OLD | NEW |
---|---|
1 /* | 1 /* |
2 * Copyright (C) 2006 Apple Computer, Inc. | 2 * Copyright (C) 2006 Apple Computer, Inc. |
3 * Copyright (C) Research In Motion Limited 2009-2010. All rights reserved. | 3 * Copyright (C) Research In Motion Limited 2009-2010. All rights reserved. |
4 * | 4 * |
5 * Portions are Copyright (C) 2001 mozilla.org | 5 * Portions are Copyright (C) 2001 mozilla.org |
6 * | 6 * |
7 * Other contributors: | 7 * Other contributors: |
8 * Stuart Parmenter <stuart@mozilla.com> | 8 * Stuart Parmenter <stuart@mozilla.com> |
9 * | 9 * |
10 * This library is free software; you can redistribute it and/or | 10 * This library is free software; you can redistribute it and/or |
(...skipping 20 matching lines...) Expand all Loading... | |
31 * licenses (the MPL or the GPL) and not to allow others to use your | 31 * licenses (the MPL or the GPL) and not to allow others to use your |
32 * version of this file under the LGPL, indicate your decision by | 32 * version of this file under the LGPL, indicate your decision by |
33 * deletingthe provisions above and replace them with the notice and | 33 * deletingthe provisions above and replace them with the notice and |
34 * other provisions required by the MPL or the GPL, as the case may be. | 34 * other provisions required by the MPL or the GPL, as the case may be. |
35 * If you do not delete the provisions above, a recipient may use your | 35 * If you do not delete the provisions above, a recipient may use your |
36 * version of this file under any of the LGPL, the MPL or the GPL. | 36 * version of this file under any of the LGPL, the MPL or the GPL. |
37 */ | 37 */ |
38 | 38 |
39 #include "platform/image-decoders/png/PNGImageReader.h" | 39 #include "platform/image-decoders/png/PNGImageReader.h" |
40 | 40 |
41 #include <memory> | |
42 #include "platform/image-decoders/FastSharedBufferReader.h" | |
41 #include "platform/image-decoders/SegmentReader.h" | 43 #include "platform/image-decoders/SegmentReader.h" |
42 #include "platform/image-decoders/png/PNGImageDecoder.h" | 44 #include "platform/image-decoders/png/PNGImageDecoder.h" |
43 #include "png.h" | |
44 #include "wtf/PtrUtil.h" | 45 #include "wtf/PtrUtil.h" |
45 #include <memory> | 46 #include "zlib.h" |
46 | 47 |
47 namespace { | 48 namespace { |
48 | 49 |
49 inline blink::PNGImageDecoder* imageDecoder(png_structp png) { | 50 inline blink::PNGImageDecoder* imageDecoder(png_structp png) { |
50 return static_cast<blink::PNGImageDecoder*>(png_get_progressive_ptr(png)); | 51 return static_cast<blink::PNGImageDecoder*>(png_get_progressive_ptr(png)); |
51 } | 52 } |
52 | 53 |
53 void PNGAPI pngHeaderAvailable(png_structp png, png_infop) { | 54 void PNGAPI pngHeaderAvailable(png_structp png, png_infop) { |
54 imageDecoder(png)->headerAvailable(); | 55 imageDecoder(png)->headerAvailable(); |
55 } | 56 } |
56 | 57 |
57 void PNGAPI pngRowAvailable(png_structp png, | 58 void PNGAPI pngRowAvailable(png_structp png, |
58 png_bytep row, | 59 png_bytep row, |
59 png_uint_32 rowIndex, | 60 png_uint_32 rowIndex, |
60 int state) { | 61 int state) { |
61 imageDecoder(png)->rowAvailable(row, rowIndex, state); | 62 imageDecoder(png)->rowAvailable(row, rowIndex, state); |
62 } | 63 } |
63 | 64 |
64 void PNGAPI pngComplete(png_structp png, png_infop) { | 65 void PNGAPI pngFrameComplete(png_structp png, png_infop) { |
65 imageDecoder(png)->complete(); | 66 imageDecoder(png)->frameComplete(); |
66 } | 67 } |
67 | 68 |
68 void PNGAPI pngFailed(png_structp png, png_const_charp) { | 69 void PNGAPI pngFailed(png_structp png, png_const_charp) { |
69 longjmp(JMPBUF(png), 1); | 70 longjmp(JMPBUF(png), 1); |
70 } | 71 } |
71 | 72 |
72 } // namespace | 73 } // namespace |
73 | 74 |
74 namespace blink { | 75 namespace blink { |
75 | 76 |
76 PNGImageReader::PNGImageReader(PNGImageDecoder* decoder, size_t readOffset) | 77 PNGImageReader::PNGImageReader(PNGImageDecoder* decoder, size_t initialOffset) |
77 : m_decoder(decoder), | 78 : m_width(0), |
78 m_readOffset(readOffset), | 79 m_height(0), |
79 m_currentBufferSize(0), | 80 m_decoder(decoder), |
80 m_decodingSizeOnly(false), | 81 m_initialOffset(initialOffset), |
81 m_hasAlpha(false) { | 82 m_readOffset(initialOffset), |
83 m_progressiveDecodeOffset(0), | |
84 m_idatOffset(0), | |
85 m_idatIsPartOfAnimation(false), | |
86 m_expectIdats(true), | |
87 m_isAnimated(false), | |
88 m_parsedSignature(false), | |
89 m_parsedIHDR(false), | |
90 m_parseCompleted(false), | |
91 m_reportedFrameCount(0), | |
92 m_nextSequenceNumber(0), | |
93 m_fctlNeedsDatChunk(false), | |
94 m_ignoreAnimation(false) { | |
82 m_png = png_create_read_struct(PNG_LIBPNG_VER_STRING, 0, pngFailed, 0); | 95 m_png = png_create_read_struct(PNG_LIBPNG_VER_STRING, 0, pngFailed, 0); |
83 m_info = png_create_info_struct(m_png); | 96 m_info = png_create_info_struct(m_png); |
84 png_set_progressive_read_fn(m_png, m_decoder, pngHeaderAvailable, | 97 png_set_progressive_read_fn(m_png, m_decoder, nullptr, pngRowAvailable, |
85 pngRowAvailable, pngComplete); | 98 pngFrameComplete); |
86 } | 99 } |
87 | 100 |
88 PNGImageReader::~PNGImageReader() { | 101 PNGImageReader::~PNGImageReader() { |
89 png_destroy_read_struct(m_png ? &m_png : 0, m_info ? &m_info : 0, 0); | 102 png_destroy_read_struct(m_png ? &m_png : 0, m_info ? &m_info : 0, 0); |
90 DCHECK(!m_png && !m_info); | 103 DCHECK(!m_png && !m_info); |
91 | 104 } |
92 m_readOffset = 0; | 105 |
93 } | 106 // This method reads from the FastSharedBufferReader, starting at offset, |
94 | 107 // and returns |length| bytes in the form of a pointer to a const png_byte*. |
95 bool PNGImageReader::decode(const SegmentReader& data, bool sizeOnly) { | 108 // This function is used to make it easy to access data from the reader in a |
96 m_decodingSizeOnly = sizeOnly; | 109 // png friendly way, and pass it to libpng for decoding. |
97 | 110 // |
98 // We need to do the setjmp here. Otherwise bad things will happen. | 111 // Pre-conditions before using this: |
112 // - |reader|.size() >= |readOffset| + |length| | |
113 // - |buffer|.size() >= |length| | |
114 // - |length| <= |kBufferSize| | |
115 // | |
116 // The reason for the last two precondition is that currently the png signature | |
117 // plus IHDR chunk (8B + 25B = 33B) is the largest chunk that is read using this | |
118 // method. If the data is not consecutive, it is stored in |buffer|, which must | |
119 // have the size of (at least) |length|, but there's no need for it to be larger | |
120 // than |kBufferSize|. | |
121 static constexpr size_t kBufferSize = 33; | |
122 const png_byte* readAsConstPngBytep(const FastSharedBufferReader& reader, | |
123 size_t readOffset, | |
124 size_t length, | |
125 char* buffer) { | |
126 DCHECK(length <= kBufferSize); | |
127 return reinterpret_cast<const png_byte*>( | |
128 reader.getConsecutiveData(readOffset, length, buffer)); | |
129 } | |
130 | |
131 // This is used as a value for the byteLength of a frameInfo struct to | |
132 // indicate that it is the first frame and its byteLength is not yet known. 1 | |
133 // is a safe value since the byteLength field of a frame is at least 12, in | |
134 // the case of an empty fdAT or IDAT chunk. | |
135 static constexpr size_t kFirstFrameIndicator = 1; | |
136 | |
137 // Return false on a fatal error | |
138 bool PNGImageReader::decode(SegmentReader& data, size_t index) { | |
139 if (index >= m_frameInfo.size()) | |
140 return true; | |
141 | |
142 const FastSharedBufferReader reader(&data); | |
143 | |
144 if (!m_isAnimated) { | |
145 if (setjmp(JMPBUF(m_png))) | |
146 return false; | |
147 DCHECK_EQ(0u, index); | |
148 m_progressiveDecodeOffset += processData( | |
149 reader, m_frameInfo[0].startOffset + m_progressiveDecodeOffset, 0); | |
150 return true; | |
151 } | |
152 | |
153 DCHECK(m_isAnimated); | |
154 | |
155 if (index) { | |
Noel Gordon
2017/03/06 05:21:47
Optional: would understanding be aided by having a
scroggo_chromium
2017/03/07 20:25:38
By itself, I did not think so, but I created a cou
Noel Gordon
2017/03/08 15:36:02
Yeah, the local bools are active code and help exp
| |
156 // If a progressive decode is in progress for frame zero, | |
157 if (m_progressiveDecodeOffset || | |
158 // or the frame does not match IHDR, | |
159 m_frameInfo[index].frameRect != IntRect({}, {m_width, m_height})) { | |
160 // decode as a new PNG, to start over/use a modified IHDR. | |
161 clearDecodeState(0); | |
162 } | |
163 } else { | |
164 // For frame zero, only start over with a modified IHDR if a decode is | |
165 // not in progress. | |
166 if (!m_progressiveDecodeOffset && | |
167 m_frameInfo[index].frameRect != IntRect({}, {m_width, m_height})) | |
168 clearDecodeState(0); | |
169 } | |
170 | |
171 const bool decodeAsNewPNG = !m_png; | |
172 if (decodeAsNewPNG) { | |
173 DCHECK(!m_info); | |
174 m_png = png_create_read_struct(PNG_LIBPNG_VER_STRING, 0, pngFailed, 0); | |
175 m_info = png_create_info_struct(m_png); | |
176 png_set_progressive_read_fn(m_png, m_decoder, pngHeaderAvailable, | |
177 pngRowAvailable, pngFrameComplete); | |
178 } | |
179 | |
99 if (setjmp(JMPBUF(m_png))) | 180 if (setjmp(JMPBUF(m_png))) |
100 return m_decoder->setFailed(); | 181 return false; |
101 | 182 |
183 if (decodeAsNewPNG) | |
184 startFrameDecoding(reader, index); | |
185 | |
186 if (!index && (!firstFrameFullyReceived() || m_progressiveDecodeOffset)) { | |
187 const bool decodedFrameCompletely = progressivelyDecodeFirstFrame(reader); | |
188 if (!decodedFrameCompletely) | |
189 return true; | |
190 | |
191 m_progressiveDecodeOffset = 0; | |
192 } else { | |
193 decodeFrame(reader, index); | |
194 } | |
195 | |
196 static png_byte IEND[12] = {0, 0, 0, 0, 'I', 'E', 'N', 'D', 174, 66, 96, 130}; | |
197 png_process_data(m_png, m_info, IEND, 12); | |
198 png_destroy_read_struct(&m_png, &m_info, 0); | |
199 DCHECK(!m_png && !m_info); | |
200 | |
201 return true; | |
202 } | |
203 | |
204 void PNGImageReader::startFrameDecoding(const FastSharedBufferReader& reader, | |
205 size_t index) { | |
206 // If the frame is the size of the whole image, just re-process all header | |
207 // data up to the first frame. | |
208 const IntRect& frameRect = m_frameInfo[index].frameRect; | |
209 if (frameRect.location() == IntPoint() && | |
Noel Gordon
2017/03/06 05:21:47
I think you want
if (frameRect == IntRect(IntP
scroggo_chromium
2017/03/07 20:25:37
Done.
Noel Gordon
2017/03/08 15:36:01
I should've also suggested this
if (frameRect ==
scroggo_chromium
2017/03/08 20:53:22
I have a slight preference for IntRect(0, 0, m_wid
Noel Gordon
2017/03/13 12:16:17
No problems with int/uint conversion here: headerA
| |
210 frameRect.size() == m_decoder->size()) { | |
211 processData(reader, m_initialOffset, m_idatOffset); | |
212 return; | |
213 } | |
214 | |
215 // Process the IHDR chunk, but change the width and height so it reflects | |
216 // the frame's width and height. ImageDecoder will apply the x,y offset. | |
217 char readBuffer[kBufferSize]; | |
218 | |
219 // |headerSize| is equal to |kBufferSize|, but adds more semantic insight. | |
220 constexpr size_t headerSize = 33; | |
221 png_byte header[headerSize]; | |
222 const png_byte* chunk = | |
223 readAsConstPngBytep(reader, m_initialOffset, headerSize, readBuffer); | |
224 memcpy(header, chunk, headerSize); | |
Noel Gordon
2017/03/06 05:21:47
"more semantic insight." This memcpy seems superf
scroggo_chromium
2017/03/07 20:25:37
Done. We still need to memcpy if the FastSharedBuf
Noel Gordon
2017/03/08 15:36:02
Scanned the new code here, scratching my head wond
scroggo_chromium
2017/03/08 20:53:21
FastSharedBufferReader returns a pointer, which is
Noel Gordon
2017/03/13 12:16:17
Ah we modify it, gotcha. Agree you need to memcpy
| |
225 | |
226 png_save_uint_32(header + 16, frameRect.width()); | |
227 png_save_uint_32(header + 20, frameRect.height()); | |
228 // IHDR has been modified, so tell libpng to ignore CRC errors. | |
229 png_set_crc_action(m_png, PNG_CRC_QUIET_USE, PNG_CRC_QUIET_USE); | |
230 png_process_data(m_png, m_info, header, headerSize); | |
231 | |
232 // Process the rest of the header chunks. | |
233 processData(reader, m_initialOffset + headerSize, m_idatOffset - headerSize); | |
234 } | |
235 | |
236 // Determine if the bytes 4 to 7 of |chunk| indicate that it is a |tag| chunk. | |
237 // - The length of |chunk| must be >= 8 | |
238 // - The length of |tag| must be = 4 | |
239 static inline bool isChunk(const png_byte* chunk, const char* tag) { | |
240 return memcmp(chunk + 4, tag, 4) == 0; | |
241 } | |
242 | |
243 bool PNGImageReader::progressivelyDecodeFirstFrame( | |
244 const FastSharedBufferReader& reader) { | |
245 char readBuffer[8]; // large enough to identify a chunk. | |
246 size_t offset = m_frameInfo[0].startOffset; | |
247 | |
248 // Loop while there is enough data to do progressive decoding. | |
249 while (reader.size() >= offset + 8) { | |
250 // At the beginning of each loop, the offset is at the start of a chunk. | |
251 const png_byte* chunk = readAsConstPngBytep(reader, offset, 8, readBuffer); | |
252 const png_uint_32 length = png_get_uint_32(chunk); | |
253 DCHECK(length <= PNG_UINT_31_MAX); | |
254 | |
255 // When an fcTL or IEND chunk is encountered, the frame data has ended. | |
256 // Return true, since all frame data is decoded. | |
257 if (isChunk(chunk, "fcTL") || isChunk(chunk, "IEND")) | |
258 return true; | |
259 | |
260 // If this chunk was already decoded, move on to the next. | |
261 if (m_progressiveDecodeOffset >= offset + length + 12) { | |
262 offset += length + 12; | |
263 continue; | |
264 } | |
265 | |
266 // At this point, three scenarios are possible: | |
267 // 1) Some bytes of this chunk were already decoded in a previous call. | |
268 // Continue from there. | |
269 // 2) This is an fdAT chunk. Convert it to an IDAT chunk to decode. | |
270 // 3) This is any other chunk, most likely an IDAT chunk. | |
271 size_t endOffsetChunk = offset + length + 12; | |
272 | |
273 if (m_progressiveDecodeOffset >= offset + 8) { | |
274 offset = m_progressiveDecodeOffset; | |
275 } else if (isChunk(chunk, "fdAT")) { | |
276 processFdatChunkAsIdat(length); | |
277 // Skip the sequence number. | |
278 offset += 12; | |
279 } else { | |
280 png_process_data(m_png, m_info, const_cast<png_byte*>(chunk), 8); | |
281 offset += 8; | |
282 } | |
283 | |
284 size_t bytesLeftInChunk = endOffsetChunk - offset; | |
285 size_t bytesDecoded = processData(reader, offset, bytesLeftInChunk); | |
286 m_progressiveDecodeOffset = offset + bytesDecoded; | |
287 if (bytesDecoded < bytesLeftInChunk) | |
288 return false; | |
289 offset += bytesDecoded; | |
290 } | |
291 | |
292 return false; | |
293 } | |
294 | |
295 void PNGImageReader::processFdatChunkAsIdat(png_uint_32 fdatLength) { | |
296 // An fdAT chunk is build up as follows: | |
297 // - |length| (4B) | |
298 // - fdAT tag (4B) | |
299 // - sequence number (4B) | |
300 // - frame data (|length| - 4B) | |
301 // - CRC (4B) | |
302 // Thus, to reformat this into an IDAT chunk, do the following: | |
303 // - write |length| - 4 as the new length, since the sequence number | |
304 // must be removed. | |
305 // - change the tag to IDAT. | |
306 // - omit the sequence number from the data part of the chunk. | |
307 png_byte chunkIDAT[] = {0, 0, 0, 0, 'I', 'D', 'A', 'T'}; | |
308 png_save_uint_32(chunkIDAT, fdatLength - 4); | |
309 // The CRC is incorrect when applied to the modified fdAT. | |
310 png_set_crc_action(m_png, PNG_CRC_QUIET_USE, PNG_CRC_QUIET_USE); | |
311 png_process_data(m_png, m_info, chunkIDAT, 8); | |
312 } | |
313 | |
314 void PNGImageReader::decodeFrame(const FastSharedBufferReader& reader, | |
315 size_t index) { | |
316 size_t offset = m_frameInfo[index].startOffset; | |
317 size_t endOffset = offset + m_frameInfo[index].byteLength; | |
318 char readBuffer[8]; | |
319 | |
320 while (offset < endOffset) { | |
321 const png_byte* chunk = readAsConstPngBytep(reader, offset, 8, readBuffer); | |
322 const png_uint_32 length = png_get_uint_32(chunk); | |
323 DCHECK(length <= PNG_UINT_31_MAX); | |
324 | |
325 if (isChunk(chunk, "fdAT")) { | |
326 processFdatChunkAsIdat(length); | |
327 // The frame data and the CRC span |length| bytes, so skip the | |
328 // sequence number and process |length| bytes to decode the frame. | |
329 processData(reader, offset + 12, length); | |
330 } else { | |
331 png_process_data(m_png, m_info, const_cast<png_byte*>(chunk), 8); | |
332 processData(reader, offset + 8, length + 4); | |
333 } | |
334 offset += 12 + length; | |
335 } | |
336 } | |
337 | |
338 // Compute the CRC and compare to the stored value. | |
339 static bool checkCrc(const FastSharedBufferReader& reader, | |
340 size_t chunkStart, | |
341 size_t chunkLength) { | |
342 const size_t kSizeNeededForfcTL = 26 + 4; | |
343 char readBuffer[kSizeNeededForfcTL]; | |
344 DCHECK(chunkLength + 4 <= kSizeNeededForfcTL); | |
345 const png_byte* chunk = | |
346 readAsConstPngBytep(reader, chunkStart + 4, chunkLength + 4, readBuffer); | |
347 | |
348 char crcBuffer[4]; | |
349 const png_byte* crcLoc = | |
Noel Gordon
2017/03/06 05:21:48
abbv. crcLoc -> crcPosition.
scroggo_chromium
2017/03/07 20:25:37
Done.
| |
350 readAsConstPngBytep(reader, chunkStart + 8 + chunkLength, 4, crcBuffer); | |
351 const png_uint_32 crc = png_get_uint_32(crcLoc); | |
Noel Gordon
2017/03/06 05:21:47
s/const//
scroggo_chromium
2017/03/07 20:25:37
Done.
| |
352 const png_uint_32 actual = crc32(crc32(0, Z_NULL, 0), chunk, chunkLength + 4); | |
Noel Gordon
2017/03/06 05:21:47
return crc == crc32(crc32(0, Z_NULL, 0), chunk, ..
scroggo_chromium
2017/03/07 20:25:37
Done.
| |
353 return actual == crc; | |
354 } | |
355 | |
356 bool PNGImageReader::checkSequenceNumber(const png_byte* position) { | |
357 png_uint_32 sequenceNumber = png_get_uint_32(position); | |
Noel Gordon
2017/03/06 05:21:48
sequenceNumber -> sequence and reformat the code h
scroggo_chromium
2017/03/07 20:25:38
Done.
| |
358 if (sequenceNumber != m_nextSequenceNumber || | |
359 sequenceNumber > PNG_UINT_31_MAX) | |
360 return false; | |
361 | |
362 ++m_nextSequenceNumber; | |
363 return true; | |
364 } | |
365 | |
366 // Return false if there was a fatal error; true otherwise. | |
367 bool PNGImageReader::parse(SegmentReader& data, ParseQuery query) { | |
368 if (m_parseCompleted) | |
369 return true; | |
370 | |
371 const FastSharedBufferReader reader(&data); | |
372 | |
373 if (!parseSize(reader)) | |
374 return false; | |
375 | |
376 if (!m_decoder->isDecodedSizeAvailable()) | |
377 return true; | |
378 | |
379 // For non animated images (identified by no acTL chunk before the IDAT), | |
380 // there is no need to continue parsing. | |
381 if (!m_isAnimated) { | |
382 DCHECK(m_frameInfo.isEmpty()); | |
Noel Gordon
2017/03/06 05:21:48
Move this DCHECK to line before the m_frameInfo.pu
scroggo_chromium
2017/03/07 20:25:37
Done.
| |
383 FrameInfo frame; | |
384 frame.startOffset = m_readOffset; | |
385 // This should never be read in this case, but initialize just in case. | |
386 frame.byteLength = kFirstFrameIndicator; | |
387 frame.duration = 0; | |
388 frame.frameRect = IntRect(IntPoint(), {m_width, m_height}); | |
389 frame.disposalMethod = ImageFrame::DisposalMethod::DisposeKeep; | |
390 frame.alphaBlend = ImageFrame::AlphaBlendSource::BlendAtopBgcolor; | |
391 m_frameInfo.push_back(frame); | |
392 m_parseCompleted = true; | |
393 return true; | |
394 } | |
395 | |
396 if (query == ParseQuery::Size) | |
397 return true; | |
398 | |
399 DCHECK_EQ(ParseQuery::MetaData, query); | |
400 DCHECK(m_isAnimated); | |
401 | |
402 // Loop over the data and manually register all frames. Nothing is passed to | |
403 // libpng for processing. A frame is registered on the next fcTL chunk or | |
404 // when the IEND chunk is found. This ensures that only complete frames are | |
405 // reported, unless there is an error in the stream. | |
406 char readBuffer[kBufferSize]; | |
407 while (reader.size() >= m_readOffset + 8) { | |
408 const png_byte* chunk = | |
409 readAsConstPngBytep(reader, m_readOffset, 8, readBuffer); | |
410 const size_t length = png_get_uint_32(chunk); | |
411 if (length > PNG_UINT_31_MAX) | |
412 return false; | |
413 | |
414 const bool IDAT = isChunk(chunk, "IDAT"); | |
415 if (IDAT && !m_expectIdats) | |
416 return false; | |
417 | |
418 const bool fdAT = isChunk(chunk, "fdAT"); | |
419 if (fdAT && m_expectIdats) | |
420 return false; | |
421 | |
422 if (fdAT || (IDAT && m_idatIsPartOfAnimation)) { | |
423 m_fctlNeedsDatChunk = false; | |
424 if (m_newFrame.startOffset == 0) { | |
Noel Gordon
2017/03/06 05:21:47
Comparison to 0.
scroggo_chromium
2017/03/07 20:25:37
Done.
| |
425 // Beginning of a new frame's data. | |
426 m_newFrame.startOffset = m_readOffset; | |
427 | |
428 if (m_frameInfo.isEmpty()) { | |
429 // This is the first frame. Report it immediately so it can be | |
430 // decoded progressively. | |
431 m_newFrame.byteLength = kFirstFrameIndicator; | |
432 m_frameInfo.push_back(m_newFrame); | |
433 } | |
434 } | |
435 | |
436 if (fdAT) { | |
437 if (reader.size() < m_readOffset + 8 + 4) | |
438 return true; | |
439 const png_byte* sequenceNumPosition = | |
Noel Gordon
2017/03/06 05:21:47
sequenceNumPosition -> sequencePosition
scroggo_chromium
2017/03/07 20:25:37
Done.
| |
440 readAsConstPngBytep(reader, m_readOffset + 8, 4, readBuffer); | |
441 if (!checkSequenceNumber(sequenceNumPosition)) | |
442 return false; | |
443 } | |
444 | |
445 } else if (isChunk(chunk, "fcTL") || isChunk(chunk, "IEND")) { | |
446 // This marks the end of the previous frame. | |
447 if (m_newFrame.startOffset != 0) { | |
Noel Gordon
2017/03/06 05:21:48
Comparsion to 0. !m_newFrame.startOffset
scroggo_chromium
2017/03/07 20:25:37
Done.
Noel Gordon
2017/03/08 15:36:01
Bug on my part suggesting !m_newFrame.startOffset.
scroggo_chromium
2017/03/08 20:53:22
Thanks. I noticed the bug and corrected :)
| |
448 m_newFrame.byteLength = m_readOffset - m_newFrame.startOffset; | |
449 if (m_frameInfo[0].byteLength == kFirstFrameIndicator) { | |
450 m_frameInfo[0].byteLength = m_newFrame.byteLength; | |
451 } else { | |
452 m_frameInfo.push_back(m_newFrame); | |
453 if (isChunk(chunk, "fcTL")) { | |
454 if (m_frameInfo.size() >= m_reportedFrameCount) | |
455 return false; | |
456 } else { | |
457 // IEND | |
458 if (m_frameInfo.size() != m_reportedFrameCount) | |
459 return false; | |
460 } | |
461 } | |
462 | |
463 m_newFrame.startOffset = 0; | |
464 } | |
465 | |
466 if (reader.size() < m_readOffset + 12 + length) | |
467 return true; | |
468 | |
469 if (isChunk(chunk, "IEND")) { | |
470 m_parseCompleted = true; | |
471 return true; | |
472 } | |
473 | |
474 if (length != 26 || !checkCrc(reader, m_readOffset, length)) | |
475 return false; | |
476 | |
477 chunk = readAsConstPngBytep(reader, m_readOffset + 8, length, readBuffer); | |
478 if (!parseFrameInfo(chunk)) | |
479 return false; | |
480 | |
481 m_expectIdats = false; | |
482 } else if (isChunk(chunk, "acTL")) { | |
483 // There should only be one acTL chunk, and it should be before the | |
484 // IDAT chunk. | |
485 return false; | |
486 } | |
487 m_readOffset += 12 + length; | |
488 } | |
489 return true; | |
490 } | |
491 | |
492 // If |length| == 0, read until the stream ends. Return number of bytes | |
493 // processed. | |
494 size_t PNGImageReader::processData(const FastSharedBufferReader& reader, | |
495 size_t offset, | |
496 size_t length) { | |
102 const char* segment; | 497 const char* segment; |
103 while (size_t segmentLength = data.getSomeData(segment, m_readOffset)) { | 498 size_t totalProcessedBytes = 0; |
104 m_readOffset += segmentLength; | 499 while (reader.size() > offset) { |
105 m_currentBufferSize = m_readOffset; | 500 size_t segmentLength = reader.getSomeData(segment, offset); |
501 if (length > 0 && segmentLength + totalProcessedBytes > length) | |
502 segmentLength = length - totalProcessedBytes; | |
503 | |
106 png_process_data(m_png, m_info, | 504 png_process_data(m_png, m_info, |
107 reinterpret_cast<png_bytep>(const_cast<char*>(segment)), | 505 reinterpret_cast<png_byte*>(const_cast<char*>(segment)), |
108 segmentLength); | 506 segmentLength); |
109 if (sizeOnly ? m_decoder->isDecodedSizeAvailable() | 507 offset += segmentLength; |
110 : m_decoder->frameIsCompleteAtIndex(0)) | 508 totalProcessedBytes += segmentLength; |
509 if (totalProcessedBytes == length) | |
510 return length; | |
511 } | |
512 return totalProcessedBytes; | |
513 } | |
514 | |
515 // Process up to the start of the IDAT with libpng. | |
516 // Return false for a fatal error. True otherwise. | |
517 bool PNGImageReader::parseSize(const FastSharedBufferReader& reader) { | |
518 if (m_decoder->isDecodedSizeAvailable()) | |
519 return true; | |
520 | |
521 char readBuffer[kBufferSize]; | |
522 | |
523 if (setjmp(JMPBUF(m_png))) | |
524 return false; | |
525 | |
526 if (!m_parsedSignature) { | |
527 if (reader.size() < m_readOffset + 8) | |
111 return true; | 528 return true; |
112 } | 529 |
113 | 530 const png_byte* chunk = |
114 return false; | 531 readAsConstPngBytep(reader, m_readOffset, 8, readBuffer); |
532 png_process_data(m_png, m_info, const_cast<png_byte*>(chunk), 8); | |
533 m_readOffset += 8; | |
534 m_parsedSignature = true; | |
535 // Initialize the newFrame by setting the readOffset to 0. | |
Noel Gordon
2017/03/06 05:21:47
Comment does not match the code, maybe throw it.
scroggo_chromium
2017/03/07 20:25:37
Done.
| |
536 m_newFrame.startOffset = 0; | |
537 } | |
538 | |
539 // This loop peeks at the chunk tag until the IDAT chunk is found. APNG | |
540 // chunks are handled manually. Other tags are passed on to libpng for general | |
541 // parsing. Peek at chunks by looking at the first 8 bytes, which contain the | |
542 // length and the chunk tag. | |
543 for (png_uint_32 length = 0; reader.size() >= m_readOffset + 8; | |
544 m_readOffset += length + 12) { | |
545 const png_byte* chunk = | |
546 readAsConstPngBytep(reader, m_readOffset, 8, readBuffer); | |
547 length = png_get_uint_32(chunk); | |
548 | |
549 // If we encounter the IDAT chunk, we're done with the png header | |
Noel Gordon
2017/03/06 05:21:47
Superfluous comment.
scroggo_chromium
2017/03/07 20:25:38
Done.
| |
550 if (isChunk(chunk, "IDAT")) { | |
551 // Done with header chunks. | |
552 m_idatOffset = m_readOffset; | |
553 m_fctlNeedsDatChunk = false; | |
554 if (m_ignoreAnimation) | |
555 m_isAnimated = false; | |
556 if (!m_isAnimated || 1 == m_reportedFrameCount) | |
557 m_decoder->setRepetitionCount(cAnimationNone); | |
558 // Call headerAvailable manually. IDAT will be supplied (possibly | |
Noel Gordon
2017/03/06 05:21:48
I'm not sure this comment adds value either.
scroggo_chromium
2017/03/07 20:25:37
Done.
Noel Gordon
2017/03/08 15:36:02
Thanks, Function-level comment says IDAT, no need
scroggo_chromium
2017/03/08 20:53:22
I only see one left after responding to the last r
Noel Gordon
2017/03/13 12:16:17
"removed" -> nod, that's the spirit :)
| |
559 // modified) when decoding the frame. | |
560 m_decoder->headerAvailable(); | |
561 return true; | |
562 } | |
563 | |
564 // 12 is the length, tag and crc part of the chunk, which are all 4B. | |
565 if (reader.size() < m_readOffset + length + 12) | |
566 break; | |
567 | |
568 if (isChunk(chunk, "acTL")) { | |
569 if (m_ignoreAnimation) | |
570 continue; | |
571 if (m_isAnimated || length != 8 || !m_parsedIHDR || | |
572 !checkCrc(reader, m_readOffset, 8)) { | |
573 m_ignoreAnimation = true; | |
574 continue; | |
575 } | |
576 chunk = readAsConstPngBytep(reader, m_readOffset + 8, length, readBuffer); | |
577 m_reportedFrameCount = png_get_uint_32(chunk); | |
578 if (!m_reportedFrameCount || m_reportedFrameCount > PNG_UINT_31_MAX) { | |
579 m_ignoreAnimation = true; | |
580 continue; | |
581 } | |
582 png_uint_32 repetitionCount = png_get_uint_32(chunk + 4); | |
583 if (repetitionCount > PNG_UINT_31_MAX) { | |
584 m_ignoreAnimation = true; | |
585 continue; | |
586 } | |
587 m_isAnimated = true; | |
588 m_decoder->setRepetitionCount((int)repetitionCount - 1); | |
589 } else if (isChunk(chunk, "fcTL")) { | |
590 if (m_ignoreAnimation) | |
591 continue; | |
592 if (length != 26 || !m_parsedIHDR || | |
593 !checkCrc(reader, m_readOffset, 26)) { | |
594 m_ignoreAnimation = true; | |
595 continue; | |
596 } | |
597 chunk = readAsConstPngBytep(reader, m_readOffset + 8, length, readBuffer); | |
598 if (!parseFrameInfo(chunk) || | |
599 m_newFrame.frameRect != IntRect(0, 0, m_width, m_height)) { | |
600 m_ignoreAnimation = true; | |
Noel Gordon
2017/03/06 05:21:48
The logic of how m_ignoreAnimation is used is inte
scroggo_chromium
2017/03/07 20:25:37
But others will fail, whereas today we successfull
Noel Gordon
2017/03/08 15:36:01
IC, thanks for pointing at these sections of the C
scroggo_chromium
2017/03/08 20:53:22
I interpreted that to mean the three specific case
Noel Gordon
2017/03/13 12:16:17
(Thanks for filing the bug).
| |
601 continue; | |
602 } | |
603 m_idatIsPartOfAnimation = true; | |
604 } else if (isChunk(chunk, "fdAT")) { | |
605 m_ignoreAnimation = true; | |
606 } else { | |
607 png_process_data(m_png, m_info, const_cast<png_byte*>(chunk), 8); | |
608 processData(reader, m_readOffset + 8, length + 4); | |
609 if (isChunk(chunk, "IHDR")) { | |
610 m_parsedIHDR = true; | |
611 m_width = png_get_image_width(m_png, m_info); | |
612 m_height = png_get_image_height(m_png, m_info); | |
613 } | |
614 } | |
615 } | |
616 | |
617 // Not enough data to call headerAvailable. | |
618 return true; | |
619 } | |
620 | |
621 bool PNGImageReader::firstFrameFullyReceived() const { | |
622 return !m_frameInfo.isEmpty() && | |
623 m_frameInfo[0].byteLength != kFirstFrameIndicator; | |
624 } | |
625 | |
626 void PNGImageReader::clearDecodeState(size_t frameIndex) { | |
Noel Gordon
2017/03/06 05:21:48
frameIndex -> index.
scroggo_chromium
2017/03/07 20:25:37
Done.
| |
627 if (frameIndex == 0) { | |
Noel Gordon
2017/03/06 05:21:47
Comparison to 0.
scroggo_chromium
2017/03/07 20:25:38
Done.
| |
628 png_destroy_read_struct(m_png ? &m_png : nullptr, | |
629 m_info ? &m_info : nullptr, 0); | |
630 DCHECK(!m_png && !m_info); | |
631 m_progressiveDecodeOffset = 0; | |
632 } | |
633 } | |
634 | |
635 size_t PNGImageReader::frameCount() const { | |
636 return m_frameInfo.size(); | |
637 } | |
638 | |
639 const PNGImageReader::FrameInfo& PNGImageReader::frameInfo(size_t index) const { | |
640 DCHECK(index < m_frameInfo.size()); | |
641 return m_frameInfo[index]; | |
642 } | |
643 | |
644 // These constants map to the frame control parameters defined in fcTL chunks, | |
645 // as specified at https://wiki.mozilla.org/APNG_Specification. | |
646 #define kAPNG_DISPOSE_OP_NONE 0 | |
647 #define kAPNG_DISPOSE_OP_BACKGROUND 1 | |
648 #define kAPNG_DISPOSE_OP_PREVIOUS 2 | |
649 | |
650 #define kAPNG_BLEND_OP_SOURCE 0 | |
651 #define kAPNG_BLEND_OP_OVER 1 | |
652 | |
653 // Extract the frame control info and store it in m_newFrame. The length check | |
654 // on the data chunk has been done by the calling code. | |
655 bool PNGImageReader::parseFrameInfo(const png_byte* data) { | |
656 if (m_fctlNeedsDatChunk) | |
657 return false; | |
658 | |
659 if (!checkSequenceNumber(data)) | |
Noel Gordon
2017/03/06 05:21:47
Move this check further down (see next comment).
| |
660 return false; | |
661 | |
662 png_uint_32 frameWidth = png_get_uint_32(data + 4); | |
663 png_uint_32 frameHeight = png_get_uint_32(data + 8); | |
664 png_uint_32 xOffset = png_get_uint_32(data + 12); | |
665 png_uint_32 yOffset = png_get_uint_32(data + 16); | |
666 | |
667 if (!frameWidth || !frameHeight || xOffset + frameWidth > m_width || | |
Noel Gordon
2017/03/06 05:21:48
if (!checkSequenceNumber(data))
return false;
if
scroggo_chromium
2017/03/07 20:25:37
Done.
| |
668 yOffset + frameHeight > m_height) | |
669 return false; | |
670 | |
671 png_uint_16 delayNumerator = png_get_uint_16(data + 20); | |
672 png_uint_16 delayDenominator = png_get_uint_16(data + 22); | |
673 | |
674 m_newFrame.duration = (delayDenominator == 0) | |
Noel Gordon
2017/03/06 05:21:47
if (delayDenominator)
m_newFrame.duration = de
scroggo_chromium
2017/03/07 20:25:37
Done.
| |
675 ? delayNumerator * 10 | |
676 : delayNumerator * 1000 / delayDenominator; | |
677 m_newFrame.frameRect = IntRect(xOffset, yOffset, frameWidth, frameHeight); | |
Noel Gordon
2017/03/06 05:21:48
Odd that m_newFrame.frameRect is set here. Would
scroggo_chromium
2017/03/07 20:25:37
Done.
| |
678 const uint8_t disposalMethod = data[24]; | |
Noel Gordon
2017/03/06 05:21:47
Space before this line, and make it
const png_byt
scroggo_chromium
2017/03/07 20:25:37
Done.
| |
679 switch (disposalMethod) { | |
680 case kAPNG_DISPOSE_OP_NONE: | |
681 m_newFrame.disposalMethod = ImageFrame::DisposalMethod::DisposeKeep; | |
682 break; | |
683 case kAPNG_DISPOSE_OP_BACKGROUND: | |
684 m_newFrame.disposalMethod = | |
685 ImageFrame::DisposalMethod::DisposeOverwriteBgcolor; | |
686 break; | |
687 case kAPNG_DISPOSE_OP_PREVIOUS: | |
688 m_newFrame.disposalMethod = | |
689 ImageFrame::DisposalMethod::DisposeOverwritePrevious; | |
690 break; | |
691 default: | |
692 return false; | |
693 } | |
694 | |
695 const uint8_t alphaBlend = data[25]; | |
Noel Gordon
2017/03/06 05:21:47
const png_byte& alphaBlend = data[25];
scroggo_chromium
2017/03/07 20:25:37
Done.
| |
696 switch (alphaBlend) { | |
697 case kAPNG_BLEND_OP_SOURCE: | |
698 m_newFrame.alphaBlend = ImageFrame::AlphaBlendSource::BlendAtopBgcolor; | |
699 break; | |
700 case kAPNG_BLEND_OP_OVER: | |
701 m_newFrame.alphaBlend = | |
702 ImageFrame::AlphaBlendSource::BlendAtopPreviousFrame; | |
703 break; | |
704 default: | |
705 return false; | |
706 } | |
707 m_fctlNeedsDatChunk = true; | |
Noel Gordon
2017/03/06 05:21:48
Space before this line.
scroggo_chromium
2017/03/07 20:25:37
Done.
| |
708 return true; | |
115 } | 709 } |
116 | 710 |
117 } // namespace blink | 711 } // namespace blink |
OLD | NEW |