1 /*
2  * jdicc.c
3  *
4  * Copyright (C) 1997-1998, Thomas G. Lane, Todd Newman.
5  * Copyright (C) 2017, D. R. Commander.
6  * For conditions of distribution and use, see the accompanying README.ijg
7  * file.
8  *
9  * This file provides code to read International Color Consortium (ICC) device
10  * profiles embedded in JFIF JPEG image files.  The ICC has defined a standard
11  * for including such data in JPEG "APP2" markers.  The code given here does
12  * not know anything about the internal structure of the ICC profile data; it
13  * just knows how to get the profile data from a JPEG file while reading it.
14  */
15 
16 #define JPEG_INTERNALS
17 #include "jinclude.h"
18 #include "jpeglib.h"
19 #include "jerror.h"
20 
21 #ifndef HAVE_STDLIB_H           /* <stdlib.h> should declare malloc() */
22 extern void *malloc(size_t size);
23 #endif
24 
25 
26 #define ICC_MARKER  (JPEG_APP0 + 2)     /* JPEG marker code for ICC */
27 #define ICC_OVERHEAD_LEN  14            /* size of non-profile data in APP2 */
28 
29 
30 /*
31  * Handy subroutine to test whether a saved marker is an ICC profile marker.
32  */
33 
34 LOCAL(boolean)
marker_is_icc(jpeg_saved_marker_ptr marker)35 marker_is_icc(jpeg_saved_marker_ptr marker)
36 {
37   return
38     marker->marker == ICC_MARKER &&
39     marker->data_length >= ICC_OVERHEAD_LEN &&
40     /* verify the identifying string */
41     GETJOCTET(marker->data[0]) == 0x49 &&
42     GETJOCTET(marker->data[1]) == 0x43 &&
43     GETJOCTET(marker->data[2]) == 0x43 &&
44     GETJOCTET(marker->data[3]) == 0x5F &&
45     GETJOCTET(marker->data[4]) == 0x50 &&
46     GETJOCTET(marker->data[5]) == 0x52 &&
47     GETJOCTET(marker->data[6]) == 0x4F &&
48     GETJOCTET(marker->data[7]) == 0x46 &&
49     GETJOCTET(marker->data[8]) == 0x49 &&
50     GETJOCTET(marker->data[9]) == 0x4C &&
51     GETJOCTET(marker->data[10]) == 0x45 &&
52     GETJOCTET(marker->data[11]) == 0x0;
53 }
54 
55 
56 /*
57  * See if there was an ICC profile in the JPEG file being read; if so,
58  * reassemble and return the profile data.
59  *
60  * TRUE is returned if an ICC profile was found, FALSE if not.  If TRUE is
61  * returned, *icc_data_ptr is set to point to the returned data, and
62  * *icc_data_len is set to its length.
63  *
64  * IMPORTANT: the data at *icc_data_ptr is allocated with malloc() and must be
65  * freed by the caller with free() when the caller no longer needs it.
66  * (Alternatively, we could write this routine to use the IJG library's memory
67  * allocator, so that the data would be freed implicitly when
68  * jpeg_finish_decompress() is called.  But it seems likely that many
69  * applications will prefer to have the data stick around after decompression
70  * finishes.)
71  */
72 
73 GLOBAL(boolean)
jpeg_read_icc_profile(j_decompress_ptr cinfo,JOCTET ** icc_data_ptr,unsigned int * icc_data_len)74 jpeg_read_icc_profile(j_decompress_ptr cinfo, JOCTET **icc_data_ptr,
75                       unsigned int *icc_data_len)
76 {
77   jpeg_saved_marker_ptr marker;
78   int num_markers = 0;
79   int seq_no;
80   JOCTET *icc_data;
81   unsigned int total_length;
82 #define MAX_SEQ_NO  255         /* sufficient since marker numbers are bytes */
83   char marker_present[MAX_SEQ_NO + 1];      /* 1 if marker found */
84   unsigned int data_length[MAX_SEQ_NO + 1]; /* size of profile data in marker */
85   unsigned int data_offset[MAX_SEQ_NO + 1]; /* offset for data in marker */
86 
87   if (icc_data_ptr == NULL || icc_data_len == NULL)
88     ERREXIT(cinfo, JERR_BUFFER_SIZE);
89   if (cinfo->global_state < DSTATE_READY)
90     ERREXIT1(cinfo, JERR_BAD_STATE, cinfo->global_state);
91 
92   *icc_data_ptr = NULL;         /* avoid confusion if FALSE return */
93   *icc_data_len = 0;
94 
95   /* This first pass over the saved markers discovers whether there are
96    * any ICC markers and verifies the consistency of the marker numbering.
97    */
98 
99   for (seq_no = 1; seq_no <= MAX_SEQ_NO; seq_no++)
100     marker_present[seq_no] = 0;
101 
102   for (marker = cinfo->marker_list; marker != NULL; marker = marker->next) {
103     if (marker_is_icc(marker)) {
104       if (num_markers == 0)
105         num_markers = GETJOCTET(marker->data[13]);
106       else if (num_markers != GETJOCTET(marker->data[13])) {
107         WARNMS(cinfo, JWRN_BOGUS_ICC);  /* inconsistent num_markers fields */
108         return FALSE;
109       }
110       seq_no = GETJOCTET(marker->data[12]);
111       if (seq_no <= 0 || seq_no > num_markers) {
112         WARNMS(cinfo, JWRN_BOGUS_ICC);  /* bogus sequence number */
113         return FALSE;
114       }
115       if (marker_present[seq_no]) {
116         WARNMS(cinfo, JWRN_BOGUS_ICC);  /* duplicate sequence numbers */
117         return FALSE;
118       }
119       marker_present[seq_no] = 1;
120       data_length[seq_no] = marker->data_length - ICC_OVERHEAD_LEN;
121     }
122   }
123 
124   if (num_markers == 0)
125     return FALSE;
126 
127   /* Check for missing markers, count total space needed,
128    * compute offset of each marker's part of the data.
129    */
130 
131   total_length = 0;
132   for (seq_no = 1; seq_no <= num_markers; seq_no++) {
133     if (marker_present[seq_no] == 0) {
134       WARNMS(cinfo, JWRN_BOGUS_ICC);  /* missing sequence number */
135       return FALSE;
136     }
137     data_offset[seq_no] = total_length;
138     total_length += data_length[seq_no];
139   }
140 
141   if (total_length == 0) {
142     WARNMS(cinfo, JWRN_BOGUS_ICC);  /* found only empty markers? */
143     return FALSE;
144   }
145 
146   /* Allocate space for assembled data */
147   icc_data = (JOCTET *)malloc(total_length * sizeof(JOCTET));
148   if (icc_data == NULL)
149     ERREXIT1(cinfo, JERR_OUT_OF_MEMORY, 11);  /* oops, out of memory */
150 
151   /* and fill it in */
152   for (marker = cinfo->marker_list; marker != NULL; marker = marker->next) {
153     if (marker_is_icc(marker)) {
154       JOCTET FAR *src_ptr;
155       JOCTET *dst_ptr;
156       unsigned int length;
157       seq_no = GETJOCTET(marker->data[12]);
158       dst_ptr = icc_data + data_offset[seq_no];
159       src_ptr = marker->data + ICC_OVERHEAD_LEN;
160       length = data_length[seq_no];
161       while (length--) {
162         *dst_ptr++ = *src_ptr++;
163       }
164     }
165   }
166 
167   *icc_data_ptr = icc_data;
168   *icc_data_len = total_length;
169 
170   return TRUE;
171 }
172