, bit_depth;
583
0
  unsigned char first_marker_id;
584
0
  unsigned int i;
585
586
  /* JPEG 2000 components can be vastly different from one another.
587
     Each component can be sampled at a different resolution, use
588
     a different colour space, have a separate colour depth, and
589
     be compressed totally differently! This makes giving a single
590
     "bit depth" answer somewhat problematic. For this implementation
591
     we'll use the highest depth encountered. */
592
593
  /* Get the single byte that remains after the file type identification */
594
0
  first_marker_id = php_stream_getc(stream);
595
596
  /* Ensure that this marker is SIZ (as is mandated by the standard) */
597
0
  if (first_marker_id != JPEG2000_MARKER_SIZ) {
598
0
    php_error_docref(NULL, E_WARNING, "JPEG2000 codestream corrupt(Expected SIZ marker not found after SOC)");
599
0
    return NULL;
600
0
  }
601
602
0
  result = (struct gfxinfo *)ecalloc(1, sizeof(struct gfxinfo));
603
604
0
  php_read2(stream); /* Lsiz */
605
0
  php_read2(stream); /* Rsiz */
606
0
  result->width = php_read4(stream); /* Xsiz */
607
0
  result->height = php_read4(stream); /* Ysiz */
608
609
#ifdef MBO_0
610
  php_read4(stream); /* XOsiz */
611
  php_read4(stream); /* YOsiz */
612
  php_read4(stream); /* XTsiz */
613
  php_read4(stream); /* YTsiz */
614
  php_read4(stream); /* XTOsiz */
615
  php_read4(stream); /* YTOsiz */
616
#else
617
0
  if (php_stream_seek(stream, 24, SEEK_CUR)) {
618
0
    efree(result);
619
0
    return NULL;
620
0
  }
621
0
#endif
622
623
0
  result->channels = php_read2(stream); /* Csiz */
624
0
  if ((result->channels == 0 && php_stream_eof(stream)) || result->channels > 256) {
625
0
    efree(result);
626
0
    return NULL;
627
0
  }
628
629
  /* Collect bit depth info */
630
0
  highest_bit_depth = 0;
631
0
  for (i = 0; i < result->channels; i++) {
632
0
    bit_depth = php_stream_getc(stream); /* Ssiz[i] */
633
0
    bit_depth++;
634
0
    if (bit_depth > highest_bit_depth) {
635
0
      highest_bit_depth = bit_depth;
636
0
    }
637
638
0
    php_stream_getc(stream); /* XRsiz[i] */
639
0
    php_stream_getc(stream); /* YRsiz[i] */
640
0
  }
641
642
0
  result->bits = highest_bit_depth;
643
644
0
  return result;
645
0
}
646
/* }}} */
647
648
/* {{{ php_handle_jp2
649
   main loop to parse JPEG 2000 JP2 wrapper format structure */
650
static struct gfxinfo *php_handle_jp2(php_stream *stream)
651
0
{
652
0
  struct gfxinfo *result = NULL;
653
0
  unsigned int box_length;
654
0
  unsigned int box_type;
655
0
  char jp2c_box_id[] = {(char)0x6a, (char)0x70, (char)0x32, (char)0x63};
656
657
  /* JP2 is a wrapper format for JPEG 2000. Data is contained within "boxes".
658
     Boxes themselves can be contained within "super-boxes". Super-Boxes can
659
     contain super-boxes which provides us with a hierarchical storage system.
660
661
     It is valid for a JP2 file to contain multiple individual codestreams.
662
     We'll just look for the first codestream at the root of the box structure
663
     and handle that.
664
  */
665
666
0
  for (;;)
667
0
  {
668
0
    box_length = php_read4(stream); /* LBox */
669
    /* TBox */
670
0
    if (php_stream_read(stream, (void *)&box_type, sizeof(box_type)) != sizeof(box_type)) {
671
      /* Use this as a general "out of stream" error */
672
0
      break;
673
0
    }
674
675
0
    if (box_length == 1) {
676
      /* We won't handle XLBoxes */
677
0
      return NULL;
678
0
    }
679
680
0
    if (!memcmp(&box_type, jp2c_box_id, 4))
681
0
    {
682
      /* Skip the first 3 bytes to emulate the file type examination */
683
0
      php_stream_seek(stream, 3, SEEK_CUR);
684
685
0
      result = php_handle_jpc(stream);
686
0
      break;
687
0
    }
688
689
    /* Stop if this was the last box */
690
0
    if ((int)box_length <= 0) {
691
0
      break;
692
0
    }
693
694
    /* Skip over LBox (Which includes both TBox and LBox itself */
695
0
    if (php_stream_seek(stream, box_length - 8, SEEK_CUR)) {
696
0
      break;
697
0
    }
698
0
  }
699
700
0
  if (result == NULL) {
701
0
    php_error_docref(NULL, E_WARNING, "JP2 file has no codestreams at root level");
702
0
  }
703
704
0
  return result;
705
0
}
706
/* }}} */
707
708
/* {{{ tiff constants */
709
PHPAPI const int php_tiff_bytes_per_format[] = {0, 1, 1, 2, 4, 8, 1, 1, 2, 4, 8, 4, 8};
710
711
/* uncompressed only */
712
0
#define TAG_IMAGEWIDTH              0x0100
713
0
#define TAG_IMAGEHEIGHT             0x0101
714
/* compressed images only */
715
0
#define TAG_COMP_IMAGEWIDTH         0xA002
716
0
#define TAG_COMP_IMAGEHEIGHT        0xA003
717
718
0
#define TAG_FMT_BYTE       1
719
#define TAG_FMT_STRING     2
720
0
#define TAG_FMT_USHORT     3
721
0
#define TAG_FMT_ULONG      4
722
#define TAG_FMT_URATIONAL  5
723
0
#define TAG_FMT_SBYTE      6
724
#define TAG_FMT_UNDEFINED  7
725
0
#define TAG_FMT_SSHORT     8
726
0
#define TAG_FMT_SLONG      9
727
#define TAG_FMT_SRATIONAL 10
728
#define TAG_FMT_SINGLE    11
729
#define TAG_FMT_DOUBLE    12
730
/* }}} */
731
732
/* {{{ php_ifd_get16u
733
 * Convert a 16 bit unsigned value from file's native byte order */
734
static int php_ifd_get16u(void *Short, int motorola_intel)
735
0
{
736
0
  if (motorola_intel) {
737
0
    return (((unsigned char *)Short)[0] << 8) | ((unsigned char *)Short)[1];
738
0
  } else {
739
0
    return (((unsigned char *)Short)[1] << 8) | ((unsigned char *)Short)[0];
740
0
  }
741
0
}
742
/* }}} */
743
744
/* {{{ php_ifd_get16s
745
 * Convert a 16 bit signed value from file's native byte order */
746
static signed short php_ifd_get16s(void *Short, int motorola_intel)
747
0
{
748
0
  return (signed short)php_ifd_get16u(Short, motorola_intel);
749
0
}
750
/* }}} */
751
752
/* {{{ php_ifd_get32s
753
 * Convert a 32 bit signed value from file's native byte order */
754
static int php_ifd_get32s(void *Long, int motorola_intel)
755
0
{
756
0
  if (motorola_intel) {
757
0
    return  ((unsigned)(((unsigned char *)Long)[0]) << 24) | (((unsigned char *)Long)[1] << 16)
758
0
          | (((unsigned char *)Long)[2] << 8 ) | (((unsigned char *)Long)[3] << 0 );
759
0
  } else {
760
0
    return  ((unsigned)(((unsigned char *)Long)[3]) << 24) | (((unsigned char *)Long)[2] << 16)
761
0
          | (((unsigned char *)Long)[1] << 8 ) | (((unsigned char *)Long)[0] << 0 );
762
0
  }
763
0
}
764
/* }}} */
765
766
/* {{{ php_ifd_get32u
767
 * Convert a 32 bit unsigned value from file's native byte order */
768
static unsigned php_ifd_get32u(void *Long, int motorola_intel)
769
0
{
770
0
  return (unsigned)php_ifd_get32s(Long, motorola_intel) & 0xffffffff;
771
0
}
772
/* }}} */
773
774
/* {{{ php_handle_tiff
775
   main loop to parse TIFF structure */
776
static struct gfxinfo *php_handle_tiff (php_stream * stream, zval *info, int motorola_intel)
777
0
{
778
0
  struct gfxinfo *result = NULL;
779
0
  int i, num_entries;
780
0
  unsigned char *dir_entry;
781
0
  size_t ifd_size, dir_size, entry_value, width=0, height=0, ifd_addr;
782
0
  int entry_tag , entry_type;
783
0
  char *ifd_data, ifd_ptr[4];
784
785
0
  if (php_stream_read(stream, ifd_ptr, 4) != 4)
786
0
    return NULL;
787
0
  ifd_addr = php_ifd_get32u(ifd_ptr, motorola_intel);
788
0
  if (php_stream_seek(stream, ifd_addr-8, SEEK_CUR))
789
0
    return NULL;
790
0
  ifd_size = 2;
791
0
  ifd_data = emalloc(ifd_size);
792
0
  if (php_stream_read(stream, ifd_data, 2) != 2) {
793
0
    efree(ifd_data);
794
0
    return NULL;
795
0
  }
796
0
  num_entries = php_ifd_get16u(ifd_data, motorola_intel);
797
0
  dir_size = 2/*num dir entries*/ +12/*length of entry*/*num_entries +4/* offset to next ifd (points to thumbnail or NULL)*/;
798
0
  ifd_size = dir_size;
799
0
  ifd_data = erealloc(ifd_data,ifd_size);
800
0
  if (php_stream_read(stream, ifd_data+2, dir_size-2) != dir_size-2) {
801
0
    efree(ifd_data);
802
0
    return NULL;
803
0
  }
804
  /* now we have the directory we can look how long it should be */
805
0
  ifd_size = dir_size;
806
0
  for(i=0;i<num_entries;i++) {
807
0
    dir_entry    = (unsigned char *) ifd_data+2+i*12;
808
0
    entry_tag    = php_ifd_get16u(dir_entry+0, motorola_intel);
809
0
    entry_type   = php_ifd_get16u(dir_entry+2, motorola_intel);
810
0
    switch(entry_type) {
811
0
      case TAG_FMT_BYTE:
812
0
      case TAG_FMT_SBYTE:
813
0
        entry_value  = (size_t)(dir_entry[8]);
814
0
        break;
815
0
      case TAG_FMT_USHORT:
816
0
        entry_value  = php_ifd_get16u(dir_entry+8, motorola_intel);
817
0
        break;
818
0
      case TAG_FMT_SSHORT:
819
0
        entry_value  = php_ifd_get16s(dir_entry+8, motorola_intel);
820
0
        break;
821
0
      case TAG_FMT_ULONG:
822
0
        entry_value  = php_ifd_get32u(dir_entry+8, motorola_intel);
823
0
        break;
824
0
      case TAG_FMT_SLONG:
825
0
        entry_value  = php_ifd_get32s(dir_entry+8, motorola_intel);
826
0
        break;
827
0
      default:
828
0
        continue;
829
0
    }
830
0
    switch(entry_tag) {
831
0
      case TAG_IMAGEWIDTH:
832
0
      case TAG_COMP_IMAGEWIDTH:
833
0
        width  = entry_value;
834
0
        break;
835
0
      case TAG_IMAGEHEIGHT:
836
0
      case TAG_COMP_IMAGEHEIGHT:
837
0
        height = entry_value;
838
0
        break;
839
0
    }
840
0
  }
841
0
  efree(ifd_data);
842
0
  if ( width && height) {
843
    /* not the same when in for-loop */
844
0
    result = (struct gfxinfo *) ecalloc(1, sizeof(struct gfxinfo));
845
0
    result->height   = height;
846
0
    result->width    = width;
847
0
    result->bits     = 0;
848
0
    result->channels = 0;
849
0
    return result;
850
0
  }
851
0
  return NULL;
852
0
}
853
/* }}} */
854
855
/* {{{ php_handle_psd */
856
static struct gfxinfo *php_handle_iff(php_stream * stream)
857
0
{
858
0
  struct gfxinfo * result;
859
0
  unsigned char a[10];
860
0
  int chunkId;
861
0
  int size;
862
0
  short width, height, bits;
863
864
0
  if (php_stream_read(stream, (char *) a, 8) != 8) {
865
0
    return NULL;
866
0
  }
867
0
  if (strncmp((char *) a+4, "ILBM", 4) && strncmp((char *) a+4, "PBM ", 4)) {
868
0
    return NULL;
869
0
  }
870
871
  /* loop chunks to find BMHD chunk */
872
0
  do {
873
0
    if (php_stream_read(stream, (char*)a, 8) != 8) {
874
0
      return NULL;
875
0
    }
876
0
    chunkId = php_ifd_get32s(a+0, 1);
877
0
    size    = php_ifd_get32s(a+4, 1);
878
0
    if (size < 0) {
879
0
      return NULL;
880
0
    }
881
0
    if ((size & 1) == 1) {
882
0
      size++;
883
0
    }
884
0
    if (chunkId == 0x424d4844) { /* BMHD chunk */
885
0
      if (size < 9 || php_stream_read(stream, (char*)a, 9) != 9) {
886
0
        return NULL;
887
0
      }
888
0
      width  = php_ifd_get16s(a+0, 1);
889
0
      height = php_ifd_get16s(a+2, 1);
890
0
      bits   = a[8] & 0xff;
891
0
      if (width > 0 && height > 0 && bits > 0 && bits < 33) {
892
0
        result = (struct gfxinfo *) ecalloc(1, sizeof(struct gfxinfo));
893
0
        result->width    = width;
894
0
        result->height   = height;
895
0
        result->bits     = bits;
896
0
        result->channels = 0;
897
0
        return result;
898
0
      }
899
0
    } else {
900
0
      if (php_stream_seek(stream, size, SEEK_CUR)) {
901
0
        return NULL;
902
0
      }
903
0
    }
904
0
  } while (1);
905
0
}
906
/* }}} */
907
908
/* {{{ php_get_wbmp
909
 * int WBMP file format type
910
 * byte Header Type
911
 *  byte Extended Header
912
 *    byte Header Data (type 00 = multibyte)
913
 *    byte Header Data (type 11 = name/pairs)
914
 * int Number of columns
915
 * int Number of rows
916
 */
917
static int php_get_wbmp(php_stream *stream, struct gfxinfo **result, int check)
918
0
{
919
0
  int i, width = 0, height = 0;
920
921
0
  if (php_stream_rewind(stream)) {
922
0
    return 0;
923
0
  }
924
925
  /* get type */
926
0
  if (php_stream_getc(stream) != 0) {
927
0
    return 0;
928
0
  }
929
930
  /* skip header */
931
0
  do {
932
0
    i = php_stream_getc(stream);
933
0
    if (i < 0) {
934
0
      return 0;
935
0
    }
936
0
  } while (i & 0x80);
937
938
  /* get width */
939
0
  do {
940
0
    i = php_stream_getc(stream);
941
0
    if (i < 0) {
942
0
      return 0;
943
0
    }
944
0
    width = (width << 7) | (i & 0x7f);
945
    /* maximum valid width for wbmp (although 127 may be a more accurate one) */
946
0
    if (width > 2048) {
947
0
      return 0;
948
0
    }
949
0
  } while (i & 0x80);
950
951
  /* get height */
952
0
  do {
953
0
    i = php_stream_getc(stream);
954
0
    if (i < 0) {
955
0
      return 0;
956
0
    }
957
0
    height = (height << 7) | (i & 0x7f);
958
    /* maximum valid height for wbmp (although 127 may be a more accurate one) */
959
0
    if (height > 2048) {
960
0
      return 0;
961
0
    }
962
0
  } while (i & 0x80);
963
964
0
  if (!height || !width) {
965
0
    return 0;
966
0
  }
967
968
0
  if (!check) {
969
0
    (*result)->width = width;
970
0
    (*result)->height = height;
971
0
  }
972
973
0
  return IMAGE_FILETYPE_WBMP;
974
0
}
975
/* }}} */
976
977
/* {{{ php_handle_wbmp */
978
static struct gfxinfo *php_handle_wbmp(php_stream * stream)
979
0
{
980
0
  struct gfxinfo *result = (struct gfxinfo *) ecalloc(1, sizeof(struct gfxinfo));
981
982
0
  if (!php_get_wbmp(stream, &result, 0)) {
983
0
    efree(result);
984
0
    return NULL;
985
0
  }
986
987
0
  return result;
988
0
}
989
/* }}} */
990
991
/* {{{ php_get_xbm */
992
static int php_get_xbm(php_stream *stream, struct gfxinfo **result)
993
0
{
994
0
  char *fline;
995
0
  char *iname;
996
0
  char *type;
997
0
  int value;
998
0
  unsigned int width = 0, height = 0;
999
1000
0
  if (result) {
1001
0
    *result = NULL;
1002
0
  }
1003
0
  if (php_stream_rewind(stream)) {
1004
0
    return 0;
1005
0
  }
1006
0
  while ((fline=php_stream_gets(stream, NULL, 0)) != NULL) {
1007
0
    iname = estrdup(fline); /* simple way to get necessary buffer of required size */
1008
0
    if (sscanf(fline, "#define %s %d", iname, &value) == 2) {
1009
0
      if (!(type = strrchr(iname, '_'))) {
1010
0
        type = iname;
1011
0
      } else {
1012
0
        type++;
1013
0
      }
1014
1015
0
      if (!strcmp("width", type)) {
1016
0
        width = (unsigned int) value;
1017
0
        if (height) {
1018
0
          efree(iname);
1019
0
          break;
1020
0
        }
1021
0
      }
1022
0
      if (!strcmp("height", type)) {
1023
0
        height = (unsigned int) value;
1024
0
        if (width) {
1025
0
          efree(iname);
1026
0
          break;
1027
0
        }
1028
0
      }
1029
0
    }
1030
0
    efree(fline);
1031
0
    efree(iname);
1032
0
  }
1033
0
  if (fline) {
1034
0
    efree(fline);
1035
0
  }
1036
1037
0
  if (width && height) {
1038
0
    if (result) {
1039
0
      *result = (struct gfxinfo *) ecalloc(1, sizeof(struct gfxinfo));
1040
0
      (*result)->width = width;
1041
0
      (*result)->height = height;
1042
0
    }
1043
0
    return IMAGE_FILETYPE_XBM;
1044
0
  }
1045
1046
0
  return 0;
1047
0
}
1048
/* }}} */
1049
1050
/* {{{ php_handle_xbm */
1051
static struct gfxinfo *php_handle_xbm(php_stream * stream)
1052
0
{
1053
0
  struct gfxinfo *result;
1054
0
  php_get_xbm(stream, &result);
1055
0
  return result;
1056
0
}
1057
/* }}} */
1058
1059
/* {{{ php_handle_ico */
1060
static struct gfxinfo *php_handle_ico(php_stream * stream)
1061
0
{
1062
0
  struct gfxinfo *result = NULL;
1063
0
  unsigned char dim[16];
1064
0
  int num_icons = 0;
1065
1066
0
  if (php_stream_read(stream, (char *) dim, 2) != 2)
1067
0
    return NULL;
1068
1069
0
  num_icons = (((unsigned int)dim[1]) << 8) + ((unsigned int) dim[0]);
1070
1071
0
  if (num_icons < 1 || num_icons > 255)
1072
0
    return NULL;
1073
1074
0
  result = (struct gfxinfo *) ecalloc(1, sizeof(struct gfxinfo));
1075
1076
0
  while (num_icons > 0)
1077
0
  {
1078
0
    if (php_stream_read(stream, (char *) dim, sizeof(dim)) != sizeof(dim))
1079
0
      break;
1080
1081
0
    if ((((unsigned int)dim[7]) <<  8) +  ((unsigned int)dim[6]) >= result->bits)
1082
0
    {
1083
0
      result->width    =  (unsigned int)dim[0];
1084
0
      result->height   =  (unsigned int)dim[1];
1085
0
      result->bits     =  (((unsigned int)dim[7]) <<  8) +  ((unsigned int)dim[6]);
1086
0
    }
1087
0
    num_icons--;
1088
0
  }
1089
1090
0
  if (0 == result->width)
1091
0
    result->width = 256;
1092
1093
0
  if (0 == result->height)
1094
0
    result->height = 256;
1095
1096
0
  return result;
1097
0
}
1098
/* }}} */
1099
1100
/* {{{ php_handle_webp */
1101
static struct gfxinfo *php_handle_webp(php_stream * stream)
1102
0
{
1103
0
  struct gfxinfo *result = NULL;
1104
0
  const char sig[3] = {'V', 'P', '8'};
1105
0
  unsigned char buf[18];
1106
0
  char format;
1107
1108
0
  if (php_stream_read(stream, (char *) buf, 18) != 18)
1109
0
    return NULL;
1110
1111
0
  if (memcmp(buf, sig, 3)) {
1112
0
    return NULL;
1113
0
  }
1114
0
  switch (buf[3]) {
1115
0
    case ' ':
1116
0
    case 'L':
1117
0
    case 'X':
1118
0
      format = buf[3];
1119
0
      break;
1120
0
    default:
1121
0
      return NULL;
1122
0
  }
1123
1124
0
  result = (struct gfxinfo *) ecalloc(1, sizeof(struct gfxinfo));
1125
1126
0
  switch (format) {
1127
0
    case ' ':
1128
0
      result->width = buf[14] + ((buf[15] & 0x3F) << 8);
1129
0
      result->height = buf[16] + ((buf[17] & 0x3F) << 8);
1130
0
      break;
1131
0
    case 'L':
1132
0
      result->width = buf[9] + ((buf[10] & 0x3F) << 8) + 1;
1133
0
      result->height = (buf[10] >> 6) + (buf[11] << 2) + ((buf[12] & 0xF) << 10) + 1;
1134
0
      break;
1135
0
    case 'X':
1136
0
      result->width = buf[12] + (buf[13] << 8) + (buf[14] << 16) + 1;
1137
0
      result->height = buf[15] + (buf[16] << 8) + (buf[17] << 16) + 1;
1138
0
      break;
1139
0
  }
1140
0
  result->bits = 8; /* always 1 byte */
1141
1142
0
  return result;
1143
0
}
1144
/* }}} */
1145
1146
/* {{{ User struct and stream read/skip implementations for libavifinfo API */
1147
struct php_avif_stream {
1148
  php_stream* stream;
1149
  uint8_t buffer[AVIFINFO_MAX_NUM_READ_BYTES];
1150
};
1151
1152
0
static const uint8_t* php_avif_stream_read(void* stream, size_t num_bytes) {
1153
0
  struct php_avif_stream* avif_stream = (struct php_avif_stream*)stream;
1154
1155
0
  if (avif_stream == NULL || avif_stream->stream == NULL) {
1156
0
    return NULL;
1157
0
  }
1158
0
  if (php_stream_read(avif_stream->stream, (char*)avif_stream->buffer, num_bytes) != num_bytes) {
1159
0
    avif_stream->stream = NULL; /* fail further calls */
1160
0
    return NULL;
1161
0
  }
1162
0
  return avif_stream->buffer;
1163
0
}
1164
1165
0
static void php_avif_stream_skip(void* stream, size_t num_bytes) {
1166
0
  struct php_avif_stream* avif_stream = (struct php_avif_stream*)stream;
1167
1168
0
  if (avif_stream == NULL || avif_stream->stream == NULL) {
1169
0
    return;
1170
0
  }
1171
0
  if (php_stream_seek(avif_stream->stream, num_bytes, SEEK_CUR)) {
1172
0
    avif_stream->stream = NULL; /* fail further calls */
1173
0
  }
1174
0
}
1175
/* }}} */
1176
1177
/* {{{ php_handle_avif
1178
 * Parse AVIF features
1179
 *
1180
 * The stream must be positioned at the beginning of a box, so it does not
1181
 * matter whether the "ftyp" box was already read by php_is_image_avif() or not.
1182
 * It will read bytes from the stream until features are found or the file is
1183
 * declared as invalid. Around 450 bytes are usually enough.
1184
 * Transforms such as mirror and rotation are not applied on width and height.
1185
 */
1186
0
static struct gfxinfo *php_handle_avif(php_stream * stream) {
1187
0
  struct gfxinfo* result = NULL;
1188
0
  AvifInfoFeatures features;
1189
0
  struct php_avif_stream avif_stream;
1190
0
  avif_stream.stream = stream;
1191
1192
0
  if (AvifInfoGetFeaturesStream(&avif_stream, php_avif_stream_read, php_avif_stream_skip, &features) == kAvifInfoOk) {
1193
0
    result = (struct gfxinfo*)ecalloc(1, sizeof(struct gfxinfo));
1194
0
    result->width = features.width;
1195
0
    result->height = features.height;
1196
0
    result->bits = features.bit_depth;
1197
0
    result->channels = features.num_channels;
1198
0
  }
1199
0
  return result;
1200
0
}
1201
/* }}} */
1202
1203
/* {{{ php_is_image_avif
1204
 * Detect whether an image is of type AVIF
1205
 *
1206
 * Only the first "ftyp" box is read.
1207
 * For a valid file, 12 bytes are usually read, but more might be necessary.
1208
 */
1209
0
bool php_is_image_avif(php_stream* stream) {
1210
0
  struct php_avif_stream avif_stream;
1211
0
  avif_stream.stream = stream;
1212
1213
0
  if (AvifInfoIdentifyStream(&avif_stream, php_avif_stream_read, php_avif_stream_skip) == kAvifInfoOk) {
1214
0
    return 1;
1215
0
  }
1216
0
  return 0;
1217
0
}
1218
/* }}} */
1219
1220
/* {{{ php_image_type_to_mime_type
1221
 * Convert internal image_type to mime type */
1222
PHPAPI char * php_image_type_to_mime_type(int image_type)
1223
4.91k
{
1224
4.91k
  switch( image_type) {
1225
0
    case IMAGE_FILETYPE_GIF:
1226
0
      return "image/gif";
1227
335
    case IMAGE_FILETYPE_JPEG:
1228
335
      return "image/jpeg";
1229
0
    case IMAGE_FILETYPE_PNG:
1230
0
      return "image/png";
1231
0
    case IMAGE_FILETYPE_SWF:
1232
0
    case IMAGE_FILETYPE_SWC:
1233
0
      return "application/x-shockwave-flash";
1234
0
    case IMAGE_FILETYPE_PSD:
1235
0
      return "image/psd";
1236
0
    case IMAGE_FILETYPE_BMP:
1237
0
      return "image/bmp";
1238
3.37k
    case IMAGE_FILETYPE_TIFF_II:
1239
4.57k
    case IMAGE_FILETYPE_TIFF_MM:
1240
4.57k
      return "image/tiff";
1241
0
    case IMAGE_FILETYPE_IFF:
1242
0
      return "image/iff";
1243
0
    case IMAGE_FILETYPE_WBMP:
1244
0
      return "image/vnd.wap.wbmp";
1245
0
    case IMAGE_FILETYPE_JPC:
1246
0
      return "application/octet-stream";
1247
0
    case IMAGE_FILETYPE_JP2:
1248
0
      return "image/jp2";
1249
0
    case IMAGE_FILETYPE_XBM:
1250
0
      return "image/xbm";
1251
0
    case IMAGE_FILETYPE_ICO:
1252
0
      return "image/vnd.microsoft.icon";
1253
0
    case IMAGE_FILETYPE_WEBP:
1254
0
      return "image/webp";
1255
0
    case IMAGE_FILETYPE_AVIF:
1256
0
      return "image/avif";
1257
0
    default:
1258
0
    case IMAGE_FILETYPE_UNKNOWN:
1259
0
      return "application/octet-stream"; /* suppose binary format */
1260
4.91k
  }
1261
4.91k
}
1262
/* }}} */
1263
1264
/* {{{ Get Mime-Type for image-type returned by getimagesize, exif_read_data, exif_thumbnail, exif_imagetype */
1265
PHP_FUNCTION(image_type_to_mime_type)
1266
0
{
1267
0
  zend_long p_image_type;
1268
1269
0
  ZEND_PARSE_PARAMETERS_START(1, 1)
1270
0
    Z_PARAM_LONG(p_image_type)
1271
0
  ZEND_PARSE_PARAMETERS_END();
1272
1273
0
  ZVAL_STRING(return_value, (char*)php_image_type_to_mime_type(p_image_type));
1274
0
}
1275
/* }}} */
1276
1277
/* {{{ Get file extension for image-type returned by getimagesize, exif_read_data, exif_thumbnail, exif_imagetype */
1278
PHP_FUNCTION(image_type_to_extension)
1279
0
{
1280
0
  zend_long image_type;
1281
0
  bool inc_dot=1;
1282
0
  const char *imgext = NULL;
1283
1284
0
  ZEND_PARSE_PARAMETERS_START(1, 2)
1285
0
    Z_PARAM_LONG(image_type)
1286
0
    Z_PARAM_OPTIONAL
1287
0
    Z_PARAM_BOOL(inc_dot)
1288
0
  ZEND_PARSE_PARAMETERS_END();
1289
1290
0
  switch (image_type) {
1291
0
    case IMAGE_FILETYPE_GIF:
1292
0
      imgext = ".gif";
1293
0
      break;
1294
0
    case IMAGE_FILETYPE_JPEG:
1295
0
      imgext = ".jpeg";
1296
0
      break;
1297
0
    case IMAGE_FILETYPE_PNG:
1298
0
      imgext = ".png";
1299
0
      break;
1300
0
    case IMAGE_FILETYPE_SWF:
1301
0
    case IMAGE_FILETYPE_SWC:
1302
0
      imgext = ".swf";
1303
0
      break;
1304
0
    case IMAGE_FILETYPE_PSD:
1305
0
      imgext = ".psd";
1306
0
      break;
1307
0
    case IMAGE_FILETYPE_BMP:
1308
0
    case IMAGE_FILETYPE_WBMP:
1309
0
      imgext = ".bmp";
1310
0
      break;
1311
0
    case IMAGE_FILETYPE_TIFF_II:
1312
0
    case IMAGE_FILETYPE_TIFF_MM:
1313
0
      imgext = ".tiff";
1314
0
      break;
1315
0
    case IMAGE_FILETYPE_IFF:
1316
0
      imgext = ".iff";
1317
0
      break;
1318
0
    case IMAGE_FILETYPE_JPC:
1319
0
      imgext = ".jpc";
1320
0
      break;
1321
0
    case IMAGE_FILETYPE_JP2:
1322
0
      imgext = ".jp2";
1323
0
      break;
1324
0
    case IMAGE_FILETYPE_JPX:
1325
0
      imgext = ".jpx";
1326
0
      break;
1327
0
    case IMAGE_FILETYPE_JB2:
1328
0
      imgext = ".jb2";
1329
0
      break;
1330
0
    case IMAGE_FILETYPE_XBM:
1331
0
      imgext = ".xbm";
1332
0
      break;
1333
0
    case IMAGE_FILETYPE_ICO:
1334
0
      imgext = ".ico";
1335
0
      break;
1336
0
    case IMAGE_FILETYPE_WEBP:
1337
0
      imgext = ".webp";
1338
0
      break;
1339
0
    case IMAGE_FILETYPE_AVIF:
1340
0
      imgext = ".avif";
1341
0
      break;
1342
0
  }
1343
1344
0
  if (imgext) {
1345
0
    RETURN_STRING(&imgext[!inc_dot]);
1346
0
  }
1347
1348
0
  RETURN_FALSE;
1349
0
}
1350
/* }}} */
1351
1352
/* {{{ php_imagetype
1353
   detect filetype from first bytes */
1354
PHPAPI int php_getimagetype(php_stream *stream, const char *input, char *filetype)
1355
0
{
1356
0
  char tmp[12];
1357
0
  int twelve_bytes_read;
1358
1359
0
  if ( !filetype) filetype = tmp;
1360
0
  if((php_stream_read(stream, filetype, 3)) != 3) {
1361
0
    php_error_docref(NULL, E_NOTICE, "Error reading from %s!", input);
1362
0
    return IMAGE_FILETYPE_UNKNOWN;
1363
0
  }
1364
1365
/* BYTES READ: 3 */
1366
0
  if (!memcmp(filetype, php_sig_gif, 3)) {
1367
0
    return IMAGE_FILETYPE_GIF;
1368
0
  } else if (!memcmp(filetype, php_sig_jpg, 3)) {
1369
0
    return IMAGE_FILETYPE_JPEG;
1370
0
  } else if (!memcmp(filetype, php_sig_png, 3)) {
1371
0
    if (php_stream_read(stream, filetype+3, 5) != 5) {
1372
0
      php_error_docref(NULL, E_NOTICE, "Error reading from %s!", input);
1373
0
      return IMAGE_FILETYPE_UNKNOWN;
1374
0
    }
1375
0
    if (!memcmp(filetype, php_sig_png, 8)) {
1376
0
      return IMAGE_FILETYPE_PNG;
1377
0
    } else {
1378
0
      php_error_docref(NULL, E_WARNING, "PNG file corrupted by ASCII conversion");
1379
0
      return IMAGE_FILETYPE_UNKNOWN;
1380
0
    }
1381
0
  } else if (!memcmp(filetype, php_sig_swf, 3)) {
1382
0
    return IMAGE_FILETYPE_SWF;
1383
0
  } else if (!memcmp(filetype, php_sig_swc, 3)) {
1384
0
    return IMAGE_FILETYPE_SWC;
1385
0
  } else if (!memcmp(filetype, php_sig_psd, 3)) {
1386
0
    return IMAGE_FILETYPE_PSD;
1387
0
  } else if (!memcmp(filetype, php_sig_bmp, 2)) {
1388
0
    return IMAGE_FILETYPE_BMP;
1389
0
  } else if (!memcmp(filetype, php_sig_jpc, 3)) {
1390
0
    return IMAGE_FILETYPE_JPC;
1391
0
  } else if (!memcmp(filetype, php_sig_riff, 3)) {
1392
0
    if (php_stream_read(stream, filetype+3, 9) != 9) {
1393
0
      php_error_docref(NULL, E_NOTICE, "Error reading from %s!", input);
1394
0
      return IMAGE_FILETYPE_UNKNOWN;
1395
0
    }
1396
0
    if (!memcmp(filetype+8, php_sig_webp, 4)) {
1397
0
      return IMAGE_FILETYPE_WEBP;
1398
0
    } else {
1399
0
      return IMAGE_FILETYPE_UNKNOWN;
1400
0
    }
1401
0
  }
1402
1403
0
  if (php_stream_read(stream, filetype+3, 1) != 1) {
1404
0
    php_error_docref(NULL, E_NOTICE, "Error reading from %s!", input);
1405
0
    return IMAGE_FILETYPE_UNKNOWN;
1406
0
  }
1407
/* BYTES READ: 4 */
1408
0
  if (!memcmp(filetype, php_sig_tif_ii, 4)) {
1409
0
    return IMAGE_FILETYPE_TIFF_II;
1410
0
  } else if (!memcmp(filetype, php_sig_tif_mm, 4)) {
1411
0
    return IMAGE_FILETYPE_TIFF_MM;
1412
0
  } else if (!memcmp(filetype, php_sig_iff, 4)) {
1413
0
    return IMAGE_FILETYPE_IFF;
1414
0
  } else if (!memcmp(filetype, php_sig_ico, 4)) {
1415
0
    return IMAGE_FILETYPE_ICO;
1416
0
  }
1417
1418
  /* WBMP may be smaller than 12 bytes, so delay error */
1419
0
  twelve_bytes_read = (php_stream_read(stream, filetype+4, 8) == 8);
1420
1421
/* BYTES READ: 12 */
1422
0
  if (twelve_bytes_read && !memcmp(filetype, php_sig_jp2, 12)) {
1423
0
    return IMAGE_FILETYPE_JP2;
1424
0
  }
1425
1426
0
  if (!php_stream_rewind(stream) && php_is_image_avif(stream)) {
1427
0
    return IMAGE_FILETYPE_AVIF;
1428
0
  }
1429
1430
/* AFTER ALL ABOVE FAILED */
1431
0
  if (php_get_wbmp(stream, NULL, 1)) {
1432
0
    return IMAGE_FILETYPE_WBMP;
1433
0
  }
1434
1435
0
  if (!twelve_bytes_read) {
1436
0
    php_error_docref(NULL, E_NOTICE, "Error reading from %s!", input);
1437
0
    return IMAGE_FILETYPE_UNKNOWN;
1438
0
  }
1439
1440
0
  if (php_get_xbm(stream, NULL)) {
1441
0
    return IMAGE_FILETYPE_XBM;
1442
0
  }
1443
1444
0
  return IMAGE_FILETYPE_UNKNOWN;
1445
0
}
1446
/* }}} */
1447
1448
static void php_getimagesize_from_stream(php_stream *stream, char *input, zval *info, INTERNAL_FUNCTION_PARAMETERS) /* {{{ */
1449
0
{
1450
0
  int itype = 0;
1451
0
  struct gfxinfo *result = NULL;
1452
1453
0
  if (!stream) {
1454
0
    RETURN_FALSE;
1455
0
  }
1456
1457
0
  itype = php_getimagetype(stream, input, NULL);
1458
0
  switch( itype) {
1459
0
    case IMAGE_FILETYPE_GIF:
1460
0
      result = php_handle_gif(stream);
1461
0
      break;
1462
0
    case IMAGE_FILETYPE_JPEG:
1463
0
      if (info) {
1464
0
        result = php_handle_jpeg(stream, info);
1465
0
      } else {
1466
0
        result = php_handle_jpeg(stream, NULL);
1467
0
      }
1468
0
      break;
1469
0
    case IMAGE_FILETYPE_PNG:
1470
0
      result = php_handle_png(stream);
1471
0
      break;
1472
0
    case IMAGE_FILETYPE_SWF:
1473
0
      result = php_handle_swf(stream);
1474
0
      break;
1475
0
    case IMAGE_FILETYPE_SWC:
1476
#if defined(HAVE_ZLIB) && !defined(COMPILE_DL_ZLIB)
1477
      result = php_handle_swc(stream);
1478
#else
1479
0
      php_error_docref(NULL, E_NOTICE, "The image is a compressed SWF file, but you do not have a static version of the zlib extension enabled");
1480
0
#endif
1481
0
      break;
1482
0
    case IMAGE_FILETYPE_PSD:
1483
0
      result = php_handle_psd(stream);
1484
0
      break;
1485
0
    case IMAGE_FILETYPE_BMP:
1486
0
      result = php_handle_bmp(stream);
1487
0
      break;
1488
0
    case IMAGE_FILETYPE_TIFF_II:
1489
0
      result = php_handle_tiff(stream, NULL, 0);
1490
0
      break;
1491
0
    case IMAGE_FILETYPE_TIFF_MM:
1492
0
      result = php_handle_tiff(stream, NULL, 1);
1493
0
      break;
1494
0
    case IMAGE_FILETYPE_JPC:
1495
0
      result = php_handle_jpc(stream);
1496
0
      break;
1497
0
    case IMAGE_FILETYPE_JP2:
1498
0
      result = php_handle_jp2(stream);
1499
0
      break;
1500
0
    case IMAGE_FILETYPE_IFF:
1501
0
      result = php_handle_iff(stream);
1502
0
      break;
1503
0
    case IMAGE_FILETYPE_WBMP:
1504
0
      result = php_handle_wbmp(stream);
1505
0
      break;
1506
0
    case IMAGE_FILETYPE_XBM:
1507
0
      result = php_handle_xbm(stream);
1508
0
      break;
1509
0
    case IMAGE_FILETYPE_ICO:
1510
0
      result = php_handle_ico(stream);
1511
0
      break;
1512
0
    case IMAGE_FILETYPE_WEBP:
1513
0
      result = php_handle_webp(stream);
1514
0
      break;
1515
0
    case IMAGE_FILETYPE_AVIF:
1516
0
      result = php_handle_avif(stream);
1517
0
      break;
1518
0
    default:
1519
0
    case IMAGE_FILETYPE_UNKNOWN:
1520
0
      break;
1521
0
  }
1522
1523
0
  if (result) {
1524
0
    char temp[MAX_LENGTH_OF_LONG * 2 + sizeof("width=\"\" height=\"\"")];
1525
0
    array_init(return_value);
1526
0
    add_index_long(return_value, 0, result->width);
1527
0
    add_index_long(return_value, 1, result->height);
1528
0
    add_index_long(return_value, 2, itype);
1529
0
    snprintf(temp, sizeof(temp), "width=\"%d\" height=\"%d\"", result->width, result->height);
1530
0
    add_index_string(return_value, 3, temp);
1531
1532
0
    if (result->bits != 0) {
1533
0
      add_assoc_long(return_value, "bits", result->bits);
1534
0
    }
1535
0
    if (result->channels != 0) {
1536
0
      add_assoc_long(return_value, "channels", result->channels);
1537
0
    }
1538
0
    add_assoc_string(return_value, "mime", (char*)php_image_type_to_mime_type(itype));
1539
0
    efree(result);
1540
0
  } else {
1541
0
    RETURN_FALSE;
1542
0
  }
1543
0
}
1544
/* }}} */
1545
1546
0
#define FROM_DATA 0
1547
20
#define FROM_PATH 1
1548
1549
5
static void php_getimagesize_from_any(INTERNAL_FUNCTION_PARAMETERS, int mode) {  /* {{{ */
1550
5
  zval *info = NULL;
1551
5
  php_stream *stream = NULL;
1552
5
  zend_string *input;
1553
5
  const int argc = ZEND_NUM_ARGS();
1554
1555
15
  ZEND_PARSE_PARAMETERS_START(1, 2)
1556
20
    Z_PARAM_STR(input)
1557
5
    Z_PARAM_OPTIONAL
1558
20
    Z_PARAM_ZVAL(info)
1559
20
  ZEND_PARSE_PARAMETERS_END();
1560
1561
5
  if (mode == FROM_PATH && CHECK_NULL_PATH(ZSTR_VAL(input), ZSTR_LEN(input))) {
1562
0
    zend_argument_value_error(1, "must not contain any null bytes");
1563
0
    RETURN_THROWS();
1564
0
  }
1565
1566
5
  if (argc == 2) {
1567
5
    info = zend_try_array_init(info);
1568
5
    if (!info) {
1569
0
      RETURN_THROWS();
1570
0
    }
1571
5
  }
1572
1573
5
  if (mode == FROM_PATH) {
1574
5
    stream = php_stream_open_wrapper(ZSTR_VAL(input), "rb", STREAM_MUST_SEEK|REPORT_ERRORS|IGNORE_PATH, NULL);
1575
5
  } else {
1576
0
    stream = php_stream_memory_open(TEMP_STREAM_READONLY, input);
1577
0
  }
1578
1579
5
  if (!stream) {
1580
5
    RETURN_FALSE;
1581
5
  }
1582
1583
0
  php_getimagesize_from_stream(stream, ZSTR_VAL(input), info, INTERNAL_FUNCTION_PARAM_PASSTHRU);
1584
0
  php_stream_close(stream);
1585
0
}
1586
/* }}} */
1587
1588
/* {{{ Get the size of an image as 4-element array */
1589
PHP_FUNCTION(getimagesize)
1590
5
{
1591
5
  php_getimagesize_from_any(INTERNAL_FUNCTION_PARAM_PASSTHRU, FROM_PATH);
1592
5
}
1593
/* }}} */
1594
1595
/* {{{ Get the size of an image as 4-element array */
1596
PHP_FUNCTION(getimagesizefromstring)
1597
0
{
1598
0
  php_getimagesize_from_any(INTERNAL_FUNCTION_PARAM_PASSTHRU, FROM_DATA);
1599
0
}
1600
/* }}} */