// Licence: wxWindows licence
/////////////////////////////////////////////////////////////////////////////
-#ifdef __GNUG__
-#pragma implementation "gifdecod.h"
-#endif
-
// For compilers that support precompilation, includes "wx.h".
#include "wx/wxprec.h"
#ifndef WX_PRECOMP
# include "wx/defs.h"
+# include "wx/palette.h"
#endif
#if wxUSE_STREAMS && wxUSE_GIF
image->Create(GetWidth(), GetHeight());
if (!image->Ok())
- return FALSE;
+ return false;
pal = GetPalette();
src = GetData();
image->SetMaskColour(255, 0, 255);
}
else
- image->SetMask(FALSE);
+ image->SetMask(false);
#if wxUSE_PALETTE
- if (pal)
- {
- unsigned char r[256];
- unsigned char g[256];
- unsigned char b[256];
+ unsigned char r[256];
+ unsigned char g[256];
+ unsigned char b[256];
- for (i = 0; i < 256; i++)
- {
- r[i] = pal[3*i + 0];
- g[i] = pal[3*i + 1];
- b[i] = pal[3*i + 2];
- }
-
- image->SetPalette(wxPalette(256, r, g, b));
+ for (i = 0; i < 256; i++)
+ {
+ r[i] = pal[3*i + 0];
+ g[i] = pal[3*i + 1];
+ b[i] = pal[3*i + 2];
}
+
+ image->SetPalette(wxPalette(256, r, g, b));
#endif // wxUSE_PALETTE
/* copy image data */
*(dst++) = pal[3 * (*src) + 2];
}
- return TRUE;
+ return true;
}
bool wxGIFDecoder::GoFirstFrame()
{
if (!IsAnimation())
- return FALSE;
+ return false;
m_image = 1;
m_pimage = m_pfirst;
- return TRUE;
+ return true;
}
bool wxGIFDecoder::GoLastFrame()
{
if (!IsAnimation())
- return FALSE;
+ return false;
m_image = m_nimages;
m_pimage = m_plast;
- return TRUE;
+ return true;
}
bool wxGIFDecoder::GoNextFrame(bool cyclic)
{
if (!IsAnimation())
- return FALSE;
+ return false;
if ((m_image < m_nimages) || (cyclic))
{
m_pimage = m_pfirst;
}
- return TRUE;
+ return true;
}
else
- return FALSE;
+ return false;
}
bool wxGIFDecoder::GoPrevFrame(bool cyclic)
{
if (!IsAnimation())
- return FALSE;
+ return false;
if ((m_image > 1) || (cyclic))
{
m_pimage = m_plast;
}
- return TRUE;
+ return true;
}
else
- return FALSE;
+ return false;
}
bool wxGIFDecoder::GoFrame(int which)
{
- int i;
-
if (!IsAnimation())
- return FALSE;
+ return false;
if ((which >= 1) && (which <= m_nimages))
{
+ m_image = 1;
m_pimage = m_pfirst;
- for (i = 1; i < which; i++)
+ while (m_image < which)
+ {
+ m_image++;
m_pimage = m_pimage->next;
+ }
- return TRUE;
+ return true;
}
else
- return FALSE;
+ return false;
}
return wxGIF_INVFORMAT;
}
}
+
+ if (pos >= allocSize)
+ {
+ delete[] ab_prefix;
+ delete[] ab_tail;
+ delete[] stack;
+ return wxGIF_INVFORMAT;
+ }
+
stack[pos] = code; /* push last code into the stack */
abcabca = code; /* save for special case */
}
}
- /* dump stack data to the buffer */
+ /* dump stack data to the image buffer */
while (pos >= 0)
{
- if (pos >= allocSize)
- {
- delete[] ab_prefix;
- delete[] ab_tail;
- delete[] stack;
- return wxGIF_INVFORMAT;
- }
-
- (img->p)[x + (y * (img->w))] = (char)stack[pos--];
+ (img->p)[x + (y * (img->w))] = (char) stack[pos];
+ pos--;
if (++x >= (img->w))
{
case 3: y += 4; break;
case 4: y += 2; break;
}
- if (y >= (img->h))
+
+ /* loop until a valid y coordinate has been
+ found, Or if the maximum number of passes has
+ been reached, exit the loop, and stop image
+ decoding (At this point the image is successfully
+ decoded).
+ If we don't loop, but merely set y to some other
+ value, that new value might still be invalid depending
+ on the height of the image. This would cause out of
+ bounds writing.
+ */
+ while (y >= (img->h))
{
switch (++pass)
{
case 2: y = 4; break;
case 3: y = 2; break;
case 4: y = 1; break;
+
+ default:
+ /*
+ It's possible we arrive here. For example this
+ happens when the image is interlaced, and the
+ height is 1. Looking at the above cases, the
+ lowest possible y is 1. While the only valid
+ one would be 0 for an image of height 1. So
+ 'eventually' the loop will arrive here.
+ This case makes sure this while loop is
+ exited, as well as the 2 other ones.
+ */
+
+ // Set y to a valid coordinate so the local
+ // while loop will be exited. (y = 0 always
+ // is >= img->h since if img->h == 0 the
+ // image is never decoded)
+ y = 0;
+
+ // This will exit the other outer while loop
+ pos = -1;
+
+ // This will halt image decoding.
+ code = ab_fin;
+
+ break;
}
}
}
// CanRead:
-// Returns TRUE if the file looks like a valid GIF, FALSE otherwise.
+// Returns true if the file looks like a valid GIF, false otherwise.
//
bool wxGIFDecoder::CanRead()
{
unsigned char buf[3];
- m_f->Read(buf, 3);
- m_f->SeekI(-3, wxFromCurrent);
+ if ( !m_f->Read(buf, WXSIZEOF(buf)) )
+ return false;
- return (memcmp(buf, "GIF", 3) == 0);
+ m_f->SeekI(-(wxFileOffset)WXSIZEOF(buf), wxFromCurrent);
+
+ return memcmp(buf, "GIF", WXSIZEOF(buf)) == 0;
}
if (memcmp(buf + 3, "89a", 3) < 0)
{
- m_anim = FALSE;
+ m_anim = false;
}
/* read logical screen descriptor block (LSDB) */
m_screenw = buf[0] + 256 * buf[1];
m_screenh = buf[2] + 256 * buf[3];
+ if ((m_screenw == 0) || (m_screenh == 0))
+ {
+ return wxGIF_INVFORMAT;
+ }
+
/* load global color map if available */
if ((buf[4] & 0x80) == 0x80)
{
pprev = NULL;
pimg = NULL;
- bool done = FALSE;
+ bool done = false;
- while(!done)
+ while (!done)
{
type = (unsigned char)m_f->GetC();
/* end of data? */
if (type == 0x3B)
{
- done = TRUE;
+ done = true;
}
else
/* extension block? */
transparent = buf[4];
/* read disposal method */
- disposal = (buf[1] & 0x1C) - 1;
+ disposal = ((buf[1] & 0x1C) >> 2) - 1;
}
else
/* other extension, skip */
m_f->SeekI(i, wxFromCurrent);
if (m_f->Eof())
{
- done = TRUE;
+ done = true;
break;
}
}
pimg->w = buf[4] + 256 * buf[5];
pimg->h = buf[6] + 256 * buf[7];
- if (pimg->w == 0 || pimg->h == 0)
+ if ((pimg->w == 0) || (pimg->w > m_screenw) || (pimg->h == 0) || (pimg->h > m_screenh))
{
Destroy();
return wxGIF_INVFORMAT;
/* get initial code size from first byte in raster data */
bits = (unsigned char)m_f->GetC();
+ if (bits == 0)
+ {
+ Destroy();
+ return wxGIF_INVFORMAT;
+ }
/* decode image */
int result = dgif(pimg, interl, bits);
/* if this is not an animated GIF, exit after first image */
if (!m_anim)
- done = TRUE;
+ done = true;
}
}
- if (m_nimages == 0)
+ if (m_nimages <= 0)
{
Destroy();
return wxGIF_INVFORMAT;
if ((buf[8] & 0x80) == 0x80)
{
ncolors = 2 << (buf[8] & 0x07);
- off_t pos = m_f->TellI();
- off_t numBytes = 3 * ncolors;
+ wxFileOffset pos = m_f->TellI();
+ wxFileOffset numBytes = 3 * ncolors;
m_f->SeekI(numBytes, wxFromCurrent);
if (m_f->TellI() != (pos + numBytes))
{
projects / wxWidgets.git / blobdiff