1/* -*- Mode: C; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2/* ***** BEGIN LICENSE BLOCK *****
3 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
4 *
5 * The contents of this file are subject to the Mozilla Public License Version
6 * 1.1 (the "License"); you may not use this file except in compliance with
7 * the License. You may obtain a copy of the License at
8 * http://www.mozilla.org/MPL/
9 *
10 * Software distributed under the License is distributed on an "AS IS" basis,
11 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
12 * for the specific language governing rights and limitations under the
13 * License.
14 *
15 * The Original Code is mozilla.org code.
16 *
17 * The Initial Developer of the Original Code is
18 * Netscape Communications Corporation.
19 * Portions created by the Initial Developer are Copyright (C) 1998
20 * the Initial Developer. All Rights Reserved.
21 *
22 * Contributor(s):
23 * Chris Saari <saari@netscape.com>
24 * Apple Inc.
25 *
26 * Alternatively, the contents of this file may be used under the terms of
27 * either the GNU General Public License Version 2 or later (the "GPL"), or
28 * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
29 * in which case the provisions of the GPL or the LGPL are applicable instead
30 * of those above. If you wish to allow use of your version of this file only
31 * under the terms of either the GPL or the LGPL, and not to allow others to
32 * use your version of this file under the terms of the MPL, indicate your
33 * decision by deleting the provisions above and replace them with the notice
34 * and other provisions required by the GPL or the LGPL. If you do not delete
35 * the provisions above, a recipient may use your version of this file under
36 * the terms of any one of the MPL, the GPL or the LGPL.
37 *
38 * ***** END LICENSE BLOCK ***** */
39
40/*
41The Graphics Interchange Format(c) is the copyright property of CompuServe
42Incorporated. Only CompuServe Incorporated is authorized to define, redefine,
43enhance, alter, modify or change in any way the definition of the format.
44
45CompuServe Incorporated hereby grants a limited, non-exclusive, royalty-free
46license for the use of the Graphics Interchange Format(sm) in computer
47software; computer software utilizing GIF(sm) must acknowledge ownership of the
48Graphics Interchange Format and its Service Mark by CompuServe Incorporated, in
49User and Technical Documentation. Computer software utilizing GIF, which is
50distributed or may be distributed without User or Technical Documentation must
51display to the screen or printer a message acknowledging ownership of the
52Graphics Interchange Format and the Service Mark by CompuServe Incorporated; in
53this case, the acknowledgement may be displayed in an opening screen or leading
54banner, or a closing screen or trailing banner. A message such as the following
55may be used:
56
57 "The Graphics Interchange Format(c) is the Copyright property of
58 CompuServe Incorporated. GIF(sm) is a Service Mark property of
59 CompuServe Incorporated."
60
61For further information, please contact :
62
63 CompuServe Incorporated
64 Graphics Technology Department
65 5000 Arlington Center Boulevard
66 Columbus, Ohio 43220
67 U. S. A.
68
69CompuServe Incorporated maintains a mailing list with all those individuals and
70organizations who wish to receive copies of this document when it is corrected
71or revised. This service is offered free of charge; please provide us with your
72mailing address.
73*/
74
75#include "config.h"
76#include "GIFImageReader.h"
77
78#include <string.h>
79#include "GIFImageDecoder.h"
80
81using WebCore::GIFImageDecoder;
82
83// GETN(n, s) requests at least 'n' bytes available from 'q', at start of state 's'.
84//
85// Note, the hold will never need to be bigger than 256 bytes to gather up in the hold,
86// as each GIF block (except colormaps) can never be bigger than 256 bytes.
87// Colormaps are directly copied in the resp. global_colormap or dynamically allocated local_colormap.
88// So a fixed buffer in GIFImageReader is good enough.
89// This buffer is only needed to copy left-over data from one GifWrite call to the next
90#define GETN(n, s) \
91 do { \
92 m_bytesToConsume = (n); \
93 m_state = (s); \
94 } while (0)
95
96// Get a 16-bit value stored in little-endian format.
97#define GETINT16(p) ((p)[1]<<8|(p)[0])
98
99// Send the data to the display front-end.
100bool GIFLZWContext::outputRow()
101{
102 int drowStart = irow;
103 int drowEnd = irow;
104
105 // Haeberli-inspired hack for interlaced GIFs: Replicate lines while
106 // displaying to diminish the "venetian-blind" effect as the image is
107 // loaded. Adjust pixel vertical positions to avoid the appearance of the
108 // image crawling up the screen as successive passes are drawn.
109 if (m_frameContext->progressiveDisplay && m_frameContext->interlaced && ipass < 4) {
110 unsigned rowDup = 0;
111 unsigned rowShift = 0;
112
113 switch (ipass) {
114 case 1:
115 rowDup = 7;
116 rowShift = 3;
117 break;
118 case 2:
119 rowDup = 3;
120 rowShift = 1;
121 break;
122 case 3:
123 rowDup = 1;
124 rowShift = 0;
125 break;
126 default:
127 break;
128 }
129
130 drowStart -= rowShift;
131 drowEnd = drowStart + rowDup;
132
133 // Extend if bottom edge isn't covered because of the shift upward.
134 if (((m_frameContext->height - 1) - drowEnd) <= rowShift)
135 drowEnd = m_frameContext->height - 1;
136
137 // Clamp first and last rows to upper and lower edge of image.
138 if (drowStart < 0)
139 drowStart = 0;
140
141 if ((unsigned)drowEnd >= m_frameContext->height)
142 drowEnd = m_frameContext->height - 1;
143 }
144
145 // Protect against too much image data.
146 if ((unsigned)drowStart >= m_frameContext->height)
147 return true;
148
149 // CALLBACK: Let the client know we have decoded a row.
150 if (!m_client->haveDecodedRow(m_frameContext->frameId, rowBuffer, m_frameContext->width,
151 drowStart, drowEnd - drowStart + 1, m_frameContext->progressiveDisplay && m_frameContext->interlaced && ipass > 1))
152 return false;
153
154 if (!m_frameContext->interlaced)
155 irow++;
156 else {
157 do {
158 switch (ipass) {
159 case 1:
160 irow += 8;
161 if (irow >= m_frameContext->height) {
162 ipass++;
163 irow = 4;
164 }
165 break;
166
167 case 2:
168 irow += 8;
169 if (irow >= m_frameContext->height) {
170 ipass++;
171 irow = 2;
172 }
173 break;
174
175 case 3:
176 irow += 4;
177 if (irow >= m_frameContext->height) {
178 ipass++;
179 irow = 1;
180 }
181 break;
182
183 case 4:
184 irow += 2;
185 if (irow >= m_frameContext->height) {
186 ipass++;
187 irow = 0;
188 }
189 break;
190
191 default:
192 break;
193 }
194 } while (irow > (m_frameContext->height - 1));
195 }
196 return true;
197}
198
199// Perform Lempel-Ziv-Welch decoding.
200// Returns true if decoding was successful. In this case the block will have been completely consumed and/or rowsRemaining will be 0.
201// Otherwise, decoding failed; returns false in this case, which will always cause the GIFImageReader to set the "decode failed" flag.
202bool GIFLZWContext::doLZW(const unsigned char* block, size_t bytesInBlock)
203{
204 int code;
205 int incode;
206 const unsigned char *ch;
207
208 if (rowPosition == rowBuffer.size())
209 return true;
210
211#define OUTPUT_ROW \
212 do { \
213 if (!outputRow()) \
214 return false; \
215 rowsRemaining--; \
216 rowPosition = 0; \
217 if (!rowsRemaining) \
218 return true; \
219 } while (0)
220
221 for (ch = block; bytesInBlock-- > 0; ch++) {
222 // Feed the next byte into the decoder's 32-bit input buffer.
223 datum += ((int) *ch) << bits;
224 bits += 8;
225
226 // Check for underflow of decoder's 32-bit input buffer.
227 while (bits >= codesize) {
228 // Get the leading variable-length symbol from the data stream.
229 code = datum & codemask;
230 datum >>= codesize;
231 bits -= codesize;
232
233 // Reset the dictionary to its original state, if requested.
234 if (code == clearCode) {
235 codesize = m_frameContext->datasize + 1;
236 codemask = (1 << codesize) - 1;
237 avail = clearCode + 2;
238 oldcode = -1;
239 continue;
240 }
241
242 // Check for explicit end-of-stream code.
243 if (code == (clearCode + 1)) {
244 // end-of-stream should only appear after all image data.
245 if (!rowsRemaining)
246 return true;
247 return false;
248 }
249
250 if (oldcode == -1) {
251 rowBuffer[rowPosition++] = suffix[code];
252 if (rowPosition == rowBuffer.size())
253 OUTPUT_ROW;
254
255 firstchar = oldcode = code;
256 continue;
257 }
258
259 incode = code;
260 if (code >= avail) {
261 stack[stackp++] = firstchar;
262 code = oldcode;
263
264 if (stackp == MAX_BYTES)
265 return false;
266 }
267
268 while (code >= clearCode) {
269 if (code >= MAX_BYTES || code == prefix[code])
270 return false;
271
272 // Even though suffix[] only holds characters through suffix[avail - 1],
273 // allowing code >= avail here lets us be more tolerant of malformed
274 // data. As long as code < MAX_BYTES, the only risk is a garbled image,
275 // which is no worse than refusing to display it.
276 stack[stackp++] = suffix[code];
277 code = prefix[code];
278
279 if (stackp == MAX_BYTES)
280 return false;
281 }
282
283 stack[stackp++] = firstchar = suffix[code];
284
285 // Define a new codeword in the dictionary.
286 if (avail < 4096) {
287 prefix[avail] = oldcode;
288 suffix[avail] = firstchar;
289 avail++;
290
291 // If we've used up all the codewords of a given length
292 // increase the length of codewords by one bit, but don't
293 // exceed the specified maximum codeword size of 12 bits.
294 if ((!(avail & codemask)) && (avail < 4096)) {
295 codesize++;
296 codemask += avail;
297 }
298 }
299 oldcode = incode;
300
301 // Copy the decoded data out to the scanline buffer.
302 do {
303 rowBuffer[rowPosition++] = stack[--stackp];
304 if (rowPosition == rowBuffer.size())
305 OUTPUT_ROW;
306 } while (stackp > 0);
307 }
308 }
309
310 return true;
311}
312
313// Perform decoding for this frame. frameDecoded will be true if the entire frame is decoded.
314// Returns false if a decoding error occurred. This is a fatal error and causes the GIFImageReader to set the "decode failed" flag.
315// Otherwise, either not enough data is available to decode further than before, or the new data has been decoded successfully; returns true in this case.
316bool GIFFrameContext::decode(const unsigned char* data, size_t length, WebCore::GIFImageDecoder* client, bool* frameDecoded)
317{
318 *frameDecoded = false;
319 if (!m_lzwContext) {
320 // Wait for more data to properly initialize GIFLZWContext.
321 if (!isDataSizeDefined() || !isHeaderDefined())
322 return true;
323
324 m_lzwContext = std::make_unique<GIFLZWContext>(client, this);
325 if (!m_lzwContext->prepareToDecode()) {
326 m_lzwContext = nullptr;
327 return false;
328 }
329
330 m_currentLzwBlock = 0;
331 }
332
333 // Some bad GIFs have extra blocks beyond the last row, which we don't want to decode.
334 while (m_currentLzwBlock < m_lzwBlocks.size() && m_lzwContext->hasRemainingRows()) {
335 size_t blockPosition = m_lzwBlocks[m_currentLzwBlock].blockPosition;
336 size_t blockSize = m_lzwBlocks[m_currentLzwBlock].blockSize;
337 if (blockPosition + blockSize > length)
338 return false;
339 if (!m_lzwContext->doLZW(data + blockPosition, blockSize))
340 return false;
341 ++m_currentLzwBlock;
342 }
343
344 // If this frame is data complete then the previous loop must have completely decoded all LZW blocks.
345 // There will be no more decoding for this frame so it's time to cleanup.
346 if (isComplete()) {
347 *frameDecoded = true;
348 m_lzwContext = nullptr;
349 }
350 return true;
351}
352
353// Decode all frames before haltAtFrame.
354// This method uses GIFFrameContext:decode() to decode each frame; decoding error is reported to client as a critical failure.
355// Return true if decoding has progressed. Return false if an error has occurred.
356bool GIFImageReader::decode(GIFImageDecoder::GIFQuery query, unsigned haltAtFrame)
357{
358 ASSERT(m_bytesRead <= m_data->size());
359
360 if (!parse(m_bytesRead, m_data->size() - m_bytesRead, query == GIFImageDecoder::GIFSizeQuery))
361 return false;
362
363 if (query != GIFImageDecoder::GIFFullQuery)
364 return true;
365
366 // Already decoded frames can be deleted from the cache and then they require to be decoded again, so
367 // the haltAtFrame value we receive here may be lower than m_currentDecodingFrame. In this case
368 // we position m_currentDecodingFrame to haltAtFrame - 1 and decode from there.
369 // See bug https://bugs.webkit.org/show_bug.cgi?id=176089.
370 m_currentDecodingFrame = std::min(m_currentDecodingFrame, static_cast<size_t>(haltAtFrame) - 1);
371
372 while (m_currentDecodingFrame < std::min(m_frames.size(), static_cast<size_t>(haltAtFrame))) {
373 bool frameDecoded = false;
374 GIFFrameContext* currentFrame = m_frames[m_currentDecodingFrame].get();
375
376 if (!currentFrame->decode(data(0), m_data->size(), m_client, &frameDecoded))
377 return false;
378
379 // We need more data to continue decoding.
380 if (!frameDecoded)
381 break;
382
383 if (!m_client->frameComplete(m_currentDecodingFrame, currentFrame->delayTime, currentFrame->disposalMethod))
384 return false;
385 ++m_currentDecodingFrame;
386 }
387
388 // All frames decoded.
389 if (m_currentDecodingFrame == m_frames.size() && m_parseCompleted)
390 m_client->gifComplete();
391 return true;
392}
393
394// Parse incoming GIF data stream into internal data structures.
395// Return true if parsing has progressed or there is not enough data.
396// Return false if a fatal error is encountered.
397bool GIFImageReader::parse(size_t dataPosition, size_t len, bool parseSizeOnly)
398{
399 if (!len) {
400 // No new data has come in since the last call, just ignore this call.
401 return true;
402 }
403
404 if (len < m_bytesToConsume)
405 return true;
406
407 // This loop reads as many components from |m_data| as possible.
408 // At the beginning of each iteration, dataPosition will be advanced by m_bytesToConsume to
409 // point to the next component. len will be decremented accordingly.
410 while (len >= m_bytesToConsume) {
411 const size_t currentComponentPosition = dataPosition;
412 const unsigned char* currentComponent = data(dataPosition);
413
414 // Mark the current component as consumed. Note that currentComponent will remain pointed at this
415 // component until the next loop iteration.
416 dataPosition += m_bytesToConsume;
417 len -= m_bytesToConsume;
418
419 switch (m_state) {
420 case GIFLZW:
421 ASSERT(!m_frames.isEmpty());
422 // m_bytesToConsume is the current component size because it hasn't been updated.
423 m_frames.last()->addLzwBlock(currentComponentPosition, m_bytesToConsume);
424 GETN(1, GIFSubBlock);
425 break;
426
427 case GIFLZWStart: {
428 ASSERT(!m_frames.isEmpty());
429 m_frames.last()->setDataSize(*currentComponent);
430 GETN(1, GIFSubBlock);
431 break;
432 }
433
434 case GIFType: {
435 // All GIF files begin with "GIF87a" or "GIF89a".
436 if (!strncmp((char*)currentComponent, "GIF89a", 6))
437 m_version = 89;
438 else if (!strncmp((char*)currentComponent, "GIF87a", 6))
439 m_version = 87;
440 else
441 return false;
442 GETN(7, GIFGlobalHeader);
443 break;
444 }
445
446 case GIFGlobalHeader: {
447 // This is the height and width of the "screen" or frame into which images are rendered. The
448 // individual images can be smaller than the screen size and located with an origin anywhere
449 // within the screen.
450 m_screenWidth = GETINT16(currentComponent);
451 m_screenHeight = GETINT16(currentComponent + 2);
452
453 // CALLBACK: Inform the decoderplugin of our size.
454 // Note: A subsequent frame might have dimensions larger than the "screen" dimensions.
455 if (m_client && !m_client->setSize(WebCore::IntSize(m_screenWidth, m_screenHeight)))
456 return false;
457
458 m_screenBgcolor = currentComponent[5];
459 m_globalColormapSize = 2 << (currentComponent[4] & 0x07);
460
461 if ((currentComponent[4] & 0x80) && m_globalColormapSize > 0) { /* global map */
462 // Get the global colormap
463 const size_t globalColormapBytes = 3 * m_globalColormapSize;
464 m_globalColormapPosition = dataPosition;
465
466 if (len < globalColormapBytes) {
467 // Wait until we have enough bytes to consume the entire colormap at once.
468 GETN(globalColormapBytes, GIFGlobalColormap);
469 break;
470 }
471
472 m_isGlobalColormapDefined = true;
473 dataPosition += globalColormapBytes;
474 len -= globalColormapBytes;
475 }
476
477 GETN(1, GIFImageStart);
478
479 // currentComponent[6] = Pixel Aspect Ratio
480 // Not used
481 // float aspect = (float)((currentComponent[6] + 15) / 64.0);
482 break;
483 }
484
485 case GIFGlobalColormap: {
486 m_isGlobalColormapDefined = true;
487 GETN(1, GIFImageStart);
488 break;
489 }
490
491 case GIFImageStart: {
492 if (*currentComponent == ';') { // terminator.
493 GETN(0, GIFDone);
494 break;
495 }
496
497 if (*currentComponent == '!') { // extension.
498 GETN(2, GIFExtension);
499 break;
500 }
501
502 // If we get anything other than ',' (image separator), '!'
503 // (extension), or ';' (trailer), there is extraneous data
504 // between blocks. The GIF87a spec tells us to keep reading
505 // until we find an image separator, but GIF89a says such
506 // a file is corrupt. We follow GIF89a and bail out.
507 if (*currentComponent != ',')
508 return false;
509
510 GETN(9, GIFImageHeader);
511 break;
512 }
513
514 case GIFExtension: {
515 size_t bytesInBlock = currentComponent[1];
516 GIFState es = GIFSkipBlock;
517
518 switch (*currentComponent) {
519 case 0xf9:
520 es = GIFControlExtension;
521 // The GIF spec mandates that the GIFControlExtension header block length is 4 bytes,
522 // and the parser for this block reads 4 bytes, so we must enforce that the buffer
523 // contains at least this many bytes. If the GIF specifies a different length, we
524 // allow that, so long as it's larger; the additional data will simply be ignored.
525 bytesInBlock = std::max(bytesInBlock, static_cast<size_t>(4));
526 break;
527
528 // The GIF spec also specifies the lengths of the following two extensions' headers
529 // (as 12 and 11 bytes, respectively). Because we ignore the plain text extension entirely
530 // and sanity-check the actual length of the application extension header before reading it,
531 // we allow GIFs to deviate from these values in either direction. This is important for
532 // real-world compatibility, as GIFs in the wild exist with application extension headers
533 // that are both shorter and longer than 11 bytes.
534 case 0x01:
535 // ignoring plain text extension
536 break;
537
538 case 0xff:
539 es = GIFApplicationExtension;
540 break;
541
542 case 0xfe:
543 es = GIFConsumeComment;
544 break;
545 }
546
547 if (bytesInBlock)
548 GETN(bytesInBlock, es);
549 else
550 GETN(1, GIFImageStart);
551 break;
552 }
553
554 case GIFConsumeBlock: {
555 if (!*currentComponent)
556 GETN(1, GIFImageStart);
557 else
558 GETN(*currentComponent, GIFSkipBlock);
559 break;
560 }
561
562 case GIFSkipBlock: {
563 GETN(1, GIFConsumeBlock);
564 break;
565 }
566
567 case GIFControlExtension: {
568 addFrameIfNecessary();
569 GIFFrameContext* currentFrame = m_frames.last().get();
570 currentFrame->isTransparent = *currentComponent & 0x1;
571 if (currentFrame->isTransparent)
572 currentFrame->tpixel = currentComponent[3];
573
574 // We ignore the "user input" bit.
575
576 // NOTE: This relies on the values in the DisposalMethod enum
577 // matching those in the GIF spec!
578 int disposalMethod = ((*currentComponent) >> 2) & 0x7;
579 currentFrame->disposalMethod = static_cast<WebCore::ScalableImageDecoderFrame::DisposalMethod>(disposalMethod);
580 // Some specs say that disposal method 3 is "overwrite previous", others that setting
581 // the third bit of the field (i.e. method 4) is. We map both to the same value.
582 if (disposalMethod == 4)
583 currentFrame->disposalMethod = WebCore::ScalableImageDecoderFrame::DisposalMethod::RestoreToPrevious;
584 currentFrame->delayTime = GETINT16(currentComponent + 1) * 10;
585 GETN(1, GIFConsumeBlock);
586 break;
587 }
588
589 case GIFCommentExtension: {
590 if (*currentComponent)
591 GETN(*currentComponent, GIFConsumeComment);
592 else
593 GETN(1, GIFImageStart);
594 break;
595 }
596
597 case GIFConsumeComment: {
598 GETN(1, GIFCommentExtension);
599 break;
600 }
601
602 case GIFApplicationExtension: {
603 // Check for netscape application extension.
604 if (m_bytesToConsume == 11
605 && (!strncmp((char*)currentComponent, "NETSCAPE2.0", 11) || !strncmp((char*)currentComponent, "ANIMEXTS1.0", 11)))
606 GETN(1, GIFNetscapeExtensionBlock);
607 else
608 GETN(1, GIFConsumeBlock);
609 break;
610 }
611
612 // Netscape-specific GIF extension: animation looping.
613 case GIFNetscapeExtensionBlock: {
614 // GIFConsumeNetscapeExtension always reads 3 bytes from the stream; we should at least wait for this amount.
615 if (*currentComponent)
616 GETN(std::max(3, static_cast<int>(*currentComponent)), GIFConsumeNetscapeExtension);
617 else
618 GETN(1, GIFImageStart);
619 break;
620 }
621
622 // Parse netscape-specific application extensions
623 case GIFConsumeNetscapeExtension: {
624 int netscapeExtension = currentComponent[0] & 7;
625
626 // Loop entire animation specified # of times. Only read the loop count during the first iteration.
627 if (netscapeExtension == 1) {
628 m_loopCount = GETINT16(currentComponent + 1);
629
630 // Zero loop count is infinite animation loop request.
631 if (!m_loopCount)
632 m_loopCount = WebCore::RepetitionCountInfinite;
633
634 GETN(1, GIFNetscapeExtensionBlock);
635 } else if (netscapeExtension == 2) {
636 // Wait for specified # of bytes to enter buffer.
637
638 // Don't do this, this extension doesn't exist (isn't used at all)
639 // and doesn't do anything, as our streaming/buffering takes care of it all...
640 // See: http://semmix.pl/color/exgraf/eeg24.htm
641 GETN(1, GIFNetscapeExtensionBlock);
642 } else {
643 // 0,3-7 are yet to be defined netscape extension codes
644 return false;
645 }
646 break;
647 }
648
649 case GIFImageHeader: {
650 unsigned height, width, xOffset, yOffset;
651
652 /* Get image offsets, with respect to the screen origin */
653 xOffset = GETINT16(currentComponent);
654 yOffset = GETINT16(currentComponent + 2);
655
656 /* Get image width and height. */
657 width = GETINT16(currentComponent + 4);
658 height = GETINT16(currentComponent + 6);
659
660 /* Work around broken GIF files where the logical screen
661 * size has weird width or height. We assume that GIF87a
662 * files don't contain animations.
663 */
664 if (currentFrameIsFirstFrame()
665 && ((m_screenHeight < height) || (m_screenWidth < width) || (m_version == 87))) {
666 m_screenHeight = height;
667 m_screenWidth = width;
668 xOffset = 0;
669 yOffset = 0;
670
671 // CALLBACK: Inform the decoderplugin of our size.
672 if (m_client && !m_client->setSize(WebCore::IntSize(m_screenWidth, m_screenHeight)))
673 return false;
674 }
675
676 // Work around more broken GIF files that have zero image width or height
677 if (!height || !width) {
678 height = m_screenHeight;
679 width = m_screenWidth;
680 if (!height || !width)
681 return false;
682 }
683
684 if (parseSizeOnly) {
685 // The decoder needs to stop. Hand back the number of bytes we consumed from
686 // buffer minus 9 (the amount we consumed to read the header).
687 setRemainingBytes(len + 9);
688 GETN(9, GIFImageHeader);
689 return true;
690 }
691
692 addFrameIfNecessary();
693 GIFFrameContext* currentFrame = m_frames.last().get();
694
695 currentFrame->setHeaderDefined();
696 currentFrame->xOffset = xOffset;
697 currentFrame->yOffset = yOffset;
698 currentFrame->height = height;
699 currentFrame->width = width;
700 m_screenWidth = std::max(m_screenWidth, width);
701 m_screenHeight = std::max(m_screenHeight, height);
702 currentFrame->interlaced = currentComponent[8] & 0x40;
703
704 // Overlaying interlaced, transparent GIFs over
705 // existing image data using the Haeberli display hack
706 // requires saving the underlying image in order to
707 // avoid jaggies at the transparency edges. We are
708 // unprepared to deal with that, so don't display such
709 // images progressively. Which means only the first
710 // frame can be progressively displayed.
711 // FIXME: It is possible that a non-transparent frame
712 // can be interlaced and progressively displayed.
713 currentFrame->progressiveDisplay = currentFrameIsFirstFrame();
714
715 const bool isLocalColormapDefined = currentComponent[8] & 0x80;
716 if (isLocalColormapDefined) {
717 // The three low-order bits of currentComponent[8] specify the bits per pixel.
718 int numColors = 2 << (currentComponent[8] & 0x7);
719 const size_t localColormapBytes = 3 * numColors;
720
721 // Switch to the new local palette after it loads
722 currentFrame->localColormapPosition = dataPosition;
723 currentFrame->localColormapSize = numColors;
724
725 if (len < localColormapBytes) {
726 // Wait until we have enough bytes to consume the entire colormap at once.
727 GETN(localColormapBytes, GIFImageColormap);
728 break;
729 }
730
731 currentFrame->isLocalColormapDefined = true;
732 dataPosition += localColormapBytes;
733 len -= localColormapBytes;
734 } else {
735 // Switch back to the global palette
736 currentFrame->isLocalColormapDefined = false;
737 }
738 GETN(1, GIFLZWStart);
739 break;
740 }
741
742 case GIFImageColormap: {
743 ASSERT(!m_frames.isEmpty());
744 m_frames.last()->isLocalColormapDefined = true;
745 GETN(1, GIFLZWStart);
746 break;
747 }
748
749 case GIFSubBlock: {
750 const size_t bytesInBlock = *currentComponent;
751 if (bytesInBlock)
752 GETN(bytesInBlock, GIFLZW);
753 else {
754 // Finished parsing one frame; Process next frame.
755 ASSERT(!m_frames.isEmpty());
756 // Note that some broken GIF files do not have enough LZW blocks to fully
757 // decode all rows but we treat it as frame complete.
758 m_frames.last()->setComplete();
759 GETN(1, GIFImageStart);
760 }
761 break;
762 }
763
764 case GIFDone: {
765 m_parseCompleted = true;
766 return true;
767 }
768
769 default:
770 // We shouldn't ever get here.
771 return false;
772 break;
773 }
774 }
775
776 setRemainingBytes(len);
777 return true;
778}
779
780void GIFImageReader::setRemainingBytes(size_t remainingBytes)
781{
782 ASSERT(remainingBytes <= m_data->size());
783 m_bytesRead = m_data->size() - remainingBytes;
784}
785
786void GIFImageReader::addFrameIfNecessary()
787{
788 if (m_frames.isEmpty() || m_frames.last()->isComplete())
789 m_frames.append(std::make_unique<GIFFrameContext>(m_frames.size()));
790}
791
792// FIXME: Move this method to close to doLZW().
793bool GIFLZWContext::prepareToDecode()
794{
795 ASSERT(m_frameContext->isDataSizeDefined() && m_frameContext->isHeaderDefined());
796
797 // Since we use a codesize of 1 more than the datasize, we need to ensure
798 // that our datasize is strictly less than the MAX_LZW_BITS value (12).
799 // This sets the largest possible codemask correctly at 4095.
800 if (m_frameContext->datasize >= MAX_LZW_BITS)
801 return false;
802 clearCode = 1 << m_frameContext->datasize;
803 if (clearCode >= MAX_BYTES)
804 return false;
805
806 avail = clearCode + 2;
807 oldcode = -1;
808 codesize = m_frameContext->datasize + 1;
809 codemask = (1 << codesize) - 1;
810 datum = bits = 0;
811 ipass = m_frameContext->interlaced ? 1 : 0;
812 irow = 0;
813
814 // Initialize the tables lazily, this allows frame count query to use less memory.
815 suffix.resize(MAX_BYTES);
816 stack.resize(MAX_BYTES);
817 prefix.resize(MAX_BYTES);
818
819 // Initialize output row buffer.
820 rowBuffer.resize(m_frameContext->width);
821 rowPosition = 0;
822 rowsRemaining = m_frameContext->height;
823
824 // Clearing the whole suffix table lets us be more tolerant of bad data.
825 suffix.fill(0);
826 for (int i = 0; i < clearCode; i++)
827 suffix[i] = i;
828 stackp = 0;
829 return true;
830}
831