diff --git a/3rdparty/libtiff/CMakeLists.txt b/3rdparty/libtiff/CMakeLists.txt index 61e40b2885..2074888a52 100644 --- a/3rdparty/libtiff/CMakeLists.txt +++ b/3rdparty/libtiff/CMakeLists.txt @@ -239,6 +239,9 @@ if(HOST_BIG_ENDIAN) else() set(HOST_BIG_ENDIAN 0) endif() +if(HOST_BIG_ENDIAN) + add_definitions(-DWORDS_BIGENDIAN) +endif() # IEEE floating point set(HAVE_IEEEFP 1 CACHE STRING "IEEE floating point is available") diff --git a/3rdparty/libtiff/ChangeLog b/3rdparty/libtiff/ChangeLog index 1f50e20135..452dcb3a18 100644 --- a/3rdparty/libtiff/ChangeLog +++ b/3rdparty/libtiff/ChangeLog @@ -1,3 +1,2329 @@ +2020-12-19 Bob Friesenhahn + + * libtiff 4.2.0 released. + + * configure.ac: Pass tar-ustar option to AM_INIT_AUTOMAKE rather + than tar-pax since ustar POSIX 1003.1-1988 format is more portable + than PAX POSIX 1003.1-2001 format. + +2020-12-12 Even Rouault + + Merge branch 'w_adjust-deflate_names' into 'master' + Set 'deflate' to DEFLATE_NAMES, instead of 'libdeflate' + + See merge request libtiff/libtiff!174 + +2020-12-12 Lemures Lemniscati + + Set 'deflate' to DEFLATE_NAMES, instead of 'libdeflate' + 'lib' will be automatically added as a prefix while doing find_library() + +2020-12-12 Even Rouault + + DoubleToRational(): avoid casting NaN to uint32 (fixes #227) + +2020-12-12 Even Rouault + + Merge branch 'fix_221' into 'master' + tiffio.h: do not define __attribute__ but defines TIFF_ATTRIBUTE instead (fixes #221) + + Closes #221 + + See merge request libtiff/libtiff!173 + +2020-12-12 Even Rouault + + tiffio.h: do not define __attribute__ but defines TIFF_ATTRIBUTE instead (fixes #221) + +2020-12-08 Even Rouault + + TIFFReadDirEntryArrayWithLimit(): properly read from offline tag value when we clamp the number of strips to 1. + Fixes regression of commit 7057734d986001b7fd6d2afde9667da7754ff2cc on reading + a file with StripByteCounts with 1 element (broken) and StripOffsets with + 896 elements, and where StripOffsets[0] is correct + + $ tiffdump foo.tif + Magic: 0x4949 Version: 0x2a + Directory 0: offset 25725448 (0x1888a08) next 0 (0) + SubFileType (254) LONG (4) 1<0> + ImageWidth (256) LONG (4) 1<640> + ImageLength (257) LONG (4) 1<20098> + BitsPerSample (258) SHORT (3) 1<16> + Photometric (262) SHORT (3) 1<1> + SamplesPerPixel (277) SHORT (3) 1<1> + ResolutionUnit (296) SHORT (3) 1<2> + StripByteCounts (279) LONG (4) 1<1806> + StripOffsets (273) LONG (4) 896<8 648 1288 1928 2568 3208 3848 4488 5128 5768 6408 7048 7688 8328 8968 9608 10248 10888 11528 12168 12808 13448 14088 14728 ...> + +2020-12-02 Even Rouault + + tif_jpeg.c: avoid potential harmless unsigned integer overflow on data->fileoffset in JPEGFixupTagsSubsamplingSkip() by validating earlier. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28200 + +2020-11-27 Even Rouault + + Merge branch 'Jamaika1-master-patch-47839' into 'master' + Change ULARGE_INTEGER to LARGE_INTEGER + + See merge request libtiff/libtiff!170 + +2020-11-27 Even Rouault + + Merge branch 'Jamaika1-master-patch-46397' into 'master' + Added stdint.h + + See merge request libtiff/libtiff!171 + +2020-11-27 Jamaika + + Added stdint.h. + + ``` tif_win32.c: In function '_tiffSizeProc': tif_win32.c:159:23: warning: passing argument 2 of 'GetFileSizeEx' from incompatible pointer type [-Wincompatible-pointer-types] 159 | if (GetFileSizeEx(fd,&m)) | ^~ | | | ULARGE_INTEGER * In file included from c:\msys1021\x86_64-w64-mingw32\include\winbase.h:18, from c:\msys1021\x86_64-w64-mingw32\include\windows.h:70, from tif_win32.c:32: c:\msys1021\x86_64-w64-mingw32\include\fileapi.h:78:73: note: expected 'PLARGE_INTEGER' {aka 'LARGE_INTEGER *'} but argument is of type 'ULARGE_INTEGER *' 78 | WINBASEAPI WINBOOL WINAPI GetFileSizeEx (HANDLE hFile, PLARGE_INTEGER lpFileSize); | ~~~~~~~~~~~~~~~^~~~~~~~~~ ``` + +2020-11-21 Even Rouault + + Merge branch 'issue-113' into 'master' + tiffcrop: fix buffer overrun in extractContigSamples24bits() + + Closes #113 + + See merge request libtiff/libtiff!169 + +2020-11-21 Even Rouault + + Merge branch 'issue-156' into 'master' + tiff2pdf: Check output size before writing + + Closes #156 + + See merge request libtiff/libtiff!168 + +2020-11-21 Even Rouault + + Merge branch 'issue-201' into 'master' + tiff2pdf: enforce memory limit for tiled pictures too + + Closes #201 + + See merge request libtiff/libtiff!167 + +2020-11-20 Even Rouault + + Merge branch 'issue-207' into 'master' + enforce (configurable) memory limit in tiff2rgba + + Closes #209 et #207 + + See merge request libtiff/libtiff!165 + +2020-11-20 Even Rouault + + tif_lzw.c: avoid false positive -Wnull-dereference of mingw32 gcc 7.3. + +2020-11-17 Thomas Bernard + + tiffcrop: fix buffer overrun in extractContigSamples24bits() + fixes #113 + + tiff2pdf: Check output size before writing. + fixes #156 + + tiff2pdf: enforce memory limit for tiled pictures too. + fixes #201 + +2020-11-15 Thomas Bernard + + tiff2rgba.1: -M option. + + enforce (configurable) memory limit in tiff2rgba. + fixes #207 + fixes #209 + +2020-11-14 Even Rouault + + Merge branch 'issue-220' into 'master' + tiff2pdf.c: properly calculate datasize when saving to JPEG YCbCr + + Closes #220 + + See merge request libtiff/libtiff!159 + +2020-11-14 Thomas Bernard + + tiff2pdf.c: properly calculate datasize when saving to JPEG YCbCr. + fixes #220 + +2020-11-14 Even Rouault + + Merge branch 'issue-204' into 'master' + avoid buffer overflow while writing jpeg end of file marker + + Closes #204 + + See merge request libtiff/libtiff!161 + +2020-11-14 Even Rouault + + Merge branch 'issue-193' into 'master' + fix buffer overflow in tiff2ps.c + + Closes #193 + + See merge request libtiff/libtiff!162 + +2020-11-14 Even Rouault + + Merge branch 'skal65535-master-patch-91082' into 'master' + More overflow fixes for large widths + + See merge request libtiff/libtiff!164 + +2020-11-14 skal + + More overflow fixes for large width. + Also: use INT_MAX instead of hard-coded constants. + +2020-11-12 Even Rouault + + Merge branch 'skal65535-master-patch-56655' into 'master' + Fix potential overflow in gtStripContig() + + See merge request libtiff/libtiff!163 + +2020-11-12 Even Rouault + + Merge branch 'issue-211' into 'master' + check for tile width overflow + + Closes #211 + + See merge request libtiff/libtiff!160 + +2020-11-12 skal + + Fix potential overflow in gtStripContig() + (w + w) might not fit in int32 if too large. + +2020-11-09 Thomas Bernard + + tiff2ps.c: fix buffer overread. + fixes #193 + + fix undefined behaviour (int shifted too much to the left) + + avoid buffer overflow while writing jpeg end of file marker. + fixes #204 + + gtTileContig(): check Tile width for overflow. + fixes #211 + + fix warning messages (v32 is unsigned) + +2020-10-26 Even Rouault + + TIFFStartStrip(): avoid potential crash in WebP codec when using scanline access on corrupted files. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26650 + +2020-10-20 Even Rouault + + tif_webp.c: validate tile/strip dimension to avoid unsigned integer overflow in RGBA.size computation + +2020-10-19 Even Rouault + + tif_zip.c: fix typo in comment. + +2020-10-16 Even Rouault + + tiff.h: remove irrelevant warning about webp related pseudo-tags not being registered: they are purely internal libtiff concepts + +2020-10-16 Even Rouault + + Merge branch 'libdeflate' into 'master' + Add support for building against libdeflate for faster Zip/Deflate compression/decompression + + See merge request libtiff/libtiff!158 + +2020-10-16 Even Rouault + + test: add testdeflatelaststripextradata.sh. + +2020-10-16 Even Rouault + + Add support for optional building against libdeflate for faster Zip/Deflate compression/decompression. + So we can have 2 kind of builds with the Zip/Deflate codec: + - zlib only + - zlib + libdeflate + + Speed improvements in the 35%-50% range can be expected when libdeflate is used. + Compression level up to 12 is now supported (capped to 9 when zlib is used). + Still requires zlib for situations where libdeflate cannot be used (that + is for scanline access, since libdeflate has no streaming mode) + + Pseudo-tag TIFFTAG_DEFLATE_SUBCODEC=DEFLATE_SUBCODEC_ZLIB/DEFLATE_SUBCODEC_LIBDEFLATE + is added to control which subcodec (zlib or libdeflate) should be used (it defaults + of course to libdeflate, when it is available). + This is mostly aimed at being used on the writing side, to be able to reproduce + output of previous libtiff versions at a binary level, in situations where this would + be really needed. Or as a safety belt in case there would be unforeseen issues + with using libdeflate. + It can be used to know when libdeflate is available at runtime (DEFLATE_SUBCODEC_LIBDEFLATE + will be the default value in that situation). + + Of course, deflate codestreams produced by libdeflate can be read by zlib, and vice-versa. + +2020-10-14 Even Rouault + + tif_webp.c: fix compiler warnings with MSVC. + +2020-10-12 Even Rouault + + Merge branch 'various_fixes' into 'master' + Fix compiler warnings about unused variables when assert() expands to nothing + + See merge request libtiff/libtiff!157 + +2020-10-12 Even Rouault + + .gitignore: add entries for new files in test/ + + Fix compiler warnings about unused variables when assert() expands to nothing + +2020-10-09 Roger Leigh + + Merge branch '215-cygwin-appveyor-fail' into 'master' + Update Appveyor CI build to build with VS2019 image + + Closes #215 + + See merge request libtiff/libtiff!154 + +2020-10-09 Roger Leigh + + wip. + + wip. + + wip. + + wip. + + wip. + + wip. + +2020-10-09 Roger Leigh + + Merge branch 'TIFF-217_m_lib_path' into 'master' + cmake: Do not use absolute libm path + + Closes #217 + + See merge request libtiff/libtiff!156 + +2020-10-09 Roger Leigh + + cmake: Do not use absolute libm path. + +2020-10-08 Even Rouault + + tif_fax3.h: restore systematic calls to CLEANUP_RUNS() + now that SETVALUE() no longer cause overflows. + Those were removed per b351db8be1b4d3f712bdb9424a79d3174cc03202 and + 3440ac216463fcad170bbb391491e69730a59ffa. + + As SETVALUE() now returns an error, this allow the decoder to exit. + + Otherwise, the assert(x == lastx) in _TIFFFax3fillruns() can trigger. + + Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26201 + +2020-10-06 Even Rouault + + Merge branch 'check_TIFFFlushData1' into 'master' + FAX/JPEG/LZMA/PixarLog/ZIP/ZSTD codecs: make sure to check TIFFFlushData1() return value + + See merge request libtiff/libtiff!155 + +2020-10-04 Even Rouault + + Merge branch 'shared-memory' into 'master' + Set the --shared-memory linker flag for Emscripten builds + + See merge request libtiff/libtiff!153 + +2020-10-03 Even Rouault + + tiff2rgba.c: fix -Wold-style-declaration warning. + + FAX/JPEG/LZMA/PixarLog/ZIP/ZSTD codecs: make sure to check TIFFFlushData1() return value + +2020-09-26 Even Rouault + + tif_fax3.h: extra buffer overflow checks. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=25934 + +2020-09-25 Roger Leigh + + wip. + + wip. + + wip. + + wip. + + wip. + + wip. + + Update AppVeyor image. + + test-appveyor. + +2020-09-24 Attila Oláh + + Also pass --shared-memory to raw_decode. + This is needed when building for Emscripten with *both* WEBP and JPEG + support. + + Set the --shared-memory linker flag for Emscripten builds. + This is only needed when building with WEBP support, which uses atomics, + therefore the linker needs the --shared-memory flag. The flag cannot be + added globally because not all executables link against libwebp. + +2020-09-22 Even Rouault + + tif_fax3.h: return error when a buffer overflow occurs. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=25552 and https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=25849 + +2020-09-11 Even Rouault + + Merge branch 'fix-float-compare' into 'master' + Fix comparison for max negative float value. + + See merge request libtiff/libtiff!152 + +2020-09-11 Dirk Lemstra + + Fix comparison for max negative float value. + +2020-09-07 Even Rouault + + Fax3PreDecode(): reset curruns and refruns state variables. + to avoid out-of-bounds write triggered by GDAL when repeatedly + reading a corrupt strip. + + Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=25493 + +2020-06-06 Thomas Bernard + + Merge branch 'issue-17' into 'master' + normalize tools behaviour regarding -h + + Closes #17 + + See merge request libtiff/libtiff!115 + +2020-05-31 Even Rouault + + TWebPSetupEncode(): fix logic problem (and instead of or) in test that checks input is 8bit unsigned data + +2020-05-12 Even Rouault + + TIFFGetConfiguredCODECs(): fix to avoid wrong structure to be returned for registered (ie non built-in) codecs + +2020-05-09 Even Rouault + + Merge branch 'zstd-webp-update' into 'master' + gitlab-ci: use latest zstd and webp versions + + See merge request libtiff/libtiff!148 + +2020-05-09 Even Rouault + + Merge branch 'deprecated' into 'master' + ojpeg: s/Depreciated/Deprecated/ + + See merge request libtiff/libtiff!149 + +2020-05-09 Aaron Boxer + + ojpeg: s/Depreciated/Deprecated/ + +2020-04-27 Even Rouault + + Fix typos. + + tif_jpeg.c: avoid potential division in previous fix (master only) + +2020-04-26 Thomas Bernard + + gitlab-ci: use latest zstd and webp versions. + +2020-04-26 Even Rouault + + tiff.h: fixes to use ASCII only characters (master only) + +2020-04-26 Thomas Bernard + + tiffsplit: use EXIT_SUCCESS / EXIT_FAILURE. + + tiffset: print usage on stdout when -h is used. + also use EXIT_FAILURE / EXIT_SUCCESS + see #17 + + tiffmedian: shopw usage on stdout when -h is used. + aslo use EXIT_SUCCESS/EXIT_FAILURE + see #17 + + tiffinfo: print usage on stdout when -h is used. + also use EXIT_FAILURE / EXIT_SUCCESS + see #17 + + raw2tiff: print usage to stdout when -h is used. + see #17 + + tiff2pdf: print usage on stdout when -h is used. + see #17 + + tiffgt: output usage on stdout with -h. + also use EXIT_SUCCESS / EXIT_FAILURE + + tiffdump: use EXIT_FAILURE / EXIT_SUCCESS. + see #17 + + tiffdither: print usage on stdout when -h is used. + see #17 + +2020-04-26 Thomas Bernard + + tiffcrop: -h / -v prints usage/version to stdout. + also uses the standard C EXIT_SUCCESS / EXIT_FAILURE + macros + + see #17 + +2020-04-26 Thomas Bernard + + tiffcp: output usage to stdout when using -h. + also use EXIT_FAILURE / EXIT_SUCCESS + see #17 + + tiffcmp: match exit status for posix cmp and diff tools. + + tiff2rgba: output usage to stdout when using -h. + also uses std C EXIT_FAILURE / EXIT_SUCCESS + see #17 + + tiff2ps: sue EXIT_FAILURE / EXIT_SUCCESS. + see #17 + + tiff2bw: output usage on stdout when using -h. + also uses EXIT_SUCCESS / EXIT_FAILURE + see #17 + + thumbnail: use EXIT_FAILURE / EXIT_SUCCESS. + the -h option was already used so it cannot be used for help/usage + see #17 + + rgb2ycbcr: use EXIT_FAILURE / EXIT_SUCCESS. + the -h option was already used so it cannot be used for help/usage + see #17 + + ppm2tiff: output usage to stdout when using -h option. + also uses std C EXIT_SUCCESS / EXIT_FAILURE + see #17 + + pal2rgb: output usage to stdout when -h is used. + see #17 + + fax2tiff.c: print usage on stdout when using -h option. + see #17 + + fax2ps: output usage to stdout when using -h option. + also use EXIT_SUCCESS, EXIT_FAILURE from C standard + +2020-04-25 Even Rouault + + Merge branch 'jpeg_multiscan_dos_logic' into 'master' + tif_jpeg.c: revise logic to detect potential excessive memory usage when... + + See merge request libtiff/libtiff!147 + +2020-04-24 Even Rouault + + Merge branch 'issue-176' into 'master' + tiff2pdf: get rid of uninitialized memory content + + Closes #176 + + See merge request libtiff/libtiff!143 + +2020-04-24 Even Rouault + + tif_jpeg.c: revise logic to detect potential excessive memory usage when decoding multiscan JPEG compressed images + +2020-04-19 Thomas Bernard + + tiff2pdf: test the return code of TIFFReadRawStrip() and TIFFReadRawTile() + + tiff2pdf.c: fix some whitespace problems in source. + + tiff2pdf: get rid of uninitialized memory content. + fixes #176 + +2020-04-19 Even Rouault + + Merge branch 'issue-18' into 'master' + tiffset: pass size for TIFFTAG_INKNAMES + + Closes #18 + + See merge request libtiff/libtiff!146 + +2020-04-18 Olivier Paquet + + Merge branch 'issue-80' into 'master' + tiffinfo: fix dump of Tiled images + + Closes #80 + + See merge request libtiff/libtiff!144 + +2020-04-15 Even Rouault + + Fix wrong file size checks for memory-mapped BigTIFF files that could lead to image rejection + +2020-04-05 Thomas Bernard + + tiffset: pass size for TIFFTAG_INKNAMES. + Uses TIFFFieldPassCount() to know which arguments need to be + passed to TiffSetField() + + fixes #18 + see http://bugzilla.maptools.org/show_bug.cgi?id=2202 + +2020-04-04 Thomas Bernard + + tiffinfo: showdata for tiled images. + + tiffinfo: fix dump of Tiled images. + fixes #80 + +2020-04-03 Even Rouault + + Merge branch 'issue-117' into 'master' + tiffcrop: enforce memory allocation limit + + Closes #117 + + See merge request libtiff/libtiff!140 + +2020-04-03 Thomas Bernard + + tiffcrop: enforce memory allocation limit. + uses -k option to change limit (default to 256MiB) + fixes #117 / http://bugzilla.maptools.org/show_bug.cgi?id=2757 + +2020-04-02 Even Rouault + + Merge branch 'issue-45' into 'master' + tiffcp: disable strip chopping when trying to convert to JBIG compression + + Closes #45 + + See merge request libtiff/libtiff!138 + +2020-04-02 Even Rouault + + Merge branch 'issue-124' into 'master' + TIFFGetFields(3tiff): TIFFTAG_*BYTECOUNTS TIFFTAG_*OFFSETS are uint64 + + Closes #124 + + See merge request libtiff/libtiff!137 + +2020-04-02 Even Rouault + + Merge branch 'aix_itrunc' into 'master' + Rename itrunc to fix name clash with a different itrunc in math.h on AIX. Fixes issue #189 + + Closes #189 + + See merge request libtiff/libtiff!139 + +2020-04-01 Rob Boehne + + Rename itrunc to fix name clash with a different itrunc in math.h on AIX. Fixes issue #189 + +2020-04-01 Thomas Bernard + + tiffcp: disable strip chopping when trying to convert to JBIG compression + fixes #45 + +2020-03-29 Thomas Bernard + + TIFFGetFields(3tiff): TIFFTAG_*BYTECOUNTS TIFFTAG_*OFFSETS are uint64. + fixes #124 / http://bugzilla.maptools.org/show_bug.cgi?id=2774 + +2020-03-29 Even Rouault + + Merge branch 'issue-48' into 'master' + tiff2pdf: fix "raw" copy of Deflate streams + + Closes #48 + + See merge request libtiff/libtiff!136 + +2020-03-27 Thomas Bernard + + tiff2pdf: fix "raw" copy of Deflate streams. + The Predictor parametter was not copied from the source tiff to the PDF. + fixes #48 / http://bugzilla.maptools.org/show_bug.cgi?id=2442 + +2020-03-26 Thomas Bernard + + tif_fax3: quit Fax3Decode2D() when a buffer overflow occurs. + fixes #186 + +2020-03-24 Even Rouault + + Merge branch 'issue-143-144' into 'master' + tiffdump: avoid unaligned memory access + + Closes #144 et #143 + + See merge request libtiff/libtiff!133 + +2020-03-24 Even Rouault + + Merge branch 'issue-133' into 'master' + tiff2pdf: avoid divide by 0 + + Closes #133 + + See merge request libtiff/libtiff!126 + +2020-03-24 Thomas Bernard + + tiff2pdf: normalizePoint() macro to normalize the white point. + +2020-03-23 Thomas Bernard + + tiffdump: avoid unaligned memory access. + fixes #143 + fixes #144 + +2020-03-23 Even Rouault + + Merge branch 'out-of-memory' into 'master' + tiffcp/tiff2pdf/tiff2ps: enforce maximum malloc size + + Closes #153, #84, #116 et #115 + + See merge request libtiff/libtiff!130 + +2020-03-23 Even Rouault + + Merge branch 'issue-157' into 'master' + tiffset: check memory allocation + + Closes #157 + + See merge request libtiff/libtiff!132 + +2020-03-23 Even Rouault + + Merge branch 'issue-185' into 'master' + tif_fax3: more buffer overflow checks in Fax3Decode2D() + + Closes #185 + + See merge request libtiff/libtiff!131 + +2020-03-23 Thomas Bernard + + tiffset: check memory allocation. + fixes #157 / http://bugzilla.maptools.org/show_bug.cgi?id=2850 + + tif_fax3: more buffer overflow checks in Fax3Decode2D() + fixes #185 + +2020-03-21 Thomas Bernard + + tiff2ps: enforce memory allocation limit. + fixes #153 / http://bugzilla.maptools.org/show_bug.cgi?id=2845 + + tiff2pdf: enforce maximum data size. + fixes #116 / http://bugzilla.maptools.org/show_bug.cgi?id=2756 + fixes #84 / http://bugzilla.maptools.org/show_bug.cgi?id=2683 + + update man page for tiffcp regarding the -m option. + + tiffcp.c: _TIFFmalloc() => limitMalloc() + +2020-03-21 Thomas Bernard + + tiffcp: enforce maximum malloc size. + default is 256MB. use -m option to change + + fixes #115 / http://bugzilla.maptools.org/show_bug.cgi?id=2755 + +2020-03-21 Even Rouault + + Merge branch 'issue-184' into 'master' + CmakeLists.txt: define WORDS_BIGENDIAN when the CPU is big endian + + Closes #184 + + See merge request libtiff/libtiff!127 + +2020-03-21 Even Rouault + + Merge branch 'issue-44' into 'master' + tiff2pdf: "" causes the relevant argument not to be written + + Closes #44 + + See merge request libtiff/libtiff!128 + +2020-03-21 Even Rouault + + Merge branch 'issue-56' into 'master' + fix man for TIFFReadEncodedStrip(), TIFFStripSize, TIFFVStripSize, TIFFRawStripSize + + Closes #56 + + See merge request libtiff/libtiff!129 + +2020-03-20 Thomas Bernard + + fix man for TIFFReadEncodedStrip(), TIFFStripSize, TIFFVStripSize, TIFFRawStripSize + fixes #56 + http://bugzilla.maptools.org/show_bug.cgi?id=2507 + + tiff2pdf: "" causes the relevant argument not to be written. + fixes #44 + + CmakeLists.txt: define WORDS_BIGENDIAN when the CPU is big endian. + fixes #184 + +2020-03-17 Thomas Bernard + + tiff2pdf: avoid divide by 0. + fixes #133 http://bugzilla.maptools.org/show_bug.cgi?id=2796 + +2020-03-17 Even Rouault + + Merge branch 'issue-22' into 'master' + do not _tiffMapProc 0 size files + + Closes #22 + + See merge request libtiff/libtiff!125 + +2020-03-13 Thomas Bernard + + tif_win32.c: do not _tiffMapProc() 0 sized files. + see #22 + + tif_unix.c: do not _tiffMapProc 0 size files. + fixes #22 + http://bugzilla.maptools.org/show_bug.cgi?id=2249 + +2020-03-12 Even Rouault + + tif_fax3.c: fix warning C4018: '<': signed/unsigned mismatch introduced in past commits + +2020-03-11 Even Rouault + + tiff.h: mention TIFFTAG_RPCCOEFFICIENT, TIFFTAG_TIFF_RSID, TIFFTAG_GEO_METADATA + +2020-03-11 Even Rouault + + Merge branch 'issue-60' into 'master' + added support for more private tags + + Closes #60 + + See merge request libtiff/libtiff!124 + +2020-03-11 Even Rouault + + Merge branch 'issue-160' into 'master' + Fax3SetupState(): check consistency of rowbytes and rowpixels + + Closes #160 + + See merge request libtiff/libtiff!123 + +2020-03-11 Thomas Bernard + + added support for more private tags. + see https://gitlab.com/libtiff/libtiff/-/issues/60 + bugzilla.maptools.org/show_bug.cgi?id=2525 + + closes #60 + + original author : art1@andreas-romeyke.de + +2020-03-11 Thomas Bernard + + Fax3SetupState(): check consistency of rowbytes and rowpixels. + also add some parameter documentation to Fax3Decode1D() + + fixes #160 + http://bugzilla.maptools.org/show_bug.cgi?id=2854 + +2020-03-10 Even Rouault + + Merge branch 'issue-11-const-pointers' into 'master' + Make pointers returned via TIFFGetField const + + Closes #11 + + See merge request libtiff/libtiff!118 + +2020-03-10 Even Rouault + + tif_ojpeg.c: relax again too strict sanity checks to allow reading of valid images such as https://gitlab.com/libtiff/libtiff/-/issues/181#note_302535232. Fixes #181 + +2020-03-09 Even Rouault + + Merge branch 'issue-52' into 'master' + contrib/win_dib/tiff2dib: fix Uninitialized variable: lpBits + + Closes #52 + + See merge request libtiff/libtiff!121 + +2020-03-09 Thomas Bernard + + contrib/win_dib/tiff2dib: fix Uninitialized variable: lpBits. + fixes #52 + http://bugzilla.maptools.org/show_bug.cgi?id=2469 + +2020-03-08 Even Rouault + + Merge branch 'issue-58' into 'master' + Make TIFFTAG_CFAPATTERN variable count + + Closes #58 + + See merge request libtiff/libtiff!120 + +2020-03-08 Even Rouault + + Merge branch 'issue-158-no-predictor-in-webp' into 'master' + TIFFTAG_PREDICTOR is not supported for WebP + + Closes #158 + + See merge request libtiff/libtiff!119 + +2020-03-08 Sam Hasinoff + + Make TIFFTAG_CFAPATTERN variable count. + The TIFFTAG_CFAPATTERN tag (33422) from TIFF/EP, recently introduced in libtiff + 3363eda09d082e3e1dfffa6281f53085cac51ad3 / http://bugzilla.maptools.org/show_bug.cgi?id=2457 + is described as having a fixed count of 4. + But the TIFF/EP spec says this should support a variable count (= CFARepeatRows * CFARepeatCols): + + TIFF/EP, ISO 12234-2:2001 + http://www.barrypearson.co.uk/top2009/downloads/TAG2000-22_DIS12234-2.pdf + page 18 and 26 + +2020-03-08 Thomas Bernard + + TIFFTAG_PREDICTOR is not supported for WebP. + fixes #158 + https://gitlab.com/libtiff/libtiff/-/issues/158 + + this bug was introduced by 9eacd59fecc4ef593ac17689bc530ab451c8ec14 + merge request !32 + +2020-03-07 Adam Goode + + Make the default whitepoint and ycbcrcoeffs arrays const. + Now that we are returning const pointers in TIFFGetFieldDefaulted, + we can now make these static default arrays const. + + see #11 + +2020-03-07 Adam Goode + + Make pointers returned via TIFFGetField const. + According to http://bugzilla.maptools.org/show_bug.cgi?id=2125#c6 + callers are not allowed to modify pointer or array values returned from + TIFFGetField or the like. So, make this explicit in the documentation + by specifying these things as const. Note that this is not an ABI + change, since C does not encode const in libraries. Also, this is + not really an API change, since the varargs call strips away all + the types anyway. So it really is more of a documentation change. + + fixes #11 + +2020-03-07 Even Rouault + + CMake: Skip custom_dir_EXIF_231 test on shared builds to avoid issues on Windows + +2020-03-07 Even Rouault + + Merge branch 'EXIF231_GPS_upgrade' into 'master' + EXIF 2.32 and GPS TIFF-tags and functionality upgraded. + + See merge request libtiff/libtiff!91 + +2020-03-07 Su_Laus + + EXIF 2.32 and GPS tags and functionality upgraded. + - Existing EXIF field definition of tags is upgraded to EXIF version 2.3.2 + - EXIF-GPS structure, tags and access functions are added as special CustomDirectory (like it was done for EXIF). + - Test program custom_dir_EXIF_231.c added to test writing/reading of EXID IFD and GPS IFD tags + and to highlight some quirks of IFD-handling and peculiarities of reading/writing the different data types. + - Reading error for FileSource and SceneType tags corrected. + + - EXIF_GPS_upgrade rebased onto c8c5309b765ef4ff097d2aaffbdb8f403db8967d (Merge branch 'Rational2DoublePrecision_correction' into 'master') + and adapted: + - tif_dirinfo.c: All rational tags set to TIFF_SETGET_FLOAT but only the GPSTAG_ tags set to TIFF_SETGET_DOUBLE. + - custom_dir_EXIF_231.c: Editorials amended and gcc warnigs fixed. + - CMakeLists.txt: add_test(NAME "custom_dir_EXIF_231" COMMAND "custom_dir_EXIF_231") added. + +2020-03-07 Even Rouault + + Merge branch 'issue-55' into 'master' + ppm2tiff: support any bps value from 1 to 16 + + Closes #55 + + See merge request libtiff/libtiff!106 + +2020-03-07 Thomas Bernard + + ppm2tiff: Add test for 16bpc PPM. + + ppm2tiff: remove unused argument warning. + +2020-03-07 Ludolf Holzheid + + ppm2tiff: support any bps value from 1 to 16. + fix #55 + http://bugzilla.maptools.org/show_bug.cgi?id=2505 + + Patch originally submited by Ludolf Holzheid + +2020-03-06 Even Rouault + + Merge branch 'fax-test' into 'master' + add test for fax4 decoding + + See merge request libtiff/libtiff!114 + +2020-03-05 Thomas Bernard + + add test for fax4 decoding. + This will check for regression on #46 + https://gitlab.com/libtiff/libtiff/issues/46 + http://bugzilla.maptools.org/show_bug.cgi?id=2434 + +2020-03-05 Even Rouault + + Merge branch 'freebsd-tests' into 'master' + make tests pass under FreeBSD. + + See merge request libtiff/libtiff!113 + +2020-03-05 Thomas Bernard + + make tests pass under FreeBSD. + the -I option for the GNU diff and the FreeBSD diff + behaves differently regarding escaping the ( ) and | + + By using two -I option, we avoid using such charracters. + +2020-03-05 Even Rouault + + Merge branch 'issue-31' into 'master' + HTML + + Closes #31 + + See merge request libtiff/libtiff!111 + +2020-03-05 Even Rouault + + Merge branch 'issue-179' into 'master' + tif_fax3.h: check for buffer overflow in EXPAND2D before "calling" CLEANUP_RUNS() + + Closes #179 + + See merge request libtiff/libtiff!112 + +2020-03-05 Thomas Bernard + + v4.1.0.html: fix for validation. + long comments were replaced + because they confused some parsers + + add DOCTYPE on v*.html. + + fix HTML files so they are valid according to https://validator.w3.org. + +2020-03-05 Thomas Bernard + + tif_fax3.h: check for buffer overflow in EXPAND2D before "calling" CLEANUP_RUNS() + fixes #179 + + this fixes the regression introduced in 02bb0175 / 72c4acef + ( merge request !110 ) + + It may be a better fix to do the overflow check in SETVALUE() but the + macro do { } while(0) construct makes it difficult to quit the loop + properly. + +2020-03-01 Thomas Bernard + + index.html: fix unclosed tag. + +2020-03-01 Thomas Bernard + + html: do not force colors (which are default anyway) + If needed, style should be set using CSS. + + fixes #31 + https://gitlab.com/libtiff/libtiff/issues/31 + http://bugzilla.maptools.org/show_bug.cgi?id=2326 + +2020-03-01 Even Rouault + + TIFFReadCustomDirectory(): fix potential heap buffer overflow when reading a custom directory, after a regular directory where a codec was active. Fixes https://gitlab.com/libtiff/libtiff/issues/178 + +2020-03-01 Even Rouault + + Merge branch 'issue-46' into 'master' + fix decoding of fax4 images + + Closes #46 + + See merge request libtiff/libtiff!110 + +2020-02-29 Thomas Bernard + + tif_fax3: better fix for CVE-2011-0192. + There are some legitimate case which were forbidden by the previous fix + + tif_fax3.h: allow 0 length run in DECODE2D. + fixes #46 + https://gitlab.com/libtiff/libtiff/issues/46 + http://bugzilla.maptools.org/show_bug.cgi?id=2434 + +2020-02-29 Even Rouault + + Merge branch 'mingwlibm' into 'master' + Don't use libm with libtiff due to conflict with libmsvcrt + + See merge request libtiff/libtiff!73 + +2020-02-29 Even Rouault + + Merge branch 'Rational2DoublePrecision_correction' into 'master' + tif_dirwrite.c: bugfix DoubleToSrational() for plain signed integers + + See merge request libtiff/libtiff!109 + +2020-02-29 Su_Laus + + tif_dirwrite.c: bugfix DoubleToSrational(), which returns plain signed interger values always as unsigned rationals. Add a test into rational_precision2double.c for "-1.0" and some editorials in tif_dirwrite.c. (code is related to 6df997c786928757caea0dd68d26ea5f098f49df changes). + +2020-02-29 Even Rouault + + Merge branch 'issue-174' into 'master' + tif_fax3.c: check buffer overflow in Fax4Decode() + + Closes #174 + + See merge request libtiff/libtiff!108 + +2020-02-29 Thomas Bernard + + Fax4Decode(): log error message in case of buffer overrun. + + tif_fax3.c: check buffer overflow in Fax4Decode() + fixes #174 + +2020-02-28 Even Rouault + + typo fixes in code comments. + + ToRationalEuclideanGCD: remove useless test that confuses Coverity Scan about a potential later modulo by zero + +2020-02-27 Even Rouault + + tif_dirwrite.c: fix other warnings related to 6df997c786928757caea0dd68d26ea5f098f49df changes + + rational_precision2double.c: fix many warnings, and do not build it on CMake on shared lib builds + + tif_dirwrite.c: fix various warnings found when building GDAL with internal libtiff after 6df997c786928757caea0dd68d26ea5f098f49df changes + + tif_dirwrite.c: qualify ToRationalEuclideanGCD() with static. + +2020-02-27 Even Rouault + + Merge branch 'Rational2DoublePrecision' into 'master' + Rational with Double Precision Upgrade + + See merge request libtiff/libtiff!100 + +2020-02-27 Su_Laus + + Rational with Double Precision Upgrade. + Unfortunately, custom rational tags (TIFF_RATIONAL with field_bit=FIELD_CUSTOM) are defined as TIFF_SETGET_DOUBLE + but for the reading interface and LibTiff internally they are stored ALLWAYS as floating point SINGLE precision. + Double precision custom rational tags are not supported by LibTiff. + + For the GPS tags in WGS84 a higher accuracy / precision is needed. + Therefore, this upgrade is made, keeping the old interface for the already defined tags and allowing a double precision definition, + as well as calculating rationals with higher accuracy / precision. + This higher accuracy can be used for newly defined tags like that in EXIF/GPS. + + Refer also to the very old Bugzilla issue 2542 (#69) + + A test file rational_precision2double.c is added, which shows prevention of the old interface to the already defined custom rational tags + with the standard library as well as with the upgraded library. + + Also TIFFTAG_XRESOLUTION, TIFFTAG_YRESOLUTION, TIFFTAG_XPOSITION, TIFFTAG_YPOSITION amended from TIFF_SETGET_DOUBLE to TIFF_SETGET_FLOAT and testcase inserted in rational_precision2double.c + +2020-02-26 Chris Degawa + + mingw-w64 cmake: Don't find libm. + mingw-w64 will provide libm symbols by default without -lm and mingw-64's + libm is just a stub. + + This is just to make sure that on systems with msys2 and also cygwin, cmake + doesn't find a libm that actually contains math functions. + +2020-02-26 Even Rouault + + Merge branch 'division-by-zero' into 'master' + tools/tiffcp.c: fix potential division by zero + + See merge request libtiff/libtiff!83 + +2020-02-26 Even Rouault + + Merge branch 'fix-unused-warning' into 'master' + warnings: mark conditionally used parameters + + See merge request libtiff/libtiff!49 + +2020-02-26 Even Rouault + + Merge branch 'master' into 'master' + fix issue #78 warnings regarding RichTIFFIPTC data type + + Closes #78 + + See merge request libtiff/libtiff!99 + +2020-02-26 Even Rouault + + Merge branch 'win64-handle-casts-warn-fix' into 'master' + Avoid warnings about casts between HANDLE and int in Win64 builds + + Closes #2 + + See merge request libtiff/libtiff!93 + +2020-02-26 Even Rouault + + Merge branch 'bug2839' into 'master' + raw2tiff: avoid divide by 0 + + Closes #151 + + See merge request libtiff/libtiff!103 + +2020-02-26 Even Rouault + + Merge branch 'bug2669' into 'master' + tiff2pdf: palette bound check in t2p_sample_realize_palette() + + Closes #82 + + See merge request libtiff/libtiff!104 + +2020-02-26 Even Rouault + + Merge branch 'int-shift' into 'master' + tiffcrop: fix asan runtime error caused by integer promotion + + See merge request libtiff/libtiff!105 + +2020-02-26 Even Rouault + + Merge branch 'bug-2538' into 'master' + libtiff.html: fix function casing + + Closes #68 + + See merge request libtiff/libtiff!107 + +2020-02-16 Thomas Bernard + + raw2tiff: avoid divide by 0. + fixes #151 / http://bugzilla.maptools.org/show_bug.cgi?id=2839 + + first memcmp() lines before computing corellation + and always avoid divide by 0 anyway + +2020-02-09 Even Rouault + + Merge branch 'bug2855' into 'master' + tiff2ps: fix heap buffer read overflow in PSDataColorContig() + + Closes #161 + + See merge request libtiff/libtiff!102 + +2020-02-08 Thomas Bernard + + libtiff.html: fix function casing. + + libtiff.html: fix function casing. + fixes #68 / http://bugzilla.maptools.org/show_bug.cgi?id=2538 + +2020-02-08 Thomas Bernard + + tiffcrop: fix asan runtime error caused by integer promotion. + tiffcrop.c:4027:20: runtime error: left shift of 190 by 24 places cannot be represented in type 'int' + + C treats (byte << 24) as an int expression. + casting explicitely to unsigned type uint32 avoids the problem. + + the same issue has been fixed elsewhere with a24213691616e7cd35aa3e2805493de80c7e4fcf + + I detected the bug with the test file of #86 + +2020-02-08 Thomas Bernard + + tiff2pdf: palette bound check in t2p_sample_realize_palette() + fixes #82 + +2020-02-08 Thomas Bernard + + tiff2ps: fix heap buffer read overflow in PSDataColorContig() + fixes #161 / http://bugzilla.maptools.org/show_bug.cgi?id=2855 + + in 05029fb7f1ecf771abaf90b5705b6cab9eb522a7 I missed that 1 extra byte is read + in this loop. + +2020-02-05 Even Rouault + + tif_dirread.c: suppress CLang static Analyzer 9.0 false positive. + +2020-02-01 Even Rouault + + TIFFSetupStrips: enforce 2GB limitation of Strip/Tile Offsets/ByteCounts arrays + TIFFWriteDirectoryTagData() has an assertion that checks that the + arrays are not larger than 2GB. So error out earlier if in that situation. + +2020-01-29 Bob Friesenhahn + + Simplify nmake configuration for building port directory. Now there is only one boolean setting to enable building strtoll() and strtoull() port functions. The boolean setting enables the necessary port files to be built, but the remainder of the logic is via pre-processor code in the common tif_config.h, which was prepared before entering the port directory to do a build. + +2020-01-28 Bob Friesenhahn + + Make sure that tif_config.h is produced prior to entering the port directory and add an include path so that the port files can include tif_config.h. Do not actually include tif_config.h at this time since CMake and Autotools builds are not prepared for that. This issue could be handled by updating the CMake and Autotools builds or by adding a define which directs libport.h to include tif_config.h. + +2020-01-26 Bob Friesenhahn + + Fix nmake build mistakes in my last commit: + tif_config.vc.h: + + Always define HAVE_STRTOL/HAVE_STRTOUL. + Define HAVE_STRTOLL/HAVE_STRTOULL if _MSC_VER >= 1900. + + nmake.opt: + + Provide defaults suitable for MSVC prior to 14.0. + + libport.h: + + The sense of the pre-processor logic was inverted from what it + should be. The intention is to only provide the prototype if the + function is missing. + +2020-01-25 Bob Friesenhahn + + Add nmake build support for manually configuring the 'port' files to be built based on MSVC features. Include tif_config.h in tools/tiffset.c. + +2020-01-23 Even Rouault + + Adjust previous fix to avoid undue warning in some situations triggered by GDAL + +2020-01-12 Even Rouault + + _TIFFPartialReadStripArray: bring back support for non-conformant SLONG8 data type + Such as in https://github.com/OSGeo/gdal/issues/2165 + +2020-01-07 Even Rouault + + test: add test for single-strip OJPEG file without RowsPerStrip tag (like in CR2 files) + + OJPEGReadHeaderInfo: if rowsperstrip not defined, then assume one-single-strip. Complementary fix to 0356ea76bac908c61160d735f078437ace953bd3 + +2019-12-16 Angel Sánchez + + fix issue #78 warnings regarding RichTIFFIPTC data type. + +2019-12-14 Even Rouault + + contrib/oss-fuzz/build.sh: fix broken if construct. + +2019-11-28 Even Rouault + + contrib/oss-fuzz/build.sh: other attempt at fixing build failure. + +2019-11-20 Even Rouault + + contrib/oss-fuzz/build.sh: install liblzma-dev for x86_64 builds. + +2019-11-17 Even Rouault + + contrib/oss-fuzz/build.sh: install liblzma-dev:i386 on i386 builds. + +2019-11-15 Even Rouault + + Merge branch 'cmake-parse' into 'master' + CMake: simplify parsing variables from configure + + See merge request libtiff/libtiff!98 + +2019-11-15 Rolf Eike Beer + + CMake: simplify parsing variables from configure. + +2019-11-14 Even Rouault + + contrib/oss-fuzz/build.sh: fix ossfuzz build by statically linking to lzma + +2019-11-12 Even Rouault + + Merge branch 'fix_ojpeg_172' into 'master' + OJPEG: fix broken sanity check added in 4.1.0 (#fixes 172) + + See merge request libtiff/libtiff!97 + +2019-11-11 Even Rouault + + OJPEG: fix broken sanity check added in 4.1.0, and add two OJPEG test files + + test/: add missing generated .sh files. + +2019-11-04 Even Rouault + + Merge branch 'fix-missing-checks-TIFFGetField-tiffcrop' into 'master' + adds missing checks on TIFFGetField in tiffcrop tool + + Closes #170 + + See merge request libtiff/libtiff!96 + +2019-11-04 Bug Checkers + + adds missing checks on TIFFGetField in tiffcrop tool (fixes #170) + +2019-11-04 Even Rouault + + Merge branch 'adds-missing-TIFFClose-rgb2ycbcr' into 'master' + adds a missing TIFFClose in rgb2ycbcr tool + + See merge request libtiff/libtiff!95 + +2019-11-04 Mansour Ahmadi + + adds a missing TIFFClose in rgb2ycbcr tool. + +2019-11-03 Bob Friesenhahn + + libtiff 4.1.0 released. + + Added a step for updating the legacy ChangeLog file. + + Ignore emacs temporary files (ending with tilde character). + + Added release summary page for the 4.1.0 release. + + Fix Cmake HAVE_GETOPT for systems which declare getopt in stdio.h. Fix utility baked-in getopt prototype which appears when HAVE_GETOPT is not defined. + + Fax2tiff.sh needs to remove its output file in advance. Syntax changes so that bash is not required. + +2019-10-26 Even Rouault + + tif_jpeg.c: extra cast to silence Coverity warning. GDAL CID 1406475. + +2019-10-23 Even Rouault + + tif_jpeg.c: fix warning added by previous commit (on 32bit builds) + +2019-10-23 Even Rouault + + Merge branch 'coverity-fixes' into 'master' + Coverity fixes + + See merge request libtiff/libtiff!94 + +2019-10-22 Timothy Lyanguzov + + Use 64-bit calculations correctly. + + Fix size calculation to use 64-bit tmsize_t correctly. + + Make bytesperclumpline calculations using tmsize_t type. + +2019-10-03 Even Rouault + + tif_read: align code of TIFFReadRawStrip() and TIFFReadRawTile() that differed for non good reason. Non-functional change normally. (fixes GitLab #162) + +2019-10-01 Even Rouault + + HTML: update for GitLab issues. + +2019-09-29 Even Rouault + + html/v3.5.6-beta.html: redact URL of defunct web site. + + Website: update links to mailing list. + +2019-09-17 Even Rouault + + TIFFReadAndRealloc(): avoid too large memory allocation attempts. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=17244 + +2019-09-03 Even Rouault + + ByteCountLooksBad and EstimateStripByteCounts: avoid unsigned integer overflows. Fixes https://oss-fuzz.com/testcase-detail/5686156066291712 and https://oss-fuzz.com/testcase-detail/6332499206078464 + +2019-09-02 Even Rouault + + tif_ojpeg.c: avoid relying on isTiled macro being wrapped in () + + tif_ojpeg.c: avoid use of uninitialized memory on edge/broken file. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16844 + + tiff_read_rgba_fuzzer.cc: add a -DSTANDALONE mode for easier reproduction of oss-fuzz reports + +2019-09-01 Even Rouault + + tif_dirread.c: allocChoppedUpStripArrays(). avoid unsigned integer overflow. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16846 + +2019-08-27 Even Rouault + + tif_ojpeg.c: avoid unsigned integer overflow. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16793 + +2019-08-26 Even Rouault + + TIFFReadDirEntryData(): rewrite to avoid unsigned integer overflow (not a bug). Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16792 + + TIFFFetchDirectory(): fix invalid cast from uint64 to tmsize_t. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16784 + +2019-08-25 Even Rouault + + JPEG: avoid use of unintialized memory on corrupted files. + Follow-up of cf3ce6fab894414a336546f62adc57f02590a22c + Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16602 + Credit to OSS Fuzz + +2019-08-23 Even Rouault + + _TIFFPartialReadStripArray(): avoid unsigned integer overflow. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16685 + + OJPEGWriteHeaderInfo(): avoid unsigned integer overflow on strile dimensions close to UINT32_MAX. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16683 + + TIFFFillStrip(): avoid harmless unsigned integer overflow. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16653 + + EstimateStripByteCounts(): avoid unsigned integer overflow. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16643& + + tif_ojpeg: avoid unsigned integer overflow (probably not a bug). Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16635 + + tif_thunder: avoid unsigned integer overflow (not a bug). Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16632 + +2019-08-22 Even Rouault + + _TIFFMultiply32() / _TIFFMultiply64(): avoid relying on unsigned integer overflow (not a bug) + + EstimateStripByteCounts(): avoid unsigned integer overflow. + +2019-08-21 Even Rouault + + EstimateStripByteCounts(): avoid unsigned integer overflow. + +2019-08-20 Even Rouault + + EstimateStripByteCounts(): avoid harmless unsigned integer overflow. + + _TIFFPartialReadStripArray(): avoid triggering unsigned integer overflow with -fsanitize=unsigned-integer-overflow (not a bug, this is well defined by itself) + +2019-08-18 Even Rouault + + tiff2ps: fix use of wrong data type that caused issues (/Height being written as 0) on 64-bit big endian platforms + +2019-08-16 Even Rouault + + setByteArray(): fix previous commit. + + setByteArray(): avoid potential signed integer overflow. Pointed by Hendra Gunadi. No actual problem known (which does not mean there wouldn't be any. Particularly on 32bit builds) + +2019-08-15 Even Rouault + + RGBA interface: fix integer overflow potentially causing write heap buffer overflow, especially on 32 bit builds. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16443. Credit to OSS Fuzz + +2019-08-14 Even Rouault + + Merge branch 'fix_integer_overflow' into 'master' + Fix integer overflow in _TIFFCheckMalloc() and other implementation-defined behaviour (CVE-2019-14973) + + See merge request libtiff/libtiff!90 + +2019-08-13 Even Rouault + + Fix integer overflow in _TIFFCheckMalloc() and other implementation-defined behaviour (CVE-2019-14973) + _TIFFCheckMalloc()/_TIFFCheckRealloc() used a unsafe way to detect overflow + in the multiplication of nmemb and elem_size (which are of type tmsize_t, thus + signed), which was especially easily triggered on 32-bit builds (with recent + enough compilers that assume that signed multiplication cannot overflow, since + this is undefined behaviour by the C standard). The original issue which lead to + this fix was trigged from tif_fax3.c + + There were also unsafe (implementation defied), and broken in practice on 64bit + builds, ways of checking that a uint64 fits of a (signed) tmsize_t by doing + (uint64)(tmsize_t)uint64_var != uint64_var comparisons. Those have no known + at that time exploits, but are better to fix in a more bullet-proof way. + Or similarly use of (int64)uint64_var <= 0. + +2019-08-12 Even Rouault + + TIFFClientOpen(): fix memory leak if one of the required callbacks is not provided. Fixed Coverity GDAL CID 1404110 + + OJPEGReadBufferFill(): avoid very long processing time on corrupted files. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16400. master only + +2019-08-10 Even Rouault + + oss-fuzz/tiff_read_rgba_fuzzer.cc: fix wrong env variable value in previous commit + + oss-fuzz/tiff_read_rgba_fuzzer.cc: avoid issue with libjpeg-turbo and MSAN + + OJPEG: fix integer division by zero on corrupted subsampling factors. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15824. Credit to OSS Fuzz + + Merge branch 'ossfuzz_i386' + + contrib/oss-fuzz/build.sh: fix for i386 build of jbigkit, and use $LIB_FUZZING_ENGINE + +2019-08-10 Even Rouault + + Merge branch 'patch-1' into 'master' + fix two tiny typos + + See merge request libtiff/libtiff!89 + +2019-08-10 Reto Kromer + + fix two tiny typos. + +2019-08-09 Even Rouault + + Merge branch 'patch-1' into 'master' + fix a typo in man page + + See merge request libtiff/libtiff!88 + +2019-08-09 Reto Kromer + + fix typo. + +2019-08-04 Even Rouault + + Merge branch 'TIFFTAGID_Zero_reading_IGNORE' into 'master' + Suppressed Reading of Tiff tags with ID = 0 (like GPSVERSIONID) corrected. + + See merge request libtiff/libtiff!77 + +2019-08-04 Su Laus + + Reading of Tiff tags with ID = 0 (like GPSVERSIONID) corrected. + IGNORE placeholder in tif_dirread.c is now replaced by a field dir_ignore in the TIFFDirEntry structure + + Currently, in tif_dirread.c a special IGNORE value for the tif tags is defined + in order to flag status preventing already processed tags from further processing. + This irrational behaviour prevents reading of custom tags with id code 0 - like tag GPSVERSIONID from EXIF 2.31 definition. + + An additional field 'tdir_ignore' is now added to the TIFFDirEntry structure and code is changed + to allow tags with id code 0 to be read correctly. + + This change was already proposed as pending improvement in tif_dirread.c around line 32. + + Reference is also made to: + - Discussion in https://gitlab.com/libtiff/libtiff/merge_requests/39 + - http://bugzilla.maptools.org/show_bug.cgi?id=2540 + + Comments and indention adapted. + + Preparation to rebase onto master + +2019-07-16 Even Rouault + + Merge branch 'cmake_amd64' into 'master' + CMakeLists.txt: properly set value of HOST_FILLORDER to LSB2MSB for Windows CMake builds + + See merge request libtiff/libtiff!87 + +2019-07-15 Even Rouault + + CMakeLists.txt: properly set value of HOST_FILLORDER to LSB2MSB for Windows CMake builds + As can be seen in https://ci.appveyor.com/project/rleigh-codelibre/libtiff-didfs/builds/25846668/job/ory5w098j8wcij9x + log, the HOST_FILLORDER is not properly set: + + [00:02:58] -- CMAKE_HOST_SYSTEM_PROCESSOR set to AMD64 + [00:02:58] -- HOST_FILLORDER set to FILLORDER_MSB2LSB + + Ther reason is that we match the "amd64.*" lowercase string whereas + CMAKE_HOST_SYSTEM_PROCESSOR is set to AMD64 uppercase. + +2019-07-09 Even Rouault + + TIFFWriteCheck(): call TIFFForceStrileArrayWriting() when needed (should have gone with eaeca6274ae71cdfaeb9f673b6fb0f3cfc0e6ce5) (master only) + +2019-07-09 Even Rouault + + Merge branch 'fix_chromium_925269' into 'master' + OJPEG: avoid use of unintialized memory on corrupted files + + See merge request libtiff/libtiff!86 + +2019-07-05 Even Rouault + + OJPEG: avoid use of unintialized memory on corrupted files. + Fixes https://bugs.chromium.org/p/chromium/issues/detail?id=925269 + Patch from Lei Zhang with little adaptations. + +2019-06-29 Even Rouault + + Merge branch 'fix-division-by-zero' into 'master' + Return infinite distance when denominator is zero. + + See merge request libtiff/libtiff!85 + +2019-06-29 Dirk Lemstra + + Return infinite distance when denominator is zero. + +2019-06-29 Even Rouault + + Merge branch 'typetests' into 'master' + Add test to check that libtiff types have the correct size + + See merge request libtiff/libtiff!57 + +2019-05-31 Thomas Bernard + + make TIFF_SSIZE_T the same bitwidth as TIFF_SIZE_T. + it was previously the same bitwidth as unsigned char * + Pointers can be larger than size_t. + +2019-05-31 Thomas Bernard + + Add test to check that libtiff types have the correct size. + in configure/CMakeList.txt : + + - TIFF_INT8_T/TIFF_UINT8_T is signed/unsigned char + sizeof(char)==1 in C standard + - TIFF_INT16_T/TIFF_UINT16_T is signed/unsigned short + sizeof(short)>=2 in C standard + - TIFF_INT32_T/TIFF_UINT32_T is defined so its sizeof() is 4 + + - TIFF_INT64_T/TIFF_UINT64_T is defined so its sizeof() is 8 + + - TIFF_SIZE_T is defined so it has same sizeof() than size_t + + - TIFF_SSIZE_T is defined so it has same sizeof() than unsigned char * + +2019-05-29 Even Rouault + + Merge branch 'defer_strile_writing' into 'master' + Add TIFFDeferStrileArrayWriting() and TIFFForceStrileArrayWriting() + + See merge request libtiff/libtiff!82 + +2019-05-29 Even Rouault + + Merge branch 'TIFFReadFromUserBuffer' into 'master' + Add TIFFReadFromUserBuffer() + + See merge request libtiff/libtiff!81 + +2019-05-26 Even Rouault + + Fix vulnerability in 'D' (DeferStrileLoad) mode (master only) (fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14908) + +2019-05-25 Even Rouault + + Replace 'stripped' by 'striped' in error messages. + +2019-05-25 Even Rouault + + Add TIFFDeferStrileArrayWriting() and TIFFForceStrileArrayWriting() + Those advanced writing functions must be used in a particular sequence + to make their intended effect. Their aim is to control when/where + the [Strip/Tile][Offsets/ByteCounts] arrays are written into the file. + + The purpose of this is to generate 'cloud-optimized geotiff' files where + the first KB of the file only contain the IFD entries without the potentially + large strile arrays. Those are written afterwards. + + The typical sequence of calls is: + TIFFOpen() + [ TIFFCreateDirectory(tif) ] + Set fields with calls to TIFFSetField(tif, ...) + TIFFDeferStrileArrayWriting(tif) + TIFFWriteCheck(tif, ...) + TIFFWriteDirectory(tif) + ... potentially create other directories and come back to the above directory + TIFFForceStrileArrayWriting(tif): emit the arrays at the end of file + + See test/defer_strile_writing.c for a practical example. + +2019-05-24 Even Rouault + + Fix vulnerability introduced by defer strile loading (master only) + Found on GDAL with https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14894 + Disabling the TIFF_DEFERSTRILELOAD bit in ChopupStripArray() was a + bad idea since when using TIFFReadDirectory() to reload the directory again + would lead to a different value of td_rowsperstrip, which could confuse + readers if they relied on the value found initially. + + Fix typo in error message (master only) + +2019-05-22 Even Rouault + + Add TIFFReadFromUserBuffer() + This function replaces the use of TIFFReadEncodedStrip()/TIFFReadEncodedTile() + when the user can provide the buffer for the input data, for example when + he wants to avoid libtiff to read the strile offset/count values from the + [Strip|Tile][Offsets/ByteCounts] array. + + libtiff.def: add missing new symbols. + + test/defer_strile_loading.c: fix warning with Visual C++ + + _TIFFRewriteField(): fix for bigtiff case (master only) + 116cf67f4c59196605abdb244657c3070c4310af made StripByteCount/TileByteCount to + always be rewritten as TIFF_LONG8. + +2019-05-21 Even Rouault + + Merge branch 'ondemand_strile_offbytecount_loading' into 'master' + Make defer strile offset/bytecount loading available at runtime + + See merge request libtiff/libtiff!79 + +2019-05-21 Even Rouault + + Merge branch 'bigtiff_write_bytecount_on_long_when_possible' into 'master' + Create TileByteCounts/StripByteCounts tag with SHORT (ClassicTIFF/BigTIFF) or LONG (BigTIFF) type when possible + + See merge request libtiff/libtiff!78 + +2019-05-21 Even Rouault + + Merge branch 'html_link' into 'master' + libtiff.html, bigtiffpr.html: absolute => relative link + + See merge request libtiff/libtiff!80 + +2019-05-14 Thomas Bernard + + libtiff.html, bigtiffpr.html: absolute => relative link. + +2019-05-10 Even Rouault + + Make defer strile offset/bytecount loading available at runtime. + ... and add per-strile offset/bytecount loading capabilities. + + Part of this commit makes the behaviour that was previously met when + libtiff was compiled with -DDEFER_STRILE_LOAD available for default builds + when specifying the new 'D' (Deferred) TIFFOpen() flag. In that mode, the [Tile/Strip][ByteCounts/Offsets] + arrays are only loaded when first accessed. This can speed-up the opening + of files stored on the network when just metadata retrieval is needed. + This mode has been used for years by the GDAL library when compiled with + its embeded libtiff copy. + + To avoid potential out-of-tree code (typically codecs) that would use + the td_stripbytecount and td_stripoffset array inconditionnaly assuming they + have been loaded, those have been suffixed with _p (for protected). The + use of the new functions mentionned below is then recommended. + + Another addition of this commit is the capability of loading only the + values of the offset/bytecount of the strile of interest instead of the + whole array. This is enabled with the new 'O' (Ondemand) flag of TIFFOpen() + (which implies 'D'). That behaviour has also been used by GDAL, which hacked + into the td_stripoffset/td_stripbytecount arrays directly. The new code + added in the _TIFFFetchStrileValue() and _TIFFPartialReadStripArray() internal + functions is mostly a port of what was in GDAL GTiff driver previously. + + Related to that, the public TIFFGetStrileOffset[WithErr]() and TIFFGetStrileByteCount[WithErr]() + functions have been added to API. They are of particular interest when + using sparse files (with offset == bytecount == 0) and you want to detect + if a strile is present or not without decompressing the data, or updating + an existing sparse file. + They will also be used to enable a future enhancement where client code can entirely + skip bytecount loading in some situtations + + A new test/defer_strile_loading.c test has been added to test the above + capabilities. + +2019-05-10 Even Rouault + + Creation: use SHORT type when possible for StripByteCounts/TileByteCounts + This follows the same logic as previous commit. + +2019-05-09 Even Rouault + + BigTIFF creation: write TileByteCounts/StripByteCounts tag with LONG when possible + In most situations of BigTIFF file, the tile/strip sizes are of reasonable size, + that is they fit on a 4-byte LONG. So in that case, use LONG instead of LONG8 + to save some space. For uncompressed file, it is easy to detect such situations + by checking at the TIFFTileSize64()/TIFFStripSize64() return. For compressed file, + we must take into account the fact that compression may sometimes result in + larger compressed data. So we allow this optimization only for a few select + compression times, and take a huge security margin (10x factor). We also only + apply this optimization on multi-strip files, so as to allow easy on-the-fly + growing of single-strip files whose strip size could grow above the 4GB threshold. + + This change is compatible with the BigTIFF specification. According to + https://www.awaresystems.be/imaging/tiff/bigtiff.html: + "The StripOffsets, StripByteCounts, TileOffsets, and TileByteCounts tags are + allowed to have the datatype TIFF_LONG8 in BigTIFF. Old datatypes TIFF_LONG, + and TIFF_SHORT where allowed in the TIFF 6.0 specification, are still valid in BigTIFF, too. " + On a practical point of view, this is also compatible on reading/writing of + older libtiff 4.X versions. + + The only glitch I found, which is rather minor, is when using such a BigTIFF + file with TileByteCounts/StripByteCounts written with TIFF_LONG, and updating + it with an older libtiff 4.X version with a change in the + [Tile/Strip][ByteCounts/Offsets] array. In that case the _TIFFRewriteField() + function will rewrite the directory and array with TIFF_LONG8, instead of updating + the existing array (this is an issue fixed by this commit). The file will + still be valid however, hence the minor severity of this. + +2019-05-08 Even Rouault + + Merge branch 'bug2799' into 'master' + fix fax2tiff + + See merge request libtiff/libtiff!55 + +2019-05-08 Even Rouault + + Merge branch 'bug_2829' into 'master' + WIN32: use tif_win32.c when building with CMake + + See merge request libtiff/libtiff!75 + +2019-05-06 Even Rouault + + Merge branch 'FILESOURCE_SCENETYPE_reading' into 'master' + Reading error for FileSource and SceneType tags corrected. + + See merge request libtiff/libtiff!76 + +2019-05-06 Su Laus + + Reading error for FileSource and SceneType tags corrected. + EXIF tags FILESOURCE and SCENETYPE are defined as TIFF_UNDEFINED and field_readcount==1! + There is a bug in TIFFReadDirEntryByte() preventing to read correctly type TIFF_UNDEFINED fields with field_readcount==1 + Upgrade of TIFFReadDirEntryByte() with added TIFF_UNDEFINED switch-entry allows libtiff to read those tags correctly. + +2019-04-25 Thomas Bernard + + WIN32: use tif_win32.c when building with CMake. + see http://bugzilla.maptools.org/show_bug.cgi?id=2829 + + the top CMakeLists.txt defines + win32_io and USE_WIN32_FILEIO + + WIN32_IO is defined nowhere in CMake (only in automake things) + +2019-04-25 Even Rouault + + Merge branch 'gitlab_pages' into 'master' + Advertise https://libtiff.gitlab.io/libtiff/ as mirror + + See merge request libtiff/libtiff!70 + +2019-04-25 Even Rouault + + Merge branch 'bug_2844' into 'master' + tiff2ps.c: PSDataColorContig(): avoid heap buffer overrun + + See merge request libtiff/libtiff!69 + +2019-04-25 Even Rouault + + Merge branch 'issue_2785' into 'master' + tiff2pdf.c: don't call t2p_tile_collapse_left() for Ycbcr + + See merge request libtiff/libtiff!64 + +2019-04-11 Even Rouault + + Merge branch 'fix_gdal_1439' into 'master' + TIFFWriteEncodedStrip/TIFFWriteEncodedTile: fix rewriting of LZW-compressed data + + See merge request libtiff/libtiff!74 + +2019-04-11 Even Rouault + + TIFFWriteEncodedStrip/TIFFWriteEncodedTile: fix rewriting of LZW-compressed data + Fixes https://github.com/OSGeo/gdal/issues/1439 + + When rewriting a LZW tile/strip whose existing size is very close to a multiple of + 1024 bytes (and larger than 8192 bytes) with compressed data that is larger, + the new data was not placed at the end of the file, causing corruption. + +2019-04-08 Even Rouault + + Merge branch 'bug2848' into 'master' + tif_luv.c: LogLuvSetupEncode() error must return 0 + + See merge request libtiff/libtiff!72 + +2019-04-03 Thomas Bernard + + build/gitlab-ci: fix typo. + + show test-suite.log in gitlab-ci. + useful when build fails + + Add output check for tiff2ps. + note : the reference files have been generated in master branch + +2019-03-23 Even Rouault + + tif_read.c: potentially fix false positive from Coverity Scan. CID 1400288 + + tif_read.c: potentially fix false positive from Coverity Scan. CID 1400271 + + tif_zip.c: remove dead code. CID 1400360. + + tif_webp.c: remove false positive warning about dereference before null check. CID 1400255 + + tif_pixarlog.c: remove dead code. CID 1400342. + + tif_pixarlog.c: avoid false positive Coverity Scan warnings about overflow. CID 1400300 and 1400367 + + tif_lzw.c: silence CoverityScan false positive. CID 1400355. + + tif_luv.c: silence CoverityScan false positive. CID 1400231, 1400251, 1400254, 1400272, 1400318, 1400356 + + TryChopUpUncompressedBigTiff(): avoid potential division by zero. master only. GDAL Coverity CID 1400263 + +2019-03-22 Thomas Bernard + + tif_luv.c: LogLuvSetupEncode() error must return 0. + see http://bugzilla.maptools.org/show_bug.cgi?id=2848 + + if wrongly returning 1, the processing of incorrect file continues, + which causes problems. + +2019-03-22 Thomas Bernard + + add a test for fax2tiff tool. + +2019-02-28 Thomas Bernard + + tiff2pdf.c: don't call t2p_tile_collapse_left() when buffer size is wrong + see http://bugzilla.maptools.org/show_bug.cgi?id=2785 + + Advertise https://libtiff.gitlab.io/libtiff/ as mirror. + I'm put it above the maptools.org mirror because + Even Rouault believe at some point it will be completely removed + +2019-02-28 Even Rouault + + Merge branch 'bug_2826' into 'master' + tiff2pdf.c: check colormap pointers when loading CMYK with colormap + + See merge request libtiff/libtiff!65 + +2019-02-28 Thomas Bernard + + tiff2pdf.c: check colormap pointers. + Avoid access to non initialized pointers + http://bugzilla.maptools.org/show_bug.cgi?id=2826 + +2019-02-27 Even Rouault + + Merge branch 'fix_warnings' into 'master' + tiff2ps.c: fix warning caused by integer promotion + + See merge request libtiff/libtiff!68 + +2019-02-23 Thomas Bernard + + PSDataColorContig(): avoid heap buffer overrun. + fixes http://bugzilla.maptools.org/show_bug.cgi?id=2844 + each iteration of the loop read nc bytes + +2019-02-22 Thomas Bernard + + tiff2ps.c: fix warning caused by integer promotion. + uint8 value is promoted to int in (value << 24) so -fsanitize + yield runtime errors : + tiff2ps.c:2969:33: runtime error: left shift of 246 by 24 places cannot be represented in type 'int' + +2019-02-22 Even Rouault + + Merge branch 'large_strile_improvements' into 'master' + Large strile support improvements + + See merge request libtiff/libtiff!63 + +2019-02-21 Even Rouault + + Merge branch 'gitlab-pages' into 'master' + ci: Add pages job + + See merge request libtiff/libtiff!45 + +2019-02-19 Even Rouault + + Merge branch 'issue_2833' into 'master' + tiffcp.c: check that (Tile Width)*(Samples/Pixel) do no overflow + + See merge request libtiff/libtiff!60 + +2019-02-19 Even Rouault + + Merge branch 'issue_2831' into 'master' + tiffcrop.c: fix invertImage() for bps 2 and 4 + + See merge request libtiff/libtiff!61 + +2019-02-19 Even Rouault + + Merge branch 'issue_2842' into 'master' + move _TIFFClampDoubleToFloat() to tif_aux.c + + See merge request libtiff/libtiff!62 + +2019-02-19 Even Rouault + + tif_zip.c: allow reading and writing strips/tiles with more than 4 GB of compressed or uncompressed data + + tif_dirread.c: when strip chopping is enabled, extend this mechanism to multi-strip uncompressed files with strips larger than 2GB to expose them as strips of ~500 MB + +2019-02-19 Even Rouault + + Merge branch 'size_t_typo' into 'master' + CMakeLists.txt: fix TIFF_SIZE_T + + See merge request libtiff/libtiff!59 + +2019-02-12 Thomas Bernard + + move _TIFFClampDoubleToFloat() to tif_aux.c. + the same function was declared in tif_dir.c and tif_dirwrite.c + + see http://bugzilla.maptools.org/show_bug.cgi?id=2842 + +2019-02-11 Thomas Bernard + + tiffcrop.c: fix invertImage() for bps 2 and 4. + too much bytes were processed, causing a heap buffer overrun + http://bugzilla.maptools.org/show_bug.cgi?id=2831 + the loop counter must be + for (col = 0; col < width; col += 8 / bps) + + Also the values were not properly calculated. It should be + 255-x, 15-x, 3-x for bps 8, 4, 2. + + But anyway it is easyer to invert all bits as 255-x = ~x, etc. + (substracting from a binary number composed of all 1 is like inverting + the bits) + +2019-02-11 Thomas Bernard + + tiffcp.c: use INT_MAX. + + check that (Tile Width)*(Samples/Pixel) do no overflow. + fixes bug 2833 + +2019-02-03 Thomas Bernard + + CMakeLists.txt: fix TIFF_SIZE_T. + +2019-02-02 Even Rouault + + Merge branch 'master' into 'master' + Fix for simple memory leak that was assigned CVE-2019-6128. + + See merge request libtiff/libtiff!50 + +2019-02-02 Even Rouault + + Merge branch 'bug2835' into 'master' + tiff2ps: fix heap-buffer-overflow + + See merge request libtiff/libtiff!53 + +2019-02-02 Even Rouault + + Fix warning (use of uninitialized value) added per d0a842c5dbad2609aed43c701a12ed12461d3405 (fixes https://gitlab.com/libtiff/libtiff/merge_requests/54#note_137742985) + +2019-02-02 Yuri Aksenov + + fix fax2tiff. + see http://bugzilla.maptools.org/show_bug.cgi?id=2799 + fixes d9bc8472e72549f29c0062c1cbd3d56f279f3be2 + +2019-02-02 Even Rouault + + Merge branch 'tiffcrop' into 'master' + tiffcrop: shut up clang warnings + + See merge request libtiff/libtiff!52 + +2019-02-01 Even Rouault + + Merge branch 'bug2833' into 'master' + TIFFWriteDirectoryTagTransferfunction() : fix NULL dereferencing + + See merge request libtiff/libtiff!54 + +2019-02-01 Even Rouault + + Merge branch 'gitignore' into 'master' + add test/ files to .gitignore + + See merge request libtiff/libtiff!56 + +2019-02-01 Even Rouault + + Merge branch 'master' into 'master' + tif_dir: unset transferfunction field if necessary (CVE-2018-19210) + + See merge request libtiff/libtiff!47 + +2019-01-29 Thomas Bernard + + add test/ files to .gitignore. + +2019-01-29 Thomas Bernard + + TIFFWriteDirectoryTagTransferfunction() : fix NULL dereferencing. + http://bugzilla.maptools.org/show_bug.cgi?id=2833 + + we must check the pointer is not NULL before memcmp() the memory + +2019-01-29 Thomas Bernard + + tiff2ps: fix heap-buffer-overflow. + http://bugzilla.maptools.org/show_bug.cgi?id=2834 + + usually the test (i < byte_count) is OK because the byte_count is divisible by samplesperpixel. + But if that is not the case, (i + ncomps) < byte_count should be used, or + maybe (i + samplesperpixel) <= byte_count + +2019-01-28 Thomas Bernard + + tiffcrop: shut up clang warnings. + make the out filename building a bit more simple + and remove the use of strcat() + +2019-01-23 Scott Gayou + + Fix for simple memory leak that was assigned CVE-2019-6128. + pal2rgb failed to free memory on a few errors. This was reported + here: http://bugzilla.maptools.org/show_bug.cgi?id=2836. + +2019-01-05 Bob Friesenhahn + + Fix tiff2ps error regarding "Inconsistent value of es" by allowing es to be zero. Problem was reported to the tiff mailing list by Julian H. Stacey on January 5, 2019. + +2018-12-13 Hugo Lefeuvre + + tif_dir: unset transferfunction field if necessary. + The number of entries in the transfer table is determined as following: + + (td->td_samplesperpixel - td->td_extrasamples) > 1 ? 3 : 1 + + This means that whenever td->td_samplesperpixel or td->td_extrasamples are + modified we also need to make sure that the number of required entries in + the transfer table didn't change. + + If it changed and the number of entries is higher than before we should + invalidate the transfer table field and free previously allocated values. + In the other case there's nothing to do, additional tf entries won't harm + and properly written code will just ignore them since spp - es < 1. + + For instance this situation might happen when reading an OJPEG compressed + image with missing SamplesPerPixel tag. In this case the SamplesPerPixel + field might be updated after setting the transfer table. + + see http://bugzilla.maptools.org/show_bug.cgi?id=2500 + + This commit addresses CVE-2018-19210. + +2018-12-08 Bob Friesenhahn + + Do not attempt to re-sync zip stream after reported data error from inflate(). + +2018-12-07 Even Rouault + + Merge branch 'resource-leaks' into 'master' + Fix two resource leaks + + See merge request libtiff/libtiff!43 + +2018-12-07 Even Rouault + + Merge branch 'build-jbig' into 'master' + add jbig support to the fuzzer + + See merge request libtiff/libtiff!42 + +2018-12-01 Bob Friesenhahn + + tiffcrop.c: Avoid new clang warning about tools/tiffcrop.c "size argument in 'strncat' call appears to be size of the source". + +2018-11-28 Even Rouault + + Merge branch 'webp_memleak' into 'master' + fixed mem leak in webp compression + + See merge request libtiff/libtiff!48 + +2018-11-28 Norman Barker + + fixed mem leak in webp compression. + +2018-11-20 Even Rouault + + Merge branch 'lossless_webp' into 'master' + fixed lossless webp compression config + + See merge request libtiff/libtiff!46 + +2018-11-20 Norman Barker + + fixed lossless webp compression config. + +2018-11-18 Bob Friesenhahn + + snprintf porting fix for Visual Studio 2003. + +2018-11-18 Roger Leigh + + ci: Add pages job. + +2018-11-10 Bob Friesenhahn + + Change references from defunct ftp site to https site. + 2018-11-10 Bob Friesenhahn * configure.ac: libtiff 4.0.10 released. diff --git a/3rdparty/libtiff/libport.h b/3rdparty/libtiff/libport.h index ff26263829..9f2dace144 100644 --- a/3rdparty/libtiff/libport.h +++ b/3rdparty/libtiff/libport.h @@ -24,6 +24,10 @@ #ifndef _LIBPORT_ #define _LIBPORT_ +#if defined(HAVE_CONFIG_H) +# include +#endif + int getopt(int argc, char * const argv[], const char *optstring); extern char *optarg; extern int opterr; @@ -36,16 +40,16 @@ int strcasecmp(const char *s1, const char *s2); # define HAVE_GETOPT 1 #endif -#if HAVE_STRTOL +#if !defined(HAVE_STRTOL) long strtol(const char *nptr, char **endptr, int base); #endif -#if HAVE_STRTOLL +#if !defined(HAVE_STRTOLL) long long strtoll(const char *nptr, char **endptr, int base); #endif -#if HAVE_STRTOUL +#if !defined(HAVE_STRTOUL) unsigned long strtoul(const char *nptr, char **endptr, int base); #endif -#if HAVE_STRTOULL +#if !defined(HAVE_STRTOULL) unsigned long long strtoull(const char *nptr, char **endptr, int base); #endif diff --git a/3rdparty/libtiff/tif_aux.c b/3rdparty/libtiff/tif_aux.c index 90d30214c6..c9f190545e 100644 --- a/3rdparty/libtiff/tif_aux.c +++ b/3rdparty/libtiff/tif_aux.c @@ -35,27 +35,61 @@ uint32 _TIFFMultiply32(TIFF* tif, uint32 first, uint32 second, const char* where) { - uint32 bytes = first * second; - - if (second && bytes / second != first) { + if (second && first > TIFF_UINT32_MAX / second) { TIFFErrorExt(tif->tif_clientdata, where, "Integer overflow in %s", where); - bytes = 0; + return 0; } - return bytes; + return first * second; } uint64 _TIFFMultiply64(TIFF* tif, uint64 first, uint64 second, const char* where) { - uint64 bytes = first * second; - - if (second && bytes / second != first) { + if (second && first > TIFF_UINT64_MAX / second) { TIFFErrorExt(tif->tif_clientdata, where, "Integer overflow in %s", where); - bytes = 0; + return 0; } - return bytes; + return first * second; +} + +tmsize_t +_TIFFMultiplySSize(TIFF* tif, tmsize_t first, tmsize_t second, const char* where) +{ + if( first <= 0 || second <= 0 ) + { + if( tif != NULL && where != NULL ) + { + TIFFErrorExt(tif->tif_clientdata, where, + "Invalid argument to _TIFFMultiplySSize() in %s", where); + } + return 0; + } + + if( first > TIFF_TMSIZE_T_MAX / second ) + { + if( tif != NULL && where != NULL ) + { + TIFFErrorExt(tif->tif_clientdata, where, + "Integer overflow in %s", where); + } + return 0; + } + return first * second; +} + +tmsize_t _TIFFCastUInt64ToSSize(TIFF* tif, uint64 val, const char* module) +{ + if( val > (uint64)TIFF_TMSIZE_T_MAX ) + { + if( tif != NULL && module != NULL ) + { + TIFFErrorExt(tif->tif_clientdata,module,"Integer overflow"); + } + return 0; + } + return (tmsize_t)val; } void* @@ -63,13 +97,14 @@ _TIFFCheckRealloc(TIFF* tif, void* buffer, tmsize_t nmemb, tmsize_t elem_size, const char* what) { void* cp = NULL; - tmsize_t bytes = nmemb * elem_size; - + tmsize_t count = _TIFFMultiplySSize(tif, nmemb, elem_size, NULL); /* - * XXX: Check for integer overflow. + * Check for integer overflow. */ - if (nmemb && elem_size && bytes / elem_size == nmemb) - cp = _TIFFrealloc(buffer, bytes); + if (count != 0) + { + cp = _TIFFrealloc(buffer, count); + } if (cp == NULL) { TIFFErrorExt(tif->tif_clientdata, tif->tif_name, @@ -235,7 +270,7 @@ TIFFVGetFieldDefaulted(TIFF* tif, uint32 tag, va_list ap) return (1); case TIFFTAG_EXTRASAMPLES: *va_arg(ap, uint16 *) = td->td_extrasamples; - *va_arg(ap, uint16 **) = td->td_sampleinfo; + *va_arg(ap, const uint16 **) = td->td_sampleinfo; return (1); case TIFFTAG_MATTEING: *va_arg(ap, uint16 *) = @@ -257,8 +292,8 @@ TIFFVGetFieldDefaulted(TIFF* tif, uint32 tag, va_list ap) case TIFFTAG_YCBCRCOEFFICIENTS: { /* defaults are from CCIR Recommendation 601-1 */ - static float ycbcrcoeffs[] = { 0.299f, 0.587f, 0.114f }; - *va_arg(ap, float **) = ycbcrcoeffs; + static const float ycbcrcoeffs[] = { 0.299f, 0.587f, 0.114f }; + *va_arg(ap, const float **) = ycbcrcoeffs; return 1; } case TIFFTAG_YCBCRSUBSAMPLING: @@ -270,14 +305,14 @@ TIFFVGetFieldDefaulted(TIFF* tif, uint32 tag, va_list ap) return (1); case TIFFTAG_WHITEPOINT: { - static float whitepoint[2]; - /* TIFF 6.0 specification tells that it is no default value for the WhitePoint, but AdobePhotoshop TIFF Technical Note tells that it should be CIE D50. */ - whitepoint[0] = D50_X0 / (D50_X0 + D50_Y0 + D50_Z0); - whitepoint[1] = D50_Y0 / (D50_X0 + D50_Y0 + D50_Z0); - *va_arg(ap, float **) = whitepoint; + static const float whitepoint[] = { + D50_X0 / (D50_X0 + D50_Y0 + D50_Z0), + D50_Y0 / (D50_X0 + D50_Y0 + D50_Z0) + }; + *va_arg(ap, const float **) = whitepoint; return 1; } case TIFFTAG_TRANSFERFUNCTION: @@ -286,16 +321,16 @@ TIFFVGetFieldDefaulted(TIFF* tif, uint32 tag, va_list ap) TIFFErrorExt(tif->tif_clientdata, tif->tif_name, "No space for \"TransferFunction\" tag"); return (0); } - *va_arg(ap, uint16 **) = td->td_transferfunction[0]; + *va_arg(ap, const uint16 **) = td->td_transferfunction[0]; if (td->td_samplesperpixel - td->td_extrasamples > 1) { - *va_arg(ap, uint16 **) = td->td_transferfunction[1]; - *va_arg(ap, uint16 **) = td->td_transferfunction[2]; + *va_arg(ap, const uint16 **) = td->td_transferfunction[1]; + *va_arg(ap, const uint16 **) = td->td_transferfunction[2]; } return (1); case TIFFTAG_REFERENCEBLACKWHITE: if (!td->td_refblackwhite && !TIFFDefaultRefBlackWhite(td)) return (0); - *va_arg(ap, float **) = td->td_refblackwhite; + *va_arg(ap, const float **) = td->td_refblackwhite; return (1); } return 0; diff --git a/3rdparty/libtiff/tif_compress.c b/3rdparty/libtiff/tif_compress.c index 8130ef08ef..915478f500 100644 --- a/3rdparty/libtiff/tif_compress.c +++ b/3rdparty/libtiff/tif_compress.c @@ -264,7 +264,7 @@ TIFFGetConfiguredCODECs() return NULL; } codecs = new_codecs; - _TIFFmemcpy(codecs + i - 1, cd, sizeof(TIFFCodec)); + _TIFFmemcpy(codecs + i - 1, cd->info, sizeof(TIFFCodec)); i++; } for (c = _TIFFBuiltinCODECS; c->name; c++) { diff --git a/3rdparty/libtiff/tif_dir.c b/3rdparty/libtiff/tif_dir.c index b4ecd44f95..347b7115cb 100644 --- a/3rdparty/libtiff/tif_dir.c +++ b/3rdparty/libtiff/tif_dir.c @@ -29,6 +29,7 @@ * (and also some miscellaneous stuff) */ #include "tiffiop.h" +#include /*--: for Rational2Double */ /* * These are used in the backwards compatibility code... @@ -46,8 +47,8 @@ setByteArray(void** vpp, void* vp, size_t nmemb, size_t elem_size) *vpp = 0; } if (vp) { - tmsize_t bytes = (tmsize_t)(nmemb * elem_size); - if (elem_size && bytes / elem_size == nmemb) + tmsize_t bytes = _TIFFMultiplySSize(NULL, nmemb, elem_size, NULL); + if (bytes) *vpp = (void*) _TIFFmalloc(bytes); if (*vpp) _TIFFmemcpy(*vpp, vp, bytes); @@ -123,7 +124,7 @@ setExtraSamples(TIFF* tif, va_list ap, uint32* v) { TIFFWarningExt(tif->tif_clientdata,module, "ExtraSamples tag value is changing, " - "but TransferFunction was read with a different value. Cancelling it"); + "but TransferFunction was read with a different value. Canceling it"); TIFFClrFieldBit(tif,FIELD_TRANSFERFUNCTION); _TIFFfree(td->td_transferfunction[0]); td->td_transferfunction[0] = NULL; @@ -205,7 +206,7 @@ _TIFFVSetField(TIFF* tif, uint32 tag, va_list ap) /* * If the data require post-decoding processing to byte-swap * samples, set it up here. Note that since tags are required - * to be ordered, compression code can override this behaviour + * to be ordered, compression code can override this behavior * in the setup method if it wants to roll the post decoding * work in with its normal work. */ @@ -275,7 +276,7 @@ _TIFFVSetField(TIFF* tif, uint32 tag, va_list ap) { TIFFWarningExt(tif->tif_clientdata,module, "SamplesPerPixel tag value is changing, " - "but SMinSampleValue tag was read with a different value. Cancelling it"); + "but SMinSampleValue tag was read with a different value. Canceling it"); TIFFClrFieldBit(tif,FIELD_SMINSAMPLEVALUE); _TIFFfree(td->td_sminsamplevalue); td->td_sminsamplevalue = NULL; @@ -284,7 +285,7 @@ _TIFFVSetField(TIFF* tif, uint32 tag, va_list ap) { TIFFWarningExt(tif->tif_clientdata,module, "SamplesPerPixel tag value is changing, " - "but SMaxSampleValue tag was read with a different value. Cancelling it"); + "but SMaxSampleValue tag was read with a different value. Canceling it"); TIFFClrFieldBit(tif,FIELD_SMAXSAMPLEVALUE); _TIFFfree(td->td_smaxsamplevalue); td->td_smaxsamplevalue = NULL; @@ -296,7 +297,7 @@ _TIFFVSetField(TIFF* tif, uint32 tag, va_list ap) { TIFFWarningExt(tif->tif_clientdata,module, "SamplesPerPixel tag value is changing, " - "but TransferFunction was read with a different value. Cancelling it"); + "but TransferFunction was read with a different value. Canceling it"); TIFFClrFieldBit(tif,FIELD_TRANSFERFUNCTION); _TIFFfree(td->td_transferfunction[0]); td->td_transferfunction[0] = NULL; @@ -393,7 +394,7 @@ _TIFFVSetField(TIFF* tif, uint32 tag, va_list ap) if (tif->tif_mode != O_RDONLY) goto badvalue32; TIFFWarningExt(tif->tif_clientdata, tif->tif_name, - "Nonstandard tile width %d, convert file", v32); + "Nonstandard tile width %u, convert file", v32); } td->td_tilewidth = v32; tif->tif_flags |= TIFF_ISTILED; @@ -404,7 +405,7 @@ _TIFFVSetField(TIFF* tif, uint32 tag, va_list ap) if (tif->tif_mode != O_RDONLY) goto badvalue32; TIFFWarningExt(tif->tif_clientdata, tif->tif_name, - "Nonstandard tile length %d, convert file", v32); + "Nonstandard tile length %u, convert file", v32); } td->td_tilelength = v32; tif->tif_flags |= TIFF_ISTILED; @@ -559,6 +560,10 @@ _TIFFVSetField(TIFF* tif, uint32 tag, va_list ap) * Set custom value ... save a copy of the custom tag value. */ tv_size = _TIFFDataSize(fip->field_type); + /*--: Rational2Double: For Rationals evaluate "set_field_type" to determine internal storage size. */ + if (fip->field_type == TIFF_RATIONAL || fip->field_type == TIFF_SRATIONAL) { + tv_size = _TIFFSetGetFieldSize(fip->set_field_type); + } if (tv_size == 0) { status = 0; TIFFErrorExt(tif->tif_clientdata, module, @@ -638,6 +643,7 @@ _TIFFVSetField(TIFF* tif, uint32 tag, va_list ap) || fip->field_writecount == TIFF_VARIABLE2 || fip->field_writecount == TIFF_SPP || tv->count > 1) { + /*--: Rational2Double: For Rationals tv_size is set above to 4 or 8 according to fip->set_field_type! */ _TIFFmemcpy(tv->value, va_arg(ap, void *), tv->count * tv_size); } else { @@ -698,6 +704,22 @@ _TIFFVSetField(TIFF* tif, uint32 tag, va_list ap) break; case TIFF_RATIONAL: case TIFF_SRATIONAL: + /*-- Rational2Double: For Rationals tv_size is set above to 4 or 8 according to fip->set_field_type! */ + { + if (tv_size == 8) { + double v2 = va_arg(ap, double); + _TIFFmemcpy(val, &v2, tv_size); + } else { + /*-- default should be tv_size == 4 */ + float v3 = (float)va_arg(ap, double); + _TIFFmemcpy(val, &v3, tv_size); + /*-- ToDo: After Testing, this should be removed and tv_size==4 should be set as default. */ + if (tv_size != 4) { + TIFFErrorExt(0,"TIFFLib: _TIFFVSetField()", "Rational2Double: .set_field_type in not 4 but %d", tv_size); + } + } + } + break; case TIFF_FLOAT: { float v2 = _TIFFClampDoubleToFloat(va_arg(ap, double)); @@ -1011,19 +1033,19 @@ _TIFFVGetField(TIFF* tif, uint32 tag, va_list ap) *va_arg(ap, uint16*) = td->td_halftonehints[1]; break; case TIFFTAG_COLORMAP: - *va_arg(ap, uint16**) = td->td_colormap[0]; - *va_arg(ap, uint16**) = td->td_colormap[1]; - *va_arg(ap, uint16**) = td->td_colormap[2]; + *va_arg(ap, const uint16**) = td->td_colormap[0]; + *va_arg(ap, const uint16**) = td->td_colormap[1]; + *va_arg(ap, const uint16**) = td->td_colormap[2]; break; case TIFFTAG_STRIPOFFSETS: case TIFFTAG_TILEOFFSETS: _TIFFFillStriles( tif ); - *va_arg(ap, uint64**) = td->td_stripoffset; + *va_arg(ap, const uint64**) = td->td_stripoffset_p; break; case TIFFTAG_STRIPBYTECOUNTS: case TIFFTAG_TILEBYTECOUNTS: _TIFFFillStriles( tif ); - *va_arg(ap, uint64**) = td->td_stripbytecount; + *va_arg(ap, const uint64**) = td->td_stripbytecount_p; break; case TIFFTAG_MATTEING: *va_arg(ap, uint16*) = @@ -1032,7 +1054,7 @@ _TIFFVGetField(TIFF* tif, uint32 tag, va_list ap) break; case TIFFTAG_EXTRASAMPLES: *va_arg(ap, uint16*) = td->td_extrasamples; - *va_arg(ap, uint16**) = td->td_sampleinfo; + *va_arg(ap, const uint16**) = td->td_sampleinfo; break; case TIFFTAG_TILEWIDTH: *va_arg(ap, uint32*) = td->td_tilewidth; @@ -1067,7 +1089,7 @@ _TIFFVGetField(TIFF* tif, uint32 tag, va_list ap) break; case TIFFTAG_SUBIFD: *va_arg(ap, uint16*) = td->td_nsubifd; - *va_arg(ap, uint64**) = td->td_subifd; + *va_arg(ap, const uint64**) = td->td_subifd; break; case TIFFTAG_YCBCRPOSITIONING: *va_arg(ap, uint16*) = td->td_ycbcrpositioning; @@ -1077,20 +1099,20 @@ _TIFFVGetField(TIFF* tif, uint32 tag, va_list ap) *va_arg(ap, uint16*) = td->td_ycbcrsubsampling[1]; break; case TIFFTAG_TRANSFERFUNCTION: - *va_arg(ap, uint16**) = td->td_transferfunction[0]; + *va_arg(ap, const uint16**) = td->td_transferfunction[0]; if (td->td_samplesperpixel - td->td_extrasamples > 1) { - *va_arg(ap, uint16**) = td->td_transferfunction[1]; - *va_arg(ap, uint16**) = td->td_transferfunction[2]; + *va_arg(ap, const uint16**) = td->td_transferfunction[1]; + *va_arg(ap, const uint16**) = td->td_transferfunction[2]; } else { - *va_arg(ap, uint16**) = NULL; - *va_arg(ap, uint16**) = NULL; + *va_arg(ap, const uint16**) = NULL; + *va_arg(ap, const uint16**) = NULL; } break; case TIFFTAG_REFERENCEBLACKWHITE: - *va_arg(ap, float**) = td->td_refblackwhite; + *va_arg(ap, const float**) = td->td_refblackwhite; break; case TIFFTAG_INKNAMES: - *va_arg(ap, char**) = td->td_inknames; + *va_arg(ap, const char**) = td->td_inknames; break; default: { @@ -1132,7 +1154,7 @@ _TIFFVGetField(TIFF* tif, uint32 tag, va_list ap) *va_arg(ap, uint32*) = (uint32)tv->count; else /* Assume TIFF_VARIABLE */ *va_arg(ap, uint16*) = (uint16)tv->count; - *va_arg(ap, void **) = tv->value; + *va_arg(ap, const void **) = tv->value; ret_val = 1; } else if (fip->field_tag == TIFFTAG_DOTRANGE && strcmp(fip->field_name,"DotRange") == 0) { @@ -1200,6 +1222,23 @@ _TIFFVGetField(TIFF* tif, uint32 tag, va_list ap) break; case TIFF_RATIONAL: case TIFF_SRATIONAL: + { + /*-- Rational2Double: For Rationals evaluate "set_field_type" to determine internal storage size and return value size. */ + int tv_size = _TIFFSetGetFieldSize(fip->set_field_type); + if (tv_size == 8) { + *va_arg(ap, double*) = *(double *)val; + ret_val = 1; + } else { + /*-- default should be tv_size == 4 */ + *va_arg(ap, float*) = *(float *)val; + ret_val = 1; + /*-- ToDo: After Testing, this should be removed and tv_size==4 should be set as default. */ + if (tv_size != 4) { + TIFFErrorExt(0,"TIFFLib: _TIFFVGetField()", "Rational2Double: .set_field_type in not 4 but %d", tv_size); + } + } + } + break; case TIFF_FLOAT: *va_arg(ap, float*) = *(float *)val; @@ -1282,8 +1321,9 @@ TIFFFreeDirectory(TIFF* tif) CleanupField(td_transferfunction[0]); CleanupField(td_transferfunction[1]); CleanupField(td_transferfunction[2]); - CleanupField(td_stripoffset); - CleanupField(td_stripbytecount); + CleanupField(td_stripoffset_p); + CleanupField(td_stripbytecount_p); + td->td_stripoffsetbyteallocsize = 0; TIFFClrFieldBit(tif, FIELD_YCBCRSUBSAMPLING); TIFFClrFieldBit(tif, FIELD_YCBCRPOSITIONING); @@ -1296,10 +1336,8 @@ TIFFFreeDirectory(TIFF* tif) td->td_customValueCount = 0; CleanupField(td_customValues); -#if defined(DEFER_STRILE_LOAD) _TIFFmemset( &(td->td_stripoffset_entry), 0, sizeof(TIFFDirEntry)); _TIFFmemset( &(td->td_stripbytecount_entry), 0, sizeof(TIFFDirEntry)); -#endif } #undef CleanupField @@ -1365,6 +1403,17 @@ TIFFCreateEXIFDirectory(TIFF* tif) return TIFFCreateCustomDirectory(tif, exifFieldArray); } +/* + * Creates the EXIF GPS custom directory + */ +int +TIFFCreateGPSDirectory(TIFF* tif) +{ + const TIFFFieldArray* gpsFieldArray; + gpsFieldArray = _TIFFGetGpsFields(); + return TIFFCreateCustomDirectory(tif, gpsFieldArray); +} + /* * Setup a default directory structure. */ @@ -1387,7 +1436,9 @@ TIFFDefaultDirectory(TIFF* tif) td->td_tilewidth = 0; td->td_tilelength = 0; td->td_tiledepth = 1; +#ifdef STRIPBYTECOUNTSORTED_UNUSED td->td_stripbytecountsorted = 1; /* Our own arrays always sorted. */ +#endif td->td_resolutionunit = RESUNIT_INCH; td->td_sampleformat = SAMPLEFORMAT_UINT; td->td_imagedepth = 1; diff --git a/3rdparty/libtiff/tif_dir.h b/3rdparty/libtiff/tif_dir.h index b2f5e69488..f608dd713b 100644 --- a/3rdparty/libtiff/tif_dir.h +++ b/3rdparty/libtiff/tif_dir.h @@ -58,6 +58,7 @@ typedef struct { uint32 toff_long; uint64 toff_long8; } tdir_offset; /* either offset or the data itself if fits */ + uint8 tdir_ignore; /* flag status to ignore tag when parsing tags in tif_dirread.c */ } TIFFDirEntry; /* @@ -97,13 +98,14 @@ typedef struct { * number of striles */ uint32 td_stripsperimage; uint32 td_nstrips; /* size of offset & bytecount arrays */ - uint64* td_stripoffset; - uint64* td_stripbytecount; + uint64* td_stripoffset_p; /* should be accessed with TIFFGetStrileOffset */ + uint64* td_stripbytecount_p; /* should be accessed with TIFFGetStrileByteCount */ + uint32 td_stripoffsetbyteallocsize; /* number of elements currently allocated for td_stripoffset/td_stripbytecount. Only used if TIFF_LAZYSTRILELOAD is set */ +#ifdef STRIPBYTECOUNTSORTED_UNUSED int td_stripbytecountsorted; /* is the bytecount array sorted ascending? */ -#if defined(DEFER_STRILE_LOAD) +#endif TIFFDirEntry td_stripoffset_entry; /* for deferred loading */ TIFFDirEntry td_stripbytecount_entry; /* for deferred loading */ -#endif uint16 td_nsubifd; uint64* td_subifd; /* YCbCr parameters */ @@ -118,6 +120,8 @@ typedef struct { int td_customValueCount; TIFFTagValue *td_customValues; + + unsigned char td_deferstrilearraywriting; /* see TIFFDeferStrileArrayWriting() */ } TIFFDirectory; /* @@ -257,6 +261,7 @@ extern "C" { extern const TIFFFieldArray* _TIFFGetFields(void); extern const TIFFFieldArray* _TIFFGetExifFields(void); +extern const TIFFFieldArray* _TIFFGetGpsFields(void); extern void _TIFFSetupFields(TIFF* tif, const TIFFFieldArray* infoarray); extern void _TIFFPrintFieldInfo(TIFF*, FILE*); @@ -265,6 +270,7 @@ extern int _TIFFFillStriles(TIFF*); typedef enum { tfiatImage, tfiatExif, + tfiatGps, /* EXIF-GPS fields array type */ tfiatOther } TIFFFieldArrayType; diff --git a/3rdparty/libtiff/tif_dirinfo.c b/3rdparty/libtiff/tif_dirinfo.c index e1f6b23e9a..7217042c25 100644 --- a/3rdparty/libtiff/tif_dirinfo.c +++ b/3rdparty/libtiff/tif_dirinfo.c @@ -47,9 +47,19 @@ #endif static const TIFFFieldArray tiffFieldArray; static const TIFFFieldArray exifFieldArray; +static const TIFFFieldArray gpsFieldArray; #ifdef _MSC_VER #pragma warning( pop ) #endif +/*--: Rational2Double: -- + * The Rational2Double upgraded libtiff functionality allows the definition and achievement of true double-precision accuracy + * for TIFF tags of RATIONAL type and field_bit=FIELD_CUSTOM using the set_field_type = TIFF_SETGET_DOUBLE. + * Unfortunately, that changes the old implemented interface for TIFFGetField(). + * In order to keep the old TIFFGetField() interface behavior those tags have to be redefined with set_field_type = TIFF_SETGET_FLOAT! + * + * Rational custom arrays are already defined as _Cxx_FLOAT, thus can stay. + * + */ static const TIFFField tiffFields[] = { @@ -75,12 +85,12 @@ tiffFields[] = { { TIFFTAG_STRIPBYTECOUNTS, -1, -1, TIFF_LONG8, 0, TIFF_SETGET_UNDEFINED, TIFF_SETGET_UNDEFINED, FIELD_STRIPBYTECOUNTS, 0, 0, "StripByteCounts", NULL }, { TIFFTAG_MINSAMPLEVALUE, -2, -1, TIFF_SHORT, 0, TIFF_SETGET_UINT16, TIFF_SETGET_UNDEFINED, FIELD_MINSAMPLEVALUE, 1, 0, "MinSampleValue", NULL }, { TIFFTAG_MAXSAMPLEVALUE, -2, -1, TIFF_SHORT, 0, TIFF_SETGET_UINT16, TIFF_SETGET_UNDEFINED, FIELD_MAXSAMPLEVALUE, 1, 0, "MaxSampleValue", NULL }, - { TIFFTAG_XRESOLUTION, 1, 1, TIFF_RATIONAL, 0, TIFF_SETGET_DOUBLE, TIFF_SETGET_UNDEFINED, FIELD_RESOLUTION, 1, 0, "XResolution", NULL }, - { TIFFTAG_YRESOLUTION, 1, 1, TIFF_RATIONAL, 0, TIFF_SETGET_DOUBLE, TIFF_SETGET_UNDEFINED, FIELD_RESOLUTION, 1, 0, "YResolution", NULL }, + { TIFFTAG_XRESOLUTION, 1, 1, TIFF_RATIONAL, 0, TIFF_SETGET_FLOAT, TIFF_SETGET_UNDEFINED, FIELD_RESOLUTION, 1, 0, "XResolution", NULL }, + { TIFFTAG_YRESOLUTION, 1, 1, TIFF_RATIONAL, 0, TIFF_SETGET_FLOAT, TIFF_SETGET_UNDEFINED, FIELD_RESOLUTION, 1, 0, "YResolution", NULL }, { TIFFTAG_PLANARCONFIG, 1, 1, TIFF_SHORT, 0, TIFF_SETGET_UINT16, TIFF_SETGET_UNDEFINED, FIELD_PLANARCONFIG, 0, 0, "PlanarConfiguration", NULL }, { TIFFTAG_PAGENAME, -1, -1, TIFF_ASCII, 0, TIFF_SETGET_ASCII, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "PageName", NULL }, - { TIFFTAG_XPOSITION, 1, 1, TIFF_RATIONAL, 0, TIFF_SETGET_DOUBLE, TIFF_SETGET_UNDEFINED, FIELD_POSITION, 1, 0, "XPosition", NULL }, - { TIFFTAG_YPOSITION, 1, 1, TIFF_RATIONAL, 0, TIFF_SETGET_DOUBLE, TIFF_SETGET_UNDEFINED, FIELD_POSITION, 1, 0, "YPosition", NULL }, + { TIFFTAG_XPOSITION, 1, 1, TIFF_RATIONAL, 0, TIFF_SETGET_FLOAT, TIFF_SETGET_UNDEFINED, FIELD_POSITION, 1, 0, "XPosition", NULL }, + { TIFFTAG_YPOSITION, 1, 1, TIFF_RATIONAL, 0, TIFF_SETGET_FLOAT, TIFF_SETGET_UNDEFINED, FIELD_POSITION, 1, 0, "YPosition", NULL }, { TIFFTAG_FREEOFFSETS, -1, -1, TIFF_LONG8, 0, TIFF_SETGET_UNDEFINED, TIFF_SETGET_UNDEFINED, FIELD_IGNORE, 0, 0, "FreeOffsets", NULL }, { TIFFTAG_FREEBYTECOUNTS, -1, -1, TIFF_LONG8, 0, TIFF_SETGET_UNDEFINED, TIFF_SETGET_UNDEFINED, FIELD_IGNORE, 0, 0, "FreeByteCounts", NULL }, { TIFFTAG_GRAYRESPONSEUNIT, 1, 1, TIFF_SHORT, 0, TIFF_SETGET_UNDEFINED, TIFF_SETGET_UNDEFINED, FIELD_IGNORE, 1, 0, "GrayResponseUnit", NULL }, @@ -135,14 +145,18 @@ tiffFields[] = { { TIFFTAG_PIXAR_MATRIX_WORLDTOSCREEN, 16, 16, TIFF_FLOAT, 0, TIFF_SETGET_C0_FLOAT, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "MatrixWorldToScreen", NULL }, { TIFFTAG_PIXAR_MATRIX_WORLDTOCAMERA, 16, 16, TIFF_FLOAT, 0, TIFF_SETGET_C0_FLOAT, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "MatrixWorldToCamera", NULL }, { TIFFTAG_CFAREPEATPATTERNDIM, 2, 2, TIFF_SHORT, 0, TIFF_SETGET_C0_UINT16, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 0, 0, "CFARepeatPatternDim", NULL }, - { TIFFTAG_CFAPATTERN, 4, 4, TIFF_BYTE, 0, TIFF_SETGET_C0_UINT8, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 0, 0, "CFAPattern" , NULL}, + { TIFFTAG_CFAPATTERN, -1, -1, TIFF_BYTE, 0, TIFF_SETGET_C16_UINT8, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 0, 1, "CFAPattern" , NULL}, { TIFFTAG_COPYRIGHT, -1, -1, TIFF_ASCII, 0, TIFF_SETGET_ASCII, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "Copyright", NULL }, /* end Pixar tags */ - { TIFFTAG_RICHTIFFIPTC, -3, -3, TIFF_LONG, 0, TIFF_SETGET_C32_UINT32, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 0, 1, "RichTIFFIPTC", NULL }, + { TIFFTAG_RICHTIFFIPTC, -3, -3, TIFF_UNDEFINED, 0, TIFF_SETGET_C32_UINT8, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 0, 1, "RichTIFFIPTC", NULL }, { TIFFTAG_PHOTOSHOP, -3, -3, TIFF_BYTE, 0, TIFF_SETGET_C32_UINT8, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 0, 1, "Photoshop", NULL }, - { TIFFTAG_EXIFIFD, 1, 1, TIFF_IFD8, 0, TIFF_SETGET_IFD8, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 0, 0, "EXIFIFDOffset", (TIFFFieldArray*) &exifFieldArray }, + /*--: EXIFIFD and GPSIFD specified as TIFF_LONG by Aware-Systems and not TIFF_IFD8 as in original LibTiff. + * However, for IFD-like tags, libtiff uses the data type TIFF_IFD8 in tiffFields[]-tag definition combined with + * a special handling procedure in order to write either a 32-bit value and the TIFF_IFD type-id into ClassicTIFF files + * or a 64-bit value and the TIFF_IFD8 type-id into BigTIFF files. */ + { TIFFTAG_EXIFIFD, 1, 1, TIFF_IFD8, 0, TIFF_SETGET_IFD8, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "EXIFIFDOffset", (TIFFFieldArray*) &exifFieldArray }, { TIFFTAG_ICCPROFILE, -3, -3, TIFF_UNDEFINED, 0, TIFF_SETGET_C32_UINT8, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 0, 1, "ICC Profile", NULL }, - { TIFFTAG_GPSIFD, 1, 1, TIFF_IFD8, 0, TIFF_SETGET_IFD8, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 0, 0, "GPSIFDOffset", NULL }, + { TIFFTAG_GPSIFD, 1, 1, TIFF_IFD8, 0, TIFF_SETGET_IFD8, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "GPSIFDOffset", (TIFFFieldArray*) &gpsFieldArray }, { TIFFTAG_FAXRECVPARAMS, 1, 1, TIFF_LONG, 0, TIFF_SETGET_UINT32, TIFF_SETGET_UINT32, FIELD_CUSTOM, TRUE, FALSE, "FaxRecvParams", NULL }, { TIFFTAG_FAXSUBADDRESS, -1, -1, TIFF_ASCII, 0, TIFF_SETGET_ASCII, TIFF_SETGET_ASCII, FIELD_CUSTOM, TRUE, FALSE, "FaxSubAddress", NULL }, { TIFFTAG_FAXRECVTIME, 1, 1, TIFF_LONG, 0, TIFF_SETGET_UINT32, TIFF_SETGET_UINT32, FIELD_CUSTOM, TRUE, FALSE, "FaxRecvTime", NULL }, @@ -163,7 +177,7 @@ tiffFields[] = { { TIFFTAG_BLACKLEVELDELTAV, -1, -1, TIFF_SRATIONAL, 0, TIFF_SETGET_C16_FLOAT, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 0, 1, "BlackLevelDeltaV", NULL }, { TIFFTAG_WHITELEVEL, -1, -1, TIFF_LONG, 0, TIFF_SETGET_C16_UINT32, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 0, 1, "WhiteLevel", NULL }, { TIFFTAG_DEFAULTSCALE, 2, 2, TIFF_RATIONAL, 0, TIFF_SETGET_C0_FLOAT, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 0, 0, "DefaultScale", NULL }, - { TIFFTAG_BESTQUALITYSCALE, 1, 1, TIFF_RATIONAL, 0, TIFF_SETGET_DOUBLE, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 0, 0, "BestQualityScale", NULL }, + { TIFFTAG_BESTQUALITYSCALE, 1, 1, TIFF_RATIONAL, 0, TIFF_SETGET_FLOAT, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 0, 0, "BestQualityScale", NULL }, { TIFFTAG_DEFAULTCROPORIGIN, 2, 2, TIFF_RATIONAL, 0, TIFF_SETGET_C0_FLOAT, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 0, 0, "DefaultCropOrigin", NULL }, { TIFFTAG_DEFAULTCROPSIZE, 2, 2, TIFF_RATIONAL, 0, TIFF_SETGET_C0_FLOAT, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 0, 0, "DefaultCropSize", NULL }, { TIFFTAG_COLORMATRIX1, -1, -1, TIFF_SRATIONAL, 0, TIFF_SETGET_C16_FLOAT, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 0, 1, "ColorMatrix1", NULL }, @@ -175,16 +189,16 @@ tiffFields[] = { { TIFFTAG_ANALOGBALANCE, -1, -1, TIFF_RATIONAL, 0, TIFF_SETGET_C16_FLOAT, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 0, 1, "AnalogBalance", NULL }, { TIFFTAG_ASSHOTNEUTRAL, -1, -1, TIFF_RATIONAL, 0, TIFF_SETGET_C16_FLOAT, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 0, 1, "AsShotNeutral", NULL }, { TIFFTAG_ASSHOTWHITEXY, 2, 2, TIFF_RATIONAL, 0, TIFF_SETGET_C0_FLOAT, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 0, 0, "AsShotWhiteXY", NULL }, - { TIFFTAG_BASELINEEXPOSURE, 1, 1, TIFF_SRATIONAL, 0, TIFF_SETGET_DOUBLE, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 0, 0, "BaselineExposure", NULL }, - { TIFFTAG_BASELINENOISE, 1, 1, TIFF_RATIONAL, 0, TIFF_SETGET_DOUBLE, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 0, 0, "BaselineNoise", NULL }, - { TIFFTAG_BASELINESHARPNESS, 1, 1, TIFF_RATIONAL, 0, TIFF_SETGET_DOUBLE, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 0, 0, "BaselineSharpness", NULL }, + { TIFFTAG_BASELINEEXPOSURE, 1, 1, TIFF_SRATIONAL, 0, TIFF_SETGET_FLOAT, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 0, 0, "BaselineExposure", NULL }, + { TIFFTAG_BASELINENOISE, 1, 1, TIFF_RATIONAL, 0, TIFF_SETGET_FLOAT, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 0, 0, "BaselineNoise", NULL }, + { TIFFTAG_BASELINESHARPNESS, 1, 1, TIFF_RATIONAL, 0, TIFF_SETGET_FLOAT, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 0, 0, "BaselineSharpness", NULL }, { TIFFTAG_BAYERGREENSPLIT, 1, 1, TIFF_LONG, 0, TIFF_SETGET_UINT32, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 0, 0, "BayerGreenSplit", NULL }, - { TIFFTAG_LINEARRESPONSELIMIT, 1, 1, TIFF_RATIONAL, 0, TIFF_SETGET_DOUBLE, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 0, 0, "LinearResponseLimit", NULL }, + { TIFFTAG_LINEARRESPONSELIMIT, 1, 1, TIFF_RATIONAL, 0, TIFF_SETGET_FLOAT, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 0, 0, "LinearResponseLimit", NULL }, { TIFFTAG_CAMERASERIALNUMBER, -1, -1, TIFF_ASCII, 0, TIFF_SETGET_ASCII, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "CameraSerialNumber", NULL }, { TIFFTAG_LENSINFO, 4, 4, TIFF_RATIONAL, 0, TIFF_SETGET_C0_FLOAT, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 0, 0, "LensInfo", NULL }, - { TIFFTAG_CHROMABLURRADIUS, 1, 1, TIFF_RATIONAL, 0, TIFF_SETGET_DOUBLE, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 0, 0, "ChromaBlurRadius", NULL }, - { TIFFTAG_ANTIALIASSTRENGTH, 1, 1, TIFF_RATIONAL, 0, TIFF_SETGET_DOUBLE, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 0, 0, "AntiAliasStrength", NULL }, - { TIFFTAG_SHADOWSCALE, 1, 1, TIFF_RATIONAL, 0, TIFF_SETGET_DOUBLE, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 0, 0, "ShadowScale", NULL }, + { TIFFTAG_CHROMABLURRADIUS, 1, 1, TIFF_RATIONAL, 0, TIFF_SETGET_FLOAT, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 0, 0, "ChromaBlurRadius", NULL }, + { TIFFTAG_ANTIALIASSTRENGTH, 1, 1, TIFF_RATIONAL, 0, TIFF_SETGET_FLOAT, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 0, 0, "AntiAliasStrength", NULL }, + { TIFFTAG_SHADOWSCALE, 1, 1, TIFF_RATIONAL, 0, TIFF_SETGET_FLOAT, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 0, 0, "ShadowScale", NULL }, { TIFFTAG_DNGPRIVATEDATA, -1, -1, TIFF_BYTE, 0, TIFF_SETGET_C16_UINT8, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 0, 1, "DNGPrivateData", NULL }, { TIFFTAG_MAKERNOTESAFETY, 1, 1, TIFF_SHORT, 0, TIFF_SETGET_UINT16, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 0, 0, "MakerNoteSafety", NULL }, { TIFFTAG_CALIBRATIONILLUMINANT1, 1, 1, TIFF_SHORT, 0, TIFF_SETGET_UINT16, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 0, 0, "CalibrationIlluminant1", NULL }, @@ -217,47 +231,68 @@ tiffFields[] = { /* begin pseudo tags */ }; +/* + * EXIF tags (Version 2.31, July 2016 plus version 2.32 May 2019) + */ static const TIFFField exifFields[] = { - { EXIFTAG_EXPOSURETIME, 1, 1, TIFF_RATIONAL, 0, TIFF_SETGET_DOUBLE, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "ExposureTime", NULL }, - { EXIFTAG_FNUMBER, 1, 1, TIFF_RATIONAL, 0, TIFF_SETGET_DOUBLE, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "FNumber", NULL }, + { EXIFTAG_EXPOSURETIME, 1, 1, TIFF_RATIONAL, 0, TIFF_SETGET_FLOAT, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "ExposureTime", NULL }, + { EXIFTAG_FNUMBER, 1, 1, TIFF_RATIONAL, 0, TIFF_SETGET_FLOAT, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "FNumber", NULL }, { EXIFTAG_EXPOSUREPROGRAM, 1, 1, TIFF_SHORT, 0, TIFF_SETGET_UINT16, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "ExposureProgram", NULL }, { EXIFTAG_SPECTRALSENSITIVITY, -1, -1, TIFF_ASCII, 0, TIFF_SETGET_ASCII, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "SpectralSensitivity", NULL }, { EXIFTAG_ISOSPEEDRATINGS, -1, -1, TIFF_SHORT, 0, TIFF_SETGET_C16_UINT16, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 1, "ISOSpeedRatings", NULL }, { EXIFTAG_OECF, -1, -1, TIFF_UNDEFINED, 0, TIFF_SETGET_C16_UINT8, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 1, "OptoelectricConversionFactor", NULL }, + { EXIFTAG_SENSITIVITYTYPE, 1, 1, TIFF_SHORT, 0, TIFF_SETGET_UINT16, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "SensitivityType", NULL }, + { EXIFTAG_STANDARDOUTPUTSENSITIVITY, 1, 1, TIFF_LONG, 0, TIFF_SETGET_UINT32, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "StandardOutputSensitivity", NULL }, + { EXIFTAG_RECOMMENDEDEXPOSUREINDEX, 1, 1, TIFF_LONG, 0, TIFF_SETGET_UINT32, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "RecommendedExposureIndex", NULL }, + { EXIFTAG_ISOSPEED, 1, 1, TIFF_LONG, 0, TIFF_SETGET_UINT32, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "ISOSpeed", NULL }, + { EXIFTAG_ISOSPEEDLATITUDEYYY, 1, 1, TIFF_LONG, 0, TIFF_SETGET_UINT32, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "ISOSpeedLatitudeyyy", NULL }, + { EXIFTAG_ISOSPEEDLATITUDEZZZ, 1, 1, TIFF_LONG, 0, TIFF_SETGET_UINT32, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "ISOSpeedLatitudezzz", NULL }, { EXIFTAG_EXIFVERSION, 4, 4, TIFF_UNDEFINED, 0, TIFF_SETGET_C0_UINT8, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "ExifVersion", NULL }, { EXIFTAG_DATETIMEORIGINAL, 20, 20, TIFF_ASCII, 0, TIFF_SETGET_ASCII, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "DateTimeOriginal", NULL }, { EXIFTAG_DATETIMEDIGITIZED, 20, 20, TIFF_ASCII, 0, TIFF_SETGET_ASCII, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "DateTimeDigitized", NULL }, + { EXIFTAG_OFFSETTIME, 7, 7, TIFF_ASCII, 0, TIFF_SETGET_ASCII, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "OffsetTime", NULL }, + { EXIFTAG_OFFSETTIMEORIGINAL, 7, 7, TIFF_ASCII, 0, TIFF_SETGET_ASCII, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "OffsetTimeOriginal", NULL }, + { EXIFTAG_OFFSETTIMEDIGITIZED, 7, 7, TIFF_ASCII, 0, TIFF_SETGET_ASCII, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "OffsetTimeDigitized", NULL }, { EXIFTAG_COMPONENTSCONFIGURATION, 4, 4, TIFF_UNDEFINED, 0, TIFF_SETGET_C0_UINT8, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "ComponentsConfiguration", NULL }, - { EXIFTAG_COMPRESSEDBITSPERPIXEL, 1, 1, TIFF_RATIONAL, 0, TIFF_SETGET_DOUBLE, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "CompressedBitsPerPixel", NULL }, - { EXIFTAG_SHUTTERSPEEDVALUE, 1, 1, TIFF_SRATIONAL, 0, TIFF_SETGET_DOUBLE, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "ShutterSpeedValue", NULL }, - { EXIFTAG_APERTUREVALUE, 1, 1, TIFF_RATIONAL, 0, TIFF_SETGET_DOUBLE, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "ApertureValue", NULL }, - { EXIFTAG_BRIGHTNESSVALUE, 1, 1, TIFF_SRATIONAL, 0, TIFF_SETGET_DOUBLE, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "BrightnessValue", NULL }, - { EXIFTAG_EXPOSUREBIASVALUE, 1, 1, TIFF_SRATIONAL, 0, TIFF_SETGET_DOUBLE, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "ExposureBiasValue", NULL }, - { EXIFTAG_MAXAPERTUREVALUE, 1, 1, TIFF_RATIONAL, 0, TIFF_SETGET_DOUBLE, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "MaxApertureValue", NULL }, - { EXIFTAG_SUBJECTDISTANCE, 1, 1, TIFF_RATIONAL, 0, TIFF_SETGET_DOUBLE, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "SubjectDistance", NULL }, + { EXIFTAG_COMPRESSEDBITSPERPIXEL, 1, 1, TIFF_RATIONAL, 0, TIFF_SETGET_FLOAT, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "CompressedBitsPerPixel", NULL }, + { EXIFTAG_SHUTTERSPEEDVALUE, 1, 1, TIFF_SRATIONAL, 0, TIFF_SETGET_FLOAT, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "ShutterSpeedValue", NULL }, + { EXIFTAG_APERTUREVALUE, 1, 1, TIFF_RATIONAL, 0, TIFF_SETGET_FLOAT, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "ApertureValue", NULL }, + { EXIFTAG_BRIGHTNESSVALUE, 1, 1, TIFF_SRATIONAL, 0, TIFF_SETGET_FLOAT, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "BrightnessValue", NULL }, + { EXIFTAG_EXPOSUREBIASVALUE, 1, 1, TIFF_SRATIONAL, 0, TIFF_SETGET_FLOAT, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "ExposureBiasValue", NULL }, + { EXIFTAG_MAXAPERTUREVALUE, 1, 1, TIFF_RATIONAL, 0, TIFF_SETGET_FLOAT, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "MaxApertureValue", NULL }, + /*--: EXIFTAG_SUBJECTDISTANCE: LibTiff returns value of "-1" if numerator equals 4294967295 (0xFFFFFFFF) to indicate infinite distance! + * However, there are two other EXIF tags where numerator indicates a special value and six other cases where the denominator indicates special values, + * which are not treated within LibTiff!! */ + { EXIFTAG_SUBJECTDISTANCE, 1, 1, TIFF_RATIONAL, 0, TIFF_SETGET_FLOAT, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "SubjectDistance", NULL }, { EXIFTAG_METERINGMODE, 1, 1, TIFF_SHORT, 0, TIFF_SETGET_UINT16, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "MeteringMode", NULL }, { EXIFTAG_LIGHTSOURCE, 1, 1, TIFF_SHORT, 0, TIFF_SETGET_UINT16, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "LightSource", NULL }, { EXIFTAG_FLASH, 1, 1, TIFF_SHORT, 0, TIFF_SETGET_UINT16, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "Flash", NULL }, - { EXIFTAG_FOCALLENGTH, 1, 1, TIFF_RATIONAL, 0, TIFF_SETGET_DOUBLE, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "FocalLength", NULL }, + { EXIFTAG_FOCALLENGTH, 1, 1, TIFF_RATIONAL, 0, TIFF_SETGET_FLOAT, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "FocalLength", NULL }, { EXIFTAG_SUBJECTAREA, -1, -1, TIFF_SHORT, 0, TIFF_SETGET_C16_UINT16, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 1, "SubjectArea", NULL }, { EXIFTAG_MAKERNOTE, -1, -1, TIFF_UNDEFINED, 0, TIFF_SETGET_C16_UINT8, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 1, "MakerNote", NULL }, { EXIFTAG_USERCOMMENT, -1, -1, TIFF_UNDEFINED, 0, TIFF_SETGET_C16_UINT8, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 1, "UserComment", NULL }, { EXIFTAG_SUBSECTIME, -1, -1, TIFF_ASCII, 0, TIFF_SETGET_ASCII, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "SubSecTime", NULL }, { EXIFTAG_SUBSECTIMEORIGINAL, -1, -1, TIFF_ASCII, 0, TIFF_SETGET_ASCII, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "SubSecTimeOriginal", NULL }, { EXIFTAG_SUBSECTIMEDIGITIZED, -1, -1, TIFF_ASCII, 0, TIFF_SETGET_ASCII, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "SubSecTimeDigitized", NULL }, + { EXIFTAG_TEMPERATURE, 1, 1, TIFF_SRATIONAL, 0, TIFF_SETGET_FLOAT, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "Temperature", NULL }, + { EXIFTAG_HUMIDITY, 1, 1, TIFF_RATIONAL, 0, TIFF_SETGET_FLOAT, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "Humidity", NULL }, + { EXIFTAG_PRESSURE, 1, 1, TIFF_RATIONAL, 0, TIFF_SETGET_FLOAT, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "Pressure", NULL }, + { EXIFTAG_WATERDEPTH, 1, 1, TIFF_SRATIONAL, 0, TIFF_SETGET_FLOAT, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "WaterDepth", NULL }, + { EXIFTAG_ACCELERATION, 1, 1, TIFF_RATIONAL, 0, TIFF_SETGET_FLOAT, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "Acceleration", NULL }, + { EXIFTAG_CAMERAELEVATIONANGLE, 1, 1, TIFF_SRATIONAL, 0, TIFF_SETGET_FLOAT, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "CameraElevationAngle", NULL }, { EXIFTAG_FLASHPIXVERSION, 4, 4, TIFF_UNDEFINED, 0, TIFF_SETGET_C0_UINT8, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "FlashpixVersion", NULL }, { EXIFTAG_COLORSPACE, 1, 1, TIFF_SHORT, 0, TIFF_SETGET_UINT16, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "ColorSpace", NULL }, { EXIFTAG_PIXELXDIMENSION, 1, 1, TIFF_LONG, 0, TIFF_SETGET_UINT32, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "PixelXDimension", NULL }, { EXIFTAG_PIXELYDIMENSION, 1, 1, TIFF_LONG, 0, TIFF_SETGET_UINT32, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "PixelYDimension", NULL }, { EXIFTAG_RELATEDSOUNDFILE, 13, 13, TIFF_ASCII, 0, TIFF_SETGET_ASCII, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "RelatedSoundFile", NULL }, - { EXIFTAG_FLASHENERGY, 1, 1, TIFF_RATIONAL, 0, TIFF_SETGET_DOUBLE, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "FlashEnergy", NULL }, + { EXIFTAG_FLASHENERGY, 1, 1, TIFF_RATIONAL, 0, TIFF_SETGET_FLOAT, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "FlashEnergy", NULL }, { EXIFTAG_SPATIALFREQUENCYRESPONSE, -1, -1, TIFF_UNDEFINED, 0, TIFF_SETGET_C16_UINT8, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 1, "SpatialFrequencyResponse", NULL }, - { EXIFTAG_FOCALPLANEXRESOLUTION, 1, 1, TIFF_RATIONAL, 0, TIFF_SETGET_DOUBLE, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "FocalPlaneXResolution", NULL }, - { EXIFTAG_FOCALPLANEYRESOLUTION, 1, 1, TIFF_RATIONAL, 0, TIFF_SETGET_DOUBLE, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "FocalPlaneYResolution", NULL }, + { EXIFTAG_FOCALPLANEXRESOLUTION, 1, 1, TIFF_RATIONAL, 0, TIFF_SETGET_FLOAT, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "FocalPlaneXResolution", NULL }, + { EXIFTAG_FOCALPLANEYRESOLUTION, 1, 1, TIFF_RATIONAL, 0, TIFF_SETGET_FLOAT, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "FocalPlaneYResolution", NULL }, { EXIFTAG_FOCALPLANERESOLUTIONUNIT, 1, 1, TIFF_SHORT, 0, TIFF_SETGET_UINT16, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "FocalPlaneResolutionUnit", NULL }, { EXIFTAG_SUBJECTLOCATION, 2, 2, TIFF_SHORT, 0, TIFF_SETGET_C0_UINT16, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "SubjectLocation", NULL }, - { EXIFTAG_EXPOSUREINDEX, 1, 1, TIFF_RATIONAL, 0, TIFF_SETGET_DOUBLE, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "ExposureIndex", NULL }, + { EXIFTAG_EXPOSUREINDEX, 1, 1, TIFF_RATIONAL, 0, TIFF_SETGET_FLOAT, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "ExposureIndex", NULL }, { EXIFTAG_SENSINGMETHOD, 1, 1, TIFF_SHORT, 0, TIFF_SETGET_UINT16, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "SensingMethod", NULL }, { EXIFTAG_FILESOURCE, 1, 1, TIFF_UNDEFINED, 0, TIFF_SETGET_UINT8, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "FileSource", NULL }, { EXIFTAG_SCENETYPE, 1, 1, TIFF_UNDEFINED, 0, TIFF_SETGET_UINT8, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "SceneType", NULL }, @@ -265,22 +300,79 @@ exifFields[] = { { EXIFTAG_CUSTOMRENDERED, 1, 1, TIFF_SHORT, 0, TIFF_SETGET_UINT16, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "CustomRendered", NULL }, { EXIFTAG_EXPOSUREMODE, 1, 1, TIFF_SHORT, 0, TIFF_SETGET_UINT16, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "ExposureMode", NULL }, { EXIFTAG_WHITEBALANCE, 1, 1, TIFF_SHORT, 0, TIFF_SETGET_UINT16, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "WhiteBalance", NULL }, - { EXIFTAG_DIGITALZOOMRATIO, 1, 1, TIFF_RATIONAL, 0, TIFF_SETGET_DOUBLE, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "DigitalZoomRatio", NULL }, + { EXIFTAG_DIGITALZOOMRATIO, 1, 1, TIFF_RATIONAL, 0, TIFF_SETGET_FLOAT, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "DigitalZoomRatio", NULL }, { EXIFTAG_FOCALLENGTHIN35MMFILM, 1, 1, TIFF_SHORT, 0, TIFF_SETGET_UINT16, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "FocalLengthIn35mmFilm", NULL }, { EXIFTAG_SCENECAPTURETYPE, 1, 1, TIFF_SHORT, 0, TIFF_SETGET_UINT16, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "SceneCaptureType", NULL }, - { EXIFTAG_GAINCONTROL, 1, 1, TIFF_RATIONAL, 0, TIFF_SETGET_DOUBLE, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "GainControl", NULL }, + { EXIFTAG_GAINCONTROL, 1, 1, TIFF_RATIONAL, 0, TIFF_SETGET_FLOAT, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "GainControl", NULL }, { EXIFTAG_CONTRAST, 1, 1, TIFF_SHORT, 0, TIFF_SETGET_UINT16, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "Contrast", NULL }, { EXIFTAG_SATURATION, 1, 1, TIFF_SHORT, 0, TIFF_SETGET_UINT16, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "Saturation", NULL }, { EXIFTAG_SHARPNESS, 1, 1, TIFF_SHORT, 0, TIFF_SETGET_UINT16, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "Sharpness", NULL }, { EXIFTAG_DEVICESETTINGDESCRIPTION, -1, -1, TIFF_UNDEFINED, 0, TIFF_SETGET_C16_UINT8, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 1, "DeviceSettingDescription", NULL }, { EXIFTAG_SUBJECTDISTANCERANGE, 1, 1, TIFF_SHORT, 0, TIFF_SETGET_UINT16, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "SubjectDistanceRange", NULL }, - { EXIFTAG_IMAGEUNIQUEID, 33, 33, TIFF_ASCII, 0, TIFF_SETGET_ASCII, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "ImageUniqueID", NULL } + { EXIFTAG_IMAGEUNIQUEID, 33, 33, TIFF_ASCII, 0, TIFF_SETGET_ASCII, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "ImageUniqueID", NULL }, + { EXIFTAG_CAMERAOWNERNAME, -1, -1, TIFF_ASCII, 0, TIFF_SETGET_ASCII, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "CameraOwnerName", NULL }, + { EXIFTAG_BODYSERIALNUMBER, -1, -1, TIFF_ASCII, 0, TIFF_SETGET_ASCII, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "BodySerialNumber", NULL }, + { EXIFTAG_LENSSPECIFICATION, 4, 4, TIFF_RATIONAL, 0, TIFF_SETGET_C0_FLOAT, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "LensSpecification", NULL }, + { EXIFTAG_LENSMAKE, -1, -1, TIFF_ASCII, 0, TIFF_SETGET_ASCII, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "LensMake", NULL }, + { EXIFTAG_LENSMODEL, -1, -1, TIFF_ASCII, 0, TIFF_SETGET_ASCII, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "LensModel", NULL }, + { EXIFTAG_LENSSERIALNUMBER, -1, -1, TIFF_ASCII, 0, TIFF_SETGET_ASCII, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "LensSerialNumber", NULL }, + { EXIFTAG_GAMMA, 1, 1, TIFF_RATIONAL, 0, TIFF_SETGET_FLOAT, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "Gamma", NULL }, + { EXIFTAG_COMPOSITEIMAGE, 1, 1, TIFF_SHORT, 0, TIFF_SETGET_UINT16, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "CompositeImage", NULL }, + { EXIFTAG_SOURCEIMAGENUMBEROFCOMPOSITEIMAGE, 2, 2, TIFF_SHORT, 0, TIFF_SETGET_C0_UINT16, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "SourceImageNumberOfCompositeImage", NULL }, + { EXIFTAG_SOURCEEXPOSURETIMESOFCOMPOSITEIMAGE, -1, -1, TIFF_UNDEFINED, 0, TIFF_SETGET_C16_UINT8, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 1, "SourceExposureTimesOfCompositeImage", NULL } +}; +/* + * EXIF-GPS tags (Version 2.31, July 2016; nothing changed for version 2.32 May 2019) + */ + +static TIFFField +gpsFields[] = { + /* For the GPS tag definitions in gpsFields[] the standard definition for Rationals is TIFF_SETGET_DOUBLE and TIFF_SETGET_C0_FLOAT. + *-- ATTENTION: After the upgrade with Rational2Double, the GPSTAG values can now be written and also read in double precision! + * In order to achieve double precision for GPS tags: + * Standard definitions for GPSTAG is kept to TIFF_SETGET_DOUBLE + * and TIFF_SETGET_C0_FLOAT is changed to TIFF_SETGET_C0_DOUBLE. + */ + { GPSTAG_VERSIONID , 4, 4, TIFF_BYTE , 0, TIFF_SETGET_C0_UINT8 , TIFF_SETGET_UINT8 , FIELD_CUSTOM , 1, 0, "VersionID", NULL }, + { GPSTAG_LATITUDEREF , 2, 2, TIFF_ASCII , 0, TIFF_SETGET_ASCII , TIFF_SETGET_UNDEFINED , FIELD_CUSTOM , 1, 0, "LatitudeRef", NULL }, + { GPSTAG_LATITUDE , 3, 3, TIFF_RATIONAL , 0, TIFF_SETGET_C0_DOUBLE , TIFF_SETGET_UNDEFINED , FIELD_CUSTOM , 1, 0, "Latitude", NULL }, + { GPSTAG_LONGITUDEREF , 2, 2, TIFF_ASCII , 0, TIFF_SETGET_ASCII , TIFF_SETGET_UNDEFINED , FIELD_CUSTOM , 1, 0, "LongitudeRef", NULL }, + { GPSTAG_LONGITUDE , 3, 3, TIFF_RATIONAL , 0, TIFF_SETGET_C0_DOUBLE , TIFF_SETGET_UNDEFINED , FIELD_CUSTOM , 1, 0, "Longitude", NULL }, + { GPSTAG_ALTITUDEREF , 1, 1, TIFF_BYTE , 0, TIFF_SETGET_UINT8 , TIFF_SETGET_UNDEFINED , FIELD_CUSTOM , 1, 0, "AltitudeRef", NULL }, + { GPSTAG_ALTITUDE , 1, 1, TIFF_RATIONAL , 0, TIFF_SETGET_DOUBLE , TIFF_SETGET_UNDEFINED , FIELD_CUSTOM , 1, 0, "Altitude", NULL }, + { GPSTAG_TIMESTAMP , 3, 3, TIFF_RATIONAL , 0, TIFF_SETGET_C0_DOUBLE , TIFF_SETGET_UNDEFINED , FIELD_CUSTOM , 1, 0, "TimeStamp", NULL }, + { GPSTAG_SATELLITES , -1, -1, TIFF_ASCII , 0, TIFF_SETGET_ASCII , TIFF_SETGET_UNDEFINED , FIELD_CUSTOM , 1, 0, "Satellites", NULL }, + { GPSTAG_STATUS , 2, 2, TIFF_ASCII , 0, TIFF_SETGET_ASCII , TIFF_SETGET_UNDEFINED , FIELD_CUSTOM , 1, 0, "Status", NULL }, + { GPSTAG_MEASUREMODE , 2, 2, TIFF_ASCII , 0, TIFF_SETGET_ASCII , TIFF_SETGET_UNDEFINED , FIELD_CUSTOM , 1, 0, "MeasureMode", NULL }, + { GPSTAG_DOP , 1, 1, TIFF_RATIONAL , 0, TIFF_SETGET_DOUBLE , TIFF_SETGET_UNDEFINED , FIELD_CUSTOM , 1, 0, "DOP", NULL }, + { GPSTAG_SPEEDREF , 2, 2, TIFF_ASCII , 0, TIFF_SETGET_ASCII , TIFF_SETGET_UNDEFINED , FIELD_CUSTOM , 1, 0, "SpeedRef", NULL }, + { GPSTAG_SPEED , 1, 1, TIFF_RATIONAL , 0, TIFF_SETGET_DOUBLE , TIFF_SETGET_UNDEFINED , FIELD_CUSTOM , 1, 0, "Speed", NULL }, + { GPSTAG_TRACKREF , 2, 2, TIFF_ASCII , 0, TIFF_SETGET_ASCII , TIFF_SETGET_UNDEFINED , FIELD_CUSTOM , 1, 0, "TrackRef", NULL }, + { GPSTAG_TRACK , 1, 1, TIFF_RATIONAL , 0, TIFF_SETGET_DOUBLE , TIFF_SETGET_UNDEFINED , FIELD_CUSTOM , 1, 0, "Track", NULL }, + { GPSTAG_IMGDIRECTIONREF , 2, 2, TIFF_ASCII , 0, TIFF_SETGET_ASCII , TIFF_SETGET_UNDEFINED , FIELD_CUSTOM , 1, 0, "ImgDirectionRef", NULL }, + { GPSTAG_IMGDIRECTION , 1, 1, TIFF_RATIONAL , 0, TIFF_SETGET_DOUBLE , TIFF_SETGET_UNDEFINED , FIELD_CUSTOM , 1, 0, "ImgDirection", NULL }, + { GPSTAG_MAPDATUM , -1, -1, TIFF_ASCII , 0, TIFF_SETGET_ASCII , TIFF_SETGET_UNDEFINED , FIELD_CUSTOM , 1, 0, "MapDatum", NULL }, + { GPSTAG_DESTLATITUDEREF , 2, 2, TIFF_ASCII , 0, TIFF_SETGET_ASCII , TIFF_SETGET_UNDEFINED , FIELD_CUSTOM , 1, 0, "DestLatitudeRef", NULL }, + { GPSTAG_DESTLATITUDE , 3, 3, TIFF_RATIONAL , 0, TIFF_SETGET_C0_DOUBLE , TIFF_SETGET_UNDEFINED , FIELD_CUSTOM , 1, 0, "DestLatitude", NULL }, + { GPSTAG_DESTLONGITUDEREF , 2, 2, TIFF_ASCII , 0, TIFF_SETGET_ASCII , TIFF_SETGET_UNDEFINED , FIELD_CUSTOM , 1, 0, "DestLongitudeRef", NULL }, + { GPSTAG_DESTLONGITUDE , 3, 3, TIFF_RATIONAL , 0, TIFF_SETGET_C0_DOUBLE , TIFF_SETGET_UNDEFINED , FIELD_CUSTOM , 1, 0, "DestLongitude", NULL }, + { GPSTAG_DESTBEARINGREF , 2, 2, TIFF_ASCII , 0, TIFF_SETGET_ASCII , TIFF_SETGET_UNDEFINED , FIELD_CUSTOM , 1, 0, "DestBearingRef", NULL }, + { GPSTAG_DESTBEARING , 1, 1, TIFF_RATIONAL , 0, TIFF_SETGET_DOUBLE , TIFF_SETGET_UNDEFINED , FIELD_CUSTOM , 1, 0, "DestBearing", NULL }, + { GPSTAG_DESTDISTANCEREF , 2, 2, TIFF_ASCII , 0, TIFF_SETGET_ASCII , TIFF_SETGET_UNDEFINED , FIELD_CUSTOM , 1, 0, "DestDistanceRef", NULL }, + { GPSTAG_DESTDISTANCE , 1, 1, TIFF_RATIONAL , 0, TIFF_SETGET_DOUBLE , TIFF_SETGET_UNDEFINED , FIELD_CUSTOM , 1, 0, "DestDistance", NULL }, + { GPSTAG_PROCESSINGMETHOD , -1, -1, TIFF_UNDEFINED , 0, TIFF_SETGET_C16_UINT8 , TIFF_SETGET_UNDEFINED , FIELD_CUSTOM , 1, 1, "ProcessingMethod", NULL }, + { GPSTAG_AREAINFORMATION , -1, -1, TIFF_UNDEFINED , 0, TIFF_SETGET_C16_UINT8 , TIFF_SETGET_UNDEFINED , FIELD_CUSTOM , 1, 1, "AreaInformation", NULL }, + { GPSTAG_DATESTAMP , 11, 11, TIFF_ASCII , 0, TIFF_SETGET_ASCII , TIFF_SETGET_UNDEFINED , FIELD_CUSTOM , 1, 0, "DateStamp", NULL }, + { GPSTAG_DIFFERENTIAL , 1, 1, TIFF_SHORT , 0, TIFF_SETGET_UINT16 , TIFF_SETGET_UNDEFINED , FIELD_CUSTOM , 1, 0, "Differential", NULL }, + { GPSTAG_GPSHPOSITIONINGERROR , 1, 1, TIFF_RATIONAL , 0, TIFF_SETGET_DOUBLE , TIFF_SETGET_UNDEFINED , FIELD_CUSTOM , 1, 0, "HorizontalPositioningError", NULL } }; static const TIFFFieldArray tiffFieldArray = { tfiatImage, 0, TIFFArrayCount(tiffFields), (TIFFField*) tiffFields }; static const TIFFFieldArray exifFieldArray = { tfiatExif, 0, TIFFArrayCount(exifFields), (TIFFField*) exifFields }; +static const TIFFFieldArray +gpsFieldArray = { tfiatGps, 0, TIFFArrayCount(gpsFields), (TIFFField*) gpsFields }; /* * We have our own local lfind() equivalent to avoid subtle differences @@ -313,6 +405,12 @@ _TIFFGetExifFields(void) return(&exifFieldArray); } +const TIFFFieldArray* +_TIFFGetGpsFields(void) +{ + return(&gpsFieldArray); +} + void _TIFFSetupFields(TIFF* tif, const TIFFFieldArray* fieldarray) { @@ -502,6 +600,82 @@ _TIFFDataSize(TIFFDataType type) } } +/* + * Rational2Double: + * Return size of TIFFSetGetFieldType in bytes. + * + * XXX: TIFF_RATIONAL values for FIELD_CUSTOM are stored internally as 4-byte float. + * However, some of them should be stored internally as 8-byte double. + * This is now managed by the SetGetField of the tag-definition! + */ +int +_TIFFSetGetFieldSize(TIFFSetGetFieldType setgettype) +{ + switch (setgettype) + { + case TIFF_SETGET_UNDEFINED: + case TIFF_SETGET_ASCII: + case TIFF_SETGET_C0_ASCII: + case TIFF_SETGET_C16_ASCII: + case TIFF_SETGET_C32_ASCII: + case TIFF_SETGET_OTHER: + return 0; + case TIFF_SETGET_UINT8: + case TIFF_SETGET_SINT8: + case TIFF_SETGET_C0_UINT8: + case TIFF_SETGET_C0_SINT8: + case TIFF_SETGET_C16_UINT8: + case TIFF_SETGET_C16_SINT8: + case TIFF_SETGET_C32_UINT8: + case TIFF_SETGET_C32_SINT8: + return 1; + case TIFF_SETGET_UINT16: + case TIFF_SETGET_SINT16: + case TIFF_SETGET_C0_UINT16: + case TIFF_SETGET_C0_SINT16: + case TIFF_SETGET_C16_UINT16: + case TIFF_SETGET_C16_SINT16: + case TIFF_SETGET_C32_UINT16: + case TIFF_SETGET_C32_SINT16: + return 2; + case TIFF_SETGET_INT: + case TIFF_SETGET_UINT32: + case TIFF_SETGET_SINT32: + case TIFF_SETGET_FLOAT: + case TIFF_SETGET_UINT16_PAIR: + case TIFF_SETGET_C0_UINT32: + case TIFF_SETGET_C0_SINT32: + case TIFF_SETGET_C0_FLOAT: + case TIFF_SETGET_C16_UINT32: + case TIFF_SETGET_C16_SINT32: + case TIFF_SETGET_C16_FLOAT: + case TIFF_SETGET_C32_UINT32: + case TIFF_SETGET_C32_SINT32: + case TIFF_SETGET_C32_FLOAT: + return 4; + case TIFF_SETGET_UINT64: + case TIFF_SETGET_SINT64: + case TIFF_SETGET_DOUBLE: + case TIFF_SETGET_IFD8: + case TIFF_SETGET_C0_UINT64: + case TIFF_SETGET_C0_SINT64: + case TIFF_SETGET_C0_DOUBLE: + case TIFF_SETGET_C0_IFD8: + case TIFF_SETGET_C16_UINT64: + case TIFF_SETGET_C16_SINT64: + case TIFF_SETGET_C16_DOUBLE: + case TIFF_SETGET_C16_IFD8: + case TIFF_SETGET_C32_UINT64: + case TIFF_SETGET_C32_SINT64: + case TIFF_SETGET_C32_DOUBLE: + case TIFF_SETGET_C32_IFD8: + return 8; + default: + return 0; + } +} /*-- _TIFFSetGetFieldSize --- */ + + const TIFFField* TIFFFindField(TIFF* tif, uint32 tag, TIFFDataType dt) { @@ -1062,10 +1236,6 @@ _TIFFCheckFieldIsValidForCodec(TIFF *tif, ttag_t tag) if (tag == TIFFTAG_LERC_PARAMETERS) return 1; break; - case COMPRESSION_WEBP: - if (tag == TIFFTAG_PREDICTOR) - return 1; - break; } return 0; } diff --git a/3rdparty/libtiff/tif_dirread.c b/3rdparty/libtiff/tif_dirread.c index 1fdcb0997a..ba127ca917 100644 --- a/3rdparty/libtiff/tif_dirread.c +++ b/3rdparty/libtiff/tif_dirread.c @@ -29,9 +29,6 @@ */ /* Suggested pending improvements: - * - add a field 'ignore' to the TIFFDirEntry structure, to flag status, - * eliminating current use of the IGNORE value, and therefore eliminating - * current irrational behaviour on tags with tag id code 0 * - add a field 'field_info' to the TIFFDirEntry structure, and set that with * the pointer to the appropriate TIFFField structure early on in * TIFFReadDirectory, so as to eliminate current possibly repetitive lookup. @@ -41,9 +38,13 @@ #include #include -#define IGNORE 0 /* tag placeholder used below */ #define FAILED_FII ((uint32) -1) +/* + * Largest 64-bit signed integer value. + */ +#define TIFF_INT64_MAX ((int64)(TIFF_UINT64_MAX >> 1)) + #ifdef HAVE_IEEEFP # define TIFFCvtIEEEFloatToNative(tif, n, fp) # define TIFFCvtIEEEDoubleToNative(tif, n, dp) @@ -206,6 +207,7 @@ static enum TIFFReadDirEntryErr TIFFReadDirEntryByte(TIFF* tif, TIFFDirEntry* di switch (direntry->tdir_type) { case TIFF_BYTE: + case TIFF_UNDEFINED: /* Support to read TIFF_UNDEFINED with field_readcount==1 */ TIFFReadDirEntryCheckedByte(tif,direntry,value); return(TIFFReadDirEntryErrOk); case TIFF_SBYTE: @@ -637,7 +639,7 @@ static enum TIFFReadDirEntryErr TIFFReadDirEntryFloat(TIFF* tif, TIFFDirEntry* d err=TIFFReadDirEntryCheckedDouble(tif,direntry,&m); if (err!=TIFFReadDirEntryErrOk) return(err); - if ((m > FLT_MAX) || (m < FLT_MIN)) + if ((m > FLT_MAX) || (m < -FLT_MAX)) return(TIFFReadDirEntryErrRange); *value=(float)m; return(TIFFReadDirEntryErrOk); @@ -836,6 +838,7 @@ static enum TIFFReadDirEntryErr TIFFReadDirEntryArrayWithLimit( uint32 datasize; void* data; uint64 target_count64; + int original_datasize_clamped; typesize=TIFFDataWidth(direntry->tdir_type); target_count64 = (direntry->tdir_count > maxcount) ? @@ -848,6 +851,12 @@ static enum TIFFReadDirEntryErr TIFFReadDirEntryArrayWithLimit( } (void) desttypesize; + /* We just want to know if the original tag size is more than 4 bytes + * (classic TIFF) or 8 bytes (BigTIFF) + */ + original_datasize_clamped = + ((direntry->tdir_count > 10) ? 10 : (int)direntry->tdir_count) * typesize; + /* * As a sanity check, make sure we have no more than a 2GB tag array * in either the current data type or the dest data type. This also @@ -862,7 +871,7 @@ static enum TIFFReadDirEntryErr TIFFReadDirEntryArrayWithLimit( datasize=(*count)*typesize; assert((tmsize_t)datasize>0); - if( isMapped(tif) && datasize > (uint32)tif->tif_size ) + if( isMapped(tif) && datasize > (uint64)tif->tif_size ) return TIFFReadDirEntryErrIo; if( !isMapped(tif) && @@ -879,7 +888,7 @@ static enum TIFFReadDirEntryErr TIFFReadDirEntryArrayWithLimit( } if (!(tif->tif_flags&TIFF_BIGTIFF)) { - if (datasize<=4) + if (original_datasize_clamped<=4) _TIFFmemcpy(data,&direntry->tdir_offset,datasize); else { @@ -900,7 +909,7 @@ static enum TIFFReadDirEntryErr TIFFReadDirEntryArrayWithLimit( } else { - if (datasize<=8) + if (original_datasize_clamped<=8) _TIFFmemcpy(data,&direntry->tdir_offset,datasize); else { @@ -3288,11 +3297,6 @@ static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeLongSlong(int32 value) return(TIFFReadDirEntryErrOk); } -/* - * Largest 32-bit unsigned integer value. - */ -#define TIFF_UINT32_MAX 0xFFFFFFFFU - static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeLongLong8(uint64 value) { @@ -3311,8 +3315,6 @@ TIFFReadDirEntryCheckRangeLongSlong8(int64 value) return(TIFFReadDirEntryErrOk); } -#undef TIFF_UINT32_MAX - static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeSlongLong(uint32 value) { @@ -3378,11 +3380,6 @@ TIFFReadDirEntryCheckRangeLong8Slong8(int64 value) return(TIFFReadDirEntryErrOk); } -/* - * Largest 64-bit signed integer value. - */ -#define TIFF_INT64_MAX ((int64)(((uint64) ~0) >> 1)) - static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeSlong8Long8(uint64 value) { @@ -3392,8 +3389,6 @@ TIFFReadDirEntryCheckRangeSlong8Long8(uint64 value) return(TIFFReadDirEntryErrOk); } -#undef TIFF_INT64_MAX - static enum TIFFReadDirEntryErr TIFFReadDirEntryData(TIFF* tif, uint64 offset, tmsize_t size, void* dest) { @@ -3406,13 +3401,13 @@ TIFFReadDirEntryData(TIFF* tif, uint64 offset, tmsize_t size, void* dest) } else { size_t ma,mb; ma=(size_t)offset; + if( (uint64)ma!=offset || + ma > (~(size_t)0) - (size_t)size ) + { + return TIFFReadDirEntryErrIo; + } mb=ma+size; - if (((uint64)ma!=offset) - || (mb < ma) - || (mb - ma != (size_t) size) - || (mb < (size_t)size) - || (mb > (size_t)tif->tif_size) - ) + if (mb > (uint64)tif->tif_size) return(TIFFReadDirEntryErrIo); _TIFFmemcpy(dest,tif->tif_base+ma,size); } @@ -3535,6 +3530,49 @@ static int _TIFFGetMaxColorChannels( uint16 photometric ) } } +static int ByteCountLooksBad(TIFF* tif) +{ + /* + * Assume we have wrong StripByteCount value (in case + * of single strip) in following cases: + * - it is equal to zero along with StripOffset; + * - it is larger than file itself (in case of uncompressed + * image); + * - it is smaller than the size of the bytes per row + * multiplied on the number of rows. The last case should + * not be checked in the case of writing new image, + * because we may do not know the exact strip size + * until the whole image will be written and directory + * dumped out. + */ + uint64 bytecount = TIFFGetStrileByteCount(tif, 0); + uint64 offset = TIFFGetStrileOffset(tif, 0); + uint64 filesize; + + if( offset == 0 ) + return 0; + if (bytecount == 0) + return 1; + if ( tif->tif_dir.td_compression != COMPRESSION_NONE ) + return 0; + filesize = TIFFGetFileSize(tif); + if( offset <= filesize && bytecount > filesize - offset ) + return 1; + if( tif->tif_mode == O_RDONLY ) + { + uint64 scanlinesize = TIFFScanlineSize64(tif); + if( tif->tif_dir.td_imagelength > 0 && + scanlinesize > TIFF_UINT64_MAX / tif->tif_dir.td_imagelength ) + { + return 1; + } + if( bytecount < scanlinesize * tif->tif_dir.td_imagelength) + return 1; + } + return 0; +} + + /* * Read the next TIFF directory from a file and convert it to the internal * format. We read directories sequentially. @@ -3581,14 +3619,17 @@ TIFFReadDirectory(TIFF* tif) uint16 nb; for (na=ma+1, nb=mb+1; nbtdir_tag==na->tdir_tag) - na->tdir_tag=IGNORE; + if (ma->tdir_tag == na->tdir_tag) { + na->tdir_ignore = TRUE; + } } } } tif->tif_flags &= ~TIFF_BEENWRITING; /* reset before new dir */ tif->tif_flags &= ~TIFF_BUF4WRITE; /* reset before new dir */ + tif->tif_flags &= ~TIFF_CHOPPEDUPARRAYS; + /* free any old stuff and reinit */ TIFFFreeDirectory(tif); TIFFDefaultDirectory(tif); @@ -3621,7 +3662,7 @@ TIFFReadDirectory(TIFF* tif) { if (!TIFFFetchNormalTag(tif,dp,0)) goto bad; - dp->tdir_tag=IGNORE; + dp->tdir_ignore = TRUE; } dp=TIFFReadDirectoryFindEntry(tif,dir,dircount,TIFFTAG_COMPRESSION); if (dp) @@ -3644,7 +3685,7 @@ TIFFReadDirectory(TIFF* tif) } if (!TIFFSetField(tif,TIFFTAG_COMPRESSION,value)) goto bad; - dp->tdir_tag=IGNORE; + dp->tdir_ignore = TRUE; } else { @@ -3656,7 +3697,7 @@ TIFFReadDirectory(TIFF* tif) */ for (di=0, dp=dir; ditdir_tag!=IGNORE) + if (!dp->tdir_ignore) { TIFFReadDirectoryFindFieldInfo(tif,dp->tdir_tag,&fii); if (fii == FAILED_FII) @@ -3664,8 +3705,8 @@ TIFFReadDirectory(TIFF* tif) TIFFWarningExt(tif->tif_clientdata, module, "Unknown field with tag %d (0x%x) encountered", dp->tdir_tag,dp->tdir_tag); - /* the following knowingly leaks the - anonymous field structure */ + /* the following knowingly leaks the + anonymous field structure */ if (!_TIFFMergeFields(tif, _TIFFCreateAnonField(tif, dp->tdir_tag, @@ -3676,18 +3717,18 @@ TIFFReadDirectory(TIFF* tif) "Registering anonymous field with tag %d (0x%x) failed", dp->tdir_tag, dp->tdir_tag); - dp->tdir_tag=IGNORE; + dp->tdir_ignore = TRUE; } else { TIFFReadDirectoryFindFieldInfo(tif,dp->tdir_tag,&fii); assert(fii != FAILED_FII); } } } - if (dp->tdir_tag!=IGNORE) + if (!dp->tdir_ignore) { fip=tif->tif_fields[fii]; if (fip->field_bit==FIELD_IGNORE) - dp->tdir_tag=IGNORE; + dp->tdir_ignore = TRUE; else { switch (dp->tdir_tag) @@ -3709,12 +3750,12 @@ TIFFReadDirectory(TIFF* tif) case TIFFTAG_EXTRASAMPLES: if (!TIFFFetchNormalTag(tif,dp,0)) goto bad; - dp->tdir_tag=IGNORE; + dp->tdir_ignore = TRUE; + break; + default: + if( !_TIFFCheckFieldIsValidForCodec(tif, dp->tdir_tag) ) + dp->tdir_ignore = TRUE; break; - default: - if( !_TIFFCheckFieldIsValidForCodec(tif, dp->tdir_tag) ) - dp->tdir_tag=IGNORE; - break; } } } @@ -3730,8 +3771,8 @@ TIFFReadDirectory(TIFF* tif) if ((tif->tif_dir.td_compression==COMPRESSION_OJPEG)&& (tif->tif_dir.td_planarconfig==PLANARCONFIG_SEPARATE)) { - if (!_TIFFFillStriles(tif)) - goto bad; + if (!_TIFFFillStriles(tif)) + goto bad; dp=TIFFReadDirectoryFindEntry(tif,dir,dircount,TIFFTAG_STRIPOFFSETS); if ((dp!=0)&&(dp->tdir_count==1)) { @@ -3803,190 +3844,240 @@ TIFFReadDirectory(TIFF* tif) */ for (di=0, dp=dir; ditdir_tag) - { - case IGNORE: - break; - case TIFFTAG_MINSAMPLEVALUE: - case TIFFTAG_MAXSAMPLEVALUE: - case TIFFTAG_BITSPERSAMPLE: - case TIFFTAG_DATATYPE: - case TIFFTAG_SAMPLEFORMAT: - /* - * The MinSampleValue, MaxSampleValue, BitsPerSample - * DataType and SampleFormat tags are supposed to be - * written as one value/sample, but some vendors - * incorrectly write one value only -- so we accept - * that as well (yuck). Other vendors write correct - * value for NumberOfSamples, but incorrect one for - * BitsPerSample and friends, and we will read this - * too. - */ - { - uint16 value; - enum TIFFReadDirEntryErr err; - err=TIFFReadDirEntryShort(tif,dp,&value); - if (err==TIFFReadDirEntryErrCount) - err=TIFFReadDirEntryPersampleShort(tif,dp,&value); - if (err!=TIFFReadDirEntryErrOk) + if (!dp->tdir_ignore) { + switch (dp->tdir_tag) + { + case TIFFTAG_MINSAMPLEVALUE: + case TIFFTAG_MAXSAMPLEVALUE: + case TIFFTAG_BITSPERSAMPLE: + case TIFFTAG_DATATYPE: + case TIFFTAG_SAMPLEFORMAT: + /* + * The MinSampleValue, MaxSampleValue, BitsPerSample + * DataType and SampleFormat tags are supposed to be + * written as one value/sample, but some vendors + * incorrectly write one value only -- so we accept + * that as well (yuck). Other vendors write correct + * value for NumberOfSamples, but incorrect one for + * BitsPerSample and friends, and we will read this + * too. + */ { - fip = TIFFFieldWithTag(tif,dp->tdir_tag); - TIFFReadDirEntryOutputErr(tif,err,module,fip ? fip->field_name : "unknown tagname",0); - goto bad; - } - if (!TIFFSetField(tif,dp->tdir_tag,value)) - goto bad; - if( dp->tdir_tag == TIFFTAG_BITSPERSAMPLE ) - bitspersample_read = TRUE; - } - break; - case TIFFTAG_SMINSAMPLEVALUE: - case TIFFTAG_SMAXSAMPLEVALUE: - { - - double *data = NULL; - enum TIFFReadDirEntryErr err; - uint32 saved_flags; - int m; - if (dp->tdir_count != (uint64)tif->tif_dir.td_samplesperpixel) - err = TIFFReadDirEntryErrCount; - else - err = TIFFReadDirEntryDoubleArray(tif, dp, &data); - if (err!=TIFFReadDirEntryErrOk) - { - fip = TIFFFieldWithTag(tif,dp->tdir_tag); - TIFFReadDirEntryOutputErr(tif,err,module,fip ? fip->field_name : "unknown tagname",0); - goto bad; - } - saved_flags = tif->tif_flags; - tif->tif_flags |= TIFF_PERSAMPLE; - m = TIFFSetField(tif,dp->tdir_tag,data); - tif->tif_flags = saved_flags; - _TIFFfree(data); - if (!m) - goto bad; - } - break; - case TIFFTAG_STRIPOFFSETS: - case TIFFTAG_TILEOFFSETS: -#if defined(DEFER_STRILE_LOAD) - _TIFFmemcpy( &(tif->tif_dir.td_stripoffset_entry), - dp, sizeof(TIFFDirEntry) ); -#else - if( tif->tif_dir.td_stripoffset != NULL ) - { - TIFFErrorExt(tif->tif_clientdata, module, - "tif->tif_dir.td_stripoffset is " - "already allocated. Likely duplicated " - "StripOffsets/TileOffsets tag"); - goto bad; - } - if (!TIFFFetchStripThing(tif,dp,tif->tif_dir.td_nstrips,&tif->tif_dir.td_stripoffset)) - goto bad; -#endif - break; - case TIFFTAG_STRIPBYTECOUNTS: - case TIFFTAG_TILEBYTECOUNTS: -#if defined(DEFER_STRILE_LOAD) - _TIFFmemcpy( &(tif->tif_dir.td_stripbytecount_entry), - dp, sizeof(TIFFDirEntry) ); -#else - if( tif->tif_dir.td_stripbytecount != NULL ) - { - TIFFErrorExt(tif->tif_clientdata, module, - "tif->tif_dir.td_stripbytecount is " - "already allocated. Likely duplicated " - "StripByteCounts/TileByteCounts tag"); - goto bad; - } - if (!TIFFFetchStripThing(tif,dp,tif->tif_dir.td_nstrips,&tif->tif_dir.td_stripbytecount)) - goto bad; -#endif - break; - case TIFFTAG_COLORMAP: - case TIFFTAG_TRANSFERFUNCTION: - { - enum TIFFReadDirEntryErr err; - uint32 countpersample; - uint32 countrequired; - uint32 incrementpersample; - uint16* value=NULL; - /* It would be dangerous to instantiate those tag values */ - /* since if td_bitspersample has not yet been read (due to */ - /* unordered tags), it could be read afterwards with a */ - /* values greater than the default one (1), which may cause */ - /* crashes in user code */ - if( !bitspersample_read ) - { - fip = TIFFFieldWithTag(tif,dp->tdir_tag); - TIFFWarningExt(tif->tif_clientdata,module, - "Ignoring %s since BitsPerSample tag not found", - fip ? fip->field_name : "unknown tagname"); - continue; - } - /* ColorMap or TransferFunction for high bit */ - /* depths do not make much sense and could be */ - /* used as a denial of service vector */ - if (tif->tif_dir.td_bitspersample > 24) - { - fip = TIFFFieldWithTag(tif,dp->tdir_tag); - TIFFWarningExt(tif->tif_clientdata,module, - "Ignoring %s because BitsPerSample=%d>24", - fip ? fip->field_name : "unknown tagname", - tif->tif_dir.td_bitspersample); - continue; - } - countpersample=(1U<tif_dir.td_bitspersample); - if ((dp->tdir_tag==TIFFTAG_TRANSFERFUNCTION)&&(dp->tdir_count==(uint64)countpersample)) - { - countrequired=countpersample; - incrementpersample=0; - } - else - { - countrequired=3*countpersample; - incrementpersample=countpersample; - } - if (dp->tdir_count!=(uint64)countrequired) - err=TIFFReadDirEntryErrCount; - else - err=TIFFReadDirEntryShortArray(tif,dp,&value); - if (err!=TIFFReadDirEntryErrOk) - { - fip = TIFFFieldWithTag(tif,dp->tdir_tag); - TIFFReadDirEntryOutputErr(tif,err,module,fip ? fip->field_name : "unknown tagname",1); - } - else - { - TIFFSetField(tif,dp->tdir_tag,value,value+incrementpersample,value+2*incrementpersample); - _TIFFfree(value); - } - } - break; -/* BEGIN REV 4.0 COMPATIBILITY */ - case TIFFTAG_OSUBFILETYPE: - { - uint16 valueo; - uint32 value; - if (TIFFReadDirEntryShort(tif,dp,&valueo)==TIFFReadDirEntryErrOk) - { - switch (valueo) + uint16 value; + enum TIFFReadDirEntryErr err; + err=TIFFReadDirEntryShort(tif,dp,&value); + if (err==TIFFReadDirEntryErrCount) + err=TIFFReadDirEntryPersampleShort(tif,dp,&value); + if (err!=TIFFReadDirEntryErrOk) { - case OFILETYPE_REDUCEDIMAGE: value=FILETYPE_REDUCEDIMAGE; break; - case OFILETYPE_PAGE: value=FILETYPE_PAGE; break; - default: value=0; break; + fip = TIFFFieldWithTag(tif,dp->tdir_tag); + TIFFReadDirEntryOutputErr(tif,err,module,fip ? fip->field_name : "unknown tagname",0); + goto bad; } - if (value!=0) - TIFFSetField(tif,TIFFTAG_SUBFILETYPE,value); + if (!TIFFSetField(tif,dp->tdir_tag,value)) + goto bad; + if( dp->tdir_tag == TIFFTAG_BITSPERSAMPLE ) + bitspersample_read = TRUE; } - } - break; + break; + case TIFFTAG_SMINSAMPLEVALUE: + case TIFFTAG_SMAXSAMPLEVALUE: + { + + double *data = NULL; + enum TIFFReadDirEntryErr err; + uint32 saved_flags; + int m; + if (dp->tdir_count != (uint64)tif->tif_dir.td_samplesperpixel) + err = TIFFReadDirEntryErrCount; + else + err = TIFFReadDirEntryDoubleArray(tif, dp, &data); + if (err!=TIFFReadDirEntryErrOk) + { + fip = TIFFFieldWithTag(tif,dp->tdir_tag); + TIFFReadDirEntryOutputErr(tif,err,module,fip ? fip->field_name : "unknown tagname",0); + goto bad; + } + saved_flags = tif->tif_flags; + tif->tif_flags |= TIFF_PERSAMPLE; + m = TIFFSetField(tif,dp->tdir_tag,data); + tif->tif_flags = saved_flags; + _TIFFfree(data); + if (!m) + goto bad; + } + break; + case TIFFTAG_STRIPOFFSETS: + case TIFFTAG_TILEOFFSETS: + switch( dp->tdir_type ) + { + case TIFF_SHORT: + case TIFF_LONG: + case TIFF_LONG8: + break; + default: + /* Warn except if directory typically created with TIFFDeferStrileArrayWriting() */ + if( !(tif->tif_mode == O_RDWR && + dp->tdir_count == 0 && + dp->tdir_type == 0 && + dp->tdir_offset.toff_long8 == 0) ) + { + fip = TIFFFieldWithTag(tif,dp->tdir_tag); + TIFFWarningExt(tif->tif_clientdata,module, + "Invalid data type for tag %s", + fip ? fip->field_name : "unknown tagname"); + } + break; + } + _TIFFmemcpy( &(tif->tif_dir.td_stripoffset_entry), + dp, sizeof(TIFFDirEntry) ); + break; + case TIFFTAG_STRIPBYTECOUNTS: + case TIFFTAG_TILEBYTECOUNTS: + switch( dp->tdir_type ) + { + case TIFF_SHORT: + case TIFF_LONG: + case TIFF_LONG8: + break; + default: + /* Warn except if directory typically created with TIFFDeferStrileArrayWriting() */ + if( !(tif->tif_mode == O_RDWR && + dp->tdir_count == 0 && + dp->tdir_type == 0 && + dp->tdir_offset.toff_long8 == 0) ) + { + fip = TIFFFieldWithTag(tif,dp->tdir_tag); + TIFFWarningExt(tif->tif_clientdata,module, + "Invalid data type for tag %s", + fip ? fip->field_name : "unknown tagname"); + } + break; + } + _TIFFmemcpy( &(tif->tif_dir.td_stripbytecount_entry), + dp, sizeof(TIFFDirEntry) ); + break; + case TIFFTAG_COLORMAP: + case TIFFTAG_TRANSFERFUNCTION: + { + enum TIFFReadDirEntryErr err; + uint32 countpersample; + uint32 countrequired; + uint32 incrementpersample; + uint16* value=NULL; + /* It would be dangerous to instantiate those tag values */ + /* since if td_bitspersample has not yet been read (due to */ + /* unordered tags), it could be read afterwards with a */ + /* values greater than the default one (1), which may cause */ + /* crashes in user code */ + if( !bitspersample_read ) + { + fip = TIFFFieldWithTag(tif,dp->tdir_tag); + TIFFWarningExt(tif->tif_clientdata,module, + "Ignoring %s since BitsPerSample tag not found", + fip ? fip->field_name : "unknown tagname"); + continue; + } + /* ColorMap or TransferFunction for high bit */ + /* depths do not make much sense and could be */ + /* used as a denial of service vector */ + if (tif->tif_dir.td_bitspersample > 24) + { + fip = TIFFFieldWithTag(tif,dp->tdir_tag); + TIFFWarningExt(tif->tif_clientdata,module, + "Ignoring %s because BitsPerSample=%d>24", + fip ? fip->field_name : "unknown tagname", + tif->tif_dir.td_bitspersample); + continue; + } + countpersample=(1U<tif_dir.td_bitspersample); + if ((dp->tdir_tag==TIFFTAG_TRANSFERFUNCTION)&&(dp->tdir_count==(uint64)countpersample)) + { + countrequired=countpersample; + incrementpersample=0; + } + else + { + countrequired=3*countpersample; + incrementpersample=countpersample; + } + if (dp->tdir_count!=(uint64)countrequired) + err=TIFFReadDirEntryErrCount; + else + err=TIFFReadDirEntryShortArray(tif,dp,&value); + if (err!=TIFFReadDirEntryErrOk) + { + fip = TIFFFieldWithTag(tif,dp->tdir_tag); + TIFFReadDirEntryOutputErr(tif,err,module,fip ? fip->field_name : "unknown tagname",1); + } + else + { + TIFFSetField(tif,dp->tdir_tag,value,value+incrementpersample,value+2*incrementpersample); + _TIFFfree(value); + } + } + break; +/* BEGIN REV 4.0 COMPATIBILITY */ + case TIFFTAG_OSUBFILETYPE: + { + uint16 valueo; + uint32 value; + if (TIFFReadDirEntryShort(tif,dp,&valueo)==TIFFReadDirEntryErrOk) + { + switch (valueo) + { + case OFILETYPE_REDUCEDIMAGE: value=FILETYPE_REDUCEDIMAGE; break; + case OFILETYPE_PAGE: value=FILETYPE_PAGE; break; + default: value=0; break; + } + if (value!=0) + TIFFSetField(tif,TIFFTAG_SUBFILETYPE,value); + } + } + break; /* END REV 4.0 COMPATIBILITY */ - default: - (void) TIFFFetchNormalTag(tif, dp, TRUE); - break; - } - } + default: + (void) TIFFFetchNormalTag(tif, dp, TRUE); + break; + } + } /* -- if (!dp->tdir_ignore) */ + } /* -- for-loop -- */ + + if( tif->tif_mode == O_RDWR && + tif->tif_dir.td_stripoffset_entry.tdir_tag != 0 && + tif->tif_dir.td_stripoffset_entry.tdir_count == 0 && + tif->tif_dir.td_stripoffset_entry.tdir_type == 0 && + tif->tif_dir.td_stripoffset_entry.tdir_offset.toff_long8 == 0 && + tif->tif_dir.td_stripbytecount_entry.tdir_tag != 0 && + tif->tif_dir.td_stripbytecount_entry.tdir_count == 0 && + tif->tif_dir.td_stripbytecount_entry.tdir_type == 0 && + tif->tif_dir.td_stripbytecount_entry.tdir_offset.toff_long8 == 0 ) + { + /* Directory typically created with TIFFDeferStrileArrayWriting() */ + TIFFSetupStrips(tif); + } + else if( !(tif->tif_flags&TIFF_DEFERSTRILELOAD) ) + { + if( tif->tif_dir.td_stripoffset_entry.tdir_tag != 0 ) + { + if (!TIFFFetchStripThing(tif,&(tif->tif_dir.td_stripoffset_entry), + tif->tif_dir.td_nstrips, + &tif->tif_dir.td_stripoffset_p)) + { + goto bad; + } + } + if( tif->tif_dir.td_stripbytecount_entry.tdir_tag != 0 ) + { + if (!TIFFFetchStripThing(tif,&(tif->tif_dir.td_stripbytecount_entry), + tif->tif_dir.td_nstrips, + &tif->tif_dir.td_stripbytecount_p)) + { + goto bad; + } + } + } + /* * OJPEG hack: * - If a) compression is OJPEG, and b) photometric tag is missing, @@ -4129,33 +4220,10 @@ TIFFReadDirectory(TIFF* tif) "\"StripByteCounts\" field, calculating from imagelength"); if (EstimateStripByteCounts(tif, dir, dircount) < 0) goto bad; - /* - * Assume we have wrong StripByteCount value (in case - * of single strip) in following cases: - * - it is equal to zero along with StripOffset; - * - it is larger than file itself (in case of uncompressed - * image); - * - it is smaller than the size of the bytes per row - * multiplied on the number of rows. The last case should - * not be checked in the case of writing new image, - * because we may do not know the exact strip size - * until the whole image will be written and directory - * dumped out. - */ - #define BYTECOUNTLOOKSBAD \ - ( (tif->tif_dir.td_stripbytecount[0] == 0 && tif->tif_dir.td_stripoffset[0] != 0) || \ - (tif->tif_dir.td_compression == COMPRESSION_NONE && \ - (tif->tif_dir.td_stripoffset[0] <= TIFFGetFileSize(tif) && \ - tif->tif_dir.td_stripbytecount[0] > TIFFGetFileSize(tif) - tif->tif_dir.td_stripoffset[0])) || \ - (tif->tif_mode == O_RDONLY && \ - tif->tif_dir.td_compression == COMPRESSION_NONE && \ - tif->tif_dir.td_stripbytecount[0] < TIFFScanlineSize64(tif) * tif->tif_dir.td_imagelength) ) } else if (tif->tif_dir.td_nstrips == 1 && !(tif->tif_flags&TIFF_ISTILED) - && _TIFFFillStriles(tif) - && tif->tif_dir.td_stripoffset[0] != 0 - && BYTECOUNTLOOKSBAD) { + && ByteCountLooksBad(tif)) { /* * XXX: Plexus (and others) sometimes give a value of * zero for a tag when they don't know what the @@ -4167,13 +4235,13 @@ TIFFReadDirectory(TIFF* tif) if(EstimateStripByteCounts(tif, dir, dircount) < 0) goto bad; -#if !defined(DEFER_STRILE_LOAD) - } else if (tif->tif_dir.td_planarconfig == PLANARCONFIG_CONTIG + } else if (!(tif->tif_flags&TIFF_DEFERSTRILELOAD) + && tif->tif_dir.td_planarconfig == PLANARCONFIG_CONTIG && tif->tif_dir.td_nstrips > 2 && tif->tif_dir.td_compression == COMPRESSION_NONE - && tif->tif_dir.td_stripbytecount[0] != tif->tif_dir.td_stripbytecount[1] - && tif->tif_dir.td_stripbytecount[0] != 0 - && tif->tif_dir.td_stripbytecount[1] != 0 ) { + && TIFFGetStrileByteCount(tif, 0) != TIFFGetStrileByteCount(tif, 1) + && TIFFGetStrileByteCount(tif, 0) != 0 + && TIFFGetStrileByteCount(tif, 1) != 0 ) { /* * XXX: Some vendors fill StripByteCount array with * absolutely wrong values (it can be equal to @@ -4188,7 +4256,6 @@ TIFFReadDirectory(TIFF* tif) "Wrong \"StripByteCounts\" field, ignoring and calculating from imagelength"); if (EstimateStripByteCounts(tif, dir, dircount) < 0) goto bad; -#endif /* !defined(DEFER_STRILE_LOAD) */ } } if (dir) @@ -4203,26 +4270,27 @@ TIFFReadDirectory(TIFF* tif) else tif->tif_dir.td_maxsamplevalue = (uint16)((1L<tif_dir.td_bitspersample)-1); } + +#ifdef STRIPBYTECOUNTSORTED_UNUSED /* * XXX: We can optimize checking for the strip bounds using the sorted * bytecounts array. See also comments for TIFFAppendToStrip() * function in tif_write.c. */ -#if !defined(DEFER_STRILE_LOAD) - if (tif->tif_dir.td_nstrips > 1) { + if (!(tif->tif_flags&TIFF_DEFERSTRILELOAD) && tif->tif_dir.td_nstrips > 1) { uint32 strip; tif->tif_dir.td_stripbytecountsorted = 1; for (strip = 1; strip < tif->tif_dir.td_nstrips; strip++) { - if (tif->tif_dir.td_stripoffset[strip - 1] > - tif->tif_dir.td_stripoffset[strip]) { + if (TIFFGetStrileOffset(tif, strip - 1) > + TIFFGetStrileOffset(tif, strip)) { tif->tif_dir.td_stripbytecountsorted = 0; break; } } } -#endif /* !defined(DEFER_STRILE_LOAD) */ - +#endif + /* * An opportunity for compression mode dependent tag fixup */ @@ -4241,13 +4309,11 @@ TIFFReadDirectory(TIFF* tif) (tif->tif_dir.td_nstrips==1)&& (tif->tif_dir.td_compression==COMPRESSION_NONE)&& ((tif->tif_flags&(TIFF_STRIPCHOP|TIFF_ISTILED))==TIFF_STRIPCHOP)) - { - if ( !_TIFFFillStriles(tif) || !tif->tif_dir.td_stripbytecount ) - return 0; - ChopUpSingleUncompressedStrip(tif); - } + { + ChopUpSingleUncompressedStrip(tif); + } - /* There are also uncompressed stripped files with strips larger than */ + /* There are also uncompressed striped files with strips larger than */ /* 2 GB, which make them unfriendly with a lot of code. If possible, */ /* try to expose smaller "virtual" strips. */ if( tif->tif_dir.td_planarconfig == PLANARCONFIG_CONTIG && @@ -4255,8 +4321,6 @@ TIFFReadDirectory(TIFF* tif) (tif->tif_flags&(TIFF_STRIPCHOP|TIFF_ISTILED)) == TIFF_STRIPCHOP && TIFFStripSize64(tif) > 0x7FFFFFFFUL ) { - if ( !_TIFFFillStriles(tif) || !tif->tif_dir.td_stripbytecount ) - return 0; TryChopUpUncompressedBigTiff(tif); } @@ -4384,6 +4448,7 @@ TIFFReadCustomDirectory(TIFF* tif, toff_t diroff, uint16 di; const TIFFField* fip; uint32 fii; + (*tif->tif_cleanup)(tif); /* cleanup any previous compression state */ _TIFFSetupFields(tif, infoarray); dircount=TIFFFetchDirectory(tif,diroff,&dir,NULL); if (!dircount) @@ -4410,17 +4475,17 @@ TIFFReadCustomDirectory(TIFF* tif, toff_t diroff, TIFFWarningExt(tif->tif_clientdata, module, "Registering anonymous field with tag %d (0x%x) failed", dp->tdir_tag, dp->tdir_tag); - dp->tdir_tag=IGNORE; + dp->tdir_ignore = TRUE; } else { TIFFReadDirectoryFindFieldInfo(tif,dp->tdir_tag,&fii); assert( fii != FAILED_FII ); } } - if (dp->tdir_tag!=IGNORE) + if (!dp->tdir_ignore) { fip=tif->tif_fields[fii]; if (fip->field_bit==FIELD_IGNORE) - dp->tdir_tag=IGNORE; + dp->tdir_ignore = TRUE; else { /* check data type */ @@ -4440,7 +4505,7 @@ TIFFReadCustomDirectory(TIFF* tif, toff_t diroff, TIFFWarningExt(tif->tif_clientdata, module, "Wrong data type %d for \"%s\"; tag ignored", dp->tdir_type,fip->field_name); - dp->tdir_tag=IGNORE; + dp->tdir_ignore = TRUE; } else { @@ -4454,21 +4519,21 @@ TIFFReadCustomDirectory(TIFF* tif, toff_t diroff, else expected=(uint32)fip->field_readcount; if (!CheckDirCount(tif,dp,expected)) - dp->tdir_tag=IGNORE; + dp->tdir_ignore = TRUE; } } } - switch (dp->tdir_tag) - { - case IGNORE: - break; - case EXIFTAG_SUBJECTDISTANCE: - (void) TIFFFetchSubjectDistance(tif,dp); - break; - default: - (void) TIFFFetchNormalTag(tif, dp, TRUE); - break; - } + if (!dp->tdir_ignore) { + switch (dp->tdir_tag) + { + case EXIFTAG_SUBJECTDISTANCE: + (void)TIFFFetchSubjectDistance(tif, dp); + break; + default: + (void)TIFFFetchNormalTag(tif, dp, TRUE); + break; + } + } /*-- if (!dp->tdir_ignore) */ } } if (dir) @@ -4488,6 +4553,17 @@ TIFFReadEXIFDirectory(TIFF* tif, toff_t diroff) return TIFFReadCustomDirectory(tif, diroff, exifFieldArray); } +/* + *--: EXIF-GPS custom directory reading as another special case of custom IFD. + */ +int +TIFFReadGPSDirectory(TIFF* tif, toff_t diroff) +{ + const TIFFFieldArray* gpsFieldArray; + gpsFieldArray = _TIFFGetGpsFields(); + return TIFFReadCustomDirectory(tif, diroff, gpsFieldArray); +} + static int EstimateStripByteCounts(TIFF* tif, TIFFDirEntry* dir, uint16 dircount) { @@ -4501,12 +4577,12 @@ EstimateStripByteCounts(TIFF* tif, TIFFDirEntry* dir, uint16 dircount) if( !_TIFFFillStrilesInternal( tif, 0 ) ) return -1; - if (td->td_stripbytecount) - _TIFFfree(td->td_stripbytecount); - td->td_stripbytecount = (uint64*) + if (td->td_stripbytecount_p) + _TIFFfree(td->td_stripbytecount_p); + td->td_stripbytecount_p = (uint64*) _TIFFCheckMalloc(tif, td->td_nstrips, sizeof (uint64), "for \"StripByteCounts\" array"); - if( td->td_stripbytecount == NULL ) + if( td->td_stripbytecount_p == NULL ) return -1; if (td->td_compression != COMPRESSION_NONE) { @@ -4530,6 +4606,8 @@ EstimateStripByteCounts(TIFF* tif, TIFFDirEntry* dir, uint16 dircount) dp->tdir_type); return -1; } + if( dp->tdir_count > TIFF_UINT64_MAX / typewidth ) + return -1; datasize=(uint64)typewidth*dp->tdir_count; if (!(tif->tif_flags&TIFF_BIGTIFF)) { @@ -4541,6 +4619,8 @@ EstimateStripByteCounts(TIFF* tif, TIFFDirEntry* dir, uint16 dircount) if (datasize<=8) datasize=0; } + if( space > TIFF_UINT64_MAX - datasize ) + return -1; space+=datasize; } if( filesize < space ) @@ -4551,7 +4631,7 @@ EstimateStripByteCounts(TIFF* tif, TIFFDirEntry* dir, uint16 dircount) if (td->td_planarconfig == PLANARCONFIG_SEPARATE) space /= td->td_samplesperpixel; for (strip = 0; strip < td->td_nstrips; strip++) - td->td_stripbytecount[strip] = space; + td->td_stripbytecount_p[strip] = space; /* * This gross hack handles the case were the offset to * the last strip is past the place where we think the strip @@ -4560,18 +4640,30 @@ EstimateStripByteCounts(TIFF* tif, TIFFDirEntry* dir, uint16 dircount) * of data in the strip and trim this number back accordingly. */ strip--; - if (td->td_stripoffset[strip]+td->td_stripbytecount[strip] > filesize) - td->td_stripbytecount[strip] = filesize - td->td_stripoffset[strip]; + if (td->td_stripoffset_p[strip] > TIFF_UINT64_MAX - td->td_stripbytecount_p[strip]) + return -1; + if (td->td_stripoffset_p[strip]+td->td_stripbytecount_p[strip] > filesize) { + if( td->td_stripoffset_p[strip] >= filesize ) { + /* Not sure what we should in that case... */ + td->td_stripbytecount_p[strip] = 0; + } else { + td->td_stripbytecount_p[strip] = filesize - td->td_stripoffset_p[strip]; + } + } } else if (isTiled(tif)) { uint64 bytespertile = TIFFTileSize64(tif); for (strip = 0; strip < td->td_nstrips; strip++) - td->td_stripbytecount[strip] = bytespertile; + td->td_stripbytecount_p[strip] = bytespertile; } else { uint64 rowbytes = TIFFScanlineSize64(tif); uint32 rowsperstrip = td->td_imagelength/td->td_stripsperimage; for (strip = 0; strip < td->td_nstrips; strip++) - td->td_stripbytecount[strip] = rowbytes * rowsperstrip; + { + if( rowbytes > 0 && rowsperstrip > TIFF_UINT64_MAX / rowbytes ) + return -1; + td->td_stripbytecount_p[strip] = rowbytes * rowsperstrip; + } } TIFFSetFieldBit(tif, FIELD_STRIPBYTECOUNTS); if (!TIFFFieldSet(tif, FIELD_ROWSPERSTRIP)) @@ -4765,12 +4857,13 @@ TIFFFetchDirectory(TIFF* tif, uint64 diroff, TIFFDirEntry** pdir, } } else { tmsize_t m; - tmsize_t off = (tmsize_t) tif->tif_diroff; - if ((uint64)off!=tif->tif_diroff) + tmsize_t off; + if (tif->tif_diroff > (uint64)TIFF_INT64_MAX) { TIFFErrorExt(tif->tif_clientdata,module,"Can not read TIFF directory count"); return(0); } + off = (tmsize_t) tif->tif_diroff; /* * Check for integer overflow when validating the dir_off, @@ -4888,6 +4981,7 @@ TIFFFetchDirectory(TIFF* tif, uint64 diroff, TIFFDirEntry** pdir, mb=dir; for (n=0; ntdir_ignore = FALSE; if (tif->tif_flags&TIFF_SWAB) TIFFSwabShort((uint16*)ma); mb->tdir_tag=*(uint16*)ma; @@ -4902,6 +4996,7 @@ TIFFFetchDirectory(TIFF* tif, uint64 diroff, TIFFDirEntry** pdir, TIFFSwabLong((uint32*)ma); mb->tdir_count=(uint64)(*(uint32*)ma); ma+=sizeof(uint32); + mb->tdir_offset.toff_long8=0; *(uint32*)(&mb->tdir_offset)=*(uint32*)ma; ma+=sizeof(uint32); } @@ -5104,6 +5199,7 @@ TIFFFetchNormalTag(TIFF* tif, TIFFDirEntry* dp, int recover) if (err==TIFFReadDirEntryErrOk) { int m; + assert(data); /* avoid CLang static Analyzer false positive */ m=TIFFSetField(tif,dp->tdir_tag,data[0],data[1]); _TIFFfree(data); if (!m) @@ -5187,7 +5283,7 @@ TIFFFetchNormalTag(TIFF* tif, TIFFDirEntry* dp, int recover) assert(fip->field_readcount>=1); assert(fip->field_passcount==0); if (dp->tdir_count!=(uint64)fip->field_readcount) - /* corrupt file */; + /* corrupt file */; else { err=TIFFReadDirEntryFloatArray(tif,dp,&data); @@ -5203,6 +5299,29 @@ TIFFFetchNormalTag(TIFF* tif, TIFFDirEntry* dp, int recover) } } break; + /*--: Rational2Double: Extend for Double Arrays and Rational-Arrays read into Double-Arrays. */ + case TIFF_SETGET_C0_DOUBLE: + { + double* data; + assert(fip->field_readcount>=1); + assert(fip->field_passcount==0); + if (dp->tdir_count!=(uint64)fip->field_readcount) + /* corrupt file */; + else + { + err=TIFFReadDirEntryDoubleArray(tif,dp,&data); + if (err==TIFFReadDirEntryErrOk) + { + int m; + m=TIFFSetField(tif,dp->tdir_tag,data); + if (data!=0) + _TIFFfree(data); + if (!m) + return(0); + } + } + } + break; case TIFF_SETGET_C16_ASCII: { uint8* data; @@ -5695,7 +5814,7 @@ TIFFFetchSubjectDistance(TIFF* tif, TIFFDirEntry* dir) TIFFSwabArrayOfLong(m.i,2); if (m.i[0]==0) n=0.0; - else if (m.i[0]==0xFFFFFFFF) + else if (m.i[0]==0xFFFFFFFF || m.i[1]==0) /* * XXX: Numerator 0xFFFFFFFF means that we have infinite * distance. Indicate that with a negative floating point @@ -5719,10 +5838,22 @@ static void allocChoppedUpStripArrays(TIFF* tif, uint32 nstrips, TIFFDirectory *td = &tif->tif_dir; uint64 bytecount; uint64 offset; + uint64 last_offset; + uint64 last_bytecount; uint32 i; uint64 *newcounts; uint64 *newoffsets; + offset = TIFFGetStrileOffset(tif, 0); + last_offset = TIFFGetStrileOffset(tif, td->td_nstrips-1); + last_bytecount = TIFFGetStrileByteCount(tif, td->td_nstrips-1); + if( last_offset > TIFF_UINT64_MAX - last_bytecount || + last_offset + last_bytecount < offset ) + { + return; + } + bytecount = last_offset + last_bytecount - offset; + newcounts = (uint64*) _TIFFCheckMalloc(tif, nstrips, sizeof (uint64), "for chopped \"StripByteCounts\" array"); newoffsets = (uint64*) _TIFFCheckMalloc(tif, nstrips, sizeof (uint64), @@ -5743,9 +5874,6 @@ static void allocChoppedUpStripArrays(TIFF* tif, uint32 nstrips, * Fill the strip information arrays with new bytecounts and offsets * that reflect the broken-up format. */ - offset = td->td_stripoffset[0]; - bytecount = td->td_stripoffset[td->td_nstrips-1] + - td->td_stripbytecount[td->td_nstrips-1] - offset; for (i = 0; i < nstrips; i++) { if (stripbytes > bytecount) @@ -5762,11 +5890,14 @@ static void allocChoppedUpStripArrays(TIFF* tif, uint32 nstrips, td->td_stripsperimage = td->td_nstrips = nstrips; TIFFSetField(tif, TIFFTAG_ROWSPERSTRIP, rowsperstrip); - _TIFFfree(td->td_stripbytecount); - _TIFFfree(td->td_stripoffset); - td->td_stripbytecount = newcounts; - td->td_stripoffset = newoffsets; + _TIFFfree(td->td_stripbytecount_p); + _TIFFfree(td->td_stripoffset_p); + td->td_stripbytecount_p = newcounts; + td->td_stripoffset_p = newoffsets; +#ifdef STRIPBYTECOUNTSORTED_UNUSED td->td_stripbytecountsorted = 1; +#endif + tif->tif_flags |= TIFF_CHOPPEDUPARRAYS; } @@ -5788,13 +5919,13 @@ ChopUpSingleUncompressedStrip(TIFF* tif) uint32 nstrips; uint32 rowsperstrip; - bytecount = td->td_stripbytecount[0]; + bytecount = TIFFGetStrileByteCount(tif, 0); /* On a newly created file, just re-opened to be filled, we */ /* don't want strip chop to trigger as it is going to cause issues */ /* later ( StripOffsets and StripByteCounts improperly filled) . */ if( bytecount == 0 && tif->tif_mode != O_RDONLY ) return; - offset = td->td_stripoffset[0]; + offset = TIFFGetStrileByteCount(tif, 0); assert(td->td_planarconfig == PLANARCONFIG_CONTIG); if ((td->td_photometric == PHOTOMETRIC_YCBCR)&& (!isUpSampled(tif))) @@ -5869,7 +6000,7 @@ static void TryChopUpUncompressedBigTiff( TIFF* tif ) /* On a newly created file, just re-opened to be filled, we */ /* don't want strip chop to trigger as it is going to cause issues */ /* later ( StripOffsets and StripByteCounts improperly filled) . */ - if( td->td_stripbytecount[0] == 0 && tif->tif_mode != O_RDONLY ) + if( TIFFGetStrileByteCount(tif, 0) == 0 && tif->tif_mode != O_RDONLY ) return; if ((td->td_photometric == PHOTOMETRIC_YCBCR)&& @@ -5889,7 +6020,7 @@ static void TryChopUpUncompressedBigTiff( TIFF* tif ) { if( i == td->td_nstrips - 1 ) { - if( td->td_stripbytecount[i] < TIFFVStripSize64( + if( TIFFGetStrileByteCount(tif, i) < TIFFVStripSize64( tif, td->td_imagelength - i * td->td_rowsperstrip ) ) { return; @@ -5897,12 +6028,12 @@ static void TryChopUpUncompressedBigTiff( TIFF* tif ) } else { - if( td->td_stripbytecount[i] != stripsize ) + if( TIFFGetStrileByteCount(tif, i) != stripsize ) { return; } - if( i > 0 && td->td_stripoffset[i] != - td->td_stripoffset[i-1] + td->td_stripbytecount[i - 1] ) + if( i > 0 && TIFFGetStrileOffset(tif, i) != + TIFFGetStrileOffset(tif, i-1) + TIFFGetStrileByteCount(tif, i-1) ) { return; } @@ -5924,18 +6055,367 @@ static void TryChopUpUncompressedBigTiff( TIFF* tif ) /* If we are going to allocate a lot of memory, make sure that the */ /* file is as big as needed */ if( tif->tif_mode == O_RDONLY && - nstrips > 1000000 && - (td->td_stripoffset[td->td_nstrips-1] > TIFFGetFileSize(tif) || - td->td_stripoffset[td->td_nstrips-1] + - td->td_stripbytecount[td->td_nstrips-1] > TIFFGetFileSize(tif)) ) + nstrips > 1000000 ) { - return; + uint64 last_offset = TIFFGetStrileOffset(tif, td->td_nstrips-1); + uint64 filesize = TIFFGetFileSize(tif); + uint64 last_bytecount = TIFFGetStrileByteCount(tif, td->td_nstrips-1); + if( last_offset > filesize || + last_bytecount > filesize - last_offset ) + { + return; + } } allocChoppedUpStripArrays(tif, nstrips, stripbytes, rowsperstrip); } +TIFF_NOSANITIZE_UNSIGNED_INT_OVERFLOW +static uint64 _TIFFUnsanitizedAddUInt64AndInt(uint64 a, int b) +{ + return a + b; +} + +/* Read the value of [Strip|Tile]Offset or [Strip|Tile]ByteCount around + * strip/tile of number strile. Also fetch the neighbouring values using a + * 4096 byte page size. + */ +static +int _TIFFPartialReadStripArray( TIFF* tif, TIFFDirEntry* dirent, + int strile, uint64* panVals ) +{ + static const char module[] = "_TIFFPartialReadStripArray"; +#define IO_CACHE_PAGE_SIZE 4096 + + size_t sizeofval; + const int bSwab = (tif->tif_flags & TIFF_SWAB) != 0; + int sizeofvalint; + uint64 nBaseOffset; + uint64 nOffset; + uint64 nOffsetStartPage; + uint64 nOffsetEndPage; + tmsize_t nToRead; + tmsize_t nRead; + uint64 nLastStripOffset; + int iStartBefore; + int i; + const uint32 arraySize = tif->tif_dir.td_stripoffsetbyteallocsize; + unsigned char buffer[2 * IO_CACHE_PAGE_SIZE]; + + assert( dirent->tdir_count > 4 ); + + if( dirent->tdir_type == TIFF_SHORT ) + { + sizeofval = sizeof(uint16); + } + else if( dirent->tdir_type == TIFF_LONG ) + { + sizeofval = sizeof(uint32); + } + else if( dirent->tdir_type == TIFF_LONG8 ) + { + sizeofval = sizeof(uint64); + } + else if( dirent->tdir_type == TIFF_SLONG8 ) + { + /* Non conformant but used by some images as in */ + /* https://github.com/OSGeo/gdal/issues/2165 */ + sizeofval = sizeof(int64); + } + else + { + TIFFErrorExt(tif->tif_clientdata, module, + "Invalid type for [Strip|Tile][Offset/ByteCount] tag"); + panVals[strile] = 0; + return 0; + } + sizeofvalint = (int)(sizeofval); + + if( tif->tif_flags&TIFF_BIGTIFF ) + { + uint64 offset = dirent->tdir_offset.toff_long8; + if( bSwab ) + TIFFSwabLong8(&offset); + nBaseOffset = offset; + } + else + { + uint32 offset = dirent->tdir_offset.toff_long; + if( bSwab ) + TIFFSwabLong(&offset); + nBaseOffset = offset; + } + /* To avoid later unsigned integer overflows */ + if( nBaseOffset > (uint64)TIFF_INT64_MAX ) + { + TIFFErrorExt(tif->tif_clientdata, module, + "Cannot read offset/size for strile %d", strile); + panVals[strile] = 0; + return 0; + } + nOffset = nBaseOffset + sizeofval * strile; + nOffsetStartPage = + (nOffset / IO_CACHE_PAGE_SIZE) * IO_CACHE_PAGE_SIZE; + nOffsetEndPage = nOffsetStartPage + IO_CACHE_PAGE_SIZE; + + if( nOffset + sizeofval > nOffsetEndPage ) + nOffsetEndPage += IO_CACHE_PAGE_SIZE; +#undef IO_CACHE_PAGE_SIZE + + nLastStripOffset = nBaseOffset + arraySize * sizeofval; + if( nLastStripOffset < nOffsetEndPage ) + nOffsetEndPage = nLastStripOffset; + if( nOffsetStartPage >= nOffsetEndPage ) + { + TIFFErrorExt(tif->tif_clientdata, module, + "Cannot read offset/size for strile %d", strile); + panVals[strile] = 0; + return 0; + } + if (!SeekOK(tif,nOffsetStartPage)) + { + panVals[strile] = 0; + return 0; + } + + nToRead = (tmsize_t)(nOffsetEndPage - nOffsetStartPage); + nRead = TIFFReadFile(tif, buffer, nToRead); + if( nRead < nToRead ) + { + TIFFErrorExt(tif->tif_clientdata, module, + "Cannot read offset/size for strile around ~%d", strile); + return 0; + } + iStartBefore = -(int)((nOffset - nOffsetStartPage) / sizeofval); + if( strile + iStartBefore < 0 ) + iStartBefore = -strile; + for( i = iStartBefore; + (uint32)(strile + i) < arraySize && + _TIFFUnsanitizedAddUInt64AndInt(nOffset, (i + 1) * sizeofvalint) <= nOffsetEndPage; + ++i ) + { + if( dirent->tdir_type == TIFF_SHORT ) + { + uint16 val; + memcpy(&val, + buffer + (nOffset - nOffsetStartPage) + i * sizeofvalint, + sizeof(val)); + if( bSwab ) + TIFFSwabShort(&val); + panVals[strile + i] = val; + } + else if( dirent->tdir_type == TIFF_LONG ) + { + uint32 val; + memcpy(&val, + buffer + (nOffset - nOffsetStartPage) + i * sizeofvalint, + sizeof(val)); + if( bSwab ) + TIFFSwabLong(&val); + panVals[strile + i] = val; + } + else if( dirent->tdir_type == TIFF_LONG8 ) + { + uint64 val; + memcpy(&val, + buffer + (nOffset - nOffsetStartPage) + i * sizeofvalint, + sizeof(val)); + if( bSwab ) + TIFFSwabLong8(&val); + panVals[strile + i] = val; + } + else /* if( dirent->tdir_type == TIFF_SLONG8 ) */ + { + /* Non conformant data type */ + int64 val; + memcpy(&val, + buffer + (nOffset - nOffsetStartPage) + i * sizeofvalint, + sizeof(val)); + if( bSwab ) + TIFFSwabLong8((uint64*) &val); + panVals[strile + i] = (uint64) val; + } + } + return 1; +} + +static int _TIFFFetchStrileValue(TIFF* tif, + uint32 strile, + TIFFDirEntry* dirent, + uint64** parray) +{ + static const char module[] = "_TIFFFetchStrileValue"; + TIFFDirectory *td = &tif->tif_dir; + if( strile >= dirent->tdir_count ) + { + return 0; + } + if( strile >= td->td_stripoffsetbyteallocsize ) + { + uint32 nStripArrayAllocBefore = td->td_stripoffsetbyteallocsize; + uint32 nStripArrayAllocNew; + uint64 nArraySize64; + size_t nArraySize; + uint64* offsetArray; + uint64* bytecountArray; + + if( strile > 1000000 ) + { + uint64 filesize = TIFFGetFileSize(tif); + /* Avoid excessive memory allocation attempt */ + /* For such a big blockid we need at least a TIFF_LONG per strile */ + /* for the offset array. */ + if( strile > filesize / sizeof(uint32) ) + { + TIFFErrorExt(tif->tif_clientdata, module, "File too short"); + return 0; + } + } + + if( td->td_stripoffsetbyteallocsize == 0 && + td->td_nstrips < 1024 * 1024 ) + { + nStripArrayAllocNew = td->td_nstrips; + } + else + { +#define TIFF_MAX(a,b) (((a)>(b)) ? (a) : (b)) +#define TIFF_MIN(a,b) (((a)<(b)) ? (a) : (b)) + nStripArrayAllocNew = TIFF_MAX(strile + 1, 1024U * 512U ); + if( nStripArrayAllocNew < 0xFFFFFFFFU / 2 ) + nStripArrayAllocNew *= 2; + nStripArrayAllocNew = TIFF_MIN(nStripArrayAllocNew, td->td_nstrips); + } + assert( strile < nStripArrayAllocNew ); + nArraySize64 = (uint64)sizeof(uint64) * nStripArrayAllocNew; + nArraySize = (size_t)(nArraySize64); +#if SIZEOF_SIZE_T == 4 + if( nArraySize != nArraySize64 ) + { + TIFFErrorExt(tif->tif_clientdata, module, + "Cannot allocate strip offset and bytecount arrays"); + return 0; + } +#endif + offsetArray = (uint64*)( + _TIFFrealloc( td->td_stripoffset_p, nArraySize ) ); + bytecountArray = (uint64*)( + _TIFFrealloc( td->td_stripbytecount_p, nArraySize ) ); + if( offsetArray ) + td->td_stripoffset_p = offsetArray; + if( bytecountArray ) + td->td_stripbytecount_p = bytecountArray; + if( offsetArray && bytecountArray ) + { + td->td_stripoffsetbyteallocsize = nStripArrayAllocNew; + /* Initialize new entries to ~0 / -1 */ + memset(td->td_stripoffset_p + nStripArrayAllocBefore, + 0xFF, + (td->td_stripoffsetbyteallocsize - nStripArrayAllocBefore) * sizeof(uint64) ); + memset(td->td_stripbytecount_p + nStripArrayAllocBefore, + 0xFF, + (td->td_stripoffsetbyteallocsize - nStripArrayAllocBefore) * sizeof(uint64) ); + } + else + { + TIFFErrorExt(tif->tif_clientdata, module, + "Cannot allocate strip offset and bytecount arrays"); + _TIFFfree(td->td_stripoffset_p); + td->td_stripoffset_p = NULL; + _TIFFfree(td->td_stripbytecount_p); + td->td_stripbytecount_p = NULL; + td->td_stripoffsetbyteallocsize = 0; + } + } + if( *parray == NULL || strile >= td->td_stripoffsetbyteallocsize ) + return 0; + + if( ~((*parray)[strile]) == 0 ) + { + if( !_TIFFPartialReadStripArray( tif, dirent, strile, *parray ) ) + { + (*parray)[strile] = 0; + return 0; + } + } + + return 1; +} + +static uint64 _TIFFGetStrileOffsetOrByteCountValue(TIFF *tif, uint32 strile, + TIFFDirEntry* dirent, + uint64** parray, + int *pbErr) +{ + TIFFDirectory *td = &tif->tif_dir; + if( pbErr ) + *pbErr = 0; + if( (tif->tif_flags&TIFF_DEFERSTRILELOAD) && !(tif->tif_flags&TIFF_CHOPPEDUPARRAYS) ) + { + if( !(tif->tif_flags&TIFF_LAZYSTRILELOAD) || + /* If the values may fit in the toff_long/toff_long8 member */ + /* then use _TIFFFillStriles to simplify _TIFFFetchStrileValue */ + dirent->tdir_count <= 4 ) + { + if( !_TIFFFillStriles(tif) ) + { + if( pbErr ) + *pbErr = 1; + /* Do not return, as we want this function to always */ + /* return the same value if called several times with */ + /* the same arguments */ + } + } + else + { + if( !_TIFFFetchStrileValue(tif, strile, dirent, parray) ) + { + if( pbErr ) + *pbErr = 1; + return 0; + } + } + } + if( *parray == NULL || strile >= td->td_nstrips ) + { + if( pbErr ) + *pbErr = 1; + return 0; + } + return (*parray)[strile]; +} + +/* Return the value of the TileOffsets/StripOffsets array for the specified tile/strile */ +uint64 TIFFGetStrileOffset(TIFF *tif, uint32 strile) +{ + return TIFFGetStrileOffsetWithErr(tif, strile, NULL); +} + +/* Return the value of the TileOffsets/StripOffsets array for the specified tile/strile */ +uint64 TIFFGetStrileOffsetWithErr(TIFF *tif, uint32 strile, int *pbErr) +{ + TIFFDirectory *td = &tif->tif_dir; + return _TIFFGetStrileOffsetOrByteCountValue(tif, strile, + &(td->td_stripoffset_entry), + &(td->td_stripoffset_p), pbErr); +} + +/* Return the value of the TileByteCounts/StripByteCounts array for the specified tile/strile */ +uint64 TIFFGetStrileByteCount(TIFF *tif, uint32 strile) +{ + return TIFFGetStrileByteCountWithErr(tif, strile, NULL); +} + +/* Return the value of the TileByteCounts/StripByteCounts array for the specified tile/strile */ +uint64 TIFFGetStrileByteCountWithErr(TIFF *tif, uint32 strile, int *pbErr) +{ + TIFFDirectory *td = &tif->tif_dir; + return _TIFFGetStrileOffsetOrByteCountValue(tif, strile, + &(td->td_stripbytecount_entry), + &(td->td_stripbytecount_p), pbErr); +} + int _TIFFFillStriles( TIFF *tif ) { @@ -5944,51 +6424,64 @@ int _TIFFFillStriles( TIFF *tif ) static int _TIFFFillStrilesInternal( TIFF *tif, int loadStripByteCount ) { -#if defined(DEFER_STRILE_LOAD) - register TIFFDirectory *td = &tif->tif_dir; - int return_value = 1; + register TIFFDirectory *td = &tif->tif_dir; + int return_value = 1; - if( td->td_stripoffset != NULL ) - return 1; - - if( td->td_stripoffset_entry.tdir_count == 0 ) - return 0; - - if (!TIFFFetchStripThing(tif,&(td->td_stripoffset_entry), - td->td_nstrips,&td->td_stripoffset)) - { - return_value = 0; - } - - if (loadStripByteCount && - !TIFFFetchStripThing(tif,&(td->td_stripbytecount_entry), - td->td_nstrips,&td->td_stripbytecount)) - { - return_value = 0; - } - - _TIFFmemset( &(td->td_stripoffset_entry), 0, sizeof(TIFFDirEntry)); - _TIFFmemset( &(td->td_stripbytecount_entry), 0, sizeof(TIFFDirEntry)); - - if (tif->tif_dir.td_nstrips > 1 && return_value == 1 ) { - uint32 strip; - - tif->tif_dir.td_stripbytecountsorted = 1; - for (strip = 1; strip < tif->tif_dir.td_nstrips; strip++) { - if (tif->tif_dir.td_stripoffset[strip - 1] > - tif->tif_dir.td_stripoffset[strip]) { - tif->tif_dir.td_stripbytecountsorted = 0; - break; - } - } - } - - return return_value; -#else /* !defined(DEFER_STRILE_LOAD) */ - (void) tif; - (void) loadStripByteCount; + /* Do not do anything if TIFF_DEFERSTRILELOAD is not set */ + if( !(tif->tif_flags&TIFF_DEFERSTRILELOAD) || (tif->tif_flags&TIFF_CHOPPEDUPARRAYS) != 0 ) return 1; -#endif + + if( tif->tif_flags&TIFF_LAZYSTRILELOAD ) + { + /* In case of lazy loading, reload completely the arrays */ + _TIFFfree(td->td_stripoffset_p); + _TIFFfree(td->td_stripbytecount_p); + td->td_stripoffset_p = NULL; + td->td_stripbytecount_p = NULL; + td->td_stripoffsetbyteallocsize = 0; + tif->tif_flags &= ~TIFF_LAZYSTRILELOAD; + } + + /* If stripoffset array is already loaded, exit with success */ + if( td->td_stripoffset_p != NULL ) + return 1; + + /* If tdir_count was canceled, then we already got there, but in error */ + if( td->td_stripoffset_entry.tdir_count == 0 ) + return 0; + + if (!TIFFFetchStripThing(tif,&(td->td_stripoffset_entry), + td->td_nstrips,&td->td_stripoffset_p)) + { + return_value = 0; + } + + if (loadStripByteCount && + !TIFFFetchStripThing(tif,&(td->td_stripbytecount_entry), + td->td_nstrips,&td->td_stripbytecount_p)) + { + return_value = 0; + } + + _TIFFmemset( &(td->td_stripoffset_entry), 0, sizeof(TIFFDirEntry)); + _TIFFmemset( &(td->td_stripbytecount_entry), 0, sizeof(TIFFDirEntry)); + +#ifdef STRIPBYTECOUNTSORTED_UNUSED + if (tif->tif_dir.td_nstrips > 1 && return_value == 1 ) { + uint32 strip; + + tif->tif_dir.td_stripbytecountsorted = 1; + for (strip = 1; strip < tif->tif_dir.td_nstrips; strip++) { + if (tif->tif_dir.td_stripoffset_p[strip - 1] > + tif->tif_dir.td_stripoffset_p[strip]) { + tif->tif_dir.td_stripbytecountsorted = 0; + break; + } + } + } +#endif + + return return_value; } diff --git a/3rdparty/libtiff/tif_dirwrite.c b/3rdparty/libtiff/tif_dirwrite.c index 83c01b24f2..f481250e3b 100644 --- a/3rdparty/libtiff/tif_dirwrite.c +++ b/3rdparty/libtiff/tif_dirwrite.c @@ -28,6 +28,8 @@ * Directory Write Support Routines. */ #include "tiffiop.h" +#include /*--: for Rational2Double */ +#include /*--: for Rational2Double */ #ifdef HAVE_IEEEFP #define TIFFCvtNativeToIEEEFloat(tif, n, fp) @@ -154,6 +156,19 @@ static int TIFFWriteDirectoryTagCheckedSlong8Array(TIFF* tif, uint32* ndir, TIFF static int TIFFWriteDirectoryTagCheckedRational(TIFF* tif, uint32* ndir, TIFFDirEntry* dir, uint16 tag, double value); static int TIFFWriteDirectoryTagCheckedRationalArray(TIFF* tif, uint32* ndir, TIFFDirEntry* dir, uint16 tag, uint32 count, float* value); static int TIFFWriteDirectoryTagCheckedSrationalArray(TIFF* tif, uint32* ndir, TIFFDirEntry* dir, uint16 tag, uint32 count, float* value); + +/*--: Rational2Double: New functions to support true double-precision for custom rational tag types. */ +static int TIFFWriteDirectoryTagRationalDoubleArray(TIFF* tif, uint32* ndir, TIFFDirEntry* dir, uint16 tag, uint32 count, double* value); +static int TIFFWriteDirectoryTagSrationalDoubleArray(TIFF* tif, uint32* ndir, TIFFDirEntry* dir, uint16 tag, uint32 count, double* value); +static int TIFFWriteDirectoryTagCheckedRationalDoubleArray(TIFF* tif, uint32* ndir, TIFFDirEntry* dir, uint16 tag, uint32 count, double* value); +static int TIFFWriteDirectoryTagCheckedSrationalDoubleArray(TIFF* tif, uint32* ndir, TIFFDirEntry* dir, uint16 tag, uint32 count, double* value); +static void DoubleToRational(double value, uint32 *num, uint32 *denom); +static void DoubleToSrational(double value, int32 *num, int32 *denom); +#if 0 +static void DoubleToRational_direct(double value, unsigned long *num, unsigned long *denom); +static void DoubleToSrational_direct(double value, long *num, long *denom); +#endif + #ifdef notdef static int TIFFWriteDirectoryTagCheckedFloat(TIFF* tif, uint32* ndir, TIFFDirEntry* dir, uint16 tag, float value); #endif @@ -181,6 +196,51 @@ TIFFWriteDirectory(TIFF* tif) return TIFFWriteDirectorySec(tif,TRUE,TRUE,NULL); } +/* + * This is an advanced writing function that must be used in a particular + * sequence, and generally together with TIFFForceStrileArrayWriting(), + * to make its intended effect. Its aim is to modify the location + * where the [Strip/Tile][Offsets/ByteCounts] arrays are located in the file. + * More precisely, when TIFFWriteCheck() will be called, the tag entries for + * those arrays will be written with type = count = offset = 0 as a temporary + * value. + * + * Its effect is only valid for the current directory, and before + * TIFFWriteDirectory() is first called, and will be reset when + * changing directory. + * + * The typical sequence of calls is: + * TIFFOpen() + * [ TIFFCreateDirectory(tif) ] + * Set fields with calls to TIFFSetField(tif, ...) + * TIFFDeferStrileArrayWriting(tif) + * TIFFWriteCheck(tif, ...) + * TIFFWriteDirectory(tif) + * ... potentially create other directories and come back to the above directory + * TIFFForceStrileArrayWriting(tif): emit the arrays at the end of file + * + * Returns 1 in case of success, 0 otherwise. + */ +int TIFFDeferStrileArrayWriting(TIFF* tif) +{ + static const char module[] = "TIFFDeferStrileArrayWriting"; + if (tif->tif_mode == O_RDONLY) + { + TIFFErrorExt(tif->tif_clientdata, tif->tif_name, + "File opened in read-only mode"); + return 0; + } + if( tif->tif_diroff != 0 ) + { + TIFFErrorExt(tif->tif_clientdata, module, + "Directory has already been written"); + return 0; + } + + tif->tif_dir.td_deferstrilearraywriting = TRUE; + return 1; +} + /* * Similar to TIFFWriteDirectory(), writes the directory out * but leaves all data structures in memory so that it can be @@ -192,7 +252,7 @@ TIFFCheckpointDirectory(TIFF* tif) { int rc; /* Setup the strips arrays, if they haven't already been. */ - if (tif->tif_dir.td_stripoffset == NULL) + if (tif->tif_dir.td_stripoffset_p == NULL) (void) TIFFSetupStrips(tif); rc = TIFFWriteDirectorySec(tif,TRUE,FALSE,NULL); (void) TIFFSetWriteOffset(tif, TIFFSeekFile(tif, 0, SEEK_END)); @@ -527,12 +587,12 @@ TIFFWriteDirectorySec(TIFF* tif, int isimage, int imagedone, uint64* pdiroff) { if (!isTiled(tif)) { - if (!TIFFWriteDirectoryTagLongLong8Array(tif,&ndir,dir,TIFFTAG_STRIPBYTECOUNTS,tif->tif_dir.td_nstrips,tif->tif_dir.td_stripbytecount)) + if (!TIFFWriteDirectoryTagLongLong8Array(tif,&ndir,dir,TIFFTAG_STRIPBYTECOUNTS,tif->tif_dir.td_nstrips,tif->tif_dir.td_stripbytecount_p)) goto bad; } else { - if (!TIFFWriteDirectoryTagLongLong8Array(tif,&ndir,dir,TIFFTAG_TILEBYTECOUNTS,tif->tif_dir.td_nstrips,tif->tif_dir.td_stripbytecount)) + if (!TIFFWriteDirectoryTagLongLong8Array(tif,&ndir,dir,TIFFTAG_TILEBYTECOUNTS,tif->tif_dir.td_nstrips,tif->tif_dir.td_stripbytecount_p)) goto bad; } } @@ -540,7 +600,7 @@ TIFFWriteDirectorySec(TIFF* tif, int isimage, int imagedone, uint64* pdiroff) { if (!isTiled(tif)) { - /* td_stripoffset might be NULL in an odd OJPEG case. See + /* td_stripoffset_p might be NULL in an odd OJPEG case. See * tif_dirread.c around line 3634. * XXX: OJPEG hack. * If a) compression is OJPEG, b) it's not a tiled TIFF, @@ -551,13 +611,13 @@ TIFFWriteDirectorySec(TIFF* tif, int isimage, int imagedone, uint64* pdiroff) * We can get here when using tiffset on such a file. * See http://bugzilla.maptools.org/show_bug.cgi?id=2500 */ - if (tif->tif_dir.td_stripoffset != NULL && - !TIFFWriteDirectoryTagLongLong8Array(tif,&ndir,dir,TIFFTAG_STRIPOFFSETS,tif->tif_dir.td_nstrips,tif->tif_dir.td_stripoffset)) + if (tif->tif_dir.td_stripoffset_p != NULL && + !TIFFWriteDirectoryTagLongLong8Array(tif,&ndir,dir,TIFFTAG_STRIPOFFSETS,tif->tif_dir.td_nstrips,tif->tif_dir.td_stripoffset_p)) goto bad; } else { - if (!TIFFWriteDirectoryTagLongLong8Array(tif,&ndir,dir,TIFFTAG_TILEOFFSETS,tif->tif_dir.td_nstrips,tif->tif_dir.td_stripoffset)) + if (!TIFFWriteDirectoryTagLongLong8Array(tif,&ndir,dir,TIFFTAG_TILEOFFSETS,tif->tif_dir.td_nstrips,tif->tif_dir.td_stripoffset_p)) goto bad; } } @@ -751,12 +811,42 @@ TIFFWriteDirectorySec(TIFF* tif, int isimage, int imagedone, uint64* pdiroff) goto bad; break; case TIFF_RATIONAL: - if (!TIFFWriteDirectoryTagRationalArray(tif,&ndir,dir,tag,count,tif->tif_dir.td_customValues[m].value)) - goto bad; + { + /*-- Rational2Double: For Rationals evaluate "set_field_type" to determine internal storage size. */ + int tv_size; + tv_size = _TIFFSetGetFieldSize(tif->tif_dir.td_customValues[m].info->set_field_type); + if (tv_size == 8) { + if (!TIFFWriteDirectoryTagRationalDoubleArray(tif,&ndir,dir,tag,count,tif->tif_dir.td_customValues[m].value)) + goto bad; + } else { + /*-- default should be tv_size == 4 */ + if (!TIFFWriteDirectoryTagRationalArray(tif,&ndir,dir,tag,count,tif->tif_dir.td_customValues[m].value)) + goto bad; + /*-- ToDo: After Testing, this should be removed and tv_size==4 should be set as default. */ + if (tv_size != 4) { + TIFFErrorExt(0,"TIFFLib: _TIFFWriteDirectorySec()", "Rational2Double: .set_field_type in not 4 but %d", tv_size); + } + } + } break; case TIFF_SRATIONAL: - if (!TIFFWriteDirectoryTagSrationalArray(tif,&ndir,dir,tag,count,tif->tif_dir.td_customValues[m].value)) - goto bad; + { + /*-- Rational2Double: For Rationals evaluate "set_field_type" to determine internal storage size. */ + int tv_size; + tv_size = _TIFFSetGetFieldSize(tif->tif_dir.td_customValues[m].info->set_field_type); + if (tv_size == 8) { + if (!TIFFWriteDirectoryTagSrationalDoubleArray(tif,&ndir,dir,tag,count,tif->tif_dir.td_customValues[m].value)) + goto bad; + } else { + /*-- default should be tv_size == 4 */ + if (!TIFFWriteDirectoryTagSrationalArray(tif,&ndir,dir,tag,count,tif->tif_dir.td_customValues[m].value)) + goto bad; + /*-- ToDo: After Testing, this should be removed and tv_size==4 should be set as default. */ + if (tv_size != 4) { + TIFFErrorExt(0,"TIFFLib: _TIFFWriteDirectorySec()", "Rational2Double: .set_field_type in not 4 but %d", tv_size); + } + } + } break; case TIFF_FLOAT: if (!TIFFWriteDirectoryTagFloatArray(tif,&ndir,dir,tag,count,tif->tif_dir.td_customValues[m].value)) @@ -1515,6 +1605,29 @@ TIFFWriteDirectoryTagSrationalArray(TIFF* tif, uint32* ndir, TIFFDirEntry* dir, return(TIFFWriteDirectoryTagCheckedSrationalArray(tif,ndir,dir,tag,count,value)); } +/*-- Rational2Double: additional write functions */ +static int +TIFFWriteDirectoryTagRationalDoubleArray(TIFF* tif, uint32* ndir, TIFFDirEntry* dir, uint16 tag, uint32 count, double* value) +{ + if (dir==NULL) + { + (*ndir)++; + return(1); + } + return(TIFFWriteDirectoryTagCheckedRationalDoubleArray(tif,ndir,dir,tag,count,value)); +} + +static int +TIFFWriteDirectoryTagSrationalDoubleArray(TIFF* tif, uint32* ndir, TIFFDirEntry* dir, uint16 tag, uint32 count, double* value) +{ + if (dir==NULL) + { + (*ndir)++; + return(1); + } + return(TIFFWriteDirectoryTagCheckedSrationalDoubleArray(tif,ndir,dir,tag,count,value)); +} + #ifdef notdef static int TIFFWriteDirectoryTagFloat(TIFF* tif, uint32* ndir, TIFFDirEntry* dir, uint16 tag, float value) { @@ -1651,22 +1764,52 @@ TIFFWriteDirectoryTagShortLong(TIFF* tif, uint32* ndir, TIFFDirEntry* dir, uint1 return(TIFFWriteDirectoryTagCheckedLong(tif,ndir,dir,tag,value)); } +static int _WriteAsType(TIFF* tif, uint64 strile_size, uint64 uncompressed_threshold) +{ + const uint16 compression = tif->tif_dir.td_compression; + if ( compression == COMPRESSION_NONE ) + { + return strile_size > uncompressed_threshold; + } + else if ( compression == COMPRESSION_JPEG || + compression == COMPRESSION_LZW || + compression == COMPRESSION_ADOBE_DEFLATE || + compression == COMPRESSION_LZMA || + compression == COMPRESSION_LERC || + compression == COMPRESSION_ZSTD || + compression == COMPRESSION_WEBP ) + { + /* For a few select compression types, we assume that in the worst */ + /* case the compressed size will be 10 times the uncompressed size */ + /* This is overly pessismistic ! */ + return strile_size >= uncompressed_threshold / 10; + } + return 1; +} + +static int WriteAsLong8(TIFF* tif, uint64 strile_size) +{ + return _WriteAsType(tif, strile_size, 0xFFFFFFFFU); +} + +static int WriteAsLong4(TIFF* tif, uint64 strile_size) +{ + return _WriteAsType(tif, strile_size, 0xFFFFU); +} + /************************************************************************/ /* TIFFWriteDirectoryTagLongLong8Array() */ /* */ -/* Write out LONG8 array as LONG8 for BigTIFF or LONG for */ -/* Classic TIFF with some checking. */ +/* Write out LONG8 array and write a SHORT/LONG/LONG8 depending */ +/* on strile size and Classic/BigTIFF mode. */ /************************************************************************/ static int TIFFWriteDirectoryTagLongLong8Array(TIFF* tif, uint32* ndir, TIFFDirEntry* dir, uint16 tag, uint32 count, uint64* value) { static const char module[] = "TIFFWriteDirectoryTagLongLong8Array"; - uint64* ma; - uint32 mb; - uint32* p; - uint32* q; int o; + int write_aslong4; /* is this just a counting pass? */ if (dir==NULL) @@ -1675,37 +1818,105 @@ TIFFWriteDirectoryTagLongLong8Array(TIFF* tif, uint32* ndir, TIFFDirEntry* dir, return(1); } - /* We always write LONG8 for BigTIFF, no checking needed. */ - if( tif->tif_flags&TIFF_BIGTIFF ) - return TIFFWriteDirectoryTagCheckedLong8Array(tif,ndir,dir, - tag,count,value); - - /* - ** For classic tiff we want to verify everything is in range for LONG - ** and convert to long format. - */ - - p = _TIFFmalloc(count*sizeof(uint32)); - if (p==NULL) + if( tif->tif_dir.td_deferstrilearraywriting ) { - TIFFErrorExt(tif->tif_clientdata,module,"Out of memory"); - return(0); + return TIFFWriteDirectoryTagData(tif, ndir, dir, tag, TIFF_NOTYPE, 0, 0, NULL); } - for (q=p, ma=value, mb=0; mbtif_flags&TIFF_BIGTIFF ) { - if (*ma>0xFFFFFFFF) + int write_aslong8 = 1; + /* In the case of ByteCounts array, we may be able to write them on */ + /* LONG if the strip/tilesize is not too big. */ + /* Also do that for count > 1 in the case someone would want to create */ + /* a single-strip file with a growing height, in which case using */ + /* LONG8 will be safer. */ + if( count > 1 && tag == TIFFTAG_STRIPBYTECOUNTS ) { - TIFFErrorExt(tif->tif_clientdata,module, - "Attempt to write value larger than 0xFFFFFFFF in Classic TIFF file."); - _TIFFfree(p); + write_aslong8 = WriteAsLong8(tif, TIFFStripSize64(tif)); + } + else if( count > 1 && tag == TIFFTAG_TILEBYTECOUNTS ) + { + write_aslong8 = WriteAsLong8(tif, TIFFTileSize64(tif)); + } + if( write_aslong8 ) + { + return TIFFWriteDirectoryTagCheckedLong8Array(tif,ndir,dir, + tag,count,value); + } + } + + write_aslong4 = 1; + if( count > 1 && tag == TIFFTAG_STRIPBYTECOUNTS ) + { + write_aslong4 = WriteAsLong4(tif, TIFFStripSize64(tif)); + } + else if( count > 1 && tag == TIFFTAG_TILEBYTECOUNTS ) + { + write_aslong4 = WriteAsLong4(tif, TIFFTileSize64(tif)); + } + if( write_aslong4 ) + { + /* + ** For classic tiff we want to verify everything is in range for LONG + ** and convert to long format. + */ + + uint32* p = _TIFFmalloc(count*sizeof(uint32)); + uint32* q; + uint64* ma; + uint32 mb; + + if (p==NULL) + { + TIFFErrorExt(tif->tif_clientdata,module,"Out of memory"); return(0); } - *q= (uint32)(*ma); - } - o=TIFFWriteDirectoryTagCheckedLongArray(tif,ndir,dir,tag,count,p); - _TIFFfree(p); + for (q=p, ma=value, mb=0; mb0xFFFFFFFF) + { + TIFFErrorExt(tif->tif_clientdata,module, + "Attempt to write value larger than 0xFFFFFFFF in LONG array."); + _TIFFfree(p); + return(0); + } + *q= (uint32)(*ma); + } + + o=TIFFWriteDirectoryTagCheckedLongArray(tif,ndir,dir,tag,count,p); + _TIFFfree(p); + } + else + { + uint16* p = _TIFFmalloc(count*sizeof(uint16)); + uint16* q; + uint64* ma; + uint32 mb; + + if (p==NULL) + { + TIFFErrorExt(tif->tif_clientdata,module,"Out of memory"); + return(0); + } + + for (q=p, ma=value, mb=0; mb0xFFFF) + { + /* Should not happen normally given the check we did before */ + TIFFErrorExt(tif->tif_clientdata,module, + "Attempt to write value larger than 0xFFFF in SHORT array."); + _TIFFfree(p); + return(0); + } + *q= (uint16)(*ma); + } + + o=TIFFWriteDirectoryTagCheckedShortArray(tif,ndir,dir,tag,count,p); + _TIFFfree(p); + } return(o); } @@ -2175,19 +2386,20 @@ TIFFWriteDirectoryTagCheckedSlong8Array(TIFF* tif, uint32* ndir, TIFFDirEntry* d static int TIFFWriteDirectoryTagCheckedRational(TIFF* tif, uint32* ndir, TIFFDirEntry* dir, uint16 tag, double value) { - static const char module[] = "TIFFWriteDirectoryTagCheckedRational"; + static const char module[] = "TIFFWriteDirectoryTagCheckedRational"; uint32 m[2]; assert(sizeof(uint32)==4); - if( value < 0 ) - { - TIFFErrorExt(tif->tif_clientdata,module,"Negative value is illegal"); - return 0; - } - else if( value != value ) - { - TIFFErrorExt(tif->tif_clientdata,module,"Not-a-number value is illegal"); - return 0; - } + if (value < 0) + { + TIFFErrorExt(tif->tif_clientdata, module, "Negative value is illegal"); + return 0; + } + else if (value != value) + { + TIFFErrorExt(tif->tif_clientdata, module, "Not-a-number value is illegal"); + return 0; + } +#ifdef not_def else if (value==0.0) { m[0]=0; @@ -2208,6 +2420,15 @@ TIFFWriteDirectoryTagCheckedRational(TIFF* tif, uint32* ndir, TIFFDirEntry* dir, m[0]=0xFFFFFFFF; m[1]=(uint32)(0xFFFFFFFF/value); } +#else + /*--Rational2Double: New function also used for non-custom rational tags. + * However, could be omitted here, because TIFFWriteDirectoryTagCheckedRational() is not used by code for custom tags, + * only by code for named-tiff-tags like FIELD_RESOLUTION and FIELD_POSITION */ + else { + DoubleToRational(value, &m[0], &m[1]); + } +#endif + if (tif->tif_flags&TIFF_SWAB) { TIFFSwabLong(&m[0]); @@ -2234,6 +2455,7 @@ TIFFWriteDirectoryTagCheckedRationalArray(TIFF* tif, uint32* ndir, TIFFDirEntry* } for (na=value, nb=m, nc=0; nctif_flags&TIFF_SWAB) TIFFSwabArrayOfLong(m,count*2); @@ -2281,6 +2507,7 @@ TIFFWriteDirectoryTagCheckedSrationalArray(TIFF* tif, uint32* ndir, TIFFDirEntry } for (na=value, nb=m, nc=0; nctif_flags&TIFF_SWAB) TIFFSwabArrayOfLong((uint32*)m,count*2); @@ -2325,6 +2556,400 @@ TIFFWriteDirectoryTagCheckedSrationalArray(TIFF* tif, uint32* ndir, TIFFDirEntry return(o); } +/*-- Rational2Double: additional write functions for double arrays */ +static int +TIFFWriteDirectoryTagCheckedRationalDoubleArray(TIFF* tif, uint32* ndir, TIFFDirEntry* dir, uint16 tag, uint32 count, double* value) +{ + static const char module[] = "TIFFWriteDirectoryTagCheckedRationalDoubleArray"; + uint32* m; + double* na; + uint32* nb; + uint32 nc; + int o; + assert(sizeof(uint32)==4); + m=_TIFFmalloc(count*2*sizeof(uint32)); + if (m==NULL) + { + TIFFErrorExt(tif->tif_clientdata,module,"Out of memory"); + return(0); + } + for (na=value, nb=m, nc=0; nctif_flags&TIFF_SWAB) + TIFFSwabArrayOfLong(m,count*2); + o=TIFFWriteDirectoryTagData(tif,ndir,dir,tag,TIFF_RATIONAL,count,count*8,&m[0]); + _TIFFfree(m); + return(o); +} /*-- TIFFWriteDirectoryTagCheckedRationalDoubleArray() ------- */ + +static int +TIFFWriteDirectoryTagCheckedSrationalDoubleArray(TIFF* tif, uint32* ndir, TIFFDirEntry* dir, uint16 tag, uint32 count, double* value) +{ + static const char module[] = "TIFFWriteDirectoryTagCheckedSrationalDoubleArray"; + int32* m; + double* na; + int32* nb; + uint32 nc; + int o; + assert(sizeof(int32)==4); + m=_TIFFmalloc(count*2*sizeof(int32)); + if (m==NULL) + { + TIFFErrorExt(tif->tif_clientdata,module,"Out of memory"); + return(0); + } + for (na=value, nb=m, nc=0; nctif_flags&TIFF_SWAB) + TIFFSwabArrayOfLong((uint32*)m,count*2); + o=TIFFWriteDirectoryTagData(tif,ndir,dir,tag,TIFF_SRATIONAL,count,count*8,&m[0]); + _TIFFfree(m); + return(o); +} /*--- TIFFWriteDirectoryTagCheckedSrationalDoubleArray() -------- */ + +#if 0 +static +void DoubleToRational_direct(double value, unsigned long *num, unsigned long *denom) +{ + /*--- OLD Code for debugging and comparison ---- */ + /* code merged from TIFFWriteDirectoryTagCheckedRationalArray() and TIFFWriteDirectoryTagCheckedRational() */ + + /* First check for zero and also check for negative numbers (which are illegal for RATIONAL) + * and also check for "not-a-number". In each case just set this to zero to support also rational-arrays. + */ + if (value<=0.0 || value != value) + { + *num=0; + *denom=1; + } + else if (value <= 0xFFFFFFFFU && (value==(double)(uint32)(value))) /* check for integer values */ + { + *num=(uint32)(value); + *denom=1; + } + else if (value<1.0) + { + *num = (uint32)((value) * (double)0xFFFFFFFFU); + *denom=0xFFFFFFFFU; + } + else + { + *num=0xFFFFFFFFU; + *denom=(uint32)((double)0xFFFFFFFFU/(value)); + } +} /*-- DoubleToRational_direct() -------------- */ +#endif + +#if 0 +static +void DoubleToSrational_direct(double value, long *num, long *denom) +{ + /*--- OLD Code for debugging and comparison -- SIGNED-version ----*/ + /* code was amended from original TIFFWriteDirectoryTagCheckedSrationalArray() */ + + /* First check for zero and also check for negative numbers (which are illegal for RATIONAL) + * and also check for "not-a-number". In each case just set this to zero to support also rational-arrays. + */ + if (value<0.0) + { + if (value==(int32)(value)) + { + *num=(int32)(value); + *denom=1; + } + else if (value>-1.0) + { + *num=-(int32)((-value) * (double)0x7FFFFFFF); + *denom=0x7FFFFFFF; + } + else + { + *num=-0x7FFFFFFF; + *denom=(int32)((double)0x7FFFFFFF / (-value)); + } + } + else + { + if (value==(int32)(value)) + { + *num=(int32)(value); + *denom=1; + } + else if (value<1.0) + { + *num=(int32)((value) *(double)0x7FFFFFFF); + *denom=0x7FFFFFFF; + } + else + { + *num=0x7FFFFFFF; + *denom=(int32)((double)0x7FFFFFFF / (value)); + } + } +} /*-- DoubleToSrational_direct() --------------*/ +#endif + +//#define DOUBLE2RAT_DEBUGOUTPUT +/** ----- Rational2Double: Double To Rational Conversion ---------------------------------------------------------- +* There is a mathematical theorem to convert real numbers into a rational (integer fraction) number. +* This is called "continuous fraction" which uses the Euclidean algorithm to find the greatest common divisor (GCD). +* (ref. e.g. https://de.wikipedia.org/wiki/Kettenbruch or https://en.wikipedia.org/wiki/Continued_fraction +* https://en.wikipedia.org/wiki/Euclidean_algorithm) +* The following functions implement the +* - ToRationalEuclideanGCD() auxiliary function which mainly implements euclidean GCD +* - DoubleToRational() conversion function for un-signed rationals +* - DoubleToSrational() conversion function for signed rationals +------------------------------------------------------------------------------------------------------------------*/ + +/**---- ToRationalEuclideanGCD() ----------------------------------------- +* Calculates the rational fractional of a double input value +* using the Euclidean algorithm to find the greatest common divisor (GCD) +------------------------------------------------------------------------*/ +static +void ToRationalEuclideanGCD(double value, int blnUseSignedRange, int blnUseSmallRange, unsigned long long *ullNum, unsigned long long *ullDenom) +{ + /* Internally, the integer variables can be bigger than the external ones, + * as long as the result will fit into the external variable size. + */ + unsigned long long val, numSum[3] = { 0, 1, 0 }, denomSum[3] = { 1, 0, 0 }; + unsigned long long aux, bigNum, bigDenom; + unsigned long long returnLimit; + int i; + unsigned long long nMax; + double fMax; + unsigned long maxDenom; + /*-- nMax and fMax defines the initial accuracy of the starting fractional, + * or better, the highest used integer numbers used within the starting fractional (bigNum/bigDenom). + * There are two approaches, which can accidentally lead to different accuracies just depending on the value. + * Therefore, blnUseSmallRange steers this behavior. + * For long long nMax = ((9223372036854775807-1)/2); for long nMax = ((2147483647-1)/2); + */ + if (blnUseSmallRange) { + nMax = (unsigned long long)((2147483647 - 1) / 2); /* for ULONG range */ + } + else { + nMax = ((9223372036854775807 - 1) / 2); /* for ULLONG range */ + } + fMax = (double)nMax; + + /*-- For the Euclidean GCD define the denominator range, so that it stays within size of unsigned long variables. + * maxDenom should be LONG_MAX for negative values and ULONG_MAX for positive ones. + * Also the final returned value of ullNum and ullDenom is limited according to signed- or unsigned-range. + */ + if (blnUseSignedRange) { + maxDenom = 2147483647UL; /*LONG_MAX = 0x7FFFFFFFUL*/ + returnLimit = maxDenom; + } + else { + maxDenom = 0xFFFFFFFFUL; /*ULONG_MAX = 0xFFFFFFFFUL*/ + returnLimit = maxDenom; + } + + /*-- First generate a rational fraction (bigNum/bigDenom) which represents the value + * as a rational number with the highest accuracy. Therefore, unsigned long long (uint64) is needed. + * This rational fraction is then reduced using the Euclidean algorithm to find the greatest common divisor (GCD). + * bigNum = big numinator of value without fraction (or cut residual fraction) + * bigDenom = big denominator of value + *-- Break-criteria so that uint64 cast to "bigNum" introduces no error and bigDenom has no overflow, + * and stop with enlargement of fraction when the double-value of it reaches an integer number without fractional part. + */ + bigDenom = 1; + while ((value != floor(value)) && (value < fMax) && (bigDenom < nMax)) { + bigDenom <<= 1; + value *= 2; + } + bigNum = (unsigned long long)value; + + /*-- Start Euclidean algorithm to find the greatest common divisor (GCD) -- */ +#define MAX_ITERATIONS 64 + for (i = 0; i < MAX_ITERATIONS; i++) { + /* if bigDenom is not zero, calculate integer part of fraction. */ + if (bigDenom == 0) { + val = 0; + break; + } + else { + val = bigNum / bigDenom; + } + + /* Set bigDenom to reminder of bigNum/bigDenom and bigNum to previous denominator bigDenom. */ + aux = bigNum; + bigNum = bigDenom; + bigDenom = aux % bigDenom; + + /* calculate next denominator and check for its given maximum */ + aux = val; + if (denomSum[1] * val + denomSum[0] >= maxDenom) { + aux = (maxDenom - denomSum[0]) / denomSum[1]; + if (aux * 2 >= val || denomSum[1] >= maxDenom) + i = (MAX_ITERATIONS + 1); /* exit but execute rest of for-loop */ + else + break; + } + /* calculate next numerator to numSum2 and save previous one to numSum0; numSum1 just copy of numSum2. */ + numSum[2] = aux * numSum[1] + numSum[0]; + numSum[0] = numSum[1]; + numSum[1] = numSum[2]; + /* calculate next denominator to denomSum2 and save previous one to denomSum0; denomSum1 just copy of denomSum2. */ + denomSum[2] = aux * denomSum[1] + denomSum[0]; + denomSum[0] = denomSum[1]; + denomSum[1] = denomSum[2]; + } + + /*-- Check and adapt for final variable size and return values; reduces internal accuracy; denominator is kept in ULONG-range with maxDenom -- */ + while (numSum[1] > returnLimit || denomSum[1] > returnLimit) { + numSum[1] = numSum[1] / 2; + denomSum[1] = denomSum[1] / 2; + } + + /* return values */ + *ullNum = numSum[1]; + *ullDenom = denomSum[1]; + +} /*-- ToRationalEuclideanGCD() -------------- */ + + +/**---- DoubleToRational() ----------------------------------------------- +* Calculates the rational fractional of a double input value +* for UN-SIGNED rationals, +* using the Euclidean algorithm to find the greatest common divisor (GCD) +------------------------------------------------------------------------*/ +static +void DoubleToRational(double value, uint32 *num, uint32 *denom) +{ + /*---- UN-SIGNED RATIONAL ---- */ + double dblDiff, dblDiff2; + unsigned long long ullNum, ullDenom, ullNum2, ullDenom2; + + /*-- Check for negative values. If so it is an error. */ + /* Test written that way to catch NaN */ + if (!(value >= 0)) { + *num = *denom = 0; + TIFFErrorExt(0, "TIFFLib: DoubleToRational()", " Negative Value for Unsigned Rational given."); + return; + } + + /*-- Check for too big numbers (> ULONG_MAX) -- */ + if (value > 0xFFFFFFFFUL) { + *num = 0xFFFFFFFFU; + *denom = 0; + return; + } + /*-- Check for easy integer numbers -- */ + if (value == (uint32)(value)) { + *num = (uint32)value; + *denom = 1; + return; + } + /*-- Check for too small numbers for "unsigned long" type rationals -- */ + if (value < 1.0 / (double)0xFFFFFFFFUL) { + *num = 0; + *denom = 0xFFFFFFFFU; + return; + } + + /*-- There are two approaches using the Euclidean algorithm, + * which can accidentally lead to different accuracies just depending on the value. + * Try both and define which one was better. + */ + ToRationalEuclideanGCD(value, FALSE, FALSE, &ullNum, &ullDenom); + ToRationalEuclideanGCD(value, FALSE, TRUE, &ullNum2, &ullDenom2); + /*-- Double-Check, that returned values fit into ULONG :*/ + if (ullNum > 0xFFFFFFFFUL || ullDenom > 0xFFFFFFFFUL || ullNum2 > 0xFFFFFFFFUL || ullDenom2 > 0xFFFFFFFFUL) { +#if defined(__WIN32__) && (defined(_MSC_VER) || defined(__MINGW32__)) + TIFFErrorExt(0, "TIFFLib: DoubleToRational()", " Num or Denom exceeds ULONG: val=%14.6f, num=%I64u, denom=%I64u | num2=%I64u, denom2=%I64u", value, ullNum, ullDenom, ullNum2, ullDenom2); +#else + TIFFErrorExt(0, "TIFFLib: DoubleToRational()", " Num or Denom exceeds ULONG: val=%14.6f, num=%12llu, denom=%12llu | num2=%12llu, denom2=%12llu", value, ullNum, ullDenom, ullNum2, ullDenom2); +#endif + assert(0); + } + + /* Check, which one has higher accuracy and take that. */ + dblDiff = fabs(value - ((double)ullNum / (double)ullDenom)); + dblDiff2 = fabs(value - ((double)ullNum2 / (double)ullDenom2)); + if (dblDiff < dblDiff2) { + *num = (uint32)ullNum; + *denom = (uint32)ullDenom; + } + else { + *num = (uint32)ullNum2; + *denom = (uint32)ullDenom2; + } +} /*-- DoubleToRational() -------------- */ + +/**---- DoubleToSrational() ----------------------------------------------- +* Calculates the rational fractional of a double input value +* for SIGNED rationals, +* using the Euclidean algorithm to find the greatest common divisor (GCD) +------------------------------------------------------------------------*/ +static +void DoubleToSrational(double value, int32 *num, int32 *denom) +{ + /*---- SIGNED RATIONAL ----*/ + int neg = 1; + double dblDiff, dblDiff2; + unsigned long long ullNum, ullDenom, ullNum2, ullDenom2; + + /*-- Check for negative values and use then the positive one for internal calculations, but take the sign into account before returning. */ + if (value < 0) { neg = -1; value = -value; } + + /*-- Check for too big numbers (> LONG_MAX) -- */ + if (value > 0x7FFFFFFFL) { + *num = 0x7FFFFFFFL; + *denom = 0; + return; + } + /*-- Check for easy numbers -- */ + if (value == (int32)(value)) { + *num = (int32)(neg * value); + *denom = 1; + return; + } + /*-- Check for too small numbers for "long" type rationals -- */ + if (value < 1.0 / (double)0x7FFFFFFFL) { + *num = 0; + *denom = 0x7FFFFFFFL; + return; + } + + /*-- There are two approaches using the Euclidean algorithm, + * which can accidentally lead to different accuracies just depending on the value. + * Try both and define which one was better. + * Furthermore, set behavior of ToRationalEuclideanGCD() to the range of signed-long. + */ + ToRationalEuclideanGCD(value, TRUE, FALSE, &ullNum, &ullDenom); + ToRationalEuclideanGCD(value, TRUE, TRUE, &ullNum2, &ullDenom2); + /*-- Double-Check, that returned values fit into LONG :*/ + if (ullNum > 0x7FFFFFFFL || ullDenom > 0x7FFFFFFFL || ullNum2 > 0x7FFFFFFFL || ullDenom2 > 0x7FFFFFFFL) { +#if defined(__WIN32__) && (defined(_MSC_VER) || defined(__MINGW32__)) + TIFFErrorExt(0, "TIFFLib: DoubleToSrational()", " Num or Denom exceeds LONG: val=%14.6f, num=%I64u, denom=%I64u | num2=%I64u, denom2=%I64u", neg*value, ullNum, ullDenom, ullNum2, ullDenom2); +#else + TIFFErrorExt(0, "TIFFLib: DoubleToSrational()", " Num or Denom exceeds LONG: val=%14.6f, num=%12llu, denom=%12llu | num2=%12llu, denom2=%12llu", neg*value, ullNum, ullDenom, ullNum2, ullDenom2); +#endif + assert(0); + } + + /* Check, which one has higher accuracy and take that. */ + dblDiff = fabs(value - ((double)ullNum / (double)ullDenom)); + dblDiff2 = fabs(value - ((double)ullNum2 / (double)ullDenom2)); + if (dblDiff < dblDiff2) { + *num = (int32)(neg * (long)ullNum); + *denom = (int32)ullDenom; + } + else { + *num = (int32)(neg * (long)ullNum2); + *denom = (int32)ullDenom2; + } +} /*-- DoubleToSrational() --------------*/ + + + + + #ifdef notdef static int TIFFWriteDirectoryTagCheckedFloat(TIFF* tif, uint32* ndir, TIFFDirEntry* dir, uint16 tag, float value) @@ -2420,7 +3045,12 @@ TIFFWriteDirectoryTagData(TIFF* tif, uint32* ndir, TIFFDirEntry* dir, uint16 tag dir[m].tdir_count=count; dir[m].tdir_offset.toff_long8 = 0; if (datalength<=((tif->tif_flags&TIFF_BIGTIFF)?0x8U:0x4U)) - _TIFFmemcpy(&dir[m].tdir_offset,data,datalength); + { + if( data && datalength ) + { + _TIFFmemcpy(&dir[m].tdir_offset,data,datalength); + } + } else { uint64 na,nb; @@ -2812,13 +3442,60 @@ _TIFFRewriteField(TIFF* tif, uint16 tag, TIFFDataType in_datatype, TIFFSwabLong8( &entry_offset ); } +/* -------------------------------------------------------------------- */ +/* When a dummy tag was written due to TIFFDeferStrileArrayWriting() */ +/* -------------------------------------------------------------------- */ + if( entry_offset == 0 && entry_count == 0 && entry_type == 0 ) + { + if( tag == TIFFTAG_TILEOFFSETS || tag == TIFFTAG_STRIPOFFSETS ) + { + entry_type = (tif->tif_flags&TIFF_BIGTIFF) ? TIFF_LONG8 : TIFF_LONG; + } + else + { + int write_aslong8 = 1; + if( count > 1 && tag == TIFFTAG_STRIPBYTECOUNTS ) + { + write_aslong8 = WriteAsLong8(tif, TIFFStripSize64(tif)); + } + else if( count > 1 && tag == TIFFTAG_TILEBYTECOUNTS ) + { + write_aslong8 = WriteAsLong8(tif, TIFFTileSize64(tif)); + } + if( write_aslong8 ) + { + entry_type = TIFF_LONG8; + } + else + { + int write_aslong4 = 1; + if( count > 1 && tag == TIFFTAG_STRIPBYTECOUNTS ) + { + write_aslong4 = WriteAsLong4(tif, TIFFStripSize64(tif)); + } + else if( count > 1 && tag == TIFFTAG_TILEBYTECOUNTS ) + { + write_aslong4 = WriteAsLong4(tif, TIFFTileSize64(tif)); + } + if( write_aslong4 ) + { + entry_type = TIFF_LONG; + } + else + { + entry_type = TIFF_SHORT; + } + } + } + } + /* -------------------------------------------------------------------- */ /* What data type do we want to write this as? */ /* -------------------------------------------------------------------- */ if( TIFFDataWidth(in_datatype) == 8 && !(tif->tif_flags&TIFF_BIGTIFF) ) { if( in_datatype == TIFF_LONG8 ) - datatype = TIFF_LONG; + datatype = entry_type == TIFF_SHORT ? TIFF_SHORT : TIFF_LONG; else if( in_datatype == TIFF_SLONG8 ) datatype = TIFF_SLONG; else if( in_datatype == TIFF_IFD8 ) @@ -2826,8 +3503,21 @@ _TIFFRewriteField(TIFF* tif, uint16 tag, TIFFDataType in_datatype, else datatype = in_datatype; } - else - datatype = in_datatype; + else + { + if( in_datatype == TIFF_LONG8 && + (entry_type == TIFF_SHORT || entry_type == TIFF_LONG || + entry_type == TIFF_LONG8 ) ) + datatype = entry_type; + else if( in_datatype == TIFF_SLONG8 && + (entry_type == TIFF_SLONG || entry_type == TIFF_SLONG8 ) ) + datatype = entry_type; + else if( in_datatype == TIFF_IFD8 && + (entry_type == TIFF_IFD || entry_type == TIFF_IFD8 ) ) + datatype = entry_type; + else + datatype = in_datatype; + } /* -------------------------------------------------------------------- */ /* Prepare buffer of actual data to write. This includes */ @@ -2876,6 +3566,29 @@ _TIFFRewriteField(TIFF* tif, uint16 tag, TIFFDataType in_datatype, } } } + else if( datatype == TIFF_SHORT && in_datatype == TIFF_LONG8 ) + { + tmsize_t i; + + for( i = 0; i < count; i++ ) + { + ((uint16 *) buf_to_write)[i] = + (uint16) ((uint64 *) data)[i]; + if( (uint64) ((uint16 *) buf_to_write)[i] != ((uint64 *) data)[i] ) + { + _TIFFfree( buf_to_write ); + TIFFErrorExt( tif->tif_clientdata, module, + "Value exceeds 16bit range of output type." ); + return 0; + } + } + } + else + { + TIFFErrorExt( tif->tif_clientdata, module, + "Unhandled type conversion." ); + return 0; + } if( TIFFDataWidth(datatype) > 1 && (tif->tif_flags&TIFF_SWAB) ) { @@ -2907,6 +3620,23 @@ _TIFFRewriteField(TIFF* tif, uint16 tag, TIFFDataType in_datatype, } } + if( (tag == TIFFTAG_TILEOFFSETS || tag == TIFFTAG_STRIPOFFSETS) && + tif->tif_dir.td_stripoffset_entry.tdir_count == 0 && + tif->tif_dir.td_stripoffset_entry.tdir_type == 0 && + tif->tif_dir.td_stripoffset_entry.tdir_offset.toff_long8 == 0 ) + { + tif->tif_dir.td_stripoffset_entry.tdir_type = datatype; + tif->tif_dir.td_stripoffset_entry.tdir_count = count; + } + else if( (tag == TIFFTAG_TILEBYTECOUNTS || tag == TIFFTAG_STRIPBYTECOUNTS) && + tif->tif_dir.td_stripbytecount_entry.tdir_count == 0 && + tif->tif_dir.td_stripbytecount_entry.tdir_type == 0 && + tif->tif_dir.td_stripbytecount_entry.tdir_offset.toff_long8 == 0 ) + { + tif->tif_dir.td_stripbytecount_entry.tdir_type = datatype; + tif->tif_dir.td_stripbytecount_entry.tdir_count = count; + } + /* -------------------------------------------------------------------- */ /* If the tag type, and count match, then we just write it out */ /* over the old values without altering the directory entry at */ @@ -2958,6 +3688,7 @@ _TIFFRewriteField(TIFF* tif, uint16 tag, TIFFDataType in_datatype, /* Adjust the directory entry. */ /* -------------------------------------------------------------------- */ entry_type = datatype; + entry_count = (uint64)count; memcpy( direntry_raw + 2, &entry_type, sizeof(uint16) ); if (tif->tif_flags&TIFF_SWAB) TIFFSwabShort( (uint16 *) (direntry_raw + 2) ); diff --git a/3rdparty/libtiff/tif_fax3.c b/3rdparty/libtiff/tif_fax3.c index d11c968444..9ab5b26ad3 100644 --- a/3rdparty/libtiff/tif_fax3.c +++ b/3rdparty/libtiff/tif_fax3.c @@ -73,6 +73,7 @@ typedef struct { int EOLcnt; /* count of EOL codes recognized */ TIFFFaxFillFunc fill; /* fill routine */ uint32* runs; /* b&w runs for current/previous row */ + uint32 nruns; /* size of the refruns / curruns arrays */ uint32* refruns; /* runs for reference line */ uint32* curruns; /* runs for current line */ @@ -160,7 +161,9 @@ Fax3PreDecode(TIFF* tif, uint16 s) */ sp->bitmap = TIFFGetBitRevTable(tif->tif_dir.td_fillorder != FILLORDER_LSB2MSB); + sp->curruns = sp->runs; if (sp->refruns) { /* init reference line to white */ + sp->refruns = sp->runs + sp->nruns; sp->refruns[0] = (uint32) sp->b.rowpixels; sp->refruns[1] = 0; } @@ -218,8 +221,12 @@ Fax3PrematureEOF(const char* module, TIFF* tif, uint32 line, uint32 a0) #define Nop -/* +/** * Decode the requested amount of G3 1D-encoded data. + * @param buf destination buffer + * @param occ available bytes in destination buffer + * @param s number of planes (ignored) + * @returns 1 for success, -1 in case of error */ static int Fax3Decode1D(TIFF* tif, uint8* buf, tmsize_t occ, uint16 s) @@ -300,7 +307,9 @@ Fax3Decode2D(TIFF* tif, uint8* buf, tmsize_t occ, uint16 s) else EXPAND2D(EOF2Da); (*sp->fill)(buf, thisrun, pa, lastx); - SETVALUE(0); /* imaginary change for reference */ + if (pa < thisrun + sp->nruns) { + SETVALUE(0); /* imaginary change for reference */ + } SWAP(uint32*, sp->curruns, sp->refruns); buf += sp->b.rowbytes; occ -= sp->b.rowbytes; @@ -506,7 +515,7 @@ Fax3SetupState(TIFF* tif) int needsRefLine; Fax3CodecState* dsp = (Fax3CodecState*) Fax3State(tif); tmsize_t rowbytes; - uint32 rowpixels, nruns; + uint32 rowpixels; if (td->td_bitspersample != 1) { TIFFErrorExt(tif->tif_clientdata, module, @@ -523,6 +532,13 @@ Fax3SetupState(TIFF* tif) rowbytes = TIFFScanlineSize(tif); rowpixels = td->td_imagewidth; } + if ((uint64)rowbytes < ((uint64)rowpixels + 7) / 8) + { + TIFFErrorExt(tif->tif_clientdata, module, + "Inconsistent number of bytes per row : rowbytes=%lu rowpixels=%lu", + (unsigned long)(rowbytes), (unsigned long)(rowpixels)); + return (0); + } sp->rowbytes = rowbytes; sp->rowpixels = rowpixels; /* @@ -539,26 +555,26 @@ Fax3SetupState(TIFF* tif) TIFFroundup and TIFFSafeMultiply return zero on integer overflow */ dsp->runs=(uint32*) NULL; - nruns = TIFFroundup_32(rowpixels,32); + dsp->nruns = TIFFroundup_32(rowpixels,32); if (needsRefLine) { - nruns = TIFFSafeMultiply(uint32,nruns,2); + dsp->nruns = TIFFSafeMultiply(uint32,dsp->nruns,2); } - if ((nruns == 0) || (TIFFSafeMultiply(uint32,nruns,2) == 0)) { + if ((dsp->nruns == 0) || (TIFFSafeMultiply(uint32,dsp->nruns,2) == 0)) { TIFFErrorExt(tif->tif_clientdata, tif->tif_name, "Row pixels integer overflow (rowpixels %u)", rowpixels); return (0); } dsp->runs = (uint32*) _TIFFCheckMalloc(tif, - TIFFSafeMultiply(uint32,nruns,2), + TIFFSafeMultiply(uint32,dsp->nruns,2), sizeof (uint32), "for Group 3/4 run arrays"); if (dsp->runs == NULL) return (0); - memset( dsp->runs, 0, TIFFSafeMultiply(uint32,nruns,2)*sizeof(uint32)); + memset( dsp->runs, 0, TIFFSafeMultiply(uint32,dsp->nruns,2)*sizeof(uint32)); dsp->curruns = dsp->runs; if (needsRefLine) - dsp->refruns = dsp->runs + nruns; + dsp->refruns = dsp->runs + dsp->nruns; else dsp->refruns = NULL; if (td->td_compression == COMPRESSION_CCITTFAX3 @@ -594,15 +610,19 @@ Fax3SetupState(TIFF* tif) */ #define Fax3FlushBits(tif, sp) { \ - if ((tif)->tif_rawcc >= (tif)->tif_rawdatasize) \ - (void) TIFFFlushData1(tif); \ + if ((tif)->tif_rawcc >= (tif)->tif_rawdatasize) { \ + if( !TIFFFlushData1(tif) ) \ + return 0; \ + } \ *(tif)->tif_rawcp++ = (uint8) (sp)->data; \ (tif)->tif_rawcc++; \ (sp)->data = 0, (sp)->bit = 8; \ } #define _FlushBits(tif) { \ - if ((tif)->tif_rawcc >= (tif)->tif_rawdatasize) \ - (void) TIFFFlushData1(tif); \ + if ((tif)->tif_rawcc >= (tif)->tif_rawdatasize) { \ + if( !TIFFFlushData1(tif) ) \ + return 0; \ + } \ *(tif)->tif_rawcp++ = (uint8) data; \ (tif)->tif_rawcc++; \ data = 0, bit = 8; \ @@ -627,7 +647,7 @@ static const int _msbmask[9] = * the output stream. Values are * assumed to be at most 16 bits. */ -static void +static int Fax3PutBits(TIFF* tif, unsigned int bits, unsigned int length) { Fax3CodecState* sp = EncoderState(tif); @@ -638,6 +658,7 @@ Fax3PutBits(TIFF* tif, unsigned int bits, unsigned int length) sp->data = data; sp->bit = bit; + return 1; } /* @@ -662,7 +683,7 @@ Fax3PutBits(TIFF* tif, unsigned int bits, unsigned int length) * appropriate table that holds the make-up and * terminating codes is supplied. */ -static void +static int putspan(TIFF* tif, int32 span, const tableentry* tab) { Fax3CodecState* sp = EncoderState(tif); @@ -700,6 +721,8 @@ putspan(TIFF* tif, int32 span, const tableentry* tab) sp->data = data; sp->bit = bit; + + return 1; } /* @@ -708,7 +731,7 @@ putspan(TIFF* tif, int32 span, const tableentry* tab) * here. We also handle writing the tag bit for the next * scanline when doing 2d encoding. */ -static void +static int Fax3PutEOL(TIFF* tif) { Fax3CodecState* sp = EncoderState(tif); @@ -742,6 +765,8 @@ Fax3PutEOL(TIFF* tif) sp->data = data; sp->bit = bit; + + return 1; } /* @@ -991,12 +1016,14 @@ Fax3Encode1DRow(TIFF* tif, unsigned char* bp, uint32 bits) for (;;) { span = find0span(bp, bs, bits); /* white span */ - putspan(tif, span, TIFFFaxWhiteCodes); + if( !putspan(tif, span, TIFFFaxWhiteCodes) ) + return 0; bs += span; if (bs >= bits) break; span = find1span(bp, bs, bits); /* black span */ - putspan(tif, span, TIFFFaxBlackCodes); + if( !putspan(tif, span, TIFFFaxBlackCodes) ) + return 0; bs += span; if (bs >= bits) break; @@ -1048,21 +1075,28 @@ Fax3Encode2DRow(TIFF* tif, unsigned char* bp, unsigned char* rp, uint32 bits) (b1 < a1 && a1 - b1 <= 3U) ? -(int32)(a1 - b1) : 0x7FFFFFFF; if (!(-3 <= d && d <= 3)) { /* horizontal mode */ a2 = finddiff2(bp, a1, bits, PIXEL(bp,a1)); - putcode(tif, &horizcode); + if( !putcode(tif, &horizcode) ) + return 0; if (a0+a1 == 0 || PIXEL(bp, a0) == 0) { - putspan(tif, a1-a0, TIFFFaxWhiteCodes); - putspan(tif, a2-a1, TIFFFaxBlackCodes); + if( !putspan(tif, a1-a0, TIFFFaxWhiteCodes) ) + return 0; + if( !putspan(tif, a2-a1, TIFFFaxBlackCodes) ) + return 0; } else { - putspan(tif, a1-a0, TIFFFaxBlackCodes); - putspan(tif, a2-a1, TIFFFaxWhiteCodes); + if( !putspan(tif, a1-a0, TIFFFaxBlackCodes) ) + return 0; + if( !putspan(tif, a2-a1, TIFFFaxWhiteCodes) ) + return 0; } a0 = a2; } else { /* vertical mode */ - putcode(tif, &vcodes[d+3]); + if( !putcode(tif, &vcodes[d+3]) ) + return 0; a0 = a1; } } else { /* pass mode */ - putcode(tif, &passcode); + if( !putcode(tif, &passcode) ) + return 0; a0 = b2; } if (a0 >= bits) @@ -1091,7 +1125,10 @@ Fax3Encode(TIFF* tif, uint8* bp, tmsize_t cc, uint16 s) } while (cc > 0) { if ((sp->b.mode & FAXMODE_NOEOL) == 0) - Fax3PutEOL(tif); + { + if( !Fax3PutEOL(tif) ) + return 0; + } if (is2DEncoding(sp)) { if (sp->tag == G3_1D) { if (!Fax3Encode1DRow(tif, bp, sp->b.rowpixels)) @@ -1128,8 +1165,8 @@ Fax3PostEncode(TIFF* tif) return (1); } -static void -Fax3Close(TIFF* tif) +static int +_Fax3Close(TIFF* tif) { if ((Fax3State(tif)->mode & FAXMODE_NORTC) == 0 && tif->tif_rawcp) { Fax3CodecState* sp = EncoderState(tif); @@ -1145,6 +1182,13 @@ Fax3Close(TIFF* tif) Fax3PutBits(tif, code, length); Fax3FlushBits(tif, sp); } + return 1; +} + +static void +Fax3Close(TIFF* tif) +{ + _Fax3Close(tif); } static void @@ -1453,6 +1497,13 @@ Fax4Decode(TIFF* tif, uint8* buf, tmsize_t occ, uint16 s) EXPAND2D(EOFG4); if (EOLcnt) goto EOFG4; + if (((lastx + 7) >> 3) > (int)occ) /* check for buffer overrun */ + { + TIFFErrorExt(tif->tif_clientdata, module, + "Buffer overrun detected : %d bytes available, %d bits needed", + (int)occ, lastx); + return -1; + } (*sp->fill)(buf, thisrun, pa, lastx); SETVALUE(0); /* imaginary change for reference */ SWAP(uint32*, sp->curruns, sp->refruns); @@ -1468,6 +1519,13 @@ Fax4Decode(TIFF* tif, uint8* buf, tmsize_t occ, uint16 s) fputs( "Bad EOFB\n", stderr ); #endif ClrBits( 13 ); + if (((lastx + 7) >> 3) > (int)occ) /* check for buffer overrun */ + { + TIFFErrorExt(tif->tif_clientdata, module, + "Buffer overrun detected : %d bytes available, %d bits needed", + (int)occ, lastx); + return -1; + } (*sp->fill)(buf, thisrun, pa, lastx); UNCACHE_STATE(tif, sp); return ( sp->line ? 1 : -1); /* don't error on badly-terminated strips */ diff --git a/3rdparty/libtiff/tif_fax3.h b/3rdparty/libtiff/tif_fax3.h index abadcd97a2..701716cc18 100644 --- a/3rdparty/libtiff/tif_fax3.h +++ b/3rdparty/libtiff/tif_fax3.h @@ -240,6 +240,11 @@ static const char* StateNames[] = { * current row and reset decoding state. */ #define SETVALUE(x) do { \ + if (pa >= thisrun + sp->nruns) { \ + TIFFErrorExt(tif->tif_clientdata, module, "Buffer overflow at line %u of %s %u", \ + sp->line, isTiled(tif) ? "tile" : "strip", isTiled(tif) ? tif->tif_curtile : tif->tif_curstrip); \ + return (-1); \ + } \ *pa++ = RunLength + (x); \ a0 += (x); \ RunLength = 0; \ @@ -377,6 +382,11 @@ done1d: \ */ #define CHECK_b1 do { \ if (pa != thisrun) while (b1 <= a0 && b1 < lastx) { \ + if( pb + 1 >= sp->refruns + sp->nruns) { \ + TIFFErrorExt(tif->tif_clientdata, module, "Buffer overflow at line %u of %s %u", \ + sp->line, isTiled(tif) ? "tile" : "strip", isTiled(tif) ? tif->tif_curtile : tif->tif_curstrip); \ + return (-1); \ + } \ b1 += pb[0] + pb[1]; \ pb += 2; \ } \ @@ -387,10 +397,20 @@ done1d: \ */ #define EXPAND2D(eoflab) do { \ while (a0 < lastx) { \ + if (pa >= thisrun + sp->nruns) { \ + TIFFErrorExt(tif->tif_clientdata, module, "Buffer overflow at line %u of %s %u", \ + sp->line, isTiled(tif) ? "tile" : "strip", isTiled(tif) ? tif->tif_curtile : tif->tif_curstrip); \ + return (-1); \ + } \ LOOKUP8(7, TIFFFaxMainTable, eof2d); \ switch (TabEnt->State) { \ case S_Pass: \ CHECK_b1; \ + if( pb + 1 >= sp->refruns + sp->nruns) { \ + TIFFErrorExt(tif->tif_clientdata, module, "Buffer overflow at line %u of %s %u", \ + sp->line, isTiled(tif) ? "tile" : "strip", isTiled(tif) ? tif->tif_curtile : tif->tif_curstrip); \ + return (-1); \ + } \ b1 += *pb++; \ RunLength += b1 - a0; \ a0 = b1; \ @@ -469,20 +489,28 @@ done1d: \ case S_V0: \ CHECK_b1; \ SETVALUE(b1 - a0); \ + if( pb >= sp->refruns + sp->nruns) { \ + TIFFErrorExt(tif->tif_clientdata, module, "Buffer overflow at line %u of %s %u", \ + sp->line, isTiled(tif) ? "tile" : "strip", isTiled(tif) ? tif->tif_curtile : tif->tif_curstrip); \ + return (-1); \ + } \ b1 += *pb++; \ break; \ case S_VR: \ CHECK_b1; \ SETVALUE(b1 - a0 + TabEnt->Param); \ + if( pb >= sp->refruns + sp->nruns) { \ + TIFFErrorExt(tif->tif_clientdata, module, "Buffer overflow at line %u of %s %u", \ + sp->line, isTiled(tif) ? "tile" : "strip", isTiled(tif) ? tif->tif_curtile : tif->tif_curstrip); \ + return (-1); \ + } \ b1 += *pb++; \ break; \ case S_VL: \ CHECK_b1; \ - if (b1 <= (int) (a0 + TabEnt->Param)) { \ - if (b1 < (int) (a0 + TabEnt->Param) || pa != thisrun) { \ - unexpected("VL", a0); \ - goto eol2d; \ - } \ + if (b1 < (int) (a0 + TabEnt->Param)) { \ + unexpected("VL", a0); \ + goto eol2d; \ } \ SETVALUE(b1 - a0 - TabEnt->Param); \ b1 -= *--pb; \ @@ -529,6 +557,7 @@ eol2d: \ CLEANUP_RUNS(); \ } while (0) #endif /* _FAX3_ */ +/* vim: set ts=8 sts=4 sw=4 noet: */ /* * Local Variables: * mode: c diff --git a/3rdparty/libtiff/tif_fax3sm.c b/3rdparty/libtiff/tif_fax3sm.c index 822191ecf4..ba2fc532e8 100644 --- a/3rdparty/libtiff/tif_fax3sm.c +++ b/3rdparty/libtiff/tif_fax3sm.c @@ -1,5 +1,6 @@ /* WARNING, this file was automatically generated by the mkg3states program */ +#include #include "tiff.h" #include "tif_fax3.h" const TIFFFaxTabEnt TIFFFaxMainTable[128] = { diff --git a/3rdparty/libtiff/tif_flush.c b/3rdparty/libtiff/tif_flush.c index 881fac5121..f7fa2072ab 100644 --- a/3rdparty/libtiff/tif_flush.c +++ b/3rdparty/libtiff/tif_flush.c @@ -45,36 +45,8 @@ TIFFFlush(TIFF* tif) && !(tif->tif_flags & TIFF_DIRTYDIRECT) && tif->tif_mode == O_RDWR ) { - uint64 *offsets=NULL, *sizes=NULL; - - if( TIFFIsTiled(tif) ) - { - if( TIFFGetField( tif, TIFFTAG_TILEOFFSETS, &offsets ) - && TIFFGetField( tif, TIFFTAG_TILEBYTECOUNTS, &sizes ) - && _TIFFRewriteField( tif, TIFFTAG_TILEOFFSETS, TIFF_LONG8, - tif->tif_dir.td_nstrips, offsets ) - && _TIFFRewriteField( tif, TIFFTAG_TILEBYTECOUNTS, TIFF_LONG8, - tif->tif_dir.td_nstrips, sizes ) ) - { - tif->tif_flags &= ~TIFF_DIRTYSTRIP; - tif->tif_flags &= ~TIFF_BEENWRITING; - return 1; - } - } - else - { - if( TIFFGetField( tif, TIFFTAG_STRIPOFFSETS, &offsets ) - && TIFFGetField( tif, TIFFTAG_STRIPBYTECOUNTS, &sizes ) - && _TIFFRewriteField( tif, TIFFTAG_STRIPOFFSETS, TIFF_LONG8, - tif->tif_dir.td_nstrips, offsets ) - && _TIFFRewriteField( tif, TIFFTAG_STRIPBYTECOUNTS, TIFF_LONG8, - tif->tif_dir.td_nstrips, sizes ) ) - { - tif->tif_flags &= ~TIFF_DIRTYSTRIP; - tif->tif_flags &= ~TIFF_BEENWRITING; - return 1; - } - } + if( TIFFForceStrileArrayWriting(tif) ) + return 1; } if ((tif->tif_flags & (TIFF_DIRTYDIRECT|TIFF_DIRTYSTRIP)) @@ -84,6 +56,92 @@ TIFFFlush(TIFF* tif) return (1); } +/* + * This is an advanced writing function that must be used in a particular + * sequence, and together with TIFFDeferStrileArrayWriting(), + * to make its intended effect. Its aim is to force the writing of + * the [Strip/Tile][Offsets/ByteCounts] arrays at the end of the file, when + * they have not yet been rewritten. + * + * The typical sequence of calls is: + * TIFFOpen() + * [ TIFFCreateDirectory(tif) ] + * Set fields with calls to TIFFSetField(tif, ...) + * TIFFDeferStrileArrayWriting(tif) + * TIFFWriteCheck(tif, ...) + * TIFFWriteDirectory(tif) + * ... potentially create other directories and come back to the above directory + * TIFFForceStrileArrayWriting(tif) + * + * Returns 1 in case of success, 0 otherwise. + */ +int TIFFForceStrileArrayWriting(TIFF* tif) +{ + static const char module[] = "TIFFForceStrileArrayWriting"; + const int isTiled = TIFFIsTiled(tif); + + if (tif->tif_mode == O_RDONLY) + { + TIFFErrorExt(tif->tif_clientdata, tif->tif_name, + "File opened in read-only mode"); + return 0; + } + if( tif->tif_diroff == 0 ) + { + TIFFErrorExt(tif->tif_clientdata, module, + "Directory has not yet been written"); + return 0; + } + if( (tif->tif_flags & TIFF_DIRTYDIRECT) != 0 ) + { + TIFFErrorExt(tif->tif_clientdata, module, + "Directory has changes other than the strile arrays. " + "TIFFRewriteDirectory() should be called instead"); + return 0; + } + + if( !(tif->tif_flags & TIFF_DIRTYSTRIP) ) + { + if( !(tif->tif_dir.td_stripoffset_entry.tdir_tag != 0 && + tif->tif_dir.td_stripoffset_entry.tdir_count == 0 && + tif->tif_dir.td_stripoffset_entry.tdir_type == 0 && + tif->tif_dir.td_stripoffset_entry.tdir_offset.toff_long8 == 0 && + tif->tif_dir.td_stripbytecount_entry.tdir_tag != 0 && + tif->tif_dir.td_stripbytecount_entry.tdir_count == 0 && + tif->tif_dir.td_stripbytecount_entry.tdir_type == 0 && + tif->tif_dir.td_stripbytecount_entry.tdir_offset.toff_long8 == 0) ) + { + TIFFErrorExt(tif->tif_clientdata, module, + "Function not called together with " + "TIFFDeferStrileArrayWriting()"); + return 0; + } + + if (tif->tif_dir.td_stripoffset_p == NULL && !TIFFSetupStrips(tif)) + return 0; + } + + if( _TIFFRewriteField( tif, + isTiled ? TIFFTAG_TILEOFFSETS : + TIFFTAG_STRIPOFFSETS, + TIFF_LONG8, + tif->tif_dir.td_nstrips, + tif->tif_dir.td_stripoffset_p ) + && _TIFFRewriteField( tif, + isTiled ? TIFFTAG_TILEBYTECOUNTS : + TIFFTAG_STRIPBYTECOUNTS, + TIFF_LONG8, + tif->tif_dir.td_nstrips, + tif->tif_dir.td_stripbytecount_p ) ) + { + tif->tif_flags &= ~TIFF_DIRTYSTRIP; + tif->tif_flags &= ~TIFF_BEENWRITING; + return 1; + } + + return 0; +} + /* * Flush buffered data to the file. * diff --git a/3rdparty/libtiff/tif_getimage.c b/3rdparty/libtiff/tif_getimage.c index 6a9d5a7c0c..3460af744e 100644 --- a/3rdparty/libtiff/tif_getimage.c +++ b/3rdparty/libtiff/tif_getimage.c @@ -29,6 +29,7 @@ */ #include "tiffiop.h" #include +#include static int gtTileContig(TIFFRGBAImage*, uint32*, uint32, uint32); static int gtTileSeparate(TIFFRGBAImage*, uint32*, uint32, uint32); @@ -645,12 +646,20 @@ gtTileContig(TIFFRGBAImage* img, uint32* raster, uint32 w, uint32 h) flip = setorientation(img); if (flip & FLIP_VERTICALLY) { - y = h - 1; - toskew = -(int32)(tw + w); + if ((tw + w) > INT_MAX) { + TIFFErrorExt(tif->tif_clientdata, TIFFFileName(tif), "%s", "unsupported tile size (too wide)"); + return (0); + } + y = h - 1; + toskew = -(int32)(tw + w); } else { - y = 0; - toskew = -(int32)(tw - w); + if (tw > (INT_MAX + w)) { + TIFFErrorExt(tif->tif_clientdata, TIFFFileName(tif), "%s", "unsupported tile size (too wide)"); + return (0); + } + y = 0; + toskew = -(int32)(tw - w); } /* @@ -755,9 +764,8 @@ gtTileSeparate(TIFFRGBAImage* img, uint32* raster, uint32 w, uint32 h) uint32 leftmost_tw; tilesize = TIFFTileSize(tif); - bufsize = TIFFSafeMultiply(tmsize_t,alpha?4:3,tilesize); + bufsize = _TIFFMultiplySSize(tif, alpha?4:3,tilesize, "gtTileSeparate"); if (bufsize == 0) { - TIFFErrorExt(tif->tif_clientdata, TIFFFileName(tif), "Integer overflow in %s", "gtTileSeparate"); return (0); } @@ -766,10 +774,18 @@ gtTileSeparate(TIFFRGBAImage* img, uint32* raster, uint32 w, uint32 h) flip = setorientation(img); if (flip & FLIP_VERTICALLY) { + if ((tw + w) > INT_MAX) { + TIFFErrorExt(tif->tif_clientdata, TIFFFileName(tif), "%s", "unsupported tile size (too wide)"); + return (0); + } y = h - 1; toskew = -(int32)(tw + w); } else { + if (tw > (INT_MAX + w)) { + TIFFErrorExt(tif->tif_clientdata, TIFFFileName(tif), "%s", "unsupported tile size (too wide)"); + return (0); + } y = 0; toskew = -(int32)(tw - w); } @@ -937,6 +953,10 @@ gtStripContig(TIFFRGBAImage* img, uint32* raster, uint32 w, uint32 h) flip = setorientation(img); if (flip & FLIP_VERTICALLY) { + if ( w > INT_MAX ) { + TIFFErrorExt(tif->tif_clientdata, TIFFFileName(tif), "Width overflow"); + return (0); + } y = h - 1; toskew = -(int32)(w + w); } else { @@ -950,16 +970,23 @@ gtStripContig(TIFFRGBAImage* img, uint32* raster, uint32 w, uint32 h) fromskew = (w < imagewidth ? imagewidth - w : 0); for (row = 0; row < h; row += nrow) { + uint32 temp; rowstoread = rowsperstrip - (row + img->row_offset) % rowsperstrip; nrow = (row + rowstoread > h ? h - row : rowstoread); nrowsub = nrow; if ((nrowsub%subsamplingver)!=0) nrowsub+=subsamplingver-nrowsub%subsamplingver; + temp = (row + img->row_offset)%rowsperstrip + nrowsub; + if( scanline > 0 && temp > (size_t)(TIFF_TMSIZE_T_MAX / scanline) ) + { + TIFFErrorExt(tif->tif_clientdata, TIFFFileName(tif), "Integer overflow in gtStripContig"); + return 0; + } if (_TIFFReadEncodedStripAndAllocBuffer(tif, TIFFComputeStrip(tif,row+img->row_offset, 0), (void**)(&buf), maxstripsize, - ((row + img->row_offset)%rowsperstrip + nrowsub) * scanline)==(tmsize_t)(-1) + temp * scanline)==(tmsize_t)(-1) && (buf == NULL || img->stoponerr)) { ret = 0; @@ -1019,14 +1046,17 @@ gtStripSeparate(TIFFRGBAImage* img, uint32* raster, uint32 w, uint32 h) uint16 colorchannels; stripsize = TIFFStripSize(tif); - bufsize = TIFFSafeMultiply(tmsize_t,alpha?4:3,stripsize); + bufsize = _TIFFMultiplySSize(tif,alpha?4:3,stripsize, "gtStripSeparate"); if (bufsize == 0) { - TIFFErrorExt(tif->tif_clientdata, TIFFFileName(tif), "Integer overflow in %s", "gtStripSeparate"); return (0); } flip = setorientation(img); if (flip & FLIP_VERTICALLY) { + if ( w > INT_MAX ) { + TIFFErrorExt(tif->tif_clientdata, TIFFFileName(tif), "Width overflow"); + return (0); + } y = h - 1; toskew = -(int32)(w + w); } @@ -1053,15 +1083,22 @@ gtStripSeparate(TIFFRGBAImage* img, uint32* raster, uint32 w, uint32 h) fromskew = (w < imagewidth ? imagewidth - w : 0); for (row = 0; row < h; row += nrow) { + uint32 temp; rowstoread = rowsperstrip - (row + img->row_offset) % rowsperstrip; nrow = (row + rowstoread > h ? h - row : rowstoread); offset_row = row + img->row_offset; + temp = (row + img->row_offset)%rowsperstrip + nrow; + if( scanline > 0 && temp > (size_t)(TIFF_TMSIZE_T_MAX / scanline) ) + { + TIFFErrorExt(tif->tif_clientdata, TIFFFileName(tif), "Integer overflow in gtStripSeparate"); + return 0; + } if( buf == NULL ) { if (_TIFFReadEncodedStripAndAllocBuffer( tif, TIFFComputeStrip(tif, offset_row, 0), (void**) &buf, bufsize, - ((row + img->row_offset)%rowsperstrip + nrow) * scanline)==(tmsize_t)(-1) + temp * scanline)==(tmsize_t)(-1) && (buf == NULL || img->stoponerr)) { ret = 0; @@ -1081,7 +1118,7 @@ gtStripSeparate(TIFFRGBAImage* img, uint32* raster, uint32 w, uint32 h) } } else if (TIFFReadEncodedStrip(tif, TIFFComputeStrip(tif, offset_row, 0), - p0, ((row + img->row_offset)%rowsperstrip + nrow) * scanline)==(tmsize_t)(-1) + p0, temp * scanline)==(tmsize_t)(-1) && img->stoponerr) { ret = 0; @@ -1089,7 +1126,7 @@ gtStripSeparate(TIFFRGBAImage* img, uint32* raster, uint32 w, uint32 h) } if (colorchannels > 1 && TIFFReadEncodedStrip(tif, TIFFComputeStrip(tif, offset_row, 1), - p1, ((row + img->row_offset)%rowsperstrip + nrow) * scanline) == (tmsize_t)(-1) + p1, temp * scanline) == (tmsize_t)(-1) && img->stoponerr) { ret = 0; @@ -1097,7 +1134,7 @@ gtStripSeparate(TIFFRGBAImage* img, uint32* raster, uint32 w, uint32 h) } if (colorchannels > 1 && TIFFReadEncodedStrip(tif, TIFFComputeStrip(tif, offset_row, 2), - p2, ((row + img->row_offset)%rowsperstrip + nrow) * scanline) == (tmsize_t)(-1) + p2, temp * scanline) == (tmsize_t)(-1) && img->stoponerr) { ret = 0; @@ -1106,7 +1143,7 @@ gtStripSeparate(TIFFRGBAImage* img, uint32* raster, uint32 w, uint32 h) if (alpha) { if (TIFFReadEncodedStrip(tif, TIFFComputeStrip(tif, offset_row, colorchannels), - pa, ((row + img->row_offset)%rowsperstrip + nrow) * scanline)==(tmsize_t)(-1) + pa, temp * scanline)==(tmsize_t)(-1) && img->stoponerr) { ret = 0; @@ -2957,7 +2994,7 @@ TIFFReadRGBATileExt(TIFF* tif, uint32 col, uint32 row, uint32 * raster, int stop if( !TIFFIsTiled( tif ) ) { TIFFErrorExt(tif->tif_clientdata, TIFFFileName(tif), - "Can't use TIFFReadRGBATile() with stripped file."); + "Can't use TIFFReadRGBATile() with striped file."); return (0); } diff --git a/3rdparty/libtiff/tif_jbig.c b/3rdparty/libtiff/tif_jbig.c index 7ffe8851e8..a3500e0b6f 100644 --- a/3rdparty/libtiff/tif_jbig.c +++ b/3rdparty/libtiff/tif_jbig.c @@ -199,6 +199,7 @@ static int JBIGEncode(TIFF* tif, uint8* buffer, tmsize_t size, uint16 s) int TIFFInitJBIG(TIFF* tif, int scheme) { + (void)scheme; assert(scheme == COMPRESSION_JBIG); /* diff --git a/3rdparty/libtiff/tif_jpeg.c b/3rdparty/libtiff/tif_jpeg.c index f2ddc331a0..6711137a92 100644 --- a/3rdparty/libtiff/tif_jpeg.c +++ b/3rdparty/libtiff/tif_jpeg.c @@ -466,7 +466,8 @@ std_empty_output_buffer(j_compress_ptr cinfo) } #endif - TIFFFlushData1(tif); + if( !TIFFFlushData1(tif) ) + return FALSE; sp->dest.next_output_byte = (JOCTET*) tif->tif_rawdata; sp->dest.free_in_buffer = (size_t) tif->tif_rawdatasize; @@ -780,12 +781,9 @@ JPEGFixupTagsSubsampling(TIFF* tif) */ static const char module[] = "JPEGFixupTagsSubsampling"; struct JPEGFixupTagsSubsamplingData m; + uint64 fileoffset = TIFFGetStrileOffset(tif, 0); - _TIFFFillStriles( tif ); - - if( tif->tif_dir.td_stripbytecount == NULL - || tif->tif_dir.td_stripoffset == NULL - || tif->tif_dir.td_stripbytecount[0] == 0 ) + if( fileoffset == 0 ) { /* Do not even try to check if the first strip/tile does not yet exist, as occurs when GDAL has created a new NULL file @@ -804,9 +802,9 @@ JPEGFixupTagsSubsampling(TIFF* tif) } m.buffercurrentbyte=NULL; m.bufferbytesleft=0; - m.fileoffset=tif->tif_dir.td_stripoffset[0]; + m.fileoffset=fileoffset; m.filepositioned=0; - m.filebytesleft=tif->tif_dir.td_stripbytecount[0]; + m.filebytesleft=TIFFGetStrileByteCount(tif, 0); if (!JPEGFixupTagsSubsamplingSec(&m)) TIFFWarningExt(tif->tif_clientdata,module, "Unable to auto-correct subsampling values, likely corrupt JPEG compressed data in first strip/tile; auto-correcting skipped"); @@ -940,7 +938,10 @@ JPEGFixupTagsSubsamplingReadByte(struct JPEGFixupTagsSubsamplingData* data, uint return(0); if (!data->filepositioned) { - TIFFSeekFile(data->tif,data->fileoffset,SEEK_SET); + if (TIFFSeekFile(data->tif,data->fileoffset,SEEK_SET) == (toff_t)-1) + { + return 0; + } data->filepositioned=1; } m=data->buffersize; @@ -1209,35 +1210,37 @@ JPEGPreDecode(TIFF* tif, uint16 s) /* store for all coefficients */ /* See call to jinit_d_coef_controller() from master_selection() */ /* in libjpeg */ - toff_t nRequiredMemory = (toff_t)sp->cinfo.d.image_width * - sp->cinfo.d.image_height * - sp->cinfo.d.num_components * - ((td->td_bitspersample+7)/8); - /* BLOCK_SMOOTHING_SUPPORTED is generally defined, so we need */ - /* to replicate the logic of jinit_d_coef_controller() */ - if( sp->cinfo.d.progressive_mode ) - nRequiredMemory *= 3; -#ifndef TIFF_LIBJPEG_LARGEST_MEM_ALLOC -#define TIFF_LIBJPEG_LARGEST_MEM_ALLOC (100 * 1024 * 1024) -#endif + /* 1 MB for regular libjpeg usage */ + toff_t nRequiredMemory = 1024 * 1024; - if( nRequiredMemory > TIFF_LIBJPEG_LARGEST_MEM_ALLOC && + for (ci = 0; ci < sp->cinfo.d.num_components; ci++) { + const jpeg_component_info *compptr = &(sp->cinfo.d.comp_info[ci]); + if( compptr->h_samp_factor > 0 && compptr->v_samp_factor > 0 ) + { + nRequiredMemory += (toff_t)( + ((compptr->width_in_blocks + compptr->h_samp_factor - 1) / compptr->h_samp_factor)) * + ((compptr->height_in_blocks + compptr->v_samp_factor - 1) / compptr->v_samp_factor) * + sizeof(JBLOCK); + } + } + + if( sp->cinfo.d.mem->max_memory_to_use > 0 && + nRequiredMemory > (toff_t)(sp->cinfo.d.mem->max_memory_to_use) && getenv("LIBTIFF_ALLOW_LARGE_LIBJPEG_MEM_ALLOC") == NULL ) { - TIFFErrorExt(tif->tif_clientdata, module, - "Reading this strip would require libjpeg to allocate " - "at least %u bytes. " - "This is disabled since above the %u threshold. " - "You may override this restriction by defining the " - "LIBTIFF_ALLOW_LARGE_LIBJPEG_MEM_ALLOC environment variable, " - "or recompile libtiff by defining the " - "TIFF_LIBJPEG_LARGEST_MEM_ALLOC macro to a value greater " - "than %u", - (unsigned)nRequiredMemory, - (unsigned)TIFF_LIBJPEG_LARGEST_MEM_ALLOC, - (unsigned)TIFF_LIBJPEG_LARGEST_MEM_ALLOC); - return (0); + TIFFErrorExt(tif->tif_clientdata, module, + "Reading this image would require libjpeg to allocate " + "at least %u bytes. " + "This is disabled since above the %u threshold. " + "You may override this restriction by defining the " + "LIBTIFF_ALLOW_LARGE_LIBJPEG_MEM_ALLOC environment variable, " + "or setting the JPEGMEM environment variable to a value greater " + "or equal to '%uM'", + (unsigned)(nRequiredMemory), + (unsigned)(sp->cinfo.d.mem->max_memory_to_use), + (unsigned)((nRequiredMemory + 1000000 - 1) / 1000000)); + return 0; } } @@ -1566,7 +1569,7 @@ JPEGDecodeRaw(TIFF* tif, uint8* buf, tmsize_t cc, uint16 s) JSAMPLE *outptr = (JSAMPLE*)tmpbuf + clumpoffset; #else JSAMPLE *outptr = (JSAMPLE*)buf + clumpoffset; - if (cc < (tmsize_t) (clumpoffset + samples_per_clump*(clumps_per_line-1) + hsamp)) { + if (cc < (tmsize_t)(clumpoffset + (tmsize_t)samples_per_clump*(clumps_per_line-1) + hsamp)) { TIFFErrorExt(tif->tif_clientdata, "JPEGDecodeRaw", "application buffer not large enough for all data, possible subsampling issue"); return 0; @@ -2126,8 +2129,8 @@ JPEGEncodeRaw(TIFF* tif, uint8* buf, tmsize_t cc, uint16 s) /* data is expected to be supplied in multiples of a clumpline */ /* a clumpline is equivalent to v_sampling desubsampled scanlines */ /* TODO: the following calculation of bytesperclumpline, should substitute calculation of sp->bytesperline, except that it is per v_sampling lines */ - bytesperclumpline = (((sp->cinfo.c.image_width+sp->h_sampling-1)/sp->h_sampling) - *(sp->h_sampling*sp->v_sampling+2)*sp->cinfo.c.data_precision+7) + bytesperclumpline = ((((tmsize_t)sp->cinfo.c.image_width+sp->h_sampling-1)/sp->h_sampling) + *((tmsize_t)sp->h_sampling*sp->v_sampling+2)*sp->cinfo.c.data_precision+7) /8; nrows = ( cc / bytesperclumpline ) * sp->v_sampling; @@ -2347,7 +2350,7 @@ JPEGVGetField(TIFF* tif, uint32 tag, va_list ap) switch (tag) { case TIFFTAG_JPEGTABLES: *va_arg(ap, uint32*) = sp->jpegtables_length; - *va_arg(ap, void**) = sp->jpegtables; + *va_arg(ap, const void**) = sp->jpegtables; break; case TIFFTAG_JPEGQUALITY: *va_arg(ap, int*) = sp->jpegquality; @@ -2482,6 +2485,7 @@ TIFFInitJPEG(TIFF* tif, int scheme) { JPEGState* sp; + (void)scheme; assert(scheme == COMPRESSION_JPEG); /* diff --git a/3rdparty/libtiff/tif_luv.c b/3rdparty/libtiff/tif_luv.c index 192fa26188..3bd02e88e4 100644 --- a/3rdparty/libtiff/tif_luv.c +++ b/3rdparty/libtiff/tif_luv.c @@ -193,6 +193,7 @@ LogL16Decode(TIFF* tif, uint8* op, tmsize_t occ, uint16 s) tmsize_t cc; int rc; + (void)s; assert(s == 0); assert(sp != NULL); @@ -266,6 +267,7 @@ LogLuvDecode24(TIFF* tif, uint8* op, tmsize_t occ, uint16 s) unsigned char* bp; uint32* tp; + (void)s; assert(s == 0); assert(sp != NULL); @@ -326,6 +328,7 @@ LogLuvDecode32(TIFF* tif, uint8* op, tmsize_t occ, uint16 s) tmsize_t cc; int rc; + (void)s; assert(s == 0); sp = DecoderState(tif); assert(sp != NULL); @@ -447,6 +450,7 @@ LogL16Encode(TIFF* tif, uint8* bp, tmsize_t cc, uint16 s) int rc=0, mask; tmsize_t beg; + (void)s; assert(s == 0); assert(sp != NULL); npixels = cc / sp->pixel_size; @@ -541,6 +545,7 @@ LogLuvEncode24(TIFF* tif, uint8* bp, tmsize_t cc, uint16 s) uint8* op; uint32* tp; + (void)s; assert(s == 0); assert(sp != NULL); npixels = cc / sp->pixel_size; @@ -598,6 +603,7 @@ LogLuvEncode32(TIFF* tif, uint8* bp, tmsize_t cc, uint16 s) int rc=0, mask; tmsize_t beg; + (void)s; assert(s == 0); assert(sp != NULL); @@ -742,7 +748,7 @@ LogLuvEncodeTile(TIFF* tif, uint8* bp, tmsize_t cc, uint16 s) #undef exp2 /* Conflict with C'99 function */ #define exp2(x) exp(M_LN2*(x)) -static int itrunc(double x, int m) +static int tiff_itrunc(double x, int m) { if( m == SGILOGENCODE_NODITHER ) return (int)x; @@ -777,9 +783,9 @@ LogL16fromY(double Y, int em) /* get 16-bit LogL from Y */ if (Y <= -1.8371976e19) return (0xffff); if (Y > 5.4136769e-20) - return itrunc(256.*(log2(Y) + 64.), em); + return tiff_itrunc(256.*(log2(Y) + 64.), em); if (Y < -5.4136769e-20) - return (~0x7fff | itrunc(256.*(log2(-Y) + 64.), em)); + return (~0x7fff | tiff_itrunc(256.*(log2(-Y) + 64.), em)); return (0); } @@ -855,7 +861,7 @@ LogL10fromY(double Y, int em) /* get 10-bit LogL from Y */ else if (Y <= .00024283) return (0); else - return itrunc(64.*(log2(Y) + 12.), em); + return tiff_itrunc(64.*(log2(Y) + 12.), em); } #define NANGLES 100 @@ -925,12 +931,12 @@ uv_encode(double u, double v, int em) /* encode (u',v') coordinates */ if (v < UV_VSTART) return oog_encode(u, v); - vi = itrunc((v - UV_VSTART)*(1./UV_SQSIZ), em); + vi = tiff_itrunc((v - UV_VSTART)*(1./UV_SQSIZ), em); if (vi >= UV_NVS) return oog_encode(u, v); if (u < uv_row[vi].ustart) return oog_encode(u, v); - ui = itrunc((u - uv_row[vi].ustart)*(1./UV_SQSIZ), em); + ui = tiff_itrunc((u - uv_row[vi].ustart)*(1./UV_SQSIZ), em); if (ui >= uv_row[vi].nus) return oog_encode(u, v); @@ -1099,7 +1105,7 @@ Luv24fromLuv48(LogLuvState* sp, uint8* op, tmsize_t n) else if (sp->encode_meth == SGILOGENCODE_NODITHER) Le = (luv3[0]-3314) >> 2; else - Le = itrunc(.25*(luv3[0]-3314.), sp->encode_meth); + Le = tiff_itrunc(.25*(luv3[0]-3314.), sp->encode_meth); Ce = uv_encode((luv3[1]+.5)/(1<<15), (luv3[2]+.5)/(1<<15), sp->encode_meth); @@ -1155,10 +1161,10 @@ LogLuv32fromXYZ(float XYZ[3], int em) v = 9.*XYZ[1] / s; } if (u <= 0.) ue = 0; - else ue = itrunc(UVSCALE*u, em); + else ue = tiff_itrunc(UVSCALE*u, em); if (ue > 255) ue = 255; if (v <= 0.) ve = 0; - else ve = itrunc(UVSCALE*v, em); + else ve = tiff_itrunc(UVSCALE*v, em); if (ve > 255) ve = 255; /* combine encodings */ return (Le << 16 | ue << 8 | ve); @@ -1238,8 +1244,8 @@ Luv32fromLuv48(LogLuvState* sp, uint8* op, tmsize_t n) } while (n-- > 0) { *luv++ = (uint32)luv3[0] << 16 | - (itrunc(luv3[1]*(UVSCALE/(1<<15)), sp->encode_meth) << 8 & 0xff00) | - (itrunc(luv3[2]*(UVSCALE/(1<<15)), sp->encode_meth) & 0xff); + (tiff_itrunc(luv3[1]*(UVSCALE/(1<<15)), sp->encode_meth) << 8 & 0xff00) | + (tiff_itrunc(luv3[2]*(UVSCALE/(1<<15)), sp->encode_meth) & 0xff); luv3 += 3; } } @@ -1269,16 +1275,10 @@ LogL16GuessDataFmt(TIFFDirectory *td) return (SGILOGDATAFMT_UNKNOWN); } - -#define TIFF_SIZE_T_MAX ((size_t) ~ ((size_t)0)) -#define TIFF_TMSIZE_T_MAX (tmsize_t)(TIFF_SIZE_T_MAX >> 1) - static tmsize_t multiply_ms(tmsize_t m1, tmsize_t m2) { - if( m1 == 0 || m2 > TIFF_TMSIZE_T_MAX / m1 ) - return 0; - return m1 * m2; + return _TIFFMultiplySSize(NULL, m1, m2, NULL); } static int @@ -1512,7 +1512,7 @@ LogLuvSetupEncode(TIFF* tif) switch (td->td_photometric) { case PHOTOMETRIC_LOGLUV: if (!LogLuvInitState(tif)) - break; + return (0); if (td->td_compression == COMPRESSION_SGILOG24) { tif->tif_encoderow = LogLuvEncode24; switch (sp->user_datafmt) { @@ -1545,7 +1545,7 @@ LogLuvSetupEncode(TIFF* tif) break; case PHOTOMETRIC_LOGL: if (!LogL16InitState(tif)) - break; + return (0); tif->tif_encoderow = LogL16Encode; switch (sp->user_datafmt) { case SGILOGDATAFMT_FLOAT: @@ -1561,7 +1561,7 @@ LogLuvSetupEncode(TIFF* tif) TIFFErrorExt(tif->tif_clientdata, module, "Inappropriate photometric interpretation %d for SGILog compression; %s", td->td_photometric, "must be either LogLUV or LogL"); - break; + return (0); } sp->encoder_state = 1; return (1); diff --git a/3rdparty/libtiff/tif_lzma.c b/3rdparty/libtiff/tif_lzma.c index 3f6096b62a..e150bd635d 100644 --- a/3rdparty/libtiff/tif_lzma.c +++ b/3rdparty/libtiff/tif_lzma.c @@ -300,7 +300,8 @@ LZMAEncode(TIFF* tif, uint8* bp, tmsize_t cc, uint16 s) } if (sp->stream.avail_out == 0) { tif->tif_rawcc = tif->tif_rawdatasize; - TIFFFlushData1(tif); + if (!TIFFFlushData1(tif)) + return 0; sp->stream.next_out = tif->tif_rawdata; sp->stream.avail_out = (size_t)tif->tif_rawdatasize; /* this is a safe typecast, as check is made already in LZMAPreEncode */ } @@ -328,7 +329,8 @@ LZMAPostEncode(TIFF* tif) if ((tmsize_t)sp->stream.avail_out != tif->tif_rawdatasize) { tif->tif_rawcc = tif->tif_rawdatasize - sp->stream.avail_out; - TIFFFlushData1(tif); + if (!TIFFFlushData1(tif)) + return 0; sp->stream.next_out = tif->tif_rawdata; sp->stream.avail_out = (size_t)tif->tif_rawdatasize; /* this is a safe typecast, as check is made already in ZIPPreEncode */ } @@ -418,6 +420,7 @@ TIFFInitLZMA(TIFF* tif, int scheme) LZMAState* sp; lzma_stream tmp_stream = LZMA_STREAM_INIT; + (void)scheme; assert( scheme == COMPRESSION_LZMA ); /* diff --git a/3rdparty/libtiff/tif_lzw.c b/3rdparty/libtiff/tif_lzw.c index 21064f29ae..d92d0fd354 100644 --- a/3rdparty/libtiff/tif_lzw.c +++ b/3rdparty/libtiff/tif_lzw.c @@ -214,19 +214,16 @@ LZWSetupDecode(TIFF* tif) return (0); } - DecoderState(tif)->dec_codetab = NULL; - DecoderState(tif)->dec_decode = NULL; + sp = DecoderState(tif); + sp->dec_codetab = NULL; + sp->dec_decode = NULL; /* * Setup predictor setup. */ (void) TIFFPredictorInit(tif); - - sp = DecoderState(tif); } - assert(sp != NULL); - if (sp->dec_codetab == NULL) { sp->dec_codetab = (code_t*)_TIFFmalloc(CSIZE*sizeof (code_t)); if (sp->dec_codetab == NULL) { @@ -1161,6 +1158,7 @@ int TIFFInitLZW(TIFF* tif, int scheme) { static const char module[] = "TIFFInitLZW"; + (void)scheme; assert(scheme == COMPRESSION_LZW); /* * Allocate state block so tag methods have storage to record values. @@ -1218,7 +1216,7 @@ bad: * from this software without specific prior written permission. * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED - * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. + * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ #endif /* LZW_SUPPORT */ diff --git a/3rdparty/libtiff/tif_ojpeg.c b/3rdparty/libtiff/tif_ojpeg.c index 27385d8c47..133d1f1c49 100644 --- a/3rdparty/libtiff/tif_ojpeg.c +++ b/3rdparty/libtiff/tif_ojpeg.c @@ -74,7 +74,7 @@ or errors, up to the point where either these values are read, or it's clear they aren't there. This means that some of the data is read twice, but we feel speed in correcting these values is important enough to warrant this sacrifice. Although - there is currently no define or other configuration mechanism to disable this behaviour, + there is currently no define or other configuration mechanism to disable this behavior, the actual header scanning is build to robustly respond with error report if it should encounter an uncorrected mismatch of subsampling values. See OJPEGReadHeaderInfoSecStreamSof. @@ -243,6 +243,7 @@ typedef enum { typedef struct { TIFF* tif; int decoder_ok; + int error_in_raw_data_decoding; #ifndef LIBJPEG_ENCAP_EXTERNAL JMP_BUF exit_jmpbuf; #endif @@ -420,6 +421,7 @@ TIFFInitOJPEG(TIFF* tif, int scheme) static const char module[]="TIFFInitOJPEG"; OJPEGState* sp; + (void)scheme; assert(scheme==COMPRESSION_OJPEG); /* @@ -497,15 +499,15 @@ OJPEGVGetField(TIFF* tif, uint32 tag, va_list ap) break; case TIFFTAG_JPEGQTABLES: *va_arg(ap,uint32*)=(uint32)sp->qtable_offset_count; - *va_arg(ap,void**)=(void*)sp->qtable_offset; + *va_arg(ap,const void**)=(const void*)sp->qtable_offset; break; case TIFFTAG_JPEGDCTABLES: *va_arg(ap,uint32*)=(uint32)sp->dctable_offset_count; - *va_arg(ap,void**)=(void*)sp->dctable_offset; + *va_arg(ap,const void**)=(const void*)sp->dctable_offset; break; case TIFFTAG_JPEGACTABLES: *va_arg(ap,uint32*)=(uint32)sp->actable_offset_count; - *va_arg(ap,void**)=(void*)sp->actable_offset; + *va_arg(ap,const void**)=(const void*)sp->actable_offset; break; case TIFFTAG_JPEGPROC: *va_arg(ap,uint16*)=(uint16)sp->jpeg_proc; @@ -657,7 +659,7 @@ static int OJPEGSetupDecode(TIFF* tif) { static const char module[]="OJPEGSetupDecode"; - TIFFWarningExt(tif->tif_clientdata,module,"Depreciated and troublesome old-style JPEG compression mode, please convert to new-style JPEG compression and notify vendor of writing software"); + TIFFWarningExt(tif->tif_clientdata,module,"Deprecated and troublesome old-style JPEG compression mode, please convert to new-style JPEG compression and notify vendor of writing software"); return(1); } @@ -678,7 +680,7 @@ OJPEGPreDecode(TIFF* tif, uint16 s) if (OJPEGReadSecondarySos(tif,s)==0) return(0); } - if isTiled(tif) + if (isTiled(tif)) m=tif->tif_curtile; else m=tif->tif_curstrip; @@ -742,6 +744,7 @@ OJPEGPreDecodeSkipRaw(TIFF* tif) } m-=sp->subsampling_convert_clines-sp->subsampling_convert_state; sp->subsampling_convert_state=0; + sp->error_in_raw_data_decoding=0; } while (m>=sp->subsampling_convert_clines) { @@ -792,6 +795,10 @@ OJPEGDecode(TIFF* tif, uint8* buf, tmsize_t cc, uint16 s) TIFFErrorExt(tif->tif_clientdata,module,"Cannot decode: decoder not correctly initialized"); return 0; } + if( sp->error_in_raw_data_decoding ) + { + return 0; + } if (sp->libjpeg_jpeg_query_style==0) { if (OJPEGDecodeRaw(tif,buf,cc)==0) @@ -832,7 +839,10 @@ OJPEGDecodeRaw(TIFF* tif, uint8* buf, tmsize_t cc) if (sp->subsampling_convert_state==0) { if (jpeg_read_raw_data_encap(sp,&(sp->libjpeg_jpeg_decompress_struct),sp->subsampling_convert_ycbcrimage,sp->subsampling_ver*8)==0) + { + sp->error_in_raw_data_decoding = 1; return(0); + } } oy=sp->subsampling_convert_ybuf+sp->subsampling_convert_state*sp->subsampling_ver*sp->subsampling_convert_ylinelen; ocb=sp->subsampling_convert_cbbuf+sp->subsampling_convert_state*sp->subsampling_convert_clinelen; @@ -990,7 +1000,6 @@ OJPEGSubsamplingCorrect(TIFF* tif) OJPEGState* sp=(OJPEGState*)tif->tif_data; uint8 mh; uint8 mv; - _TIFFFillStriles( tif ); assert(sp->subsamplingcorrect_done==0); if ((tif->tif_dir.td_samplesperpixel!=3) || ((tif->tif_dir.td_photometric!=PHOTOMETRIC_YCBCR) && @@ -1046,7 +1055,7 @@ OJPEGReadHeaderInfo(TIFF* tif) assert(sp->readheader_done==0); sp->image_width=tif->tif_dir.td_imagewidth; sp->image_length=tif->tif_dir.td_imagelength; - if isTiled(tif) + if (isTiled(tif)) { sp->strile_width=tif->tif_dir.td_tilewidth; sp->strile_length=tif->tif_dir.td_tilelength; @@ -1056,6 +1065,8 @@ OJPEGReadHeaderInfo(TIFF* tif) { sp->strile_width=sp->image_width; sp->strile_length=tif->tif_dir.td_rowsperstrip; + if( sp->strile_length == (uint32)-1 ) + sp->strile_length = sp->image_length; sp->strile_length_total=sp->image_length; } if (tif->tif_dir.td_samplesperpixel==1) @@ -1082,6 +1093,12 @@ OJPEGReadHeaderInfo(TIFF* tif) } if (sp->strile_lengthimage_length) { + if (((sp->subsampling_hor!=1) && (sp->subsampling_hor!=2) && (sp->subsampling_hor!=4)) || + ((sp->subsampling_ver!=1) && (sp->subsampling_ver!=2) && (sp->subsampling_ver!=4))) + { + TIFFErrorExt(tif->tif_clientdata,module,"Invalid subsampling values"); + return(0); + } if (sp->strile_length%(sp->subsampling_ver*8)!=0) { TIFFErrorExt(tif->tif_clientdata,module,"Incompatible vertical subsampling and image strip/tile length"); @@ -1197,7 +1214,13 @@ OJPEGWriteHeaderInfo(TIFF* tif) sp->subsampling_convert_ybuflen=sp->subsampling_convert_ylinelen*sp->subsampling_convert_ylines; sp->subsampling_convert_cbuflen=sp->subsampling_convert_clinelen*sp->subsampling_convert_clines; sp->subsampling_convert_ycbcrbuflen=sp->subsampling_convert_ybuflen+2*sp->subsampling_convert_cbuflen; - sp->subsampling_convert_ycbcrbuf=_TIFFmalloc(sp->subsampling_convert_ycbcrbuflen); + /* The calloc is not normally necessary, except in some edge/broken cases */ + /* for example for a tiled image of height 1 with a tile height of 1 and subsampling_hor=subsampling_ver=2 */ + /* In that case, libjpeg will only fill the 8 first lines of the 16 lines */ + /* See https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16844 */ + /* Even if this case is allowed (?), its handling is broken because OJPEGPreDecode() should also likely */ + /* reset subsampling_convert_state to 0 when changing tile. */ + sp->subsampling_convert_ycbcrbuf=_TIFFcalloc(1, sp->subsampling_convert_ycbcrbuflen); if (sp->subsampling_convert_ycbcrbuf==0) { TIFFErrorExt(tif->tif_clientdata,module,"Out of memory"); @@ -1223,10 +1246,11 @@ OJPEGWriteHeaderInfo(TIFF* tif) *m++=sp->subsampling_convert_cbbuf+n*sp->subsampling_convert_clinelen; for (n=0; nsubsampling_convert_clines; n++) *m++=sp->subsampling_convert_crbuf+n*sp->subsampling_convert_clinelen; - sp->subsampling_convert_clinelenout=((sp->strile_width+sp->subsampling_hor-1)/sp->subsampling_hor); + sp->subsampling_convert_clinelenout=sp->strile_width/sp->subsampling_hor + ((sp->strile_width % sp->subsampling_hor) != 0 ? 1 : 0); sp->subsampling_convert_state=0; + sp->error_in_raw_data_decoding=0; sp->bytes_per_line=sp->subsampling_convert_clinelenout*(sp->subsampling_ver*sp->subsampling_hor+2); - sp->lines_per_strile=((sp->strile_length+sp->subsampling_ver-1)/sp->subsampling_ver); + sp->lines_per_strile=sp->strile_length/sp->subsampling_ver + ((sp->strile_length % sp->subsampling_ver) != 0 ? 1 : 0); sp->subsampling_convert_log=1; } } @@ -1240,6 +1264,26 @@ OJPEGWriteHeaderInfo(TIFF* tif) } if (jpeg_start_decompress_encap(sp,&(sp->libjpeg_jpeg_decompress_struct))==0) return(0); + if(sp->libjpeg_jpeg_decompress_struct.image_width != sp->strile_width ) { + TIFFErrorExt(tif->tif_clientdata,module, + "jpeg_start_decompress() returned image_width = %d, " + "expected %d", + sp->libjpeg_jpeg_decompress_struct.image_width, + sp->strile_width); + return 0; + } + if(sp->libjpeg_jpeg_decompress_struct.max_h_samp_factor != sp->subsampling_hor || + sp->libjpeg_jpeg_decompress_struct.max_v_samp_factor != sp->subsampling_ver) { + TIFFErrorExt(tif->tif_clientdata,module, + "jpeg_start_decompress() returned max_h_samp_factor = %d " + "and max_v_samp_factor = %d, expected %d and %d", + sp->libjpeg_jpeg_decompress_struct.max_h_samp_factor, + sp->libjpeg_jpeg_decompress_struct.max_v_samp_factor, + sp->subsampling_hor, + sp->subsampling_ver); + return 0; + } + sp->writeheader_done=1; return(1); } @@ -1272,7 +1316,9 @@ OJPEGReadHeaderInfoSec(TIFF* tif) } else { - if ((sp->jpeg_interchange_format_length==0) || (sp->jpeg_interchange_format+sp->jpeg_interchange_format_length>sp->file_size)) + if ((sp->jpeg_interchange_format_length==0) || + (sp->jpeg_interchange_format > TIFF_UINT64_MAX - sp->jpeg_interchange_format_length) || + (sp->jpeg_interchange_format+sp->jpeg_interchange_format_length>sp->file_size)) sp->jpeg_interchange_format_length=sp->file_size-sp->jpeg_interchange_format; } } @@ -1989,32 +2035,30 @@ OJPEGReadBufferFill(OJPEGState* sp) sp->in_buffer_source=osibsStrile; break; case osibsStrile: - if (!_TIFFFillStriles( sp->tif ) - || sp->tif->tif_dir.td_stripoffset == NULL - || sp->tif->tif_dir.td_stripbytecount == NULL) - return 0; - if (sp->in_buffer_next_strile==sp->in_buffer_strile_count) sp->in_buffer_source=osibsEof; else { - sp->in_buffer_file_pos=sp->tif->tif_dir.td_stripoffset[sp->in_buffer_next_strile]; + int err = 0; + sp->in_buffer_file_pos=TIFFGetStrileOffsetWithErr(sp->tif, sp->in_buffer_next_strile, &err); + if( err ) + return 0; if (sp->in_buffer_file_pos!=0) { + uint64 bytecount = TIFFGetStrileByteCountWithErr(sp->tif, sp->in_buffer_next_strile, &err); + if( err ) + return 0; if (sp->in_buffer_file_pos>=sp->file_size) sp->in_buffer_file_pos=0; - else if (sp->tif->tif_dir.td_stripbytecount==NULL) + else if (bytecount==0) sp->in_buffer_file_togo=sp->file_size-sp->in_buffer_file_pos; else { - if (sp->tif->tif_dir.td_stripbytecount == 0) { - TIFFErrorExt(sp->tif->tif_clientdata,sp->tif->tif_name,"Strip byte counts are missing"); - return(0); - } - sp->in_buffer_file_togo=sp->tif->tif_dir.td_stripbytecount[sp->in_buffer_next_strile]; + sp->in_buffer_file_togo=bytecount; if (sp->in_buffer_file_togo==0) sp->in_buffer_file_pos=0; - else if (sp->in_buffer_file_pos+sp->in_buffer_file_togo>sp->file_size) + else if (sp->in_buffer_file_pos > TIFF_UINT64_MAX - sp->in_buffer_file_togo || + sp->in_buffer_file_pos+sp->in_buffer_file_togo>sp->file_size) sp->in_buffer_file_togo=sp->file_size-sp->in_buffer_file_pos; } } diff --git a/3rdparty/libtiff/tif_open.c b/3rdparty/libtiff/tif_open.c index c574c452aa..a0e31583a6 100644 --- a/3rdparty/libtiff/tif_open.c +++ b/3rdparty/libtiff/tif_open.c @@ -104,6 +104,7 @@ TIFFClientOpen( } n; n.a8[0]=1; n.a8[1]=0; + (void)n; #ifdef WORDS_BIGENDIAN assert(n.a16==256); #else @@ -131,6 +132,7 @@ TIFFClientOpen( if (!readproc || !writeproc || !seekproc || !closeproc || !sizeproc) { TIFFErrorExt(clientdata, module, "One of the client procedures is NULL pointer."); + _TIFFfree(tif); goto bad2; } tif->tif_readproc = readproc; @@ -164,7 +166,7 @@ TIFFClientOpen( /* * Process library-specific flags in the open mode string. * The following flags may be used to control intrinsic library - * behaviour that may or may not be desirable (usually for + * behavior that may or may not be desirable (usually for * compatibility with some application that claims to support * TIFF but only supports some brain dead idea of what the * vendor thinks TIFF is): @@ -181,6 +183,8 @@ TIFFClientOpen( * 'h' read TIFF header only, do not load the first IFD * '4' ClassicTIFF for creating a file (default) * '8' BigTIFF for creating a file + * 'D' enable use of deferred strip/tile offset/bytecount array loading. + * 'O' on-demand loading of values instead of whole array loading (implies D) * * The use of the 'l' and 'b' flags is strongly discouraged. * These flags are provided solely because numerous vendors, @@ -203,7 +207,7 @@ TIFFClientOpen( * not do right now. * * The 'M' and 'm' flags are provided because some virtual memory - * systems exhibit poor behaviour when large images are mapped. + * systems exhibit poor behavior when large images are mapped. * These options permit clients to control the use of memory-mapped * files on a per-file basis. * @@ -262,7 +266,22 @@ TIFFClientOpen( if (m&O_CREAT) tif->tif_flags |= TIFF_BIGTIFF; break; + case 'D': + tif->tif_flags |= TIFF_DEFERSTRILELOAD; + break; + case 'O': + if( m == O_RDONLY ) + tif->tif_flags |= (TIFF_LAZYSTRILELOAD | TIFF_DEFERSTRILELOAD); + break; } + +#ifdef DEFER_STRILE_LOAD + /* Compatibility with old DEFER_STRILE_LOAD compilation flag */ + /* Probably unneeded, since to the best of my knowledge (E. Rouault) */ + /* GDAL was the only user of this, and will now use the new 'D' flag */ + tif->tif_flags |= TIFF_DEFERSTRILELOAD; +#endif + /* * Read in TIFF header. */ diff --git a/3rdparty/libtiff/tif_pixarlog.c b/3rdparty/libtiff/tif_pixarlog.c index b1e48d99c9..f291201505 100644 --- a/3rdparty/libtiff/tif_pixarlog.c +++ b/3rdparty/libtiff/tif_pixarlog.c @@ -634,16 +634,10 @@ PixarLogGuessDataFmt(TIFFDirectory *td) return guess; } -#define TIFF_SIZE_T_MAX ((size_t) ~ ((size_t)0)) -#define TIFF_TMSIZE_T_MAX (tmsize_t)(TIFF_SIZE_T_MAX >> 1) - static tmsize_t multiply_ms(tmsize_t m1, tmsize_t m2) { - assert(m1 >= 0 && m2 >= 0); - if( m1 == 0 || m2 > TIFF_TMSIZE_T_MAX / m1 ) - return 0; - return m1 * m2; + return _TIFFMultiplySSize(NULL, m1, m2, NULL); } static tmsize_t @@ -1153,7 +1147,7 @@ PixarLogEncode(TIFF* tif, uint8* bp, tmsize_t cc, uint16 s) llen = sp->stride * td->td_imagewidth; /* Check against the number of elements (of size uint16) of sp->tbuf */ - if( n > (tmsize_t)(td->td_rowsperstrip * llen) ) + if( n > ((tmsize_t)td->td_rowsperstrip * llen) ) { TIFFErrorExt(tif->tif_clientdata, module, "Too many input bytes provided"); @@ -1206,7 +1200,8 @@ PixarLogEncode(TIFF* tif, uint8* bp, tmsize_t cc, uint16 s) } if (sp->stream.avail_out == 0) { tif->tif_rawcc = tif->tif_rawdatasize; - TIFFFlushData1(tif); + if (!TIFFFlushData1(tif)) + return 0; sp->stream.next_out = tif->tif_rawdata; sp->stream.avail_out = (uInt) tif->tif_rawdatasize; /* this is a safe typecast, as check is made already in PixarLogPreEncode */ } @@ -1236,7 +1231,8 @@ PixarLogPostEncode(TIFF* tif) if ((tmsize_t)sp->stream.avail_out != tif->tif_rawdatasize) { tif->tif_rawcc = tif->tif_rawdatasize - sp->stream.avail_out; - TIFFFlushData1(tif); + if (!TIFFFlushData1(tif)) + return 0; sp->stream.next_out = tif->tif_rawdata; sp->stream.avail_out = (uInt) tif->tif_rawdatasize; /* this is a safe typecast, as check is made already in PixarLogPreEncode */ } @@ -1404,6 +1400,7 @@ TIFFInitPixarLog(TIFF* tif, int scheme) PixarLogState* sp; + (void)scheme; assert(scheme == COMPRESSION_PIXARLOG); /* diff --git a/3rdparty/libtiff/tif_predict.c b/3rdparty/libtiff/tif_predict.c index b775663a7b..c023397459 100644 --- a/3rdparty/libtiff/tif_predict.c +++ b/3rdparty/libtiff/tif_predict.c @@ -116,7 +116,7 @@ PredictorSetupDecode(TIFF* tif) TIFFDirectory* td = &tif->tif_dir; /* Note: when PredictorSetup() fails, the effets of setupdecode() */ - /* will not be "cancelled" so setupdecode() might be robust to */ + /* will not be "canceled" so setupdecode() might be robust to */ /* be called several times. */ if (!(*sp->setupdecode)(tif) || !PredictorSetup(tif)) return 0; @@ -270,8 +270,8 @@ PredictorSetupEncode(TIFF* tif) } /* Remarks related to C standard compliance in all below functions : */ -/* - to avoid any undefined behaviour, we only operate on unsigned types */ -/* since the behaviour of "overflows" is defined (wrap over) */ +/* - to avoid any undefined behavior, we only operate on unsigned types */ +/* since the behavior of "overflows" is defined (wrap over) */ /* - when storing into the byte stream, we explicitly mask with 0xff so */ /* as to make icc -check=conversions happy (not necessary by the standard) */ diff --git a/3rdparty/libtiff/tif_print.c b/3rdparty/libtiff/tif_print.c index 1d86adbf05..a0737941f4 100644 --- a/3rdparty/libtiff/tif_print.c +++ b/3rdparty/libtiff/tif_print.c @@ -652,8 +652,6 @@ TIFFPrintDirectory(TIFF* tif, FILE* fd, long flags) if (tif->tif_tagmethods.printdir) (*tif->tif_tagmethods.printdir)(tif, fd, flags); - _TIFFFillStriles( tif ); - if ((flags & TIFFPRINT_STRIPS) && TIFFFieldSet(tif,FIELD_STRIPOFFSETS)) { uint32 s; @@ -665,13 +663,13 @@ TIFFPrintDirectory(TIFF* tif, FILE* fd, long flags) #if defined(__WIN32__) && (defined(_MSC_VER) || defined(__MINGW32__)) fprintf(fd, " %3lu: [%8I64u, %8I64u]\n", (unsigned long) s, - td->td_stripoffset ? (unsigned __int64) td->td_stripoffset[s] : 0, - td->td_stripbytecount ? (unsigned __int64) td->td_stripbytecount[s] : 0); + (unsigned __int64) TIFFGetStrileOffset(tif, s), + (unsigned __int64) TIFFGetStrileByteCount(tif, s)); #else fprintf(fd, " %3lu: [%8llu, %8llu]\n", (unsigned long) s, - td->td_stripoffset ? (unsigned long long) td->td_stripoffset[s] : 0, - td->td_stripbytecount ? (unsigned long long) td->td_stripbytecount[s] : 0); + (unsigned long long) TIFFGetStrileOffset(tif, s), + (unsigned long long) TIFFGetStrileByteCount(tif, s)); #endif } } diff --git a/3rdparty/libtiff/tif_read.c b/3rdparty/libtiff/tif_read.c index 79c470cbf1..c4c868b1c5 100644 --- a/3rdparty/libtiff/tif_read.c +++ b/3rdparty/libtiff/tif_read.c @@ -29,9 +29,6 @@ #include "tiffiop.h" #include -#define TIFF_SIZE_T_MAX ((size_t) ~ ((size_t)0)) -#define TIFF_TMSIZE_T_MAX (tmsize_t)(TIFF_SIZE_T_MAX >> 1) - int TIFFFillStrip(TIFF* tif, uint32 strip); int TIFFFillTile(TIFF* tif, uint32 tile); static int TIFFStartStrip(TIFF* tif, uint32 strip); @@ -49,6 +46,8 @@ TIFFReadRawTile1(TIFF* tif, uint32 tile, void* buf, tmsize_t size, const char* m #define THRESHOLD_MULTIPLIER 10 #define MAX_THRESHOLD (THRESHOLD_MULTIPLIER * THRESHOLD_MULTIPLIER * THRESHOLD_MULTIPLIER * INITIAL_THRESHOLD) +#define TIFF_INT64_MAX ((((int64)0x7FFFFFFF) << 32) | 0xFFFFFFFF) + /* Read 'size' bytes in tif_rawdata buffer starting at offset 'rawdata_offset' * Returns 1 in case of success, 0 otherwise. */ static int TIFFReadAndRealloc( TIFF* tif, tmsize_t size, @@ -61,6 +60,22 @@ static int TIFFReadAndRealloc( TIFF* tif, tmsize_t size, #endif tmsize_t already_read = 0; + +#if SIZEOF_SIZE_T != 8 + /* On 32 bit processes, if the request is large enough, check against */ + /* file size */ + if( size > 1000 * 1000 * 1000 ) + { + uint64 filesize = TIFFGetFileSize(tif); + if( (uint64)size >= filesize ) + { + TIFFErrorExt(tif->tif_clientdata, module, + "Chunk size requested is larger than file size."); + return 0; + } + } +#endif + /* On 64 bit processes, read first a maximum of 1 MB, then 10 MB, etc */ /* so as to avoid allocating too much memory in case the file is too */ /* short. We could ask for the file size, but this might be */ @@ -175,17 +190,14 @@ TIFFFillStripPartial( TIFF *tif, int strip, tmsize_t read_ahead, int restart ) tmsize_t to_read; tmsize_t read_ahead_mod; /* tmsize_t bytecountm; */ - - if (!_TIFFFillStriles( tif ) || !tif->tif_dir.td_stripbytecount) - return 0; - + /* * Expand raw data buffer, if needed, to hold data * strip coming from file (perhaps should set upper * bound on the size of a buffer we'll use?). */ - /* bytecountm=(tmsize_t) td->td_stripbytecount[strip]; */ + /* bytecountm=(tmsize_t) TIFFGetStrileByteCount(tif, strip); */ /* Not completely sure where the * 2 comes from, but probably for */ /* an exponentional growth strategy of tif_rawdatasize */ @@ -229,7 +241,7 @@ TIFFFillStripPartial( TIFF *tif, int strip, tmsize_t read_ahead, int restart ) /* ** Seek to the point in the file where more data should be read. */ - read_offset = td->td_stripoffset[strip] + read_offset = TIFFGetStrileOffset(tif, strip) + tif->tif_rawdataoff + tif->tif_rawdataloaded; if (!SeekOK(tif, read_offset)) { @@ -246,10 +258,10 @@ TIFFFillStripPartial( TIFF *tif, int strip, tmsize_t read_ahead, int restart ) to_read = read_ahead_mod - unused_data; else to_read = tif->tif_rawdatasize - unused_data; - if( (uint64) to_read > td->td_stripbytecount[strip] + if( (uint64) to_read > TIFFGetStrileByteCount(tif, strip) - tif->tif_rawdataoff - tif->tif_rawdataloaded ) { - to_read = (tmsize_t) td->td_stripbytecount[strip] + to_read = (tmsize_t) TIFFGetStrileByteCount(tif, strip) - tif->tif_rawdataoff - tif->tif_rawdataloaded; } @@ -288,7 +300,7 @@ TIFFFillStripPartial( TIFF *tif, int strip, tmsize_t read_ahead, int restart ) /* For JPEG, if there are multiple scans (can generally be known */ /* with the read_ahead used), we need to read the whole strip */ if( tif->tif_dir.td_compression==COMPRESSION_JPEG && - (uint64)tif->tif_rawcc < td->td_stripbytecount[strip] ) + (uint64)tif->tif_rawcc < TIFFGetStrileByteCount(tif, strip) ) { if( TIFFJPEGIsFullStripRequired(tif) ) { @@ -347,9 +359,7 @@ TIFFSeek(TIFF* tif, uint32 row, uint16 sample ) * read it a few lines at a time? */ #if defined(CHUNKY_STRIP_READ_SUPPORT) - if (!_TIFFFillStriles( tif ) || !tif->tif_dir.td_stripbytecount) - return 0; - whole_strip = tif->tif_dir.td_stripbytecount[strip] < 10 + whole_strip = TIFFGetStrileByteCount(tif, strip) < 10 || isMapped(tif); if( td->td_compression == COMPRESSION_LERC || td->td_compression == COMPRESSION_JBIG ) @@ -402,7 +412,7 @@ TIFFSeek(TIFF* tif, uint32 row, uint16 sample ) else if( !whole_strip ) { if( ((tif->tif_rawdata + tif->tif_rawdataloaded) - tif->tif_rawcp) < read_ahead - && (uint64) tif->tif_rawdataoff+tif->tif_rawdataloaded < td->td_stripbytecount[strip] ) + && (uint64) tif->tif_rawdataoff+tif->tif_rawdataloaded < TIFFGetStrileByteCount(tif, strip) ) { if( !TIFFFillStripPartial(tif,strip,read_ahead,0) ) return 0; @@ -599,16 +609,11 @@ static tmsize_t TIFFReadRawStrip1(TIFF* tif, uint32 strip, void* buf, tmsize_t size, const char* module) { - TIFFDirectory *td = &tif->tif_dir; - - if (!_TIFFFillStriles( tif )) - return ((tmsize_t)(-1)); - assert((tif->tif_flags&TIFF_NOREADRAW)==0); if (!isMapped(tif)) { tmsize_t cc; - if (!SeekOK(tif, td->td_stripoffset[strip])) { + if (!SeekOK(tif, TIFFGetStrileOffset(tif, strip))) { TIFFErrorExt(tif->tif_clientdata, module, "Seek error at scanline %lu, strip %lu", (unsigned long) tif->tif_row, (unsigned long) strip); @@ -634,8 +639,8 @@ TIFFReadRawStrip1(TIFF* tif, uint32 strip, void* buf, tmsize_t size, } else { tmsize_t ma = 0; tmsize_t n; - if ((td->td_stripoffset[strip] > (uint64)TIFF_TMSIZE_T_MAX)|| - ((ma=(tmsize_t)td->td_stripoffset[strip])>tif->tif_size)) + if ((TIFFGetStrileOffset(tif, strip) > (uint64)TIFF_TMSIZE_T_MAX)|| + ((ma=(tmsize_t)TIFFGetStrileOffset(tif, strip))>tif->tif_size)) { n=0; } @@ -679,12 +684,10 @@ static tmsize_t TIFFReadRawStripOrTile2(TIFF* tif, uint32 strip_or_tile, int is_strip, tmsize_t size, const char* module) { - TIFFDirectory *td = &tif->tif_dir; - assert( !isMapped(tif) ); assert((tif->tif_flags&TIFF_NOREADRAW)==0); - if (!SeekOK(tif, td->td_stripoffset[strip_or_tile])) { + if (!SeekOK(tif, TIFFGetStrileOffset(tif, strip_or_tile))) { if( is_strip ) { TIFFErrorExt(tif->tif_clientdata, module, @@ -720,7 +723,7 @@ TIFFReadRawStrip(TIFF* tif, uint32 strip, void* buf, tmsize_t size) { static const char module[] = "TIFFReadRawStrip"; TIFFDirectory *td = &tif->tif_dir; - uint64 bytecount; + uint64 bytecount64; tmsize_t bytecountm; if (!TIFFCheckRead(tif, 0)) @@ -738,31 +741,23 @@ TIFFReadRawStrip(TIFF* tif, uint32 strip, void* buf, tmsize_t size) "Compression scheme does not support access to raw uncompressed data"); return ((tmsize_t)(-1)); } - bytecount = td->td_stripbytecount[strip]; - if ((int64)bytecount <= 0) { -#if defined(__WIN32__) && (defined(_MSC_VER) || defined(__MINGW32__)) - TIFFErrorExt(tif->tif_clientdata, module, - "%I64u: Invalid strip byte count, strip %lu", - (unsigned __int64) bytecount, - (unsigned long) strip); -#else - TIFFErrorExt(tif->tif_clientdata, module, - "%llu: Invalid strip byte count, strip %lu", - (unsigned long long) bytecount, - (unsigned long) strip); -#endif - return ((tmsize_t)(-1)); - } - bytecountm = (tmsize_t)bytecount; - if ((uint64)bytecountm!=bytecount) { - TIFFErrorExt(tif->tif_clientdata, module, "Integer overflow"); - return ((tmsize_t)(-1)); - } - if (size != (tmsize_t)(-1) && size < bytecountm) + bytecount64 = TIFFGetStrileByteCount(tif, strip); + if (size != (tmsize_t)(-1) && (uint64)size <= bytecount64) bytecountm = size; + else + bytecountm = _TIFFCastUInt64ToSSize(tif, bytecount64, module); + if( bytecountm == 0 ) { + return ((tmsize_t)(-1)); + } return (TIFFReadRawStrip1(tif, strip, buf, bytecountm, module)); } +TIFF_NOSANITIZE_UNSIGNED_INT_OVERFLOW +static uint64 NoSanitizeSubUInt64(uint64 a, uint64 b) +{ + return a - b; +} + /* * Read the specified strip and setup for decoding. The data buffer is * expanded, as necessary, to hold the strip's data. @@ -773,13 +768,10 @@ TIFFFillStrip(TIFF* tif, uint32 strip) static const char module[] = "TIFFFillStrip"; TIFFDirectory *td = &tif->tif_dir; - if (!_TIFFFillStriles( tif ) || !tif->tif_dir.td_stripbytecount) - return 0; - if ((tif->tif_flags&TIFF_NOREADRAW)==0) { - uint64 bytecount = td->td_stripbytecount[strip]; - if ((int64)bytecount <= 0) { + uint64 bytecount = TIFFGetStrileByteCount(tif, strip); + if( bytecount == 0 || bytecount > (uint64)TIFF_INT64_MAX ) { #if defined(__WIN32__) && (defined(_MSC_VER) || defined(__MINGW32__)) TIFFErrorExt(tif->tif_clientdata, module, "Invalid strip byte count %I64u, strip %lu", @@ -806,7 +798,7 @@ TIFFFillStrip(TIFF* tif, uint32 strip) (bytecount - 4096) / 10 > (uint64)stripsize ) { uint64 newbytecount = (uint64)stripsize * 10 + 4096; - if( (int64)newbytecount >= 0 ) + if( newbytecount == 0 || newbytecount > (uint64)TIFF_INT64_MAX ) { #if defined(__WIN32__) && (defined(_MSC_VER) || defined(__MINGW32__)) TIFFWarningExt(tif->tif_clientdata, module, @@ -831,13 +823,13 @@ TIFFFillStrip(TIFF* tif, uint32 strip) * We must check for overflow, potentially causing * an OOB read. Instead of simple * - * td->td_stripoffset[strip]+bytecount > tif->tif_size + * TIFFGetStrileOffset(tif, strip)+bytecount > tif->tif_size * * comparison (which can overflow) we do the following * two comparisons: */ if (bytecount > (uint64)tif->tif_size || - td->td_stripoffset[strip] > (uint64)tif->tif_size - bytecount) { + TIFFGetStrileOffset(tif, strip) > (uint64)tif->tif_size - bytecount) { /* * This error message might seem strange, but * it's what would happen if a read were done @@ -849,7 +841,7 @@ TIFFFillStrip(TIFF* tif, uint32 strip) "Read error on strip %lu; " "got %I64u bytes, expected %I64u", (unsigned long) strip, - (unsigned __int64) tif->tif_size - td->td_stripoffset[strip], + (unsigned __int64) NoSanitizeSubUInt64(tif->tif_size, TIFFGetStrileOffset(tif, strip)), (unsigned __int64) bytecount); #else TIFFErrorExt(tif->tif_clientdata, module, @@ -857,7 +849,7 @@ TIFFFillStrip(TIFF* tif, uint32 strip) "Read error on strip %lu; " "got %llu bytes, expected %llu", (unsigned long) strip, - (unsigned long long) tif->tif_size - td->td_stripoffset[strip], + (unsigned long long) NoSanitizeSubUInt64(tif->tif_size, TIFFGetStrileOffset(tif, strip)), (unsigned long long) bytecount); #endif tif->tif_curstrip = NOSTRIP; @@ -886,7 +878,7 @@ TIFFFillStrip(TIFF* tif, uint32 strip) } tif->tif_flags &= ~TIFF_MYBUFFER; tif->tif_rawdatasize = (tmsize_t)bytecount; - tif->tif_rawdata = tif->tif_base + (tmsize_t)td->td_stripoffset[strip]; + tif->tif_rawdata = tif->tif_base + (tmsize_t)TIFFGetStrileOffset(tif, strip); tif->tif_rawdataoff = 0; tif->tif_rawdataloaded = (tmsize_t) bytecount; @@ -1101,16 +1093,11 @@ _TIFFReadEncodedTileAndAllocBuffer(TIFF* tif, uint32 tile, static tmsize_t TIFFReadRawTile1(TIFF* tif, uint32 tile, void* buf, tmsize_t size, const char* module) { - TIFFDirectory *td = &tif->tif_dir; - - if (!_TIFFFillStriles( tif )) - return ((tmsize_t)(-1)); - assert((tif->tif_flags&TIFF_NOREADRAW)==0); if (!isMapped(tif)) { tmsize_t cc; - if (!SeekOK(tif, td->td_stripoffset[tile])) { + if (!SeekOK(tif, TIFFGetStrileOffset(tif, tile))) { TIFFErrorExt(tif->tif_clientdata, module, "Seek error at row %lu, col %lu, tile %lu", (unsigned long) tif->tif_row, @@ -1140,9 +1127,9 @@ TIFFReadRawTile1(TIFF* tif, uint32 tile, void* buf, tmsize_t size, const char* m } else { tmsize_t ma,mb; tmsize_t n; - ma=(tmsize_t)td->td_stripoffset[tile]; + ma=(tmsize_t)TIFFGetStrileOffset(tif, tile); mb=ma+size; - if ((td->td_stripoffset[tile] > (uint64)TIFF_TMSIZE_T_MAX)||(ma>tif->tif_size)) + if ((TIFFGetStrileOffset(tif, tile) > (uint64)TIFF_TMSIZE_T_MAX)||(ma>tif->tif_size)) n=0; else if ((mbtif->tif_size)) n=tif->tif_size-ma; @@ -1198,13 +1185,12 @@ TIFFReadRawTile(TIFF* tif, uint32 tile, void* buf, tmsize_t size) "Compression scheme does not support access to raw uncompressed data"); return ((tmsize_t)(-1)); } - bytecount64 = td->td_stripbytecount[tile]; - if (size != (tmsize_t)(-1) && (uint64)size < bytecount64) - bytecount64 = (uint64)size; - bytecountm = (tmsize_t)bytecount64; - if ((uint64)bytecountm!=bytecount64) - { - TIFFErrorExt(tif->tif_clientdata,module,"Integer overflow"); + bytecount64 = TIFFGetStrileByteCount(tif, tile); + if (size != (tmsize_t)(-1) && (uint64)size <= bytecount64) + bytecountm = size; + else + bytecountm = _TIFFCastUInt64ToSSize(tif, bytecount64, module); + if( bytecountm == 0 ) { return ((tmsize_t)(-1)); } return (TIFFReadRawTile1(tif, tile, buf, bytecountm, module)); @@ -1220,13 +1206,10 @@ TIFFFillTile(TIFF* tif, uint32 tile) static const char module[] = "TIFFFillTile"; TIFFDirectory *td = &tif->tif_dir; - if (!_TIFFFillStriles( tif ) || !tif->tif_dir.td_stripbytecount) - return 0; - if ((tif->tif_flags&TIFF_NOREADRAW)==0) { - uint64 bytecount = td->td_stripbytecount[tile]; - if ((int64)bytecount <= 0) { + uint64 bytecount = TIFFGetStrileByteCount(tif, tile); + if( bytecount == 0 || bytecount > (uint64)TIFF_INT64_MAX ) { #if defined(__WIN32__) && (defined(_MSC_VER) || defined(__MINGW32__)) TIFFErrorExt(tif->tif_clientdata, module, "%I64u: Invalid tile byte count, tile %lu", @@ -1253,7 +1236,7 @@ TIFFFillTile(TIFF* tif, uint32 tile) (bytecount - 4096) / 10 > (uint64)stripsize ) { uint64 newbytecount = (uint64)stripsize * 10 + 4096; - if( (int64)newbytecount >= 0 ) + if( newbytecount == 0 || newbytecount > (uint64)TIFF_INT64_MAX ) { #if defined(__WIN32__) && (defined(_MSC_VER) || defined(__MINGW32__)) TIFFWarningExt(tif->tif_clientdata, module, @@ -1278,13 +1261,13 @@ TIFFFillTile(TIFF* tif, uint32 tile) * We must check for overflow, potentially causing * an OOB read. Instead of simple * - * td->td_stripoffset[tile]+bytecount > tif->tif_size + * TIFFGetStrileOffset(tif, tile)+bytecount > tif->tif_size * * comparison (which can overflow) we do the following * two comparisons: */ if (bytecount > (uint64)tif->tif_size || - td->td_stripoffset[tile] > (uint64)tif->tif_size - bytecount) { + TIFFGetStrileOffset(tif, tile) > (uint64)tif->tif_size - bytecount) { tif->tif_curtile = NOTILE; return (0); } @@ -1313,7 +1296,7 @@ TIFFFillTile(TIFF* tif, uint32 tile) tif->tif_rawdatasize = (tmsize_t)bytecount; tif->tif_rawdata = - tif->tif_base + (tmsize_t)td->td_stripoffset[tile]; + tif->tif_base + (tmsize_t)TIFFGetStrileOffset(tif, tile); tif->tif_rawdataoff = 0; tif->tif_rawdataloaded = (tmsize_t) bytecount; tif->tif_flags |= TIFF_BUFFERMMAP; @@ -1440,9 +1423,6 @@ TIFFStartStrip(TIFF* tif, uint32 strip) { TIFFDirectory *td = &tif->tif_dir; - if (!_TIFFFillStriles( tif ) || !tif->tif_dir.td_stripbytecount) - return 0; - if ((tif->tif_flags & TIFF_CODERSETUP) == 0) { if (!(*tif->tif_setupdecode)(tif)) return (0); @@ -1463,10 +1443,18 @@ TIFFStartStrip(TIFF* tif, uint32 strip) if( tif->tif_rawdataloaded > 0 ) tif->tif_rawcc = tif->tif_rawdataloaded; else - tif->tif_rawcc = (tmsize_t)td->td_stripbytecount[strip]; + tif->tif_rawcc = (tmsize_t)TIFFGetStrileByteCount(tif, strip); } - return ((*tif->tif_predecode)(tif, - (uint16)(strip / td->td_stripsperimage))); + if ((*tif->tif_predecode)(tif, + (uint16)(strip / td->td_stripsperimage)) == 0 ) { + /* Needed for example for scanline access, if tif_predecode */ + /* fails, and we try to read the same strip again. Without invalidating */ + /* tif_curstrip, we'd call tif_decoderow() on a possibly invalid */ + /* codec state. */ + tif->tif_curstrip = NOSTRIP; + return 0; + } + return 1; } /* @@ -1480,9 +1468,6 @@ TIFFStartTile(TIFF* tif, uint32 tile) TIFFDirectory *td = &tif->tif_dir; uint32 howmany32; - if (!_TIFFFillStriles( tif ) || !tif->tif_dir.td_stripbytecount) - return 0; - if ((tif->tif_flags & TIFF_CODERSETUP) == 0) { if (!(*tif->tif_setupdecode)(tif)) return (0); @@ -1513,7 +1498,7 @@ TIFFStartTile(TIFF* tif, uint32 tile) if( tif->tif_rawdataloaded > 0 ) tif->tif_rawcc = tif->tif_rawdataloaded; else - tif->tif_rawcc = (tmsize_t)td->td_stripbytecount[tile]; + tif->tif_rawcc = (tmsize_t)TIFFGetStrileByteCount(tif, tile); } return ((*tif->tif_predecode)(tif, (uint16)(tile/td->td_stripsperimage))); @@ -1528,13 +1513,100 @@ TIFFCheckRead(TIFF* tif, int tiles) } if (tiles ^ isTiled(tif)) { TIFFErrorExt(tif->tif_clientdata, tif->tif_name, tiles ? - "Can not read tiles from a stripped image" : + "Can not read tiles from a striped image" : "Can not read scanlines from a tiled image"); return (0); } return (1); } +/* Use the provided input buffer (inbuf, insize) and decompress it into + * (outbuf, outsize). + * This function replaces the use of TIFFReadEncodedStrip()/TIFFReadEncodedTile() + * when the user can provide the buffer for the input data, for example when + * he wants to avoid libtiff to read the strile offset/count values from the + * [Strip|Tile][Offsets/ByteCounts] array. + * inbuf content must be writable (if bit reversal is needed) + * Returns 1 in case of success, 0 otherwise. + */ +int TIFFReadFromUserBuffer(TIFF* tif, uint32 strile, + void* inbuf, tmsize_t insize, + void* outbuf, tmsize_t outsize) +{ + static const char module[] = "TIFFReadFromUserBuffer"; + TIFFDirectory *td = &tif->tif_dir; + int ret = 1; + uint32 old_tif_flags = tif->tif_flags; + tmsize_t old_rawdatasize = tif->tif_rawdatasize; + void* old_rawdata = tif->tif_rawdata; + + if (tif->tif_mode == O_WRONLY) { + TIFFErrorExt(tif->tif_clientdata, tif->tif_name, "File not open for reading"); + return 0; + } + if (tif->tif_flags&TIFF_NOREADRAW) + { + TIFFErrorExt(tif->tif_clientdata, module, + "Compression scheme does not support access to raw uncompressed data"); + return 0; + } + + tif->tif_flags &= ~TIFF_MYBUFFER; + tif->tif_flags |= TIFF_BUFFERMMAP; + tif->tif_rawdatasize = insize; + tif->tif_rawdata = inbuf; + tif->tif_rawdataoff = 0; + tif->tif_rawdataloaded = insize; + + if (!isFillOrder(tif, td->td_fillorder) && + (tif->tif_flags & TIFF_NOBITREV) == 0) + { + TIFFReverseBits(inbuf, insize); + } + + if( TIFFIsTiled(tif) ) + { + if( !TIFFStartTile(tif, strile) || + !(*tif->tif_decodetile)(tif, (uint8*) outbuf, outsize, + (uint16)(strile/td->td_stripsperimage)) ) + { + ret = 0; + } + } + else + { + uint32 rowsperstrip=td->td_rowsperstrip; + uint32 stripsperplane; + if (rowsperstrip>td->td_imagelength) + rowsperstrip=td->td_imagelength; + stripsperplane= TIFFhowmany_32_maxuint_compat(td->td_imagelength, rowsperstrip); + if( !TIFFStartStrip(tif, strile) || + !(*tif->tif_decodestrip)(tif, (uint8*) outbuf, outsize, + (uint16)(strile/stripsperplane)) ) + { + ret = 0; + } + } + if( ret ) + { + (*tif->tif_postdecode)(tif, (uint8*) outbuf, outsize); + } + + if (!isFillOrder(tif, td->td_fillorder) && + (tif->tif_flags & TIFF_NOBITREV) == 0) + { + TIFFReverseBits(inbuf, insize); + } + + tif->tif_flags = old_tif_flags; + tif->tif_rawdatasize = old_rawdatasize; + tif->tif_rawdata = old_rawdata; + tif->tif_rawdataoff = 0; + tif->tif_rawdataloaded = 0; + + return ret; +} + void _TIFFNoPostDecode(TIFF* tif, uint8* buf, tmsize_t cc) { diff --git a/3rdparty/libtiff/tif_strip.c b/3rdparty/libtiff/tif_strip.c index 5b76fba56d..c08c60a792 100644 --- a/3rdparty/libtiff/tif_strip.c +++ b/3rdparty/libtiff/tif_strip.c @@ -129,15 +129,8 @@ TIFFVStripSize(TIFF* tif, uint32 nrows) { static const char module[] = "TIFFVStripSize"; uint64 m; - tmsize_t n; m=TIFFVStripSize64(tif,nrows); - n=(tmsize_t)m; - if ((uint64)n!=m) - { - TIFFErrorExt(tif->tif_clientdata,module,"Integer overflow"); - n=0; - } - return(n); + return _TIFFCastUInt64ToSSize(tif, m, module); } /* @@ -147,8 +140,7 @@ uint64 TIFFRawStripSize64(TIFF* tif, uint32 strip) { static const char module[] = "TIFFRawStripSize64"; - TIFFDirectory* td = &tif->tif_dir; - uint64 bytecount = td->td_stripbytecount[strip]; + uint64 bytecount = TIFFGetStrileByteCount(tif, strip); if (bytecount == 0) { @@ -211,15 +203,8 @@ TIFFStripSize(TIFF* tif) { static const char module[] = "TIFFStripSize"; uint64 m; - tmsize_t n; m=TIFFStripSize64(tif); - n=(tmsize_t)m; - if ((uint64)n!=m) - { - TIFFErrorExt(tif->tif_clientdata,module,"Integer overflow"); - n=0; - } - return(n); + return _TIFFCastUInt64ToSSize(tif, m, module); } /* @@ -330,14 +315,8 @@ TIFFScanlineSize(TIFF* tif) { static const char module[] = "TIFFScanlineSize"; uint64 m; - tmsize_t n; m=TIFFScanlineSize64(tif); - n=(tmsize_t)m; - if ((uint64)n!=m) { - TIFFErrorExt(tif->tif_clientdata,module,"Integer arithmetic overflow"); - n=0; - } - return(n); + return _TIFFCastUInt64ToSSize(tif, m, module); } /* @@ -366,15 +345,8 @@ TIFFRasterScanlineSize(TIFF* tif) { static const char module[] = "TIFFRasterScanlineSize"; uint64 m; - tmsize_t n; m=TIFFRasterScanlineSize64(tif); - n=(tmsize_t)m; - if ((uint64)n!=m) - { - TIFFErrorExt(tif->tif_clientdata,module,"Integer arithmetic overflow"); - n=0; - } - return(n); + return _TIFFCastUInt64ToSSize(tif, m, module); } /* vim: set ts=8 sts=8 sw=8 noet: */ diff --git a/3rdparty/libtiff/tif_thunder.c b/3rdparty/libtiff/tif_thunder.c index 2388dbb66b..db6383a81a 100644 --- a/3rdparty/libtiff/tif_thunder.c +++ b/3rdparty/libtiff/tif_thunder.c @@ -122,17 +122,17 @@ ThunderDecode(TIFF* tif, uint8* op, tmsize_t maxpixels) break; case THUNDER_2BITDELTAS: /* 2-bit deltas */ if ((delta = ((n >> 4) & 3)) != DELTA2_SKIP) - SETPIXEL(op, lastpixel + twobitdeltas[delta]); + SETPIXEL(op, (unsigned)((int)lastpixel + twobitdeltas[delta])); if ((delta = ((n >> 2) & 3)) != DELTA2_SKIP) - SETPIXEL(op, lastpixel + twobitdeltas[delta]); + SETPIXEL(op, (unsigned)((int)lastpixel + twobitdeltas[delta])); if ((delta = (n & 3)) != DELTA2_SKIP) - SETPIXEL(op, lastpixel + twobitdeltas[delta]); + SETPIXEL(op, (unsigned)((int)lastpixel + twobitdeltas[delta])); break; case THUNDER_3BITDELTAS: /* 3-bit deltas */ if ((delta = ((n >> 3) & 7)) != DELTA3_SKIP) - SETPIXEL(op, lastpixel + threebitdeltas[delta]); + SETPIXEL(op, (unsigned)((int)lastpixel + threebitdeltas[delta])); if ((delta = (n & 7)) != DELTA3_SKIP) - SETPIXEL(op, lastpixel + threebitdeltas[delta]); + SETPIXEL(op, (unsigned)((int)lastpixel + threebitdeltas[delta])); break; case THUNDER_RAW: /* raw data */ SETPIXEL(op, n); diff --git a/3rdparty/libtiff/tif_tile.c b/3rdparty/libtiff/tif_tile.c index 58fe9354a3..661cc77154 100644 --- a/3rdparty/libtiff/tif_tile.c +++ b/3rdparty/libtiff/tif_tile.c @@ -181,15 +181,8 @@ TIFFTileRowSize(TIFF* tif) { static const char module[] = "TIFFTileRowSize"; uint64 m; - tmsize_t n; m=TIFFTileRowSize64(tif); - n=(tmsize_t)m; - if ((uint64)n!=m) - { - TIFFErrorExt(tif->tif_clientdata,module,"Integer overflow"); - n=0; - } - return(n); + return _TIFFCastUInt64ToSSize(tif, m, module); } /* @@ -248,15 +241,8 @@ TIFFVTileSize(TIFF* tif, uint32 nrows) { static const char module[] = "TIFFVTileSize"; uint64 m; - tmsize_t n; m=TIFFVTileSize64(tif,nrows); - n=(tmsize_t)m; - if ((uint64)n!=m) - { - TIFFErrorExt(tif->tif_clientdata,module,"Integer overflow"); - n=0; - } - return(n); + return _TIFFCastUInt64ToSSize(tif, m, module); } /* @@ -272,15 +258,8 @@ TIFFTileSize(TIFF* tif) { static const char module[] = "TIFFTileSize"; uint64 m; - tmsize_t n; m=TIFFTileSize64(tif); - n=(tmsize_t)m; - if ((uint64)n!=m) - { - TIFFErrorExt(tif->tif_clientdata,module,"Integer overflow"); - n=0; - } - return(n); + return _TIFFCastUInt64ToSSize(tif, m, module); } /* diff --git a/3rdparty/libtiff/tif_unix.c b/3rdparty/libtiff/tif_unix.c index 874f1feb26..bea1ef7802 100644 --- a/3rdparty/libtiff/tif_unix.c +++ b/3rdparty/libtiff/tif_unix.c @@ -162,7 +162,7 @@ _tiffMapProc(thandle_t fd, void** pbase, toff_t* psize) { uint64 size64 = _tiffSizeProc(fd); tmsize_t sizem = (tmsize_t)size64; - if ((uint64)sizem==size64) { + if (size64 && (uint64)sizem==size64) { fd_as_handle_union_t fdh; fdh.h = fd; *pbase = (void*) diff --git a/3rdparty/libtiff/tif_webp.c b/3rdparty/libtiff/tif_webp.c index 22665f2d2b..a00478f6b9 100644 --- a/3rdparty/libtiff/tif_webp.c +++ b/3rdparty/libtiff/tif_webp.c @@ -267,6 +267,12 @@ TWebPPreDecode(TIFF* tif, uint16 s) segment_height = td->td_rowsperstrip; } + if( segment_width > 16383 || segment_height > 16383 ) { + TIFFErrorExt(tif->tif_clientdata, module, + "WEBP maximum image dimensions are 16383 x 16383."); + return 0; + } + if( (sp->state & LSTATE_INIT_DECODE) == 0 ) tif->tif_setupdecode(tif); @@ -333,7 +339,7 @@ TWebPSetupEncode(TIFF* tif) } /* check bits per sample and data type */ - if ((nBitsPerSample != 8) && (sampleFormat != 1)) { + if ((nBitsPerSample != 8) || (sampleFormat != SAMPLEFORMAT_UINT)) { TIFFErrorExt(tif->tif_clientdata, module, "WEBP driver requires 8 bit unsigned data"); return 0; @@ -356,7 +362,7 @@ TWebPSetupEncode(TIFF* tif) } if (!WebPConfigInitInternal(&sp->sEncoderConfig, WEBP_PRESET_DEFAULT, - sp->quality_level, + (float)sp->quality_level, WEBP_ENCODER_ABI_VERSION)) { TIFFErrorExt(tif->tif_clientdata, module, "Error creating WebP encoder configuration."); @@ -579,7 +585,7 @@ TWebPVSetField(TIFF* tif, uint32 tag, va_list ap) #if WEBP_ENCODER_ABI_VERSION >= 0x0100 sp->lossless = va_arg(ap, int); if (sp->lossless){ - sp->quality_level = 100.0f; + sp->quality_level = 100; } return 1; #else @@ -628,6 +634,7 @@ TIFFInitWebP(TIFF* tif, int scheme) static const char module[] = "TIFFInitWebP"; WebPState* sp; + (void)scheme; assert( scheme == COMPRESSION_WEBP ); /* @@ -656,7 +663,7 @@ TIFFInitWebP(TIFF* tif, int scheme) tif->tif_tagmethods.vsetfield = TWebPVSetField; /* hook for codec tags */ /* Default values for codec-specific fields */ - sp->quality_level = 75.0f; /* default comp. level */ + sp->quality_level = 75; /* default comp. level */ sp->lossless = 0; /* default to false */ sp->state = 0; sp->nSamples = 0; diff --git a/3rdparty/libtiff/tif_win32.c b/3rdparty/libtiff/tif_win32.c index 088880e7c4..8964569394 100644 --- a/3rdparty/libtiff/tif_win32.c +++ b/3rdparty/libtiff/tif_win32.c @@ -27,34 +27,38 @@ * Scott Wagner (wagner@itek.com), Itek Graphix, Rochester, NY USA */ -/* - CreateFileA/CreateFileW return type 'HANDLE'. - - thandle_t is declared like - - DECLARE_HANDLE(thandle_t); - - in tiffio.h. - - Windows (from winnt.h) DECLARE_HANDLE logic looks like - - #ifdef STRICT - typedef void *HANDLE; - #define DECLARE_HANDLE(name) struct name##__ { int unused; }; typedef struct name##__ *name - #else - typedef PVOID HANDLE; - #define DECLARE_HANDLE(name) typedef HANDLE name - #endif - - See http://bugzilla.maptools.org/show_bug.cgi?id=1941 for problems in WIN64 - builds resulting from this. Unfortunately, the proposed patch was lost. - -*/ - #include "tiffiop.h" #include +/* + CreateFileA/CreateFileW return type 'HANDLE' while TIFFFdOpen() takes 'int', + which is formally incompatible and can even seemingly be of different size: + HANDLE is 64 bit under Win64, while int is still 32 bits there. + + However, only the lower 32 bits of a HANDLE are significant under Win64 as, + for interoperability reasons, they must have the same values in 32- and + 64-bit programs running on the same system, see + + https://docs.microsoft.com/en-us/windows/win32/winprog64/interprocess-communication + + Because of this, it is safe to define the following trivial functions for + casting between ints and HANDLEs, which are only really needed to avoid + compiler warnings (and, perhaps, to make the code slightly more clear). + Note that using the intermediate cast to "intptr_t" is crucial for warning + avoidance, as this integer type has the same size as HANDLE in all builds. +*/ + +static inline thandle_t thandle_from_int(int ifd) +{ + return (thandle_t)(intptr_t)ifd; +} + +static inline int thandle_to_int(thandle_t fd) +{ + return (int)(intptr_t)fd; +} + static tmsize_t _tiffReadProc(thandle_t fd, void* buf, tmsize_t size) { @@ -151,9 +155,11 @@ _tiffCloseProc(thandle_t fd) static uint64 _tiffSizeProc(thandle_t fd) { - ULARGE_INTEGER m; - m.LowPart=GetFileSize(fd,&m.HighPart); - return(m.QuadPart); + LARGE_INTEGER m; + if (GetFileSizeEx(fd,&m)) + return(m.QuadPart); + else + return(0); } static int @@ -185,7 +191,7 @@ _tiffMapProc(thandle_t fd, void** pbase, toff_t* psize) size = _tiffSizeProc(fd); sizem = (tmsize_t)size; - if ((uint64)sizem!=size) + if (!size || (uint64)sizem!=size) return (0); /* By passing in 0 for the maximum file size, it specifies that we @@ -237,7 +243,7 @@ TIFFFdOpen(int ifd, const char* name, const char* mode) break; } } - tif = TIFFClientOpen(name, mode, (thandle_t)ifd, /* FIXME: WIN64 cast to pointer warning */ + tif = TIFFClientOpen(name, mode, thandle_from_int(ifd), _tiffReadProc, _tiffWriteProc, _tiffSeekProc, _tiffCloseProc, _tiffSizeProc, fSuppressMap ? _tiffDummyMapProc : _tiffMapProc, @@ -282,7 +288,7 @@ TIFFOpen(const char* name, const char* mode) return ((TIFF *)0); } - tif = TIFFFdOpen((int)fd, name, mode); /* FIXME: WIN64 cast from pointer to int warning */ + tif = TIFFFdOpen(thandle_to_int(fd), name, mode); if(!tif) CloseHandle(fd); return tif; @@ -337,7 +343,7 @@ TIFFOpenW(const wchar_t* name, const char* mode) NULL, NULL); } - tif = TIFFFdOpen((int)fd, /* FIXME: WIN64 cast from pointer to int warning */ + tif = TIFFFdOpen(thandle_to_int(fd), (mbname != NULL) ? mbname : "", mode); if(!tif) CloseHandle(fd); diff --git a/3rdparty/libtiff/tif_write.c b/3rdparty/libtiff/tif_write.c index a31ecd12c1..3af69ab4e7 100644 --- a/3rdparty/libtiff/tif_write.c +++ b/3rdparty/libtiff/tif_write.c @@ -128,10 +128,10 @@ TIFFWriteScanline(TIFF* tif, void* buf, uint32 row, uint16 sample) tif->tif_rawcc = 0; tif->tif_rawcp = tif->tif_rawdata; - if( td->td_stripbytecount[strip] > 0 ) + if( td->td_stripbytecount_p[strip] > 0 ) { /* if we are writing over existing tiles, zero length */ - td->td_stripbytecount[strip] = 0; + td->td_stripbytecount_p[strip] = 0; /* this forces TIFFAppendToStrip() to do a seek */ tif->tif_curoff = 0; @@ -176,6 +176,32 @@ TIFFWriteScanline(TIFF* tif, void* buf, uint32 row, uint16 sample) return (status); } +/* Make sure that at the first attempt of rewriting a tile/strip, we will have */ +/* more bytes available in the output buffer than the previous byte count, */ +/* so that TIFFAppendToStrip() will detect the overflow when it is called the first */ +/* time if the new compressed tile is bigger than the older one. (GDAL #4771) */ +static int _TIFFReserveLargeEnoughWriteBuffer(TIFF* tif, uint32 strip_or_tile) +{ + TIFFDirectory *td = &tif->tif_dir; + if( td->td_stripbytecount_p[strip_or_tile] > 0 ) + { + /* The +1 is to ensure at least one extra bytes */ + /* The +4 is because the LZW encoder flushes 4 bytes before the limit */ + uint64 safe_buffer_size = (uint64)(td->td_stripbytecount_p[strip_or_tile] + 1 + 4); + if( tif->tif_rawdatasize <= (tmsize_t)safe_buffer_size ) + { + if( !(TIFFWriteBufferSetup(tif, NULL, + (tmsize_t)TIFFroundup_64(safe_buffer_size, 1024))) ) + return 0; + } + + /* Force TIFFAppendToStrip() to consider placing data at end + of file. */ + tif->tif_curoff = 0; + } + return 1; +} + /* * Encode the supplied data and write it to the * specified strip. @@ -222,6 +248,13 @@ TIFFWriteEncodedStrip(TIFF* tif, uint32 strip, void* data, tmsize_t cc) tif->tif_flags |= TIFF_BUF4WRITE; tif->tif_curstrip = strip; + if( !_TIFFReserveLargeEnoughWriteBuffer(tif, strip) ) { + return ((tmsize_t)(-1)); + } + + tif->tif_rawcc = 0; + tif->tif_rawcp = tif->tif_rawdata; + if (td->td_stripsperimage == 0) { TIFFErrorExt(tif->tif_clientdata, module, "Zero strips per image"); return ((tmsize_t) -1); @@ -234,27 +267,6 @@ TIFFWriteEncodedStrip(TIFF* tif, uint32 strip, void* data, tmsize_t cc) tif->tif_flags |= TIFF_CODERSETUP; } - if( td->td_stripbytecount[strip] > 0 ) - { - /* Make sure that at the first attempt of rewriting the tile, we will have */ - /* more bytes available in the output buffer than the previous byte count, */ - /* so that TIFFAppendToStrip() will detect the overflow when it is called the first */ - /* time if the new compressed tile is bigger than the older one. (GDAL #4771) */ - if( tif->tif_rawdatasize <= (tmsize_t)td->td_stripbytecount[strip] ) - { - if( !(TIFFWriteBufferSetup(tif, NULL, - (tmsize_t)TIFFroundup_64((uint64)(td->td_stripbytecount[strip] + 1), 1024))) ) - return ((tmsize_t)(-1)); - } - - /* Force TIFFAppendToStrip() to consider placing data at end - of file. */ - tif->tif_curoff = 0; - } - - tif->tif_rawcc = 0; - tif->tif_rawcp = tif->tif_rawdata; - tif->tif_flags &= ~TIFF_POSTENCODE; /* shortcut to avoid an extra memcpy() */ @@ -402,22 +414,8 @@ TIFFWriteEncodedTile(TIFF* tif, uint32 tile, void* data, tmsize_t cc) tif->tif_flags |= TIFF_BUF4WRITE; tif->tif_curtile = tile; - if( td->td_stripbytecount[tile] > 0 ) - { - /* Make sure that at the first attempt of rewriting the tile, we will have */ - /* more bytes available in the output buffer than the previous byte count, */ - /* so that TIFFAppendToStrip() will detect the overflow when it is called the first */ - /* time if the new compressed tile is bigger than the older one. (GDAL #4771) */ - if( tif->tif_rawdatasize <= (tmsize_t) td->td_stripbytecount[tile] ) - { - if( !(TIFFWriteBufferSetup(tif, NULL, - (tmsize_t)TIFFroundup_64((uint64)(td->td_stripbytecount[tile] + 1), 1024))) ) - return ((tmsize_t)(-1)); - } - - /* Force TIFFAppendToStrip() to consider placing data at end - of file. */ - tif->tif_curoff = 0; + if( !_TIFFReserveLargeEnoughWriteBuffer(tif, tile) ) { + return ((tmsize_t)(-1)); } tif->tif_rawcc = 0; @@ -535,22 +533,29 @@ TIFFSetupStrips(TIFF* tif) isUnspecified(tif, FIELD_ROWSPERSTRIP) ? td->td_samplesperpixel : TIFFNumberOfStrips(tif); td->td_nstrips = td->td_stripsperimage; + /* TIFFWriteDirectoryTagData has a limitation to 0x80000000U bytes */ + if( td->td_nstrips >= 0x80000000U / ((tif->tif_flags&TIFF_BIGTIFF)?0x8U:0x4U) ) + { + TIFFErrorExt(tif->tif_clientdata, "TIFFSetupStrips", + "Too large Strip/Tile Offsets/ByteCounts arrays"); + return 0; + } if (td->td_planarconfig == PLANARCONFIG_SEPARATE) td->td_stripsperimage /= td->td_samplesperpixel; - td->td_stripoffset = (uint64 *) + td->td_stripoffset_p = (uint64 *) _TIFFCheckMalloc(tif, td->td_nstrips, sizeof (uint64), "for \"StripOffsets\" array"); - td->td_stripbytecount = (uint64 *) + td->td_stripbytecount_p = (uint64 *) _TIFFCheckMalloc(tif, td->td_nstrips, sizeof (uint64), "for \"StripByteCounts\" array"); - if (td->td_stripoffset == NULL || td->td_stripbytecount == NULL) + if (td->td_stripoffset_p == NULL || td->td_stripbytecount_p == NULL) return (0); /* * Place data at the end-of-file * (by setting offsets to zero). */ - _TIFFmemset(td->td_stripoffset, 0, td->td_nstrips*sizeof (uint64)); - _TIFFmemset(td->td_stripbytecount, 0, td->td_nstrips*sizeof (uint64)); + _TIFFmemset(td->td_stripoffset_p, 0, td->td_nstrips*sizeof (uint64)); + _TIFFmemset(td->td_stripbytecount_p, 0, td->td_nstrips*sizeof (uint64)); TIFFSetFieldBit(tif, FIELD_STRIPOFFSETS); TIFFSetFieldBit(tif, FIELD_STRIPBYTECOUNTS); return (1); @@ -572,7 +577,7 @@ TIFFWriteCheck(TIFF* tif, int tiles, const char* module) } if (tiles ^ isTiled(tif)) { TIFFErrorExt(tif->tif_clientdata, module, tiles ? - "Can not write tiles to a stripped image" : + "Can not write tiles to a striped image" : "Can not write scanlines to a tiled image"); return (0); } @@ -610,7 +615,7 @@ TIFFWriteCheck(TIFF* tif, int tiles, const char* module) return (0); } } - if (tif->tif_dir.td_stripoffset == NULL && !TIFFSetupStrips(tif)) { + if (tif->tif_dir.td_stripoffset_p == NULL && !TIFFSetupStrips(tif)) { tif->tif_dir.td_nstrips = 0; TIFFErrorExt(tif->tif_clientdata, module, "No space for %s arrays", isTiled(tif) ? "tile" : "strip"); @@ -628,6 +633,20 @@ TIFFWriteCheck(TIFF* tif, int tiles, const char* module) if (tif->tif_scanlinesize == 0) return (0); tif->tif_flags |= TIFF_BEENWRITING; + + if( tif->tif_dir.td_stripoffset_entry.tdir_tag != 0 && + tif->tif_dir.td_stripoffset_entry.tdir_count == 0 && + tif->tif_dir.td_stripoffset_entry.tdir_type == 0 && + tif->tif_dir.td_stripoffset_entry.tdir_offset.toff_long8 == 0 && + tif->tif_dir.td_stripbytecount_entry.tdir_tag != 0 && + tif->tif_dir.td_stripbytecount_entry.tdir_count == 0 && + tif->tif_dir.td_stripbytecount_entry.tdir_type == 0 && + tif->tif_dir.td_stripbytecount_entry.tdir_offset.toff_long8 == 0 && + !(tif->tif_flags & TIFF_DIRTYDIRECT) ) + { + TIFFForceStrileArrayWriting(tif); + } + return (1); } @@ -649,6 +668,10 @@ TIFFWriteBufferSetup(TIFF* tif, void* bp, tmsize_t size) if (size == (tmsize_t)(-1)) { size = (isTiled(tif) ? tif->tif_tilesize : TIFFStripSize(tif)); + + /* Adds 10% margin for cases where compression would expand a bit */ + if( size < TIFF_TMSIZE_T_MAX - size / 10 ) + size += size / 10; /* * Make raw data buffer at least 8K */ @@ -684,9 +707,9 @@ TIFFGrowStrips(TIFF* tif, uint32 delta, const char* module) uint64* new_stripbytecount; assert(td->td_planarconfig == PLANARCONFIG_CONTIG); - new_stripoffset = (uint64*)_TIFFrealloc(td->td_stripoffset, + new_stripoffset = (uint64*)_TIFFrealloc(td->td_stripoffset_p, (td->td_nstrips + delta) * sizeof (uint64)); - new_stripbytecount = (uint64*)_TIFFrealloc(td->td_stripbytecount, + new_stripbytecount = (uint64*)_TIFFrealloc(td->td_stripbytecount_p, (td->td_nstrips + delta) * sizeof (uint64)); if (new_stripoffset == NULL || new_stripbytecount == NULL) { if (new_stripoffset) @@ -697,11 +720,11 @@ TIFFGrowStrips(TIFF* tif, uint32 delta, const char* module) TIFFErrorExt(tif->tif_clientdata, module, "No space to expand strip arrays"); return (0); } - td->td_stripoffset = new_stripoffset; - td->td_stripbytecount = new_stripbytecount; - _TIFFmemset(td->td_stripoffset + td->td_nstrips, + td->td_stripoffset_p = new_stripoffset; + td->td_stripbytecount_p = new_stripbytecount; + _TIFFmemset(td->td_stripoffset_p + td->td_nstrips, 0, delta*sizeof (uint64)); - _TIFFmemset(td->td_stripbytecount + td->td_nstrips, + _TIFFmemset(td->td_stripbytecount_p + td->td_nstrips, 0, delta*sizeof (uint64)); td->td_nstrips += delta; tif->tif_flags |= TIFF_DIRTYDIRECT; @@ -720,12 +743,12 @@ TIFFAppendToStrip(TIFF* tif, uint32 strip, uint8* data, tmsize_t cc) uint64 m; int64 old_byte_count = -1; - if (td->td_stripoffset[strip] == 0 || tif->tif_curoff == 0) { + if (td->td_stripoffset_p[strip] == 0 || tif->tif_curoff == 0) { assert(td->td_nstrips > 0); - if( td->td_stripbytecount[strip] != 0 - && td->td_stripoffset[strip] != 0 - && td->td_stripbytecount[strip] >= (uint64) cc ) + if( td->td_stripbytecount_p[strip] != 0 + && td->td_stripoffset_p[strip] != 0 + && td->td_stripbytecount_p[strip] >= (uint64) cc ) { /* * There is already tile data on disk, and the new tile @@ -734,7 +757,7 @@ TIFFAppendToStrip(TIFF* tif, uint32 strip, uint8* data, tmsize_t cc) * more data to append to this strip before we are done * depending on how we are getting called. */ - if (!SeekOK(tif, td->td_stripoffset[strip])) { + if (!SeekOK(tif, td->td_stripoffset_p[strip])) { TIFFErrorExt(tif->tif_clientdata, module, "Seek error at scanline %lu", (unsigned long)tif->tif_row); @@ -747,17 +770,17 @@ TIFFAppendToStrip(TIFF* tif, uint32 strip, uint8* data, tmsize_t cc) * Seek to end of file, and set that as our location to * write this strip. */ - td->td_stripoffset[strip] = TIFFSeekFile(tif, 0, SEEK_END); + td->td_stripoffset_p[strip] = TIFFSeekFile(tif, 0, SEEK_END); tif->tif_flags |= TIFF_DIRTYSTRIP; } - tif->tif_curoff = td->td_stripoffset[strip]; + tif->tif_curoff = td->td_stripoffset_p[strip]; /* * We are starting a fresh strip/tile, so set the size to zero. */ - old_byte_count = td->td_stripbytecount[strip]; - td->td_stripbytecount[strip] = 0; + old_byte_count = td->td_stripbytecount_p[strip]; + td->td_stripbytecount_p[strip] = 0; } m = tif->tif_curoff+cc; @@ -774,9 +797,9 @@ TIFFAppendToStrip(TIFF* tif, uint32 strip, uint8* data, tmsize_t cc) return (0); } tif->tif_curoff = m; - td->td_stripbytecount[strip] += cc; + td->td_stripbytecount_p[strip] += cc; - if( (int64) td->td_stripbytecount[strip] != old_byte_count ) + if( (int64) td->td_stripbytecount_p[strip] != old_byte_count ) tif->tif_flags |= TIFF_DIRTYSTRIP; return (1); diff --git a/3rdparty/libtiff/tif_zip.c b/3rdparty/libtiff/tif_zip.c index c75077349e..e71c312c80 100644 --- a/3rdparty/libtiff/tif_zip.c +++ b/3rdparty/libtiff/tif_zip.c @@ -29,24 +29,22 @@ * * ZIP (aka Deflate) Compression Support * - * This file is simply an interface to the zlib library written by + * This file is an interface to the zlib library written by * Jean-loup Gailly and Mark Adler. You must use version 1.0 or later - * of the library: this code assumes the 1.0 API and also depends on - * the ability to write the zlib header multiple times (one per strip) - * which was not possible with versions prior to 0.95. Note also that - * older versions of this codec avoided this bug by suppressing the header - * entirely. This means that files written with the old library cannot - * be read; they should be converted to a different compression scheme - * and then reconverted. + * of the library. * - * The data format used by the zlib library is described in the files - * zlib-3.1.doc, deflate-1.1.doc and gzip-4.1.doc, available in the - * directory ftp://ftp.uu.net/pub/archiving/zip/doc. The library was - * last found at ftp://ftp.uu.net/pub/archiving/zip/zlib/zlib-0.99.tar.gz. + * Optionally, libdeflate (https://github.com/ebiggers/libdeflate) may be used + * to do the compression and decompression, but only for whole strips and tiles. + * For scanline access, zlib will be sued as a fallback. */ #include "tif_predict.h" #include "zlib.h" +#if LIBDEFLATE_SUPPORT +#include "libdeflate.h" +#endif +#define LIBDEFLATE_MAX_COMPRESSION_LEVEL 12 + #include /* @@ -70,6 +68,12 @@ typedef struct { z_stream stream; int zipquality; /* compression level */ int state; /* state flags */ + int subcodec; /* DEFLATE_SUBCODEC_ZLIB or DEFLATE_SUBCODEC_LIBDEFLATE */ +#if LIBDEFLATE_SUPPORT + int libdeflate_state; /* -1 = until first time ZIPEncode() / ZIPDecode() is called, 0 = use zlib, 1 = use libdeflate */ + struct libdeflate_decompressor* libdeflate_dec; + struct libdeflate_compressor* libdeflate_enc; +#endif #define ZSTATE_INIT_DECODE 0x01 #define ZSTATE_INIT_ENCODE 0x02 @@ -132,6 +136,9 @@ ZIPPreDecode(TIFF* tif, uint16 s) if( (sp->state & ZSTATE_INIT_DECODE) == 0 ) tif->tif_setupdecode( tif ); +#if LIBDEFLATE_SUPPORT + sp->libdeflate_state = -1; +#endif sp->stream.next_in = tif->tif_rawdata; assert(sizeof(sp->stream.avail_in)==4); /* if this assert gets raised, we need to simplify this code to reflect a ZLib that is likely updated @@ -151,6 +158,77 @@ ZIPDecode(TIFF* tif, uint8* op, tmsize_t occ, uint16 s) assert(sp != NULL); assert(sp->state == ZSTATE_INIT_DECODE); +#if LIBDEFLATE_SUPPORT + if( sp->libdeflate_state == 1 ) + return 0; + + /* If we have libdeflate support and we are asked to read a whole */ + /* strip/tile, then go for using it */ + do { + TIFFDirectory *td = &tif->tif_dir; + + if( sp->libdeflate_state == 0 ) + break; + if( sp->subcodec == DEFLATE_SUBCODEC_ZLIB ) + break; + + /* Check if we are in the situation where we can use libdeflate */ + if (isTiled(tif)) { + if( TIFFTileSize64(tif) != (uint64)occ ) + break; + } else { + uint32 strip_height = td->td_imagelength - tif->tif_row; + if (strip_height > td->td_rowsperstrip) + strip_height = td->td_rowsperstrip; + if( TIFFVStripSize64(tif, strip_height) != (uint64)occ ) + break; + } + + /* Check for overflow */ + if( (size_t)tif->tif_rawcc != (uint64)tif->tif_rawcc ) + break; + if( (size_t)occ != (uint64)occ ) + break; + + /* Go for decompression using libdeflate */ + { + enum libdeflate_result res; + if( sp->libdeflate_dec == NULL ) + { + sp->libdeflate_dec = libdeflate_alloc_decompressor(); + if( sp->libdeflate_dec == NULL ) + { + break; + } + } + + sp->libdeflate_state = 1; + + res = libdeflate_zlib_decompress( + sp->libdeflate_dec, tif->tif_rawcp, (size_t)tif->tif_rawcc, op, (size_t)occ, NULL); + + tif->tif_rawcp += tif->tif_rawcc; + tif->tif_rawcc = 0; + + /* We accept LIBDEFLATE_INSUFFICIENT_SPACE has a return */ + /* There are odd files in the wild where the last strip, when */ + /* it is smaller in height than td_rowsperstrip, actually contains */ + /* data for td_rowsperstrip lines. Just ignore that silently. */ + if( res != LIBDEFLATE_SUCCESS && + res != LIBDEFLATE_INSUFFICIENT_SPACE ) + { + TIFFErrorExt(tif->tif_clientdata, module, + "Decoding error at scanline %lu", + (unsigned long) tif->tif_row); + return 0; + } + + return 1; + } + } while(0); + sp->libdeflate_state = 0; +#endif /* LIBDEFLATE_SUPPORT */ + sp->stream.next_in = tif->tif_rawcp; sp->stream.next_out = op; @@ -198,6 +276,7 @@ ZIPSetupEncode(TIFF* tif) { static const char module[] = "ZIPSetupEncode"; ZIPState* sp = EncoderState(tif); + int cappedQuality; assert(sp != NULL); if (sp->state & ZSTATE_INIT_DECODE) { @@ -205,7 +284,11 @@ ZIPSetupEncode(TIFF* tif) sp->state = 0; } - if (deflateInit(&sp->stream, sp->zipquality) != Z_OK) { + cappedQuality = sp->zipquality; + if( cappedQuality > Z_BEST_COMPRESSION ) + cappedQuality = Z_BEST_COMPRESSION; + + if (deflateInit(&sp->stream, cappedQuality) != Z_OK) { TIFFErrorExt(tif->tif_clientdata, module, "%s", SAFE_MSG(sp)); return (0); } else { @@ -227,6 +310,9 @@ ZIPPreEncode(TIFF* tif, uint16 s) if( sp->state != ZSTATE_INIT_ENCODE ) tif->tif_setupencode( tif ); +#if LIBDEFLATE_SUPPORT + sp->libdeflate_state = -1; +#endif sp->stream.next_out = tif->tif_rawdata; assert(sizeof(sp->stream.avail_out)==4); /* if this assert gets raised, we need to simplify this code to reflect a ZLib that is likely updated @@ -249,6 +335,95 @@ ZIPEncode(TIFF* tif, uint8* bp, tmsize_t cc, uint16 s) assert(sp->state == ZSTATE_INIT_ENCODE); (void) s; + +#if LIBDEFLATE_SUPPORT + if( sp->libdeflate_state == 1 ) + return 0; + + /* If we have libdeflate support and we are asked to write a whole */ + /* strip/tile, then go for using it */ + do { + TIFFDirectory *td = &tif->tif_dir; + + if( sp->libdeflate_state == 0 ) + break; + if( sp->subcodec == DEFLATE_SUBCODEC_ZLIB ) + break; + + /* Libdeflate does not support the 0-compression level */ + if( sp->zipquality == Z_NO_COMPRESSION ) + break; + + /* Check if we are in the situation where we can use libdeflate */ + if (isTiled(tif)) { + if( TIFFTileSize64(tif) != (uint64)cc ) + break; + } else { + uint32 strip_height = td->td_imagelength - tif->tif_row; + if (strip_height > td->td_rowsperstrip) + strip_height = td->td_rowsperstrip; + if( TIFFVStripSize64(tif, strip_height) != (uint64)cc ) + break; + } + + /* Check for overflow */ + if( (size_t)tif->tif_rawdatasize != (uint64)tif->tif_rawdatasize ) + break; + if( (size_t)cc != (uint64)cc ) + break; + + /* Go for compression using libdeflate */ + { + size_t nCompressedBytes; + if( sp->libdeflate_enc == NULL ) + { + /* To get results as good as zlib, we asked for an extra */ + /* level of compression */ + sp->libdeflate_enc = libdeflate_alloc_compressor( + sp->zipquality == Z_DEFAULT_COMPRESSION ? 7 : + sp->zipquality >= 6 && sp->zipquality <= 9 ? sp->zipquality + 1 : + sp->zipquality); + if( sp->libdeflate_enc == NULL ) + { + TIFFErrorExt(tif->tif_clientdata, module, + "Cannot allocate compressor"); + break; + } + } + + /* Make sure the output buffer is large enough for the worse case. */ + /* In TIFFWriteBufferSetup(), when libtiff allocates the buffer */ + /* we've taken a 10% margin over the uncompressed size, which should */ + /* be large enough even for the the worse case scenario. */ + if( libdeflate_zlib_compress_bound(sp->libdeflate_enc, (size_t)cc) > + (size_t)tif->tif_rawdatasize) + { + break; + } + + sp->libdeflate_state = 1; + nCompressedBytes = libdeflate_zlib_compress( + sp->libdeflate_enc, bp, (size_t)cc, tif->tif_rawdata, (size_t)tif->tif_rawdatasize); + + if( nCompressedBytes == 0 ) + { + TIFFErrorExt(tif->tif_clientdata, module, + "Encoder error at scanline %lu", + (unsigned long) tif->tif_row); + return 0; + } + + tif->tif_rawcc = nCompressedBytes; + + if( !TIFFFlushData1(tif) ) + return 0; + + return 1; + } + } while(0); + sp->libdeflate_state = 0; +#endif /* LIBDEFLATE_SUPPORT */ + sp->stream.next_in = bp; assert(sizeof(sp->stream.avail_in)==4); /* if this assert gets raised, we need to simplify this code to reflect a ZLib that is likely updated @@ -265,7 +440,8 @@ ZIPEncode(TIFF* tif, uint8* bp, tmsize_t cc, uint16 s) } if (sp->stream.avail_out == 0) { tif->tif_rawcc = tif->tif_rawdatasize; - TIFFFlushData1(tif); + if (!TIFFFlushData1(tif)) + return 0; sp->stream.next_out = tif->tif_rawdata; sp->stream.avail_out = (uint64)tif->tif_rawdatasize <= 0xFFFFFFFFU ? (uInt)tif->tif_rawdatasize : 0xFFFFFFFFU; } @@ -285,6 +461,11 @@ ZIPPostEncode(TIFF* tif) ZIPState *sp = EncoderState(tif); int state; +#if LIBDEFLATE_SUPPORT + if( sp->libdeflate_state == 1 ) + return 1; +#endif + sp->stream.avail_in = 0; do { state = deflate(&sp->stream, Z_FINISH); @@ -294,7 +475,8 @@ ZIPPostEncode(TIFF* tif) if ((tmsize_t)sp->stream.avail_out != tif->tif_rawdatasize) { tif->tif_rawcc = tif->tif_rawdatasize - sp->stream.avail_out; - TIFFFlushData1(tif); + if (!TIFFFlushData1(tif)) + return 0; sp->stream.next_out = tif->tif_rawdata; sp->stream.avail_out = (uint64)tif->tif_rawdatasize <= 0xFFFFFFFFU ? (uInt)tif->tif_rawdatasize : 0xFFFFFFFFU; } @@ -327,6 +509,14 @@ ZIPCleanup(TIFF* tif) inflateEnd(&sp->stream); sp->state = 0; } + +#if LIBDEFLATE_SUPPORT + if( sp->libdeflate_dec ) + libdeflate_free_decompressor(sp->libdeflate_dec); + if( sp->libdeflate_enc ) + libdeflate_free_compressor(sp->libdeflate_enc); +#endif + _TIFFfree(sp); tif->tif_data = NULL; @@ -342,15 +532,55 @@ ZIPVSetField(TIFF* tif, uint32 tag, va_list ap) switch (tag) { case TIFFTAG_ZIPQUALITY: sp->zipquality = (int) va_arg(ap, int); - if ( sp->state&ZSTATE_INIT_ENCODE ) { + if( sp->zipquality < Z_DEFAULT_COMPRESSION || + sp->zipquality > LIBDEFLATE_MAX_COMPRESSION_LEVEL ) { + TIFFErrorExt(tif->tif_clientdata, module, + "Invalid ZipQuality value. Should be in [-1,%d] range", + LIBDEFLATE_MAX_COMPRESSION_LEVEL); + return 0; + } + + if ( sp->state&ZSTATE_INIT_ENCODE ) { + int cappedQuality = sp->zipquality; + if( cappedQuality > Z_BEST_COMPRESSION ) + cappedQuality = Z_BEST_COMPRESSION; if (deflateParams(&sp->stream, - sp->zipquality, Z_DEFAULT_STRATEGY) != Z_OK) { + cappedQuality, Z_DEFAULT_STRATEGY) != Z_OK) { TIFFErrorExt(tif->tif_clientdata, module, "ZLib error: %s", SAFE_MSG(sp)); return (0); } } + +#if LIBDEFLATE_SUPPORT + if( sp->libdeflate_enc ) + { + libdeflate_free_compressor(sp->libdeflate_enc); + sp->libdeflate_enc = NULL; + } +#endif + return (1); + + case TIFFTAG_DEFLATE_SUBCODEC: + sp->subcodec = (int) va_arg(ap, int); + if( sp->subcodec != DEFLATE_SUBCODEC_ZLIB && + sp->subcodec != DEFLATE_SUBCODEC_LIBDEFLATE ) + { + TIFFErrorExt(tif->tif_clientdata, module, + "Invalid DeflateCodec value."); + return 0; + } +#if !LIBDEFLATE_SUPPORT + if( sp->subcodec == DEFLATE_SUBCODEC_LIBDEFLATE ) + { + TIFFErrorExt(tif->tif_clientdata, module, + "DeflateCodec = DEFLATE_SUBCODEC_LIBDEFLATE unsupported in this build"); + return 0; + } +#endif + return 1; + default: return (*sp->vsetparent)(tif, tag, ap); } @@ -366,6 +596,11 @@ ZIPVGetField(TIFF* tif, uint32 tag, va_list ap) case TIFFTAG_ZIPQUALITY: *va_arg(ap, int*) = sp->zipquality; break; + + case TIFFTAG_DEFLATE_SUBCODEC: + *va_arg(ap, int*) = sp->subcodec; + break; + default: return (*sp->vgetparent)(tif, tag, ap); } @@ -374,6 +609,7 @@ ZIPVGetField(TIFF* tif, uint32 tag, va_list ap) static const TIFFField zipFields[] = { { TIFFTAG_ZIPQUALITY, 0, 0, TIFF_ANY, 0, TIFF_SETGET_INT, TIFF_SETGET_UNDEFINED, FIELD_PSEUDO, TRUE, FALSE, "", NULL }, + { TIFFTAG_DEFLATE_SUBCODEC, 0, 0, TIFF_ANY, 0, TIFF_SETGET_INT, TIFF_SETGET_UNDEFINED, FIELD_PSEUDO, TRUE, FALSE, "", NULL }, }; int @@ -384,6 +620,9 @@ TIFFInitZIP(TIFF* tif, int scheme) assert( (scheme == COMPRESSION_DEFLATE) || (scheme == COMPRESSION_ADOBE_DEFLATE)); +#ifdef NDEBUG + (void)scheme; +#endif /* * Merge codec-specific tag information. @@ -397,7 +636,7 @@ TIFFInitZIP(TIFF* tif, int scheme) /* * Allocate state block so tag methods have storage to record values. */ - tif->tif_data = (uint8*) _TIFFmalloc(sizeof (ZIPState)); + tif->tif_data = (uint8*) _TIFFcalloc(sizeof (ZIPState), 1); if (tif->tif_data == NULL) goto bad; sp = ZState(tif); @@ -417,6 +656,11 @@ TIFFInitZIP(TIFF* tif, int scheme) /* Default values for codec-specific fields */ sp->zipquality = Z_DEFAULT_COMPRESSION; /* default comp. level */ sp->state = 0; +#if LIBDEFLATE_SUPPORT + sp->subcodec = DEFLATE_SUBCODEC_LIBDEFLATE; +#else + sp->subcodec = DEFLATE_SUBCODEC_ZLIB; +#endif /* * Install codec methods. diff --git a/3rdparty/libtiff/tif_zstd.c b/3rdparty/libtiff/tif_zstd.c index 21c935e2da..66135e03c1 100644 --- a/3rdparty/libtiff/tif_zstd.c +++ b/3rdparty/libtiff/tif_zstd.c @@ -260,7 +260,8 @@ ZSTDEncode(TIFF* tif, uint8* bp, tmsize_t cc, uint16 s) } if( sp->out_buffer.pos == sp->out_buffer.size ) { tif->tif_rawcc = tif->tif_rawdatasize; - TIFFFlushData1(tif); + if (!TIFFFlushData1(tif)) + return 0; sp->out_buffer.dst = tif->tif_rawcp; sp->out_buffer.pos = 0; } @@ -289,7 +290,8 @@ ZSTDPostEncode(TIFF* tif) } if( sp->out_buffer.pos > 0 ) { tif->tif_rawcc = sp->out_buffer.pos; - TIFFFlushData1(tif); + if (!TIFFFlushData1(tif)) + return 0; sp->out_buffer.dst = tif->tif_rawcp; sp->out_buffer.pos = 0; } diff --git a/3rdparty/libtiff/tiff.h b/3rdparty/libtiff/tiff.h index 5b0a0c90f6..2d4a47679d 100644 --- a/3rdparty/libtiff/tiff.h +++ b/3rdparty/libtiff/tiff.h @@ -119,6 +119,11 @@ typedef struct { * Tag data type information. * * Note: RATIONALs are the ratio of two 32-bit integer values. + *--: + * Note2: TIFF_IFD8 data type is used in tiffFields[]-tag definition in order to distinguish the write-handling + of those tags between ClassicTIFF and BigTiff: + For ClassicTIFF libtiff writes a 32-bit value and the TIFF_IFD type-id into the file + For BigTIFF libtiff writes a 64-bit value and the TIFF_IFD8 type-id into the file */ typedef enum { TIFF_NOTYPE = 0, /* placeholder */ @@ -375,6 +380,7 @@ typedef enum { January 2004 */ #define TIFFTAG_OPIIMAGEID 32781 /* %OPI ImageID [Adobe TIFF technote] */ +#define TIFFTAG_TIFFANNOTATIONDATA 32932 /* http://web.archive.org/web/20050309141348/http://www.kofile.com/support%20pro/faqs/annospec.htm */ /* tags 32952-32956 are private tags registered to Island Graphics */ #define TIFFTAG_REFPTS 32953 /* image reference points */ #define TIFFTAG_REGIONTACKPOINT 32954 /* region-xform tack point */ @@ -409,8 +415,23 @@ typedef enum { #define TIFFTAG_CFAPATTERN 33422 /* color filter array pattern */ /* tag 33432 is listed in the 6.0 spec w/ unknown ownership */ #define TIFFTAG_COPYRIGHT 33432 /* copyright string */ +/* Tags 33445-33452 are used for GEL fileformat, see + * http://research.stowers-institute.org/mcm/efg/ScientificSoftware/Utility/TiffTags/GEL-FileFormat.pdf + */ +#define TIFFTAG_MD_FILETAG 33445 /* http://research.stowers-institute.org/mcm/efg/ScientificSoftware/Utility/TiffTags/GEL-FileFormat.pdf */ +#define TIFFTAG_MD_SCALEPIXEL 33446 /* http://research.stowers-institute.org/mcm/efg/ScientificSoftware/Utility/TiffTags/GEL-FileFormat.pdf */ +#define TIFFTAG_MD_COLORTABLE 33447 /* http://research.stowers-institute.org/mcm/efg/ScientificSoftware/Utility/TiffTags/GEL-FileFormat.pdf */ +#define TIFFTAG_MD_LABNAME 33448 /* http://research.stowers-institute.org/mcm/efg/ScientificSoftware/Utility/TiffTags/GEL-FileFormat.pdf */ +#define TIFFTAG_MD_SAMPLEINFO 33449 /* http://research.stowers-institute.org/mcm/efg/ScientificSoftware/Utility/TiffTags/GEL-FileFormat.pdf */ +#define TIFFTAG_MD_PREPDATE 33450 /* http://research.stowers-institute.org/mcm/efg/ScientificSoftware/Utility/TiffTags/GEL-FileFormat.pdf */ +#define TIFFTAG_MD_PREPTIME 33451 /* http://research.stowers-institute.org/mcm/efg/ScientificSoftware/Utility/TiffTags/GEL-FileFormat.pdf */ +#define TIFFTAG_MD_FILEUNITS 33452 /* http://research.stowers-institute.org/mcm/efg/ScientificSoftware/Utility/TiffTags/GEL-FileFormat.pdf */ /* IPTC TAG from RichTIFF specifications */ #define TIFFTAG_RICHTIFFIPTC 33723 +#define TIFFTAG_INGR_PACKET_DATA_TAG 33918 /* Intergraph Application specific storage. */ +#define TIFFTAG_INGR_FLAG_REGISTERS 33919 /* Intergraph Application specific flags. */ +#define TIFFTAG_IRASB_TRANSORMATION_MATRIX 33920 /* Originally part of Intergraph's GeoTIFF tags, but likely understood by IrasB only. */ +#define TIFFTAG_MODELTIEPOINTTAG 33922 /* GeoTIFF */ /* 34016-34029 are reserved for ANSI IT8 TIFF/IT > 1) + +/* + * Largest 32-bit unsigned integer value. + */ +#define TIFF_UINT32_MAX 0xFFFFFFFFU + +/* + * Largest 64-bit unsigned integer value. + */ +#define TIFF_UINT64_MAX (((uint64)(TIFF_UINT32_MAX)) << 32 | TIFF_UINT32_MAX) + typedef struct client_info { struct client_info *next; void *data; @@ -127,6 +140,9 @@ struct tiff { #define TIFF_DIRTYSTRIP 0x200000U /* stripoffsets/stripbytecount dirty*/ #define TIFF_PERSAMPLE 0x400000U /* get/set per sample tags as arrays */ #define TIFF_BUFFERMMAP 0x800000U /* read buffer (tif_rawdata) points into mmap() memory */ + #define TIFF_DEFERSTRILELOAD 0x1000000U /* defer strip/tile offset/bytecount array loading. */ + #define TIFF_LAZYSTRILELOAD 0x2000000U /* lazy/ondemand loading of strip/tile offset/bytecount values. Only used if TIFF_DEFERSTRILELOAD is set and in read-only mode */ + #define TIFF_CHOPPEDUPARRAYS 0x4000000U /* set when allocChoppedUpStripArrays() has modified strip array */ uint64 tif_diroff; /* file offset of current directory */ uint64 tif_nextdiroff; /* file offset of following directory */ uint64* tif_dirlist; /* list of offsets to already seen directories to prevent IFD looping */ @@ -258,7 +274,7 @@ struct tiff { #define TIFFhowmany8_64(x) (((x)&0x07)?((uint64)(x)>>3)+1:(uint64)(x)>>3) #define TIFFroundup_64(x, y) (TIFFhowmany_64(x,y)*(y)) -/* Safe multiply which returns zero if there is an integer overflow */ +/* Safe multiply which returns zero if there is an *unsigned* integer overflow. This macro is not safe for *signed* integer types */ #define TIFFSafeMultiply(t,v,m) ((((t)(m) != (t)0) && (((t)(((v)*(m))/(m))) == (t)(v))) ? (t)((v)*(m)) : (t)0) #define TIFFmax(A,B) ((A)>(B)?(A):(B)) @@ -351,6 +367,9 @@ extern uint32 _TIFFDefaultStripSize(TIFF* tif, uint32 s); extern void _TIFFDefaultTileSize(TIFF* tif, uint32* tw, uint32* th); extern int _TIFFDataSize(TIFFDataType type); +/*--: Rational2Double: Return size of TIFFSetGetFieldType in bytes. */ +extern int _TIFFSetGetFieldSize(TIFFSetGetFieldType setgettype); + extern void _TIFFsetByteArray(void**, void*, uint32); extern void _TIFFsetString(char**, char*); extern void _TIFFsetShortArray(uint16**, uint16*, uint32); @@ -368,6 +387,8 @@ extern TIFFErrorHandlerExt _TIFFerrorHandlerExt; extern uint32 _TIFFMultiply32(TIFF*, uint32, uint32, const char*); extern uint64 _TIFFMultiply64(TIFF*, uint64, uint64, const char*); +extern tmsize_t _TIFFMultiplySSize(TIFF*, tmsize_t, tmsize_t, const char*); +extern tmsize_t _TIFFCastUInt64ToSSize(TIFF*, uint64, const char*); extern void* _TIFFCheckMalloc(TIFF*, tmsize_t, tmsize_t, const char*); extern void* _TIFFCheckRealloc(TIFF*, void*, tmsize_t, tmsize_t, const char*); diff --git a/3rdparty/libtiff/tiffvers.h b/3rdparty/libtiff/tiffvers.h index 403d61be04..0cce798b83 100644 --- a/3rdparty/libtiff/tiffvers.h +++ b/3rdparty/libtiff/tiffvers.h @@ -1,4 +1,4 @@ -#define TIFFLIB_VERSION_STR "LIBTIFF, Version 4.0.10\nCopyright (c) 1988-1996 Sam Leffler\nCopyright (c) 1991-1996 Silicon Graphics, Inc." +#define TIFFLIB_VERSION_STR "LIBTIFF, Version 4.2.0\nCopyright (c) 1988-1996 Sam Leffler\nCopyright (c) 1991-1996 Silicon Graphics, Inc." /* * This define can be used in code that requires * compilation-related definitions specific to a @@ -6,4 +6,4 @@ * version checking should be done based on the * string returned by TIFFGetVersion. */ -#define TIFFLIB_VERSION 20181110 +#define TIFFLIB_VERSION 20201219