Line data Source code
1 : /*
2 : * Copyright (c) 1988-1997 Sam Leffler
3 : * Copyright (c) 1991-1997 Silicon Graphics, Inc.
4 : *
5 : * Permission to use, copy, modify, distribute, and sell this software and
6 : * its documentation for any purpose is hereby granted without fee, provided
7 : * that (i) the above copyright notices and this permission notice appear in
8 : * all copies of the software and related documentation, and (ii) the names of
9 : * Sam Leffler and Silicon Graphics may not be used in any advertising or
10 : * publicity relating to the software without the specific, prior written
11 : * permission of Sam Leffler and Silicon Graphics.
12 : *
13 : * THE SOFTWARE IS PROVIDED "AS-IS" AND WITHOUT WARRANTY OF ANY KIND,
14 : * EXPRESS, IMPLIED OR OTHERWISE, INCLUDING WITHOUT LIMITATION, ANY
15 : * WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
16 : *
17 : * IN NO EVENT SHALL SAM LEFFLER OR SILICON GRAPHICS BE LIABLE FOR
18 : * ANY SPECIAL, INCIDENTAL, INDIRECT OR CONSEQUENTIAL DAMAGES OF ANY KIND,
19 : * OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS,
20 : * WHETHER OR NOT ADVISED OF THE POSSIBILITY OF DAMAGE, AND ON ANY THEORY OF
21 : * LIABILITY, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE
22 : * OF THIS SOFTWARE.
23 : */
24 :
25 : /*
26 : * TIFF Library.
27 : *
28 : * Directory Tag Get & Set Routines.
29 : * (and also some miscellaneous stuff)
30 : */
31 : #include "tiffiop.h"
32 : #include <float.h> /*--: for Rational2Double */
33 : #include <limits.h>
34 : #include <math.h>
35 :
36 : /*
37 : * These are used in the backwards compatibility code...
38 : */
39 : #define DATATYPE_VOID 0 /* !untyped data */
40 : #define DATATYPE_INT 1 /* !signed integer data */
41 : #define DATATYPE_UINT 2 /* !unsigned integer data */
42 : #define DATATYPE_IEEEFP 3 /* !IEEE floating point data */
43 :
44 58967 : static void setByteArray(TIFF *tif, void **vpp, const void *vp, size_t nmemb,
45 : size_t elem_size)
46 : {
47 58967 : if (*vpp)
48 : {
49 1443 : _TIFFfreeExt(tif, *vpp);
50 1443 : *vpp = 0;
51 : }
52 58967 : if (vp)
53 : {
54 58575 : tmsize_t bytes = _TIFFMultiplySSize(NULL, (tmsize_t)nmemb,
55 : (tmsize_t)elem_size, NULL);
56 58932 : if (bytes)
57 58805 : *vpp = (void *)_TIFFmallocExt(tif, bytes);
58 58979 : if (*vpp)
59 58789 : _TIFFmemcpy(*vpp, vp, bytes);
60 : }
61 59351 : }
62 0 : void _TIFFsetByteArray(void **vpp, const void *vp, uint32_t n)
63 : {
64 0 : setByteArray(NULL, vpp, vp, n, 1);
65 0 : }
66 3086 : void _TIFFsetByteArrayExt(TIFF *tif, void **vpp, const void *vp, uint32_t n)
67 : {
68 3086 : setByteArray(tif, vpp, vp, n, 1);
69 3086 : }
70 :
71 0 : static void _TIFFsetNString(TIFF *tif, char **cpp, const char *cp, uint32_t n)
72 : {
73 0 : setByteArray(tif, (void **)cpp, cp, n, 1);
74 0 : }
75 :
76 0 : void _TIFFsetShortArray(uint16_t **wpp, const uint16_t *wp, uint32_t n)
77 : {
78 0 : setByteArray(NULL, (void **)wpp, wp, n, sizeof(uint16_t));
79 0 : }
80 10007 : void _TIFFsetShortArrayExt(TIFF *tif, uint16_t **wpp, const uint16_t *wp,
81 : uint32_t n)
82 : {
83 10007 : setByteArray(tif, (void **)wpp, wp, n, sizeof(uint16_t));
84 10006 : }
85 :
86 0 : void _TIFFsetLongArray(uint32_t **lpp, const uint32_t *lp, uint32_t n)
87 : {
88 0 : setByteArray(NULL, (void **)lpp, lp, n, sizeof(uint32_t));
89 0 : }
90 0 : void _TIFFsetLongArrayExt(TIFF *tif, uint32_t **lpp, const uint32_t *lp,
91 : uint32_t n)
92 : {
93 0 : setByteArray(tif, (void **)lpp, lp, n, sizeof(uint32_t));
94 0 : }
95 :
96 81 : static void _TIFFsetLong8Array(TIFF *tif, uint64_t **lpp, const uint64_t *lp,
97 : uint32_t n)
98 : {
99 81 : setByteArray(tif, (void **)lpp, lp, n, sizeof(uint64_t));
100 81 : }
101 :
102 0 : void _TIFFsetFloatArray(float **fpp, const float *fp, uint32_t n)
103 : {
104 0 : setByteArray(NULL, (void **)fpp, fp, n, sizeof(float));
105 0 : }
106 1799 : void _TIFFsetFloatArrayExt(TIFF *tif, float **fpp, const float *fp, uint32_t n)
107 : {
108 1799 : setByteArray(tif, (void **)fpp, fp, n, sizeof(float));
109 1799 : }
110 :
111 0 : void _TIFFsetDoubleArray(double **dpp, const double *dp, uint32_t n)
112 : {
113 0 : setByteArray(NULL, (void **)dpp, dp, n, sizeof(double));
114 0 : }
115 0 : void _TIFFsetDoubleArrayExt(TIFF *tif, double **dpp, const double *dp,
116 : uint32_t n)
117 : {
118 0 : setByteArray(tif, (void **)dpp, dp, n, sizeof(double));
119 0 : }
120 :
121 0 : static void setDoubleArrayOneValue(TIFF *tif, double **vpp, double value,
122 : size_t nmemb)
123 : {
124 0 : if (*vpp)
125 0 : _TIFFfreeExt(tif, *vpp);
126 0 : *vpp = (double *)_TIFFmallocExt(tif,
127 0 : (tmsize_t)nmemb * (tmsize_t)sizeof(double));
128 0 : if (*vpp)
129 : {
130 0 : while (nmemb--)
131 0 : ((double *)*vpp)[nmemb] = value;
132 : }
133 0 : }
134 :
135 : /*
136 : * Install extra samples information.
137 : */
138 8639 : static int setExtraSamples(TIFF *tif, va_list ap, uint32_t *v)
139 : {
140 : /* XXX: Unassociated alpha data == 999 is a known Corel Draw bug, see below */
141 : #define EXTRASAMPLE_COREL_UNASSALPHA 999
142 :
143 : uint16_t *va;
144 : uint32_t i;
145 8639 : TIFFDirectory *td = &tif->tif_dir;
146 : static const char module[] = "setExtraSamples";
147 :
148 8639 : *v = (uint16_t)va_arg(ap, uint16_vap);
149 8639 : if ((uint16_t)*v > td->td_samplesperpixel)
150 0 : return 0;
151 8639 : va = va_arg(ap, uint16_t *);
152 8639 : if (*v > 0 && va == NULL) /* typically missing param */
153 0 : return 0;
154 1562730 : for (i = 0; i < *v; i++)
155 : {
156 1554090 : if (va[i] > EXTRASAMPLE_UNASSALPHA)
157 : {
158 : /*
159 : * XXX: Corel Draw is known to produce incorrect
160 : * ExtraSamples tags which must be patched here if we
161 : * want to be able to open some of the damaged TIFF
162 : * files:
163 : */
164 0 : if (va[i] == EXTRASAMPLE_COREL_UNASSALPHA)
165 0 : va[i] = EXTRASAMPLE_UNASSALPHA;
166 : else
167 0 : return 0;
168 : }
169 : }
170 :
171 8639 : if (td->td_transferfunction[0] != NULL &&
172 0 : (td->td_samplesperpixel - *v > 1) &&
173 0 : !(td->td_samplesperpixel - td->td_extrasamples > 1))
174 : {
175 0 : TIFFWarningExtR(tif, module,
176 : "ExtraSamples tag value is changing, "
177 : "but TransferFunction was read with a different value. "
178 : "Canceling it");
179 0 : TIFFClrFieldBit(tif, FIELD_TRANSFERFUNCTION);
180 0 : _TIFFfreeExt(tif, td->td_transferfunction[0]);
181 0 : td->td_transferfunction[0] = NULL;
182 : }
183 :
184 8639 : td->td_extrasamples = (uint16_t)*v;
185 8639 : _TIFFsetShortArrayExt(tif, &td->td_sampleinfo, va, td->td_extrasamples);
186 8639 : return 1;
187 :
188 : #undef EXTRASAMPLE_COREL_UNASSALPHA
189 : }
190 :
191 : /*
192 : * Count ink names separated by \0. Returns
193 : * zero if the ink names are not as expected.
194 : */
195 0 : static uint16_t countInkNamesString(TIFF *tif, uint32_t slen, const char *s)
196 : {
197 0 : uint16_t i = 0;
198 :
199 0 : if (slen > 0)
200 : {
201 0 : const char *ep = s + slen;
202 0 : const char *cp = s;
203 : do
204 : {
205 0 : for (; cp < ep && *cp != '\0'; cp++)
206 : {
207 : }
208 0 : if (cp >= ep)
209 0 : goto bad;
210 0 : cp++; /* skip \0 */
211 0 : i++;
212 0 : } while (cp < ep);
213 0 : return (i);
214 : }
215 0 : bad:
216 0 : TIFFErrorExtR(tif, "TIFFSetField",
217 : "%s: Invalid InkNames value; no null at given buffer end "
218 : "location %" PRIu32 ", after %" PRIu16 " ink",
219 : tif->tif_name, slen, i);
220 0 : return (0);
221 : }
222 :
223 1233390 : static int _TIFFVSetField(TIFF *tif, uint32_t tag, va_list ap)
224 : {
225 : static const char module[] = "_TIFFVSetField";
226 :
227 1233390 : TIFFDirectory *td = &tif->tif_dir;
228 1233390 : int status = 1;
229 : uint32_t v32, v;
230 : double dblval;
231 : char *s;
232 1233390 : const TIFFField *fip = TIFFFindField(tif, tag, TIFF_ANY);
233 1232730 : uint32_t standard_tag = tag;
234 1232730 : if (fip == NULL) /* cannot happen since OkToChangeTag() already checks it */
235 0 : return 0;
236 : /*
237 : * We want to force the custom code to be used for custom
238 : * fields even if the tag happens to match a well known
239 : * one - important for reinterpreted handling of standard
240 : * tag values in custom directories (i.e. EXIF)
241 : */
242 1232730 : if (fip->field_bit == FIELD_CUSTOM)
243 : {
244 159243 : standard_tag = 0;
245 : }
246 :
247 1232730 : switch (standard_tag)
248 : {
249 6748 : case TIFFTAG_SUBFILETYPE:
250 6748 : td->td_subfiletype = (uint32_t)va_arg(ap, uint32_t);
251 6748 : break;
252 94668 : case TIFFTAG_IMAGEWIDTH:
253 94668 : td->td_imagewidth = (uint32_t)va_arg(ap, uint32_t);
254 94682 : break;
255 94711 : case TIFFTAG_IMAGELENGTH:
256 94711 : td->td_imagelength = (uint32_t)va_arg(ap, uint32_t);
257 94700 : break;
258 94663 : case TIFFTAG_BITSPERSAMPLE:
259 94663 : td->td_bitspersample = (uint16_t)va_arg(ap, uint16_vap);
260 94654 : _TIFFSetDefaultPostDecode(tif);
261 94598 : break;
262 231164 : case TIFFTAG_COMPRESSION:
263 231164 : v = (uint16_t)va_arg(ap, uint16_vap);
264 : /*
265 : * If we're changing the compression scheme, notify the
266 : * previous module so that it can cleanup any state it's
267 : * setup.
268 : */
269 231212 : if (TIFFFieldSet(tif, FIELD_COMPRESSION))
270 : {
271 94414 : if ((uint32_t)td->td_compression == v)
272 57882 : break;
273 36532 : (*tif->tif_cleanup)(tif);
274 36530 : tif->tif_flags &= ~TIFF_CODERSETUP;
275 : }
276 : /*
277 : * Setup new compression routine state.
278 : */
279 173328 : if ((status = TIFFSetCompressionScheme(tif, (int)v)) != 0)
280 172976 : td->td_compression = (uint16_t)v;
281 : else
282 136 : status = 0;
283 173112 : break;
284 94731 : case TIFFTAG_PHOTOMETRIC:
285 94731 : td->td_photometric = (uint16_t)va_arg(ap, uint16_vap);
286 94725 : break;
287 0 : case TIFFTAG_THRESHHOLDING:
288 0 : td->td_threshholding = (uint16_t)va_arg(ap, uint16_vap);
289 0 : break;
290 2 : case TIFFTAG_FILLORDER:
291 2 : v = (uint16_t)va_arg(ap, uint16_vap);
292 2 : if (v != FILLORDER_LSB2MSB && v != FILLORDER_MSB2LSB)
293 0 : goto badvalue;
294 2 : td->td_fillorder = (uint16_t)v;
295 2 : break;
296 108 : case TIFFTAG_ORIENTATION:
297 108 : v = (uint16_t)va_arg(ap, uint16_vap);
298 108 : if (v < ORIENTATION_TOPLEFT || ORIENTATION_LEFTBOT < v)
299 0 : goto badvalue;
300 : else
301 108 : td->td_orientation = (uint16_t)v;
302 108 : break;
303 94645 : case TIFFTAG_SAMPLESPERPIXEL:
304 94645 : v = (uint16_t)va_arg(ap, uint16_vap);
305 94619 : if (v == 0)
306 0 : goto badvalue;
307 94619 : if (v != td->td_samplesperpixel)
308 : {
309 : /* See http://bugzilla.maptools.org/show_bug.cgi?id=2500 */
310 23021 : if (td->td_sminsamplevalue != NULL)
311 : {
312 0 : TIFFWarningExtR(tif, module,
313 : "SamplesPerPixel tag value is changing, "
314 : "but SMinSampleValue tag was read with a "
315 : "different value. Canceling it");
316 0 : TIFFClrFieldBit(tif, FIELD_SMINSAMPLEVALUE);
317 0 : _TIFFfreeExt(tif, td->td_sminsamplevalue);
318 0 : td->td_sminsamplevalue = NULL;
319 : }
320 23021 : if (td->td_smaxsamplevalue != NULL)
321 : {
322 0 : TIFFWarningExtR(tif, module,
323 : "SamplesPerPixel tag value is changing, "
324 : "but SMaxSampleValue tag was read with a "
325 : "different value. Canceling it");
326 0 : TIFFClrFieldBit(tif, FIELD_SMAXSAMPLEVALUE);
327 0 : _TIFFfreeExt(tif, td->td_smaxsamplevalue);
328 0 : td->td_smaxsamplevalue = NULL;
329 : }
330 : /* Test if 3 transfer functions instead of just one are now
331 : needed See http://bugzilla.maptools.org/show_bug.cgi?id=2820
332 : */
333 23021 : if (td->td_transferfunction[0] != NULL &&
334 0 : (v - td->td_extrasamples > 1) &&
335 0 : !(td->td_samplesperpixel - td->td_extrasamples > 1))
336 : {
337 0 : TIFFWarningExtR(tif, module,
338 : "SamplesPerPixel tag value is changing, "
339 : "but TransferFunction was read with a "
340 : "different value. Canceling it");
341 0 : TIFFClrFieldBit(tif, FIELD_TRANSFERFUNCTION);
342 0 : _TIFFfreeExt(tif, td->td_transferfunction[0]);
343 30 : td->td_transferfunction[0] = NULL;
344 : }
345 : }
346 94649 : td->td_samplesperpixel = (uint16_t)v;
347 94649 : break;
348 83679 : case TIFFTAG_ROWSPERSTRIP:
349 83679 : v32 = (uint32_t)va_arg(ap, uint32_t);
350 83676 : if (v32 == 0)
351 0 : goto badvalue32;
352 83676 : td->td_rowsperstrip = v32;
353 83676 : if (!TIFFFieldSet(tif, FIELD_TILEDIMENSIONS))
354 : {
355 83612 : td->td_tilelength = v32;
356 83612 : td->td_tilewidth = td->td_imagewidth;
357 : }
358 83676 : break;
359 8 : case TIFFTAG_MINSAMPLEVALUE:
360 8 : td->td_minsamplevalue = (uint16_t)va_arg(ap, uint16_vap);
361 8 : break;
362 8 : case TIFFTAG_MAXSAMPLEVALUE:
363 8 : td->td_maxsamplevalue = (uint16_t)va_arg(ap, uint16_vap);
364 8 : break;
365 0 : case TIFFTAG_SMINSAMPLEVALUE:
366 0 : if (tif->tif_flags & TIFF_PERSAMPLE)
367 0 : _TIFFsetDoubleArrayExt(tif, &td->td_sminsamplevalue,
368 0 : va_arg(ap, double *),
369 0 : td->td_samplesperpixel);
370 : else
371 0 : setDoubleArrayOneValue(tif, &td->td_sminsamplevalue,
372 : va_arg(ap, double),
373 0 : td->td_samplesperpixel);
374 0 : break;
375 0 : case TIFFTAG_SMAXSAMPLEVALUE:
376 0 : if (tif->tif_flags & TIFF_PERSAMPLE)
377 0 : _TIFFsetDoubleArrayExt(tif, &td->td_smaxsamplevalue,
378 0 : va_arg(ap, double *),
379 0 : td->td_samplesperpixel);
380 : else
381 0 : setDoubleArrayOneValue(tif, &td->td_smaxsamplevalue,
382 : va_arg(ap, double),
383 0 : td->td_samplesperpixel);
384 0 : break;
385 130 : case TIFFTAG_XRESOLUTION:
386 130 : dblval = va_arg(ap, double);
387 130 : if (isnan(dblval) || dblval < 0)
388 0 : goto badvaluedouble;
389 130 : td->td_xresolution = _TIFFClampDoubleToFloat(dblval);
390 130 : break;
391 130 : case TIFFTAG_YRESOLUTION:
392 130 : dblval = va_arg(ap, double);
393 130 : if (isnan(dblval) || dblval < 0)
394 0 : goto badvaluedouble;
395 130 : td->td_yresolution = _TIFFClampDoubleToFloat(dblval);
396 130 : break;
397 149003 : case TIFFTAG_PLANARCONFIG:
398 149003 : v = (uint16_t)va_arg(ap, uint16_vap);
399 149092 : if (v != PLANARCONFIG_CONTIG && v != PLANARCONFIG_SEPARATE)
400 0 : goto badvalue;
401 149092 : td->td_planarconfig = (uint16_t)v;
402 149092 : break;
403 2 : case TIFFTAG_XPOSITION:
404 2 : td->td_xposition = _TIFFClampDoubleToFloat(va_arg(ap, double));
405 2 : break;
406 2 : case TIFFTAG_YPOSITION:
407 2 : td->td_yposition = _TIFFClampDoubleToFloat(va_arg(ap, double));
408 2 : break;
409 134 : case TIFFTAG_RESOLUTIONUNIT:
410 134 : v = (uint16_t)va_arg(ap, uint16_vap);
411 134 : if (v < RESUNIT_NONE || RESUNIT_CENTIMETER < v)
412 0 : goto badvalue;
413 134 : td->td_resolutionunit = (uint16_t)v;
414 134 : break;
415 0 : case TIFFTAG_PAGENUMBER:
416 0 : td->td_pagenumber[0] = (uint16_t)va_arg(ap, uint16_vap);
417 0 : td->td_pagenumber[1] = (uint16_t)va_arg(ap, uint16_vap);
418 0 : break;
419 0 : case TIFFTAG_HALFTONEHINTS:
420 0 : td->td_halftonehints[0] = (uint16_t)va_arg(ap, uint16_vap);
421 0 : td->td_halftonehints[1] = (uint16_t)va_arg(ap, uint16_vap);
422 0 : break;
423 436 : case TIFFTAG_COLORMAP:
424 436 : v32 = (uint32_t)(1UL << td->td_bitspersample);
425 436 : _TIFFsetShortArrayExt(tif, &td->td_colormap[0],
426 436 : va_arg(ap, uint16_t *), v32);
427 436 : _TIFFsetShortArrayExt(tif, &td->td_colormap[1],
428 436 : va_arg(ap, uint16_t *), v32);
429 436 : _TIFFsetShortArrayExt(tif, &td->td_colormap[2],
430 436 : va_arg(ap, uint16_t *), v32);
431 436 : break;
432 8639 : case TIFFTAG_EXTRASAMPLES:
433 8639 : if (!setExtraSamples(tif, ap, &v))
434 0 : goto badvalue;
435 8639 : break;
436 2 : case TIFFTAG_MATTEING:
437 2 : td->td_extrasamples = (((uint16_t)va_arg(ap, uint16_vap)) != 0);
438 2 : if (td->td_extrasamples)
439 : {
440 0 : uint16_t sv = EXTRASAMPLE_ASSOCALPHA;
441 0 : _TIFFsetShortArrayExt(tif, &td->td_sampleinfo, &sv, 1);
442 : }
443 2 : break;
444 11155 : case TIFFTAG_TILEWIDTH:
445 11155 : v32 = (uint32_t)va_arg(ap, uint32_t);
446 11155 : if (v32 % 16)
447 : {
448 3 : if (tif->tif_mode != O_RDONLY)
449 0 : goto badvalue32;
450 3 : TIFFWarningExtR(
451 3 : tif, tif->tif_name,
452 : "Nonstandard tile width %" PRIu32 ", convert file", v32);
453 : }
454 11154 : td->td_tilewidth = v32;
455 11154 : tif->tif_flags |= TIFF_ISTILED;
456 11154 : break;
457 11154 : case TIFFTAG_TILELENGTH:
458 11154 : v32 = (uint32_t)va_arg(ap, uint32_t);
459 11154 : if (v32 % 16)
460 : {
461 4 : if (tif->tif_mode != O_RDONLY)
462 0 : goto badvalue32;
463 4 : TIFFWarningExtR(
464 4 : tif, tif->tif_name,
465 : "Nonstandard tile length %" PRIu32 ", convert file", v32);
466 : }
467 11154 : td->td_tilelength = v32;
468 11154 : tif->tif_flags |= TIFF_ISTILED;
469 11154 : break;
470 0 : case TIFFTAG_TILEDEPTH:
471 0 : v32 = (uint32_t)va_arg(ap, uint32_t);
472 0 : if (v32 == 0)
473 0 : goto badvalue32;
474 0 : td->td_tiledepth = v32;
475 0 : break;
476 0 : case TIFFTAG_DATATYPE:
477 0 : v = (uint16_t)va_arg(ap, uint16_vap);
478 0 : switch (v)
479 : {
480 0 : case DATATYPE_VOID:
481 0 : v = SAMPLEFORMAT_VOID;
482 0 : break;
483 0 : case DATATYPE_INT:
484 0 : v = SAMPLEFORMAT_INT;
485 0 : break;
486 0 : case DATATYPE_UINT:
487 0 : v = SAMPLEFORMAT_UINT;
488 0 : break;
489 0 : case DATATYPE_IEEEFP:
490 0 : v = SAMPLEFORMAT_IEEEFP;
491 0 : break;
492 0 : default:
493 0 : goto badvalue;
494 : }
495 0 : td->td_sampleformat = (uint16_t)v;
496 0 : break;
497 93669 : case TIFFTAG_SAMPLEFORMAT:
498 93669 : v = (uint16_t)va_arg(ap, uint16_vap);
499 93765 : if (v < SAMPLEFORMAT_UINT || SAMPLEFORMAT_COMPLEXIEEEFP < v)
500 193 : goto badvalue;
501 93572 : td->td_sampleformat = (uint16_t)v;
502 :
503 : /* Try to fix up the SWAB function for complex data. */
504 93572 : if (td->td_sampleformat == SAMPLEFORMAT_COMPLEXINT &&
505 1498 : td->td_bitspersample == 32 &&
506 830 : tif->tif_postdecode == _TIFFSwab32BitData)
507 81 : tif->tif_postdecode = _TIFFSwab16BitData;
508 93491 : else if ((td->td_sampleformat == SAMPLEFORMAT_COMPLEXINT ||
509 91993 : td->td_sampleformat == SAMPLEFORMAT_COMPLEXIEEEFP) &&
510 3288 : td->td_bitspersample == 64 &&
511 1402 : tif->tif_postdecode == _TIFFSwab64BitData)
512 14 : tif->tif_postdecode = _TIFFSwab32BitData;
513 93572 : break;
514 0 : case TIFFTAG_IMAGEDEPTH:
515 0 : td->td_imagedepth = (uint32_t)va_arg(ap, uint32_t);
516 0 : break;
517 81 : case TIFFTAG_SUBIFD:
518 81 : if ((tif->tif_flags & TIFF_INSUBIFD) == 0)
519 : {
520 81 : td->td_nsubifd = (uint16_t)va_arg(ap, uint16_vap);
521 81 : _TIFFsetLong8Array(tif, &td->td_subifd,
522 81 : (uint64_t *)va_arg(ap, uint64_t *),
523 81 : (uint32_t)td->td_nsubifd);
524 : }
525 : else
526 : {
527 0 : TIFFErrorExtR(tif, module, "%s: Sorry, cannot nest SubIFDs",
528 : tif->tif_name);
529 0 : status = 0;
530 : }
531 81 : break;
532 11 : case TIFFTAG_YCBCRPOSITIONING:
533 11 : td->td_ycbcrpositioning = (uint16_t)va_arg(ap, uint16_vap);
534 11 : break;
535 2118 : case TIFFTAG_YCBCRSUBSAMPLING:
536 2118 : td->td_ycbcrsubsampling[0] = (uint16_t)va_arg(ap, uint16_vap);
537 2118 : td->td_ycbcrsubsampling[1] = (uint16_t)va_arg(ap, uint16_vap);
538 2118 : break;
539 19 : case TIFFTAG_TRANSFERFUNCTION:
540 : {
541 : uint32_t i;
542 19 : v = (td->td_samplesperpixel - td->td_extrasamples) > 1 ? 3 : 1;
543 76 : for (i = 0; i < v; i++)
544 57 : _TIFFsetShortArrayExt(tif, &td->td_transferfunction[i],
545 57 : va_arg(ap, uint16_t *),
546 57 : 1U << td->td_bitspersample);
547 19 : break;
548 : }
549 1799 : case TIFFTAG_REFERENCEBLACKWHITE:
550 : /* XXX should check for null range */
551 1799 : _TIFFsetFloatArrayExt(tif, &td->td_refblackwhite,
552 1799 : va_arg(ap, float *), 6);
553 1799 : break;
554 0 : case TIFFTAG_INKNAMES:
555 : {
556 0 : v = (uint16_t)va_arg(ap, uint16_vap);
557 0 : s = va_arg(ap, char *);
558 : uint16_t ninksinstring;
559 0 : ninksinstring = countInkNamesString(tif, v, s);
560 0 : status = ninksinstring > 0;
561 0 : if (ninksinstring > 0)
562 : {
563 0 : _TIFFsetNString(tif, &td->td_inknames, s, v);
564 0 : td->td_inknameslen = (int)v;
565 : /* Set NumberOfInks to the value ninksinstring */
566 0 : if (TIFFFieldSet(tif, FIELD_NUMBEROFINKS))
567 : {
568 0 : if (td->td_numberofinks != ninksinstring)
569 : {
570 0 : TIFFErrorExtR(
571 : tif, module,
572 : "Warning %s; Tag %s:\n Value %" PRIu16
573 : " of NumberOfInks is different from the number of "
574 : "inks %" PRIu16
575 : ".\n -> NumberOfInks value adapted to %" PRIu16 "",
576 0 : tif->tif_name, fip->field_name, td->td_numberofinks,
577 : ninksinstring, ninksinstring);
578 0 : td->td_numberofinks = ninksinstring;
579 : }
580 : }
581 : else
582 : {
583 0 : td->td_numberofinks = ninksinstring;
584 0 : TIFFSetFieldBit(tif, FIELD_NUMBEROFINKS);
585 : }
586 0 : if (TIFFFieldSet(tif, FIELD_SAMPLESPERPIXEL))
587 : {
588 0 : if (td->td_numberofinks != td->td_samplesperpixel)
589 : {
590 0 : TIFFErrorExtR(tif, module,
591 : "Warning %s; Tag %s:\n Value %" PRIu16
592 : " of NumberOfInks is different from the "
593 : "SamplesPerPixel value %" PRIu16 "",
594 : tif->tif_name, fip->field_name,
595 0 : td->td_numberofinks,
596 0 : td->td_samplesperpixel);
597 : }
598 : }
599 : }
600 : }
601 0 : break;
602 0 : case TIFFTAG_NUMBEROFINKS:
603 0 : v = (uint16_t)va_arg(ap, uint16_vap);
604 : /* If InkNames already set also NumberOfInks is set accordingly and
605 : * should be equal */
606 0 : if (TIFFFieldSet(tif, FIELD_INKNAMES))
607 : {
608 0 : if (v != td->td_numberofinks)
609 : {
610 0 : TIFFErrorExtR(
611 : tif, module,
612 : "Error %s; Tag %s:\n It is not possible to set the "
613 : "value %" PRIu32
614 : " for NumberOfInks\n which is different from the "
615 : "number of inks in the InkNames tag (%" PRIu16 ")",
616 0 : tif->tif_name, fip->field_name, v, td->td_numberofinks);
617 : /* Do not set / overwrite number of inks already set by
618 : * InkNames case accordingly. */
619 0 : status = 0;
620 : }
621 : }
622 : else
623 : {
624 0 : td->td_numberofinks = (uint16_t)v;
625 0 : if (TIFFFieldSet(tif, FIELD_SAMPLESPERPIXEL))
626 : {
627 0 : if (td->td_numberofinks != td->td_samplesperpixel)
628 : {
629 0 : TIFFErrorExtR(tif, module,
630 : "Warning %s; Tag %s:\n Value %" PRIu32
631 : " of NumberOfInks is different from the "
632 : "SamplesPerPixel value %" PRIu16 "",
633 : tif->tif_name, fip->field_name, v,
634 0 : td->td_samplesperpixel);
635 : }
636 : }
637 : }
638 0 : break;
639 0 : case TIFFTAG_PERSAMPLE:
640 0 : v = (uint16_t)va_arg(ap, uint16_vap);
641 0 : if (v == PERSAMPLE_MULTI)
642 0 : tif->tif_flags |= TIFF_PERSAMPLE;
643 : else
644 0 : tif->tif_flags &= ~TIFF_PERSAMPLE;
645 0 : break;
646 159109 : default:
647 : {
648 : TIFFTagValue *tv;
649 : int tv_size, iCustom;
650 :
651 : /*
652 : * This can happen if multiple images are open with different
653 : * codecs which have private tags. The global tag information
654 : * table may then have tags that are valid for one file but not
655 : * the other. If the client tries to set a tag that is not valid
656 : * for the image's codec then we'll arrive here. This
657 : * happens, for example, when tiffcp is used to convert between
658 : * compression schemes and codec-specific tags are blindly copied.
659 : *
660 : * This also happens when a FIELD_IGNORE tag is written.
661 : */
662 159109 : if (fip->field_bit == FIELD_IGNORE)
663 : {
664 0 : TIFFErrorExtR(
665 : tif, module,
666 : "%s: Ignored %stag \"%s\" (not supported by libtiff)",
667 : tif->tif_name, isPseudoTag(tag) ? "pseudo-" : "",
668 : fip->field_name);
669 0 : status = 0;
670 0 : break;
671 : }
672 159109 : if (fip->field_bit != FIELD_CUSTOM)
673 : {
674 0 : TIFFErrorExtR(
675 : tif, module,
676 : "%s: Invalid %stag \"%s\" (not supported by codec)",
677 : tif->tif_name, isPseudoTag(tag) ? "pseudo-" : "",
678 : fip->field_name);
679 0 : status = 0;
680 0 : break;
681 : }
682 :
683 : /*
684 : * Find the existing entry for this custom value.
685 : */
686 159109 : tv = NULL;
687 417014 : for (iCustom = 0; iCustom < td->td_customValueCount; iCustom++)
688 : {
689 259985 : if (td->td_customValues[iCustom].info->field_tag == tag)
690 : {
691 2080 : tv = td->td_customValues + iCustom;
692 2080 : if (tv->value != NULL)
693 : {
694 2080 : _TIFFfreeExt(tif, tv->value);
695 2080 : tv->value = NULL;
696 : }
697 2080 : break;
698 : }
699 : }
700 :
701 : /*
702 : * Grow the custom list if the entry was not found.
703 : */
704 159109 : if (tv == NULL)
705 : {
706 : TIFFTagValue *new_customValues;
707 :
708 156817 : new_customValues = (TIFFTagValue *)_TIFFreallocExt(
709 156817 : tif, td->td_customValues,
710 156817 : (tmsize_t)(sizeof(TIFFTagValue) *
711 156817 : (size_t)(td->td_customValueCount + 1)));
712 157482 : if (!new_customValues)
713 : {
714 300 : TIFFErrorExtR(tif, module,
715 : "%s: Failed to allocate space for list of "
716 : "custom values",
717 : tif->tif_name);
718 0 : status = 0;
719 0 : goto end;
720 : }
721 :
722 157182 : td->td_customValueCount++;
723 157182 : td->td_customValues = new_customValues;
724 :
725 157182 : tv = td->td_customValues + (td->td_customValueCount - 1);
726 157182 : tv->info = fip;
727 157182 : tv->value = NULL;
728 157182 : tv->count = 0;
729 : }
730 :
731 : /*
732 : * Set custom value ... save a copy of the custom tag value.
733 : */
734 : /*--: Rational2Double: For Rationals evaluate "set_get_field_type"
735 : * to determine internal storage size. */
736 159474 : tv_size = TIFFFieldSetGetSize(fip);
737 159322 : if (tv_size == 0)
738 : {
739 0 : status = 0;
740 0 : TIFFErrorExtR(tif, module, "%s: Bad field type %u for \"%s\"",
741 0 : tif->tif_name, fip->field_type, fip->field_name);
742 0 : goto end;
743 : }
744 :
745 159393 : if (fip->field_type == TIFF_ASCII)
746 : {
747 : uint32_t ma;
748 : const char *mb;
749 43898 : if (fip->field_passcount)
750 : {
751 0 : assert(fip->field_writecount == TIFF_VARIABLE2);
752 0 : ma = (uint32_t)va_arg(ap, uint32_t);
753 0 : mb = (const char *)va_arg(ap, const char *);
754 : }
755 : else
756 : {
757 43898 : mb = (const char *)va_arg(ap, const char *);
758 43870 : size_t len = strlen(mb) + 1;
759 43870 : if (len >= 0x80000000U)
760 : {
761 182 : status = 0;
762 182 : TIFFErrorExtR(tif, module,
763 : "%s: Too long string value for \"%s\". "
764 : "Maximum supported is 2147483647 bytes",
765 : tif->tif_name, fip->field_name);
766 0 : goto end;
767 : }
768 43688 : ma = (uint32_t)len;
769 : }
770 43688 : tv->count = (int)ma;
771 43688 : setByteArray(tif, &tv->value, mb, ma, 1);
772 : }
773 : else
774 : {
775 115495 : if (fip->field_passcount)
776 : {
777 115393 : if (fip->field_writecount == TIFF_VARIABLE2)
778 3017 : tv->count = (int)va_arg(ap, uint32_t);
779 : else
780 112376 : tv->count = va_arg(ap, int);
781 : }
782 102 : else if (fip->field_writecount == TIFF_VARIABLE ||
783 71 : fip->field_writecount == TIFF_VARIABLE2)
784 31 : tv->count = 1;
785 71 : else if (fip->field_writecount == TIFF_SPP)
786 0 : tv->count = td->td_samplesperpixel;
787 : else
788 71 : tv->count = fip->field_writecount;
789 :
790 115295 : if (tv->count == 0)
791 : {
792 0 : TIFFWarningExtR(tif, module,
793 : "%s: Null count for \"%s\" (type "
794 : "%u, writecount %d, passcount %d)",
795 : tif->tif_name, fip->field_name,
796 0 : fip->field_type, fip->field_writecount,
797 0 : fip->field_passcount);
798 0 : break;
799 : }
800 :
801 115295 : tv->value = _TIFFCheckMalloc(tif, tv->count, tv_size,
802 : "custom tag binary object");
803 115514 : if (!tv->value)
804 : {
805 0 : status = 0;
806 0 : goto end;
807 : }
808 :
809 115514 : if (fip->field_tag == TIFFTAG_DOTRANGE &&
810 0 : strcmp(fip->field_name, "DotRange") == 0)
811 0 : {
812 : /* TODO: This is an evil exception and should not have been
813 : handled this way ... likely best if we move it into
814 : the directory structure with an explicit field in
815 : libtiff 4.1 and assign it a FIELD_ value */
816 : uint16_t v2[2];
817 0 : v2[0] = (uint16_t)va_arg(ap, int);
818 0 : v2[1] = (uint16_t)va_arg(ap, int);
819 0 : _TIFFmemcpy(tv->value, &v2, 4);
820 : }
821 :
822 115514 : else if (fip->field_passcount ||
823 71 : fip->field_writecount == TIFF_VARIABLE ||
824 71 : fip->field_writecount == TIFF_VARIABLE2 ||
825 71 : fip->field_writecount == TIFF_SPP || tv->count > 1)
826 : {
827 : /*--: Rational2Double: For Rationals tv_size is set above to
828 : * 4 or 8 according to fip->set_get_field_type! */
829 115509 : _TIFFmemcpy(tv->value, va_arg(ap, void *),
830 115506 : tv->count * tv_size);
831 : /* Test here for too big values for LONG8, IFD8, SLONG8 in
832 : * ClassicTIFF and delete custom field from custom list */
833 115342 : if (!(tif->tif_flags & TIFF_BIGTIFF))
834 : {
835 115025 : if (tv->info->field_type == TIFF_LONG8 ||
836 115286 : tv->info->field_type == TIFF_IFD8)
837 0 : {
838 0 : uint64_t *pui64 = (uint64_t *)tv->value;
839 0 : for (int i = 0; i < tv->count; i++)
840 : {
841 0 : if (pui64[i] > 0xffffffffu)
842 : {
843 0 : TIFFErrorExtR(
844 : tif, module,
845 : "%s: Bad %s value %" PRIu64
846 : " at %d. array position for \"%s\" tag "
847 : "%u in ClassicTIFF. Tag won't be "
848 : "written to file",
849 : tif->tif_name,
850 0 : (tv->info->field_type == TIFF_LONG8
851 : ? "LONG8"
852 : : "IFD8"),
853 0 : pui64[i], i, fip->field_name, tag);
854 0 : goto badvalueifd8long8;
855 : }
856 : }
857 : }
858 115025 : else if (tv->info->field_type == TIFF_SLONG8)
859 : {
860 0 : int64_t *pi64 = (int64_t *)tv->value;
861 0 : for (int i = 0; i < tv->count; i++)
862 : {
863 0 : if (pi64[i] > 2147483647 ||
864 0 : pi64[i] < (-2147483647 - 1))
865 : {
866 0 : TIFFErrorExtR(
867 : tif, module,
868 : "%s: Bad SLONG8 value %" PRIi64
869 : " at %d. array position for \"%s\" tag "
870 : "%u in ClassicTIFF. Tag won't be "
871 : "written to file",
872 0 : tif->tif_name, pi64[i], i,
873 : fip->field_name, tag);
874 0 : goto badvalueifd8long8;
875 : }
876 : }
877 : }
878 : }
879 : }
880 : else
881 : {
882 8 : char *val = (char *)tv->value;
883 8 : assert(tv->count == 1);
884 :
885 8 : switch (fip->field_type)
886 : {
887 0 : case TIFF_BYTE:
888 : case TIFF_UNDEFINED:
889 : {
890 0 : uint8_t v2 = (uint8_t)va_arg(ap, int);
891 0 : _TIFFmemcpy(val, &v2, tv_size);
892 : }
893 0 : break;
894 0 : case TIFF_SBYTE:
895 : {
896 0 : int8_t v2 = (int8_t)va_arg(ap, int);
897 0 : _TIFFmemcpy(val, &v2, tv_size);
898 : }
899 0 : break;
900 0 : case TIFF_SHORT:
901 : {
902 0 : uint16_t v2 = (uint16_t)va_arg(ap, int);
903 0 : _TIFFmemcpy(val, &v2, tv_size);
904 : }
905 0 : break;
906 0 : case TIFF_SSHORT:
907 : {
908 0 : int16_t v2 = (int16_t)va_arg(ap, int);
909 0 : _TIFFmemcpy(val, &v2, tv_size);
910 : }
911 0 : break;
912 0 : case TIFF_LONG:
913 : case TIFF_IFD:
914 : {
915 0 : uint32_t v2 = va_arg(ap, uint32_t);
916 0 : _TIFFmemcpy(val, &v2, tv_size);
917 : }
918 0 : break;
919 0 : case TIFF_SLONG:
920 : {
921 0 : int32_t v2 = va_arg(ap, int32_t);
922 0 : _TIFFmemcpy(val, &v2, tv_size);
923 : }
924 0 : break;
925 8 : case TIFF_LONG8:
926 : case TIFF_IFD8:
927 : {
928 8 : uint64_t v2 = va_arg(ap, uint64_t);
929 8 : _TIFFmemcpy(val, &v2, tv_size);
930 : /* Test here for too big values for ClassicTIFF and
931 : * delete custom field from custom list */
932 8 : if (!(tif->tif_flags & TIFF_BIGTIFF) &&
933 8 : (v2 > 0xffffffffu))
934 : {
935 0 : TIFFErrorExtR(
936 : tif, module,
937 : "%s: Bad LONG8 or IFD8 value %" PRIu64
938 : " for \"%s\" tag %u in ClassicTIFF. Tag "
939 : "won't be written to file",
940 : tif->tif_name, v2, fip->field_name, tag);
941 0 : goto badvalueifd8long8;
942 : }
943 : }
944 8 : break;
945 0 : case TIFF_SLONG8:
946 : {
947 0 : int64_t v2 = va_arg(ap, int64_t);
948 0 : _TIFFmemcpy(val, &v2, tv_size);
949 : /* Test here for too big values for ClassicTIFF and
950 : * delete custom field from custom list */
951 0 : if (!(tif->tif_flags & TIFF_BIGTIFF) &&
952 0 : ((v2 > 2147483647) || (v2 < (-2147483647 - 1))))
953 : {
954 0 : TIFFErrorExtR(
955 : tif, module,
956 : "%s: Bad SLONG8 value %" PRIi64
957 : " for \"%s\" tag %u in ClassicTIFF. Tag "
958 : "won't be written to file",
959 : tif->tif_name, v2, fip->field_name, tag);
960 0 : goto badvalueifd8long8;
961 : }
962 : }
963 0 : break;
964 0 : case TIFF_RATIONAL:
965 : case TIFF_SRATIONAL:
966 : /*-- Rational2Double: For Rationals tv_size is set
967 : * above to 4 or 8 according to
968 : * fip->set_get_field_type!
969 : */
970 : {
971 0 : if (tv_size == 8)
972 : {
973 0 : double v2 = va_arg(ap, double);
974 0 : _TIFFmemcpy(val, &v2, tv_size);
975 : }
976 : else
977 : {
978 : /*-- default should be tv_size == 4 */
979 0 : float v3 = (float)va_arg(ap, double);
980 0 : _TIFFmemcpy(val, &v3, tv_size);
981 : /*-- ToDo: After Testing, this should be
982 : * removed and tv_size==4 should be set as
983 : * default. */
984 0 : if (tv_size != 4)
985 : {
986 0 : TIFFErrorExtR(tif, module,
987 : "Rational2Double: "
988 : ".set_get_field_type "
989 : "in not 4 but %d",
990 : tv_size);
991 : }
992 : }
993 : }
994 0 : break;
995 0 : case TIFF_FLOAT:
996 : {
997 0 : float v2 =
998 0 : _TIFFClampDoubleToFloat(va_arg(ap, double));
999 0 : _TIFFmemcpy(val, &v2, tv_size);
1000 : }
1001 0 : break;
1002 0 : case TIFF_DOUBLE:
1003 : {
1004 0 : double v2 = va_arg(ap, double);
1005 0 : _TIFFmemcpy(val, &v2, tv_size);
1006 : }
1007 0 : break;
1008 0 : case TIFF_NOTYPE:
1009 : case TIFF_ASCII:
1010 : default:
1011 0 : _TIFFmemset(val, 0, tv_size);
1012 0 : status = 0;
1013 0 : break;
1014 : }
1015 : }
1016 : }
1017 : }
1018 : }
1019 1231550 : if (status)
1020 : {
1021 1231550 : const TIFFField *fip2 = TIFFFieldWithTag(tif, tag);
1022 1231800 : if (fip2)
1023 1231700 : TIFFSetFieldBit(tif, fip2->field_bit);
1024 1231800 : tif->tif_flags |= TIFF_DIRTYDIRECT;
1025 : }
1026 :
1027 0 : end:
1028 1231800 : va_end(ap);
1029 1231800 : return (status);
1030 193 : badvalue:
1031 : {
1032 193 : const TIFFField *fip2 = TIFFFieldWithTag(tif, tag);
1033 0 : TIFFErrorExtR(tif, module, "%s: Bad value %" PRIu32 " for \"%s\" tag",
1034 : tif->tif_name, v, fip2 ? fip2->field_name : "Unknown");
1035 0 : va_end(ap);
1036 : }
1037 0 : return (0);
1038 0 : badvalue32:
1039 : {
1040 0 : const TIFFField *fip2 = TIFFFieldWithTag(tif, tag);
1041 0 : TIFFErrorExtR(tif, module, "%s: Bad value %" PRIu32 " for \"%s\" tag",
1042 : tif->tif_name, v32, fip2 ? fip2->field_name : "Unknown");
1043 0 : va_end(ap);
1044 : }
1045 0 : return (0);
1046 0 : badvaluedouble:
1047 : {
1048 0 : const TIFFField *fip2 = TIFFFieldWithTag(tif, tag);
1049 0 : TIFFErrorExtR(tif, module, "%s: Bad value %f for \"%s\" tag", tif->tif_name,
1050 : dblval, fip2 ? fip2->field_name : "Unknown");
1051 0 : va_end(ap);
1052 : }
1053 0 : return (0);
1054 0 : badvalueifd8long8:
1055 : {
1056 : /* Error message issued already above. */
1057 0 : TIFFTagValue *tv2 = NULL;
1058 : int iCustom2, iC2;
1059 : /* Find the existing entry for this custom value. */
1060 0 : for (iCustom2 = 0; iCustom2 < td->td_customValueCount; iCustom2++)
1061 : {
1062 0 : if (td->td_customValues[iCustom2].info->field_tag == tag)
1063 : {
1064 0 : tv2 = td->td_customValues + (iCustom2);
1065 0 : break;
1066 : }
1067 : }
1068 0 : if (tv2 != NULL)
1069 : {
1070 : /* Remove custom field from custom list */
1071 0 : if (tv2->value != NULL)
1072 : {
1073 0 : _TIFFfreeExt(tif, tv2->value);
1074 0 : tv2->value = NULL;
1075 : }
1076 : /* Shorten list and close gap in customValues list.
1077 : * Re-allocation of td_customValues not necessary here. */
1078 0 : td->td_customValueCount--;
1079 0 : for (iC2 = iCustom2; iC2 < td->td_customValueCount; iC2++)
1080 : {
1081 0 : td->td_customValues[iC2] = td->td_customValues[iC2 + 1];
1082 : }
1083 : }
1084 : else
1085 : {
1086 0 : assert(0);
1087 : }
1088 0 : va_end(ap);
1089 : }
1090 0 : return (0);
1091 : } /*-- _TIFFVSetField() --*/
1092 :
1093 : /*
1094 : * Return 1/0 according to whether or not
1095 : * it is permissible to set the tag's value.
1096 : * Note that we allow ImageLength to be changed
1097 : * so that we can append and extend to images.
1098 : * Any other tag may not be altered once writing
1099 : * has commenced, unless its value has no effect
1100 : * on the format of the data that is written.
1101 : */
1102 1256970 : static int OkToChangeTag(TIFF *tif, uint32_t tag)
1103 : {
1104 1256970 : const TIFFField *fip = TIFFFindField(tif, tag, TIFF_ANY);
1105 1258030 : if (!fip)
1106 : { /* unknown tag */
1107 0 : TIFFErrorExtR(tif, "TIFFSetField", "%s: Unknown %stag %" PRIu32,
1108 : tif->tif_name, isPseudoTag(tag) ? "pseudo-" : "", tag);
1109 0 : return (0);
1110 : }
1111 1258030 : if (tag != TIFFTAG_IMAGELENGTH && (tif->tif_flags & TIFF_BEENWRITING) &&
1112 845 : !fip->field_oktochange)
1113 : {
1114 : /*
1115 : * Consult info table to see if tag can be changed
1116 : * after we've started writing. We only allow changes
1117 : * to those tags that don't/shouldn't affect the
1118 : * compression and/or format of the data.
1119 : */
1120 2 : TIFFErrorExtR(tif, "TIFFSetField",
1121 : "%s: Cannot modify tag \"%s\" while writing",
1122 : tif->tif_name, fip->field_name);
1123 2 : return (0);
1124 : }
1125 1258030 : return (1);
1126 : }
1127 :
1128 : /*
1129 : * Record the value of a field in the
1130 : * internal directory structure. The
1131 : * field will be written to the file
1132 : * when/if the directory structure is
1133 : * updated.
1134 : */
1135 1257250 : int TIFFSetField(TIFF *tif, uint32_t tag, ...)
1136 : {
1137 : va_list ap;
1138 : int status;
1139 :
1140 1257250 : va_start(ap, tag);
1141 1257250 : status = TIFFVSetField(tif, tag, ap);
1142 1256970 : va_end(ap);
1143 1256970 : return (status);
1144 : }
1145 :
1146 : /*
1147 : * Clear the contents of the field in the internal structure.
1148 : */
1149 5573 : int TIFFUnsetField(TIFF *tif, uint32_t tag)
1150 : {
1151 5573 : const TIFFField *fip = TIFFFieldWithTag(tif, tag);
1152 5573 : TIFFDirectory *td = &tif->tif_dir;
1153 :
1154 5573 : if (!fip)
1155 0 : return 0;
1156 :
1157 5573 : if (fip->field_bit != FIELD_CUSTOM)
1158 5 : TIFFClrFieldBit(tif, fip->field_bit);
1159 : else
1160 : {
1161 5568 : TIFFTagValue *tv = NULL;
1162 : int i;
1163 :
1164 6150 : for (i = 0; i < td->td_customValueCount; i++)
1165 : {
1166 :
1167 699 : tv = td->td_customValues + i;
1168 699 : if (tv->info->field_tag == tag)
1169 117 : break;
1170 : }
1171 :
1172 5568 : if (i < td->td_customValueCount)
1173 : {
1174 117 : _TIFFfreeExt(tif, tv->value);
1175 275 : for (; i < td->td_customValueCount - 1; i++)
1176 : {
1177 158 : td->td_customValues[i] = td->td_customValues[i + 1];
1178 : }
1179 117 : td->td_customValueCount--;
1180 : }
1181 : }
1182 :
1183 5573 : tif->tif_flags |= TIFF_DIRTYDIRECT;
1184 :
1185 5573 : return (1);
1186 : }
1187 :
1188 : /*
1189 : * Like TIFFSetField, but taking a varargs
1190 : * parameter list. This routine is useful
1191 : * for building higher-level interfaces on
1192 : * top of the library.
1193 : */
1194 1257240 : int TIFFVSetField(TIFF *tif, uint32_t tag, va_list ap)
1195 : {
1196 1257240 : return OkToChangeTag(tif, tag)
1197 1258100 : ? (*tif->tif_tagmethods.vsetfield)(tif, tag, ap)
1198 2514890 : : 0;
1199 : }
1200 :
1201 2030140 : static int _TIFFVGetField(TIFF *tif, uint32_t tag, va_list ap)
1202 : {
1203 2030140 : TIFFDirectory *td = &tif->tif_dir;
1204 2030140 : int ret_val = 1;
1205 2030140 : uint32_t standard_tag = tag;
1206 2030140 : const TIFFField *fip = TIFFFindField(tif, tag, TIFF_ANY);
1207 2028860 : if (fip == NULL) /* cannot happen since TIFFGetField() already checks it */
1208 0 : return 0;
1209 :
1210 : /*
1211 : * We want to force the custom code to be used for custom
1212 : * fields even if the tag happens to match a well known
1213 : * one - important for reinterpreted handling of standard
1214 : * tag values in custom directories (i.e. EXIF)
1215 : */
1216 2028860 : if (fip->field_bit == FIELD_CUSTOM)
1217 : {
1218 402110 : standard_tag = 0;
1219 : }
1220 :
1221 2028860 : switch (standard_tag)
1222 : {
1223 1398 : case TIFFTAG_SUBFILETYPE:
1224 1398 : *va_arg(ap, uint32_t *) = td->td_subfiletype;
1225 1398 : break;
1226 52510 : case TIFFTAG_IMAGEWIDTH:
1227 52510 : *va_arg(ap, uint32_t *) = td->td_imagewidth;
1228 52449 : break;
1229 52467 : case TIFFTAG_IMAGELENGTH:
1230 52467 : *va_arg(ap, uint32_t *) = td->td_imagelength;
1231 52404 : break;
1232 34953 : case TIFFTAG_BITSPERSAMPLE:
1233 34953 : *va_arg(ap, uint16_t *) = td->td_bitspersample;
1234 34981 : break;
1235 59994 : case TIFFTAG_COMPRESSION:
1236 59994 : *va_arg(ap, uint16_t *) = td->td_compression;
1237 59973 : break;
1238 43322 : case TIFFTAG_PHOTOMETRIC:
1239 43322 : *va_arg(ap, uint16_t *) = td->td_photometric;
1240 43309 : break;
1241 0 : case TIFFTAG_THRESHHOLDING:
1242 0 : *va_arg(ap, uint16_t *) = td->td_threshholding;
1243 0 : break;
1244 0 : case TIFFTAG_FILLORDER:
1245 0 : *va_arg(ap, uint16_t *) = td->td_fillorder;
1246 0 : break;
1247 16 : case TIFFTAG_ORIENTATION:
1248 16 : *va_arg(ap, uint16_t *) = td->td_orientation;
1249 16 : break;
1250 29711 : case TIFFTAG_SAMPLESPERPIXEL:
1251 29711 : *va_arg(ap, uint16_t *) = td->td_samplesperpixel;
1252 29653 : break;
1253 29427 : case TIFFTAG_ROWSPERSTRIP:
1254 29427 : *va_arg(ap, uint32_t *) = td->td_rowsperstrip;
1255 29479 : break;
1256 5 : case TIFFTAG_MINSAMPLEVALUE:
1257 5 : *va_arg(ap, uint16_t *) = td->td_minsamplevalue;
1258 5 : break;
1259 5 : case TIFFTAG_MAXSAMPLEVALUE:
1260 5 : *va_arg(ap, uint16_t *) = td->td_maxsamplevalue;
1261 5 : break;
1262 0 : case TIFFTAG_SMINSAMPLEVALUE:
1263 0 : if (tif->tif_flags & TIFF_PERSAMPLE)
1264 0 : *va_arg(ap, double **) = td->td_sminsamplevalue;
1265 : else
1266 : {
1267 : /* libtiff historically treats this as a single value. */
1268 : uint16_t i;
1269 0 : double v = td->td_sminsamplevalue[0];
1270 0 : for (i = 1; i < td->td_samplesperpixel; ++i)
1271 0 : if (td->td_sminsamplevalue[i] < v)
1272 0 : v = td->td_sminsamplevalue[i];
1273 0 : *va_arg(ap, double *) = v;
1274 : }
1275 0 : break;
1276 0 : case TIFFTAG_SMAXSAMPLEVALUE:
1277 0 : if (tif->tif_flags & TIFF_PERSAMPLE)
1278 0 : *va_arg(ap, double **) = td->td_smaxsamplevalue;
1279 : else
1280 : {
1281 : /* libtiff historically treats this as a single value. */
1282 : uint16_t i;
1283 0 : double v = td->td_smaxsamplevalue[0];
1284 0 : for (i = 1; i < td->td_samplesperpixel; ++i)
1285 0 : if (td->td_smaxsamplevalue[i] > v)
1286 0 : v = td->td_smaxsamplevalue[i];
1287 0 : *va_arg(ap, double *) = v;
1288 : }
1289 0 : break;
1290 87 : case TIFFTAG_XRESOLUTION:
1291 87 : *va_arg(ap, float *) = td->td_xresolution;
1292 87 : break;
1293 86 : case TIFFTAG_YRESOLUTION:
1294 86 : *va_arg(ap, float *) = td->td_yresolution;
1295 86 : break;
1296 35910 : case TIFFTAG_PLANARCONFIG:
1297 35910 : *va_arg(ap, uint16_t *) = td->td_planarconfig;
1298 35932 : break;
1299 0 : case TIFFTAG_XPOSITION:
1300 0 : *va_arg(ap, float *) = td->td_xposition;
1301 0 : break;
1302 0 : case TIFFTAG_YPOSITION:
1303 0 : *va_arg(ap, float *) = td->td_yposition;
1304 0 : break;
1305 89 : case TIFFTAG_RESOLUTIONUNIT:
1306 89 : *va_arg(ap, uint16_t *) = td->td_resolutionunit;
1307 89 : break;
1308 0 : case TIFFTAG_PAGENUMBER:
1309 0 : *va_arg(ap, uint16_t *) = td->td_pagenumber[0];
1310 0 : *va_arg(ap, uint16_t *) = td->td_pagenumber[1];
1311 0 : break;
1312 0 : case TIFFTAG_HALFTONEHINTS:
1313 0 : *va_arg(ap, uint16_t *) = td->td_halftonehints[0];
1314 0 : *va_arg(ap, uint16_t *) = td->td_halftonehints[1];
1315 0 : break;
1316 169 : case TIFFTAG_COLORMAP:
1317 169 : *va_arg(ap, const uint16_t **) = td->td_colormap[0];
1318 169 : *va_arg(ap, const uint16_t **) = td->td_colormap[1];
1319 169 : *va_arg(ap, const uint16_t **) = td->td_colormap[2];
1320 169 : break;
1321 141317 : case TIFFTAG_STRIPOFFSETS:
1322 : case TIFFTAG_TILEOFFSETS:
1323 141317 : _TIFFFillStriles(tif);
1324 141317 : *va_arg(ap, const uint64_t **) = td->td_stripoffset_p;
1325 141314 : if (td->td_stripoffset_p == NULL)
1326 0 : ret_val = 0;
1327 141314 : break;
1328 169637 : case TIFFTAG_STRIPBYTECOUNTS:
1329 : case TIFFTAG_TILEBYTECOUNTS:
1330 169637 : _TIFFFillStriles(tif);
1331 169638 : *va_arg(ap, const uint64_t **) = td->td_stripbytecount_p;
1332 169637 : if (td->td_stripbytecount_p == NULL)
1333 0 : ret_val = 0;
1334 169637 : break;
1335 0 : case TIFFTAG_MATTEING:
1336 0 : *va_arg(ap, uint16_t *) =
1337 0 : (td->td_extrasamples == 1 && td->td_sampleinfo &&
1338 0 : td->td_sampleinfo[0] == EXTRASAMPLE_ASSOCALPHA);
1339 0 : break;
1340 929433 : case TIFFTAG_EXTRASAMPLES:
1341 929433 : *va_arg(ap, uint16_t *) = td->td_extrasamples;
1342 929433 : *va_arg(ap, const uint16_t **) = td->td_sampleinfo;
1343 929433 : break;
1344 4335 : case TIFFTAG_TILEWIDTH:
1345 4335 : *va_arg(ap, uint32_t *) = td->td_tilewidth;
1346 4334 : break;
1347 4335 : case TIFFTAG_TILELENGTH:
1348 4335 : *va_arg(ap, uint32_t *) = td->td_tilelength;
1349 4335 : break;
1350 0 : case TIFFTAG_TILEDEPTH:
1351 0 : *va_arg(ap, uint32_t *) = td->td_tiledepth;
1352 0 : break;
1353 0 : case TIFFTAG_DATATYPE:
1354 0 : switch (td->td_sampleformat)
1355 : {
1356 0 : case SAMPLEFORMAT_UINT:
1357 0 : *va_arg(ap, uint16_t *) = DATATYPE_UINT;
1358 0 : break;
1359 0 : case SAMPLEFORMAT_INT:
1360 0 : *va_arg(ap, uint16_t *) = DATATYPE_INT;
1361 0 : break;
1362 0 : case SAMPLEFORMAT_IEEEFP:
1363 0 : *va_arg(ap, uint16_t *) = DATATYPE_IEEEFP;
1364 0 : break;
1365 0 : case SAMPLEFORMAT_VOID:
1366 0 : *va_arg(ap, uint16_t *) = DATATYPE_VOID;
1367 0 : break;
1368 0 : default:
1369 0 : break;
1370 : }
1371 0 : break;
1372 33719 : case TIFFTAG_SAMPLEFORMAT:
1373 33719 : *va_arg(ap, uint16_t *) = td->td_sampleformat;
1374 33720 : break;
1375 0 : case TIFFTAG_IMAGEDEPTH:
1376 0 : *va_arg(ap, uint32_t *) = td->td_imagedepth;
1377 0 : break;
1378 22 : case TIFFTAG_SUBIFD:
1379 22 : *va_arg(ap, uint16_t *) = td->td_nsubifd;
1380 22 : *va_arg(ap, const uint64_t **) = td->td_subifd;
1381 22 : break;
1382 0 : case TIFFTAG_YCBCRPOSITIONING:
1383 0 : *va_arg(ap, uint16_t *) = td->td_ycbcrpositioning;
1384 0 : break;
1385 3567 : case TIFFTAG_YCBCRSUBSAMPLING:
1386 3567 : *va_arg(ap, uint16_t *) = td->td_ycbcrsubsampling[0];
1387 3567 : *va_arg(ap, uint16_t *) = td->td_ycbcrsubsampling[1];
1388 3991 : break;
1389 6 : case TIFFTAG_TRANSFERFUNCTION:
1390 6 : *va_arg(ap, const uint16_t **) = td->td_transferfunction[0];
1391 6 : if (td->td_samplesperpixel - td->td_extrasamples > 1)
1392 : {
1393 6 : *va_arg(ap, const uint16_t **) = td->td_transferfunction[1];
1394 6 : *va_arg(ap, const uint16_t **) = td->td_transferfunction[2];
1395 : }
1396 : else
1397 : {
1398 0 : *va_arg(ap, const uint16_t **) = NULL;
1399 0 : *va_arg(ap, const uint16_t **) = NULL;
1400 : }
1401 6 : break;
1402 769 : case TIFFTAG_REFERENCEBLACKWHITE:
1403 769 : *va_arg(ap, const float **) = td->td_refblackwhite;
1404 769 : break;
1405 0 : case TIFFTAG_INKNAMES:
1406 0 : *va_arg(ap, const char **) = td->td_inknames;
1407 0 : break;
1408 0 : case TIFFTAG_NUMBEROFINKS:
1409 0 : *va_arg(ap, uint16_t *) = td->td_numberofinks;
1410 0 : break;
1411 401575 : default:
1412 : {
1413 : int i;
1414 :
1415 : /*
1416 : * This can happen if multiple images are open
1417 : * with different codecs which have private
1418 : * tags. The global tag information table may
1419 : * then have tags that are valid for one file
1420 : * but not the other. If the client tries to
1421 : * get a tag that is not valid for the image's
1422 : * codec then we'll arrive here.
1423 : */
1424 401575 : if (fip->field_bit != FIELD_CUSTOM)
1425 : {
1426 0 : TIFFErrorExtR(tif, "_TIFFVGetField",
1427 : "%s: Invalid %stag \"%s\" "
1428 : "(not supported by codec)",
1429 : tif->tif_name, isPseudoTag(tag) ? "pseudo-" : "",
1430 : fip->field_name);
1431 0 : ret_val = 0;
1432 0 : break;
1433 : }
1434 :
1435 : /*
1436 : * Do we have a custom value?
1437 : */
1438 401575 : ret_val = 0;
1439 1707800 : for (i = 0; i < td->td_customValueCount; i++)
1440 : {
1441 1394780 : TIFFTagValue *tv = td->td_customValues + i;
1442 :
1443 1394780 : if (tv->info->field_tag != tag)
1444 1306220 : continue;
1445 :
1446 88562 : if (fip->field_passcount)
1447 : {
1448 63951 : if (fip->field_readcount == TIFF_VARIABLE2)
1449 392 : *va_arg(ap, uint32_t *) = (uint32_t)tv->count;
1450 : else /* Assume TIFF_VARIABLE */
1451 63559 : *va_arg(ap, uint16_t *) = (uint16_t)tv->count;
1452 63955 : *va_arg(ap, const void **) = tv->value;
1453 63954 : ret_val = 1;
1454 : }
1455 24611 : else if (fip->field_tag == TIFFTAG_DOTRANGE &&
1456 0 : strcmp(fip->field_name, "DotRange") == 0)
1457 : {
1458 : /* TODO: This is an evil exception and should not have been
1459 : handled this way ... likely best if we move it into
1460 : the directory structure with an explicit field in
1461 : libtiff 4.1 and assign it a FIELD_ value */
1462 0 : *va_arg(ap, uint16_t *) = ((uint16_t *)tv->value)[0];
1463 0 : *va_arg(ap, uint16_t *) = ((uint16_t *)tv->value)[1];
1464 0 : ret_val = 1;
1465 : }
1466 : else
1467 : {
1468 24611 : if (fip->field_type == TIFF_ASCII ||
1469 39 : fip->field_readcount == TIFF_VARIABLE ||
1470 39 : fip->field_readcount == TIFF_VARIABLE2 ||
1471 39 : fip->field_readcount == TIFF_SPP || tv->count > 1)
1472 : {
1473 24605 : *va_arg(ap, void **) = tv->value;
1474 24603 : ret_val = 1;
1475 : }
1476 : else
1477 : {
1478 6 : char *val = (char *)tv->value;
1479 6 : assert(tv->count == 1);
1480 6 : switch (fip->field_type)
1481 : {
1482 0 : case TIFF_BYTE:
1483 : case TIFF_UNDEFINED:
1484 0 : *va_arg(ap, uint8_t *) = *(uint8_t *)val;
1485 0 : ret_val = 1;
1486 0 : break;
1487 0 : case TIFF_SBYTE:
1488 0 : *va_arg(ap, int8_t *) = *(int8_t *)val;
1489 0 : ret_val = 1;
1490 0 : break;
1491 0 : case TIFF_SHORT:
1492 0 : *va_arg(ap, uint16_t *) = *(uint16_t *)val;
1493 0 : ret_val = 1;
1494 0 : break;
1495 0 : case TIFF_SSHORT:
1496 0 : *va_arg(ap, int16_t *) = *(int16_t *)val;
1497 0 : ret_val = 1;
1498 0 : break;
1499 0 : case TIFF_LONG:
1500 : case TIFF_IFD:
1501 0 : *va_arg(ap, uint32_t *) = *(uint32_t *)val;
1502 0 : ret_val = 1;
1503 0 : break;
1504 0 : case TIFF_SLONG:
1505 0 : *va_arg(ap, int32_t *) = *(int32_t *)val;
1506 0 : ret_val = 1;
1507 0 : break;
1508 6 : case TIFF_LONG8:
1509 : case TIFF_IFD8:
1510 6 : *va_arg(ap, uint64_t *) = *(uint64_t *)val;
1511 6 : ret_val = 1;
1512 6 : break;
1513 0 : case TIFF_SLONG8:
1514 0 : *va_arg(ap, int64_t *) = *(int64_t *)val;
1515 0 : ret_val = 1;
1516 0 : break;
1517 0 : case TIFF_RATIONAL:
1518 : case TIFF_SRATIONAL:
1519 : {
1520 : /*-- Rational2Double: For Rationals evaluate
1521 : * "set_get_field_type" to determine internal
1522 : * storage size and return value size. */
1523 0 : int tv_size = TIFFFieldSetGetSize(fip);
1524 0 : if (tv_size == 8)
1525 : {
1526 0 : *va_arg(ap, double *) = *(double *)val;
1527 0 : ret_val = 1;
1528 : }
1529 : else
1530 : {
1531 : /*-- default should be tv_size == 4 */
1532 0 : *va_arg(ap, float *) = *(float *)val;
1533 0 : ret_val = 1;
1534 : /*-- ToDo: After Testing, this should be
1535 : * removed and tv_size==4 should be set as
1536 : * default. */
1537 0 : if (tv_size != 4)
1538 : {
1539 0 : TIFFErrorExtR(tif, "_TIFFVGetField",
1540 : "Rational2Double: "
1541 : ".set_get_field_type "
1542 : "in not 4 but %d",
1543 : tv_size);
1544 : }
1545 : }
1546 : }
1547 0 : break;
1548 0 : case TIFF_FLOAT:
1549 0 : *va_arg(ap, float *) = *(float *)val;
1550 0 : ret_val = 1;
1551 0 : break;
1552 0 : case TIFF_DOUBLE:
1553 0 : *va_arg(ap, double *) = *(double *)val;
1554 0 : ret_val = 1;
1555 0 : break;
1556 0 : case TIFF_NOTYPE:
1557 : case TIFF_ASCII:
1558 : default:
1559 0 : ret_val = 0;
1560 0 : break;
1561 : }
1562 : }
1563 : }
1564 88562 : break;
1565 : }
1566 : }
1567 : }
1568 2029170 : return (ret_val);
1569 : }
1570 :
1571 : /*
1572 : * Return the value of a field in the
1573 : * internal directory structure.
1574 : */
1575 2458750 : int TIFFGetField(TIFF *tif, uint32_t tag, ...)
1576 : {
1577 : int status;
1578 : va_list ap;
1579 :
1580 2458750 : va_start(ap, tag);
1581 2458750 : status = TIFFVGetField(tif, tag, ap);
1582 2458710 : va_end(ap);
1583 2458710 : return (status);
1584 : }
1585 :
1586 : /*
1587 : * Like TIFFGetField, but taking a varargs
1588 : * parameter list. This routine is useful
1589 : * for building higher-level interfaces on
1590 : * top of the library.
1591 : */
1592 2469030 : int TIFFVGetField(TIFF *tif, uint32_t tag, va_list ap)
1593 : {
1594 2469030 : const TIFFField *fip = TIFFFindField(tif, tag, TIFF_ANY);
1595 2471320 : return (fip && (isPseudoTag(tag) || TIFFFieldSet(tif, fip->field_bit))
1596 2062160 : ? (*tif->tif_tagmethods.vgetfield)(tif, tag, ap)
1597 4941740 : : 0);
1598 : }
1599 :
1600 : #define CleanupField(member) \
1601 : { \
1602 : if (td->member) \
1603 : { \
1604 : _TIFFfreeExt(tif, td->member); \
1605 : td->member = 0; \
1606 : } \
1607 : }
1608 :
1609 : /*
1610 : * Reset tif->tif_dir structure to zero and
1611 : * initialize some IFD strile counter and index parameters.
1612 : */
1613 207666 : void _TIFFResetTifDirAndInitStrileCounters(TIFFDirectory *td)
1614 : {
1615 207666 : _TIFFmemset(td, 0, sizeof(*td));
1616 207461 : td->td_curstrip = NOSTRIP; /* invalid strip = NOSTRIP */
1617 207461 : td->td_row = (uint32_t)-1; /* read/write pre-increment */
1618 207461 : td->td_col = (uint32_t)-1; /* read/write pre-increment */
1619 207461 : td->td_scanlinesize = 0; /* initialize to zero */
1620 207461 : td->td_curtile = NOTILE; /* invalid tile = NOTILE */
1621 207461 : td->td_tilesize = (tmsize_t)-1; /* invalidate tilezize */
1622 207461 : }
1623 :
1624 : /*
1625 : * Release storage associated with a directory.
1626 : */
1627 209794 : void TIFFFreeDirectory(TIFF *tif)
1628 : {
1629 209794 : TIFFDirectory *td = &tif->tif_dir;
1630 : int i;
1631 :
1632 209794 : (*tif->tif_cleanup)(tif);
1633 209876 : _TIFFmemset(td->td_fieldsset, 0, sizeof(td->td_fieldsset));
1634 209647 : CleanupField(td_sminsamplevalue);
1635 209647 : CleanupField(td_smaxsamplevalue);
1636 209647 : CleanupField(td_colormap[0]);
1637 209647 : CleanupField(td_colormap[1]);
1638 209647 : CleanupField(td_colormap[2]);
1639 209647 : CleanupField(td_sampleinfo);
1640 209647 : CleanupField(td_subifd);
1641 209647 : CleanupField(td_inknames);
1642 209647 : CleanupField(td_refblackwhite);
1643 209647 : CleanupField(td_transferfunction[0]);
1644 209647 : CleanupField(td_transferfunction[1]);
1645 209647 : CleanupField(td_transferfunction[2]);
1646 209647 : CleanupField(td_stripoffset_p);
1647 209653 : CleanupField(td_stripbytecount_p);
1648 209656 : td->td_stripoffsetbyteallocsize = 0;
1649 209656 : TIFFClrFieldBit(tif, FIELD_YCBCRSUBSAMPLING);
1650 209656 : TIFFClrFieldBit(tif, FIELD_YCBCRPOSITIONING);
1651 :
1652 : /* Cleanup custom tag values */
1653 367276 : for (i = 0; i < td->td_customValueCount; i++)
1654 : {
1655 157616 : if (td->td_customValues[i].value)
1656 157617 : _TIFFfreeExt(tif, td->td_customValues[i].value);
1657 : }
1658 :
1659 209660 : td->td_customValueCount = 0;
1660 209660 : CleanupField(td_customValues);
1661 :
1662 209661 : _TIFFmemset(&(td->td_stripoffset_entry), 0, sizeof(TIFFDirEntry));
1663 209745 : _TIFFmemset(&(td->td_stripbytecount_entry), 0, sizeof(TIFFDirEntry));
1664 :
1665 : /* Reset some internal parameters for IFD data size checking. */
1666 209652 : tif->tif_dir.td_dirdatasize_read = 0;
1667 209652 : tif->tif_dir.td_dirdatasize_write = 0;
1668 209652 : if (tif->tif_dir.td_dirdatasize_offsets != NULL)
1669 : {
1670 54406 : _TIFFfreeExt(tif, tif->tif_dir.td_dirdatasize_offsets);
1671 54405 : tif->tif_dir.td_dirdatasize_offsets = NULL;
1672 54405 : tif->tif_dir.td_dirdatasize_Noffsets = 0;
1673 : }
1674 209651 : tif->tif_dir.td_iswrittentofile = FALSE;
1675 : /* Note: tif->tif_dir structure is set to zero in TIFFDefaultDirectory() */
1676 209651 : }
1677 : #undef CleanupField
1678 :
1679 : /*
1680 : * Client Tag extension support (from Niles Ritter).
1681 : */
1682 : static TIFFExtendProc _TIFFextender = (TIFFExtendProc)NULL;
1683 :
1684 1402 : TIFFExtendProc TIFFSetTagExtender(TIFFExtendProc extender)
1685 : {
1686 1402 : TIFFExtendProc prev = _TIFFextender;
1687 1402 : _TIFFextender = extender;
1688 1402 : return (prev);
1689 : }
1690 :
1691 : /*
1692 : * Setup for a new directory. Should we automatically call
1693 : * TIFFWriteDirectory() if the current one is dirty?
1694 : *
1695 : * The newly created directory will not exist on the file till
1696 : * TIFFWriteDirectory(), TIFFFlush() or TIFFClose() is called.
1697 : */
1698 42796 : int TIFFCreateDirectory(TIFF *tif)
1699 : {
1700 : /* Free previously allocated memory and setup default values. */
1701 42796 : TIFFFreeDirectory(tif);
1702 42794 : TIFFDefaultDirectory(tif);
1703 42793 : tif->tif_diroff = 0;
1704 42793 : tif->tif_nextdiroff = 0;
1705 42793 : tif->tif_curoff = 0;
1706 42793 : tif->tif_dir.td_iswrittentofile = FALSE;
1707 42793 : return 0;
1708 : }
1709 :
1710 0 : int TIFFCreateCustomDirectory(TIFF *tif, const TIFFFieldArray *infoarray)
1711 : {
1712 : /* Free previously allocated memory and setup default values. */
1713 0 : TIFFFreeDirectory(tif);
1714 0 : TIFFDefaultDirectory(tif);
1715 :
1716 : /*
1717 : * Reset the field definitions to match the application provided list.
1718 : * Hopefully TIFFDefaultDirectory() won't have done anything irreversible
1719 : * based on it's assumption this is an image directory.
1720 : */
1721 0 : _TIFFSetupFields(tif, infoarray);
1722 :
1723 0 : tif->tif_diroff = 0;
1724 0 : tif->tif_nextdiroff = 0;
1725 0 : tif->tif_curoff = 0;
1726 : /* invalidate directory index */
1727 0 : tif->tif_curdir = TIFF_NON_EXISTENT_DIR_NUMBER;
1728 : /* invalidate IFD loop lists */
1729 0 : _TIFFCleanupIFDOffsetAndNumberMaps(tif);
1730 : /* To be able to return from SubIFD or custom-IFD to main-IFD */
1731 0 : tif->tif_setdirectory_force_absolute = TRUE;
1732 0 : return 0;
1733 : }
1734 :
1735 0 : int TIFFCreateEXIFDirectory(TIFF *tif)
1736 : {
1737 : const TIFFFieldArray *exifFieldArray;
1738 0 : exifFieldArray = _TIFFGetExifFields();
1739 0 : return TIFFCreateCustomDirectory(tif, exifFieldArray);
1740 : }
1741 :
1742 : /*
1743 : * Creates the EXIF GPS custom directory
1744 : */
1745 0 : int TIFFCreateGPSDirectory(TIFF *tif)
1746 : {
1747 : const TIFFFieldArray *gpsFieldArray;
1748 0 : gpsFieldArray = _TIFFGetGpsFields();
1749 0 : return TIFFCreateCustomDirectory(tif, gpsFieldArray);
1750 : }
1751 :
1752 : /*
1753 : * Setup a default directory structure.
1754 : */
1755 136808 : int TIFFDefaultDirectory(TIFF *tif)
1756 : {
1757 136808 : TIFFDirectory *td = &tif->tif_dir;
1758 : const TIFFFieldArray *tiffFieldArray;
1759 :
1760 136808 : tiffFieldArray = _TIFFGetFields();
1761 136731 : _TIFFSetupFields(tif, tiffFieldArray);
1762 : /* Reset tif->tif_dir structure to zero and
1763 : * initialize some IFD strile counter and index parameters. */
1764 136763 : _TIFFResetTifDirAndInitStrileCounters(td);
1765 136736 : td->td_fillorder = FILLORDER_MSB2LSB;
1766 136736 : td->td_bitspersample = 1;
1767 136736 : td->td_threshholding = THRESHHOLD_BILEVEL;
1768 136736 : td->td_orientation = ORIENTATION_TOPLEFT;
1769 136736 : td->td_samplesperpixel = 1;
1770 136736 : td->td_rowsperstrip = (uint32_t)-1;
1771 136736 : td->td_tilewidth = 0;
1772 136736 : td->td_tilelength = 0;
1773 136736 : td->td_tiledepth = 1;
1774 : #ifdef STRIPBYTECOUNTSORTED_UNUSED
1775 : td->td_stripbytecountsorted = 1; /* Our own arrays always sorted. */
1776 : #endif
1777 136736 : td->td_resolutionunit = RESUNIT_INCH;
1778 136736 : td->td_sampleformat = SAMPLEFORMAT_UINT;
1779 136736 : td->td_imagedepth = 1;
1780 136736 : td->td_ycbcrsubsampling[0] = 2;
1781 136736 : td->td_ycbcrsubsampling[1] = 2;
1782 136736 : td->td_ycbcrpositioning = YCBCRPOSITION_CENTERED;
1783 136736 : tif->tif_postdecode = _TIFFNoPostDecode;
1784 136736 : tif->tif_foundfield = NULL;
1785 136736 : tif->tif_tagmethods.vsetfield = _TIFFVSetField;
1786 136736 : tif->tif_tagmethods.vgetfield = _TIFFVGetField;
1787 136736 : tif->tif_tagmethods.printdir = NULL;
1788 : /* additional default values */
1789 136736 : td->td_planarconfig = PLANARCONFIG_CONTIG;
1790 136736 : td->td_compression = COMPRESSION_NONE;
1791 136736 : td->td_subfiletype = 0;
1792 136736 : td->td_minsamplevalue = 0;
1793 : /* td_bitspersample=1 is always set in TIFFDefaultDirectory().
1794 : * Therefore, td_maxsamplevalue has to be re-calculated in
1795 : * TIFFGetFieldDefaulted(). */
1796 136736 : td->td_maxsamplevalue = 1; /* Default for td_bitspersample=1 */
1797 136736 : td->td_extrasamples = 0;
1798 136736 : td->td_sampleinfo = NULL;
1799 :
1800 : /*
1801 : * Give client code a chance to install their own
1802 : * tag extensions & methods, prior to compression overloads,
1803 : * but do some prior cleanup first.
1804 : * (http://trac.osgeo.org/gdal/ticket/5054)
1805 : */
1806 136736 : if (tif->tif_nfieldscompat > 0)
1807 : {
1808 : uint32_t i;
1809 :
1810 197699 : for (i = 0; i < tif->tif_nfieldscompat; i++)
1811 : {
1812 131798 : if (tif->tif_fieldscompat[i].allocated_size)
1813 131804 : _TIFFfreeExt(tif, tif->tif_fieldscompat[i].fields);
1814 : }
1815 65901 : _TIFFfreeExt(tif, tif->tif_fieldscompat);
1816 65902 : tif->tif_nfieldscompat = 0;
1817 65902 : tif->tif_fieldscompat = NULL;
1818 : }
1819 136738 : if (_TIFFextender)
1820 136710 : (*_TIFFextender)(tif);
1821 136830 : (void)TIFFSetField(tif, TIFFTAG_COMPRESSION, COMPRESSION_NONE);
1822 : /*
1823 : * NB: The directory is marked dirty as a result of setting
1824 : * up the default compression scheme. However, this really
1825 : * isn't correct -- we want TIFF_DIRTYDIRECT to be set only
1826 : * if the user does something. We could just do the setup
1827 : * by hand, but it seems better to use the normal mechanism
1828 : * (i.e. TIFFSetField).
1829 : */
1830 136419 : tif->tif_flags &= ~TIFF_DIRTYDIRECT;
1831 :
1832 : /*
1833 : * As per http://bugzilla.remotesensing.org/show_bug.cgi?id=19
1834 : * we clear the ISTILED flag when setting up a new directory.
1835 : * Should we also be clearing stuff like INSUBIFD?
1836 : */
1837 136419 : tif->tif_flags &= ~TIFF_ISTILED;
1838 :
1839 136419 : return (1);
1840 : }
1841 :
1842 16597 : static int TIFFAdvanceDirectory(TIFF *tif, uint64_t *nextdiroff, uint64_t *off,
1843 : tdir_t *nextdirnum)
1844 : {
1845 : static const char module[] = "TIFFAdvanceDirectory";
1846 :
1847 : /* Add this directory to the directory list, if not already in. */
1848 16597 : if (!_TIFFCheckDirNumberAndOffset(tif, *nextdirnum, *nextdiroff))
1849 : {
1850 0 : TIFFErrorExtR(tif, module,
1851 : "Starting directory %u at offset 0x%" PRIx64 " (%" PRIu64
1852 : ") might cause an IFD loop",
1853 : *nextdirnum, *nextdiroff, *nextdiroff);
1854 0 : *nextdiroff = 0;
1855 0 : *nextdirnum = 0;
1856 0 : return (0);
1857 : }
1858 :
1859 16597 : if (isMapped(tif))
1860 : {
1861 0 : uint64_t poff = *nextdiroff;
1862 0 : if (!(tif->tif_flags & TIFF_BIGTIFF))
1863 : {
1864 : tmsize_t poffa, poffb, poffc, poffd;
1865 : uint16_t dircount;
1866 : uint32_t nextdir32;
1867 0 : poffa = (tmsize_t)poff;
1868 0 : poffb = poffa + (tmsize_t)sizeof(uint16_t);
1869 0 : if (((uint64_t)poffa != poff) || (poffb < poffa) ||
1870 0 : (poffb < (tmsize_t)sizeof(uint16_t)) || (poffb > tif->tif_size))
1871 : {
1872 0 : TIFFErrorExtR(tif, module,
1873 : "%s:%d: %s: Error fetching directory count",
1874 : __FILE__, __LINE__, tif->tif_name);
1875 0 : *nextdiroff = 0;
1876 0 : return (0);
1877 : }
1878 0 : _TIFFmemcpy(&dircount, tif->tif_base + poffa, sizeof(uint16_t));
1879 0 : if (tif->tif_flags & TIFF_SWAB)
1880 0 : TIFFSwabShort(&dircount);
1881 0 : poffc = poffb + dircount * 12;
1882 0 : poffd = poffc + (tmsize_t)sizeof(uint32_t);
1883 0 : if ((poffc < poffb) || (poffc < dircount * 12) || (poffd < poffc) ||
1884 0 : (poffd < (tmsize_t)sizeof(uint32_t)) || (poffd > tif->tif_size))
1885 : {
1886 0 : TIFFErrorExtR(tif, module, "Error fetching directory link");
1887 0 : return (0);
1888 : }
1889 0 : if (off != NULL)
1890 0 : *off = (uint64_t)poffc;
1891 0 : _TIFFmemcpy(&nextdir32, tif->tif_base + poffc, sizeof(uint32_t));
1892 0 : if (tif->tif_flags & TIFF_SWAB)
1893 0 : TIFFSwabLong(&nextdir32);
1894 0 : *nextdiroff = nextdir32;
1895 : }
1896 : else
1897 : {
1898 : tmsize_t poffa, poffb, poffc, poffd;
1899 : uint64_t dircount64;
1900 0 : if (poff > (uint64_t)TIFF_TMSIZE_T_MAX - sizeof(uint64_t))
1901 : {
1902 0 : TIFFErrorExtR(tif, module,
1903 : "%s:%d: %s: Error fetching directory count",
1904 : __FILE__, __LINE__, tif->tif_name);
1905 0 : return (0);
1906 : }
1907 0 : poffa = (tmsize_t)poff;
1908 0 : poffb = poffa + (tmsize_t)sizeof(uint64_t);
1909 0 : if (poffb > tif->tif_size)
1910 : {
1911 0 : TIFFErrorExtR(tif, module,
1912 : "%s:%d: %s: Error fetching directory count",
1913 : __FILE__, __LINE__, tif->tif_name);
1914 0 : return (0);
1915 : }
1916 0 : _TIFFmemcpy(&dircount64, tif->tif_base + poffa, sizeof(uint64_t));
1917 0 : if (tif->tif_flags & TIFF_SWAB)
1918 0 : TIFFSwabLong8(&dircount64);
1919 0 : if (dircount64 > 0xFFFF)
1920 : {
1921 0 : TIFFErrorExtR(tif, module,
1922 : "Sanity check on directory count failed");
1923 0 : return (0);
1924 : }
1925 0 : if (poffb > TIFF_TMSIZE_T_MAX - (tmsize_t)(dircount64 * 20) -
1926 : (tmsize_t)sizeof(uint64_t))
1927 : {
1928 0 : TIFFErrorExtR(tif, module, "Error fetching directory link");
1929 0 : return (0);
1930 : }
1931 0 : poffc = poffb + (tmsize_t)(dircount64 * 20);
1932 0 : poffd = poffc + (tmsize_t)sizeof(uint64_t);
1933 0 : if (poffd > tif->tif_size)
1934 : {
1935 0 : TIFFErrorExtR(tif, module, "Error fetching directory link");
1936 0 : return (0);
1937 : }
1938 0 : if (off != NULL)
1939 0 : *off = (uint64_t)poffc;
1940 0 : _TIFFmemcpy(nextdiroff, tif->tif_base + poffc, sizeof(uint64_t));
1941 0 : if (tif->tif_flags & TIFF_SWAB)
1942 0 : TIFFSwabLong8(nextdiroff);
1943 : }
1944 : }
1945 : else
1946 : {
1947 16597 : if (!(tif->tif_flags & TIFF_BIGTIFF))
1948 : {
1949 : uint16_t dircount;
1950 : uint32_t nextdir32;
1951 31469 : if (!SeekOK(tif, *nextdiroff) ||
1952 15734 : !ReadOK(tif, &dircount, sizeof(uint16_t)))
1953 : {
1954 8 : TIFFErrorExtR(tif, module,
1955 : "%s:%d: %s: Error fetching directory count",
1956 : __FILE__, __LINE__, tif->tif_name);
1957 10 : return (0);
1958 : }
1959 15726 : if (tif->tif_flags & TIFF_SWAB)
1960 272 : TIFFSwabShort(&dircount);
1961 15726 : if (off != NULL)
1962 9 : *off = TIFFSeekFile(tif, dircount * 12U, SEEK_CUR);
1963 : else
1964 15717 : (void)TIFFSeekFile(tif, dircount * 12U, SEEK_CUR);
1965 15728 : if (!ReadOK(tif, &nextdir32, sizeof(uint32_t)))
1966 : {
1967 3 : TIFFErrorExtR(tif, module, "%s: Error fetching directory link",
1968 : tif->tif_name);
1969 3 : return (0);
1970 : }
1971 15725 : if (tif->tif_flags & TIFF_SWAB)
1972 272 : TIFFSwabLong(&nextdir32);
1973 15725 : *nextdiroff = nextdir32;
1974 : }
1975 : else
1976 : {
1977 : uint64_t dircount64;
1978 1724 : if (!SeekOK(tif, *nextdiroff) ||
1979 862 : !ReadOK(tif, &dircount64, sizeof(uint64_t)))
1980 : {
1981 0 : TIFFErrorExtR(tif, module,
1982 : "%s:%d: %s: Error fetching directory count",
1983 : __FILE__, __LINE__, tif->tif_name);
1984 0 : return (0);
1985 : }
1986 862 : if (tif->tif_flags & TIFF_SWAB)
1987 4 : TIFFSwabLong8(&dircount64);
1988 862 : if (dircount64 > 0xFFFF)
1989 : {
1990 0 : TIFFErrorExtR(tif, module,
1991 : "%s:%d: %s: Error fetching directory count",
1992 : __FILE__, __LINE__, tif->tif_name);
1993 0 : return (0);
1994 : }
1995 862 : if (off != NULL)
1996 0 : *off = TIFFSeekFile(tif, dircount64 * 20, SEEK_CUR);
1997 : else
1998 862 : (void)TIFFSeekFile(tif, dircount64 * 20, SEEK_CUR);
1999 862 : if (!ReadOK(tif, nextdiroff, sizeof(uint64_t)))
2000 : {
2001 0 : TIFFErrorExtR(tif, module, "%s: Error fetching directory link",
2002 : tif->tif_name);
2003 0 : return (0);
2004 : }
2005 862 : if (tif->tif_flags & TIFF_SWAB)
2006 4 : TIFFSwabLong8(nextdiroff);
2007 : }
2008 : }
2009 16587 : if (*nextdiroff != 0)
2010 : {
2011 5873 : (*nextdirnum)++;
2012 : /* Check next directory for IFD looping and if so, set it as last
2013 : * directory. */
2014 5873 : if (!_TIFFCheckDirNumberAndOffset(tif, *nextdirnum, *nextdiroff))
2015 : {
2016 0 : TIFFWarningExtR(
2017 : tif, module,
2018 : "the next directory %u at offset 0x%" PRIx64 " (%" PRIu64
2019 : ") might be an IFD loop. Treating directory %d as "
2020 : "last directory",
2021 0 : *nextdirnum, *nextdiroff, *nextdiroff, (int)(*nextdirnum) - 1);
2022 0 : *nextdiroff = 0;
2023 0 : (*nextdirnum)--;
2024 : }
2025 : }
2026 16586 : return (1);
2027 : }
2028 :
2029 : /*
2030 : * Count the number of directories in a file.
2031 : */
2032 10718 : tdir_t TIFFNumberOfDirectories(TIFF *tif)
2033 : {
2034 : uint64_t nextdiroff;
2035 : tdir_t nextdirnum;
2036 : tdir_t n;
2037 10718 : if (!(tif->tif_flags & TIFF_BIGTIFF))
2038 10430 : nextdiroff = tif->tif_header.classic.tiff_diroff;
2039 : else
2040 288 : nextdiroff = tif->tif_header.big.tiff_diroff;
2041 10718 : nextdirnum = 0;
2042 10718 : n = 0;
2043 43872 : while (nextdiroff != 0 &&
2044 16581 : TIFFAdvanceDirectory(tif, &nextdiroff, NULL, &nextdirnum))
2045 : {
2046 16572 : ++n;
2047 : }
2048 : /* Update number of main-IFDs in file. */
2049 10719 : tif->tif_curdircount = n;
2050 10719 : return (n);
2051 : }
2052 :
2053 : /*
2054 : * Set the n-th directory as the current directory.
2055 : * NB: Directories are numbered starting at 0.
2056 : */
2057 10866 : int TIFFSetDirectory(TIFF *tif, tdir_t dirn)
2058 : {
2059 : uint64_t nextdiroff;
2060 10866 : tdir_t nextdirnum = 0;
2061 : tdir_t n;
2062 :
2063 10866 : if (tif->tif_setdirectory_force_absolute)
2064 : {
2065 : /* tif_setdirectory_force_absolute=1 will force parsing the main IFD
2066 : * chain from the beginning, thus IFD directory list needs to be cleared
2067 : * from possible SubIFD offsets.
2068 : */
2069 0 : _TIFFCleanupIFDOffsetAndNumberMaps(tif); /* invalidate IFD loop lists */
2070 : }
2071 :
2072 : /* Even faster path, if offset is available within IFD loop hash list. */
2073 21732 : if (!tif->tif_setdirectory_force_absolute &&
2074 10866 : _TIFFGetOffsetFromDirNumber(tif, dirn, &nextdiroff))
2075 : {
2076 : /* Set parameters for following TIFFReadDirectory() below. */
2077 10866 : tif->tif_nextdiroff = nextdiroff;
2078 10866 : tif->tif_curdir = dirn;
2079 : /* Reset to relative stepping */
2080 10866 : tif->tif_setdirectory_force_absolute = FALSE;
2081 : }
2082 : else
2083 : {
2084 :
2085 : /* Fast path when we just advance relative to the current directory:
2086 : * start at the current dir offset and continue to seek from there.
2087 : * Check special cases when relative is not allowed:
2088 : * - jump back from SubIFD or custom directory
2089 : * - right after TIFFWriteDirectory() jump back to that directory
2090 : * using TIFFSetDirectory() */
2091 0 : const int relative = (dirn >= tif->tif_curdir) &&
2092 0 : (tif->tif_diroff != 0) &&
2093 0 : !tif->tif_setdirectory_force_absolute;
2094 :
2095 0 : if (relative)
2096 : {
2097 0 : nextdiroff = tif->tif_diroff;
2098 0 : dirn -= tif->tif_curdir;
2099 0 : nextdirnum = tif->tif_curdir;
2100 : }
2101 0 : else if (!(tif->tif_flags & TIFF_BIGTIFF))
2102 0 : nextdiroff = tif->tif_header.classic.tiff_diroff;
2103 : else
2104 0 : nextdiroff = tif->tif_header.big.tiff_diroff;
2105 :
2106 : /* Reset to relative stepping */
2107 0 : tif->tif_setdirectory_force_absolute = FALSE;
2108 :
2109 0 : for (n = dirn; n > 0 && nextdiroff != 0; n--)
2110 0 : if (!TIFFAdvanceDirectory(tif, &nextdiroff, NULL, &nextdirnum))
2111 0 : return (0);
2112 : /* If the n-th directory could not be reached (does not exist),
2113 : * return here without touching anything further. */
2114 0 : if (nextdiroff == 0 || n > 0)
2115 0 : return (0);
2116 :
2117 0 : tif->tif_nextdiroff = nextdiroff;
2118 :
2119 : /* Set curdir to the actual directory index. */
2120 0 : if (relative)
2121 0 : tif->tif_curdir += dirn - n;
2122 : else
2123 0 : tif->tif_curdir = dirn - n;
2124 : }
2125 :
2126 : /* The -1 decrement is because TIFFReadDirectory will increment
2127 : * tif_curdir after successfully reading the directory. */
2128 10866 : if (tif->tif_curdir == 0)
2129 10082 : tif->tif_curdir = TIFF_NON_EXISTENT_DIR_NUMBER;
2130 : else
2131 784 : tif->tif_curdir--;
2132 :
2133 10866 : tdir_t curdir = tif->tif_curdir;
2134 :
2135 10866 : int retval = TIFFReadDirectory(tif);
2136 :
2137 10866 : if (!retval && tif->tif_curdir == curdir)
2138 : {
2139 : /* If tif_curdir has not be incremented, TIFFFetchDirectory() in
2140 : * TIFFReadDirectory() has failed and tif_curdir shall be set
2141 : * specifically. */
2142 4 : tif->tif_curdir = TIFF_NON_EXISTENT_DIR_NUMBER;
2143 : }
2144 10866 : return (retval);
2145 : }
2146 :
2147 : /*
2148 : * Set the current directory to be the directory
2149 : * located at the specified file offset. This interface
2150 : * is used mainly to access directories linked with
2151 : * the SubIFD tag (e.g. thumbnail images).
2152 : */
2153 19661 : int TIFFSetSubDirectory(TIFF *tif, uint64_t diroff)
2154 : {
2155 : /* Match nextdiroff and curdir for consistent IFD-loop checking.
2156 : * Only with TIFFSetSubDirectory() the IFD list can be corrupted with
2157 : * invalid offsets within the main IFD tree. In the case of several subIFDs
2158 : * of a main image, there are two possibilities that are not even mutually
2159 : * exclusive. a.) The subIFD tag contains an array with all offsets of the
2160 : * subIFDs. b.) The SubIFDs are concatenated with their NextIFD parameters.
2161 : * (refer to
2162 : * https://www.awaresystems.be/imaging/tiff/specification/TIFFPM6.pdf.)
2163 : */
2164 : int retval;
2165 19661 : uint32_t curdir = 0;
2166 19661 : int8_t probablySubIFD = 0;
2167 19661 : if (diroff == 0)
2168 : {
2169 : /* Special case to set tif_diroff=0, which is done in
2170 : * TIFFReadDirectory() below to indicate that the currently read IFD is
2171 : * treated as a new, fresh IFD. */
2172 8572 : tif->tif_curdir = TIFF_NON_EXISTENT_DIR_NUMBER;
2173 8572 : tif->tif_dir.td_iswrittentofile = FALSE;
2174 : }
2175 : else
2176 : {
2177 11089 : if (!_TIFFGetDirNumberFromOffset(tif, diroff, &curdir))
2178 : {
2179 : /* Non-existing offsets might point to a SubIFD or invalid IFD.*/
2180 59 : probablySubIFD = 1;
2181 : }
2182 : /* -1 because TIFFReadDirectory() will increment tif_curdir. */
2183 11085 : if (curdir >= 1)
2184 1805 : tif->tif_curdir = curdir - 1;
2185 : else
2186 9280 : tif->tif_curdir = TIFF_NON_EXISTENT_DIR_NUMBER;
2187 : }
2188 19657 : curdir = tif->tif_curdir;
2189 :
2190 19657 : tif->tif_nextdiroff = diroff;
2191 19657 : retval = TIFFReadDirectory(tif);
2192 :
2193 : /* tif_curdir is incremented in TIFFReadDirectory(), but if it has not been
2194 : * incremented, TIFFFetchDirectory() has failed there and tif_curdir shall
2195 : * be set specifically. */
2196 19661 : if (!retval && diroff != 0 && tif->tif_curdir == curdir)
2197 : {
2198 1 : tif->tif_curdir = TIFF_NON_EXISTENT_DIR_NUMBER;
2199 : }
2200 :
2201 19661 : if (probablySubIFD)
2202 : {
2203 59 : if (retval)
2204 : {
2205 : /* Reset IFD list to start new one for SubIFD chain and also start
2206 : * SubIFD chain with tif_curdir=0 for IFD loop checking. */
2207 : /* invalidate IFD loop lists */
2208 58 : _TIFFCleanupIFDOffsetAndNumberMaps(tif);
2209 58 : tif->tif_curdir = 0; /* first directory of new chain */
2210 : /* add this offset to new IFD list */
2211 58 : retval = _TIFFCheckDirNumberAndOffset(tif, tif->tif_curdir, diroff);
2212 : }
2213 : /* To be able to return from SubIFD or custom-IFD to main-IFD */
2214 59 : tif->tif_setdirectory_force_absolute = TRUE;
2215 : }
2216 :
2217 19661 : return (retval);
2218 : }
2219 :
2220 : /*
2221 : * Return file offset of the current directory.
2222 : */
2223 135564 : uint64_t TIFFCurrentDirOffset(TIFF *tif) { return (tif->tif_diroff); }
2224 :
2225 : /*
2226 : * Return an indication of whether or not we are
2227 : * at the last directory in the file.
2228 : */
2229 9342 : int TIFFLastDirectory(TIFF *tif) { return (tif->tif_nextdiroff == 0); }
2230 :
2231 : /*
2232 : * Unlink the specified directory from the directory chain.
2233 : * Note: First directory starts with number dirn=1.
2234 : * This is different to TIFFSetDirectory() where the first directory starts with
2235 : * zero.
2236 : */
2237 6 : int TIFFUnlinkDirectory(TIFF *tif, tdir_t dirn)
2238 : {
2239 : static const char module[] = "TIFFUnlinkDirectory";
2240 : uint64_t nextdir;
2241 : tdir_t nextdirnum;
2242 : uint64_t off;
2243 : tdir_t n;
2244 :
2245 6 : if (tif->tif_mode == O_RDONLY)
2246 : {
2247 0 : TIFFErrorExtR(tif, module,
2248 : "Can not unlink directory in read-only file");
2249 0 : return (0);
2250 : }
2251 6 : if (dirn == 0)
2252 : {
2253 0 : TIFFErrorExtR(tif, module,
2254 : "For TIFFUnlinkDirectory() first directory starts with "
2255 : "number 1 and not 0");
2256 0 : return (0);
2257 : }
2258 : /*
2259 : * Go to the directory before the one we want
2260 : * to unlink and nab the offset of the link
2261 : * field we'll need to patch.
2262 : */
2263 6 : if (!(tif->tif_flags & TIFF_BIGTIFF))
2264 : {
2265 6 : nextdir = tif->tif_header.classic.tiff_diroff;
2266 6 : off = 4;
2267 : }
2268 : else
2269 : {
2270 0 : nextdir = tif->tif_header.big.tiff_diroff;
2271 0 : off = 8;
2272 : }
2273 6 : nextdirnum = 0; /* First directory is dirn=0 */
2274 :
2275 15 : for (n = dirn - 1; n > 0; n--)
2276 : {
2277 9 : if (nextdir == 0)
2278 : {
2279 0 : TIFFErrorExtR(tif, module, "Directory %u does not exist", dirn);
2280 0 : return (0);
2281 : }
2282 9 : if (!TIFFAdvanceDirectory(tif, &nextdir, &off, &nextdirnum))
2283 0 : return (0);
2284 : }
2285 : /*
2286 : * Advance to the directory to be unlinked and fetch
2287 : * the offset of the directory that follows.
2288 : */
2289 6 : if (!TIFFAdvanceDirectory(tif, &nextdir, NULL, &nextdirnum))
2290 0 : return (0);
2291 : /*
2292 : * Go back and patch the link field of the preceding
2293 : * directory to point to the offset of the directory
2294 : * that follows.
2295 : */
2296 6 : (void)TIFFSeekFile(tif, off, SEEK_SET);
2297 6 : if (!(tif->tif_flags & TIFF_BIGTIFF))
2298 : {
2299 : uint32_t nextdir32;
2300 6 : nextdir32 = (uint32_t)nextdir;
2301 6 : assert((uint64_t)nextdir32 == nextdir);
2302 6 : if (tif->tif_flags & TIFF_SWAB)
2303 0 : TIFFSwabLong(&nextdir32);
2304 6 : if (!WriteOK(tif, &nextdir32, sizeof(uint32_t)))
2305 : {
2306 0 : TIFFErrorExtR(tif, module, "Error writing directory link");
2307 0 : return (0);
2308 : }
2309 : }
2310 : else
2311 : {
2312 : /* Need local swap because nextdir has to be used unswapped below. */
2313 0 : uint64_t nextdir64 = nextdir;
2314 0 : if (tif->tif_flags & TIFF_SWAB)
2315 0 : TIFFSwabLong8(&nextdir64);
2316 0 : if (!WriteOK(tif, &nextdir64, sizeof(uint64_t)))
2317 : {
2318 0 : TIFFErrorExtR(tif, module, "Error writing directory link");
2319 0 : return (0);
2320 : }
2321 : }
2322 :
2323 : /* For dirn=1 (first directory) also update the libtiff internal
2324 : * base offset variables. */
2325 6 : if (dirn == 1)
2326 : {
2327 0 : if (!(tif->tif_flags & TIFF_BIGTIFF))
2328 0 : tif->tif_header.classic.tiff_diroff = (uint32_t)nextdir;
2329 : else
2330 0 : tif->tif_header.big.tiff_diroff = nextdir;
2331 : }
2332 :
2333 : /*
2334 : * Leave directory state setup safely. We don't have
2335 : * facilities for doing inserting and removing directories,
2336 : * so it's safest to just invalidate everything. This
2337 : * means that the caller can only append to the directory
2338 : * chain.
2339 : */
2340 6 : if ((tif->tif_flags & TIFF_MYBUFFER) && tif->tif_rawdata)
2341 : {
2342 0 : _TIFFfreeExt(tif, tif->tif_rawdata);
2343 0 : tif->tif_rawdata = NULL;
2344 0 : tif->tif_rawcc = 0;
2345 0 : tif->tif_rawcp = NULL;
2346 0 : tif->tif_rawdataoff = 0;
2347 0 : tif->tif_rawdataloaded = 0;
2348 : }
2349 6 : tif->tif_flags &= ~(TIFF_BEENWRITING | TIFF_BUFFERSETUP | TIFF_POSTENCODE |
2350 : TIFF_BUF4WRITE);
2351 6 : TIFFFreeDirectory(tif);
2352 6 : TIFFDefaultDirectory(tif);
2353 6 : tif->tif_diroff = 0; /* force link on next write */
2354 6 : tif->tif_nextdiroff = 0; /* next write must be at end */
2355 6 : tif->tif_lastdiroff = 0; /* will be updated on next link */
2356 6 : tif->tif_curoff = 0;
2357 6 : tif->tif_curdir = TIFF_NON_EXISTENT_DIR_NUMBER;
2358 6 : if (tif->tif_curdircount > 0)
2359 6 : tif->tif_curdircount--;
2360 : else
2361 0 : tif->tif_curdircount = TIFF_NON_EXISTENT_DIR_NUMBER;
2362 6 : _TIFFCleanupIFDOffsetAndNumberMaps(tif); /* invalidate IFD loop lists */
2363 6 : return (1);
2364 : }
|
