1 /* $Id: tif_dirread.c,v 1.191 2015-09-05 20:31:41 bfriesen Exp $ */
2
3 /*
4 * Copyright (c) 1988-1997 Sam Leffler
5 * Copyright (c) 1991-1997 Silicon Graphics, Inc.
6 *
7 * Permission to use, copy, modify, distribute, and sell this software and
8 * its documentation for any purpose is hereby granted without fee, provided
9 * that (i) the above copyright notices and this permission notice appear in
10 * all copies of the software and related documentation, and (ii) the names of
11 * Sam Leffler and Silicon Graphics may not be used in any advertising or
12 * publicity relating to the software without the specific, prior written
13 * permission of Sam Leffler and Silicon Graphics.
14 *
15 * THE SOFTWARE IS PROVIDED "AS-IS" AND WITHOUT WARRANTY OF ANY KIND,
16 * EXPRESS, IMPLIED OR OTHERWISE, INCLUDING WITHOUT LIMITATION, ANY
17 * WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
18 *
19 * IN NO EVENT SHALL SAM LEFFLER OR SILICON GRAPHICS BE LIABLE FOR
20 * ANY SPECIAL, INCIDENTAL, INDIRECT OR CONSEQUENTIAL DAMAGES OF ANY KIND,
21 * OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS,
22 * WHETHER OR NOT ADVISED OF THE POSSIBILITY OF DAMAGE, AND ON ANY THEORY OF
23 * LIABILITY, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE
24 * OF THIS SOFTWARE.
25 */
26
27 /*
28 * TIFF Library.
29 *
30 * Directory Read Support Routines.
31 */
32
33 /* Suggested pending improvements:
34 * - add a field 'ignore' to the TIFFDirEntry structure, to flag status,
35 * eliminating current use of the IGNORE value, and therefore eliminating
36 * current irrational behaviour on tags with tag id code 0
37 * - add a field 'field_info' to the TIFFDirEntry structure, and set that with
38 * the pointer to the appropriate TIFFField structure early on in
39 * TIFFReadDirectory, so as to eliminate current possibly repetitive lookup.
40 */
41
42 #include "tiffiop.h"
43
44 #define IGNORE 0 /* tag placeholder used below */
45 #define FAILED_FII ((uint32) -1)
46
47 #ifdef HAVE_IEEEFP
48 # define TIFFCvtIEEEFloatToNative(tif, n, fp)
49 # define TIFFCvtIEEEDoubleToNative(tif, n, dp)
50 #else
51 extern void TIFFCvtIEEEFloatToNative(TIFF*, uint32, float*);
52 extern void TIFFCvtIEEEDoubleToNative(TIFF*, uint32, double*);
53 #endif
54
55 enum TIFFReadDirEntryErr {
56 TIFFReadDirEntryErrOk = 0,
57 TIFFReadDirEntryErrCount = 1,
58 TIFFReadDirEntryErrType = 2,
59 TIFFReadDirEntryErrIo = 3,
60 TIFFReadDirEntryErrRange = 4,
61 TIFFReadDirEntryErrPsdif = 5,
62 TIFFReadDirEntryErrSizesan = 6,
63 TIFFReadDirEntryErrAlloc = 7,
64 };
65
66 static enum TIFFReadDirEntryErr TIFFReadDirEntryByte(TIFF* tif, TIFFDirEntry* direntry, uint8* value);
67 static enum TIFFReadDirEntryErr TIFFReadDirEntryShort(TIFF* tif, TIFFDirEntry* direntry, uint16* value);
68 static enum TIFFReadDirEntryErr TIFFReadDirEntryLong(TIFF* tif, TIFFDirEntry* direntry, uint32* value);
69 static enum TIFFReadDirEntryErr TIFFReadDirEntryLong8(TIFF* tif, TIFFDirEntry* direntry, uint64* value);
70 static enum TIFFReadDirEntryErr TIFFReadDirEntryFloat(TIFF* tif, TIFFDirEntry* direntry, float* value);
71 static enum TIFFReadDirEntryErr TIFFReadDirEntryDouble(TIFF* tif, TIFFDirEntry* direntry, double* value);
72 static enum TIFFReadDirEntryErr TIFFReadDirEntryIfd8(TIFF* tif, TIFFDirEntry* direntry, uint64* value);
73
74 static enum TIFFReadDirEntryErr TIFFReadDirEntryArray(TIFF* tif, TIFFDirEntry* direntry, uint32* count, uint32 desttypesize, void** value);
75 static enum TIFFReadDirEntryErr TIFFReadDirEntryByteArray(TIFF* tif, TIFFDirEntry* direntry, uint8** value);
76 static enum TIFFReadDirEntryErr TIFFReadDirEntrySbyteArray(TIFF* tif, TIFFDirEntry* direntry, int8** value);
77 static enum TIFFReadDirEntryErr TIFFReadDirEntryShortArray(TIFF* tif, TIFFDirEntry* direntry, uint16** value);
78 static enum TIFFReadDirEntryErr TIFFReadDirEntrySshortArray(TIFF* tif, TIFFDirEntry* direntry, int16** value);
79 static enum TIFFReadDirEntryErr TIFFReadDirEntryLongArray(TIFF* tif, TIFFDirEntry* direntry, uint32** value);
80 static enum TIFFReadDirEntryErr TIFFReadDirEntrySlongArray(TIFF* tif, TIFFDirEntry* direntry, int32** value);
81 static enum TIFFReadDirEntryErr TIFFReadDirEntryLong8Array(TIFF* tif, TIFFDirEntry* direntry, uint64** value);
82 static enum TIFFReadDirEntryErr TIFFReadDirEntrySlong8Array(TIFF* tif, TIFFDirEntry* direntry, int64** value);
83 static enum TIFFReadDirEntryErr TIFFReadDirEntryFloatArray(TIFF* tif, TIFFDirEntry* direntry, float** value);
84 static enum TIFFReadDirEntryErr TIFFReadDirEntryDoubleArray(TIFF* tif, TIFFDirEntry* direntry, double** value);
85 static enum TIFFReadDirEntryErr TIFFReadDirEntryIfd8Array(TIFF* tif, TIFFDirEntry* direntry, uint64** value);
86
87 static enum TIFFReadDirEntryErr TIFFReadDirEntryPersampleShort(TIFF* tif, TIFFDirEntry* direntry, uint16* value);
88 #if 0
89 static enum TIFFReadDirEntryErr TIFFReadDirEntryPersampleDouble(TIFF* tif, TIFFDirEntry* direntry, double* value);
90 #endif
91
92 static void TIFFReadDirEntryCheckedByte(TIFF* tif, TIFFDirEntry* direntry, uint8* value);
93 static void TIFFReadDirEntryCheckedSbyte(TIFF* tif, TIFFDirEntry* direntry, int8* value);
94 static void TIFFReadDirEntryCheckedShort(TIFF* tif, TIFFDirEntry* direntry, uint16* value);
95 static void TIFFReadDirEntryCheckedSshort(TIFF* tif, TIFFDirEntry* direntry, int16* value);
96 static void TIFFReadDirEntryCheckedLong(TIFF* tif, TIFFDirEntry* direntry, uint32* value);
97 static void TIFFReadDirEntryCheckedSlong(TIFF* tif, TIFFDirEntry* direntry, int32* value);
98 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckedLong8(TIFF* tif, TIFFDirEntry* direntry, uint64* value);
99 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckedSlong8(TIFF* tif, TIFFDirEntry* direntry, int64* value);
100 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckedRational(TIFF* tif, TIFFDirEntry* direntry, double* value);
101 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckedSrational(TIFF* tif, TIFFDirEntry* direntry, double* value);
102 static void TIFFReadDirEntryCheckedFloat(TIFF* tif, TIFFDirEntry* direntry, float* value);
103 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckedDouble(TIFF* tif, TIFFDirEntry* direntry, double* value);
104
105 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeByteSbyte(int8 value);
106 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeByteShort(uint16 value);
107 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeByteSshort(int16 value);
108 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeByteLong(uint32 value);
109 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeByteSlong(int32 value);
110 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeByteLong8(uint64 value);
111 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeByteSlong8(int64 value);
112
113 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeSbyteByte(uint8 value);
114 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeSbyteShort(uint16 value);
115 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeSbyteSshort(int16 value);
116 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeSbyteLong(uint32 value);
117 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeSbyteSlong(int32 value);
118 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeSbyteLong8(uint64 value);
119 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeSbyteSlong8(int64 value);
120
121 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeShortSbyte(int8 value);
122 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeShortSshort(int16 value);
123 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeShortLong(uint32 value);
124 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeShortSlong(int32 value);
125 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeShortLong8(uint64 value);
126 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeShortSlong8(int64 value);
127
128 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeSshortShort(uint16 value);
129 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeSshortLong(uint32 value);
130 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeSshortSlong(int32 value);
131 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeSshortLong8(uint64 value);
132 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeSshortSlong8(int64 value);
133
134 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeLongSbyte(int8 value);
135 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeLongSshort(int16 value);
136 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeLongSlong(int32 value);
137 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeLongLong8(uint64 value);
138 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeLongSlong8(int64 value);
139
140 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeSlongLong(uint32 value);
141 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeSlongLong8(uint64 value);
142 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeSlongSlong8(int64 value);
143
144 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeLong8Sbyte(int8 value);
145 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeLong8Sshort(int16 value);
146 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeLong8Slong(int32 value);
147 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeLong8Slong8(int64 value);
148
149 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeSlong8Long8(uint64 value);
150
151 static enum TIFFReadDirEntryErr TIFFReadDirEntryData(TIFF* tif, uint64 offset, tmsize_t size, void* dest);
152 static void TIFFReadDirEntryOutputErr(TIFF* tif, enum TIFFReadDirEntryErr err, const char* module, const char* tagname, int recover);
153
154 static void TIFFReadDirectoryCheckOrder(TIFF* tif, TIFFDirEntry* dir, uint16 dircount);
155 static TIFFDirEntry* TIFFReadDirectoryFindEntry(TIFF* tif, TIFFDirEntry* dir, uint16 dircount, uint16 tagid);
156 static void TIFFReadDirectoryFindFieldInfo(TIFF* tif, uint16 tagid, uint32* fii);
157
158 static int EstimateStripByteCounts(TIFF* tif, TIFFDirEntry* dir, uint16 dircount);
159 static void MissingRequired(TIFF*, const char*);
160 static int TIFFCheckDirOffset(TIFF* tif, uint64 diroff);
161 static int CheckDirCount(TIFF*, TIFFDirEntry*, uint32);
162 static uint16 TIFFFetchDirectory(TIFF* tif, uint64 diroff, TIFFDirEntry** pdir, uint64* nextdiroff);
163 static int TIFFFetchNormalTag(TIFF*, TIFFDirEntry*, int recover);
164 static int TIFFFetchStripThing(TIFF* tif, TIFFDirEntry* dir, uint32 nstrips, uint64** lpp);
165 static int TIFFFetchSubjectDistance(TIFF*, TIFFDirEntry*);
166 static void ChopUpSingleUncompressedStrip(TIFF*);
167 static uint64 TIFFReadUInt64(const uint8 *value);
168
169 typedef union _UInt64Aligned_t
170 {
171 double d;
172 uint64 l;
173 uint32 i[2];
174 uint16 s[4];
175 uint8 c[8];
176 } UInt64Aligned_t;
177
178 /*
179 Unaligned safe copy of a uint64 value from an octet array.
180 */
TIFFReadUInt64(const uint8 * value)181 static uint64 TIFFReadUInt64(const uint8 *value)
182 {
183 UInt64Aligned_t result;
184
185 result.c[0]=value[0];
186 result.c[1]=value[1];
187 result.c[2]=value[2];
188 result.c[3]=value[3];
189 result.c[4]=value[4];
190 result.c[5]=value[5];
191 result.c[6]=value[6];
192 result.c[7]=value[7];
193
194 return result.l;
195 }
196
TIFFReadDirEntryByte(TIFF * tif,TIFFDirEntry * direntry,uint8 * value)197 static enum TIFFReadDirEntryErr TIFFReadDirEntryByte(TIFF* tif, TIFFDirEntry* direntry, uint8* value)
198 {
199 enum TIFFReadDirEntryErr err;
200 if (direntry->tdir_count!=1)
201 return(TIFFReadDirEntryErrCount);
202 switch (direntry->tdir_type)
203 {
204 case TIFF_BYTE:
205 TIFFReadDirEntryCheckedByte(tif,direntry,value);
206 return(TIFFReadDirEntryErrOk);
207 case TIFF_SBYTE:
208 {
209 int8 m;
210 TIFFReadDirEntryCheckedSbyte(tif,direntry,&m);
211 err=TIFFReadDirEntryCheckRangeByteSbyte(m);
212 if (err!=TIFFReadDirEntryErrOk)
213 return(err);
214 *value=(uint8)m;
215 return(TIFFReadDirEntryErrOk);
216 }
217 case TIFF_SHORT:
218 {
219 uint16 m;
220 TIFFReadDirEntryCheckedShort(tif,direntry,&m);
221 err=TIFFReadDirEntryCheckRangeByteShort(m);
222 if (err!=TIFFReadDirEntryErrOk)
223 return(err);
224 *value=(uint8)m;
225 return(TIFFReadDirEntryErrOk);
226 }
227 case TIFF_SSHORT:
228 {
229 int16 m;
230 TIFFReadDirEntryCheckedSshort(tif,direntry,&m);
231 err=TIFFReadDirEntryCheckRangeByteSshort(m);
232 if (err!=TIFFReadDirEntryErrOk)
233 return(err);
234 *value=(uint8)m;
235 return(TIFFReadDirEntryErrOk);
236 }
237 case TIFF_LONG:
238 {
239 uint32 m;
240 TIFFReadDirEntryCheckedLong(tif,direntry,&m);
241 err=TIFFReadDirEntryCheckRangeByteLong(m);
242 if (err!=TIFFReadDirEntryErrOk)
243 return(err);
244 *value=(uint8)m;
245 return(TIFFReadDirEntryErrOk);
246 }
247 case TIFF_SLONG:
248 {
249 int32 m;
250 TIFFReadDirEntryCheckedSlong(tif,direntry,&m);
251 err=TIFFReadDirEntryCheckRangeByteSlong(m);
252 if (err!=TIFFReadDirEntryErrOk)
253 return(err);
254 *value=(uint8)m;
255 return(TIFFReadDirEntryErrOk);
256 }
257 case TIFF_LONG8:
258 {
259 uint64 m;
260 err=TIFFReadDirEntryCheckedLong8(tif,direntry,&m);
261 if (err!=TIFFReadDirEntryErrOk)
262 return(err);
263 err=TIFFReadDirEntryCheckRangeByteLong8(m);
264 if (err!=TIFFReadDirEntryErrOk)
265 return(err);
266 *value=(uint8)m;
267 return(TIFFReadDirEntryErrOk);
268 }
269 case TIFF_SLONG8:
270 {
271 int64 m;
272 err=TIFFReadDirEntryCheckedSlong8(tif,direntry,&m);
273 if (err!=TIFFReadDirEntryErrOk)
274 return(err);
275 err=TIFFReadDirEntryCheckRangeByteSlong8(m);
276 if (err!=TIFFReadDirEntryErrOk)
277 return(err);
278 *value=(uint8)m;
279 return(TIFFReadDirEntryErrOk);
280 }
281 default:
282 return(TIFFReadDirEntryErrType);
283 }
284 }
285
TIFFReadDirEntryShort(TIFF * tif,TIFFDirEntry * direntry,uint16 * value)286 static enum TIFFReadDirEntryErr TIFFReadDirEntryShort(TIFF* tif, TIFFDirEntry* direntry, uint16* value)
287 {
288 enum TIFFReadDirEntryErr err;
289 if (direntry->tdir_count!=1)
290 return(TIFFReadDirEntryErrCount);
291 switch (direntry->tdir_type)
292 {
293 case TIFF_BYTE:
294 {
295 uint8 m;
296 TIFFReadDirEntryCheckedByte(tif,direntry,&m);
297 *value=(uint16)m;
298 return(TIFFReadDirEntryErrOk);
299 }
300 case TIFF_SBYTE:
301 {
302 int8 m;
303 TIFFReadDirEntryCheckedSbyte(tif,direntry,&m);
304 err=TIFFReadDirEntryCheckRangeShortSbyte(m);
305 if (err!=TIFFReadDirEntryErrOk)
306 return(err);
307 *value=(uint16)m;
308 return(TIFFReadDirEntryErrOk);
309 }
310 case TIFF_SHORT:
311 TIFFReadDirEntryCheckedShort(tif,direntry,value);
312 return(TIFFReadDirEntryErrOk);
313 case TIFF_SSHORT:
314 {
315 int16 m;
316 TIFFReadDirEntryCheckedSshort(tif,direntry,&m);
317 err=TIFFReadDirEntryCheckRangeShortSshort(m);
318 if (err!=TIFFReadDirEntryErrOk)
319 return(err);
320 *value=(uint16)m;
321 return(TIFFReadDirEntryErrOk);
322 }
323 case TIFF_LONG:
324 {
325 uint32 m;
326 TIFFReadDirEntryCheckedLong(tif,direntry,&m);
327 err=TIFFReadDirEntryCheckRangeShortLong(m);
328 if (err!=TIFFReadDirEntryErrOk)
329 return(err);
330 *value=(uint16)m;
331 return(TIFFReadDirEntryErrOk);
332 }
333 case TIFF_SLONG:
334 {
335 int32 m;
336 TIFFReadDirEntryCheckedSlong(tif,direntry,&m);
337 err=TIFFReadDirEntryCheckRangeShortSlong(m);
338 if (err!=TIFFReadDirEntryErrOk)
339 return(err);
340 *value=(uint16)m;
341 return(TIFFReadDirEntryErrOk);
342 }
343 case TIFF_LONG8:
344 {
345 uint64 m;
346 err=TIFFReadDirEntryCheckedLong8(tif,direntry,&m);
347 if (err!=TIFFReadDirEntryErrOk)
348 return(err);
349 err=TIFFReadDirEntryCheckRangeShortLong8(m);
350 if (err!=TIFFReadDirEntryErrOk)
351 return(err);
352 *value=(uint16)m;
353 return(TIFFReadDirEntryErrOk);
354 }
355 case TIFF_SLONG8:
356 {
357 int64 m;
358 err=TIFFReadDirEntryCheckedSlong8(tif,direntry,&m);
359 if (err!=TIFFReadDirEntryErrOk)
360 return(err);
361 err=TIFFReadDirEntryCheckRangeShortSlong8(m);
362 if (err!=TIFFReadDirEntryErrOk)
363 return(err);
364 *value=(uint16)m;
365 return(TIFFReadDirEntryErrOk);
366 }
367 default:
368 return(TIFFReadDirEntryErrType);
369 }
370 }
371
TIFFReadDirEntryLong(TIFF * tif,TIFFDirEntry * direntry,uint32 * value)372 static enum TIFFReadDirEntryErr TIFFReadDirEntryLong(TIFF* tif, TIFFDirEntry* direntry, uint32* value)
373 {
374 enum TIFFReadDirEntryErr err;
375 if (direntry->tdir_count!=1)
376 return(TIFFReadDirEntryErrCount);
377 switch (direntry->tdir_type)
378 {
379 case TIFF_BYTE:
380 {
381 uint8 m;
382 TIFFReadDirEntryCheckedByte(tif,direntry,&m);
383 *value=(uint32)m;
384 return(TIFFReadDirEntryErrOk);
385 }
386 case TIFF_SBYTE:
387 {
388 int8 m;
389 TIFFReadDirEntryCheckedSbyte(tif,direntry,&m);
390 err=TIFFReadDirEntryCheckRangeLongSbyte(m);
391 if (err!=TIFFReadDirEntryErrOk)
392 return(err);
393 *value=(uint32)m;
394 return(TIFFReadDirEntryErrOk);
395 }
396 case TIFF_SHORT:
397 {
398 uint16 m;
399 TIFFReadDirEntryCheckedShort(tif,direntry,&m);
400 *value=(uint32)m;
401 return(TIFFReadDirEntryErrOk);
402 }
403 case TIFF_SSHORT:
404 {
405 int16 m;
406 TIFFReadDirEntryCheckedSshort(tif,direntry,&m);
407 err=TIFFReadDirEntryCheckRangeLongSshort(m);
408 if (err!=TIFFReadDirEntryErrOk)
409 return(err);
410 *value=(uint32)m;
411 return(TIFFReadDirEntryErrOk);
412 }
413 case TIFF_LONG:
414 TIFFReadDirEntryCheckedLong(tif,direntry,value);
415 return(TIFFReadDirEntryErrOk);
416 case TIFF_SLONG:
417 {
418 int32 m;
419 TIFFReadDirEntryCheckedSlong(tif,direntry,&m);
420 err=TIFFReadDirEntryCheckRangeLongSlong(m);
421 if (err!=TIFFReadDirEntryErrOk)
422 return(err);
423 *value=(uint32)m;
424 return(TIFFReadDirEntryErrOk);
425 }
426 case TIFF_LONG8:
427 {
428 uint64 m;
429 err=TIFFReadDirEntryCheckedLong8(tif,direntry,&m);
430 if (err!=TIFFReadDirEntryErrOk)
431 return(err);
432 err=TIFFReadDirEntryCheckRangeLongLong8(m);
433 if (err!=TIFFReadDirEntryErrOk)
434 return(err);
435 *value=(uint32)m;
436 return(TIFFReadDirEntryErrOk);
437 }
438 case TIFF_SLONG8:
439 {
440 int64 m;
441 err=TIFFReadDirEntryCheckedSlong8(tif,direntry,&m);
442 if (err!=TIFFReadDirEntryErrOk)
443 return(err);
444 err=TIFFReadDirEntryCheckRangeLongSlong8(m);
445 if (err!=TIFFReadDirEntryErrOk)
446 return(err);
447 *value=(uint32)m;
448 return(TIFFReadDirEntryErrOk);
449 }
450 default:
451 return(TIFFReadDirEntryErrType);
452 }
453 }
454
TIFFReadDirEntryLong8(TIFF * tif,TIFFDirEntry * direntry,uint64 * value)455 static enum TIFFReadDirEntryErr TIFFReadDirEntryLong8(TIFF* tif, TIFFDirEntry* direntry, uint64* value)
456 {
457 enum TIFFReadDirEntryErr err;
458 if (direntry->tdir_count!=1)
459 return(TIFFReadDirEntryErrCount);
460 switch (direntry->tdir_type)
461 {
462 case TIFF_BYTE:
463 {
464 uint8 m;
465 TIFFReadDirEntryCheckedByte(tif,direntry,&m);
466 *value=(uint64)m;
467 return(TIFFReadDirEntryErrOk);
468 }
469 case TIFF_SBYTE:
470 {
471 int8 m;
472 TIFFReadDirEntryCheckedSbyte(tif,direntry,&m);
473 err=TIFFReadDirEntryCheckRangeLong8Sbyte(m);
474 if (err!=TIFFReadDirEntryErrOk)
475 return(err);
476 *value=(uint64)m;
477 return(TIFFReadDirEntryErrOk);
478 }
479 case TIFF_SHORT:
480 {
481 uint16 m;
482 TIFFReadDirEntryCheckedShort(tif,direntry,&m);
483 *value=(uint64)m;
484 return(TIFFReadDirEntryErrOk);
485 }
486 case TIFF_SSHORT:
487 {
488 int16 m;
489 TIFFReadDirEntryCheckedSshort(tif,direntry,&m);
490 err=TIFFReadDirEntryCheckRangeLong8Sshort(m);
491 if (err!=TIFFReadDirEntryErrOk)
492 return(err);
493 *value=(uint64)m;
494 return(TIFFReadDirEntryErrOk);
495 }
496 case TIFF_LONG:
497 {
498 uint32 m;
499 TIFFReadDirEntryCheckedLong(tif,direntry,&m);
500 *value=(uint64)m;
501 return(TIFFReadDirEntryErrOk);
502 }
503 case TIFF_SLONG:
504 {
505 int32 m;
506 TIFFReadDirEntryCheckedSlong(tif,direntry,&m);
507 err=TIFFReadDirEntryCheckRangeLong8Slong(m);
508 if (err!=TIFFReadDirEntryErrOk)
509 return(err);
510 *value=(uint64)m;
511 return(TIFFReadDirEntryErrOk);
512 }
513 case TIFF_LONG8:
514 err=TIFFReadDirEntryCheckedLong8(tif,direntry,value);
515 return(err);
516 case TIFF_SLONG8:
517 {
518 int64 m;
519 err=TIFFReadDirEntryCheckedSlong8(tif,direntry,&m);
520 if (err!=TIFFReadDirEntryErrOk)
521 return(err);
522 err=TIFFReadDirEntryCheckRangeLong8Slong8(m);
523 if (err!=TIFFReadDirEntryErrOk)
524 return(err);
525 *value=(uint64)m;
526 return(TIFFReadDirEntryErrOk);
527 }
528 default:
529 return(TIFFReadDirEntryErrType);
530 }
531 }
532
TIFFReadDirEntryFloat(TIFF * tif,TIFFDirEntry * direntry,float * value)533 static enum TIFFReadDirEntryErr TIFFReadDirEntryFloat(TIFF* tif, TIFFDirEntry* direntry, float* value)
534 {
535 enum TIFFReadDirEntryErr err;
536 if (direntry->tdir_count!=1)
537 return(TIFFReadDirEntryErrCount);
538 switch (direntry->tdir_type)
539 {
540 case TIFF_BYTE:
541 {
542 uint8 m;
543 TIFFReadDirEntryCheckedByte(tif,direntry,&m);
544 *value=(float)m;
545 return(TIFFReadDirEntryErrOk);
546 }
547 case TIFF_SBYTE:
548 {
549 int8 m;
550 TIFFReadDirEntryCheckedSbyte(tif,direntry,&m);
551 *value=(float)m;
552 return(TIFFReadDirEntryErrOk);
553 }
554 case TIFF_SHORT:
555 {
556 uint16 m;
557 TIFFReadDirEntryCheckedShort(tif,direntry,&m);
558 *value=(float)m;
559 return(TIFFReadDirEntryErrOk);
560 }
561 case TIFF_SSHORT:
562 {
563 int16 m;
564 TIFFReadDirEntryCheckedSshort(tif,direntry,&m);
565 *value=(float)m;
566 return(TIFFReadDirEntryErrOk);
567 }
568 case TIFF_LONG:
569 {
570 uint32 m;
571 TIFFReadDirEntryCheckedLong(tif,direntry,&m);
572 *value=(float)m;
573 return(TIFFReadDirEntryErrOk);
574 }
575 case TIFF_SLONG:
576 {
577 int32 m;
578 TIFFReadDirEntryCheckedSlong(tif,direntry,&m);
579 *value=(float)m;
580 return(TIFFReadDirEntryErrOk);
581 }
582 case TIFF_LONG8:
583 {
584 uint64 m;
585 err=TIFFReadDirEntryCheckedLong8(tif,direntry,&m);
586 if (err!=TIFFReadDirEntryErrOk)
587 return(err);
588 #if defined(__WIN32__) && (_MSC_VER < 1500)
589 /*
590 * XXX: MSVC 6.0 does not support conversion
591 * of 64-bit integers into floating point
592 * values.
593 */
594 *value = _TIFFUInt64ToFloat(m);
595 #else
596 *value=(float)m;
597 #endif
598 return(TIFFReadDirEntryErrOk);
599 }
600 case TIFF_SLONG8:
601 {
602 int64 m;
603 err=TIFFReadDirEntryCheckedSlong8(tif,direntry,&m);
604 if (err!=TIFFReadDirEntryErrOk)
605 return(err);
606 *value=(float)m;
607 return(TIFFReadDirEntryErrOk);
608 }
609 case TIFF_RATIONAL:
610 {
611 double m;
612 err=TIFFReadDirEntryCheckedRational(tif,direntry,&m);
613 if (err!=TIFFReadDirEntryErrOk)
614 return(err);
615 *value=(float)m;
616 return(TIFFReadDirEntryErrOk);
617 }
618 case TIFF_SRATIONAL:
619 {
620 double m;
621 err=TIFFReadDirEntryCheckedSrational(tif,direntry,&m);
622 if (err!=TIFFReadDirEntryErrOk)
623 return(err);
624 *value=(float)m;
625 return(TIFFReadDirEntryErrOk);
626 }
627 case TIFF_FLOAT:
628 TIFFReadDirEntryCheckedFloat(tif,direntry,value);
629 return(TIFFReadDirEntryErrOk);
630 case TIFF_DOUBLE:
631 {
632 double m;
633 err=TIFFReadDirEntryCheckedDouble(tif,direntry,&m);
634 if (err!=TIFFReadDirEntryErrOk)
635 return(err);
636 *value=(float)m;
637 return(TIFFReadDirEntryErrOk);
638 }
639 default:
640 return(TIFFReadDirEntryErrType);
641 }
642 }
643
TIFFReadDirEntryDouble(TIFF * tif,TIFFDirEntry * direntry,double * value)644 static enum TIFFReadDirEntryErr TIFFReadDirEntryDouble(TIFF* tif, TIFFDirEntry* direntry, double* value)
645 {
646 enum TIFFReadDirEntryErr err;
647 if (direntry->tdir_count!=1)
648 return(TIFFReadDirEntryErrCount);
649 switch (direntry->tdir_type)
650 {
651 case TIFF_BYTE:
652 {
653 uint8 m;
654 TIFFReadDirEntryCheckedByte(tif,direntry,&m);
655 *value=(double)m;
656 return(TIFFReadDirEntryErrOk);
657 }
658 case TIFF_SBYTE:
659 {
660 int8 m;
661 TIFFReadDirEntryCheckedSbyte(tif,direntry,&m);
662 *value=(double)m;
663 return(TIFFReadDirEntryErrOk);
664 }
665 case TIFF_SHORT:
666 {
667 uint16 m;
668 TIFFReadDirEntryCheckedShort(tif,direntry,&m);
669 *value=(double)m;
670 return(TIFFReadDirEntryErrOk);
671 }
672 case TIFF_SSHORT:
673 {
674 int16 m;
675 TIFFReadDirEntryCheckedSshort(tif,direntry,&m);
676 *value=(double)m;
677 return(TIFFReadDirEntryErrOk);
678 }
679 case TIFF_LONG:
680 {
681 uint32 m;
682 TIFFReadDirEntryCheckedLong(tif,direntry,&m);
683 *value=(double)m;
684 return(TIFFReadDirEntryErrOk);
685 }
686 case TIFF_SLONG:
687 {
688 int32 m;
689 TIFFReadDirEntryCheckedSlong(tif,direntry,&m);
690 *value=(double)m;
691 return(TIFFReadDirEntryErrOk);
692 }
693 case TIFF_LONG8:
694 {
695 uint64 m;
696 err=TIFFReadDirEntryCheckedLong8(tif,direntry,&m);
697 if (err!=TIFFReadDirEntryErrOk)
698 return(err);
699 #if defined(__WIN32__) && (_MSC_VER < 1500)
700 /*
701 * XXX: MSVC 6.0 does not support conversion
702 * of 64-bit integers into floating point
703 * values.
704 */
705 *value = _TIFFUInt64ToDouble(m);
706 #else
707 *value = (double)m;
708 #endif
709 return(TIFFReadDirEntryErrOk);
710 }
711 case TIFF_SLONG8:
712 {
713 int64 m;
714 err=TIFFReadDirEntryCheckedSlong8(tif,direntry,&m);
715 if (err!=TIFFReadDirEntryErrOk)
716 return(err);
717 *value=(double)m;
718 return(TIFFReadDirEntryErrOk);
719 }
720 case TIFF_RATIONAL:
721 err=TIFFReadDirEntryCheckedRational(tif,direntry,value);
722 return(err);
723 case TIFF_SRATIONAL:
724 err=TIFFReadDirEntryCheckedSrational(tif,direntry,value);
725 return(err);
726 case TIFF_FLOAT:
727 {
728 float m;
729 TIFFReadDirEntryCheckedFloat(tif,direntry,&m);
730 *value=(double)m;
731 return(TIFFReadDirEntryErrOk);
732 }
733 case TIFF_DOUBLE:
734 err=TIFFReadDirEntryCheckedDouble(tif,direntry,value);
735 return(err);
736 default:
737 return(TIFFReadDirEntryErrType);
738 }
739 }
740
TIFFReadDirEntryIfd8(TIFF * tif,TIFFDirEntry * direntry,uint64 * value)741 static enum TIFFReadDirEntryErr TIFFReadDirEntryIfd8(TIFF* tif, TIFFDirEntry* direntry, uint64* value)
742 {
743 enum TIFFReadDirEntryErr err;
744 if (direntry->tdir_count!=1)
745 return(TIFFReadDirEntryErrCount);
746 switch (direntry->tdir_type)
747 {
748 case TIFF_LONG:
749 case TIFF_IFD:
750 {
751 uint32 m;
752 TIFFReadDirEntryCheckedLong(tif,direntry,&m);
753 *value=(uint64)m;
754 return(TIFFReadDirEntryErrOk);
755 }
756 case TIFF_LONG8:
757 case TIFF_IFD8:
758 err=TIFFReadDirEntryCheckedLong8(tif,direntry,value);
759 return(err);
760 default:
761 return(TIFFReadDirEntryErrType);
762 }
763 }
764
TIFFReadDirEntryArray(TIFF * tif,TIFFDirEntry * direntry,uint32 * count,uint32 desttypesize,void ** value)765 static enum TIFFReadDirEntryErr TIFFReadDirEntryArray(TIFF* tif, TIFFDirEntry* direntry, uint32* count, uint32 desttypesize, void** value)
766 {
767 int typesize;
768 uint32 datasize;
769 void* data;
770 typesize=TIFFDataWidth(direntry->tdir_type);
771 if ((direntry->tdir_count==0)||(typesize==0))
772 {
773 *value=0;
774 return(TIFFReadDirEntryErrOk);
775 }
776 (void) desttypesize;
777
778 /*
779 * As a sanity check, make sure we have no more than a 2GB tag array
780 * in either the current data type or the dest data type. This also
781 * avoids problems with overflow of tmsize_t on 32bit systems.
782 */
783 if ((uint64)(2147483647/typesize)<direntry->tdir_count)
784 return(TIFFReadDirEntryErrSizesan);
785 if ((uint64)(2147483647/desttypesize)<direntry->tdir_count)
786 return(TIFFReadDirEntryErrSizesan);
787
788 *count=(uint32)direntry->tdir_count;
789 datasize=(*count)*typesize;
790 assert((tmsize_t)datasize>0);
791 data=_TIFFCheckMalloc(tif, *count, typesize, "ReadDirEntryArray");
792 if (data==0)
793 return(TIFFReadDirEntryErrAlloc);
794 if (!(tif->tif_flags&TIFF_BIGTIFF))
795 {
796 if (datasize<=4)
797 _TIFFmemcpy(data,&direntry->tdir_offset,datasize);
798 else
799 {
800 enum TIFFReadDirEntryErr err;
801 uint32 offset = direntry->tdir_offset.toff_long;
802 if (tif->tif_flags&TIFF_SWAB)
803 TIFFSwabLong(&offset);
804 err=TIFFReadDirEntryData(tif,(uint64)offset,(tmsize_t)datasize,data);
805 if (err!=TIFFReadDirEntryErrOk)
806 {
807 _TIFFfree(data);
808 return(err);
809 }
810 }
811 }
812 else
813 {
814 if (datasize<=8)
815 _TIFFmemcpy(data,&direntry->tdir_offset,datasize);
816 else
817 {
818 enum TIFFReadDirEntryErr err;
819 uint64 offset = direntry->tdir_offset.toff_long8;
820 if (tif->tif_flags&TIFF_SWAB)
821 TIFFSwabLong8(&offset);
822 err=TIFFReadDirEntryData(tif,offset,(tmsize_t)datasize,data);
823 if (err!=TIFFReadDirEntryErrOk)
824 {
825 _TIFFfree(data);
826 return(err);
827 }
828 }
829 }
830 *value=data;
831 return(TIFFReadDirEntryErrOk);
832 }
833
TIFFReadDirEntryByteArray(TIFF * tif,TIFFDirEntry * direntry,uint8 ** value)834 static enum TIFFReadDirEntryErr TIFFReadDirEntryByteArray(TIFF* tif, TIFFDirEntry* direntry, uint8** value)
835 {
836 enum TIFFReadDirEntryErr err;
837 uint32 count;
838 void* origdata;
839 uint8* data;
840 switch (direntry->tdir_type)
841 {
842 case TIFF_ASCII:
843 case TIFF_UNDEFINED:
844 case TIFF_BYTE:
845 case TIFF_SBYTE:
846 case TIFF_SHORT:
847 case TIFF_SSHORT:
848 case TIFF_LONG:
849 case TIFF_SLONG:
850 case TIFF_LONG8:
851 case TIFF_SLONG8:
852 break;
853 default:
854 return(TIFFReadDirEntryErrType);
855 }
856 err=TIFFReadDirEntryArray(tif,direntry,&count,1,&origdata);
857 if ((err!=TIFFReadDirEntryErrOk)||(origdata==0))
858 {
859 *value=0;
860 return(err);
861 }
862 switch (direntry->tdir_type)
863 {
864 case TIFF_ASCII:
865 case TIFF_UNDEFINED:
866 case TIFF_BYTE:
867 *value=(uint8*)origdata;
868 return(TIFFReadDirEntryErrOk);
869 case TIFF_SBYTE:
870 {
871 int8* m;
872 uint32 n;
873 m=(int8*)origdata;
874 for (n=0; n<count; n++)
875 {
876 err=TIFFReadDirEntryCheckRangeByteSbyte(*m);
877 if (err!=TIFFReadDirEntryErrOk)
878 {
879 _TIFFfree(origdata);
880 return(err);
881 }
882 m++;
883 }
884 *value=(uint8*)origdata;
885 return(TIFFReadDirEntryErrOk);
886 }
887 }
888 data=(uint8*)_TIFFmalloc(count);
889 if (data==0)
890 {
891 _TIFFfree(origdata);
892 return(TIFFReadDirEntryErrAlloc);
893 }
894 switch (direntry->tdir_type)
895 {
896 case TIFF_SHORT:
897 {
898 uint16* ma;
899 uint8* mb;
900 uint32 n;
901 ma=(uint16*)origdata;
902 mb=data;
903 for (n=0; n<count; n++)
904 {
905 if (tif->tif_flags&TIFF_SWAB)
906 TIFFSwabShort(ma);
907 err=TIFFReadDirEntryCheckRangeByteShort(*ma);
908 if (err!=TIFFReadDirEntryErrOk)
909 break;
910 *mb++=(uint8)(*ma++);
911 }
912 }
913 break;
914 case TIFF_SSHORT:
915 {
916 int16* ma;
917 uint8* mb;
918 uint32 n;
919 ma=(int16*)origdata;
920 mb=data;
921 for (n=0; n<count; n++)
922 {
923 if (tif->tif_flags&TIFF_SWAB)
924 TIFFSwabShort((uint16*)ma);
925 err=TIFFReadDirEntryCheckRangeByteSshort(*ma);
926 if (err!=TIFFReadDirEntryErrOk)
927 break;
928 *mb++=(uint8)(*ma++);
929 }
930 }
931 break;
932 case TIFF_LONG:
933 {
934 uint32* ma;
935 uint8* mb;
936 uint32 n;
937 ma=(uint32*)origdata;
938 mb=data;
939 for (n=0; n<count; n++)
940 {
941 if (tif->tif_flags&TIFF_SWAB)
942 TIFFSwabLong(ma);
943 err=TIFFReadDirEntryCheckRangeByteLong(*ma);
944 if (err!=TIFFReadDirEntryErrOk)
945 break;
946 *mb++=(uint8)(*ma++);
947 }
948 }
949 break;
950 case TIFF_SLONG:
951 {
952 int32* ma;
953 uint8* mb;
954 uint32 n;
955 ma=(int32*)origdata;
956 mb=data;
957 for (n=0; n<count; n++)
958 {
959 if (tif->tif_flags&TIFF_SWAB)
960 TIFFSwabLong((uint32*)ma);
961 err=TIFFReadDirEntryCheckRangeByteSlong(*ma);
962 if (err!=TIFFReadDirEntryErrOk)
963 break;
964 *mb++=(uint8)(*ma++);
965 }
966 }
967 break;
968 case TIFF_LONG8:
969 {
970 uint64* ma;
971 uint8* mb;
972 uint32 n;
973 ma=(uint64*)origdata;
974 mb=data;
975 for (n=0; n<count; n++)
976 {
977 if (tif->tif_flags&TIFF_SWAB)
978 TIFFSwabLong8(ma);
979 err=TIFFReadDirEntryCheckRangeByteLong8(*ma);
980 if (err!=TIFFReadDirEntryErrOk)
981 break;
982 *mb++=(uint8)(*ma++);
983 }
984 }
985 break;
986 case TIFF_SLONG8:
987 {
988 int64* ma;
989 uint8* mb;
990 uint32 n;
991 ma=(int64*)origdata;
992 mb=data;
993 for (n=0; n<count; n++)
994 {
995 if (tif->tif_flags&TIFF_SWAB)
996 TIFFSwabLong8((uint64*)ma);
997 err=TIFFReadDirEntryCheckRangeByteSlong8(*ma);
998 if (err!=TIFFReadDirEntryErrOk)
999 break;
1000 *mb++=(uint8)(*ma++);
1001 }
1002 }
1003 break;
1004 }
1005 _TIFFfree(origdata);
1006 if (err!=TIFFReadDirEntryErrOk)
1007 {
1008 _TIFFfree(data);
1009 return(err);
1010 }
1011 *value=data;
1012 return(TIFFReadDirEntryErrOk);
1013 }
1014
TIFFReadDirEntrySbyteArray(TIFF * tif,TIFFDirEntry * direntry,int8 ** value)1015 static enum TIFFReadDirEntryErr TIFFReadDirEntrySbyteArray(TIFF* tif, TIFFDirEntry* direntry, int8** value)
1016 {
1017 enum TIFFReadDirEntryErr err;
1018 uint32 count;
1019 void* origdata;
1020 int8* data;
1021 switch (direntry->tdir_type)
1022 {
1023 case TIFF_UNDEFINED:
1024 case TIFF_BYTE:
1025 case TIFF_SBYTE:
1026 case TIFF_SHORT:
1027 case TIFF_SSHORT:
1028 case TIFF_LONG:
1029 case TIFF_SLONG:
1030 case TIFF_LONG8:
1031 case TIFF_SLONG8:
1032 break;
1033 default:
1034 return(TIFFReadDirEntryErrType);
1035 }
1036 err=TIFFReadDirEntryArray(tif,direntry,&count,1,&origdata);
1037 if ((err!=TIFFReadDirEntryErrOk)||(origdata==0))
1038 {
1039 *value=0;
1040 return(err);
1041 }
1042 switch (direntry->tdir_type)
1043 {
1044 case TIFF_UNDEFINED:
1045 case TIFF_BYTE:
1046 {
1047 uint8* m;
1048 uint32 n;
1049 m=(uint8*)origdata;
1050 for (n=0; n<count; n++)
1051 {
1052 err=TIFFReadDirEntryCheckRangeSbyteByte(*m);
1053 if (err!=TIFFReadDirEntryErrOk)
1054 {
1055 _TIFFfree(origdata);
1056 return(err);
1057 }
1058 m++;
1059 }
1060 *value=(int8*)origdata;
1061 return(TIFFReadDirEntryErrOk);
1062 }
1063 case TIFF_SBYTE:
1064 *value=(int8*)origdata;
1065 return(TIFFReadDirEntryErrOk);
1066 }
1067 data=(int8*)_TIFFmalloc(count);
1068 if (data==0)
1069 {
1070 _TIFFfree(origdata);
1071 return(TIFFReadDirEntryErrAlloc);
1072 }
1073 switch (direntry->tdir_type)
1074 {
1075 case TIFF_SHORT:
1076 {
1077 uint16* ma;
1078 int8* mb;
1079 uint32 n;
1080 ma=(uint16*)origdata;
1081 mb=data;
1082 for (n=0; n<count; n++)
1083 {
1084 if (tif->tif_flags&TIFF_SWAB)
1085 TIFFSwabShort(ma);
1086 err=TIFFReadDirEntryCheckRangeSbyteShort(*ma);
1087 if (err!=TIFFReadDirEntryErrOk)
1088 break;
1089 *mb++=(int8)(*ma++);
1090 }
1091 }
1092 break;
1093 case TIFF_SSHORT:
1094 {
1095 int16* ma;
1096 int8* mb;
1097 uint32 n;
1098 ma=(int16*)origdata;
1099 mb=data;
1100 for (n=0; n<count; n++)
1101 {
1102 if (tif->tif_flags&TIFF_SWAB)
1103 TIFFSwabShort((uint16*)ma);
1104 err=TIFFReadDirEntryCheckRangeSbyteSshort(*ma);
1105 if (err!=TIFFReadDirEntryErrOk)
1106 break;
1107 *mb++=(int8)(*ma++);
1108 }
1109 }
1110 break;
1111 case TIFF_LONG:
1112 {
1113 uint32* ma;
1114 int8* mb;
1115 uint32 n;
1116 ma=(uint32*)origdata;
1117 mb=data;
1118 for (n=0; n<count; n++)
1119 {
1120 if (tif->tif_flags&TIFF_SWAB)
1121 TIFFSwabLong(ma);
1122 err=TIFFReadDirEntryCheckRangeSbyteLong(*ma);
1123 if (err!=TIFFReadDirEntryErrOk)
1124 break;
1125 *mb++=(int8)(*ma++);
1126 }
1127 }
1128 break;
1129 case TIFF_SLONG:
1130 {
1131 int32* ma;
1132 int8* mb;
1133 uint32 n;
1134 ma=(int32*)origdata;
1135 mb=data;
1136 for (n=0; n<count; n++)
1137 {
1138 if (tif->tif_flags&TIFF_SWAB)
1139 TIFFSwabLong((uint32*)ma);
1140 err=TIFFReadDirEntryCheckRangeSbyteSlong(*ma);
1141 if (err!=TIFFReadDirEntryErrOk)
1142 break;
1143 *mb++=(int8)(*ma++);
1144 }
1145 }
1146 break;
1147 case TIFF_LONG8:
1148 {
1149 uint64* ma;
1150 int8* mb;
1151 uint32 n;
1152 ma=(uint64*)origdata;
1153 mb=data;
1154 for (n=0; n<count; n++)
1155 {
1156 if (tif->tif_flags&TIFF_SWAB)
1157 TIFFSwabLong8(ma);
1158 err=TIFFReadDirEntryCheckRangeSbyteLong8(*ma);
1159 if (err!=TIFFReadDirEntryErrOk)
1160 break;
1161 *mb++=(int8)(*ma++);
1162 }
1163 }
1164 break;
1165 case TIFF_SLONG8:
1166 {
1167 int64* ma;
1168 int8* mb;
1169 uint32 n;
1170 ma=(int64*)origdata;
1171 mb=data;
1172 for (n=0; n<count; n++)
1173 {
1174 if (tif->tif_flags&TIFF_SWAB)
1175 TIFFSwabLong8((uint64*)ma);
1176 err=TIFFReadDirEntryCheckRangeSbyteSlong8(*ma);
1177 if (err!=TIFFReadDirEntryErrOk)
1178 break;
1179 *mb++=(int8)(*ma++);
1180 }
1181 }
1182 break;
1183 }
1184 _TIFFfree(origdata);
1185 if (err!=TIFFReadDirEntryErrOk)
1186 {
1187 _TIFFfree(data);
1188 return(err);
1189 }
1190 *value=data;
1191 return(TIFFReadDirEntryErrOk);
1192 }
1193
TIFFReadDirEntryShortArray(TIFF * tif,TIFFDirEntry * direntry,uint16 ** value)1194 static enum TIFFReadDirEntryErr TIFFReadDirEntryShortArray(TIFF* tif, TIFFDirEntry* direntry, uint16** value)
1195 {
1196 enum TIFFReadDirEntryErr err;
1197 uint32 count;
1198 void* origdata;
1199 uint16* data;
1200 switch (direntry->tdir_type)
1201 {
1202 case TIFF_BYTE:
1203 case TIFF_SBYTE:
1204 case TIFF_SHORT:
1205 case TIFF_SSHORT:
1206 case TIFF_LONG:
1207 case TIFF_SLONG:
1208 case TIFF_LONG8:
1209 case TIFF_SLONG8:
1210 break;
1211 default:
1212 return(TIFFReadDirEntryErrType);
1213 }
1214 err=TIFFReadDirEntryArray(tif,direntry,&count,2,&origdata);
1215 if ((err!=TIFFReadDirEntryErrOk)||(origdata==0))
1216 {
1217 *value=0;
1218 return(err);
1219 }
1220 switch (direntry->tdir_type)
1221 {
1222 case TIFF_SHORT:
1223 *value=(uint16*)origdata;
1224 if (tif->tif_flags&TIFF_SWAB)
1225 TIFFSwabArrayOfShort(*value,count);
1226 return(TIFFReadDirEntryErrOk);
1227 case TIFF_SSHORT:
1228 {
1229 int16* m;
1230 uint32 n;
1231 m=(int16*)origdata;
1232 for (n=0; n<count; n++)
1233 {
1234 if (tif->tif_flags&TIFF_SWAB)
1235 TIFFSwabShort((uint16*)m);
1236 err=TIFFReadDirEntryCheckRangeShortSshort(*m);
1237 if (err!=TIFFReadDirEntryErrOk)
1238 {
1239 _TIFFfree(origdata);
1240 return(err);
1241 }
1242 m++;
1243 }
1244 *value=(uint16*)origdata;
1245 return(TIFFReadDirEntryErrOk);
1246 }
1247 }
1248 data=(uint16*)_TIFFmalloc(count*2);
1249 if (data==0)
1250 {
1251 _TIFFfree(origdata);
1252 return(TIFFReadDirEntryErrAlloc);
1253 }
1254 switch (direntry->tdir_type)
1255 {
1256 case TIFF_BYTE:
1257 {
1258 uint8* ma;
1259 uint16* mb;
1260 uint32 n;
1261 ma=(uint8*)origdata;
1262 mb=data;
1263 for (n=0; n<count; n++)
1264 *mb++=(uint16)(*ma++);
1265 }
1266 break;
1267 case TIFF_SBYTE:
1268 {
1269 int8* ma;
1270 uint16* mb;
1271 uint32 n;
1272 ma=(int8*)origdata;
1273 mb=data;
1274 for (n=0; n<count; n++)
1275 {
1276 err=TIFFReadDirEntryCheckRangeShortSbyte(*ma);
1277 if (err!=TIFFReadDirEntryErrOk)
1278 break;
1279 *mb++=(uint16)(*ma++);
1280 }
1281 }
1282 break;
1283 case TIFF_LONG:
1284 {
1285 uint32* ma;
1286 uint16* mb;
1287 uint32 n;
1288 ma=(uint32*)origdata;
1289 mb=data;
1290 for (n=0; n<count; n++)
1291 {
1292 if (tif->tif_flags&TIFF_SWAB)
1293 TIFFSwabLong(ma);
1294 err=TIFFReadDirEntryCheckRangeShortLong(*ma);
1295 if (err!=TIFFReadDirEntryErrOk)
1296 break;
1297 *mb++=(uint16)(*ma++);
1298 }
1299 }
1300 break;
1301 case TIFF_SLONG:
1302 {
1303 int32* ma;
1304 uint16* mb;
1305 uint32 n;
1306 ma=(int32*)origdata;
1307 mb=data;
1308 for (n=0; n<count; n++)
1309 {
1310 if (tif->tif_flags&TIFF_SWAB)
1311 TIFFSwabLong((uint32*)ma);
1312 err=TIFFReadDirEntryCheckRangeShortSlong(*ma);
1313 if (err!=TIFFReadDirEntryErrOk)
1314 break;
1315 *mb++=(uint16)(*ma++);
1316 }
1317 }
1318 break;
1319 case TIFF_LONG8:
1320 {
1321 uint64* ma;
1322 uint16* mb;
1323 uint32 n;
1324 ma=(uint64*)origdata;
1325 mb=data;
1326 for (n=0; n<count; n++)
1327 {
1328 if (tif->tif_flags&TIFF_SWAB)
1329 TIFFSwabLong8(ma);
1330 err=TIFFReadDirEntryCheckRangeShortLong8(*ma);
1331 if (err!=TIFFReadDirEntryErrOk)
1332 break;
1333 *mb++=(uint16)(*ma++);
1334 }
1335 }
1336 break;
1337 case TIFF_SLONG8:
1338 {
1339 int64* ma;
1340 uint16* mb;
1341 uint32 n;
1342 ma=(int64*)origdata;
1343 mb=data;
1344 for (n=0; n<count; n++)
1345 {
1346 if (tif->tif_flags&TIFF_SWAB)
1347 TIFFSwabLong8((uint64*)ma);
1348 err=TIFFReadDirEntryCheckRangeShortSlong8(*ma);
1349 if (err!=TIFFReadDirEntryErrOk)
1350 break;
1351 *mb++=(uint16)(*ma++);
1352 }
1353 }
1354 break;
1355 }
1356 _TIFFfree(origdata);
1357 if (err!=TIFFReadDirEntryErrOk)
1358 {
1359 _TIFFfree(data);
1360 return(err);
1361 }
1362 *value=data;
1363 return(TIFFReadDirEntryErrOk);
1364 }
1365
TIFFReadDirEntrySshortArray(TIFF * tif,TIFFDirEntry * direntry,int16 ** value)1366 static enum TIFFReadDirEntryErr TIFFReadDirEntrySshortArray(TIFF* tif, TIFFDirEntry* direntry, int16** value)
1367 {
1368 enum TIFFReadDirEntryErr err;
1369 uint32 count;
1370 void* origdata;
1371 int16* data;
1372 switch (direntry->tdir_type)
1373 {
1374 case TIFF_BYTE:
1375 case TIFF_SBYTE:
1376 case TIFF_SHORT:
1377 case TIFF_SSHORT:
1378 case TIFF_LONG:
1379 case TIFF_SLONG:
1380 case TIFF_LONG8:
1381 case TIFF_SLONG8:
1382 break;
1383 default:
1384 return(TIFFReadDirEntryErrType);
1385 }
1386 err=TIFFReadDirEntryArray(tif,direntry,&count,2,&origdata);
1387 if ((err!=TIFFReadDirEntryErrOk)||(origdata==0))
1388 {
1389 *value=0;
1390 return(err);
1391 }
1392 switch (direntry->tdir_type)
1393 {
1394 case TIFF_SHORT:
1395 {
1396 uint16* m;
1397 uint32 n;
1398 m=(uint16*)origdata;
1399 for (n=0; n<count; n++)
1400 {
1401 if (tif->tif_flags&TIFF_SWAB)
1402 TIFFSwabShort(m);
1403 err=TIFFReadDirEntryCheckRangeSshortShort(*m);
1404 if (err!=TIFFReadDirEntryErrOk)
1405 {
1406 _TIFFfree(origdata);
1407 return(err);
1408 }
1409 m++;
1410 }
1411 *value=(int16*)origdata;
1412 return(TIFFReadDirEntryErrOk);
1413 }
1414 case TIFF_SSHORT:
1415 *value=(int16*)origdata;
1416 if (tif->tif_flags&TIFF_SWAB)
1417 TIFFSwabArrayOfShort((uint16*)(*value),count);
1418 return(TIFFReadDirEntryErrOk);
1419 }
1420 data=(int16*)_TIFFmalloc(count*2);
1421 if (data==0)
1422 {
1423 _TIFFfree(origdata);
1424 return(TIFFReadDirEntryErrAlloc);
1425 }
1426 switch (direntry->tdir_type)
1427 {
1428 case TIFF_BYTE:
1429 {
1430 uint8* ma;
1431 int16* mb;
1432 uint32 n;
1433 ma=(uint8*)origdata;
1434 mb=data;
1435 for (n=0; n<count; n++)
1436 *mb++=(int16)(*ma++);
1437 }
1438 break;
1439 case TIFF_SBYTE:
1440 {
1441 int8* ma;
1442 int16* mb;
1443 uint32 n;
1444 ma=(int8*)origdata;
1445 mb=data;
1446 for (n=0; n<count; n++)
1447 *mb++=(int16)(*ma++);
1448 }
1449 break;
1450 case TIFF_LONG:
1451 {
1452 uint32* ma;
1453 int16* mb;
1454 uint32 n;
1455 ma=(uint32*)origdata;
1456 mb=data;
1457 for (n=0; n<count; n++)
1458 {
1459 if (tif->tif_flags&TIFF_SWAB)
1460 TIFFSwabLong(ma);
1461 err=TIFFReadDirEntryCheckRangeSshortLong(*ma);
1462 if (err!=TIFFReadDirEntryErrOk)
1463 break;
1464 *mb++=(int16)(*ma++);
1465 }
1466 }
1467 break;
1468 case TIFF_SLONG:
1469 {
1470 int32* ma;
1471 int16* mb;
1472 uint32 n;
1473 ma=(int32*)origdata;
1474 mb=data;
1475 for (n=0; n<count; n++)
1476 {
1477 if (tif->tif_flags&TIFF_SWAB)
1478 TIFFSwabLong((uint32*)ma);
1479 err=TIFFReadDirEntryCheckRangeSshortSlong(*ma);
1480 if (err!=TIFFReadDirEntryErrOk)
1481 break;
1482 *mb++=(int16)(*ma++);
1483 }
1484 }
1485 break;
1486 case TIFF_LONG8:
1487 {
1488 uint64* ma;
1489 int16* mb;
1490 uint32 n;
1491 ma=(uint64*)origdata;
1492 mb=data;
1493 for (n=0; n<count; n++)
1494 {
1495 if (tif->tif_flags&TIFF_SWAB)
1496 TIFFSwabLong8(ma);
1497 err=TIFFReadDirEntryCheckRangeSshortLong8(*ma);
1498 if (err!=TIFFReadDirEntryErrOk)
1499 break;
1500 *mb++=(int16)(*ma++);
1501 }
1502 }
1503 break;
1504 case TIFF_SLONG8:
1505 {
1506 int64* ma;
1507 int16* mb;
1508 uint32 n;
1509 ma=(int64*)origdata;
1510 mb=data;
1511 for (n=0; n<count; n++)
1512 {
1513 if (tif->tif_flags&TIFF_SWAB)
1514 TIFFSwabLong8((uint64*)ma);
1515 err=TIFFReadDirEntryCheckRangeSshortSlong8(*ma);
1516 if (err!=TIFFReadDirEntryErrOk)
1517 break;
1518 *mb++=(int16)(*ma++);
1519 }
1520 }
1521 break;
1522 }
1523 _TIFFfree(origdata);
1524 if (err!=TIFFReadDirEntryErrOk)
1525 {
1526 _TIFFfree(data);
1527 return(err);
1528 }
1529 *value=data;
1530 return(TIFFReadDirEntryErrOk);
1531 }
1532
TIFFReadDirEntryLongArray(TIFF * tif,TIFFDirEntry * direntry,uint32 ** value)1533 static enum TIFFReadDirEntryErr TIFFReadDirEntryLongArray(TIFF* tif, TIFFDirEntry* direntry, uint32** value)
1534 {
1535 enum TIFFReadDirEntryErr err;
1536 uint32 count;
1537 void* origdata;
1538 uint32* data;
1539 switch (direntry->tdir_type)
1540 {
1541 case TIFF_BYTE:
1542 case TIFF_SBYTE:
1543 case TIFF_SHORT:
1544 case TIFF_SSHORT:
1545 case TIFF_LONG:
1546 case TIFF_SLONG:
1547 case TIFF_LONG8:
1548 case TIFF_SLONG8:
1549 break;
1550 default:
1551 return(TIFFReadDirEntryErrType);
1552 }
1553 err=TIFFReadDirEntryArray(tif,direntry,&count,4,&origdata);
1554 if ((err!=TIFFReadDirEntryErrOk)||(origdata==0))
1555 {
1556 *value=0;
1557 return(err);
1558 }
1559 switch (direntry->tdir_type)
1560 {
1561 case TIFF_LONG:
1562 *value=(uint32*)origdata;
1563 if (tif->tif_flags&TIFF_SWAB)
1564 TIFFSwabArrayOfLong(*value,count);
1565 return(TIFFReadDirEntryErrOk);
1566 case TIFF_SLONG:
1567 {
1568 int32* m;
1569 uint32 n;
1570 m=(int32*)origdata;
1571 for (n=0; n<count; n++)
1572 {
1573 if (tif->tif_flags&TIFF_SWAB)
1574 TIFFSwabLong((uint32*)m);
1575 err=TIFFReadDirEntryCheckRangeLongSlong(*m);
1576 if (err!=TIFFReadDirEntryErrOk)
1577 {
1578 _TIFFfree(origdata);
1579 return(err);
1580 }
1581 m++;
1582 }
1583 *value=(uint32*)origdata;
1584 return(TIFFReadDirEntryErrOk);
1585 }
1586 }
1587 data=(uint32*)_TIFFmalloc(count*4);
1588 if (data==0)
1589 {
1590 _TIFFfree(origdata);
1591 return(TIFFReadDirEntryErrAlloc);
1592 }
1593 switch (direntry->tdir_type)
1594 {
1595 case TIFF_BYTE:
1596 {
1597 uint8* ma;
1598 uint32* mb;
1599 uint32 n;
1600 ma=(uint8*)origdata;
1601 mb=data;
1602 for (n=0; n<count; n++)
1603 *mb++=(uint32)(*ma++);
1604 }
1605 break;
1606 case TIFF_SBYTE:
1607 {
1608 int8* ma;
1609 uint32* mb;
1610 uint32 n;
1611 ma=(int8*)origdata;
1612 mb=data;
1613 for (n=0; n<count; n++)
1614 {
1615 err=TIFFReadDirEntryCheckRangeLongSbyte(*ma);
1616 if (err!=TIFFReadDirEntryErrOk)
1617 break;
1618 *mb++=(uint32)(*ma++);
1619 }
1620 }
1621 break;
1622 case TIFF_SHORT:
1623 {
1624 uint16* ma;
1625 uint32* mb;
1626 uint32 n;
1627 ma=(uint16*)origdata;
1628 mb=data;
1629 for (n=0; n<count; n++)
1630 {
1631 if (tif->tif_flags&TIFF_SWAB)
1632 TIFFSwabShort(ma);
1633 *mb++=(uint32)(*ma++);
1634 }
1635 }
1636 break;
1637 case TIFF_SSHORT:
1638 {
1639 int16* ma;
1640 uint32* mb;
1641 uint32 n;
1642 ma=(int16*)origdata;
1643 mb=data;
1644 for (n=0; n<count; n++)
1645 {
1646 if (tif->tif_flags&TIFF_SWAB)
1647 TIFFSwabShort((uint16*)ma);
1648 err=TIFFReadDirEntryCheckRangeLongSshort(*ma);
1649 if (err!=TIFFReadDirEntryErrOk)
1650 break;
1651 *mb++=(uint32)(*ma++);
1652 }
1653 }
1654 break;
1655 case TIFF_LONG8:
1656 {
1657 uint64* ma;
1658 uint32* mb;
1659 uint32 n;
1660 ma=(uint64*)origdata;
1661 mb=data;
1662 for (n=0; n<count; n++)
1663 {
1664 if (tif->tif_flags&TIFF_SWAB)
1665 TIFFSwabLong8(ma);
1666 err=TIFFReadDirEntryCheckRangeLongLong8(*ma);
1667 if (err!=TIFFReadDirEntryErrOk)
1668 break;
1669 *mb++=(uint32)(*ma++);
1670 }
1671 }
1672 break;
1673 case TIFF_SLONG8:
1674 {
1675 int64* ma;
1676 uint32* mb;
1677 uint32 n;
1678 ma=(int64*)origdata;
1679 mb=data;
1680 for (n=0; n<count; n++)
1681 {
1682 if (tif->tif_flags&TIFF_SWAB)
1683 TIFFSwabLong8((uint64*)ma);
1684 err=TIFFReadDirEntryCheckRangeLongSlong8(*ma);
1685 if (err!=TIFFReadDirEntryErrOk)
1686 break;
1687 *mb++=(uint32)(*ma++);
1688 }
1689 }
1690 break;
1691 }
1692 _TIFFfree(origdata);
1693 if (err!=TIFFReadDirEntryErrOk)
1694 {
1695 _TIFFfree(data);
1696 return(err);
1697 }
1698 *value=data;
1699 return(TIFFReadDirEntryErrOk);
1700 }
1701
TIFFReadDirEntrySlongArray(TIFF * tif,TIFFDirEntry * direntry,int32 ** value)1702 static enum TIFFReadDirEntryErr TIFFReadDirEntrySlongArray(TIFF* tif, TIFFDirEntry* direntry, int32** value)
1703 {
1704 enum TIFFReadDirEntryErr err;
1705 uint32 count;
1706 void* origdata;
1707 int32* data;
1708 switch (direntry->tdir_type)
1709 {
1710 case TIFF_BYTE:
1711 case TIFF_SBYTE:
1712 case TIFF_SHORT:
1713 case TIFF_SSHORT:
1714 case TIFF_LONG:
1715 case TIFF_SLONG:
1716 case TIFF_LONG8:
1717 case TIFF_SLONG8:
1718 break;
1719 default:
1720 return(TIFFReadDirEntryErrType);
1721 }
1722 err=TIFFReadDirEntryArray(tif,direntry,&count,4,&origdata);
1723 if ((err!=TIFFReadDirEntryErrOk)||(origdata==0))
1724 {
1725 *value=0;
1726 return(err);
1727 }
1728 switch (direntry->tdir_type)
1729 {
1730 case TIFF_LONG:
1731 {
1732 uint32* m;
1733 uint32 n;
1734 m=(uint32*)origdata;
1735 for (n=0; n<count; n++)
1736 {
1737 if (tif->tif_flags&TIFF_SWAB)
1738 TIFFSwabLong((uint32*)m);
1739 err=TIFFReadDirEntryCheckRangeSlongLong(*m);
1740 if (err!=TIFFReadDirEntryErrOk)
1741 {
1742 _TIFFfree(origdata);
1743 return(err);
1744 }
1745 m++;
1746 }
1747 *value=(int32*)origdata;
1748 return(TIFFReadDirEntryErrOk);
1749 }
1750 case TIFF_SLONG:
1751 *value=(int32*)origdata;
1752 if (tif->tif_flags&TIFF_SWAB)
1753 TIFFSwabArrayOfLong((uint32*)(*value),count);
1754 return(TIFFReadDirEntryErrOk);
1755 }
1756 data=(int32*)_TIFFmalloc(count*4);
1757 if (data==0)
1758 {
1759 _TIFFfree(origdata);
1760 return(TIFFReadDirEntryErrAlloc);
1761 }
1762 switch (direntry->tdir_type)
1763 {
1764 case TIFF_BYTE:
1765 {
1766 uint8* ma;
1767 int32* mb;
1768 uint32 n;
1769 ma=(uint8*)origdata;
1770 mb=data;
1771 for (n=0; n<count; n++)
1772 *mb++=(int32)(*ma++);
1773 }
1774 break;
1775 case TIFF_SBYTE:
1776 {
1777 int8* ma;
1778 int32* mb;
1779 uint32 n;
1780 ma=(int8*)origdata;
1781 mb=data;
1782 for (n=0; n<count; n++)
1783 *mb++=(int32)(*ma++);
1784 }
1785 break;
1786 case TIFF_SHORT:
1787 {
1788 uint16* ma;
1789 int32* mb;
1790 uint32 n;
1791 ma=(uint16*)origdata;
1792 mb=data;
1793 for (n=0; n<count; n++)
1794 {
1795 if (tif->tif_flags&TIFF_SWAB)
1796 TIFFSwabShort(ma);
1797 *mb++=(int32)(*ma++);
1798 }
1799 }
1800 break;
1801 case TIFF_SSHORT:
1802 {
1803 int16* ma;
1804 int32* mb;
1805 uint32 n;
1806 ma=(int16*)origdata;
1807 mb=data;
1808 for (n=0; n<count; n++)
1809 {
1810 if (tif->tif_flags&TIFF_SWAB)
1811 TIFFSwabShort((uint16*)ma);
1812 *mb++=(int32)(*ma++);
1813 }
1814 }
1815 break;
1816 case TIFF_LONG8:
1817 {
1818 uint64* ma;
1819 int32* mb;
1820 uint32 n;
1821 ma=(uint64*)origdata;
1822 mb=data;
1823 for (n=0; n<count; n++)
1824 {
1825 if (tif->tif_flags&TIFF_SWAB)
1826 TIFFSwabLong8(ma);
1827 err=TIFFReadDirEntryCheckRangeSlongLong8(*ma);
1828 if (err!=TIFFReadDirEntryErrOk)
1829 break;
1830 *mb++=(int32)(*ma++);
1831 }
1832 }
1833 break;
1834 case TIFF_SLONG8:
1835 {
1836 int64* ma;
1837 int32* mb;
1838 uint32 n;
1839 ma=(int64*)origdata;
1840 mb=data;
1841 for (n=0; n<count; n++)
1842 {
1843 if (tif->tif_flags&TIFF_SWAB)
1844 TIFFSwabLong8((uint64*)ma);
1845 err=TIFFReadDirEntryCheckRangeSlongSlong8(*ma);
1846 if (err!=TIFFReadDirEntryErrOk)
1847 break;
1848 *mb++=(int32)(*ma++);
1849 }
1850 }
1851 break;
1852 }
1853 _TIFFfree(origdata);
1854 if (err!=TIFFReadDirEntryErrOk)
1855 {
1856 _TIFFfree(data);
1857 return(err);
1858 }
1859 *value=data;
1860 return(TIFFReadDirEntryErrOk);
1861 }
1862
TIFFReadDirEntryLong8Array(TIFF * tif,TIFFDirEntry * direntry,uint64 ** value)1863 static enum TIFFReadDirEntryErr TIFFReadDirEntryLong8Array(TIFF* tif, TIFFDirEntry* direntry, uint64** value)
1864 {
1865 enum TIFFReadDirEntryErr err;
1866 uint32 count;
1867 void* origdata;
1868 uint64* data;
1869 switch (direntry->tdir_type)
1870 {
1871 case TIFF_BYTE:
1872 case TIFF_SBYTE:
1873 case TIFF_SHORT:
1874 case TIFF_SSHORT:
1875 case TIFF_LONG:
1876 case TIFF_SLONG:
1877 case TIFF_LONG8:
1878 case TIFF_SLONG8:
1879 break;
1880 default:
1881 return(TIFFReadDirEntryErrType);
1882 }
1883 err=TIFFReadDirEntryArray(tif,direntry,&count,8,&origdata);
1884 if ((err!=TIFFReadDirEntryErrOk)||(origdata==0))
1885 {
1886 *value=0;
1887 return(err);
1888 }
1889 switch (direntry->tdir_type)
1890 {
1891 case TIFF_LONG8:
1892 *value=(uint64*)origdata;
1893 if (tif->tif_flags&TIFF_SWAB)
1894 TIFFSwabArrayOfLong8(*value,count);
1895 return(TIFFReadDirEntryErrOk);
1896 case TIFF_SLONG8:
1897 {
1898 int64* m;
1899 uint32 n;
1900 m=(int64*)origdata;
1901 for (n=0; n<count; n++)
1902 {
1903 if (tif->tif_flags&TIFF_SWAB)
1904 TIFFSwabLong8((uint64*)m);
1905 err=TIFFReadDirEntryCheckRangeLong8Slong8(*m);
1906 if (err!=TIFFReadDirEntryErrOk)
1907 {
1908 _TIFFfree(origdata);
1909 return(err);
1910 }
1911 m++;
1912 }
1913 *value=(uint64*)origdata;
1914 return(TIFFReadDirEntryErrOk);
1915 }
1916 }
1917 data=(uint64*)_TIFFmalloc(count*8);
1918 if (data==0)
1919 {
1920 _TIFFfree(origdata);
1921 return(TIFFReadDirEntryErrAlloc);
1922 }
1923 switch (direntry->tdir_type)
1924 {
1925 case TIFF_BYTE:
1926 {
1927 uint8* ma;
1928 uint64* mb;
1929 uint32 n;
1930 ma=(uint8*)origdata;
1931 mb=data;
1932 for (n=0; n<count; n++)
1933 *mb++=(uint64)(*ma++);
1934 }
1935 break;
1936 case TIFF_SBYTE:
1937 {
1938 int8* ma;
1939 uint64* mb;
1940 uint32 n;
1941 ma=(int8*)origdata;
1942 mb=data;
1943 for (n=0; n<count; n++)
1944 {
1945 err=TIFFReadDirEntryCheckRangeLong8Sbyte(*ma);
1946 if (err!=TIFFReadDirEntryErrOk)
1947 break;
1948 *mb++=(uint64)(*ma++);
1949 }
1950 }
1951 break;
1952 case TIFF_SHORT:
1953 {
1954 uint16* ma;
1955 uint64* mb;
1956 uint32 n;
1957 ma=(uint16*)origdata;
1958 mb=data;
1959 for (n=0; n<count; n++)
1960 {
1961 if (tif->tif_flags&TIFF_SWAB)
1962 TIFFSwabShort(ma);
1963 *mb++=(uint64)(*ma++);
1964 }
1965 }
1966 break;
1967 case TIFF_SSHORT:
1968 {
1969 int16* ma;
1970 uint64* mb;
1971 uint32 n;
1972 ma=(int16*)origdata;
1973 mb=data;
1974 for (n=0; n<count; n++)
1975 {
1976 if (tif->tif_flags&TIFF_SWAB)
1977 TIFFSwabShort((uint16*)ma);
1978 err=TIFFReadDirEntryCheckRangeLong8Sshort(*ma);
1979 if (err!=TIFFReadDirEntryErrOk)
1980 break;
1981 *mb++=(uint64)(*ma++);
1982 }
1983 }
1984 break;
1985 case TIFF_LONG:
1986 {
1987 uint32* ma;
1988 uint64* mb;
1989 uint32 n;
1990 ma=(uint32*)origdata;
1991 mb=data;
1992 for (n=0; n<count; n++)
1993 {
1994 if (tif->tif_flags&TIFF_SWAB)
1995 TIFFSwabLong(ma);
1996 *mb++=(uint64)(*ma++);
1997 }
1998 }
1999 break;
2000 case TIFF_SLONG:
2001 {
2002 int32* ma;
2003 uint64* mb;
2004 uint32 n;
2005 ma=(int32*)origdata;
2006 mb=data;
2007 for (n=0; n<count; n++)
2008 {
2009 if (tif->tif_flags&TIFF_SWAB)
2010 TIFFSwabLong((uint32*)ma);
2011 err=TIFFReadDirEntryCheckRangeLong8Slong(*ma);
2012 if (err!=TIFFReadDirEntryErrOk)
2013 break;
2014 *mb++=(uint64)(*ma++);
2015 }
2016 }
2017 break;
2018 }
2019 _TIFFfree(origdata);
2020 if (err!=TIFFReadDirEntryErrOk)
2021 {
2022 _TIFFfree(data);
2023 return(err);
2024 }
2025 *value=data;
2026 return(TIFFReadDirEntryErrOk);
2027 }
2028
TIFFReadDirEntrySlong8Array(TIFF * tif,TIFFDirEntry * direntry,int64 ** value)2029 static enum TIFFReadDirEntryErr TIFFReadDirEntrySlong8Array(TIFF* tif, TIFFDirEntry* direntry, int64** value)
2030 {
2031 enum TIFFReadDirEntryErr err;
2032 uint32 count;
2033 void* origdata;
2034 int64* data;
2035 switch (direntry->tdir_type)
2036 {
2037 case TIFF_BYTE:
2038 case TIFF_SBYTE:
2039 case TIFF_SHORT:
2040 case TIFF_SSHORT:
2041 case TIFF_LONG:
2042 case TIFF_SLONG:
2043 case TIFF_LONG8:
2044 case TIFF_SLONG8:
2045 break;
2046 default:
2047 return(TIFFReadDirEntryErrType);
2048 }
2049 err=TIFFReadDirEntryArray(tif,direntry,&count,8,&origdata);
2050 if ((err!=TIFFReadDirEntryErrOk)||(origdata==0))
2051 {
2052 *value=0;
2053 return(err);
2054 }
2055 switch (direntry->tdir_type)
2056 {
2057 case TIFF_LONG8:
2058 {
2059 uint64* m;
2060 uint32 n;
2061 m=(uint64*)origdata;
2062 for (n=0; n<count; n++)
2063 {
2064 if (tif->tif_flags&TIFF_SWAB)
2065 TIFFSwabLong8(m);
2066 err=TIFFReadDirEntryCheckRangeSlong8Long8(*m);
2067 if (err!=TIFFReadDirEntryErrOk)
2068 {
2069 _TIFFfree(origdata);
2070 return(err);
2071 }
2072 m++;
2073 }
2074 *value=(int64*)origdata;
2075 return(TIFFReadDirEntryErrOk);
2076 }
2077 case TIFF_SLONG8:
2078 *value=(int64*)origdata;
2079 if (tif->tif_flags&TIFF_SWAB)
2080 TIFFSwabArrayOfLong8((uint64*)(*value),count);
2081 return(TIFFReadDirEntryErrOk);
2082 }
2083 data=(int64*)_TIFFmalloc(count*8);
2084 if (data==0)
2085 {
2086 _TIFFfree(origdata);
2087 return(TIFFReadDirEntryErrAlloc);
2088 }
2089 switch (direntry->tdir_type)
2090 {
2091 case TIFF_BYTE:
2092 {
2093 uint8* ma;
2094 int64* mb;
2095 uint32 n;
2096 ma=(uint8*)origdata;
2097 mb=data;
2098 for (n=0; n<count; n++)
2099 *mb++=(int64)(*ma++);
2100 }
2101 break;
2102 case TIFF_SBYTE:
2103 {
2104 int8* ma;
2105 int64* mb;
2106 uint32 n;
2107 ma=(int8*)origdata;
2108 mb=data;
2109 for (n=0; n<count; n++)
2110 *mb++=(int64)(*ma++);
2111 }
2112 break;
2113 case TIFF_SHORT:
2114 {
2115 uint16* ma;
2116 int64* mb;
2117 uint32 n;
2118 ma=(uint16*)origdata;
2119 mb=data;
2120 for (n=0; n<count; n++)
2121 {
2122 if (tif->tif_flags&TIFF_SWAB)
2123 TIFFSwabShort(ma);
2124 *mb++=(int64)(*ma++);
2125 }
2126 }
2127 break;
2128 case TIFF_SSHORT:
2129 {
2130 int16* ma;
2131 int64* mb;
2132 uint32 n;
2133 ma=(int16*)origdata;
2134 mb=data;
2135 for (n=0; n<count; n++)
2136 {
2137 if (tif->tif_flags&TIFF_SWAB)
2138 TIFFSwabShort((uint16*)ma);
2139 *mb++=(int64)(*ma++);
2140 }
2141 }
2142 break;
2143 case TIFF_LONG:
2144 {
2145 uint32* ma;
2146 int64* mb;
2147 uint32 n;
2148 ma=(uint32*)origdata;
2149 mb=data;
2150 for (n=0; n<count; n++)
2151 {
2152 if (tif->tif_flags&TIFF_SWAB)
2153 TIFFSwabLong(ma);
2154 *mb++=(int64)(*ma++);
2155 }
2156 }
2157 break;
2158 case TIFF_SLONG:
2159 {
2160 int32* ma;
2161 int64* mb;
2162 uint32 n;
2163 ma=(int32*)origdata;
2164 mb=data;
2165 for (n=0; n<count; n++)
2166 {
2167 if (tif->tif_flags&TIFF_SWAB)
2168 TIFFSwabLong((uint32*)ma);
2169 *mb++=(int64)(*ma++);
2170 }
2171 }
2172 break;
2173 }
2174 _TIFFfree(origdata);
2175 *value=data;
2176 return(TIFFReadDirEntryErrOk);
2177 }
2178
TIFFReadDirEntryFloatArray(TIFF * tif,TIFFDirEntry * direntry,float ** value)2179 static enum TIFFReadDirEntryErr TIFFReadDirEntryFloatArray(TIFF* tif, TIFFDirEntry* direntry, float** value)
2180 {
2181 enum TIFFReadDirEntryErr err;
2182 uint32 count;
2183 void* origdata;
2184 float* data;
2185 switch (direntry->tdir_type)
2186 {
2187 case TIFF_BYTE:
2188 case TIFF_SBYTE:
2189 case TIFF_SHORT:
2190 case TIFF_SSHORT:
2191 case TIFF_LONG:
2192 case TIFF_SLONG:
2193 case TIFF_LONG8:
2194 case TIFF_SLONG8:
2195 case TIFF_RATIONAL:
2196 case TIFF_SRATIONAL:
2197 case TIFF_FLOAT:
2198 case TIFF_DOUBLE:
2199 break;
2200 default:
2201 return(TIFFReadDirEntryErrType);
2202 }
2203 err=TIFFReadDirEntryArray(tif,direntry,&count,4,&origdata);
2204 if ((err!=TIFFReadDirEntryErrOk)||(origdata==0))
2205 {
2206 *value=0;
2207 return(err);
2208 }
2209 switch (direntry->tdir_type)
2210 {
2211 case TIFF_FLOAT:
2212 if (tif->tif_flags&TIFF_SWAB)
2213 TIFFSwabArrayOfLong((uint32*)origdata,count);
2214 TIFFCvtIEEEDoubleToNative(tif,count,(float*)origdata);
2215 *value=(float*)origdata;
2216 return(TIFFReadDirEntryErrOk);
2217 }
2218 data=(float*)_TIFFmalloc(count*sizeof(float));
2219 if (data==0)
2220 {
2221 _TIFFfree(origdata);
2222 return(TIFFReadDirEntryErrAlloc);
2223 }
2224 switch (direntry->tdir_type)
2225 {
2226 case TIFF_BYTE:
2227 {
2228 uint8* ma;
2229 float* mb;
2230 uint32 n;
2231 ma=(uint8*)origdata;
2232 mb=data;
2233 for (n=0; n<count; n++)
2234 *mb++=(float)(*ma++);
2235 }
2236 break;
2237 case TIFF_SBYTE:
2238 {
2239 int8* ma;
2240 float* mb;
2241 uint32 n;
2242 ma=(int8*)origdata;
2243 mb=data;
2244 for (n=0; n<count; n++)
2245 *mb++=(float)(*ma++);
2246 }
2247 break;
2248 case TIFF_SHORT:
2249 {
2250 uint16* ma;
2251 float* mb;
2252 uint32 n;
2253 ma=(uint16*)origdata;
2254 mb=data;
2255 for (n=0; n<count; n++)
2256 {
2257 if (tif->tif_flags&TIFF_SWAB)
2258 TIFFSwabShort(ma);
2259 *mb++=(float)(*ma++);
2260 }
2261 }
2262 break;
2263 case TIFF_SSHORT:
2264 {
2265 int16* ma;
2266 float* mb;
2267 uint32 n;
2268 ma=(int16*)origdata;
2269 mb=data;
2270 for (n=0; n<count; n++)
2271 {
2272 if (tif->tif_flags&TIFF_SWAB)
2273 TIFFSwabShort((uint16*)ma);
2274 *mb++=(float)(*ma++);
2275 }
2276 }
2277 break;
2278 case TIFF_LONG:
2279 {
2280 uint32* ma;
2281 float* mb;
2282 uint32 n;
2283 ma=(uint32*)origdata;
2284 mb=data;
2285 for (n=0; n<count; n++)
2286 {
2287 if (tif->tif_flags&TIFF_SWAB)
2288 TIFFSwabLong(ma);
2289 *mb++=(float)(*ma++);
2290 }
2291 }
2292 break;
2293 case TIFF_SLONG:
2294 {
2295 int32* ma;
2296 float* mb;
2297 uint32 n;
2298 ma=(int32*)origdata;
2299 mb=data;
2300 for (n=0; n<count; n++)
2301 {
2302 if (tif->tif_flags&TIFF_SWAB)
2303 TIFFSwabLong((uint32*)ma);
2304 *mb++=(float)(*ma++);
2305 }
2306 }
2307 break;
2308 case TIFF_LONG8:
2309 {
2310 uint64* ma;
2311 float* mb;
2312 uint32 n;
2313 ma=(uint64*)origdata;
2314 mb=data;
2315 for (n=0; n<count; n++)
2316 {
2317 if (tif->tif_flags&TIFF_SWAB)
2318 TIFFSwabLong8(ma);
2319 #if defined(__WIN32__) && (_MSC_VER < 1500)
2320 /*
2321 * XXX: MSVC 6.0 does not support
2322 * conversion of 64-bit integers into
2323 * floating point values.
2324 */
2325 *mb++ = _TIFFUInt64ToFloat(*ma++);
2326 #else
2327 *mb++ = (float)(*ma++);
2328 #endif
2329 }
2330 }
2331 break;
2332 case TIFF_SLONG8:
2333 {
2334 int64* ma;
2335 float* mb;
2336 uint32 n;
2337 ma=(int64*)origdata;
2338 mb=data;
2339 for (n=0; n<count; n++)
2340 {
2341 if (tif->tif_flags&TIFF_SWAB)
2342 TIFFSwabLong8((uint64*)ma);
2343 *mb++=(float)(*ma++);
2344 }
2345 }
2346 break;
2347 case TIFF_RATIONAL:
2348 {
2349 uint32* ma;
2350 uint32 maa;
2351 uint32 mab;
2352 float* mb;
2353 uint32 n;
2354 ma=(uint32*)origdata;
2355 mb=data;
2356 for (n=0; n<count; n++)
2357 {
2358 if (tif->tif_flags&TIFF_SWAB)
2359 TIFFSwabLong(ma);
2360 maa=*ma++;
2361 if (tif->tif_flags&TIFF_SWAB)
2362 TIFFSwabLong(ma);
2363 mab=*ma++;
2364 if (mab==0)
2365 *mb++=0.0;
2366 else
2367 *mb++=(float)maa/(float)mab;
2368 }
2369 }
2370 break;
2371 case TIFF_SRATIONAL:
2372 {
2373 uint32* ma;
2374 int32 maa;
2375 uint32 mab;
2376 float* mb;
2377 uint32 n;
2378 ma=(uint32*)origdata;
2379 mb=data;
2380 for (n=0; n<count; n++)
2381 {
2382 if (tif->tif_flags&TIFF_SWAB)
2383 TIFFSwabLong(ma);
2384 maa=*(int32*)ma;
2385 ma++;
2386 if (tif->tif_flags&TIFF_SWAB)
2387 TIFFSwabLong(ma);
2388 mab=*ma++;
2389 if (mab==0)
2390 *mb++=0.0;
2391 else
2392 *mb++=(float)maa/(float)mab;
2393 }
2394 }
2395 break;
2396 case TIFF_DOUBLE:
2397 {
2398 double* ma;
2399 float* mb;
2400 uint32 n;
2401 if (tif->tif_flags&TIFF_SWAB)
2402 TIFFSwabArrayOfLong8((uint64*)origdata,count);
2403 TIFFCvtIEEEDoubleToNative(tif,count,(double*)origdata);
2404 ma=(double*)origdata;
2405 mb=data;
2406 for (n=0; n<count; n++)
2407 *mb++=(float)(*ma++);
2408 }
2409 break;
2410 }
2411 _TIFFfree(origdata);
2412 *value=data;
2413 return(TIFFReadDirEntryErrOk);
2414 }
2415
2416 static enum TIFFReadDirEntryErr
TIFFReadDirEntryDoubleArray(TIFF * tif,TIFFDirEntry * direntry,double ** value)2417 TIFFReadDirEntryDoubleArray(TIFF* tif, TIFFDirEntry* direntry, double** value)
2418 {
2419 enum TIFFReadDirEntryErr err;
2420 uint32 count;
2421 void* origdata;
2422 double* data;
2423 switch (direntry->tdir_type)
2424 {
2425 case TIFF_BYTE:
2426 case TIFF_SBYTE:
2427 case TIFF_SHORT:
2428 case TIFF_SSHORT:
2429 case TIFF_LONG:
2430 case TIFF_SLONG:
2431 case TIFF_LONG8:
2432 case TIFF_SLONG8:
2433 case TIFF_RATIONAL:
2434 case TIFF_SRATIONAL:
2435 case TIFF_FLOAT:
2436 case TIFF_DOUBLE:
2437 break;
2438 default:
2439 return(TIFFReadDirEntryErrType);
2440 }
2441 err=TIFFReadDirEntryArray(tif,direntry,&count,8,&origdata);
2442 if ((err!=TIFFReadDirEntryErrOk)||(origdata==0))
2443 {
2444 *value=0;
2445 return(err);
2446 }
2447 switch (direntry->tdir_type)
2448 {
2449 case TIFF_DOUBLE:
2450 if (tif->tif_flags&TIFF_SWAB)
2451 TIFFSwabArrayOfLong8((uint64*)origdata,count);
2452 TIFFCvtIEEEDoubleToNative(tif,count,(double*)origdata);
2453 *value=(double*)origdata;
2454 return(TIFFReadDirEntryErrOk);
2455 }
2456 data=(double*)_TIFFmalloc(count*sizeof(double));
2457 if (data==0)
2458 {
2459 _TIFFfree(origdata);
2460 return(TIFFReadDirEntryErrAlloc);
2461 }
2462 switch (direntry->tdir_type)
2463 {
2464 case TIFF_BYTE:
2465 {
2466 uint8* ma;
2467 double* mb;
2468 uint32 n;
2469 ma=(uint8*)origdata;
2470 mb=data;
2471 for (n=0; n<count; n++)
2472 *mb++=(double)(*ma++);
2473 }
2474 break;
2475 case TIFF_SBYTE:
2476 {
2477 int8* ma;
2478 double* mb;
2479 uint32 n;
2480 ma=(int8*)origdata;
2481 mb=data;
2482 for (n=0; n<count; n++)
2483 *mb++=(double)(*ma++);
2484 }
2485 break;
2486 case TIFF_SHORT:
2487 {
2488 uint16* ma;
2489 double* mb;
2490 uint32 n;
2491 ma=(uint16*)origdata;
2492 mb=data;
2493 for (n=0; n<count; n++)
2494 {
2495 if (tif->tif_flags&TIFF_SWAB)
2496 TIFFSwabShort(ma);
2497 *mb++=(double)(*ma++);
2498 }
2499 }
2500 break;
2501 case TIFF_SSHORT:
2502 {
2503 int16* ma;
2504 double* mb;
2505 uint32 n;
2506 ma=(int16*)origdata;
2507 mb=data;
2508 for (n=0; n<count; n++)
2509 {
2510 if (tif->tif_flags&TIFF_SWAB)
2511 TIFFSwabShort((uint16*)ma);
2512 *mb++=(double)(*ma++);
2513 }
2514 }
2515 break;
2516 case TIFF_LONG:
2517 {
2518 uint32* ma;
2519 double* mb;
2520 uint32 n;
2521 ma=(uint32*)origdata;
2522 mb=data;
2523 for (n=0; n<count; n++)
2524 {
2525 if (tif->tif_flags&TIFF_SWAB)
2526 TIFFSwabLong(ma);
2527 *mb++=(double)(*ma++);
2528 }
2529 }
2530 break;
2531 case TIFF_SLONG:
2532 {
2533 int32* ma;
2534 double* mb;
2535 uint32 n;
2536 ma=(int32*)origdata;
2537 mb=data;
2538 for (n=0; n<count; n++)
2539 {
2540 if (tif->tif_flags&TIFF_SWAB)
2541 TIFFSwabLong((uint32*)ma);
2542 *mb++=(double)(*ma++);
2543 }
2544 }
2545 break;
2546 case TIFF_LONG8:
2547 {
2548 uint64* ma;
2549 double* mb;
2550 uint32 n;
2551 ma=(uint64*)origdata;
2552 mb=data;
2553 for (n=0; n<count; n++)
2554 {
2555 if (tif->tif_flags&TIFF_SWAB)
2556 TIFFSwabLong8(ma);
2557 #if defined(__WIN32__) && (_MSC_VER < 1500)
2558 /*
2559 * XXX: MSVC 6.0 does not support
2560 * conversion of 64-bit integers into
2561 * floating point values.
2562 */
2563 *mb++ = _TIFFUInt64ToDouble(*ma++);
2564 #else
2565 *mb++ = (double)(*ma++);
2566 #endif
2567 }
2568 }
2569 break;
2570 case TIFF_SLONG8:
2571 {
2572 int64* ma;
2573 double* mb;
2574 uint32 n;
2575 ma=(int64*)origdata;
2576 mb=data;
2577 for (n=0; n<count; n++)
2578 {
2579 if (tif->tif_flags&TIFF_SWAB)
2580 TIFFSwabLong8((uint64*)ma);
2581 *mb++=(double)(*ma++);
2582 }
2583 }
2584 break;
2585 case TIFF_RATIONAL:
2586 {
2587 uint32* ma;
2588 uint32 maa;
2589 uint32 mab;
2590 double* mb;
2591 uint32 n;
2592 ma=(uint32*)origdata;
2593 mb=data;
2594 for (n=0; n<count; n++)
2595 {
2596 if (tif->tif_flags&TIFF_SWAB)
2597 TIFFSwabLong(ma);
2598 maa=*ma++;
2599 if (tif->tif_flags&TIFF_SWAB)
2600 TIFFSwabLong(ma);
2601 mab=*ma++;
2602 if (mab==0)
2603 *mb++=0.0;
2604 else
2605 *mb++=(double)maa/(double)mab;
2606 }
2607 }
2608 break;
2609 case TIFF_SRATIONAL:
2610 {
2611 uint32* ma;
2612 int32 maa;
2613 uint32 mab;
2614 double* mb;
2615 uint32 n;
2616 ma=(uint32*)origdata;
2617 mb=data;
2618 for (n=0; n<count; n++)
2619 {
2620 if (tif->tif_flags&TIFF_SWAB)
2621 TIFFSwabLong(ma);
2622 maa=*(int32*)ma;
2623 ma++;
2624 if (tif->tif_flags&TIFF_SWAB)
2625 TIFFSwabLong(ma);
2626 mab=*ma++;
2627 if (mab==0)
2628 *mb++=0.0;
2629 else
2630 *mb++=(double)maa/(double)mab;
2631 }
2632 }
2633 break;
2634 case TIFF_FLOAT:
2635 {
2636 float* ma;
2637 double* mb;
2638 uint32 n;
2639 if (tif->tif_flags&TIFF_SWAB)
2640 TIFFSwabArrayOfLong((uint32*)origdata,count);
2641 TIFFCvtIEEEFloatToNative(tif,count,(float*)origdata);
2642 ma=(float*)origdata;
2643 mb=data;
2644 for (n=0; n<count; n++)
2645 *mb++=(double)(*ma++);
2646 }
2647 break;
2648 }
2649 _TIFFfree(origdata);
2650 *value=data;
2651 return(TIFFReadDirEntryErrOk);
2652 }
2653
TIFFReadDirEntryIfd8Array(TIFF * tif,TIFFDirEntry * direntry,uint64 ** value)2654 static enum TIFFReadDirEntryErr TIFFReadDirEntryIfd8Array(TIFF* tif, TIFFDirEntry* direntry, uint64** value)
2655 {
2656 enum TIFFReadDirEntryErr err;
2657 uint32 count;
2658 void* origdata;
2659 uint64* data;
2660 switch (direntry->tdir_type)
2661 {
2662 case TIFF_LONG:
2663 case TIFF_LONG8:
2664 case TIFF_IFD:
2665 case TIFF_IFD8:
2666 break;
2667 default:
2668 return(TIFFReadDirEntryErrType);
2669 }
2670 err=TIFFReadDirEntryArray(tif,direntry,&count,8,&origdata);
2671 if ((err!=TIFFReadDirEntryErrOk)||(origdata==0))
2672 {
2673 *value=0;
2674 return(err);
2675 }
2676 switch (direntry->tdir_type)
2677 {
2678 case TIFF_LONG8:
2679 case TIFF_IFD8:
2680 *value=(uint64*)origdata;
2681 if (tif->tif_flags&TIFF_SWAB)
2682 TIFFSwabArrayOfLong8(*value,count);
2683 return(TIFFReadDirEntryErrOk);
2684 }
2685 data=(uint64*)_TIFFmalloc(count*8);
2686 if (data==0)
2687 {
2688 _TIFFfree(origdata);
2689 return(TIFFReadDirEntryErrAlloc);
2690 }
2691 switch (direntry->tdir_type)
2692 {
2693 case TIFF_LONG:
2694 case TIFF_IFD:
2695 {
2696 uint32* ma;
2697 uint64* mb;
2698 uint32 n;
2699 ma=(uint32*)origdata;
2700 mb=data;
2701 for (n=0; n<count; n++)
2702 {
2703 if (tif->tif_flags&TIFF_SWAB)
2704 TIFFSwabLong(ma);
2705 *mb++=(uint64)(*ma++);
2706 }
2707 }
2708 break;
2709 }
2710 _TIFFfree(origdata);
2711 *value=data;
2712 return(TIFFReadDirEntryErrOk);
2713 }
2714
TIFFReadDirEntryPersampleShort(TIFF * tif,TIFFDirEntry * direntry,uint16 * value)2715 static enum TIFFReadDirEntryErr TIFFReadDirEntryPersampleShort(TIFF* tif, TIFFDirEntry* direntry, uint16* value)
2716 {
2717 enum TIFFReadDirEntryErr err;
2718 uint16* m;
2719 uint16* na;
2720 uint16 nb;
2721 if (direntry->tdir_count<(uint64)tif->tif_dir.td_samplesperpixel)
2722 return(TIFFReadDirEntryErrCount);
2723 err=TIFFReadDirEntryShortArray(tif,direntry,&m);
2724 if (err!=TIFFReadDirEntryErrOk)
2725 return(err);
2726 na=m;
2727 nb=tif->tif_dir.td_samplesperpixel;
2728 *value=*na++;
2729 nb--;
2730 while (nb>0)
2731 {
2732 if (*na++!=*value)
2733 {
2734 err=TIFFReadDirEntryErrPsdif;
2735 break;
2736 }
2737 nb--;
2738 }
2739 _TIFFfree(m);
2740 return(err);
2741 }
2742
2743 #if 0
2744 static enum TIFFReadDirEntryErr TIFFReadDirEntryPersampleDouble(TIFF* tif, TIFFDirEntry* direntry, double* value)
2745 {
2746 enum TIFFReadDirEntryErr err;
2747 double* m;
2748 double* na;
2749 uint16 nb;
2750 if (direntry->tdir_count<(uint64)tif->tif_dir.td_samplesperpixel)
2751 return(TIFFReadDirEntryErrCount);
2752 err=TIFFReadDirEntryDoubleArray(tif,direntry,&m);
2753 if (err!=TIFFReadDirEntryErrOk)
2754 return(err);
2755 na=m;
2756 nb=tif->tif_dir.td_samplesperpixel;
2757 *value=*na++;
2758 nb--;
2759 while (nb>0)
2760 {
2761 if (*na++!=*value)
2762 {
2763 err=TIFFReadDirEntryErrPsdif;
2764 break;
2765 }
2766 nb--;
2767 }
2768 _TIFFfree(m);
2769 return(err);
2770 }
2771 #endif
2772
TIFFReadDirEntryCheckedByte(TIFF * tif,TIFFDirEntry * direntry,uint8 * value)2773 static void TIFFReadDirEntryCheckedByte(TIFF* tif, TIFFDirEntry* direntry, uint8* value)
2774 {
2775 (void) tif;
2776 *value=*(uint8*)(&direntry->tdir_offset);
2777 }
2778
TIFFReadDirEntryCheckedSbyte(TIFF * tif,TIFFDirEntry * direntry,int8 * value)2779 static void TIFFReadDirEntryCheckedSbyte(TIFF* tif, TIFFDirEntry* direntry, int8* value)
2780 {
2781 (void) tif;
2782 *value=*(int8*)(&direntry->tdir_offset);
2783 }
2784
TIFFReadDirEntryCheckedShort(TIFF * tif,TIFFDirEntry * direntry,uint16 * value)2785 static void TIFFReadDirEntryCheckedShort(TIFF* tif, TIFFDirEntry* direntry, uint16* value)
2786 {
2787 *value = direntry->tdir_offset.toff_short;
2788 /* *value=*(uint16*)(&direntry->tdir_offset); */
2789 if (tif->tif_flags&TIFF_SWAB)
2790 TIFFSwabShort(value);
2791 }
2792
TIFFReadDirEntryCheckedSshort(TIFF * tif,TIFFDirEntry * direntry,int16 * value)2793 static void TIFFReadDirEntryCheckedSshort(TIFF* tif, TIFFDirEntry* direntry, int16* value)
2794 {
2795 *value=*(int16*)(&direntry->tdir_offset);
2796 if (tif->tif_flags&TIFF_SWAB)
2797 TIFFSwabShort((uint16*)value);
2798 }
2799
TIFFReadDirEntryCheckedLong(TIFF * tif,TIFFDirEntry * direntry,uint32 * value)2800 static void TIFFReadDirEntryCheckedLong(TIFF* tif, TIFFDirEntry* direntry, uint32* value)
2801 {
2802 *value=*(uint32*)(&direntry->tdir_offset);
2803 if (tif->tif_flags&TIFF_SWAB)
2804 TIFFSwabLong(value);
2805 }
2806
TIFFReadDirEntryCheckedSlong(TIFF * tif,TIFFDirEntry * direntry,int32 * value)2807 static void TIFFReadDirEntryCheckedSlong(TIFF* tif, TIFFDirEntry* direntry, int32* value)
2808 {
2809 *value=*(int32*)(&direntry->tdir_offset);
2810 if (tif->tif_flags&TIFF_SWAB)
2811 TIFFSwabLong((uint32*)value);
2812 }
2813
TIFFReadDirEntryCheckedLong8(TIFF * tif,TIFFDirEntry * direntry,uint64 * value)2814 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckedLong8(TIFF* tif, TIFFDirEntry* direntry, uint64* value)
2815 {
2816 if (!(tif->tif_flags&TIFF_BIGTIFF))
2817 {
2818 enum TIFFReadDirEntryErr err;
2819 uint32 offset = direntry->tdir_offset.toff_long;
2820 if (tif->tif_flags&TIFF_SWAB)
2821 TIFFSwabLong(&offset);
2822 err=TIFFReadDirEntryData(tif,offset,8,value);
2823 if (err!=TIFFReadDirEntryErrOk)
2824 return(err);
2825 }
2826 else
2827 *value = direntry->tdir_offset.toff_long8;
2828 if (tif->tif_flags&TIFF_SWAB)
2829 TIFFSwabLong8(value);
2830 return(TIFFReadDirEntryErrOk);
2831 }
2832
TIFFReadDirEntryCheckedSlong8(TIFF * tif,TIFFDirEntry * direntry,int64 * value)2833 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckedSlong8(TIFF* tif, TIFFDirEntry* direntry, int64* value)
2834 {
2835 if (!(tif->tif_flags&TIFF_BIGTIFF))
2836 {
2837 enum TIFFReadDirEntryErr err;
2838 uint32 offset = direntry->tdir_offset.toff_long;
2839 if (tif->tif_flags&TIFF_SWAB)
2840 TIFFSwabLong(&offset);
2841 err=TIFFReadDirEntryData(tif,offset,8,value);
2842 if (err!=TIFFReadDirEntryErrOk)
2843 return(err);
2844 }
2845 else
2846 *value=*(int64*)(&direntry->tdir_offset);
2847 if (tif->tif_flags&TIFF_SWAB)
2848 TIFFSwabLong8((uint64*)value);
2849 return(TIFFReadDirEntryErrOk);
2850 }
2851
TIFFReadDirEntryCheckedRational(TIFF * tif,TIFFDirEntry * direntry,double * value)2852 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckedRational(TIFF* tif, TIFFDirEntry* direntry, double* value)
2853 {
2854 UInt64Aligned_t m;
2855
2856 assert(sizeof(double)==8);
2857 assert(sizeof(uint64)==8);
2858 assert(sizeof(uint32)==4);
2859 if (!(tif->tif_flags&TIFF_BIGTIFF))
2860 {
2861 enum TIFFReadDirEntryErr err;
2862 uint32 offset = direntry->tdir_offset.toff_long;
2863 if (tif->tif_flags&TIFF_SWAB)
2864 TIFFSwabLong(&offset);
2865 err=TIFFReadDirEntryData(tif,offset,8,m.i);
2866 if (err!=TIFFReadDirEntryErrOk)
2867 return(err);
2868 }
2869 else
2870 m.l = direntry->tdir_offset.toff_long8;
2871 if (tif->tif_flags&TIFF_SWAB)
2872 TIFFSwabArrayOfLong(m.i,2);
2873 if (m.i[0]==0)
2874 *value=0.0;
2875 else
2876 *value=(double)m.i[0]/(double)m.i[1];
2877 return(TIFFReadDirEntryErrOk);
2878 }
2879
TIFFReadDirEntryCheckedSrational(TIFF * tif,TIFFDirEntry * direntry,double * value)2880 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckedSrational(TIFF* tif, TIFFDirEntry* direntry, double* value)
2881 {
2882 UInt64Aligned_t m;
2883 assert(sizeof(double)==8);
2884 assert(sizeof(uint64)==8);
2885 assert(sizeof(int32)==4);
2886 assert(sizeof(uint32)==4);
2887 if (!(tif->tif_flags&TIFF_BIGTIFF))
2888 {
2889 enum TIFFReadDirEntryErr err;
2890 uint32 offset = direntry->tdir_offset.toff_long;
2891 if (tif->tif_flags&TIFF_SWAB)
2892 TIFFSwabLong(&offset);
2893 err=TIFFReadDirEntryData(tif,offset,8,m.i);
2894 if (err!=TIFFReadDirEntryErrOk)
2895 return(err);
2896 }
2897 else
2898 m.l=direntry->tdir_offset.toff_long8;
2899 if (tif->tif_flags&TIFF_SWAB)
2900 TIFFSwabArrayOfLong(m.i,2);
2901 if ((int32)m.i[0]==0)
2902 *value=0.0;
2903 else
2904 *value=(double)((int32)m.i[0])/(double)m.i[1];
2905 return(TIFFReadDirEntryErrOk);
2906 }
2907
TIFFReadDirEntryCheckedFloat(TIFF * tif,TIFFDirEntry * direntry,float * value)2908 static void TIFFReadDirEntryCheckedFloat(TIFF* tif, TIFFDirEntry* direntry, float* value)
2909 {
2910 union
2911 {
2912 float f;
2913 uint32 i;
2914 } float_union;
2915 assert(sizeof(float)==4);
2916 assert(sizeof(uint32)==4);
2917 assert(sizeof(float_union)==4);
2918 float_union.i=*(uint32*)(&direntry->tdir_offset);
2919 *value=float_union.f;
2920 if (tif->tif_flags&TIFF_SWAB)
2921 TIFFSwabLong((uint32*)value);
2922 }
2923
TIFFReadDirEntryCheckedDouble(TIFF * tif,TIFFDirEntry * direntry,double * value)2924 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckedDouble(TIFF* tif, TIFFDirEntry* direntry, double* value)
2925 {
2926 assert(sizeof(double)==8);
2927 assert(sizeof(uint64)==8);
2928 assert(sizeof(UInt64Aligned_t)==8);
2929 if (!(tif->tif_flags&TIFF_BIGTIFF))
2930 {
2931 enum TIFFReadDirEntryErr err;
2932 uint32 offset = direntry->tdir_offset.toff_long;
2933 if (tif->tif_flags&TIFF_SWAB)
2934 TIFFSwabLong(&offset);
2935 err=TIFFReadDirEntryData(tif,offset,8,value);
2936 if (err!=TIFFReadDirEntryErrOk)
2937 return(err);
2938 }
2939 else
2940 {
2941 UInt64Aligned_t uint64_union;
2942 uint64_union.l=direntry->tdir_offset.toff_long8;
2943 *value=uint64_union.d;
2944 }
2945 if (tif->tif_flags&TIFF_SWAB)
2946 TIFFSwabLong8((uint64*)value);
2947 return(TIFFReadDirEntryErrOk);
2948 }
2949
TIFFReadDirEntryCheckRangeByteSbyte(int8 value)2950 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeByteSbyte(int8 value)
2951 {
2952 if (value<0)
2953 return(TIFFReadDirEntryErrRange);
2954 else
2955 return(TIFFReadDirEntryErrOk);
2956 }
2957
TIFFReadDirEntryCheckRangeByteShort(uint16 value)2958 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeByteShort(uint16 value)
2959 {
2960 if (value>0xFF)
2961 return(TIFFReadDirEntryErrRange);
2962 else
2963 return(TIFFReadDirEntryErrOk);
2964 }
2965
TIFFReadDirEntryCheckRangeByteSshort(int16 value)2966 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeByteSshort(int16 value)
2967 {
2968 if ((value<0)||(value>0xFF))
2969 return(TIFFReadDirEntryErrRange);
2970 else
2971 return(TIFFReadDirEntryErrOk);
2972 }
2973
TIFFReadDirEntryCheckRangeByteLong(uint32 value)2974 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeByteLong(uint32 value)
2975 {
2976 if (value>0xFF)
2977 return(TIFFReadDirEntryErrRange);
2978 else
2979 return(TIFFReadDirEntryErrOk);
2980 }
2981
TIFFReadDirEntryCheckRangeByteSlong(int32 value)2982 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeByteSlong(int32 value)
2983 {
2984 if ((value<0)||(value>0xFF))
2985 return(TIFFReadDirEntryErrRange);
2986 else
2987 return(TIFFReadDirEntryErrOk);
2988 }
2989
TIFFReadDirEntryCheckRangeByteLong8(uint64 value)2990 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeByteLong8(uint64 value)
2991 {
2992 if (value>0xFF)
2993 return(TIFFReadDirEntryErrRange);
2994 else
2995 return(TIFFReadDirEntryErrOk);
2996 }
2997
TIFFReadDirEntryCheckRangeByteSlong8(int64 value)2998 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeByteSlong8(int64 value)
2999 {
3000 if ((value<0)||(value>0xFF))
3001 return(TIFFReadDirEntryErrRange);
3002 else
3003 return(TIFFReadDirEntryErrOk);
3004 }
3005
TIFFReadDirEntryCheckRangeSbyteByte(uint8 value)3006 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeSbyteByte(uint8 value)
3007 {
3008 if (value>0x7F)
3009 return(TIFFReadDirEntryErrRange);
3010 else
3011 return(TIFFReadDirEntryErrOk);
3012 }
3013
TIFFReadDirEntryCheckRangeSbyteShort(uint16 value)3014 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeSbyteShort(uint16 value)
3015 {
3016 if (value>0x7F)
3017 return(TIFFReadDirEntryErrRange);
3018 else
3019 return(TIFFReadDirEntryErrOk);
3020 }
3021
TIFFReadDirEntryCheckRangeSbyteSshort(int16 value)3022 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeSbyteSshort(int16 value)
3023 {
3024 if ((value<-0x80)||(value>0x7F))
3025 return(TIFFReadDirEntryErrRange);
3026 else
3027 return(TIFFReadDirEntryErrOk);
3028 }
3029
TIFFReadDirEntryCheckRangeSbyteLong(uint32 value)3030 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeSbyteLong(uint32 value)
3031 {
3032 if (value>0x7F)
3033 return(TIFFReadDirEntryErrRange);
3034 else
3035 return(TIFFReadDirEntryErrOk);
3036 }
3037
TIFFReadDirEntryCheckRangeSbyteSlong(int32 value)3038 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeSbyteSlong(int32 value)
3039 {
3040 if ((value<-0x80)||(value>0x7F))
3041 return(TIFFReadDirEntryErrRange);
3042 else
3043 return(TIFFReadDirEntryErrOk);
3044 }
3045
TIFFReadDirEntryCheckRangeSbyteLong8(uint64 value)3046 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeSbyteLong8(uint64 value)
3047 {
3048 if (value>0x7F)
3049 return(TIFFReadDirEntryErrRange);
3050 else
3051 return(TIFFReadDirEntryErrOk);
3052 }
3053
TIFFReadDirEntryCheckRangeSbyteSlong8(int64 value)3054 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeSbyteSlong8(int64 value)
3055 {
3056 if ((value<-0x80)||(value>0x7F))
3057 return(TIFFReadDirEntryErrRange);
3058 else
3059 return(TIFFReadDirEntryErrOk);
3060 }
3061
TIFFReadDirEntryCheckRangeShortSbyte(int8 value)3062 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeShortSbyte(int8 value)
3063 {
3064 if (value<0)
3065 return(TIFFReadDirEntryErrRange);
3066 else
3067 return(TIFFReadDirEntryErrOk);
3068 }
3069
TIFFReadDirEntryCheckRangeShortSshort(int16 value)3070 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeShortSshort(int16 value)
3071 {
3072 if (value<0)
3073 return(TIFFReadDirEntryErrRange);
3074 else
3075 return(TIFFReadDirEntryErrOk);
3076 }
3077
TIFFReadDirEntryCheckRangeShortLong(uint32 value)3078 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeShortLong(uint32 value)
3079 {
3080 if (value>0xFFFF)
3081 return(TIFFReadDirEntryErrRange);
3082 else
3083 return(TIFFReadDirEntryErrOk);
3084 }
3085
TIFFReadDirEntryCheckRangeShortSlong(int32 value)3086 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeShortSlong(int32 value)
3087 {
3088 if ((value<0)||(value>0xFFFF))
3089 return(TIFFReadDirEntryErrRange);
3090 else
3091 return(TIFFReadDirEntryErrOk);
3092 }
3093
TIFFReadDirEntryCheckRangeShortLong8(uint64 value)3094 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeShortLong8(uint64 value)
3095 {
3096 if (value>0xFFFF)
3097 return(TIFFReadDirEntryErrRange);
3098 else
3099 return(TIFFReadDirEntryErrOk);
3100 }
3101
TIFFReadDirEntryCheckRangeShortSlong8(int64 value)3102 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeShortSlong8(int64 value)
3103 {
3104 if ((value<0)||(value>0xFFFF))
3105 return(TIFFReadDirEntryErrRange);
3106 else
3107 return(TIFFReadDirEntryErrOk);
3108 }
3109
TIFFReadDirEntryCheckRangeSshortShort(uint16 value)3110 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeSshortShort(uint16 value)
3111 {
3112 if (value>0x7FFF)
3113 return(TIFFReadDirEntryErrRange);
3114 else
3115 return(TIFFReadDirEntryErrOk);
3116 }
3117
TIFFReadDirEntryCheckRangeSshortLong(uint32 value)3118 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeSshortLong(uint32 value)
3119 {
3120 if (value>0x7FFF)
3121 return(TIFFReadDirEntryErrRange);
3122 else
3123 return(TIFFReadDirEntryErrOk);
3124 }
3125
TIFFReadDirEntryCheckRangeSshortSlong(int32 value)3126 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeSshortSlong(int32 value)
3127 {
3128 if ((value<-0x8000)||(value>0x7FFF))
3129 return(TIFFReadDirEntryErrRange);
3130 else
3131 return(TIFFReadDirEntryErrOk);
3132 }
3133
TIFFReadDirEntryCheckRangeSshortLong8(uint64 value)3134 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeSshortLong8(uint64 value)
3135 {
3136 if (value>0x7FFF)
3137 return(TIFFReadDirEntryErrRange);
3138 else
3139 return(TIFFReadDirEntryErrOk);
3140 }
3141
TIFFReadDirEntryCheckRangeSshortSlong8(int64 value)3142 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeSshortSlong8(int64 value)
3143 {
3144 if ((value<-0x8000)||(value>0x7FFF))
3145 return(TIFFReadDirEntryErrRange);
3146 else
3147 return(TIFFReadDirEntryErrOk);
3148 }
3149
TIFFReadDirEntryCheckRangeLongSbyte(int8 value)3150 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeLongSbyte(int8 value)
3151 {
3152 if (value<0)
3153 return(TIFFReadDirEntryErrRange);
3154 else
3155 return(TIFFReadDirEntryErrOk);
3156 }
3157
TIFFReadDirEntryCheckRangeLongSshort(int16 value)3158 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeLongSshort(int16 value)
3159 {
3160 if (value<0)
3161 return(TIFFReadDirEntryErrRange);
3162 else
3163 return(TIFFReadDirEntryErrOk);
3164 }
3165
TIFFReadDirEntryCheckRangeLongSlong(int32 value)3166 static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckRangeLongSlong(int32 value)
3167 {
3168 if (value<0)
3169 return(TIFFReadDirEntryErrRange);
3170 else
3171 return(TIFFReadDirEntryErrOk);
3172 }
3173
3174 /*
3175 * Largest 32-bit unsigned integer value.
3176 */
3177 #define TIFF_UINT32_MAX 0xFFFFFFFFU
3178
3179 static enum TIFFReadDirEntryErr
TIFFReadDirEntryCheckRangeLongLong8(uint64 value)3180 TIFFReadDirEntryCheckRangeLongLong8(uint64 value)
3181 {
3182 if (value > TIFF_UINT32_MAX)
3183 return(TIFFReadDirEntryErrRange);
3184 else
3185 return(TIFFReadDirEntryErrOk);
3186 }
3187
3188 static enum TIFFReadDirEntryErr
TIFFReadDirEntryCheckRangeLongSlong8(int64 value)3189 TIFFReadDirEntryCheckRangeLongSlong8(int64 value)
3190 {
3191 if ((value < 0) || (value > (int64) TIFF_UINT32_MAX))
3192 return(TIFFReadDirEntryErrRange);
3193 else
3194 return(TIFFReadDirEntryErrOk);
3195 }
3196
3197 #undef TIFF_UINT32_MAX
3198
3199 static enum TIFFReadDirEntryErr
TIFFReadDirEntryCheckRangeSlongLong(uint32 value)3200 TIFFReadDirEntryCheckRangeSlongLong(uint32 value)
3201 {
3202 if (value > 0x7FFFFFFFUL)
3203 return(TIFFReadDirEntryErrRange);
3204 else
3205 return(TIFFReadDirEntryErrOk);
3206 }
3207
3208 /* Check that the 8-byte unsigned value can fit in a 4-byte unsigned range */
3209 static enum TIFFReadDirEntryErr
TIFFReadDirEntryCheckRangeSlongLong8(uint64 value)3210 TIFFReadDirEntryCheckRangeSlongLong8(uint64 value)
3211 {
3212 if (value > 0x7FFFFFFF)
3213 return(TIFFReadDirEntryErrRange);
3214 else
3215 return(TIFFReadDirEntryErrOk);
3216 }
3217
3218 /* Check that the 8-byte signed value can fit in a 4-byte signed range */
3219 static enum TIFFReadDirEntryErr
TIFFReadDirEntryCheckRangeSlongSlong8(int64 value)3220 TIFFReadDirEntryCheckRangeSlongSlong8(int64 value)
3221 {
3222 if ((value < 0-((int64) 0x7FFFFFFF+1)) || (value > 0x7FFFFFFF))
3223 return(TIFFReadDirEntryErrRange);
3224 else
3225 return(TIFFReadDirEntryErrOk);
3226 }
3227
3228 static enum TIFFReadDirEntryErr
TIFFReadDirEntryCheckRangeLong8Sbyte(int8 value)3229 TIFFReadDirEntryCheckRangeLong8Sbyte(int8 value)
3230 {
3231 if (value < 0)
3232 return(TIFFReadDirEntryErrRange);
3233 else
3234 return(TIFFReadDirEntryErrOk);
3235 }
3236
3237 static enum TIFFReadDirEntryErr
TIFFReadDirEntryCheckRangeLong8Sshort(int16 value)3238 TIFFReadDirEntryCheckRangeLong8Sshort(int16 value)
3239 {
3240 if (value < 0)
3241 return(TIFFReadDirEntryErrRange);
3242 else
3243 return(TIFFReadDirEntryErrOk);
3244 }
3245
3246 static enum TIFFReadDirEntryErr
TIFFReadDirEntryCheckRangeLong8Slong(int32 value)3247 TIFFReadDirEntryCheckRangeLong8Slong(int32 value)
3248 {
3249 if (value < 0)
3250 return(TIFFReadDirEntryErrRange);
3251 else
3252 return(TIFFReadDirEntryErrOk);
3253 }
3254
3255 static enum TIFFReadDirEntryErr
TIFFReadDirEntryCheckRangeLong8Slong8(int64 value)3256 TIFFReadDirEntryCheckRangeLong8Slong8(int64 value)
3257 {
3258 if (value < 0)
3259 return(TIFFReadDirEntryErrRange);
3260 else
3261 return(TIFFReadDirEntryErrOk);
3262 }
3263
3264 /*
3265 * Largest 64-bit signed integer value.
3266 */
3267 #define TIFF_INT64_MAX ((int64)(((uint64) ~0) >> 1))
3268
3269 static enum TIFFReadDirEntryErr
TIFFReadDirEntryCheckRangeSlong8Long8(uint64 value)3270 TIFFReadDirEntryCheckRangeSlong8Long8(uint64 value)
3271 {
3272 if (value > TIFF_INT64_MAX)
3273 return(TIFFReadDirEntryErrRange);
3274 else
3275 return(TIFFReadDirEntryErrOk);
3276 }
3277
3278 #undef TIFF_INT64_MAX
3279
3280 static enum TIFFReadDirEntryErr
TIFFReadDirEntryData(TIFF * tif,uint64 offset,tmsize_t size,void * dest)3281 TIFFReadDirEntryData(TIFF* tif, uint64 offset, tmsize_t size, void* dest)
3282 {
3283 assert(size>0);
3284 if (!isMapped(tif)) {
3285 if (!SeekOK(tif,offset))
3286 return(TIFFReadDirEntryErrIo);
3287 if (!ReadOK(tif,dest,size))
3288 return(TIFFReadDirEntryErrIo);
3289 } else {
3290 size_t ma,mb;
3291 ma=(size_t)offset;
3292 mb=ma+size;
3293 if (((uint64)ma!=offset)
3294 || (mb < ma)
3295 || (mb - ma != (size_t) size)
3296 || (mb < (size_t)size)
3297 || (mb > (size_t)tif->tif_size)
3298 )
3299 return(TIFFReadDirEntryErrIo);
3300 _TIFFmemcpy(dest,tif->tif_base+ma,size);
3301 }
3302 return(TIFFReadDirEntryErrOk);
3303 }
3304
TIFFReadDirEntryOutputErr(TIFF * tif,enum TIFFReadDirEntryErr err,const char * module,const char * tagname,int recover)3305 static void TIFFReadDirEntryOutputErr(TIFF* tif, enum TIFFReadDirEntryErr err, const char* module, const char* tagname, int recover)
3306 {
3307 if (!recover) {
3308 switch (err) {
3309 case TIFFReadDirEntryErrCount:
3310 TIFFErrorExt(tif->tif_clientdata, module,
3311 "Incorrect count for \"%s\"",
3312 tagname);
3313 break;
3314 case TIFFReadDirEntryErrType:
3315 TIFFErrorExt(tif->tif_clientdata, module,
3316 "Incompatible type for \"%s\"",
3317 tagname);
3318 break;
3319 case TIFFReadDirEntryErrIo:
3320 TIFFErrorExt(tif->tif_clientdata, module,
3321 "IO error during reading of \"%s\"",
3322 tagname);
3323 break;
3324 case TIFFReadDirEntryErrRange:
3325 TIFFErrorExt(tif->tif_clientdata, module,
3326 "Incorrect value for \"%s\"",
3327 tagname);
3328 break;
3329 case TIFFReadDirEntryErrPsdif:
3330 TIFFErrorExt(tif->tif_clientdata, module,
3331 "Cannot handle different values per sample for \"%s\"",
3332 tagname);
3333 break;
3334 case TIFFReadDirEntryErrSizesan:
3335 TIFFErrorExt(tif->tif_clientdata, module,
3336 "Sanity check on size of \"%s\" value failed",
3337 tagname);
3338 break;
3339 case TIFFReadDirEntryErrAlloc:
3340 TIFFErrorExt(tif->tif_clientdata, module,
3341 "Out of memory reading of \"%s\"",
3342 tagname);
3343 break;
3344 default:
3345 assert(0); /* we should never get here */
3346 break;
3347 }
3348 } else {
3349 switch (err) {
3350 case TIFFReadDirEntryErrCount:
3351 TIFFWarningExt(tif->tif_clientdata, module,
3352 "Incorrect count for \"%s\"; tag ignored",
3353 tagname);
3354 break;
3355 case TIFFReadDirEntryErrType:
3356 TIFFWarningExt(tif->tif_clientdata, module,
3357 "Incompatible type for \"%s\"; tag ignored",
3358 tagname);
3359 break;
3360 case TIFFReadDirEntryErrIo:
3361 TIFFWarningExt(tif->tif_clientdata, module,
3362 "IO error during reading of \"%s\"; tag ignored",
3363 tagname);
3364 break;
3365 case TIFFReadDirEntryErrRange:
3366 TIFFWarningExt(tif->tif_clientdata, module,
3367 "Incorrect value for \"%s\"; tag ignored",
3368 tagname);
3369 break;
3370 case TIFFReadDirEntryErrPsdif:
3371 TIFFWarningExt(tif->tif_clientdata, module,
3372 "Cannot handle different values per sample for \"%s\"; tag ignored",
3373 tagname);
3374 break;
3375 case TIFFReadDirEntryErrSizesan:
3376 TIFFWarningExt(tif->tif_clientdata, module,
3377 "Sanity check on size of \"%s\" value failed; tag ignored",
3378 tagname);
3379 break;
3380 case TIFFReadDirEntryErrAlloc:
3381 TIFFWarningExt(tif->tif_clientdata, module,
3382 "Out of memory reading of \"%s\"; tag ignored",
3383 tagname);
3384 break;
3385 default:
3386 assert(0); /* we should never get here */
3387 break;
3388 }
3389 }
3390 }
3391
3392 /*
3393 * Read the next TIFF directory from a file and convert it to the internal
3394 * format. We read directories sequentially.
3395 */
3396 int
TIFFReadDirectory(TIFF * tif)3397 TIFFReadDirectory(TIFF* tif)
3398 {
3399 static const char module[] = "TIFFReadDirectory";
3400 TIFFDirEntry* dir;
3401 uint16 dircount;
3402 TIFFDirEntry* dp;
3403 uint16 di;
3404 const TIFFField* fip;
3405 uint32 fii=FAILED_FII;
3406 toff_t nextdiroff;
3407 int bitspersample_read = FALSE;
3408
3409 tif->tif_diroff=tif->tif_nextdiroff;
3410 if (!TIFFCheckDirOffset(tif,tif->tif_nextdiroff))
3411 return 0; /* last offset or bad offset (IFD looping) */
3412 (*tif->tif_cleanup)(tif); /* cleanup any previous compression state */
3413 tif->tif_curdir++;
3414 nextdiroff = tif->tif_nextdiroff;
3415 dircount=TIFFFetchDirectory(tif,nextdiroff,&dir,&tif->tif_nextdiroff);
3416 if (!dircount)
3417 {
3418 TIFFErrorExt(tif->tif_clientdata,module,
3419 "Failed to read directory at offset " TIFF_UINT64_FORMAT,nextdiroff);
3420 return 0;
3421 }
3422 TIFFReadDirectoryCheckOrder(tif,dir,dircount);
3423
3424 /*
3425 * Mark duplicates of any tag to be ignored (bugzilla 1994)
3426 * to avoid certain pathological problems.
3427 */
3428 {
3429 TIFFDirEntry* ma;
3430 uint16 mb;
3431 for (ma=dir, mb=0; mb<dircount; ma++, mb++)
3432 {
3433 TIFFDirEntry* na;
3434 uint16 nb;
3435 for (na=ma+1, nb=mb+1; nb<dircount; na++, nb++)
3436 {
3437 if (ma->tdir_tag==na->tdir_tag)
3438 na->tdir_tag=IGNORE;
3439 }
3440 }
3441 }
3442
3443 tif->tif_flags &= ~TIFF_BEENWRITING; /* reset before new dir */
3444 tif->tif_flags &= ~TIFF_BUF4WRITE; /* reset before new dir */
3445 /* free any old stuff and reinit */
3446 TIFFFreeDirectory(tif);
3447 TIFFDefaultDirectory(tif);
3448 /*
3449 * Electronic Arts writes gray-scale TIFF files
3450 * without a PlanarConfiguration directory entry.
3451 * Thus we setup a default value here, even though
3452 * the TIFF spec says there is no default value.
3453 */
3454 TIFFSetField(tif,TIFFTAG_PLANARCONFIG,PLANARCONFIG_CONTIG);
3455 /*
3456 * Setup default value and then make a pass over
3457 * the fields to check type and tag information,
3458 * and to extract info required to size data
3459 * structures. A second pass is made afterwards
3460 * to read in everthing not taken in the first pass.
3461 * But we must process the Compression tag first
3462 * in order to merge in codec-private tag definitions (otherwise
3463 * we may get complaints about unknown tags). However, the
3464 * Compression tag may be dependent on the SamplesPerPixel
3465 * tag value because older TIFF specs permited Compression
3466 * to be written as a SamplesPerPixel-count tag entry.
3467 * Thus if we don't first figure out the correct SamplesPerPixel
3468 * tag value then we may end up ignoring the Compression tag
3469 * value because it has an incorrect count value (if the
3470 * true value of SamplesPerPixel is not 1).
3471 */
3472 dp=TIFFReadDirectoryFindEntry(tif,dir,dircount,TIFFTAG_SAMPLESPERPIXEL);
3473 if (dp)
3474 {
3475 if (!TIFFFetchNormalTag(tif,dp,0))
3476 goto bad;
3477 dp->tdir_tag=IGNORE;
3478 }
3479 dp=TIFFReadDirectoryFindEntry(tif,dir,dircount,TIFFTAG_COMPRESSION);
3480 if (dp)
3481 {
3482 /*
3483 * The 5.0 spec says the Compression tag has one value, while
3484 * earlier specs say it has one value per sample. Because of
3485 * this, we accept the tag if one value is supplied with either
3486 * count.
3487 */
3488 uint16 value;
3489 enum TIFFReadDirEntryErr err;
3490 err=TIFFReadDirEntryShort(tif,dp,&value);
3491 if (err==TIFFReadDirEntryErrCount)
3492 err=TIFFReadDirEntryPersampleShort(tif,dp,&value);
3493 if (err!=TIFFReadDirEntryErrOk)
3494 {
3495 TIFFReadDirEntryOutputErr(tif,err,module,"Compression",0);
3496 goto bad;
3497 }
3498 if (!TIFFSetField(tif,TIFFTAG_COMPRESSION,value))
3499 goto bad;
3500 dp->tdir_tag=IGNORE;
3501 }
3502 else
3503 {
3504 if (!TIFFSetField(tif,TIFFTAG_COMPRESSION,COMPRESSION_NONE))
3505 goto bad;
3506 }
3507 /*
3508 * First real pass over the directory.
3509 */
3510 for (di=0, dp=dir; di<dircount; di++, dp++)
3511 {
3512 if (dp->tdir_tag!=IGNORE)
3513 {
3514 TIFFReadDirectoryFindFieldInfo(tif,dp->tdir_tag,&fii);
3515 if (fii == FAILED_FII)
3516 {
3517 TIFFWarningExt(tif->tif_clientdata, module,
3518 "Unknown field with tag %d (0x%x) encountered",
3519 dp->tdir_tag,dp->tdir_tag);
3520 /* the following knowingly leaks the
3521 anonymous field structure */
3522 if (!_TIFFMergeFields(tif,
3523 _TIFFCreateAnonField(tif,
3524 dp->tdir_tag,
3525 (TIFFDataType) dp->tdir_type),
3526 1)) {
3527 TIFFWarningExt(tif->tif_clientdata,
3528 module,
3529 "Registering anonymous field with tag %d (0x%x) failed",
3530 dp->tdir_tag,
3531 dp->tdir_tag);
3532 dp->tdir_tag=IGNORE;
3533 } else {
3534 TIFFReadDirectoryFindFieldInfo(tif,dp->tdir_tag,&fii);
3535 assert(fii != FAILED_FII);
3536 }
3537 }
3538 }
3539 if (dp->tdir_tag!=IGNORE)
3540 {
3541 fip=tif->tif_fields[fii];
3542 if (fip->field_bit==FIELD_IGNORE)
3543 dp->tdir_tag=IGNORE;
3544 else
3545 {
3546 switch (dp->tdir_tag)
3547 {
3548 case TIFFTAG_STRIPOFFSETS:
3549 case TIFFTAG_STRIPBYTECOUNTS:
3550 case TIFFTAG_TILEOFFSETS:
3551 case TIFFTAG_TILEBYTECOUNTS:
3552 TIFFSetFieldBit(tif,fip->field_bit);
3553 break;
3554 case TIFFTAG_IMAGEWIDTH:
3555 case TIFFTAG_IMAGELENGTH:
3556 case TIFFTAG_IMAGEDEPTH:
3557 case TIFFTAG_TILELENGTH:
3558 case TIFFTAG_TILEWIDTH:
3559 case TIFFTAG_TILEDEPTH:
3560 case TIFFTAG_PLANARCONFIG:
3561 case TIFFTAG_ROWSPERSTRIP:
3562 case TIFFTAG_EXTRASAMPLES:
3563 if (!TIFFFetchNormalTag(tif,dp,0))
3564 goto bad;
3565 dp->tdir_tag=IGNORE;
3566 break;
3567 }
3568 }
3569 }
3570 }
3571 /*
3572 * XXX: OJPEG hack.
3573 * If a) compression is OJPEG, b) planarconfig tag says it's separate,
3574 * c) strip offsets/bytecounts tag are both present and
3575 * d) both contain exactly one value, then we consistently find
3576 * that the buggy implementation of the buggy compression scheme
3577 * matches contig planarconfig best. So we 'fix-up' the tag here
3578 */
3579 if ((tif->tif_dir.td_compression==COMPRESSION_OJPEG)&&
3580 (tif->tif_dir.td_planarconfig==PLANARCONFIG_SEPARATE))
3581 {
3582 if (!_TIFFFillStriles(tif))
3583 goto bad;
3584 dp=TIFFReadDirectoryFindEntry(tif,dir,dircount,TIFFTAG_STRIPOFFSETS);
3585 if ((dp!=0)&&(dp->tdir_count==1))
3586 {
3587 dp=TIFFReadDirectoryFindEntry(tif,dir,dircount,
3588 TIFFTAG_STRIPBYTECOUNTS);
3589 if ((dp!=0)&&(dp->tdir_count==1))
3590 {
3591 tif->tif_dir.td_planarconfig=PLANARCONFIG_CONTIG;
3592 TIFFWarningExt(tif->tif_clientdata,module,
3593 "Planarconfig tag value assumed incorrect, "
3594 "assuming data is contig instead of chunky");
3595 }
3596 }
3597 }
3598 /*
3599 * Allocate directory structure and setup defaults.
3600 */
3601 if (!TIFFFieldSet(tif,FIELD_IMAGEDIMENSIONS))
3602 {
3603 MissingRequired(tif,"ImageLength");
3604 goto bad;
3605 }
3606 /*
3607 * Setup appropriate structures (by strip or by tile)
3608 */
3609 if (!TIFFFieldSet(tif, FIELD_TILEDIMENSIONS)) {
3610 tif->tif_dir.td_nstrips = TIFFNumberOfStrips(tif);
3611 tif->tif_dir.td_tilewidth = tif->tif_dir.td_imagewidth;
3612 tif->tif_dir.td_tilelength = tif->tif_dir.td_rowsperstrip;
3613 tif->tif_dir.td_tiledepth = tif->tif_dir.td_imagedepth;
3614 tif->tif_flags &= ~TIFF_ISTILED;
3615 } else {
3616 tif->tif_dir.td_nstrips = TIFFNumberOfTiles(tif);
3617 tif->tif_flags |= TIFF_ISTILED;
3618 }
3619 if (!tif->tif_dir.td_nstrips) {
3620 TIFFErrorExt(tif->tif_clientdata, module,
3621 "Cannot handle zero number of %s",
3622 isTiled(tif) ? "tiles" : "strips");
3623 goto bad;
3624 }
3625 tif->tif_dir.td_stripsperimage = tif->tif_dir.td_nstrips;
3626 if (tif->tif_dir.td_planarconfig == PLANARCONFIG_SEPARATE)
3627 tif->tif_dir.td_stripsperimage /= tif->tif_dir.td_samplesperpixel;
3628 if (!TIFFFieldSet(tif, FIELD_STRIPOFFSETS)) {
3629 if ((tif->tif_dir.td_compression==COMPRESSION_OJPEG) &&
3630 (isTiled(tif)==0) &&
3631 (tif->tif_dir.td_nstrips==1)) {
3632 /*
3633 * XXX: OJPEG hack.
3634 * If a) compression is OJPEG, b) it's not a tiled TIFF,
3635 * and c) the number of strips is 1,
3636 * then we tolerate the absence of stripoffsets tag,
3637 * because, presumably, all required data is in the
3638 * JpegInterchangeFormat stream.
3639 */
3640 TIFFSetFieldBit(tif, FIELD_STRIPOFFSETS);
3641 } else {
3642 MissingRequired(tif,
3643 isTiled(tif) ? "TileOffsets" : "StripOffsets");
3644 goto bad;
3645 }
3646 }
3647 /*
3648 * Second pass: extract other information.
3649 */
3650 for (di=0, dp=dir; di<dircount; di++, dp++)
3651 {
3652 switch (dp->tdir_tag)
3653 {
3654 case IGNORE:
3655 break;
3656 case TIFFTAG_MINSAMPLEVALUE:
3657 case TIFFTAG_MAXSAMPLEVALUE:
3658 case TIFFTAG_BITSPERSAMPLE:
3659 case TIFFTAG_DATATYPE:
3660 case TIFFTAG_SAMPLEFORMAT:
3661 /*
3662 * The MinSampleValue, MaxSampleValue, BitsPerSample
3663 * DataType and SampleFormat tags are supposed to be
3664 * written as one value/sample, but some vendors
3665 * incorrectly write one value only -- so we accept
3666 * that as well (yech). Other vendors write correct
3667 * value for NumberOfSamples, but incorrect one for
3668 * BitsPerSample and friends, and we will read this
3669 * too.
3670 */
3671 {
3672 uint16 value;
3673 enum TIFFReadDirEntryErr err;
3674 err=TIFFReadDirEntryShort(tif,dp,&value);
3675 if (err==TIFFReadDirEntryErrCount)
3676 err=TIFFReadDirEntryPersampleShort(tif,dp,&value);
3677 if (err!=TIFFReadDirEntryErrOk)
3678 {
3679 fip = TIFFFieldWithTag(tif,dp->tdir_tag);
3680 TIFFReadDirEntryOutputErr(tif,err,module,fip ? fip->field_name : "unknown tagname",0);
3681 goto bad;
3682 }
3683 if (!TIFFSetField(tif,dp->tdir_tag,value))
3684 goto bad;
3685 if( dp->tdir_tag == TIFFTAG_BITSPERSAMPLE )
3686 bitspersample_read = TRUE;
3687 }
3688 break;
3689 case TIFFTAG_SMINSAMPLEVALUE:
3690 case TIFFTAG_SMAXSAMPLEVALUE:
3691 {
3692
3693 double *data;
3694 enum TIFFReadDirEntryErr err;
3695 uint32 saved_flags;
3696 int m;
3697 if (dp->tdir_count != (uint64)tif->tif_dir.td_samplesperpixel)
3698 err = TIFFReadDirEntryErrCount;
3699 else
3700 err = TIFFReadDirEntryDoubleArray(tif, dp, &data);
3701 if (err!=TIFFReadDirEntryErrOk)
3702 {
3703 fip = TIFFFieldWithTag(tif,dp->tdir_tag);
3704 TIFFReadDirEntryOutputErr(tif,err,module,fip ? fip->field_name : "unknown tagname",0);
3705 goto bad;
3706 }
3707 saved_flags = tif->tif_flags;
3708 tif->tif_flags |= TIFF_PERSAMPLE;
3709 m = TIFFSetField(tif,dp->tdir_tag,data);
3710 tif->tif_flags = saved_flags;
3711 _TIFFfree(data);
3712 if (!m)
3713 goto bad;
3714 }
3715 break;
3716 case TIFFTAG_STRIPOFFSETS:
3717 case TIFFTAG_TILEOFFSETS:
3718 #if defined(DEFER_STRILE_LOAD)
3719 _TIFFmemcpy( &(tif->tif_dir.td_stripoffset_entry),
3720 dp, sizeof(TIFFDirEntry) );
3721 #else
3722 if (!TIFFFetchStripThing(tif,dp,tif->tif_dir.td_nstrips,&tif->tif_dir.td_stripoffset))
3723 goto bad;
3724 #endif
3725 break;
3726 case TIFFTAG_STRIPBYTECOUNTS:
3727 case TIFFTAG_TILEBYTECOUNTS:
3728 #if defined(DEFER_STRILE_LOAD)
3729 _TIFFmemcpy( &(tif->tif_dir.td_stripbytecount_entry),
3730 dp, sizeof(TIFFDirEntry) );
3731 #else
3732 if (!TIFFFetchStripThing(tif,dp,tif->tif_dir.td_nstrips,&tif->tif_dir.td_stripbytecount))
3733 goto bad;
3734 #endif
3735 break;
3736 case TIFFTAG_COLORMAP:
3737 case TIFFTAG_TRANSFERFUNCTION:
3738 {
3739 enum TIFFReadDirEntryErr err;
3740 uint32 countpersample;
3741 uint32 countrequired;
3742 uint32 incrementpersample;
3743 uint16* value=NULL;
3744 /* It would be dangerous to instanciate those tag values */
3745 /* since if td_bitspersample has not yet been read (due to */
3746 /* unordered tags), it could be read afterwards with a */
3747 /* values greater than the default one (1), which may cause */
3748 /* crashes in user code */
3749 if( !bitspersample_read )
3750 {
3751 fip = TIFFFieldWithTag(tif,dp->tdir_tag);
3752 TIFFWarningExt(tif->tif_clientdata,module,
3753 "Ignoring %s since BitsPerSample tag not found",
3754 fip ? fip->field_name : "unknown tagname");
3755 continue;
3756 }
3757 /* ColorMap or TransferFunction for high bit */
3758 /* depths do not make much sense and could be */
3759 /* used as a denial of service vector */
3760 if (tif->tif_dir.td_bitspersample > 24)
3761 {
3762 TIFFWarningExt(tif->tif_clientdata,module,
3763 "Ignoring %s because BitsPerSample=%d>24",
3764 fip ? fip->field_name : "unknown tagname",
3765 tif->tif_dir.td_bitspersample);
3766 continue;
3767 }
3768 countpersample=(1L<<tif->tif_dir.td_bitspersample);
3769 if ((dp->tdir_tag==TIFFTAG_TRANSFERFUNCTION)&&(dp->tdir_count==(uint64)countpersample))
3770 {
3771 countrequired=countpersample;
3772 incrementpersample=0;
3773 }
3774 else
3775 {
3776 countrequired=3*countpersample;
3777 incrementpersample=countpersample;
3778 }
3779 if (dp->tdir_count!=(uint64)countrequired)
3780 err=TIFFReadDirEntryErrCount;
3781 else
3782 err=TIFFReadDirEntryShortArray(tif,dp,&value);
3783 if (err!=TIFFReadDirEntryErrOk)
3784 {
3785 fip = TIFFFieldWithTag(tif,dp->tdir_tag);
3786 TIFFReadDirEntryOutputErr(tif,err,module,fip ? fip->field_name : "unknown tagname",1);
3787 }
3788 else
3789 {
3790 TIFFSetField(tif,dp->tdir_tag,value,value+incrementpersample,value+2*incrementpersample);
3791 _TIFFfree(value);
3792 }
3793 }
3794 break;
3795 /* BEGIN REV 4.0 COMPATIBILITY */
3796 case TIFFTAG_OSUBFILETYPE:
3797 {
3798 uint16 valueo;
3799 uint32 value;
3800 if (TIFFReadDirEntryShort(tif,dp,&valueo)==TIFFReadDirEntryErrOk)
3801 {
3802 switch (valueo)
3803 {
3804 case OFILETYPE_REDUCEDIMAGE: value=FILETYPE_REDUCEDIMAGE; break;
3805 case OFILETYPE_PAGE: value=FILETYPE_PAGE; break;
3806 default: value=0; break;
3807 }
3808 if (value!=0)
3809 TIFFSetField(tif,TIFFTAG_SUBFILETYPE,value);
3810 }
3811 }
3812 break;
3813 /* END REV 4.0 COMPATIBILITY */
3814 default:
3815 (void) TIFFFetchNormalTag(tif, dp, TRUE);
3816 break;
3817 }
3818 }
3819 /*
3820 * OJPEG hack:
3821 * - If a) compression is OJPEG, and b) photometric tag is missing,
3822 * then we consistently find that photometric should be YCbCr
3823 * - If a) compression is OJPEG, and b) photometric tag says it's RGB,
3824 * then we consistently find that the buggy implementation of the
3825 * buggy compression scheme matches photometric YCbCr instead.
3826 * - If a) compression is OJPEG, and b) bitspersample tag is missing,
3827 * then we consistently find bitspersample should be 8.
3828 * - If a) compression is OJPEG, b) samplesperpixel tag is missing,
3829 * and c) photometric is RGB or YCbCr, then we consistently find
3830 * samplesperpixel should be 3
3831 * - If a) compression is OJPEG, b) samplesperpixel tag is missing,
3832 * and c) photometric is MINISWHITE or MINISBLACK, then we consistently
3833 * find samplesperpixel should be 3
3834 */
3835 if (tif->tif_dir.td_compression==COMPRESSION_OJPEG)
3836 {
3837 if (!TIFFFieldSet(tif,FIELD_PHOTOMETRIC))
3838 {
3839 TIFFWarningExt(tif->tif_clientdata, module,
3840 "Photometric tag is missing, assuming data is YCbCr");
3841 if (!TIFFSetField(tif,TIFFTAG_PHOTOMETRIC,PHOTOMETRIC_YCBCR))
3842 goto bad;
3843 }
3844 else if (tif->tif_dir.td_photometric==PHOTOMETRIC_RGB)
3845 {
3846 tif->tif_dir.td_photometric=PHOTOMETRIC_YCBCR;
3847 TIFFWarningExt(tif->tif_clientdata, module,
3848 "Photometric tag value assumed incorrect, "
3849 "assuming data is YCbCr instead of RGB");
3850 }
3851 if (!TIFFFieldSet(tif,FIELD_BITSPERSAMPLE))
3852 {
3853 TIFFWarningExt(tif->tif_clientdata,module,
3854 "BitsPerSample tag is missing, assuming 8 bits per sample");
3855 if (!TIFFSetField(tif,TIFFTAG_BITSPERSAMPLE,8))
3856 goto bad;
3857 }
3858 if (!TIFFFieldSet(tif,FIELD_SAMPLESPERPIXEL))
3859 {
3860 if (tif->tif_dir.td_photometric==PHOTOMETRIC_RGB)
3861 {
3862 TIFFWarningExt(tif->tif_clientdata,module,
3863 "SamplesPerPixel tag is missing, "
3864 "assuming correct SamplesPerPixel value is 3");
3865 if (!TIFFSetField(tif,TIFFTAG_SAMPLESPERPIXEL,3))
3866 goto bad;
3867 }
3868 if (tif->tif_dir.td_photometric==PHOTOMETRIC_YCBCR)
3869 {
3870 TIFFWarningExt(tif->tif_clientdata,module,
3871 "SamplesPerPixel tag is missing, "
3872 "applying correct SamplesPerPixel value of 3");
3873 if (!TIFFSetField(tif,TIFFTAG_SAMPLESPERPIXEL,3))
3874 goto bad;
3875 }
3876 else if ((tif->tif_dir.td_photometric==PHOTOMETRIC_MINISWHITE)
3877 || (tif->tif_dir.td_photometric==PHOTOMETRIC_MINISBLACK))
3878 {
3879 /*
3880 * SamplesPerPixel tag is missing, but is not required
3881 * by spec. Assume correct SamplesPerPixel value of 1.
3882 */
3883 if (!TIFFSetField(tif,TIFFTAG_SAMPLESPERPIXEL,1))
3884 goto bad;
3885 }
3886 }
3887 }
3888 /*
3889 * Verify Palette image has a Colormap.
3890 */
3891 if (tif->tif_dir.td_photometric == PHOTOMETRIC_PALETTE &&
3892 !TIFFFieldSet(tif, FIELD_COLORMAP)) {
3893 if ( tif->tif_dir.td_bitspersample>=8 && tif->tif_dir.td_samplesperpixel==3)
3894 tif->tif_dir.td_photometric = PHOTOMETRIC_RGB;
3895 else if (tif->tif_dir.td_bitspersample>=8)
3896 tif->tif_dir.td_photometric = PHOTOMETRIC_MINISBLACK;
3897 else {
3898 MissingRequired(tif, "Colormap");
3899 goto bad;
3900 }
3901 }
3902 /*
3903 * OJPEG hack:
3904 * We do no further messing with strip/tile offsets/bytecounts in OJPEG
3905 * TIFFs
3906 */
3907 if (tif->tif_dir.td_compression!=COMPRESSION_OJPEG)
3908 {
3909 /*
3910 * Attempt to deal with a missing StripByteCounts tag.
3911 */
3912 if (!TIFFFieldSet(tif, FIELD_STRIPBYTECOUNTS)) {
3913 /*
3914 * Some manufacturers violate the spec by not giving
3915 * the size of the strips. In this case, assume there
3916 * is one uncompressed strip of data.
3917 */
3918 if ((tif->tif_dir.td_planarconfig == PLANARCONFIG_CONTIG &&
3919 tif->tif_dir.td_nstrips > 1) ||
3920 (tif->tif_dir.td_planarconfig == PLANARCONFIG_SEPARATE &&
3921 tif->tif_dir.td_nstrips != (uint32)tif->tif_dir.td_samplesperpixel)) {
3922 MissingRequired(tif, "StripByteCounts");
3923 goto bad;
3924 }
3925 TIFFWarningExt(tif->tif_clientdata, module,
3926 "TIFF directory is missing required "
3927 "\"StripByteCounts\" field, calculating from imagelength");
3928 if (EstimateStripByteCounts(tif, dir, dircount) < 0)
3929 goto bad;
3930 /*
3931 * Assume we have wrong StripByteCount value (in case
3932 * of single strip) in following cases:
3933 * - it is equal to zero along with StripOffset;
3934 * - it is larger than file itself (in case of uncompressed
3935 * image);
3936 * - it is smaller than the size of the bytes per row
3937 * multiplied on the number of rows. The last case should
3938 * not be checked in the case of writing new image,
3939 * because we may do not know the exact strip size
3940 * until the whole image will be written and directory
3941 * dumped out.
3942 */
3943 #define BYTECOUNTLOOKSBAD \
3944 ( (tif->tif_dir.td_stripbytecount[0] == 0 && tif->tif_dir.td_stripoffset[0] != 0) || \
3945 (tif->tif_dir.td_compression == COMPRESSION_NONE && \
3946 tif->tif_dir.td_stripbytecount[0] > TIFFGetFileSize(tif) - tif->tif_dir.td_stripoffset[0]) || \
3947 (tif->tif_mode == O_RDONLY && \
3948 tif->tif_dir.td_compression == COMPRESSION_NONE && \
3949 tif->tif_dir.td_stripbytecount[0] < TIFFScanlineSize64(tif) * tif->tif_dir.td_imagelength) )
3950
3951 } else if (tif->tif_dir.td_nstrips == 1
3952 && _TIFFFillStriles(tif)
3953 && tif->tif_dir.td_stripoffset[0] != 0
3954 && BYTECOUNTLOOKSBAD) {
3955 /*
3956 * XXX: Plexus (and others) sometimes give a value of
3957 * zero for a tag when they don't know what the
3958 * correct value is! Try and handle the simple case
3959 * of estimating the size of a one strip image.
3960 */
3961 TIFFWarningExt(tif->tif_clientdata, module,
3962 "Bogus \"StripByteCounts\" field, ignoring and calculating from imagelength");
3963 if(EstimateStripByteCounts(tif, dir, dircount) < 0)
3964 goto bad;
3965
3966 #if !defined(DEFER_STRILE_LOAD)
3967 } else if (tif->tif_dir.td_planarconfig == PLANARCONFIG_CONTIG
3968 && tif->tif_dir.td_nstrips > 2
3969 && tif->tif_dir.td_compression == COMPRESSION_NONE
3970 && tif->tif_dir.td_stripbytecount[0] != tif->tif_dir.td_stripbytecount[1]
3971 && tif->tif_dir.td_stripbytecount[0] != 0
3972 && tif->tif_dir.td_stripbytecount[1] != 0 ) {
3973 /*
3974 * XXX: Some vendors fill StripByteCount array with
3975 * absolutely wrong values (it can be equal to
3976 * StripOffset array, for example). Catch this case
3977 * here.
3978 *
3979 * We avoid this check if deferring strile loading
3980 * as it would always force us to load the strip/tile
3981 * information.
3982 */
3983 TIFFWarningExt(tif->tif_clientdata, module,
3984 "Wrong \"StripByteCounts\" field, ignoring and calculating from imagelength");
3985 if (EstimateStripByteCounts(tif, dir, dircount) < 0)
3986 goto bad;
3987 #endif /* !defined(DEFER_STRILE_LOAD) */
3988 }
3989 }
3990 if (dir)
3991 {
3992 _TIFFfree(dir);
3993 dir=NULL;
3994 }
3995 if (!TIFFFieldSet(tif, FIELD_MAXSAMPLEVALUE))
3996 {
3997 if (tif->tif_dir.td_bitspersample>=16)
3998 tif->tif_dir.td_maxsamplevalue=0xFFFF;
3999 else
4000 tif->tif_dir.td_maxsamplevalue = (uint16)((1L<<tif->tif_dir.td_bitspersample)-1);
4001 }
4002 /*
4003 * XXX: We can optimize checking for the strip bounds using the sorted
4004 * bytecounts array. See also comments for TIFFAppendToStrip()
4005 * function in tif_write.c.
4006 */
4007 #if !defined(DEFER_STRILE_LOAD)
4008 if (tif->tif_dir.td_nstrips > 1) {
4009 uint32 strip;
4010
4011 tif->tif_dir.td_stripbytecountsorted = 1;
4012 for (strip = 1; strip < tif->tif_dir.td_nstrips; strip++) {
4013 if (tif->tif_dir.td_stripoffset[strip - 1] >
4014 tif->tif_dir.td_stripoffset[strip]) {
4015 tif->tif_dir.td_stripbytecountsorted = 0;
4016 break;
4017 }
4018 }
4019 }
4020 #endif /* !defined(DEFER_STRILE_LOAD) */
4021
4022 /*
4023 * An opportunity for compression mode dependent tag fixup
4024 */
4025 (*tif->tif_fixuptags)(tif);
4026
4027 /*
4028 * Some manufacturers make life difficult by writing
4029 * large amounts of uncompressed data as a single strip.
4030 * This is contrary to the recommendations of the spec.
4031 * The following makes an attempt at breaking such images
4032 * into strips closer to the recommended 8k bytes. A
4033 * side effect, however, is that the RowsPerStrip tag
4034 * value may be changed.
4035 */
4036 if ((tif->tif_dir.td_planarconfig==PLANARCONFIG_CONTIG)&&
4037 (tif->tif_dir.td_nstrips==1)&&
4038 (tif->tif_dir.td_compression==COMPRESSION_NONE)&&
4039 ((tif->tif_flags&(TIFF_STRIPCHOP|TIFF_ISTILED))==TIFF_STRIPCHOP))
4040 {
4041 if ( !_TIFFFillStriles(tif) || !tif->tif_dir.td_stripbytecount )
4042 return 0;
4043 ChopUpSingleUncompressedStrip(tif);
4044 }
4045
4046 /*
4047 * Clear the dirty directory flag.
4048 */
4049 tif->tif_flags &= ~TIFF_DIRTYDIRECT;
4050 tif->tif_flags &= ~TIFF_DIRTYSTRIP;
4051
4052 /*
4053 * Reinitialize i/o since we are starting on a new directory.
4054 */
4055 tif->tif_row = (uint32) -1;
4056 tif->tif_curstrip = (uint32) -1;
4057 tif->tif_col = (uint32) -1;
4058 tif->tif_curtile = (uint32) -1;
4059 tif->tif_tilesize = (tmsize_t) -1;
4060
4061 tif->tif_scanlinesize = TIFFScanlineSize(tif);
4062 if (!tif->tif_scanlinesize) {
4063 TIFFErrorExt(tif->tif_clientdata, module,
4064 "Cannot handle zero scanline size");
4065 return (0);
4066 }
4067
4068 if (isTiled(tif)) {
4069 tif->tif_tilesize = TIFFTileSize(tif);
4070 if (!tif->tif_tilesize) {
4071 TIFFErrorExt(tif->tif_clientdata, module,
4072 "Cannot handle zero tile size");
4073 return (0);
4074 }
4075 } else {
4076 if (!TIFFStripSize(tif)) {
4077 TIFFErrorExt(tif->tif_clientdata, module,
4078 "Cannot handle zero strip size");
4079 return (0);
4080 }
4081 }
4082 return (1);
4083 bad:
4084 if (dir)
4085 _TIFFfree(dir);
4086 return (0);
4087 }
4088
4089 static void
TIFFReadDirectoryCheckOrder(TIFF * tif,TIFFDirEntry * dir,uint16 dircount)4090 TIFFReadDirectoryCheckOrder(TIFF* tif, TIFFDirEntry* dir, uint16 dircount)
4091 {
4092 static const char module[] = "TIFFReadDirectoryCheckOrder";
4093 uint16 m;
4094 uint16 n;
4095 TIFFDirEntry* o;
4096 m=0;
4097 for (n=0, o=dir; n<dircount; n++, o++)
4098 {
4099 if (o->tdir_tag<m)
4100 {
4101 TIFFWarningExt(tif->tif_clientdata,module,
4102 "Invalid TIFF directory; tags are not sorted in ascending order");
4103 break;
4104 }
4105 m=o->tdir_tag+1;
4106 }
4107 }
4108
4109 static TIFFDirEntry*
TIFFReadDirectoryFindEntry(TIFF * tif,TIFFDirEntry * dir,uint16 dircount,uint16 tagid)4110 TIFFReadDirectoryFindEntry(TIFF* tif, TIFFDirEntry* dir, uint16 dircount, uint16 tagid)
4111 {
4112 TIFFDirEntry* m;
4113 uint16 n;
4114 (void) tif;
4115 for (m=dir, n=0; n<dircount; m++, n++)
4116 {
4117 if (m->tdir_tag==tagid)
4118 return(m);
4119 }
4120 return(0);
4121 }
4122
4123 static void
TIFFReadDirectoryFindFieldInfo(TIFF * tif,uint16 tagid,uint32 * fii)4124 TIFFReadDirectoryFindFieldInfo(TIFF* tif, uint16 tagid, uint32* fii)
4125 {
4126 int32 ma,mb,mc;
4127 ma=-1;
4128 mc=(int32)tif->tif_nfields;
4129 while (1)
4130 {
4131 if (ma+1==mc)
4132 {
4133 *fii = FAILED_FII;
4134 return;
4135 }
4136 mb=(ma+mc)/2;
4137 if (tif->tif_fields[mb]->field_tag==(uint32)tagid)
4138 break;
4139 if (tif->tif_fields[mb]->field_tag<(uint32)tagid)
4140 ma=mb;
4141 else
4142 mc=mb;
4143 }
4144 while (1)
4145 {
4146 if (mb==0)
4147 break;
4148 if (tif->tif_fields[mb-1]->field_tag!=(uint32)tagid)
4149 break;
4150 mb--;
4151 }
4152 *fii=mb;
4153 }
4154
4155 /*
4156 * Read custom directory from the arbitarry offset.
4157 * The code is very similar to TIFFReadDirectory().
4158 */
4159 int
TIFFReadCustomDirectory(TIFF * tif,toff_t diroff,const TIFFFieldArray * infoarray)4160 TIFFReadCustomDirectory(TIFF* tif, toff_t diroff,
4161 const TIFFFieldArray* infoarray)
4162 {
4163 static const char module[] = "TIFFReadCustomDirectory";
4164 TIFFDirEntry* dir;
4165 uint16 dircount;
4166 TIFFDirEntry* dp;
4167 uint16 di;
4168 const TIFFField* fip;
4169 uint32 fii;
4170 _TIFFSetupFields(tif, infoarray);
4171 dircount=TIFFFetchDirectory(tif,diroff,&dir,NULL);
4172 if (!dircount)
4173 {
4174 TIFFErrorExt(tif->tif_clientdata,module,
4175 "Failed to read custom directory at offset " TIFF_UINT64_FORMAT,diroff);
4176 return 0;
4177 }
4178 TIFFFreeDirectory(tif);
4179 _TIFFmemset(&tif->tif_dir, 0, sizeof(TIFFDirectory));
4180 TIFFReadDirectoryCheckOrder(tif,dir,dircount);
4181 for (di=0, dp=dir; di<dircount; di++, dp++)
4182 {
4183 TIFFReadDirectoryFindFieldInfo(tif,dp->tdir_tag,&fii);
4184 if (fii == FAILED_FII)
4185 {
4186 TIFFWarningExt(tif->tif_clientdata, module,
4187 "Unknown field with tag %d (0x%x) encountered",
4188 dp->tdir_tag, dp->tdir_tag);
4189 if (!_TIFFMergeFields(tif, _TIFFCreateAnonField(tif,
4190 dp->tdir_tag,
4191 (TIFFDataType) dp->tdir_type),
4192 1)) {
4193 TIFFWarningExt(tif->tif_clientdata, module,
4194 "Registering anonymous field with tag %d (0x%x) failed",
4195 dp->tdir_tag, dp->tdir_tag);
4196 dp->tdir_tag=IGNORE;
4197 } else {
4198 TIFFReadDirectoryFindFieldInfo(tif,dp->tdir_tag,&fii);
4199 assert( fii != FAILED_FII );
4200 }
4201 }
4202 if (dp->tdir_tag!=IGNORE)
4203 {
4204 fip=tif->tif_fields[fii];
4205 if (fip->field_bit==FIELD_IGNORE)
4206 dp->tdir_tag=IGNORE;
4207 else
4208 {
4209 /* check data type */
4210 while ((fip->field_type!=TIFF_ANY)&&(fip->field_type!=dp->tdir_type))
4211 {
4212 fii++;
4213 if ((fii==tif->tif_nfields)||
4214 (tif->tif_fields[fii]->field_tag!=(uint32)dp->tdir_tag))
4215 {
4216 fii=0xFFFF;
4217 break;
4218 }
4219 fip=tif->tif_fields[fii];
4220 }
4221 if (fii==0xFFFF)
4222 {
4223 TIFFWarningExt(tif->tif_clientdata, module,
4224 "Wrong data type %d for \"%s\"; tag ignored",
4225 dp->tdir_type,fip->field_name);
4226 dp->tdir_tag=IGNORE;
4227 }
4228 else
4229 {
4230 /* check count if known in advance */
4231 if ((fip->field_readcount!=TIFF_VARIABLE)&&
4232 (fip->field_readcount!=TIFF_VARIABLE2))
4233 {
4234 uint32 expected;
4235 if (fip->field_readcount==TIFF_SPP)
4236 expected=(uint32)tif->tif_dir.td_samplesperpixel;
4237 else
4238 expected=(uint32)fip->field_readcount;
4239 if (!CheckDirCount(tif,dp,expected))
4240 dp->tdir_tag=IGNORE;
4241 }
4242 }
4243 }
4244 switch (dp->tdir_tag)
4245 {
4246 case IGNORE:
4247 break;
4248 case EXIFTAG_SUBJECTDISTANCE:
4249 (void) TIFFFetchSubjectDistance(tif,dp);
4250 break;
4251 default:
4252 (void) TIFFFetchNormalTag(tif, dp, TRUE);
4253 break;
4254 }
4255 }
4256 }
4257 if (dir)
4258 _TIFFfree(dir);
4259 return 1;
4260 }
4261
4262 /*
4263 * EXIF is important special case of custom IFD, so we have a special
4264 * function to read it.
4265 */
4266 int
TIFFReadEXIFDirectory(TIFF * tif,toff_t diroff)4267 TIFFReadEXIFDirectory(TIFF* tif, toff_t diroff)
4268 {
4269 const TIFFFieldArray* exifFieldArray;
4270 exifFieldArray = _TIFFGetExifFields();
4271 return TIFFReadCustomDirectory(tif, diroff, exifFieldArray);
4272 }
4273
4274 static int
EstimateStripByteCounts(TIFF * tif,TIFFDirEntry * dir,uint16 dircount)4275 EstimateStripByteCounts(TIFF* tif, TIFFDirEntry* dir, uint16 dircount)
4276 {
4277 static const char module[] = "EstimateStripByteCounts";
4278
4279 TIFFDirEntry *dp;
4280 TIFFDirectory *td = &tif->tif_dir;
4281 uint32 strip;
4282
4283 if( !_TIFFFillStriles( tif ) )
4284 return -1;
4285
4286 if (td->td_stripbytecount)
4287 _TIFFfree(td->td_stripbytecount);
4288 td->td_stripbytecount = (uint64*)
4289 _TIFFCheckMalloc(tif, td->td_nstrips, sizeof (uint64),
4290 "for \"StripByteCounts\" array");
4291 if( td->td_stripbytecount == NULL )
4292 return -1;
4293
4294 if (td->td_compression != COMPRESSION_NONE) {
4295 uint64 space;
4296 uint64 filesize;
4297 uint16 n;
4298 filesize = TIFFGetFileSize(tif);
4299 if (!(tif->tif_flags&TIFF_BIGTIFF))
4300 space=sizeof(TIFFHeaderClassic)+2+dircount*12+4;
4301 else
4302 space=sizeof(TIFFHeaderBig)+8+dircount*20+8;
4303 /* calculate amount of space used by indirect values */
4304 for (dp = dir, n = dircount; n > 0; n--, dp++)
4305 {
4306 uint32 typewidth = TIFFDataWidth((TIFFDataType) dp->tdir_type);
4307 uint64 datasize;
4308 typewidth = TIFFDataWidth((TIFFDataType) dp->tdir_type);
4309 if (typewidth == 0) {
4310 TIFFErrorExt(tif->tif_clientdata, module,
4311 "Cannot determine size of unknown tag type %d",
4312 dp->tdir_type);
4313 return -1;
4314 }
4315 datasize=(uint64)typewidth*dp->tdir_count;
4316 if (!(tif->tif_flags&TIFF_BIGTIFF))
4317 {
4318 if (datasize<=4)
4319 datasize=0;
4320 }
4321 else
4322 {
4323 if (datasize<=8)
4324 datasize=0;
4325 }
4326 space+=datasize;
4327 }
4328 space = filesize - space;
4329 if (td->td_planarconfig == PLANARCONFIG_SEPARATE)
4330 space /= td->td_samplesperpixel;
4331 for (strip = 0; strip < td->td_nstrips; strip++)
4332 td->td_stripbytecount[strip] = space;
4333 /*
4334 * This gross hack handles the case were the offset to
4335 * the last strip is past the place where we think the strip
4336 * should begin. Since a strip of data must be contiguous,
4337 * it's safe to assume that we've overestimated the amount
4338 * of data in the strip and trim this number back accordingly.
4339 */
4340 strip--;
4341 if (td->td_stripoffset[strip]+td->td_stripbytecount[strip] > filesize)
4342 td->td_stripbytecount[strip] = filesize - td->td_stripoffset[strip];
4343 } else if (isTiled(tif)) {
4344 uint64 bytespertile = TIFFTileSize64(tif);
4345
4346 for (strip = 0; strip < td->td_nstrips; strip++)
4347 td->td_stripbytecount[strip] = bytespertile;
4348 } else {
4349 uint64 rowbytes = TIFFScanlineSize64(tif);
4350 uint32 rowsperstrip = td->td_imagelength/td->td_stripsperimage;
4351 for (strip = 0; strip < td->td_nstrips; strip++)
4352 td->td_stripbytecount[strip] = rowbytes * rowsperstrip;
4353 }
4354 TIFFSetFieldBit(tif, FIELD_STRIPBYTECOUNTS);
4355 if (!TIFFFieldSet(tif, FIELD_ROWSPERSTRIP))
4356 td->td_rowsperstrip = td->td_imagelength;
4357 return 1;
4358 }
4359
4360 static void
MissingRequired(TIFF * tif,const char * tagname)4361 MissingRequired(TIFF* tif, const char* tagname)
4362 {
4363 static const char module[] = "MissingRequired";
4364
4365 TIFFErrorExt(tif->tif_clientdata, module,
4366 "TIFF directory is missing required \"%s\" field",
4367 tagname);
4368 }
4369
4370 /*
4371 * Check the directory offset against the list of already seen directory
4372 * offsets. This is a trick to prevent IFD looping. The one can create TIFF
4373 * file with looped directory pointers. We will maintain a list of already
4374 * seen directories and check every IFD offset against that list.
4375 */
4376 static int
TIFFCheckDirOffset(TIFF * tif,uint64 diroff)4377 TIFFCheckDirOffset(TIFF* tif, uint64 diroff)
4378 {
4379 uint16 n;
4380
4381 if (diroff == 0) /* no more directories */
4382 return 0;
4383 if (tif->tif_dirnumber == 65535) {
4384 TIFFErrorExt(tif->tif_clientdata, "TIFFCheckDirOffset",
4385 "Cannot handle more than 65535 TIFF directories");
4386 return 0;
4387 }
4388
4389 for (n = 0; n < tif->tif_dirnumber && tif->tif_dirlist; n++) {
4390 if (tif->tif_dirlist[n] == diroff)
4391 return 0;
4392 }
4393
4394 tif->tif_dirnumber++;
4395
4396 if (tif->tif_dirnumber > tif->tif_dirlistsize) {
4397 uint64* new_dirlist;
4398
4399 /*
4400 * XXX: Reduce memory allocation granularity of the dirlist
4401 * array.
4402 */
4403 new_dirlist = (uint64*)_TIFFCheckRealloc(tif, tif->tif_dirlist,
4404 tif->tif_dirnumber, 2 * sizeof(uint64), "for IFD list");
4405 if (!new_dirlist)
4406 return 0;
4407 if( tif->tif_dirnumber >= 32768 )
4408 tif->tif_dirlistsize = 65535;
4409 else
4410 tif->tif_dirlistsize = 2 * tif->tif_dirnumber;
4411 tif->tif_dirlist = new_dirlist;
4412 }
4413
4414 tif->tif_dirlist[tif->tif_dirnumber - 1] = diroff;
4415
4416 return 1;
4417 }
4418
4419 /*
4420 * Check the count field of a directory entry against a known value. The
4421 * caller is expected to skip/ignore the tag if there is a mismatch.
4422 */
4423 static int
CheckDirCount(TIFF * tif,TIFFDirEntry * dir,uint32 count)4424 CheckDirCount(TIFF* tif, TIFFDirEntry* dir, uint32 count)
4425 {
4426 if ((uint64)count > dir->tdir_count) {
4427 const TIFFField* fip = TIFFFieldWithTag(tif, dir->tdir_tag);
4428 TIFFWarningExt(tif->tif_clientdata, tif->tif_name,
4429 "incorrect count for field \"%s\" (" TIFF_UINT64_FORMAT ", expecting %u); tag ignored",
4430 fip ? fip->field_name : "unknown tagname",
4431 dir->tdir_count, count);
4432 return (0);
4433 } else if ((uint64)count < dir->tdir_count) {
4434 const TIFFField* fip = TIFFFieldWithTag(tif, dir->tdir_tag);
4435 TIFFWarningExt(tif->tif_clientdata, tif->tif_name,
4436 "incorrect count for field \"%s\" (" TIFF_UINT64_FORMAT ", expecting %u); tag trimmed",
4437 fip ? fip->field_name : "unknown tagname",
4438 dir->tdir_count, count);
4439 dir->tdir_count = count;
4440 return (1);
4441 }
4442 return (1);
4443 }
4444
4445 /*
4446 * Read IFD structure from the specified offset. If the pointer to
4447 * nextdiroff variable has been specified, read it too. Function returns a
4448 * number of fields in the directory or 0 if failed.
4449 */
4450 static uint16
TIFFFetchDirectory(TIFF * tif,uint64 diroff,TIFFDirEntry ** pdir,uint64 * nextdiroff)4451 TIFFFetchDirectory(TIFF* tif, uint64 diroff, TIFFDirEntry** pdir,
4452 uint64 *nextdiroff)
4453 {
4454 static const char module[] = "TIFFFetchDirectory";
4455
4456 void* origdir;
4457 uint16 dircount16 = 0;
4458 uint32 dirsize;
4459 TIFFDirEntry* dir;
4460 uint8* ma;
4461 TIFFDirEntry* mb;
4462 uint16 n;
4463
4464 assert(pdir);
4465
4466 tif->tif_diroff = diroff;
4467 if (nextdiroff)
4468 *nextdiroff = 0;
4469 if (!isMapped(tif)) {
4470 if (!SeekOK(tif, tif->tif_diroff)) {
4471 TIFFErrorExt(tif->tif_clientdata, module,
4472 "%s: Seek error accessing TIFF directory",
4473 tif->tif_name);
4474 return 0;
4475 }
4476 if (!(tif->tif_flags&TIFF_BIGTIFF))
4477 {
4478 if (!ReadOK(tif, &dircount16, sizeof (uint16))) {
4479 TIFFErrorExt(tif->tif_clientdata, module,
4480 "%s: Can not read TIFF directory count",
4481 tif->tif_name);
4482 return 0;
4483 }
4484 if (tif->tif_flags & TIFF_SWAB)
4485 TIFFSwabShort(&dircount16);
4486 if (dircount16>4096)
4487 {
4488 TIFFErrorExt(tif->tif_clientdata, module,
4489 "Sanity check on directory count failed, this is probably not a valid IFD offset");
4490 return 0;
4491 }
4492 dirsize = 12;
4493 } else {
4494 uint64 dircount64;
4495 if (!ReadOK(tif, &dircount64, sizeof (uint64))) {
4496 TIFFErrorExt(tif->tif_clientdata, module,
4497 "%s: Can not read TIFF directory count",
4498 tif->tif_name);
4499 return 0;
4500 }
4501 if (tif->tif_flags & TIFF_SWAB)
4502 TIFFSwabLong8(&dircount64);
4503 if (dircount64>4096)
4504 {
4505 TIFFErrorExt(tif->tif_clientdata, module,
4506 "Sanity check on directory count failed, this is probably not a valid IFD offset");
4507 return 0;
4508 }
4509 dircount16 = (uint16)dircount64;
4510 dirsize = 20;
4511 }
4512 origdir = _TIFFCheckMalloc(tif, dircount16,
4513 dirsize, "to read TIFF directory");
4514 if (origdir == NULL)
4515 return 0;
4516 if (!ReadOK(tif, origdir, (tmsize_t)(dircount16*dirsize))) {
4517 TIFFErrorExt(tif->tif_clientdata, module,
4518 "%.100s: Can not read TIFF directory",
4519 tif->tif_name);
4520 _TIFFfree(origdir);
4521 return 0;
4522 }
4523 /*
4524 * Read offset to next directory for sequential scans if
4525 * needed.
4526 */
4527 if (nextdiroff)
4528 {
4529 if (!(tif->tif_flags&TIFF_BIGTIFF))
4530 {
4531 uint32 nextdiroff32;
4532 if (!ReadOK(tif, &nextdiroff32, sizeof(uint32)))
4533 nextdiroff32 = 0;
4534 if (tif->tif_flags&TIFF_SWAB)
4535 TIFFSwabLong(&nextdiroff32);
4536 *nextdiroff=nextdiroff32;
4537 } else {
4538 if (!ReadOK(tif, nextdiroff, sizeof(uint64)))
4539 *nextdiroff = 0;
4540 if (tif->tif_flags&TIFF_SWAB)
4541 TIFFSwabLong8(nextdiroff);
4542 }
4543 }
4544 } else {
4545 tmsize_t m;
4546 tmsize_t off = (tmsize_t) tif->tif_diroff;
4547 if ((uint64)off!=tif->tif_diroff)
4548 {
4549 TIFFErrorExt(tif->tif_clientdata,module,"Can not read TIFF directory count");
4550 return(0);
4551 }
4552
4553 /*
4554 * Check for integer overflow when validating the dir_off,
4555 * otherwise a very high offset may cause an OOB read and
4556 * crash the client. Make two comparisons instead of
4557 *
4558 * off + sizeof(uint16) > tif->tif_size
4559 *
4560 * to avoid overflow.
4561 */
4562 if (!(tif->tif_flags&TIFF_BIGTIFF))
4563 {
4564 m=off+sizeof(uint16);
4565 if ((m<off)||(m<(tmsize_t)sizeof(uint16))||(m>tif->tif_size)) {
4566 TIFFErrorExt(tif->tif_clientdata, module,
4567 "Can not read TIFF directory count");
4568 return 0;
4569 } else {
4570 _TIFFmemcpy(&dircount16, tif->tif_base + off,
4571 sizeof(uint16));
4572 }
4573 off += sizeof (uint16);
4574 if (tif->tif_flags & TIFF_SWAB)
4575 TIFFSwabShort(&dircount16);
4576 if (dircount16>4096)
4577 {
4578 TIFFErrorExt(tif->tif_clientdata, module,
4579 "Sanity check on directory count failed, this is probably not a valid IFD offset");
4580 return 0;
4581 }
4582 dirsize = 12;
4583 }
4584 else
4585 {
4586 tmsize_t m;
4587 uint64 dircount64;
4588 m=off+sizeof(uint64);
4589 if ((m<off)||(m<(tmsize_t)sizeof(uint64))||(m>tif->tif_size)) {
4590 TIFFErrorExt(tif->tif_clientdata, module,
4591 "Can not read TIFF directory count");
4592 return 0;
4593 } else {
4594 _TIFFmemcpy(&dircount64, tif->tif_base + off,
4595 sizeof(uint64));
4596 }
4597 off += sizeof (uint64);
4598 if (tif->tif_flags & TIFF_SWAB)
4599 TIFFSwabLong8(&dircount64);
4600 if (dircount64>4096)
4601 {
4602 TIFFErrorExt(tif->tif_clientdata, module,
4603 "Sanity check on directory count failed, this is probably not a valid IFD offset");
4604 return 0;
4605 }
4606 dircount16 = (uint16)dircount64;
4607 dirsize = 20;
4608 }
4609 if (dircount16 == 0 )
4610 {
4611 TIFFErrorExt(tif->tif_clientdata, module,
4612 "Sanity check on directory count failed, zero tag directories not supported");
4613 return 0;
4614 }
4615 origdir = _TIFFCheckMalloc(tif, dircount16,
4616 dirsize,
4617 "to read TIFF directory");
4618 if (origdir == NULL)
4619 return 0;
4620 m=off+dircount16*dirsize;
4621 if ((m<off)||(m<(tmsize_t)(dircount16*dirsize))||(m>tif->tif_size)) {
4622 TIFFErrorExt(tif->tif_clientdata, module,
4623 "Can not read TIFF directory");
4624 _TIFFfree(origdir);
4625 return 0;
4626 } else {
4627 _TIFFmemcpy(origdir, tif->tif_base + off,
4628 dircount16 * dirsize);
4629 }
4630 if (nextdiroff) {
4631 off += dircount16 * dirsize;
4632 if (!(tif->tif_flags&TIFF_BIGTIFF))
4633 {
4634 uint32 nextdiroff32;
4635 m=off+sizeof(uint32);
4636 if ((m<off)||(m<(tmsize_t)sizeof(uint32))||(m>tif->tif_size))
4637 nextdiroff32 = 0;
4638 else
4639 _TIFFmemcpy(&nextdiroff32, tif->tif_base + off,
4640 sizeof (uint32));
4641 if (tif->tif_flags&TIFF_SWAB)
4642 TIFFSwabLong(&nextdiroff32);
4643 *nextdiroff = nextdiroff32;
4644 }
4645 else
4646 {
4647 m=off+sizeof(uint64);
4648 if ((m<off)||(m<(tmsize_t)sizeof(uint64))||(m>tif->tif_size))
4649 *nextdiroff = 0;
4650 else
4651 _TIFFmemcpy(nextdiroff, tif->tif_base + off,
4652 sizeof (uint64));
4653 if (tif->tif_flags&TIFF_SWAB)
4654 TIFFSwabLong8(nextdiroff);
4655 }
4656 }
4657 }
4658 dir = (TIFFDirEntry*)_TIFFCheckMalloc(tif, dircount16,
4659 sizeof(TIFFDirEntry),
4660 "to read TIFF directory");
4661 if (dir==0)
4662 {
4663 _TIFFfree(origdir);
4664 return 0;
4665 }
4666 ma=(uint8*)origdir;
4667 mb=dir;
4668 for (n=0; n<dircount16; n++)
4669 {
4670 if (tif->tif_flags&TIFF_SWAB)
4671 TIFFSwabShort((uint16*)ma);
4672 mb->tdir_tag=*(uint16*)ma;
4673 ma+=sizeof(uint16);
4674 if (tif->tif_flags&TIFF_SWAB)
4675 TIFFSwabShort((uint16*)ma);
4676 mb->tdir_type=*(uint16*)ma;
4677 ma+=sizeof(uint16);
4678 if (!(tif->tif_flags&TIFF_BIGTIFF))
4679 {
4680 if (tif->tif_flags&TIFF_SWAB)
4681 TIFFSwabLong((uint32*)ma);
4682 mb->tdir_count=(uint64)(*(uint32*)ma);
4683 ma+=sizeof(uint32);
4684 *(uint32*)(&mb->tdir_offset)=*(uint32*)ma;
4685 ma+=sizeof(uint32);
4686 }
4687 else
4688 {
4689 if (tif->tif_flags&TIFF_SWAB)
4690 TIFFSwabLong8((uint64*)ma);
4691 mb->tdir_count=TIFFReadUInt64(ma);
4692 ma+=sizeof(uint64);
4693 mb->tdir_offset.toff_long8=TIFFReadUInt64(ma);
4694 ma+=sizeof(uint64);
4695 }
4696 mb++;
4697 }
4698 _TIFFfree(origdir);
4699 *pdir = dir;
4700 return dircount16;
4701 }
4702
4703 /*
4704 * Fetch a tag that is not handled by special case code.
4705 */
4706 static int
TIFFFetchNormalTag(TIFF * tif,TIFFDirEntry * dp,int recover)4707 TIFFFetchNormalTag(TIFF* tif, TIFFDirEntry* dp, int recover)
4708 {
4709 static const char module[] = "TIFFFetchNormalTag";
4710 enum TIFFReadDirEntryErr err;
4711 uint32 fii;
4712 const TIFFField* fip = NULL;
4713 TIFFReadDirectoryFindFieldInfo(tif,dp->tdir_tag,&fii);
4714 if( fii == FAILED_FII )
4715 {
4716 TIFFErrorExt(tif->tif_clientdata, "TIFFFetchNormalTag",
4717 "No definition found for tag %d",
4718 dp->tdir_tag);
4719 return 0;
4720 }
4721 fip=tif->tif_fields[fii];
4722 assert(fip != NULL); /* should not happen */
4723 assert(fip->set_field_type!=TIFF_SETGET_OTHER); /* if so, we shouldn't arrive here but deal with this in specialized code */
4724 assert(fip->set_field_type!=TIFF_SETGET_INT); /* if so, we shouldn't arrive here as this is only the case for pseudo-tags */
4725 err=TIFFReadDirEntryErrOk;
4726 switch (fip->set_field_type)
4727 {
4728 case TIFF_SETGET_UNDEFINED:
4729 break;
4730 case TIFF_SETGET_ASCII:
4731 {
4732 uint8* data;
4733 assert(fip->field_passcount==0);
4734 err=TIFFReadDirEntryByteArray(tif,dp,&data);
4735 if (err==TIFFReadDirEntryErrOk)
4736 {
4737 uint8* ma;
4738 uint32 mb;
4739 int n;
4740 ma=data;
4741 mb=0;
4742 while (mb<(uint32)dp->tdir_count)
4743 {
4744 if (*ma==0)
4745 break;
4746 ma++;
4747 mb++;
4748 }
4749 if (mb+1<(uint32)dp->tdir_count)
4750 TIFFWarningExt(tif->tif_clientdata,module,"ASCII value for tag \"%s\" contains null byte in value; value incorrectly truncated during reading due to implementation limitations",fip->field_name);
4751 else if (mb+1>(uint32)dp->tdir_count)
4752 {
4753 uint8* o;
4754 TIFFWarningExt(tif->tif_clientdata,module,"ASCII value for tag \"%s\" does not end in null byte",fip->field_name);
4755 if ((uint32)dp->tdir_count+1!=dp->tdir_count+1)
4756 o=NULL;
4757 else
4758 o=_TIFFmalloc((uint32)dp->tdir_count+1);
4759 if (o==NULL)
4760 {
4761 if (data!=NULL)
4762 _TIFFfree(data);
4763 return(0);
4764 }
4765 _TIFFmemcpy(o,data,(uint32)dp->tdir_count);
4766 o[(uint32)dp->tdir_count]=0;
4767 if (data!=0)
4768 _TIFFfree(data);
4769 data=o;
4770 }
4771 n=TIFFSetField(tif,dp->tdir_tag,data);
4772 if (data!=0)
4773 _TIFFfree(data);
4774 if (!n)
4775 return(0);
4776 }
4777 }
4778 break;
4779 case TIFF_SETGET_UINT8:
4780 {
4781 uint8 data=0;
4782 assert(fip->field_readcount==1);
4783 assert(fip->field_passcount==0);
4784 err=TIFFReadDirEntryByte(tif,dp,&data);
4785 if (err==TIFFReadDirEntryErrOk)
4786 {
4787 if (!TIFFSetField(tif,dp->tdir_tag,data))
4788 return(0);
4789 }
4790 }
4791 break;
4792 case TIFF_SETGET_UINT16:
4793 {
4794 uint16 data;
4795 assert(fip->field_readcount==1);
4796 assert(fip->field_passcount==0);
4797 err=TIFFReadDirEntryShort(tif,dp,&data);
4798 if (err==TIFFReadDirEntryErrOk)
4799 {
4800 if (!TIFFSetField(tif,dp->tdir_tag,data))
4801 return(0);
4802 }
4803 }
4804 break;
4805 case TIFF_SETGET_UINT32:
4806 {
4807 uint32 data;
4808 assert(fip->field_readcount==1);
4809 assert(fip->field_passcount==0);
4810 err=TIFFReadDirEntryLong(tif,dp,&data);
4811 if (err==TIFFReadDirEntryErrOk)
4812 {
4813 if (!TIFFSetField(tif,dp->tdir_tag,data))
4814 return(0);
4815 }
4816 }
4817 break;
4818 case TIFF_SETGET_UINT64:
4819 {
4820 uint64 data;
4821 assert(fip->field_readcount==1);
4822 assert(fip->field_passcount==0);
4823 err=TIFFReadDirEntryLong8(tif,dp,&data);
4824 if (err==TIFFReadDirEntryErrOk)
4825 {
4826 if (!TIFFSetField(tif,dp->tdir_tag,data))
4827 return(0);
4828 }
4829 }
4830 break;
4831 case TIFF_SETGET_FLOAT:
4832 {
4833 float data;
4834 assert(fip->field_readcount==1);
4835 assert(fip->field_passcount==0);
4836 err=TIFFReadDirEntryFloat(tif,dp,&data);
4837 if (err==TIFFReadDirEntryErrOk)
4838 {
4839 if (!TIFFSetField(tif,dp->tdir_tag,data))
4840 return(0);
4841 }
4842 }
4843 break;
4844 case TIFF_SETGET_DOUBLE:
4845 {
4846 double data;
4847 assert(fip->field_readcount==1);
4848 assert(fip->field_passcount==0);
4849 err=TIFFReadDirEntryDouble(tif,dp,&data);
4850 if (err==TIFFReadDirEntryErrOk)
4851 {
4852 if (!TIFFSetField(tif,dp->tdir_tag,data))
4853 return(0);
4854 }
4855 }
4856 break;
4857 case TIFF_SETGET_IFD8:
4858 {
4859 uint64 data;
4860 assert(fip->field_readcount==1);
4861 assert(fip->field_passcount==0);
4862 err=TIFFReadDirEntryIfd8(tif,dp,&data);
4863 if (err==TIFFReadDirEntryErrOk)
4864 {
4865 if (!TIFFSetField(tif,dp->tdir_tag,data))
4866 return(0);
4867 }
4868 }
4869 break;
4870 case TIFF_SETGET_UINT16_PAIR:
4871 {
4872 uint16* data;
4873 assert(fip->field_readcount==2);
4874 assert(fip->field_passcount==0);
4875 if (dp->tdir_count!=2) {
4876 TIFFWarningExt(tif->tif_clientdata,module,
4877 "incorrect count for field \"%s\", expected 2, got %d",
4878 fip->field_name,(int)dp->tdir_count);
4879 return(0);
4880 }
4881 err=TIFFReadDirEntryShortArray(tif,dp,&data);
4882 if (err==TIFFReadDirEntryErrOk)
4883 {
4884 int m;
4885 m=TIFFSetField(tif,dp->tdir_tag,data[0],data[1]);
4886 _TIFFfree(data);
4887 if (!m)
4888 return(0);
4889 }
4890 }
4891 break;
4892 case TIFF_SETGET_C0_UINT8:
4893 {
4894 uint8* data;
4895 assert(fip->field_readcount>=1);
4896 assert(fip->field_passcount==0);
4897 if (dp->tdir_count!=(uint64)fip->field_readcount) {
4898 TIFFWarningExt(tif->tif_clientdata,module,
4899 "incorrect count for field \"%s\", expected %d, got %d",
4900 fip->field_name,(int) fip->field_readcount, (int)dp->tdir_count);
4901 return 0;
4902 }
4903 else
4904 {
4905 err=TIFFReadDirEntryByteArray(tif,dp,&data);
4906 if (err==TIFFReadDirEntryErrOk)
4907 {
4908 int m;
4909 m=TIFFSetField(tif,dp->tdir_tag,data);
4910 if (data!=0)
4911 _TIFFfree(data);
4912 if (!m)
4913 return(0);
4914 }
4915 }
4916 }
4917 break;
4918 case TIFF_SETGET_C0_UINT16:
4919 {
4920 uint16* data;
4921 assert(fip->field_readcount>=1);
4922 assert(fip->field_passcount==0);
4923 if (dp->tdir_count!=(uint64)fip->field_readcount)
4924 /* corrupt file */;
4925 else
4926 {
4927 err=TIFFReadDirEntryShortArray(tif,dp,&data);
4928 if (err==TIFFReadDirEntryErrOk)
4929 {
4930 int m;
4931 m=TIFFSetField(tif,dp->tdir_tag,data);
4932 if (data!=0)
4933 _TIFFfree(data);
4934 if (!m)
4935 return(0);
4936 }
4937 }
4938 }
4939 break;
4940 case TIFF_SETGET_C0_UINT32:
4941 {
4942 uint32* data;
4943 assert(fip->field_readcount>=1);
4944 assert(fip->field_passcount==0);
4945 if (dp->tdir_count!=(uint64)fip->field_readcount)
4946 /* corrupt file */;
4947 else
4948 {
4949 err=TIFFReadDirEntryLongArray(tif,dp,&data);
4950 if (err==TIFFReadDirEntryErrOk)
4951 {
4952 int m;
4953 m=TIFFSetField(tif,dp->tdir_tag,data);
4954 if (data!=0)
4955 _TIFFfree(data);
4956 if (!m)
4957 return(0);
4958 }
4959 }
4960 }
4961 break;
4962 case TIFF_SETGET_C0_FLOAT:
4963 {
4964 float* data;
4965 assert(fip->field_readcount>=1);
4966 assert(fip->field_passcount==0);
4967 if (dp->tdir_count!=(uint64)fip->field_readcount)
4968 /* corrupt file */;
4969 else
4970 {
4971 err=TIFFReadDirEntryFloatArray(tif,dp,&data);
4972 if (err==TIFFReadDirEntryErrOk)
4973 {
4974 int m;
4975 m=TIFFSetField(tif,dp->tdir_tag,data);
4976 if (data!=0)
4977 _TIFFfree(data);
4978 if (!m)
4979 return(0);
4980 }
4981 }
4982 }
4983 break;
4984 case TIFF_SETGET_C16_ASCII:
4985 {
4986 uint8* data;
4987 assert(fip->field_readcount==TIFF_VARIABLE);
4988 assert(fip->field_passcount==1);
4989 if (dp->tdir_count>0xFFFF)
4990 err=TIFFReadDirEntryErrCount;
4991 else
4992 {
4993 err=TIFFReadDirEntryByteArray(tif,dp,&data);
4994 if (err==TIFFReadDirEntryErrOk)
4995 {
4996 int m;
4997 if( dp->tdir_count > 0 && data[dp->tdir_count-1] != '\0' )
4998 {
4999 TIFFWarningExt(tif->tif_clientdata,module,"ASCII value for tag \"%s\" does not end in null byte. Forcing it to be null",fip->field_name);
5000 data[dp->tdir_count-1] = '\0';
5001 }
5002 m=TIFFSetField(tif,dp->tdir_tag,(uint16)(dp->tdir_count),data);
5003 if (data!=0)
5004 _TIFFfree(data);
5005 if (!m)
5006 return(0);
5007 }
5008 }
5009 }
5010 break;
5011 case TIFF_SETGET_C16_UINT8:
5012 {
5013 uint8* data;
5014 assert(fip->field_readcount==TIFF_VARIABLE);
5015 assert(fip->field_passcount==1);
5016 if (dp->tdir_count>0xFFFF)
5017 err=TIFFReadDirEntryErrCount;
5018 else
5019 {
5020 err=TIFFReadDirEntryByteArray(tif,dp,&data);
5021 if (err==TIFFReadDirEntryErrOk)
5022 {
5023 int m;
5024 m=TIFFSetField(tif,dp->tdir_tag,(uint16)(dp->tdir_count),data);
5025 if (data!=0)
5026 _TIFFfree(data);
5027 if (!m)
5028 return(0);
5029 }
5030 }
5031 }
5032 break;
5033 case TIFF_SETGET_C16_UINT16:
5034 {
5035 uint16* data;
5036 assert(fip->field_readcount==TIFF_VARIABLE);
5037 assert(fip->field_passcount==1);
5038 if (dp->tdir_count>0xFFFF)
5039 err=TIFFReadDirEntryErrCount;
5040 else
5041 {
5042 err=TIFFReadDirEntryShortArray(tif,dp,&data);
5043 if (err==TIFFReadDirEntryErrOk)
5044 {
5045 int m;
5046 m=TIFFSetField(tif,dp->tdir_tag,(uint16)(dp->tdir_count),data);
5047 if (data!=0)
5048 _TIFFfree(data);
5049 if (!m)
5050 return(0);
5051 }
5052 }
5053 }
5054 break;
5055 case TIFF_SETGET_C16_UINT32:
5056 {
5057 uint32* data;
5058 assert(fip->field_readcount==TIFF_VARIABLE);
5059 assert(fip->field_passcount==1);
5060 if (dp->tdir_count>0xFFFF)
5061 err=TIFFReadDirEntryErrCount;
5062 else
5063 {
5064 err=TIFFReadDirEntryLongArray(tif,dp,&data);
5065 if (err==TIFFReadDirEntryErrOk)
5066 {
5067 int m;
5068 m=TIFFSetField(tif,dp->tdir_tag,(uint16)(dp->tdir_count),data);
5069 if (data!=0)
5070 _TIFFfree(data);
5071 if (!m)
5072 return(0);
5073 }
5074 }
5075 }
5076 break;
5077 case TIFF_SETGET_C16_UINT64:
5078 {
5079 uint64* data;
5080 assert(fip->field_readcount==TIFF_VARIABLE);
5081 assert(fip->field_passcount==1);
5082 if (dp->tdir_count>0xFFFF)
5083 err=TIFFReadDirEntryErrCount;
5084 else
5085 {
5086 err=TIFFReadDirEntryLong8Array(tif,dp,&data);
5087 if (err==TIFFReadDirEntryErrOk)
5088 {
5089 int m;
5090 m=TIFFSetField(tif,dp->tdir_tag,(uint16)(dp->tdir_count),data);
5091 if (data!=0)
5092 _TIFFfree(data);
5093 if (!m)
5094 return(0);
5095 }
5096 }
5097 }
5098 break;
5099 case TIFF_SETGET_C16_FLOAT:
5100 {
5101 float* data;
5102 assert(fip->field_readcount==TIFF_VARIABLE);
5103 assert(fip->field_passcount==1);
5104 if (dp->tdir_count>0xFFFF)
5105 err=TIFFReadDirEntryErrCount;
5106 else
5107 {
5108 err=TIFFReadDirEntryFloatArray(tif,dp,&data);
5109 if (err==TIFFReadDirEntryErrOk)
5110 {
5111 int m;
5112 m=TIFFSetField(tif,dp->tdir_tag,(uint16)(dp->tdir_count),data);
5113 if (data!=0)
5114 _TIFFfree(data);
5115 if (!m)
5116 return(0);
5117 }
5118 }
5119 }
5120 break;
5121 case TIFF_SETGET_C16_DOUBLE:
5122 {
5123 double* data;
5124 assert(fip->field_readcount==TIFF_VARIABLE);
5125 assert(fip->field_passcount==1);
5126 if (dp->tdir_count>0xFFFF)
5127 err=TIFFReadDirEntryErrCount;
5128 else
5129 {
5130 err=TIFFReadDirEntryDoubleArray(tif,dp,&data);
5131 if (err==TIFFReadDirEntryErrOk)
5132 {
5133 int m;
5134 m=TIFFSetField(tif,dp->tdir_tag,(uint16)(dp->tdir_count),data);
5135 if (data!=0)
5136 _TIFFfree(data);
5137 if (!m)
5138 return(0);
5139 }
5140 }
5141 }
5142 break;
5143 case TIFF_SETGET_C16_IFD8:
5144 {
5145 uint64* data;
5146 assert(fip->field_readcount==TIFF_VARIABLE);
5147 assert(fip->field_passcount==1);
5148 if (dp->tdir_count>0xFFFF)
5149 err=TIFFReadDirEntryErrCount;
5150 else
5151 {
5152 err=TIFFReadDirEntryIfd8Array(tif,dp,&data);
5153 if (err==TIFFReadDirEntryErrOk)
5154 {
5155 int m;
5156 m=TIFFSetField(tif,dp->tdir_tag,(uint16)(dp->tdir_count),data);
5157 if (data!=0)
5158 _TIFFfree(data);
5159 if (!m)
5160 return(0);
5161 }
5162 }
5163 }
5164 break;
5165 case TIFF_SETGET_C32_ASCII:
5166 {
5167 uint8* data;
5168 assert(fip->field_readcount==TIFF_VARIABLE2);
5169 assert(fip->field_passcount==1);
5170 err=TIFFReadDirEntryByteArray(tif,dp,&data);
5171 if (err==TIFFReadDirEntryErrOk)
5172 {
5173 int m;
5174 if( dp->tdir_count > 0 && data[dp->tdir_count-1] != '\0' )
5175 {
5176 TIFFWarningExt(tif->tif_clientdata,module,"ASCII value for tag \"%s\" does not end in null byte. Forcing it to be null",fip->field_name);
5177 data[dp->tdir_count-1] = '\0';
5178 }
5179 m=TIFFSetField(tif,dp->tdir_tag,(uint32)(dp->tdir_count),data);
5180 if (data!=0)
5181 _TIFFfree(data);
5182 if (!m)
5183 return(0);
5184 }
5185 }
5186 break;
5187 case TIFF_SETGET_C32_UINT8:
5188 {
5189 uint8* data;
5190 assert(fip->field_readcount==TIFF_VARIABLE2);
5191 assert(fip->field_passcount==1);
5192 err=TIFFReadDirEntryByteArray(tif,dp,&data);
5193 if (err==TIFFReadDirEntryErrOk)
5194 {
5195 int m;
5196 m=TIFFSetField(tif,dp->tdir_tag,(uint32)(dp->tdir_count),data);
5197 if (data!=0)
5198 _TIFFfree(data);
5199 if (!m)
5200 return(0);
5201 }
5202 }
5203 break;
5204 case TIFF_SETGET_C32_SINT8:
5205 {
5206 int8* data = NULL;
5207 assert(fip->field_readcount==TIFF_VARIABLE2);
5208 assert(fip->field_passcount==1);
5209 err=TIFFReadDirEntrySbyteArray(tif,dp,&data);
5210 if (err==TIFFReadDirEntryErrOk)
5211 {
5212 int m;
5213 m=TIFFSetField(tif,dp->tdir_tag,(uint32)(dp->tdir_count),data);
5214 if (data!=0)
5215 _TIFFfree(data);
5216 if (!m)
5217 return(0);
5218 }
5219 }
5220 break;
5221 case TIFF_SETGET_C32_UINT16:
5222 {
5223 uint16* data;
5224 assert(fip->field_readcount==TIFF_VARIABLE2);
5225 assert(fip->field_passcount==1);
5226 err=TIFFReadDirEntryShortArray(tif,dp,&data);
5227 if (err==TIFFReadDirEntryErrOk)
5228 {
5229 int m;
5230 m=TIFFSetField(tif,dp->tdir_tag,(uint32)(dp->tdir_count),data);
5231 if (data!=0)
5232 _TIFFfree(data);
5233 if (!m)
5234 return(0);
5235 }
5236 }
5237 break;
5238 case TIFF_SETGET_C32_SINT16:
5239 {
5240 int16* data = NULL;
5241 assert(fip->field_readcount==TIFF_VARIABLE2);
5242 assert(fip->field_passcount==1);
5243 err=TIFFReadDirEntrySshortArray(tif,dp,&data);
5244 if (err==TIFFReadDirEntryErrOk)
5245 {
5246 int m;
5247 m=TIFFSetField(tif,dp->tdir_tag,(uint32)(dp->tdir_count),data);
5248 if (data!=0)
5249 _TIFFfree(data);
5250 if (!m)
5251 return(0);
5252 }
5253 }
5254 break;
5255 case TIFF_SETGET_C32_UINT32:
5256 {
5257 uint32* data;
5258 assert(fip->field_readcount==TIFF_VARIABLE2);
5259 assert(fip->field_passcount==1);
5260 err=TIFFReadDirEntryLongArray(tif,dp,&data);
5261 if (err==TIFFReadDirEntryErrOk)
5262 {
5263 int m;
5264 m=TIFFSetField(tif,dp->tdir_tag,(uint32)(dp->tdir_count),data);
5265 if (data!=0)
5266 _TIFFfree(data);
5267 if (!m)
5268 return(0);
5269 }
5270 }
5271 break;
5272 case TIFF_SETGET_C32_SINT32:
5273 {
5274 int32* data = NULL;
5275 assert(fip->field_readcount==TIFF_VARIABLE2);
5276 assert(fip->field_passcount==1);
5277 err=TIFFReadDirEntrySlongArray(tif,dp,&data);
5278 if (err==TIFFReadDirEntryErrOk)
5279 {
5280 int m;
5281 m=TIFFSetField(tif,dp->tdir_tag,(uint32)(dp->tdir_count),data);
5282 if (data!=0)
5283 _TIFFfree(data);
5284 if (!m)
5285 return(0);
5286 }
5287 }
5288 break;
5289 case TIFF_SETGET_C32_UINT64:
5290 {
5291 uint64* data;
5292 assert(fip->field_readcount==TIFF_VARIABLE2);
5293 assert(fip->field_passcount==1);
5294 err=TIFFReadDirEntryLong8Array(tif,dp,&data);
5295 if (err==TIFFReadDirEntryErrOk)
5296 {
5297 int m;
5298 m=TIFFSetField(tif,dp->tdir_tag,(uint32)(dp->tdir_count),data);
5299 if (data!=0)
5300 _TIFFfree(data);
5301 if (!m)
5302 return(0);
5303 }
5304 }
5305 break;
5306 case TIFF_SETGET_C32_SINT64:
5307 {
5308 int64* data = NULL;
5309 assert(fip->field_readcount==TIFF_VARIABLE2);
5310 assert(fip->field_passcount==1);
5311 err=TIFFReadDirEntrySlong8Array(tif,dp,&data);
5312 if (err==TIFFReadDirEntryErrOk)
5313 {
5314 int m;
5315 m=TIFFSetField(tif,dp->tdir_tag,(uint32)(dp->tdir_count),data);
5316 if (data!=0)
5317 _TIFFfree(data);
5318 if (!m)
5319 return(0);
5320 }
5321 }
5322 break;
5323 case TIFF_SETGET_C32_FLOAT:
5324 {
5325 float* data;
5326 assert(fip->field_readcount==TIFF_VARIABLE2);
5327 assert(fip->field_passcount==1);
5328 err=TIFFReadDirEntryFloatArray(tif,dp,&data);
5329 if (err==TIFFReadDirEntryErrOk)
5330 {
5331 int m;
5332 m=TIFFSetField(tif,dp->tdir_tag,(uint32)(dp->tdir_count),data);
5333 if (data!=0)
5334 _TIFFfree(data);
5335 if (!m)
5336 return(0);
5337 }
5338 }
5339 break;
5340 case TIFF_SETGET_C32_DOUBLE:
5341 {
5342 double* data;
5343 assert(fip->field_readcount==TIFF_VARIABLE2);
5344 assert(fip->field_passcount==1);
5345 err=TIFFReadDirEntryDoubleArray(tif,dp,&data);
5346 if (err==TIFFReadDirEntryErrOk)
5347 {
5348 int m;
5349 m=TIFFSetField(tif,dp->tdir_tag,(uint32)(dp->tdir_count),data);
5350 if (data!=0)
5351 _TIFFfree(data);
5352 if (!m)
5353 return(0);
5354 }
5355 }
5356 break;
5357 case TIFF_SETGET_C32_IFD8:
5358 {
5359 uint64* data;
5360 assert(fip->field_readcount==TIFF_VARIABLE2);
5361 assert(fip->field_passcount==1);
5362 err=TIFFReadDirEntryIfd8Array(tif,dp,&data);
5363 if (err==TIFFReadDirEntryErrOk)
5364 {
5365 int m;
5366 m=TIFFSetField(tif,dp->tdir_tag,(uint32)(dp->tdir_count),data);
5367 if (data!=0)
5368 _TIFFfree(data);
5369 if (!m)
5370 return(0);
5371 }
5372 }
5373 break;
5374 default:
5375 assert(0); /* we should never get here */
5376 break;
5377 }
5378 if (err!=TIFFReadDirEntryErrOk)
5379 {
5380 TIFFReadDirEntryOutputErr(tif,err,module,fip->field_name,recover);
5381 return(0);
5382 }
5383 return(1);
5384 }
5385
5386 /*
5387 * Fetch a set of offsets or lengths.
5388 * While this routine says "strips", in fact it's also used for tiles.
5389 */
5390 static int
TIFFFetchStripThing(TIFF * tif,TIFFDirEntry * dir,uint32 nstrips,uint64 ** lpp)5391 TIFFFetchStripThing(TIFF* tif, TIFFDirEntry* dir, uint32 nstrips, uint64** lpp)
5392 {
5393 static const char module[] = "TIFFFetchStripThing";
5394 enum TIFFReadDirEntryErr err;
5395 uint64* data;
5396 _TIFFfree(*lpp);
5397 *lpp = 0;
5398 err=TIFFReadDirEntryLong8Array(tif,dir,&data);
5399 if (err!=TIFFReadDirEntryErrOk)
5400 {
5401 const TIFFField* fip = TIFFFieldWithTag(tif,dir->tdir_tag);
5402 TIFFReadDirEntryOutputErr(tif,err,module,fip ? fip->field_name : "unknown tagname",0);
5403 return(0);
5404 }
5405 if (dir->tdir_count!=(uint64)nstrips)
5406 {
5407 uint64* resizeddata;
5408 resizeddata=(uint64*)_TIFFCheckMalloc(tif,nstrips,sizeof(uint64),"for strip array");
5409 if (resizeddata==0) {
5410 _TIFFfree(data);
5411 return(0);
5412 }
5413 if (dir->tdir_count<(uint64)nstrips)
5414 {
5415 _TIFFmemcpy(resizeddata,data,(uint32)dir->tdir_count*sizeof(uint64));
5416 _TIFFmemset(resizeddata+(uint32)dir->tdir_count,0,(nstrips-(uint32)dir->tdir_count)*sizeof(uint64));
5417 }
5418 else
5419 _TIFFmemcpy(resizeddata,data,nstrips*sizeof(uint64));
5420 _TIFFfree(data);
5421 data=resizeddata;
5422 }
5423 *lpp=data;
5424 return(1);
5425 }
5426
5427 /*
5428 * Fetch and set the SubjectDistance EXIF tag.
5429 */
5430 static int
TIFFFetchSubjectDistance(TIFF * tif,TIFFDirEntry * dir)5431 TIFFFetchSubjectDistance(TIFF* tif, TIFFDirEntry* dir)
5432 {
5433 static const char module[] = "TIFFFetchSubjectDistance";
5434 enum TIFFReadDirEntryErr err;
5435 UInt64Aligned_t m;
5436 m.l=0;
5437 assert(sizeof(double)==8);
5438 assert(sizeof(uint64)==8);
5439 assert(sizeof(uint32)==4);
5440 if (dir->tdir_count!=1)
5441 err=TIFFReadDirEntryErrCount;
5442 else if (dir->tdir_type!=TIFF_RATIONAL)
5443 err=TIFFReadDirEntryErrType;
5444 else
5445 {
5446 if (!(tif->tif_flags&TIFF_BIGTIFF))
5447 {
5448 uint32 offset;
5449 offset=*(uint32*)(&dir->tdir_offset);
5450 if (tif->tif_flags&TIFF_SWAB)
5451 TIFFSwabLong(&offset);
5452 err=TIFFReadDirEntryData(tif,offset,8,m.i);
5453 }
5454 else
5455 {
5456 m.l=dir->tdir_offset.toff_long8;
5457 err=TIFFReadDirEntryErrOk;
5458 }
5459 }
5460 if (err==TIFFReadDirEntryErrOk)
5461 {
5462 double n;
5463 if (tif->tif_flags&TIFF_SWAB)
5464 TIFFSwabArrayOfLong(m.i,2);
5465 if (m.i[0]==0)
5466 n=0.0;
5467 else if (m.i[0]==0xFFFFFFFF)
5468 /*
5469 * XXX: Numerator 0xFFFFFFFF means that we have infinite
5470 * distance. Indicate that with a negative floating point
5471 * SubjectDistance value.
5472 */
5473 n=-1.0;
5474 else
5475 n=(double)m.i[0]/(double)m.i[1];
5476 return(TIFFSetField(tif,dir->tdir_tag,n));
5477 }
5478 else
5479 {
5480 TIFFReadDirEntryOutputErr(tif,err,module,"SubjectDistance",TRUE);
5481 return(0);
5482 }
5483 }
5484
5485 /*
5486 * Replace a single strip (tile) of uncompressed data by multiple strips
5487 * (tiles), each approximately STRIP_SIZE_DEFAULT bytes. This is useful for
5488 * dealing with large images or for dealing with machines with a limited
5489 * amount memory.
5490 */
5491 static void
ChopUpSingleUncompressedStrip(TIFF * tif)5492 ChopUpSingleUncompressedStrip(TIFF* tif)
5493 {
5494 register TIFFDirectory *td = &tif->tif_dir;
5495 uint64 bytecount;
5496 uint64 offset;
5497 uint32 rowblock;
5498 uint64 rowblockbytes;
5499 uint64 stripbytes;
5500 uint32 strip;
5501 uint64 nstrips64;
5502 uint32 nstrips32;
5503 uint32 rowsperstrip;
5504 uint64* newcounts;
5505 uint64* newoffsets;
5506
5507 bytecount = td->td_stripbytecount[0];
5508 offset = td->td_stripoffset[0];
5509 assert(td->td_planarconfig == PLANARCONFIG_CONTIG);
5510 if ((td->td_photometric == PHOTOMETRIC_YCBCR)&&
5511 (!isUpSampled(tif)))
5512 rowblock = td->td_ycbcrsubsampling[1];
5513 else
5514 rowblock = 1;
5515 rowblockbytes = TIFFVTileSize64(tif, rowblock);
5516 /*
5517 * Make the rows hold at least one scanline, but fill specified amount
5518 * of data if possible.
5519 */
5520 if (rowblockbytes > STRIP_SIZE_DEFAULT) {
5521 stripbytes = rowblockbytes;
5522 rowsperstrip = rowblock;
5523 } else if (rowblockbytes > 0 ) {
5524 uint32 rowblocksperstrip;
5525 rowblocksperstrip = (uint32) (STRIP_SIZE_DEFAULT / rowblockbytes);
5526 rowsperstrip = rowblocksperstrip * rowblock;
5527 stripbytes = rowblocksperstrip * rowblockbytes;
5528 }
5529 else
5530 return;
5531
5532 /*
5533 * never increase the number of strips in an image
5534 */
5535 if (rowsperstrip >= td->td_rowsperstrip)
5536 return;
5537 nstrips64 = TIFFhowmany_64(bytecount, stripbytes);
5538 if ((nstrips64==0)||(nstrips64>0xFFFFFFFF)) /* something is wonky, do nothing. */
5539 return;
5540 nstrips32 = (uint32)nstrips64;
5541
5542 newcounts = (uint64*) _TIFFCheckMalloc(tif, nstrips32, sizeof (uint64),
5543 "for chopped \"StripByteCounts\" array");
5544 newoffsets = (uint64*) _TIFFCheckMalloc(tif, nstrips32, sizeof (uint64),
5545 "for chopped \"StripOffsets\" array");
5546 if (newcounts == NULL || newoffsets == NULL) {
5547 /*
5548 * Unable to allocate new strip information, give up and use
5549 * the original one strip information.
5550 */
5551 if (newcounts != NULL)
5552 _TIFFfree(newcounts);
5553 if (newoffsets != NULL)
5554 _TIFFfree(newoffsets);
5555 return;
5556 }
5557 /*
5558 * Fill the strip information arrays with new bytecounts and offsets
5559 * that reflect the broken-up format.
5560 */
5561 for (strip = 0; strip < nstrips32; strip++) {
5562 if (stripbytes > bytecount)
5563 stripbytes = bytecount;
5564 newcounts[strip] = stripbytes;
5565 newoffsets[strip] = offset;
5566 offset += stripbytes;
5567 bytecount -= stripbytes;
5568 }
5569 /*
5570 * Replace old single strip info with multi-strip info.
5571 */
5572 td->td_stripsperimage = td->td_nstrips = nstrips32;
5573 TIFFSetField(tif, TIFFTAG_ROWSPERSTRIP, rowsperstrip);
5574
5575 _TIFFfree(td->td_stripbytecount);
5576 _TIFFfree(td->td_stripoffset);
5577 td->td_stripbytecount = newcounts;
5578 td->td_stripoffset = newoffsets;
5579 td->td_stripbytecountsorted = 1;
5580 }
5581
_TIFFFillStriles(TIFF * tif)5582 int _TIFFFillStriles( TIFF *tif )
5583 {
5584 #if defined(DEFER_STRILE_LOAD)
5585 register TIFFDirectory *td = &tif->tif_dir;
5586 int return_value = 1;
5587
5588 if( td->td_stripoffset != NULL )
5589 return 1;
5590
5591 if( td->td_stripoffset_entry.tdir_count == 0 )
5592 return 0;
5593
5594 if (!TIFFFetchStripThing(tif,&(td->td_stripoffset_entry),
5595 td->td_nstrips,&td->td_stripoffset))
5596 {
5597 return_value = 0;
5598 }
5599
5600 if (!TIFFFetchStripThing(tif,&(td->td_stripbytecount_entry),
5601 td->td_nstrips,&td->td_stripbytecount))
5602 {
5603 return_value = 0;
5604 }
5605
5606 _TIFFmemset( &(td->td_stripoffset_entry), 0, sizeof(TIFFDirEntry));
5607 _TIFFmemset( &(td->td_stripbytecount_entry), 0, sizeof(TIFFDirEntry));
5608
5609 if (tif->tif_dir.td_nstrips > 1 && return_value == 1 ) {
5610 uint32 strip;
5611
5612 tif->tif_dir.td_stripbytecountsorted = 1;
5613 for (strip = 1; strip < tif->tif_dir.td_nstrips; strip++) {
5614 if (tif->tif_dir.td_stripoffset[strip - 1] >
5615 tif->tif_dir.td_stripoffset[strip]) {
5616 tif->tif_dir.td_stripbytecountsorted = 0;
5617 break;
5618 }
5619 }
5620 }
5621
5622 return return_value;
5623 #else /* !defined(DEFER_STRILE_LOAD) */
5624 (void) tif;
5625 return 1;
5626 #endif
5627 }
5628
5629
5630 /* vim: set ts=8 sts=8 sw=8 noet: */
5631 /*
5632 * Local Variables:
5633 * mode: c
5634 * c-basic-offset: 8
5635 * fill-column: 78
5636 * End:
5637 */
5638