1/* 2 * Copyright (C) 2006 Apple Computer, Inc. 3 * Copyright (C) 2007-2009 Torch Mobile, Inc. 4 * Copyright (C) Research In Motion Limited 2009-2010. All rights reserved. 5 * 6 * Portions are Copyright (C) 2001 mozilla.org 7 * 8 * Other contributors: 9 * Stuart Parmenter <stuart@mozilla.com> 10 * 11 * This library is free software; you can redistribute it and/or 12 * modify it under the terms of the GNU Lesser General Public 13 * License as published by the Free Software Foundation; either 14 * version 2.1 of the License, or (at your option) any later version. 15 * 16 * This library is distributed in the hope that it will be useful, 17 * but WITHOUT ANY WARRANTY; without even the implied warranty of 18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 19 * Lesser General Public License for more details. 20 * 21 * You should have received a copy of the GNU Lesser General Public 22 * License along with this library; if not, write to the Free Software 23 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA 24 * 25 * Alternatively, the contents of this file may be used under the terms 26 * of either the Mozilla Public License Version 1.1, found at 27 * http://www.mozilla.org/MPL/ (the "MPL") or the GNU General Public 28 * License Version 2.0, found at http://www.fsf.org/copyleft/gpl.html 29 * (the "GPL"), in which case the provisions of the MPL or the GPL are 30 * applicable instead of those above. If you wish to allow use of your 31 * version of this file only under the terms of one of those two 32 * licenses (the MPL or the GPL) and not to allow others to use your 33 * version of this file under the LGPL, indicate your decision by 34 * deletingthe provisions above and replace them with the notice and 35 * other provisions required by the MPL or the GPL, as the case may be. 36 * If you do not delete the provisions above, a recipient may use your 37 * version of this file under any of the LGPL, the MPL or the GPL. 38 */ 39 40#include "config.h" 41#include "PNGImageDecoder.h" 42 43#include "Color.h" 44#include "PlatformInstrumentation.h" 45#include "png.h" 46#include <wtf/OwnArrayPtr.h> 47#include <wtf/PassOwnPtr.h> 48 49#if USE(QCMSLIB) 50#include "qcms.h" 51#endif 52 53#if defined(PNG_LIBPNG_VER_MAJOR) && defined(PNG_LIBPNG_VER_MINOR) && (PNG_LIBPNG_VER_MAJOR > 1 || (PNG_LIBPNG_VER_MAJOR == 1 && PNG_LIBPNG_VER_MINOR >= 4)) 54#define JMPBUF(png_ptr) png_jmpbuf(png_ptr) 55#else 56#define JMPBUF(png_ptr) png_ptr->jmpbuf 57#endif 58 59namespace WebCore { 60 61// Gamma constants. 62const double cMaxGamma = 21474.83; 63const double cDefaultGamma = 2.2; 64const double cInverseGamma = 0.45455; 65 66// Protect against large PNGs. See Mozilla's bug #251381 for more info. 67const unsigned long cMaxPNGSize = 1000000UL; 68 69// Called if the decoding of the image fails. 70#if PLATFORM(QT) 71static void PNGAPI decodingFailed(png_structp, png_const_charp) NO_RETURN; 72#endif 73static void PNGAPI decodingFailed(png_structp png, png_const_charp) 74{ 75 longjmp(JMPBUF(png), 1); 76} 77 78// Callbacks given to the read struct. The first is for warnings (we want to 79// treat a particular warning as an error, which is why we have to register this 80// callback). 81static void PNGAPI decodingWarning(png_structp png, png_const_charp warningMsg) 82{ 83 // Mozilla did this, so we will too. 84 // Convert a tRNS warning to be an error (see 85 // http://bugzilla.mozilla.org/show_bug.cgi?id=251381 ) 86 if (!strncmp(warningMsg, "Missing PLTE before tRNS", 24)) 87 png_error(png, warningMsg); 88} 89 90// Called when we have obtained the header information (including the size). 91static void PNGAPI headerAvailable(png_structp png, png_infop) 92{ 93 static_cast<PNGImageDecoder*>(png_get_progressive_ptr(png))->headerAvailable(); 94} 95 96// Called when a row is ready. 97static void PNGAPI rowAvailable(png_structp png, png_bytep rowBuffer, png_uint_32 rowIndex, int interlacePass) 98{ 99 static_cast<PNGImageDecoder*>(png_get_progressive_ptr(png))->rowAvailable(rowBuffer, rowIndex, interlacePass); 100} 101 102// Called when we have completely finished decoding the image. 103static void PNGAPI pngComplete(png_structp png, png_infop) 104{ 105 static_cast<PNGImageDecoder*>(png_get_progressive_ptr(png))->pngComplete(); 106} 107 108class PNGImageReader { 109 WTF_MAKE_FAST_ALLOCATED; 110public: 111 PNGImageReader(PNGImageDecoder* decoder) 112 : m_readOffset(0) 113 , m_currentBufferSize(0) 114 , m_decodingSizeOnly(false) 115 , m_hasAlpha(false) 116 , m_interlaceBuffer(0) 117#if USE(QCMSLIB) 118 , m_transform(0) 119 , m_rowBuffer() 120#endif 121 { 122 m_png = png_create_read_struct(PNG_LIBPNG_VER_STRING, 0, decodingFailed, decodingWarning); 123 m_info = png_create_info_struct(m_png); 124 png_set_progressive_read_fn(m_png, decoder, headerAvailable, rowAvailable, pngComplete); 125 } 126 127 ~PNGImageReader() 128 { 129 close(); 130 } 131 132 void close() 133 { 134 if (m_png && m_info) 135 // This will zero the pointers. 136 png_destroy_read_struct(&m_png, &m_info, 0); 137#if USE(QCMSLIB) 138 if (m_transform) 139 qcms_transform_release(m_transform); 140 m_transform = 0; 141#endif 142 delete[] m_interlaceBuffer; 143 m_interlaceBuffer = 0; 144 m_readOffset = 0; 145 } 146 147 bool decode(const SharedBuffer& data, bool sizeOnly) 148 { 149 m_decodingSizeOnly = sizeOnly; 150 PNGImageDecoder* decoder = static_cast<PNGImageDecoder*>(png_get_progressive_ptr(m_png)); 151 152 // We need to do the setjmp here. Otherwise bad things will happen. 153 if (setjmp(JMPBUF(m_png))) 154 return decoder->setFailed(); 155 156 const char* segment; 157 while (unsigned segmentLength = data.getSomeData(segment, m_readOffset)) { 158 m_readOffset += segmentLength; 159 m_currentBufferSize = m_readOffset; 160 png_process_data(m_png, m_info, reinterpret_cast<png_bytep>(const_cast<char*>(segment)), segmentLength); 161 // We explicitly specify the superclass isSizeAvailable() because we 162 // merely want to check if we've managed to set the size, not 163 // (recursively) trigger additional decoding if we haven't. 164 if (sizeOnly ? decoder->ImageDecoder::isSizeAvailable() : decoder->isComplete()) 165 return true; 166 } 167 return false; 168 } 169 170 png_structp pngPtr() const { return m_png; } 171 png_infop infoPtr() const { return m_info; } 172 173 void setReadOffset(unsigned offset) { m_readOffset = offset; } 174 unsigned currentBufferSize() const { return m_currentBufferSize; } 175 bool decodingSizeOnly() const { return m_decodingSizeOnly; } 176 void setHasAlpha(bool hasAlpha) { m_hasAlpha = hasAlpha; } 177 bool hasAlpha() const { return m_hasAlpha; } 178 179 png_bytep interlaceBuffer() const { return m_interlaceBuffer; } 180 void createInterlaceBuffer(int size) { m_interlaceBuffer = new png_byte[size]; } 181#if USE(QCMSLIB) 182 png_bytep rowBuffer() const { return m_rowBuffer.get(); } 183 void createRowBuffer(int size) { m_rowBuffer = adoptArrayPtr(new png_byte[size]); } 184 qcms_transform* colorTransform() const { return m_transform; } 185 186 void createColorTransform(const ColorProfile& colorProfile, bool hasAlpha) 187 { 188 if (m_transform) 189 qcms_transform_release(m_transform); 190 m_transform = 0; 191 192 if (colorProfile.isEmpty()) 193 return; 194 qcms_profile* deviceProfile = ImageDecoder::qcmsOutputDeviceProfile(); 195 if (!deviceProfile) 196 return; 197 qcms_profile* inputProfile = qcms_profile_from_memory(colorProfile.data(), colorProfile.size()); 198 if (!inputProfile) 199 return; 200 // We currently only support color profiles for RGB and RGBA images. 201 ASSERT(icSigRgbData == qcms_profile_get_color_space(inputProfile)); 202 qcms_data_type dataFormat = hasAlpha ? QCMS_DATA_RGBA_8 : QCMS_DATA_RGB_8; 203 // FIXME: Don't force perceptual intent if the image profile contains an intent. 204 m_transform = qcms_transform_create(inputProfile, dataFormat, deviceProfile, dataFormat, QCMS_INTENT_PERCEPTUAL); 205 qcms_profile_release(inputProfile); 206 } 207#endif 208 209private: 210 png_structp m_png; 211 png_infop m_info; 212 unsigned m_readOffset; 213 unsigned m_currentBufferSize; 214 bool m_decodingSizeOnly; 215 bool m_hasAlpha; 216 png_bytep m_interlaceBuffer; 217#if USE(QCMSLIB) 218 qcms_transform* m_transform; 219 OwnArrayPtr<png_byte> m_rowBuffer; 220#endif 221}; 222 223PNGImageDecoder::PNGImageDecoder(ImageSource::AlphaOption alphaOption, 224 ImageSource::GammaAndColorProfileOption gammaAndColorProfileOption) 225 : ImageDecoder(alphaOption, gammaAndColorProfileOption) 226 , m_doNothingOnFailure(false) 227{ 228} 229 230PNGImageDecoder::~PNGImageDecoder() 231{ 232} 233 234bool PNGImageDecoder::isSizeAvailable() 235{ 236 if (!ImageDecoder::isSizeAvailable()) 237 decode(true); 238 239 return ImageDecoder::isSizeAvailable(); 240} 241 242bool PNGImageDecoder::setSize(unsigned width, unsigned height) 243{ 244 if (!ImageDecoder::setSize(width, height)) 245 return false; 246 247 prepareScaleDataIfNecessary(); 248 return true; 249} 250 251ImageFrame* PNGImageDecoder::frameBufferAtIndex(size_t index) 252{ 253 if (index) 254 return 0; 255 256 if (m_frameBufferCache.isEmpty()) { 257 m_frameBufferCache.resize(1); 258 m_frameBufferCache[0].setPremultiplyAlpha(m_premultiplyAlpha); 259 } 260 261 ImageFrame& frame = m_frameBufferCache[0]; 262 if (frame.status() != ImageFrame::FrameComplete) { 263 PlatformInstrumentation::willDecodeImage("PNG"); 264 decode(false); 265 PlatformInstrumentation::didDecodeImage(); 266 } 267 return &frame; 268} 269 270bool PNGImageDecoder::setFailed() 271{ 272 if (m_doNothingOnFailure) 273 return false; 274 m_reader.clear(); 275 return ImageDecoder::setFailed(); 276} 277 278static void readColorProfile(png_structp png, png_infop info, ColorProfile& colorProfile) 279{ 280 ASSERT(colorProfile.isEmpty()); 281 282#ifdef PNG_iCCP_SUPPORTED 283 char* profileName; 284 int compressionType; 285#if (PNG_LIBPNG_VER < 10500) 286 png_charp profile; 287#else 288 png_bytep profile; 289#endif 290 png_uint_32 profileLength; 291 if (!png_get_iCCP(png, info, &profileName, &compressionType, &profile, &profileLength)) 292 return; 293 294 // Only accept RGB color profiles from input class devices. 295 bool ignoreProfile = false; 296 char* profileData = reinterpret_cast<char*>(profile); 297 if (profileLength < ImageDecoder::iccColorProfileHeaderLength) 298 ignoreProfile = true; 299 else if (!ImageDecoder::rgbColorProfile(profileData, profileLength)) 300 ignoreProfile = true; 301 else if (!ImageDecoder::inputDeviceColorProfile(profileData, profileLength)) 302 ignoreProfile = true; 303 304 if (!ignoreProfile) 305 colorProfile.append(profileData, profileLength); 306#endif 307} 308 309void PNGImageDecoder::headerAvailable() 310{ 311 png_structp png = m_reader->pngPtr(); 312 png_infop info = m_reader->infoPtr(); 313 png_uint_32 width = png_get_image_width(png, info); 314 png_uint_32 height = png_get_image_height(png, info); 315 316 // Protect against large images. 317 if (width > cMaxPNGSize || height > cMaxPNGSize) { 318 longjmp(JMPBUF(png), 1); 319 return; 320 } 321 322 // We can fill in the size now that the header is available. Avoid memory 323 // corruption issues by neutering setFailed() during this call; if we don't 324 // do this, failures will cause |m_reader| to be deleted, and our jmpbuf 325 // will cease to exist. Note that we'll still properly set the failure flag 326 // in this case as soon as we longjmp(). 327 m_doNothingOnFailure = true; 328 bool result = setSize(width, height); 329 m_doNothingOnFailure = false; 330 if (!result) { 331 longjmp(JMPBUF(png), 1); 332 return; 333 } 334 335 int bitDepth, colorType, interlaceType, compressionType, filterType, channels; 336 png_get_IHDR(png, info, &width, &height, &bitDepth, &colorType, &interlaceType, &compressionType, &filterType); 337 338 // The options we set here match what Mozilla does. 339 340 // Expand to ensure we use 24-bit for RGB and 32-bit for RGBA. 341 if (colorType == PNG_COLOR_TYPE_PALETTE || (colorType == PNG_COLOR_TYPE_GRAY && bitDepth < 8)) 342 png_set_expand(png); 343 344 png_bytep trns = 0; 345 int trnsCount = 0; 346 if (png_get_valid(png, info, PNG_INFO_tRNS)) { 347 png_get_tRNS(png, info, &trns, &trnsCount, 0); 348 png_set_expand(png); 349 } 350 351 if (bitDepth == 16) 352 png_set_strip_16(png); 353 354 if (colorType == PNG_COLOR_TYPE_GRAY || colorType == PNG_COLOR_TYPE_GRAY_ALPHA) 355 png_set_gray_to_rgb(png); 356 357 if ((colorType & PNG_COLOR_MASK_COLOR) && !m_ignoreGammaAndColorProfile) { 358 // We only support color profiles for color PALETTE and RGB[A] PNG. Supporting 359 // color profiles for gray-scale images is slightly tricky, at least using the 360 // CoreGraphics ICC library, because we expand gray-scale images to RGB but we 361 // do not similarly transform the color profile. We'd either need to transform 362 // the color profile or we'd need to decode into a gray-scale image buffer and 363 // hand that to CoreGraphics. 364 readColorProfile(png, info, m_colorProfile); 365#if USE(QCMSLIB) 366 bool decodedImageHasAlpha = (colorType & PNG_COLOR_MASK_ALPHA) || trnsCount; 367 m_reader->createColorTransform(m_colorProfile, decodedImageHasAlpha); 368 m_colorProfile.clear(); 369#endif 370 } 371 372 // Deal with gamma and keep it under our control. 373 double gamma; 374 if (!m_ignoreGammaAndColorProfile && png_get_gAMA(png, info, &gamma)) { 375 if ((gamma <= 0.0) || (gamma > cMaxGamma)) { 376 gamma = cInverseGamma; 377 png_set_gAMA(png, info, gamma); 378 } 379 png_set_gamma(png, cDefaultGamma, gamma); 380 } else 381 png_set_gamma(png, cDefaultGamma, cInverseGamma); 382 383 // Tell libpng to send us rows for interlaced pngs. 384 if (interlaceType == PNG_INTERLACE_ADAM7) 385 png_set_interlace_handling(png); 386 387 // Update our info now. 388 png_read_update_info(png, info); 389 channels = png_get_channels(png, info); 390 ASSERT(channels == 3 || channels == 4); 391 392 m_reader->setHasAlpha(channels == 4); 393 394 if (m_reader->decodingSizeOnly()) { 395 // If we only needed the size, halt the reader. 396#if defined(PNG_LIBPNG_VER_MAJOR) && defined(PNG_LIBPNG_VER_MINOR) && (PNG_LIBPNG_VER_MAJOR > 1 || (PNG_LIBPNG_VER_MAJOR == 1 && PNG_LIBPNG_VER_MINOR >= 5)) 397 // '0' argument to png_process_data_pause means: Do not cache unprocessed data. 398 m_reader->setReadOffset(m_reader->currentBufferSize() - png_process_data_pause(png, 0)); 399#else 400 m_reader->setReadOffset(m_reader->currentBufferSize() - png->buffer_size); 401 png->buffer_size = 0; 402#endif 403 } 404} 405 406static inline void setPixelRGB(ImageFrame::PixelData* dest, png_bytep pixel) 407{ 408 *dest = 0xFF000000U | pixel[0] << 16 | pixel[1] << 8 | pixel[2]; 409} 410 411static inline void setPixelRGBA(ImageFrame::PixelData* dest, png_bytep pixel, unsigned char& nonTrivialAlphaMask) 412{ 413 unsigned char a = pixel[3]; 414 *dest = a << 24 | pixel[0] << 16 | pixel[1] << 8 | pixel[2]; 415 nonTrivialAlphaMask |= (255 - a); 416} 417 418static inline void setPixelPremultipliedRGBA(ImageFrame::PixelData* dest, png_bytep pixel, unsigned char& nonTrivialAlphaMask) 419{ 420 unsigned char a = pixel[3]; 421 unsigned char r = fastDivideBy255(pixel[0] * a); 422 unsigned char g = fastDivideBy255(pixel[1] * a); 423 unsigned char b = fastDivideBy255(pixel[2] * a); 424 425 *dest = a << 24 | r << 16 | g << 8 | b; 426 nonTrivialAlphaMask |= (255 - a); 427} 428 429void PNGImageDecoder::rowAvailable(unsigned char* rowBuffer, unsigned rowIndex, int) 430{ 431 if (m_frameBufferCache.isEmpty()) 432 return; 433 434 // Initialize the framebuffer if needed. 435 ImageFrame& buffer = m_frameBufferCache[0]; 436 if (buffer.status() == ImageFrame::FrameEmpty) { 437 png_structp png = m_reader->pngPtr(); 438 if (!buffer.setSize(scaledSize().width(), scaledSize().height())) { 439 longjmp(JMPBUF(png), 1); 440 return; 441 } 442 443 unsigned colorChannels = m_reader->hasAlpha() ? 4 : 3; 444 if (PNG_INTERLACE_ADAM7 == png_get_interlace_type(png, m_reader->infoPtr())) { 445 m_reader->createInterlaceBuffer(colorChannels * size().width() * size().height()); 446 if (!m_reader->interlaceBuffer()) { 447 longjmp(JMPBUF(png), 1); 448 return; 449 } 450 } 451 452#if USE(QCMSLIB) 453 if (m_reader->colorTransform()) { 454 m_reader->createRowBuffer(colorChannels * size().width()); 455 if (!m_reader->rowBuffer()) { 456 longjmp(JMPBUF(png), 1); 457 return; 458 } 459 } 460#endif 461 buffer.setStatus(ImageFrame::FramePartial); 462 buffer.setHasAlpha(false); 463 buffer.setColorProfile(m_colorProfile); 464 465 // For PNGs, the frame always fills the entire image. 466 buffer.setOriginalFrameRect(IntRect(IntPoint(), size())); 467 } 468 469 /* libpng comments (here to explain what follows). 470 * 471 * this function is called for every row in the image. If the 472 * image is interlacing, and you turned on the interlace handler, 473 * this function will be called for every row in every pass. 474 * Some of these rows will not be changed from the previous pass. 475 * When the row is not changed, the new_row variable will be NULL. 476 * The rows and passes are called in order, so you don't really 477 * need the row_num and pass, but I'm supplying them because it 478 * may make your life easier. 479 */ 480 481 // Nothing to do if the row is unchanged, or the row is outside 482 // the image bounds: libpng may send extra rows, ignore them to 483 // make our lives easier. 484 if (!rowBuffer) 485 return; 486 int y = !m_scaled ? rowIndex : scaledY(rowIndex); 487 if (y < 0 || y >= scaledSize().height()) 488 return; 489 490 /* libpng comments (continued). 491 * 492 * For the non-NULL rows of interlaced images, you must call 493 * png_progressive_combine_row() passing in the row and the 494 * old row. You can call this function for NULL rows (it will 495 * just return) and for non-interlaced images (it just does the 496 * memcpy for you) if it will make the code easier. Thus, you 497 * can just do this for all cases: 498 * 499 * png_progressive_combine_row(png_ptr, old_row, new_row); 500 * 501 * where old_row is what was displayed for previous rows. Note 502 * that the first pass (pass == 0 really) will completely cover 503 * the old row, so the rows do not have to be initialized. After 504 * the first pass (and only for interlaced images), you will have 505 * to pass the current row, and the function will combine the 506 * old row and the new row. 507 */ 508 509 bool hasAlpha = m_reader->hasAlpha(); 510 unsigned colorChannels = hasAlpha ? 4 : 3; 511 png_bytep row = rowBuffer; 512 513 if (png_bytep interlaceBuffer = m_reader->interlaceBuffer()) { 514 row = interlaceBuffer + (rowIndex * colorChannels * size().width()); 515 png_progressive_combine_row(m_reader->pngPtr(), row, rowBuffer); 516 } 517 518#if USE(QCMSLIB) 519 if (qcms_transform* transform = m_reader->colorTransform()) { 520 qcms_transform_data(transform, row, m_reader->rowBuffer(), size().width()); 521 row = m_reader->rowBuffer(); 522 } 523#endif 524 525 // Write the decoded row pixels to the frame buffer. 526 ImageFrame::PixelData* address = buffer.getAddr(0, y); 527 int width = scaledSize().width(); 528 unsigned char nonTrivialAlphaMask = 0; 529 530#if ENABLE(IMAGE_DECODER_DOWN_SAMPLING) 531 if (m_scaled) { 532 for (int x = 0; x < width; ++x) { 533 png_bytep pixel = row + m_scaledColumns[x] * colorChannels; 534 unsigned alpha = hasAlpha ? pixel[3] : 255; 535 buffer.setRGBA(address++, pixel[0], pixel[1], pixel[2], alpha); 536 nonTrivialAlphaMask |= (255 - alpha); 537 } 538 } else 539#endif 540 { 541 png_bytep pixel = row; 542 if (hasAlpha) { 543 if (buffer.premultiplyAlpha()) { 544 for (int x = 0; x < width; ++x, pixel += 4) 545 setPixelPremultipliedRGBA(address++, pixel, nonTrivialAlphaMask); 546 } else { 547 for (int x = 0; x < width; ++x, pixel += 4) 548 setPixelRGBA(address++, pixel, nonTrivialAlphaMask); 549 } 550 } else { 551 for (int x = 0; x < width; ++x, pixel += 3) 552 setPixelRGB(address++, pixel); 553 } 554 } 555 556 557 if (nonTrivialAlphaMask && !buffer.hasAlpha()) 558 buffer.setHasAlpha(true); 559} 560 561void PNGImageDecoder::pngComplete() 562{ 563 if (!m_frameBufferCache.isEmpty()) 564 m_frameBufferCache.first().setStatus(ImageFrame::FrameComplete); 565} 566 567void PNGImageDecoder::decode(bool onlySize) 568{ 569 if (failed()) 570 return; 571 572 if (!m_reader) 573 m_reader = adoptPtr(new PNGImageReader(this)); 574 575 // If we couldn't decode the image but we've received all the data, decoding 576 // has failed. 577 if (!m_reader->decode(*m_data, onlySize) && isAllDataReceived()) 578 setFailed(); 579 // If we're done decoding the image, we don't need the PNGImageReader 580 // anymore. (If we failed, |m_reader| has already been cleared.) 581 else if (isComplete()) 582 m_reader.clear(); 583} 584 585} // namespace WebCore 586