1/* -*- Mode: C; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2/* ***** BEGIN LICENSE BLOCK *****
3 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
4 *
5 * The contents of this file are subject to the Mozilla Public License Version
6 * 1.1 (the "License"); you may not use this file except in compliance with
7 * the License. You may obtain a copy of the License at
8 * http://www.mozilla.org/MPL/
9 *
10 * Software distributed under the License is distributed on an "AS IS" basis,
11 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
12 * for the specific language governing rights and limitations under the
13 * License.
14 *
15 * The Original Code is mozilla.org code.
16 *
17 * The Initial Developer of the Original Code is
18 * Netscape Communications Corporation.
19 * Portions created by the Initial Developer are Copyright (C) 1998
20 * the Initial Developer. All Rights Reserved.
21 *
22 * Contributor(s):
23 *   Chris Saari <saari@netscape.com>
24 *   Apple Computer
25 *
26 * Alternatively, the contents of this file may be used under the terms of
27 * either the GNU General Public License Version 2 or later (the "GPL"), or
28 * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
29 * in which case the provisions of the GPL or the LGPL are applicable instead
30 * of those above. If you wish to allow use of your version of this file only
31 * under the terms of either the GPL or the LGPL, and not to allow others to
32 * use your version of this file under the terms of the MPL, indicate your
33 * decision by deleting the provisions above and replace them with the notice
34 * and other provisions required by the GPL or the LGPL. If you do not delete
35 * the provisions above, a recipient may use your version of this file under
36 * the terms of any one of the MPL, the GPL or the LGPL.
37 *
38 * ***** END LICENSE BLOCK ***** */
39
40/*
41The Graphics Interchange Format(c) is the copyright property of CompuServe
42Incorporated. Only CompuServe Incorporated is authorized to define, redefine,
43enhance, alter, modify or change in any way the definition of the format.
44
45CompuServe Incorporated hereby grants a limited, non-exclusive, royalty-free
46license for the use of the Graphics Interchange Format(sm) in computer
47software; computer software utilizing GIF(sm) must acknowledge ownership of the
48Graphics Interchange Format and its Service Mark by CompuServe Incorporated, in
49User and Technical Documentation. Computer software utilizing GIF, which is
50distributed or may be distributed without User or Technical Documentation must
51display to the screen or printer a message acknowledging ownership of the
52Graphics Interchange Format and the Service Mark by CompuServe Incorporated; in
53this case, the acknowledgement may be displayed in an opening screen or leading
54banner, or a closing screen or trailing banner. A message such as the following
55may be used:
56
57    "The Graphics Interchange Format(c) is the Copyright property of
58    CompuServe Incorporated. GIF(sm) is a Service Mark property of
59    CompuServe Incorporated."
60
61For further information, please contact :
62
63    CompuServe Incorporated
64    Graphics Technology Department
65    5000 Arlington Center Boulevard
66    Columbus, Ohio  43220
67    U. S. A.
68
69CompuServe Incorporated maintains a mailing list with all those individuals and
70organizations who wish to receive copies of this document when it is corrected
71or revised. This service is offered free of charge; please provide us with your
72mailing address.
73*/
74
75#include "SkGifImageReader.h"
76#include "SkColorPriv.h"
77#include "SkGifCodec.h"
78
79#include <algorithm>
80#include <string.h>
81
82
83// GETN(n, s) requests at least 'n' bytes available from 'q', at start of state 's'.
84//
85// Note, the hold will never need to be bigger than 256 bytes to gather up in the hold,
86// as each GIF block (except colormaps) can never be bigger than 256 bytes.
87// Colormaps are directly copied in the resp. global_colormap or dynamically allocated local_colormap.
88// So a fixed buffer in SkGifImageReader is good enough.
89// This buffer is only needed to copy left-over data from one GifWrite call to the next
90#define GETN(n, s) \
91    do { \
92        m_bytesToConsume = (n); \
93        m_state = (s); \
94    } while (0)
95
96// Get a 16-bit value stored in little-endian format.
97#define GETINT16(p)   ((p)[1]<<8|(p)[0])
98
99namespace {
100    bool is_palette_index_valid(int transparentIndex) {
101        // -1 is a signal that there is no transparent index.
102        // Otherwise, it is encoded in 8 bits, and all 256 values are considered
103        // valid since a GIF may use an index outside of the palette to be
104        // transparent.
105        return transparentIndex >= 0;
106    }
107} // anonymous namespace
108
109// Send the data to the display front-end.
110void SkGIFLZWContext::outputRow(const unsigned char* rowBegin)
111{
112    int drowStart = irow;
113    int drowEnd = irow;
114
115    // Haeberli-inspired hack for interlaced GIFs: Replicate lines while
116    // displaying to diminish the "venetian-blind" effect as the image is
117    // loaded. Adjust pixel vertical positions to avoid the appearance of the
118    // image crawling up the screen as successive passes are drawn.
119    if (m_frameContext->progressiveDisplay() && m_frameContext->interlaced() && ipass < 4) {
120        unsigned rowDup = 0;
121        unsigned rowShift = 0;
122
123        switch (ipass) {
124        case 1:
125            rowDup = 7;
126            rowShift = 3;
127            break;
128        case 2:
129            rowDup = 3;
130            rowShift = 1;
131            break;
132        case 3:
133            rowDup = 1;
134            rowShift = 0;
135            break;
136        default:
137            break;
138        }
139
140        drowStart -= rowShift;
141        drowEnd = drowStart + rowDup;
142
143        // Extend if bottom edge isn't covered because of the shift upward.
144        if ((unsigned)((m_frameContext->height() - 1) - drowEnd) <= rowShift)
145            drowEnd = m_frameContext->height() - 1;
146
147        // Clamp first and last rows to upper and lower edge of image.
148        if (drowStart < 0)
149            drowStart = 0;
150
151        if (drowEnd >= m_frameContext->height())
152            drowEnd = m_frameContext->height() - 1;
153    }
154
155    // Protect against too much image data.
156    if (drowStart >= m_frameContext->height())
157        return;
158
159    // CALLBACK: Let the client know we have decoded a row.
160    const bool writeTransparentPixels = (SkCodec::kNone == m_frameContext->getRequiredFrame());
161    m_client->haveDecodedRow(m_frameContext->frameId(), rowBegin,
162            drowStart, drowEnd - drowStart + 1, writeTransparentPixels);
163
164    if (!m_frameContext->interlaced())
165        irow++;
166    else {
167        do {
168            switch (ipass) {
169            case 1:
170                irow += 8;
171                if (irow >= (unsigned) m_frameContext->height()) {
172                    ipass++;
173                    irow = 4;
174                }
175                break;
176
177            case 2:
178                irow += 8;
179                if (irow >= (unsigned) m_frameContext->height()) {
180                    ipass++;
181                    irow = 2;
182                }
183                break;
184
185            case 3:
186                irow += 4;
187                if (irow >= (unsigned) m_frameContext->height()) {
188                    ipass++;
189                    irow = 1;
190                }
191                break;
192
193            case 4:
194                irow += 2;
195                if (irow >= (unsigned) m_frameContext->height()) {
196                    ipass++;
197                    irow = 0;
198                }
199                break;
200
201            default:
202                break;
203            }
204        } while (irow > (unsigned) (m_frameContext->height() - 1));
205    }
206}
207
208// Perform Lempel-Ziv-Welch decoding.
209// Returns true if decoding was successful. In this case the block will have been completely consumed and/or rowsRemaining will be 0.
210// Otherwise, decoding failed; returns false in this case, which will always cause the SkGifImageReader to set the "decode failed" flag.
211bool SkGIFLZWContext::doLZW(const unsigned char* block, size_t bytesInBlock)
212{
213    const int width = m_frameContext->width();
214
215    if (rowIter == rowBuffer.end())
216        return true;
217
218    for (const unsigned char* ch = block; bytesInBlock-- > 0; ch++) {
219        // Feed the next byte into the decoder's 32-bit input buffer.
220        datum += ((int) *ch) << bits;
221        bits += 8;
222
223        // Check for underflow of decoder's 32-bit input buffer.
224        while (bits >= codesize) {
225            // Get the leading variable-length symbol from the data stream.
226            int code = datum & codemask;
227            datum >>= codesize;
228            bits -= codesize;
229
230            // Reset the dictionary to its original state, if requested.
231            if (code == clearCode) {
232                codesize = m_frameContext->dataSize() + 1;
233                codemask = (1 << codesize) - 1;
234                avail = clearCode + 2;
235                oldcode = -1;
236                continue;
237            }
238
239            // Check for explicit end-of-stream code.
240            if (code == (clearCode + 1)) {
241                // end-of-stream should only appear after all image data.
242                if (!rowsRemaining)
243                    return true;
244                return false;
245            }
246
247            const int tempCode = code;
248            unsigned short codeLength = 0;
249            if (code < avail) {
250                // This is a pre-existing code, so we already know what it
251                // encodes.
252                codeLength = suffixLength[code];
253                rowIter += codeLength;
254            } else if (code == avail && oldcode != -1) {
255                // This is a new code just being added to the dictionary.
256                // It must encode the contents of the previous code, plus
257                // the first character of the previous code again.
258                codeLength = suffixLength[oldcode] + 1;
259                rowIter += codeLength;
260                *--rowIter = firstchar;
261                code = oldcode;
262            } else {
263                // This is an invalid code. The dictionary is just initialized
264                // and the code is incomplete. We don't know how to handle
265                // this case.
266                return false;
267            }
268
269            while (code >= clearCode) {
270                *--rowIter = suffix[code];
271                code = prefix[code];
272            }
273
274            *--rowIter = firstchar = suffix[code];
275
276            // Define a new codeword in the dictionary as long as we've read
277            // more than one value from the stream.
278            if (avail < SK_MAX_DICTIONARY_ENTRIES && oldcode != -1) {
279                prefix[avail] = oldcode;
280                suffix[avail] = firstchar;
281                suffixLength[avail] = suffixLength[oldcode] + 1;
282                ++avail;
283
284                // If we've used up all the codewords of a given length
285                // increase the length of codewords by one bit, but don't
286                // exceed the specified maximum codeword size.
287                if (!(avail & codemask) && avail < SK_MAX_DICTIONARY_ENTRIES) {
288                    ++codesize;
289                    codemask += avail;
290                }
291            }
292            oldcode = tempCode;
293            rowIter += codeLength;
294
295            // Output as many rows as possible.
296            unsigned char* rowBegin = rowBuffer.begin();
297            for (; rowBegin + width <= rowIter; rowBegin += width) {
298                outputRow(rowBegin);
299                rowsRemaining--;
300                if (!rowsRemaining)
301                    return true;
302            }
303
304            if (rowBegin != rowBuffer.begin()) {
305                // Move the remaining bytes to the beginning of the buffer.
306                const size_t bytesToCopy = rowIter - rowBegin;
307                memcpy(&rowBuffer.front(), rowBegin, bytesToCopy);
308                rowIter = rowBuffer.begin() + bytesToCopy;
309            }
310        }
311    }
312    return true;
313}
314
315sk_sp<SkColorTable> SkGIFColorMap::buildTable(SkStreamBuffer* streamBuffer, SkColorType colorType,
316                                              int transparentPixel) const
317{
318    if (!m_isDefined)
319        return nullptr;
320
321    const PackColorProc proc = choose_pack_color_proc(false, colorType);
322    if (m_table && proc == m_packColorProc && m_transPixel == transparentPixel) {
323        SkASSERT(transparentPixel == kNotFound || transparentPixel > m_table->count()
324                || m_table->operator[](transparentPixel) == SK_ColorTRANSPARENT);
325        // This SkColorTable has already been built with the same transparent color and
326        // packing proc. Reuse it.
327        return m_table;
328    }
329    m_packColorProc = proc;
330    m_transPixel = transparentPixel;
331
332    const size_t bytes = m_colors * SK_BYTES_PER_COLORMAP_ENTRY;
333    sk_sp<SkData> rawData(streamBuffer->getDataAtPosition(m_position, bytes));
334    if (!rawData) {
335        return nullptr;
336    }
337
338    SkASSERT(m_colors <= SK_MAX_COLORS);
339    const uint8_t* srcColormap = rawData->bytes();
340    SkPMColor colorStorage[SK_MAX_COLORS];
341    for (int i = 0; i < m_colors; i++) {
342        if (i == transparentPixel) {
343            colorStorage[i] = SK_ColorTRANSPARENT;
344        } else {
345            colorStorage[i] = proc(255, srcColormap[0], srcColormap[1], srcColormap[2]);
346        }
347        srcColormap += SK_BYTES_PER_COLORMAP_ENTRY;
348    }
349    for (int i = m_colors; i < SK_MAX_COLORS; i++) {
350        colorStorage[i] = SK_ColorTRANSPARENT;
351    }
352    m_table = sk_sp<SkColorTable>(new SkColorTable(colorStorage, SK_MAX_COLORS));
353    return m_table;
354}
355
356sk_sp<SkColorTable> SkGifImageReader::getColorTable(SkColorType colorType, int index) {
357    if (index < 0 || index >= m_frames.count()) {
358        return nullptr;
359    }
360
361    const SkGIFFrameContext* frameContext = m_frames[index].get();
362    const SkGIFColorMap& localColorMap = frameContext->localColorMap();
363    const int transPix = frameContext->transparentPixel();
364    if (localColorMap.isDefined()) {
365        return localColorMap.buildTable(&m_streamBuffer, colorType, transPix);
366    }
367    if (m_globalColorMap.isDefined()) {
368        return m_globalColorMap.buildTable(&m_streamBuffer, colorType, transPix);
369    }
370    return nullptr;
371}
372
373// Perform decoding for this frame. frameComplete will be true if the entire frame is decoded.
374// Returns false if a decoding error occurred. This is a fatal error and causes the SkGifImageReader to set the "decode failed" flag.
375// Otherwise, either not enough data is available to decode further than before, or the new data has been decoded successfully; returns true in this case.
376bool SkGIFFrameContext::decode(SkStreamBuffer* streamBuffer, SkGifCodec* client,
377                               bool* frameComplete)
378{
379    *frameComplete = false;
380    if (!m_lzwContext) {
381        // Wait for more data to properly initialize SkGIFLZWContext.
382        if (!isDataSizeDefined() || !isHeaderDefined())
383            return true;
384
385        m_lzwContext.reset(new SkGIFLZWContext(client, this));
386        if (!m_lzwContext->prepareToDecode()) {
387            m_lzwContext.reset();
388            return false;
389        }
390
391        m_currentLzwBlock = 0;
392    }
393
394    // Some bad GIFs have extra blocks beyond the last row, which we don't want to decode.
395    while (m_currentLzwBlock < m_lzwBlocks.count() && m_lzwContext->hasRemainingRows()) {
396        const auto& block = m_lzwBlocks[m_currentLzwBlock];
397        const size_t len = block.blockSize;
398
399        sk_sp<SkData> data(streamBuffer->getDataAtPosition(block.blockPosition, len));
400        if (!data) {
401            return false;
402        }
403        if (!m_lzwContext->doLZW(reinterpret_cast<const unsigned char*>(data->data()), len)) {
404            return false;
405        }
406        ++m_currentLzwBlock;
407    }
408
409    // If this frame is data complete then the previous loop must have completely decoded all LZW blocks.
410    // There will be no more decoding for this frame so it's time to cleanup.
411    if (isComplete()) {
412        *frameComplete = true;
413        m_lzwContext.reset();
414    }
415    return true;
416}
417
418// Decode a frame.
419// This method uses SkGIFFrameContext:decode() to decode the frame; decoding error is reported to client as a critical failure.
420// Return true if decoding has progressed. Return false if an error has occurred.
421bool SkGifImageReader::decode(int frameIndex, bool* frameComplete)
422{
423    SkGIFFrameContext* currentFrame = m_frames[frameIndex].get();
424
425    return currentFrame->decode(&m_streamBuffer, m_client, frameComplete);
426}
427
428// Parse incoming GIF data stream into internal data structures.
429SkCodec::Result SkGifImageReader::parse(SkGifImageReader::SkGIFParseQuery query)
430{
431    if (m_parseCompleted) {
432        return SkCodec::kSuccess;
433    }
434
435    if (SkGIFLoopCountQuery == query && m_loopCount != cLoopCountNotSeen) {
436        // Loop count has already been parsed.
437        return SkCodec::kSuccess;
438    }
439
440    // SkGIFSizeQuery and SkGIFFrameCountQuery are negative, so this is only meaningful when >= 0.
441    const int lastFrameToParse = (int) query;
442    if (lastFrameToParse >= 0 && m_frames.count() > lastFrameToParse
443                && m_frames[lastFrameToParse]->isComplete()) {
444        // We have already parsed this frame.
445        return SkCodec::kSuccess;
446    }
447
448    while (true) {
449        if (!m_streamBuffer.buffer(m_bytesToConsume)) {
450            // The stream does not yet have enough data.
451            return SkCodec::kIncompleteInput;
452        }
453
454        switch (m_state) {
455        case SkGIFLZW: {
456            SkASSERT(!m_frames.empty());
457            auto* frame = m_frames.back().get();
458            frame->addLzwBlock(m_streamBuffer.markPosition(), m_bytesToConsume);
459            GETN(1, SkGIFSubBlock);
460            break;
461        }
462        case SkGIFLZWStart: {
463            SkASSERT(!m_frames.empty());
464            auto* currentFrame = m_frames.back().get();
465
466            currentFrame->setDataSize(this->getOneByte());
467            GETN(1, SkGIFSubBlock);
468            break;
469        }
470
471        case SkGIFType: {
472            const char* currentComponent = m_streamBuffer.get();
473
474            // All GIF files begin with "GIF87a" or "GIF89a".
475            if (!memcmp(currentComponent, "GIF89a", 6))
476                m_version = 89;
477            else if (!memcmp(currentComponent, "GIF87a", 6))
478                m_version = 87;
479            else {
480                // This prevents attempting to continue reading this invalid stream.
481                GETN(0, SkGIFDone);
482                return SkCodec::kInvalidInput;
483            }
484            GETN(7, SkGIFGlobalHeader);
485            break;
486        }
487
488        case SkGIFGlobalHeader: {
489            const unsigned char* currentComponent =
490                reinterpret_cast<const unsigned char*>(m_streamBuffer.get());
491
492            // This is the height and width of the "screen" or frame into which
493            // images are rendered. The individual images can be smaller than
494            // the screen size and located with an origin anywhere within the
495            // screen.
496            // Note that we don't inform the client of the size yet, as it might
497            // change after we read the first frame's image header.
498            fScreenWidth = GETINT16(currentComponent);
499            fScreenHeight = GETINT16(currentComponent + 2);
500
501            const int globalColorMapColors = 2 << (currentComponent[4] & 0x07);
502
503            if ((currentComponent[4] & 0x80) && globalColorMapColors > 0) { /* global map */
504                m_globalColorMap.setNumColors(globalColorMapColors);
505                GETN(SK_BYTES_PER_COLORMAP_ENTRY * globalColorMapColors, SkGIFGlobalColormap);
506                break;
507            }
508
509            GETN(1, SkGIFImageStart);
510            break;
511        }
512
513        case SkGIFGlobalColormap: {
514            m_globalColorMap.setTablePosition(m_streamBuffer.markPosition());
515            GETN(1, SkGIFImageStart);
516            break;
517        }
518
519        case SkGIFImageStart: {
520            const char currentComponent = m_streamBuffer.get()[0];
521
522            if (currentComponent == '!') { // extension.
523                GETN(2, SkGIFExtension);
524                break;
525            }
526
527            if (currentComponent == ',') { // image separator.
528                GETN(9, SkGIFImageHeader);
529                break;
530            }
531
532            // If we get anything other than ',' (image separator), '!'
533            // (extension), or ';' (trailer), there is extraneous data
534            // between blocks. The GIF87a spec tells us to keep reading
535            // until we find an image separator, but GIF89a says such
536            // a file is corrupt. We follow Mozilla's implementation and
537            // proceed as if the file were correctly terminated, so the
538            // GIF will display.
539            GETN(0, SkGIFDone);
540            break;
541        }
542
543        case SkGIFExtension: {
544            const unsigned char* currentComponent =
545                reinterpret_cast<const unsigned char*>(m_streamBuffer.get());
546
547            size_t bytesInBlock = currentComponent[1];
548            SkGIFState exceptionState = SkGIFSkipBlock;
549
550            switch (*currentComponent) {
551            case 0xf9:
552                // The GIF spec mandates that the GIFControlExtension header block length is 4 bytes,
553                exceptionState = SkGIFControlExtension;
554                // and the parser for this block reads 4 bytes, so we must enforce that the buffer
555                // contains at least this many bytes. If the GIF specifies a different length, we
556                // allow that, so long as it's larger; the additional data will simply be ignored.
557                bytesInBlock = std::max(bytesInBlock, static_cast<size_t>(4));
558                break;
559
560            // The GIF spec also specifies the lengths of the following two extensions' headers
561            // (as 12 and 11 bytes, respectively). Because we ignore the plain text extension entirely
562            // and sanity-check the actual length of the application extension header before reading it,
563            // we allow GIFs to deviate from these values in either direction. This is important for
564            // real-world compatibility, as GIFs in the wild exist with application extension headers
565            // that are both shorter and longer than 11 bytes.
566            case 0x01:
567                // ignoring plain text extension
568                break;
569
570            case 0xff:
571                exceptionState = SkGIFApplicationExtension;
572                break;
573
574            case 0xfe:
575                exceptionState = SkGIFConsumeComment;
576                break;
577            }
578
579            if (bytesInBlock)
580                GETN(bytesInBlock, exceptionState);
581            else
582                GETN(1, SkGIFImageStart);
583            break;
584        }
585
586        case SkGIFConsumeBlock: {
587            const unsigned char currentComponent = this->getOneByte();
588            if (!currentComponent)
589                GETN(1, SkGIFImageStart);
590            else
591                GETN(currentComponent, SkGIFSkipBlock);
592            break;
593        }
594
595        case SkGIFSkipBlock: {
596            GETN(1, SkGIFConsumeBlock);
597            break;
598        }
599
600        case SkGIFControlExtension: {
601            const unsigned char* currentComponent =
602                reinterpret_cast<const unsigned char*>(m_streamBuffer.get());
603
604            addFrameIfNecessary();
605            SkGIFFrameContext* currentFrame = m_frames.back().get();
606            if (*currentComponent & 0x1)
607                currentFrame->setTransparentPixel(currentComponent[3]);
608
609            // We ignore the "user input" bit.
610
611            // NOTE: This relies on the values in the FrameDisposalMethod enum
612            // matching those in the GIF spec!
613            int rawDisposalMethod = ((*currentComponent) >> 2) & 0x7;
614            switch (rawDisposalMethod) {
615            case 1:
616            case 2:
617            case 3:
618                currentFrame->setDisposalMethod((SkCodecAnimation::DisposalMethod) rawDisposalMethod);
619                break;
620            case 4:
621                // Some specs say that disposal method 3 is "overwrite previous", others that setting
622                // the third bit of the field (i.e. method 4) is. We map both to the same value.
623                currentFrame->setDisposalMethod(SkCodecAnimation::DisposalMethod::kRestorePrevious);
624                break;
625            default:
626                // Other values use the default.
627                currentFrame->setDisposalMethod(SkCodecAnimation::DisposalMethod::kKeep);
628                break;
629            }
630            currentFrame->setDuration(GETINT16(currentComponent + 1) * 10);
631            GETN(1, SkGIFConsumeBlock);
632            break;
633        }
634
635        case SkGIFCommentExtension: {
636            const unsigned char currentComponent = this->getOneByte();
637            if (currentComponent)
638                GETN(currentComponent, SkGIFConsumeComment);
639            else
640                GETN(1, SkGIFImageStart);
641            break;
642        }
643
644        case SkGIFConsumeComment: {
645            GETN(1, SkGIFCommentExtension);
646            break;
647        }
648
649        case SkGIFApplicationExtension: {
650            // Check for netscape application extension.
651            if (m_bytesToConsume == 11) {
652                const unsigned char* currentComponent =
653                    reinterpret_cast<const unsigned char*>(m_streamBuffer.get());
654
655                if (!memcmp(currentComponent, "NETSCAPE2.0", 11) || !memcmp(currentComponent, "ANIMEXTS1.0", 11))
656                    GETN(1, SkGIFNetscapeExtensionBlock);
657            }
658
659            if (m_state != SkGIFNetscapeExtensionBlock)
660                GETN(1, SkGIFConsumeBlock);
661            break;
662        }
663
664        // Netscape-specific GIF extension: animation looping.
665        case SkGIFNetscapeExtensionBlock: {
666            const int currentComponent = this->getOneByte();
667            // SkGIFConsumeNetscapeExtension always reads 3 bytes from the stream; we should at least wait for this amount.
668            if (currentComponent)
669                GETN(std::max(3, currentComponent), SkGIFConsumeNetscapeExtension);
670            else
671                GETN(1, SkGIFImageStart);
672            break;
673        }
674
675        // Parse netscape-specific application extensions
676        case SkGIFConsumeNetscapeExtension: {
677            const unsigned char* currentComponent =
678                reinterpret_cast<const unsigned char*>(m_streamBuffer.get());
679
680            int netscapeExtension = currentComponent[0] & 7;
681
682            // Loop entire animation specified # of times. Only read the loop count during the first iteration.
683            if (netscapeExtension == 1) {
684                m_loopCount = GETINT16(currentComponent + 1);
685
686                // Zero loop count is infinite animation loop request.
687                if (!m_loopCount)
688                    m_loopCount = SkCodec::kRepetitionCountInfinite;
689
690                GETN(1, SkGIFNetscapeExtensionBlock);
691
692                if (SkGIFLoopCountQuery == query) {
693                    m_streamBuffer.flush();
694                    return SkCodec::kSuccess;
695                }
696            } else if (netscapeExtension == 2) {
697                // Wait for specified # of bytes to enter buffer.
698
699                // Don't do this, this extension doesn't exist (isn't used at all)
700                // and doesn't do anything, as our streaming/buffering takes care of it all...
701                // See: http://semmix.pl/color/exgraf/eeg24.htm
702                GETN(1, SkGIFNetscapeExtensionBlock);
703            } else {
704                // 0,3-7 are yet to be defined netscape extension codes
705                // This prevents attempting to continue reading this invalid stream.
706                GETN(0, SkGIFDone);
707                return SkCodec::kInvalidInput;
708            }
709            break;
710        }
711
712        case SkGIFImageHeader: {
713            int height, width, xOffset, yOffset;
714            const unsigned char* currentComponent =
715                reinterpret_cast<const unsigned char*>(m_streamBuffer.get());
716
717            /* Get image offsets, with respect to the screen origin */
718            xOffset = GETINT16(currentComponent);
719            yOffset = GETINT16(currentComponent + 2);
720
721            /* Get image width and height. */
722            width  = GETINT16(currentComponent + 4);
723            height = GETINT16(currentComponent + 6);
724
725            // Some GIF files have frames that don't fit in the specified
726            // overall image size. For the first frame, we can simply enlarge
727            // the image size to allow the frame to be visible.  We can't do
728            // this on subsequent frames because the rest of the decoding
729            // infrastructure assumes the image size won't change as we
730            // continue decoding, so any subsequent frames that are even
731            // larger will be cropped.
732            // Luckily, handling just the first frame is sufficient to deal
733            // with most cases, e.g. ones where the image size is erroneously
734            // set to zero, since usually the first frame completely fills
735            // the image.
736            if (currentFrameIsFirstFrame()) {
737                fScreenHeight = std::max(fScreenHeight, yOffset + height);
738                fScreenWidth = std::max(fScreenWidth, xOffset + width);
739            }
740
741            // NOTE: Chromium placed this block after setHeaderDefined, down
742            // below we returned true when asked for the size. So Chromium
743            // created an image which would fail. Is this the correct behavior?
744            // We choose to return false early, so we will not create an
745            // SkCodec.
746
747            // Work around more broken GIF files that have zero image width or
748            // height.
749            if (!height || !width) {
750                height = fScreenHeight;
751                width = fScreenWidth;
752                if (!height || !width) {
753                    // This prevents attempting to continue reading this invalid stream.
754                    GETN(0, SkGIFDone);
755                    return SkCodec::kInvalidInput;
756                }
757            }
758
759            const bool isLocalColormapDefined = SkToBool(currentComponent[8] & 0x80);
760            // The three low-order bits of currentComponent[8] specify the bits per pixel.
761            const int numColors = 2 << (currentComponent[8] & 0x7);
762            if (currentFrameIsFirstFrame()) {
763                const int transPix = m_frames.empty() ? SkGIFColorMap::kNotFound
764                                                      : m_frames[0]->transparentPixel();
765                if (is_palette_index_valid(transPix)) {
766                    m_firstFrameHasAlpha = true;
767                } else {
768                    const bool frameIsSubset = xOffset > 0 || yOffset > 0
769                            || width < fScreenWidth
770                            || height < fScreenHeight;
771                    m_firstFrameHasAlpha = frameIsSubset;
772                }
773            }
774
775            addFrameIfNecessary();
776            SkGIFFrameContext* currentFrame = m_frames.back().get();
777            currentFrame->setHeaderDefined();
778
779            if (query == SkGIFSizeQuery) {
780                // The decoder needs to stop, so we return here, before
781                // flushing the buffer. Next time through, we'll be in the same
782                // state, requiring the same amount in the buffer.
783                return SkCodec::kSuccess;
784            }
785
786
787            currentFrame->setXYWH(xOffset, yOffset, width, height);
788            currentFrame->setInterlaced(SkToBool(currentComponent[8] & 0x40));
789
790            // Overlaying interlaced, transparent GIFs over
791            // existing image data using the Haeberli display hack
792            // requires saving the underlying image in order to
793            // avoid jaggies at the transparency edges. We are
794            // unprepared to deal with that, so don't display such
795            // images progressively. Which means only the first
796            // frame can be progressively displayed.
797            // FIXME: It is possible that a non-transparent frame
798            // can be interlaced and progressively displayed.
799            currentFrame->setProgressiveDisplay(currentFrameIsFirstFrame());
800
801            if (isLocalColormapDefined) {
802                currentFrame->localColorMap().setNumColors(numColors);
803                GETN(SK_BYTES_PER_COLORMAP_ENTRY * numColors, SkGIFImageColormap);
804                break;
805            }
806
807            setAlphaAndRequiredFrame(currentFrame);
808            GETN(1, SkGIFLZWStart);
809            break;
810        }
811
812        case SkGIFImageColormap: {
813            SkASSERT(!m_frames.empty());
814            auto* currentFrame = m_frames.back().get();
815            auto& cmap = currentFrame->localColorMap();
816            cmap.setTablePosition(m_streamBuffer.markPosition());
817            setAlphaAndRequiredFrame(currentFrame);
818            GETN(1, SkGIFLZWStart);
819            break;
820        }
821
822        case SkGIFSubBlock: {
823            const size_t bytesInBlock = this->getOneByte();
824            if (bytesInBlock)
825                GETN(bytesInBlock, SkGIFLZW);
826            else {
827                // Finished parsing one frame; Process next frame.
828                SkASSERT(!m_frames.empty());
829                // Note that some broken GIF files do not have enough LZW blocks to fully
830                // decode all rows but we treat it as frame complete.
831                m_frames.back()->setComplete();
832                GETN(1, SkGIFImageStart);
833                if (lastFrameToParse >= 0 && m_frames.count() > lastFrameToParse) {
834                    m_streamBuffer.flush();
835                    return SkCodec::kSuccess;
836                }
837            }
838            break;
839        }
840
841        case SkGIFDone: {
842            m_parseCompleted = true;
843            return SkCodec::kSuccess;
844        }
845
846        default:
847            // We shouldn't ever get here.
848            // This prevents attempting to continue reading this invalid stream.
849            GETN(0, SkGIFDone);
850            return SkCodec::kInvalidInput;
851            break;
852        }   // switch
853        m_streamBuffer.flush();
854    }
855}
856
857void SkGifImageReader::addFrameIfNecessary()
858{
859    if (m_frames.empty() || m_frames.back()->isComplete()) {
860        const int i = m_frames.count();
861        m_frames.emplace_back(new SkGIFFrameContext(i));
862    }
863}
864
865static SkIRect frame_rect_on_screen(SkIRect frameRect,
866                                    const SkIRect& screenRect) {
867    if (!frameRect.intersect(screenRect)) {
868        return SkIRect::MakeEmpty();
869    }
870
871    return frameRect;
872}
873
874static bool independent(const SkFrame& frame) {
875    return frame.getRequiredFrame() == SkCodec::kNone;
876}
877
878static bool restore_bg(const SkFrame& frame) {
879    return frame.getDisposalMethod() == SkCodecAnimation::DisposalMethod::kRestoreBGColor;
880}
881
882SkEncodedInfo::Alpha SkGIFFrameContext::onReportedAlpha() const {
883    // Note: We could correct these after decoding - i.e. some frames may turn out to be
884    // independent and opaque if they do not use the transparent pixel, but that would require
885    // checking whether each pixel used the transparent index.
886    return is_palette_index_valid(this->transparentPixel()) ? SkEncodedInfo::kBinary_Alpha
887                                                            : SkEncodedInfo::kOpaque_Alpha;
888}
889
890void SkFrameHolder::setAlphaAndRequiredFrame(SkFrame* frame) {
891    const bool reportsAlpha = frame->reportedAlpha() != SkEncodedInfo::kOpaque_Alpha;
892    const auto screenRect = SkIRect::MakeWH(fScreenWidth, fScreenHeight);
893    const auto frameRect = frame_rect_on_screen(frame->frameRect(), screenRect);
894
895    const int i = frame->frameId();
896    if (0 == i) {
897        frame->setHasAlpha(reportsAlpha || frameRect != screenRect);
898        frame->setRequiredFrame(SkCodec::kNone);
899        return;
900    }
901
902
903    const bool blendWithPrevFrame = frame->getBlend() == SkCodecAnimation::Blend::kPriorFrame;
904    if ((!reportsAlpha || !blendWithPrevFrame) && frameRect == screenRect) {
905        frame->setHasAlpha(reportsAlpha);
906        frame->setRequiredFrame(SkCodec::kNone);
907        return;
908    }
909
910    const SkFrame* prevFrame = this->getFrame(i-1);
911    while (prevFrame->getDisposalMethod() == SkCodecAnimation::DisposalMethod::kRestorePrevious) {
912        const int prevId = prevFrame->frameId();
913        if (0 == prevId) {
914            frame->setHasAlpha(true);
915            frame->setRequiredFrame(SkCodec::kNone);
916            return;
917        }
918
919        prevFrame = this->getFrame(prevId - 1);
920    }
921
922    const bool clearPrevFrame = restore_bg(*prevFrame);
923    auto prevFrameRect = frame_rect_on_screen(prevFrame->frameRect(), screenRect);
924
925    if (clearPrevFrame) {
926        if (prevFrameRect == screenRect || independent(*prevFrame)) {
927            frame->setHasAlpha(true);
928            frame->setRequiredFrame(SkCodec::kNone);
929            return;
930        }
931    }
932
933    if (reportsAlpha && blendWithPrevFrame) {
934        // Note: We could be more aggressive here. If prevFrame clears
935        // to background color and covers its required frame (and that
936        // frame is independent), prevFrame could be marked independent.
937        // Would this extra complexity be worth it?
938        frame->setRequiredFrame(prevFrame->frameId());
939        frame->setHasAlpha(prevFrame->hasAlpha() || clearPrevFrame);
940        return;
941    }
942
943    while (frameRect.contains(prevFrameRect)) {
944        const int prevRequiredFrame = prevFrame->getRequiredFrame();
945        if (prevRequiredFrame == SkCodec::kNone) {
946            frame->setRequiredFrame(SkCodec::kNone);
947            frame->setHasAlpha(true);
948            return;
949        }
950
951        prevFrame = this->getFrame(prevRequiredFrame);
952        prevFrameRect = frame_rect_on_screen(prevFrame->frameRect(), screenRect);
953    }
954
955    if (restore_bg(*prevFrame)) {
956        frame->setHasAlpha(true);
957        if (prevFrameRect == screenRect || independent(*prevFrame)) {
958            frame->setRequiredFrame(SkCodec::kNone);
959        } else {
960            // Note: As above, frame could still be independent, e.g. if
961            // prevFrame covers its required frame and that frame is
962            // independent.
963            frame->setRequiredFrame(prevFrame->frameId());
964        }
965        return;
966    }
967
968    SkASSERT(prevFrame->getDisposalMethod() == SkCodecAnimation::DisposalMethod::kKeep);
969    frame->setRequiredFrame(prevFrame->frameId());
970    frame->setHasAlpha(prevFrame->hasAlpha() || (reportsAlpha && !blendWithPrevFrame));
971}
972
973// FIXME: Move this method to close to doLZW().
974bool SkGIFLZWContext::prepareToDecode()
975{
976    SkASSERT(m_frameContext->isDataSizeDefined() && m_frameContext->isHeaderDefined());
977
978    // Since we use a codesize of 1 more than the datasize, we need to ensure
979    // that our datasize is strictly less than the SK_MAX_DICTIONARY_ENTRY_BITS.
980    if (m_frameContext->dataSize() >= SK_MAX_DICTIONARY_ENTRY_BITS)
981        return false;
982    clearCode = 1 << m_frameContext->dataSize();
983    avail = clearCode + 2;
984    oldcode = -1;
985    codesize = m_frameContext->dataSize() + 1;
986    codemask = (1 << codesize) - 1;
987    datum = bits = 0;
988    ipass = m_frameContext->interlaced() ? 1 : 0;
989    irow = 0;
990
991    // We want to know the longest sequence encodable by a dictionary with
992    // SK_MAX_DICTIONARY_ENTRIES entries. If we ignore the need to encode the base
993    // values themselves at the beginning of the dictionary, as well as the need
994    // for a clear code or a termination code, we could use every entry to
995    // encode a series of multiple values. If the input value stream looked
996    // like "AAAAA..." (a long string of just one value), the first dictionary
997    // entry would encode AA, the next AAA, the next AAAA, and so forth. Thus
998    // the longest sequence would be SK_MAX_DICTIONARY_ENTRIES + 1 values.
999    //
1000    // However, we have to account for reserved entries. The first |datasize|
1001    // bits are reserved for the base values, and the next two entries are
1002    // reserved for the clear code and termination code. In theory a GIF can
1003    // set the datasize to 0, meaning we have just two reserved entries, making
1004    // the longest sequence (SK_MAX_DICTIONARY_ENTIRES + 1) - 2 values long. Since
1005    // each value is a byte, this is also the number of bytes in the longest
1006    // encodable sequence.
1007    const size_t maxBytes = SK_MAX_DICTIONARY_ENTRIES - 1;
1008
1009    // Now allocate the output buffer. We decode directly into this buffer
1010    // until we have at least one row worth of data, then call outputRow().
1011    // This means worst case we may have (row width - 1) bytes in the buffer
1012    // and then decode a sequence |maxBytes| long to append.
1013    rowBuffer.reset(m_frameContext->width() - 1 + maxBytes);
1014    rowIter = rowBuffer.begin();
1015    rowsRemaining = m_frameContext->height();
1016
1017    // Clearing the whole suffix table lets us be more tolerant of bad data.
1018    for (int i = 0; i < clearCode; ++i) {
1019        suffix[i] = i;
1020        suffixLength[i] = 1;
1021    }
1022    return true;
1023}
1024
1025