1 // Copyright 2014 PDFium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 // Original code copyright 2014 Foxit Software Inc. http://www.foxitsoftware.com
6 
7 #include "core/fxcodec/jbig2/JBig2_ArithDecoder.h"
8 
9 #include "core/fxcodec/jbig2/JBig2_BitStream.h"
10 #include "core/fxcrt/fx_memory.h"
11 
12 namespace {
13 
14 const JBig2ArithCtx::JBig2ArithQe kQeTable[] = {
15     // Stupid hack to keep clang-format from reformatting this badly.
16     {0x5601, 1, 1, true},    {0x3401, 2, 6, false},   {0x1801, 3, 9, false},
17     {0x0AC1, 4, 12, false},  {0x0521, 5, 29, false},  {0x0221, 38, 33, false},
18     {0x5601, 7, 6, true},    {0x5401, 8, 14, false},  {0x4801, 9, 14, false},
19     {0x3801, 10, 14, false}, {0x3001, 11, 17, false}, {0x2401, 12, 18, false},
20     {0x1C01, 13, 20, false}, {0x1601, 29, 21, false}, {0x5601, 15, 14, true},
21     {0x5401, 16, 14, false}, {0x5101, 17, 15, false}, {0x4801, 18, 16, false},
22     {0x3801, 19, 17, false}, {0x3401, 20, 18, false}, {0x3001, 21, 19, false},
23     {0x2801, 22, 19, false}, {0x2401, 23, 20, false}, {0x2201, 24, 21, false},
24     {0x1C01, 25, 22, false}, {0x1801, 26, 23, false}, {0x1601, 27, 24, false},
25     {0x1401, 28, 25, false}, {0x1201, 29, 26, false}, {0x1101, 30, 27, false},
26     {0x0AC1, 31, 28, false}, {0x09C1, 32, 29, false}, {0x08A1, 33, 30, false},
27     {0x0521, 34, 31, false}, {0x0441, 35, 32, false}, {0x02A1, 36, 33, false},
28     {0x0221, 37, 34, false}, {0x0141, 38, 35, false}, {0x0111, 39, 36, false},
29     {0x0085, 40, 37, false}, {0x0049, 41, 38, false}, {0x0025, 42, 39, false},
30     {0x0015, 43, 40, false}, {0x0009, 44, 41, false}, {0x0005, 45, 42, false},
31     {0x0001, 45, 43, false}, {0x5601, 46, 46, false}};
32 
33 const unsigned int kDefaultAValue = 0x8000;
34 
35 }  // namespace
36 
37 JBig2ArithCtx::JBig2ArithCtx() = default;
38 
DecodeNLPS(const JBig2ArithQe & qe)39 int JBig2ArithCtx::DecodeNLPS(const JBig2ArithQe& qe) {
40   bool D = !m_MPS;
41   if (qe.bSwitch)
42     m_MPS = !m_MPS;
43   m_I = qe.NLPS;
44   ASSERT(m_I < FX_ArraySize(kQeTable));
45   return D;
46 }
47 
DecodeNMPS(const JBig2ArithQe & qe)48 int JBig2ArithCtx::DecodeNMPS(const JBig2ArithQe& qe) {
49   m_I = qe.NMPS;
50   ASSERT(m_I < FX_ArraySize(kQeTable));
51   return MPS();
52 }
53 
CJBig2_ArithDecoder(CJBig2_BitStream * pStream)54 CJBig2_ArithDecoder::CJBig2_ArithDecoder(CJBig2_BitStream* pStream)
55     : m_pStream(pStream) {
56   m_B = m_pStream->getCurByte_arith();
57   m_C = (m_B ^ 0xff) << 16;
58   BYTEIN();
59   m_C = m_C << 7;
60   m_CT = m_CT - 7;
61   m_A = kDefaultAValue;
62 }
63 
~CJBig2_ArithDecoder()64 CJBig2_ArithDecoder::~CJBig2_ArithDecoder() {}
65 
Decode(JBig2ArithCtx * pCX)66 int CJBig2_ArithDecoder::Decode(JBig2ArithCtx* pCX) {
67   ASSERT(pCX);
68   ASSERT(pCX->I() < FX_ArraySize(kQeTable));
69 
70   const JBig2ArithCtx::JBig2ArithQe& qe = kQeTable[pCX->I()];
71   m_A -= qe.Qe;
72   if ((m_C >> 16) < m_A) {
73     if (m_A & kDefaultAValue)
74       return pCX->MPS();
75 
76     const int D = m_A < qe.Qe ? pCX->DecodeNLPS(qe) : pCX->DecodeNMPS(qe);
77     ReadValueA();
78     return D;
79   }
80 
81   m_C -= m_A << 16;
82   const int D = m_A < qe.Qe ? pCX->DecodeNMPS(qe) : pCX->DecodeNLPS(qe);
83   m_A = qe.Qe;
84   ReadValueA();
85   return D;
86 }
87 
BYTEIN()88 void CJBig2_ArithDecoder::BYTEIN() {
89   if (m_B == 0xff) {
90     unsigned char B1 = m_pStream->getNextByte_arith();
91     if (B1 > 0x8f) {
92       m_CT = 8;
93 
94       switch (m_State) {
95         case StreamState::kDataAvailable:
96           // Finished decoding data (see JBIG2 spec, Section E.3.4).
97           m_State = StreamState::kDecodingFinished;
98           break;
99         case StreamState::kDecodingFinished:
100           // Allow one more call in the finished state. https://crbug.com/947622
101           m_State = StreamState::kLooping;
102           break;
103         case StreamState::kLooping:
104           // Looping state detected. Mark decoding as complete to bail out.
105           // https://crbug.com/767156
106           m_Complete = true;
107           break;
108       }
109     } else {
110       m_pStream->incByteIdx();
111       m_B = B1;
112       m_C = m_C + 0xfe00 - (m_B << 9);
113       m_CT = 7;
114     }
115   } else {
116     m_pStream->incByteIdx();
117     m_B = m_pStream->getCurByte_arith();
118     m_C = m_C + 0xff00 - (m_B << 8);
119     m_CT = 8;
120   }
121 
122   if (!m_pStream->IsInBounds())
123     m_Complete = true;
124 }
125 
ReadValueA()126 void CJBig2_ArithDecoder::ReadValueA() {
127   do {
128     if (m_CT == 0)
129       BYTEIN();
130     m_A <<= 1;
131     m_C <<= 1;
132     --m_CT;
133   } while ((m_A & kDefaultAValue) == 0);
134 }
135