1 /*
2 +----------------------------------------------------------------------+
3 | Copyright (c) The PHP Group |
4 +----------------------------------------------------------------------+
5 | This source file is subject to version 3.01 of the PHP license, |
6 | that is bundled with this package in the file LICENSE, and is |
7 | available through the world-wide-web at the following url: |
8 | https://www.php.net/license/3_01.txt |
9 | If you did not receive a copy of the PHP license and are unable to |
10 | obtain it through the world-wide-web, please send a note to |
11 | license@php.net so we can mail you a copy immediately. |
12 +----------------------------------------------------------------------+
13 | Authors: Rasmus Lerdorf <rasmus@php.net> |
14 | Marcus Boerger <helly@php.net> |
15 +----------------------------------------------------------------------+
16 */
17
18 #include "php.h"
19 #include <stdio.h>
20 #ifdef HAVE_FCNTL_H
21 #include <fcntl.h>
22 #endif
23 #include "fopen_wrappers.h"
24 #include "ext/standard/fsock.h"
25 #include "libavifinfo/avifinfo.h"
26 #ifdef HAVE_UNISTD_H
27 #include <unistd.h>
28 #endif
29 #include "php_image.h"
30
31 #if defined(HAVE_ZLIB) && !defined(COMPILE_DL_ZLIB)
32 #include "zlib.h"
33 #endif
34
35 /* file type markers */
36 PHPAPI const char php_sig_gif[3] = {'G', 'I', 'F'};
37 PHPAPI const char php_sig_psd[4] = {'8', 'B', 'P', 'S'};
38 PHPAPI const char php_sig_bmp[2] = {'B', 'M'};
39 PHPAPI const char php_sig_swf[3] = {'F', 'W', 'S'};
40 PHPAPI const char php_sig_swc[3] = {'C', 'W', 'S'};
41 PHPAPI const char php_sig_jpg[3] = {(char) 0xff, (char) 0xd8, (char) 0xff};
42 PHPAPI const char php_sig_png[8] = {(char) 0x89, (char) 0x50, (char) 0x4e, (char) 0x47,
43 (char) 0x0d, (char) 0x0a, (char) 0x1a, (char) 0x0a};
44 PHPAPI const char php_sig_tif_ii[4] = {'I','I', (char)0x2A, (char)0x00};
45 PHPAPI const char php_sig_tif_mm[4] = {'M','M', (char)0x00, (char)0x2A};
46 PHPAPI const char php_sig_jpc[3] = {(char)0xff, (char)0x4f, (char)0xff};
47 PHPAPI const char php_sig_jp2[12] = {(char)0x00, (char)0x00, (char)0x00, (char)0x0c,
48 (char)0x6a, (char)0x50, (char)0x20, (char)0x20,
49 (char)0x0d, (char)0x0a, (char)0x87, (char)0x0a};
50 PHPAPI const char php_sig_iff[4] = {'F','O','R','M'};
51 PHPAPI const char php_sig_ico[4] = {(char)0x00, (char)0x00, (char)0x01, (char)0x00};
52 PHPAPI const char php_sig_riff[4] = {'R', 'I', 'F', 'F'};
53 PHPAPI const char php_sig_webp[4] = {'W', 'E', 'B', 'P'};
54
55 /* REMEMBER TO ADD MIME-TYPE TO FUNCTION php_image_type_to_mime_type */
56 /* PCX must check first 64bytes and byte 0=0x0a and byte2 < 0x06 */
57
58 /* return info as a struct, to make expansion easier */
59
60 struct gfxinfo {
61 unsigned int width;
62 unsigned int height;
63 unsigned int bits;
64 unsigned int channels;
65 };
66
67 /* {{{ php_handle_gif
68 * routine to handle GIF files. If only everything were that easy... ;} */
php_handle_gif(php_stream * stream)69 static struct gfxinfo *php_handle_gif (php_stream * stream)
70 {
71 struct gfxinfo *result = NULL;
72 unsigned char dim[5];
73
74 if (php_stream_seek(stream, 3, SEEK_CUR))
75 return NULL;
76
77 if (php_stream_read(stream, (char*)dim, sizeof(dim)) != sizeof(dim))
78 return NULL;
79
80 result = (struct gfxinfo *) ecalloc(1, sizeof(struct gfxinfo));
81 result->width = (unsigned int)dim[0] | (((unsigned int)dim[1])<<8);
82 result->height = (unsigned int)dim[2] | (((unsigned int)dim[3])<<8);
83 result->bits = dim[4]&0x80 ? ((((unsigned int)dim[4])&0x07) + 1) : 0;
84 result->channels = 3; /* always */
85
86 return result;
87 }
88 /* }}} */
89
90 /* {{{ php_handle_psd */
php_handle_psd(php_stream * stream)91 static struct gfxinfo *php_handle_psd (php_stream * stream)
92 {
93 struct gfxinfo *result = NULL;
94 unsigned char dim[8];
95
96 if (php_stream_seek(stream, 11, SEEK_CUR))
97 return NULL;
98
99 if (php_stream_read(stream, (char*)dim, sizeof(dim)) != sizeof(dim))
100 return NULL;
101
102 result = (struct gfxinfo *) ecalloc(1, sizeof(struct gfxinfo));
103 result->height = (((unsigned int)dim[0]) << 24) + (((unsigned int)dim[1]) << 16) + (((unsigned int)dim[2]) << 8) + ((unsigned int)dim[3]);
104 result->width = (((unsigned int)dim[4]) << 24) + (((unsigned int)dim[5]) << 16) + (((unsigned int)dim[6]) << 8) + ((unsigned int)dim[7]);
105
106 return result;
107 }
108 /* }}} */
109
110 /* {{{ php_handle_bmp */
php_handle_bmp(php_stream * stream)111 static struct gfxinfo *php_handle_bmp (php_stream * stream)
112 {
113 struct gfxinfo *result = NULL;
114 unsigned char dim[16];
115 int size;
116
117 if (php_stream_seek(stream, 11, SEEK_CUR))
118 return NULL;
119
120 if (php_stream_read(stream, (char*)dim, sizeof(dim)) != sizeof(dim))
121 return NULL;
122
123 size = (((unsigned int)dim[ 3]) << 24) + (((unsigned int)dim[ 2]) << 16) + (((unsigned int)dim[ 1]) << 8) + ((unsigned int) dim[ 0]);
124 if (size == 12) {
125 result = (struct gfxinfo *) ecalloc (1, sizeof(struct gfxinfo));
126 result->width = (((unsigned int)dim[ 5]) << 8) + ((unsigned int) dim[ 4]);
127 result->height = (((unsigned int)dim[ 7]) << 8) + ((unsigned int) dim[ 6]);
128 result->bits = ((unsigned int)dim[11]);
129 } else if (size > 12 && (size <= 64 || size == 108 || size == 124)) {
130 result = (struct gfxinfo *) ecalloc (1, sizeof(struct gfxinfo));
131 result->width = (((unsigned int)dim[ 7]) << 24) + (((unsigned int)dim[ 6]) << 16) + (((unsigned int)dim[ 5]) << 8) + ((unsigned int) dim[ 4]);
132 result->height = (((unsigned int)dim[11]) << 24) + (((unsigned int)dim[10]) << 16) + (((unsigned int)dim[ 9]) << 8) + ((unsigned int) dim[ 8]);
133 result->height = abs((int32_t)result->height);
134 result->bits = (((unsigned int)dim[15]) << 8) + ((unsigned int)dim[14]);
135 } else {
136 return NULL;
137 }
138
139 return result;
140 }
141 /* }}} */
142
143 /* {{{ php_swf_get_bits
144 * routines to handle SWF files. */
php_swf_get_bits(unsigned char * buffer,unsigned int pos,unsigned int count)145 static unsigned long int php_swf_get_bits (unsigned char* buffer, unsigned int pos, unsigned int count)
146 {
147 unsigned int loop;
148 unsigned long int result = 0;
149
150 for (loop = pos; loop < pos + count; loop++)
151 {
152 result = result +
153 ((((buffer[loop / 8]) >> (7 - (loop % 8))) & 0x01) << (count - (loop - pos) - 1));
154 }
155 return result;
156 }
157 /* }}} */
158
159 #if defined(HAVE_ZLIB) && !defined(COMPILE_DL_ZLIB)
160 /* {{{ php_handle_swc */
php_handle_swc(php_stream * stream)161 static struct gfxinfo *php_handle_swc(php_stream * stream)
162 {
163 struct gfxinfo *result = NULL;
164
165 long bits;
166 unsigned char a[64];
167 unsigned long len=64, szlength;
168 int factor = 1,maxfactor = 16;
169 int status = 0;
170 unsigned char *b, *buf = NULL;
171 zend_string *bufz;
172
173 if (php_stream_seek(stream, 5, SEEK_CUR)) {
174 return NULL;
175 }
176
177 if (php_stream_read(stream, (char *) a, sizeof(a)) != sizeof(a)) {
178 return NULL;
179 }
180
181 b = ecalloc(1, len + 1);
182
183 if (uncompress(b, &len, a, sizeof(a)) != Z_OK) {
184 /* failed to decompress the file, will try reading the rest of the file */
185 if (php_stream_seek(stream, 8, SEEK_SET)) {
186 efree(b);
187 return NULL;
188 }
189
190 bufz = php_stream_copy_to_mem(stream, PHP_STREAM_COPY_ALL, 0);
191
192 if (!bufz) {
193 efree(b);
194 return NULL;
195 }
196
197 /*
198 * zlib::uncompress() wants to know the output data length
199 * if none was given as a parameter
200 * we try from input length * 2 up to input length * 2^8
201 * doubling it whenever it wasn't big enough
202 * that should be eneugh for all real life cases
203 */
204
205 do {
206 szlength = ZSTR_LEN(bufz) * (1<<factor++);
207 buf = erealloc(buf, szlength);
208 status = uncompress(buf, &szlength, (unsigned char *) ZSTR_VAL(bufz), ZSTR_LEN(bufz));
209 } while ((status==Z_BUF_ERROR)&&(factor<maxfactor));
210
211 if (bufz) {
212 zend_string_release_ex(bufz, 0);
213 }
214
215 if (status == Z_OK) {
216 memcpy(b, buf, len);
217 }
218
219 if (buf) {
220 efree(buf);
221 }
222 }
223
224 if (!status) {
225 result = (struct gfxinfo *) ecalloc (1, sizeof (struct gfxinfo));
226 bits = php_swf_get_bits (b, 0, 5);
227 result->width = (php_swf_get_bits (b, 5 + bits, bits) -
228 php_swf_get_bits (b, 5, bits)) / 20;
229 result->height = (php_swf_get_bits (b, 5 + (3 * bits), bits) -
230 php_swf_get_bits (b, 5 + (2 * bits), bits)) / 20;
231 } else {
232 result = NULL;
233 }
234
235 efree (b);
236 return result;
237 }
238 /* }}} */
239 #endif
240
241 /* {{{ php_handle_swf */
php_handle_swf(php_stream * stream)242 static struct gfxinfo *php_handle_swf (php_stream * stream)
243 {
244 struct gfxinfo *result = NULL;
245 long bits;
246 unsigned char a[32];
247
248 if (php_stream_seek(stream, 5, SEEK_CUR))
249 return NULL;
250
251 if (php_stream_read(stream, (char*)a, sizeof(a)) != sizeof(a))
252 return NULL;
253
254 result = (struct gfxinfo *) ecalloc (1, sizeof (struct gfxinfo));
255 bits = php_swf_get_bits (a, 0, 5);
256 result->width = (php_swf_get_bits (a, 5 + bits, bits) -
257 php_swf_get_bits (a, 5, bits)) / 20;
258 result->height = (php_swf_get_bits (a, 5 + (3 * bits), bits) -
259 php_swf_get_bits (a, 5 + (2 * bits), bits)) / 20;
260 result->bits = 0;
261 result->channels = 0;
262 return result;
263 }
264 /* }}} */
265
266 /* {{{ php_handle_png
267 * routine to handle PNG files */
php_handle_png(php_stream * stream)268 static struct gfxinfo *php_handle_png (php_stream * stream)
269 {
270 struct gfxinfo *result = NULL;
271 unsigned char dim[9];
272 /* Width: 4 bytes
273 * Height: 4 bytes
274 * Bit depth: 1 byte
275 * Color type: 1 byte
276 * Compression method: 1 byte
277 * Filter method: 1 byte
278 * Interlace method: 1 byte
279 */
280
281 if (php_stream_seek(stream, 8, SEEK_CUR))
282 return NULL;
283
284 if((php_stream_read(stream, (char*)dim, sizeof(dim))) < sizeof(dim))
285 return NULL;
286
287 result = (struct gfxinfo *) ecalloc(1, sizeof(struct gfxinfo));
288 result->width = (((unsigned int)dim[0]) << 24) + (((unsigned int)dim[1]) << 16) + (((unsigned int)dim[2]) << 8) + ((unsigned int)dim[3]);
289 result->height = (((unsigned int)dim[4]) << 24) + (((unsigned int)dim[5]) << 16) + (((unsigned int)dim[6]) << 8) + ((unsigned int)dim[7]);
290 result->bits = (unsigned int)dim[8];
291 return result;
292 }
293 /* }}} */
294
295 /* routines to handle JPEG data */
296
297 /* some defines for the different JPEG block types */
298 #define M_SOF0 0xC0 /* Start Of Frame N */
299 #define M_SOF1 0xC1 /* N indicates which compression process */
300 #define M_SOF2 0xC2 /* Only SOF0-SOF2 are now in common use */
301 #define M_SOF3 0xC3
302 #define M_SOF5 0xC5 /* NB: codes C4 and CC are NOT SOF markers */
303 #define M_SOF6 0xC6
304 #define M_SOF7 0xC7
305 #define M_SOF9 0xC9
306 #define M_SOF10 0xCA
307 #define M_SOF11 0xCB
308 #define M_SOF13 0xCD
309 #define M_SOF14 0xCE
310 #define M_SOF15 0xCF
311 #define M_SOI 0xD8
312 #define M_EOI 0xD9 /* End Of Image (end of datastream) */
313 #define M_SOS 0xDA /* Start Of Scan (begins compressed data) */
314 #define M_APP0 0xe0
315 #define M_APP1 0xe1
316 #define M_APP2 0xe2
317 #define M_APP3 0xe3
318 #define M_APP4 0xe4
319 #define M_APP5 0xe5
320 #define M_APP6 0xe6
321 #define M_APP7 0xe7
322 #define M_APP8 0xe8
323 #define M_APP9 0xe9
324 #define M_APP10 0xea
325 #define M_APP11 0xeb
326 #define M_APP12 0xec
327 #define M_APP13 0xed
328 #define M_APP14 0xee
329 #define M_APP15 0xef
330 #define M_COM 0xFE /* COMment */
331
332 #define M_PSEUDO 0xFFD8 /* pseudo marker for start of image(byte 0) */
333
334 /* {{{ php_read2 */
php_read2(php_stream * stream)335 static unsigned short php_read2(php_stream * stream)
336 {
337 unsigned char a[2];
338
339 /* return 0 if we couldn't read enough data */
340 if((php_stream_read(stream, (char *) a, sizeof(a))) < sizeof(a)) return 0;
341
342 return (((unsigned short)a[0]) << 8) + ((unsigned short)a[1]);
343 }
344 /* }}} */
345
346 /* {{{ php_next_marker
347 * get next marker byte from file */
php_next_marker(php_stream * stream,int last_marker,int ff_read)348 static unsigned int php_next_marker(php_stream * stream, int last_marker, int ff_read)
349 {
350 int a=0, marker;
351
352 /* get marker byte, swallowing possible padding */
353 if (!ff_read) {
354 size_t extraneous = 0;
355
356 while ((marker = php_stream_getc(stream)) != 0xff) {
357 if (marker == EOF) {
358 return M_EOI;/* we hit EOF */
359 }
360 extraneous++;
361 }
362 if (extraneous) {
363 php_error_docref(NULL, E_WARNING, "Corrupt JPEG data: %zu extraneous bytes before marker", extraneous);
364 }
365 }
366 a = 1;
367 do {
368 if ((marker = php_stream_getc(stream)) == EOF)
369 {
370 return M_EOI;/* we hit EOF */
371 }
372 a++;
373 } while (marker == 0xff);
374 if (a < 2)
375 {
376 return M_EOI; /* at least one 0xff is needed before marker code */
377 }
378 return (unsigned int)marker;
379 }
380 /* }}} */
381
382 /* {{{ php_skip_variable
383 * skip over a variable-length block; assumes proper length marker */
php_skip_variable(php_stream * stream)384 static int php_skip_variable(php_stream * stream)
385 {
386 zend_off_t length = ((unsigned int)php_read2(stream));
387
388 if (length < 2) {
389 return 0;
390 }
391 length = length - 2;
392 php_stream_seek(stream, (zend_long)length, SEEK_CUR);
393 return 1;
394 }
395 /* }}} */
396
php_read_stream_all_chunks(php_stream * stream,char * buffer,size_t length)397 static size_t php_read_stream_all_chunks(php_stream *stream, char *buffer, size_t length)
398 {
399 size_t read_total = 0;
400 do {
401 ssize_t read_now = php_stream_read(stream, buffer, length - read_total);
402 read_total += read_now;
403 if (read_now < stream->chunk_size && read_total != length) {
404 return 0;
405 }
406 } while (read_total < length);
407
408 return read_total;
409 }
410
411 /* {{{ php_read_APP */
php_read_APP(php_stream * stream,unsigned int marker,zval * info)412 static int php_read_APP(php_stream * stream, unsigned int marker, zval *info)
413 {
414 size_t length;
415 char *buffer;
416 char markername[16];
417 zval *tmp;
418
419 length = php_read2(stream);
420 if (length < 2) {
421 return 0;
422 }
423 length -= 2; /* length includes itself */
424
425 buffer = emalloc(length);
426
427 if (php_read_stream_all_chunks(stream, buffer, length) != length) {
428 efree(buffer);
429 return 0;
430 }
431
432 snprintf(markername, sizeof(markername), "APP%d", marker - M_APP0);
433
434 if ((tmp = zend_hash_str_find(Z_ARRVAL_P(info), markername, strlen(markername))) == NULL) {
435 /* XXX we only catch the 1st tag of it's kind! */
436 add_assoc_stringl(info, markername, buffer, length);
437 }
438
439 efree(buffer);
440 return 1;
441 }
442 /* }}} */
443
444 /* {{{ php_handle_jpeg
445 main loop to parse JPEG structure */
php_handle_jpeg(php_stream * stream,zval * info)446 static struct gfxinfo *php_handle_jpeg (php_stream * stream, zval *info)
447 {
448 struct gfxinfo *result = NULL;
449 unsigned int marker = M_PSEUDO;
450 unsigned short length, ff_read=1;
451
452 for (;;) {
453 marker = php_next_marker(stream, marker, ff_read);
454 ff_read = 0;
455 switch (marker) {
456 case M_SOF0:
457 case M_SOF1:
458 case M_SOF2:
459 case M_SOF3:
460 case M_SOF5:
461 case M_SOF6:
462 case M_SOF7:
463 case M_SOF9:
464 case M_SOF10:
465 case M_SOF11:
466 case M_SOF13:
467 case M_SOF14:
468 case M_SOF15:
469 if (result == NULL) {
470 /* handle SOFn block */
471 result = (struct gfxinfo *) ecalloc(1, sizeof(struct gfxinfo));
472 length = php_read2(stream);
473 result->bits = php_stream_getc(stream);
474 result->height = php_read2(stream);
475 result->width = php_read2(stream);
476 result->channels = php_stream_getc(stream);
477 if (!info || length < 8) { /* if we don't want an extanded info -> return */
478 return result;
479 }
480 if (php_stream_seek(stream, length - 8, SEEK_CUR)) { /* file error after info */
481 return result;
482 }
483 } else {
484 if (!php_skip_variable(stream)) {
485 return result;
486 }
487 }
488 break;
489
490 case M_APP0:
491 case M_APP1:
492 case M_APP2:
493 case M_APP3:
494 case M_APP4:
495 case M_APP5:
496 case M_APP6:
497 case M_APP7:
498 case M_APP8:
499 case M_APP9:
500 case M_APP10:
501 case M_APP11:
502 case M_APP12:
503 case M_APP13:
504 case M_APP14:
505 case M_APP15:
506 if (info) {
507 if (!php_read_APP(stream, marker, info)) { /* read all the app marks... */
508 return result;
509 }
510 } else {
511 if (!php_skip_variable(stream)) {
512 return result;
513 }
514 }
515 break;
516
517 case M_SOS:
518 case M_EOI:
519 return result; /* we're about to hit image data, or are at EOF. stop processing. */
520
521 default:
522 if (!php_skip_variable(stream)) { /* anything else isn't interesting */
523 return result;
524 }
525 break;
526 }
527 }
528
529 return result; /* perhaps image broken -> no info but size */
530 }
531 /* }}} */
532
533 /* {{{ php_read4 */
php_read4(php_stream * stream)534 static unsigned int php_read4(php_stream * stream)
535 {
536 unsigned char a[4];
537
538 /* just return 0 if we hit the end-of-file */
539 if ((php_stream_read(stream, (char*)a, sizeof(a))) != sizeof(a)) return 0;
540
541 return (((unsigned int)a[0]) << 24)
542 + (((unsigned int)a[1]) << 16)
543 + (((unsigned int)a[2]) << 8)
544 + (((unsigned int)a[3]));
545 }
546 /* }}} */
547
548 /* {{{ JPEG 2000 Marker Codes */
549 #define JPEG2000_MARKER_PREFIX 0xFF /* All marker codes start with this */
550 #define JPEG2000_MARKER_SOC 0x4F /* Start of Codestream */
551 #define JPEG2000_MARKER_SOT 0x90 /* Start of Tile part */
552 #define JPEG2000_MARKER_SOD 0x93 /* Start of Data */
553 #define JPEG2000_MARKER_EOC 0xD9 /* End of Codestream */
554 #define JPEG2000_MARKER_SIZ 0x51 /* Image and tile size */
555 #define JPEG2000_MARKER_COD 0x52 /* Coding style default */
556 #define JPEG2000_MARKER_COC 0x53 /* Coding style component */
557 #define JPEG2000_MARKER_RGN 0x5E /* Region of interest */
558 #define JPEG2000_MARKER_QCD 0x5C /* Quantization default */
559 #define JPEG2000_MARKER_QCC 0x5D /* Quantization component */
560 #define JPEG2000_MARKER_POC 0x5F /* Progression order change */
561 #define JPEG2000_MARKER_TLM 0x55 /* Tile-part lengths */
562 #define JPEG2000_MARKER_PLM 0x57 /* Packet length, main header */
563 #define JPEG2000_MARKER_PLT 0x58 /* Packet length, tile-part header */
564 #define JPEG2000_MARKER_PPM 0x60 /* Packed packet headers, main header */
565 #define JPEG2000_MARKER_PPT 0x61 /* Packed packet headers, tile part header */
566 #define JPEG2000_MARKER_SOP 0x91 /* Start of packet */
567 #define JPEG2000_MARKER_EPH 0x92 /* End of packet header */
568 #define JPEG2000_MARKER_CRG 0x63 /* Component registration */
569 #define JPEG2000_MARKER_COM 0x64 /* Comment */
570 /* }}} */
571
572 /* {{{ php_handle_jpc
573 Main loop to parse JPEG2000 raw codestream structure */
php_handle_jpc(php_stream * stream)574 static struct gfxinfo *php_handle_jpc(php_stream * stream)
575 {
576 struct gfxinfo *result = NULL;
577 int highest_bit_depth, bit_depth;
578 unsigned char first_marker_id;
579 unsigned int i;
580
581 /* JPEG 2000 components can be vastly different from one another.
582 Each component can be sampled at a different resolution, use
583 a different colour space, have a separate colour depth, and
584 be compressed totally differently! This makes giving a single
585 "bit depth" answer somewhat problematic. For this implementation
586 we'll use the highest depth encountered. */
587
588 /* Get the single byte that remains after the file type identification */
589 first_marker_id = php_stream_getc(stream);
590
591 /* Ensure that this marker is SIZ (as is mandated by the standard) */
592 if (first_marker_id != JPEG2000_MARKER_SIZ) {
593 php_error_docref(NULL, E_WARNING, "JPEG2000 codestream corrupt(Expected SIZ marker not found after SOC)");
594 return NULL;
595 }
596
597 result = (struct gfxinfo *)ecalloc(1, sizeof(struct gfxinfo));
598
599 php_read2(stream); /* Lsiz */
600 php_read2(stream); /* Rsiz */
601 result->width = php_read4(stream); /* Xsiz */
602 result->height = php_read4(stream); /* Ysiz */
603
604 #ifdef MBO_0
605 php_read4(stream); /* XOsiz */
606 php_read4(stream); /* YOsiz */
607 php_read4(stream); /* XTsiz */
608 php_read4(stream); /* YTsiz */
609 php_read4(stream); /* XTOsiz */
610 php_read4(stream); /* YTOsiz */
611 #else
612 if (php_stream_seek(stream, 24, SEEK_CUR)) {
613 efree(result);
614 return NULL;
615 }
616 #endif
617
618 result->channels = php_read2(stream); /* Csiz */
619 if ((result->channels == 0 && php_stream_eof(stream)) || result->channels > 256) {
620 efree(result);
621 return NULL;
622 }
623
624 /* Collect bit depth info */
625 highest_bit_depth = 0;
626 for (i = 0; i < result->channels; i++) {
627 bit_depth = php_stream_getc(stream); /* Ssiz[i] */
628 bit_depth++;
629 if (bit_depth > highest_bit_depth) {
630 highest_bit_depth = bit_depth;
631 }
632
633 php_stream_getc(stream); /* XRsiz[i] */
634 php_stream_getc(stream); /* YRsiz[i] */
635 }
636
637 result->bits = highest_bit_depth;
638
639 return result;
640 }
641 /* }}} */
642
643 /* {{{ php_handle_jp2
644 main loop to parse JPEG 2000 JP2 wrapper format structure */
php_handle_jp2(php_stream * stream)645 static struct gfxinfo *php_handle_jp2(php_stream *stream)
646 {
647 struct gfxinfo *result = NULL;
648 unsigned int box_length;
649 unsigned int box_type;
650 char jp2c_box_id[] = {(char)0x6a, (char)0x70, (char)0x32, (char)0x63};
651
652 /* JP2 is a wrapper format for JPEG 2000. Data is contained within "boxes".
653 Boxes themselves can be contained within "super-boxes". Super-Boxes can
654 contain super-boxes which provides us with a hierarchical storage system.
655
656 It is valid for a JP2 file to contain multiple individual codestreams.
657 We'll just look for the first codestream at the root of the box structure
658 and handle that.
659 */
660
661 for (;;)
662 {
663 box_length = php_read4(stream); /* LBox */
664 /* TBox */
665 if (php_stream_read(stream, (void *)&box_type, sizeof(box_type)) != sizeof(box_type)) {
666 /* Use this as a general "out of stream" error */
667 break;
668 }
669
670 if (box_length == 1) {
671 /* We won't handle XLBoxes */
672 return NULL;
673 }
674
675 if (!memcmp(&box_type, jp2c_box_id, 4))
676 {
677 /* Skip the first 3 bytes to emulate the file type examination */
678 php_stream_seek(stream, 3, SEEK_CUR);
679
680 result = php_handle_jpc(stream);
681 break;
682 }
683
684 /* Stop if this was the last box */
685 if ((int)box_length <= 0) {
686 break;
687 }
688
689 /* Skip over LBox (Which includes both TBox and LBox itself */
690 if (php_stream_seek(stream, box_length - 8, SEEK_CUR)) {
691 break;
692 }
693 }
694
695 if (result == NULL) {
696 php_error_docref(NULL, E_WARNING, "JP2 file has no codestreams at root level");
697 }
698
699 return result;
700 }
701 /* }}} */
702
703 /* {{{ tiff constants */
704 PHPAPI const int php_tiff_bytes_per_format[] = {0, 1, 1, 2, 4, 8, 1, 1, 2, 4, 8, 4, 8};
705
706 /* uncompressed only */
707 #define TAG_IMAGEWIDTH 0x0100
708 #define TAG_IMAGEHEIGHT 0x0101
709 /* compressed images only */
710 #define TAG_COMP_IMAGEWIDTH 0xA002
711 #define TAG_COMP_IMAGEHEIGHT 0xA003
712
713 #define TAG_FMT_BYTE 1
714 #define TAG_FMT_STRING 2
715 #define TAG_FMT_USHORT 3
716 #define TAG_FMT_ULONG 4
717 #define TAG_FMT_URATIONAL 5
718 #define TAG_FMT_SBYTE 6
719 #define TAG_FMT_UNDEFINED 7
720 #define TAG_FMT_SSHORT 8
721 #define TAG_FMT_SLONG 9
722 #define TAG_FMT_SRATIONAL 10
723 #define TAG_FMT_SINGLE 11
724 #define TAG_FMT_DOUBLE 12
725 /* }}} */
726
727 /* {{{ php_ifd_get16u
728 * Convert a 16 bit unsigned value from file's native byte order */
php_ifd_get16u(void * Short,int motorola_intel)729 static int php_ifd_get16u(void *Short, int motorola_intel)
730 {
731 if (motorola_intel) {
732 return (((unsigned char *)Short)[0] << 8) | ((unsigned char *)Short)[1];
733 } else {
734 return (((unsigned char *)Short)[1] << 8) | ((unsigned char *)Short)[0];
735 }
736 }
737 /* }}} */
738
739 /* {{{ php_ifd_get16s
740 * Convert a 16 bit signed value from file's native byte order */
php_ifd_get16s(void * Short,int motorola_intel)741 static signed short php_ifd_get16s(void *Short, int motorola_intel)
742 {
743 return (signed short)php_ifd_get16u(Short, motorola_intel);
744 }
745 /* }}} */
746
747 /* {{{ php_ifd_get32s
748 * Convert a 32 bit signed value from file's native byte order */
php_ifd_get32s(void * Long,int motorola_intel)749 static int php_ifd_get32s(void *Long, int motorola_intel)
750 {
751 if (motorola_intel) {
752 return ((unsigned)(((unsigned char *)Long)[0]) << 24) | (((unsigned char *)Long)[1] << 16)
753 | (((unsigned char *)Long)[2] << 8 ) | (((unsigned char *)Long)[3] << 0 );
754 } else {
755 return ((unsigned)(((unsigned char *)Long)[3]) << 24) | (((unsigned char *)Long)[2] << 16)
756 | (((unsigned char *)Long)[1] << 8 ) | (((unsigned char *)Long)[0] << 0 );
757 }
758 }
759 /* }}} */
760
761 /* {{{ php_ifd_get32u
762 * Convert a 32 bit unsigned value from file's native byte order */
php_ifd_get32u(void * Long,int motorola_intel)763 static unsigned php_ifd_get32u(void *Long, int motorola_intel)
764 {
765 return (unsigned)php_ifd_get32s(Long, motorola_intel) & 0xffffffff;
766 }
767 /* }}} */
768
769 /* {{{ php_handle_tiff
770 main loop to parse TIFF structure */
php_handle_tiff(php_stream * stream,zval * info,int motorola_intel)771 static struct gfxinfo *php_handle_tiff (php_stream * stream, zval *info, int motorola_intel)
772 {
773 struct gfxinfo *result = NULL;
774 int i, num_entries;
775 unsigned char *dir_entry;
776 size_t ifd_size, dir_size, entry_value, width=0, height=0, ifd_addr;
777 int entry_tag , entry_type;
778 char *ifd_data, ifd_ptr[4];
779
780 if (php_stream_read(stream, ifd_ptr, 4) != 4)
781 return NULL;
782 ifd_addr = php_ifd_get32u(ifd_ptr, motorola_intel);
783 if (php_stream_seek(stream, ifd_addr-8, SEEK_CUR))
784 return NULL;
785 ifd_size = 2;
786 ifd_data = emalloc(ifd_size);
787 if (php_stream_read(stream, ifd_data, 2) != 2) {
788 efree(ifd_data);
789 return NULL;
790 }
791 num_entries = php_ifd_get16u(ifd_data, motorola_intel);
792 dir_size = 2/*num dir entries*/ +12/*length of entry*/*num_entries +4/* offset to next ifd (points to thumbnail or NULL)*/;
793 ifd_size = dir_size;
794 ifd_data = erealloc(ifd_data,ifd_size);
795 if (php_stream_read(stream, ifd_data+2, dir_size-2) != dir_size-2) {
796 efree(ifd_data);
797 return NULL;
798 }
799 /* now we have the directory we can look how long it should be */
800 ifd_size = dir_size;
801 for(i=0;i<num_entries;i++) {
802 dir_entry = (unsigned char *) ifd_data+2+i*12;
803 entry_tag = php_ifd_get16u(dir_entry+0, motorola_intel);
804 entry_type = php_ifd_get16u(dir_entry+2, motorola_intel);
805 switch(entry_type) {
806 case TAG_FMT_BYTE:
807 case TAG_FMT_SBYTE:
808 entry_value = (size_t)(dir_entry[8]);
809 break;
810 case TAG_FMT_USHORT:
811 entry_value = php_ifd_get16u(dir_entry+8, motorola_intel);
812 break;
813 case TAG_FMT_SSHORT:
814 entry_value = php_ifd_get16s(dir_entry+8, motorola_intel);
815 break;
816 case TAG_FMT_ULONG:
817 entry_value = php_ifd_get32u(dir_entry+8, motorola_intel);
818 break;
819 case TAG_FMT_SLONG:
820 entry_value = php_ifd_get32s(dir_entry+8, motorola_intel);
821 break;
822 default:
823 continue;
824 }
825 switch(entry_tag) {
826 case TAG_IMAGEWIDTH:
827 case TAG_COMP_IMAGEWIDTH:
828 width = entry_value;
829 break;
830 case TAG_IMAGEHEIGHT:
831 case TAG_COMP_IMAGEHEIGHT:
832 height = entry_value;
833 break;
834 }
835 }
836 efree(ifd_data);
837 if ( width && height) {
838 /* not the same when in for-loop */
839 result = (struct gfxinfo *) ecalloc(1, sizeof(struct gfxinfo));
840 result->height = height;
841 result->width = width;
842 result->bits = 0;
843 result->channels = 0;
844 return result;
845 }
846 return NULL;
847 }
848 /* }}} */
849
850 /* {{{ php_handle_psd */
php_handle_iff(php_stream * stream)851 static struct gfxinfo *php_handle_iff(php_stream * stream)
852 {
853 struct gfxinfo * result;
854 unsigned char a[10];
855 int chunkId;
856 int size;
857 short width, height, bits;
858
859 if (php_stream_read(stream, (char *) a, 8) != 8) {
860 return NULL;
861 }
862 if (strncmp((char *) a+4, "ILBM", 4) && strncmp((char *) a+4, "PBM ", 4)) {
863 return NULL;
864 }
865
866 /* loop chunks to find BMHD chunk */
867 do {
868 if (php_stream_read(stream, (char*)a, 8) != 8) {
869 return NULL;
870 }
871 chunkId = php_ifd_get32s(a+0, 1);
872 size = php_ifd_get32s(a+4, 1);
873 if (size < 0) {
874 return NULL;
875 }
876 if ((size & 1) == 1) {
877 size++;
878 }
879 if (chunkId == 0x424d4844) { /* BMHD chunk */
880 if (size < 9 || php_stream_read(stream, (char*)a, 9) != 9) {
881 return NULL;
882 }
883 width = php_ifd_get16s(a+0, 1);
884 height = php_ifd_get16s(a+2, 1);
885 bits = a[8] & 0xff;
886 if (width > 0 && height > 0 && bits > 0 && bits < 33) {
887 result = (struct gfxinfo *) ecalloc(1, sizeof(struct gfxinfo));
888 result->width = width;
889 result->height = height;
890 result->bits = bits;
891 result->channels = 0;
892 return result;
893 }
894 } else {
895 if (php_stream_seek(stream, size, SEEK_CUR)) {
896 return NULL;
897 }
898 }
899 } while (1);
900 }
901 /* }}} */
902
903 /* {{{ php_get_wbmp
904 * int WBMP file format type
905 * byte Header Type
906 * byte Extended Header
907 * byte Header Data (type 00 = multibyte)
908 * byte Header Data (type 11 = name/pairs)
909 * int Number of columns
910 * int Number of rows
911 */
php_get_wbmp(php_stream * stream,struct gfxinfo ** result,int check)912 static int php_get_wbmp(php_stream *stream, struct gfxinfo **result, int check)
913 {
914 int i, width = 0, height = 0;
915
916 if (php_stream_rewind(stream)) {
917 return 0;
918 }
919
920 /* get type */
921 if (php_stream_getc(stream) != 0) {
922 return 0;
923 }
924
925 /* skip header */
926 do {
927 i = php_stream_getc(stream);
928 if (i < 0) {
929 return 0;
930 }
931 } while (i & 0x80);
932
933 /* get width */
934 do {
935 i = php_stream_getc(stream);
936 if (i < 0) {
937 return 0;
938 }
939 width = (width << 7) | (i & 0x7f);
940 /* maximum valid width for wbmp (although 127 may be a more accurate one) */
941 if (width > 2048) {
942 return 0;
943 }
944 } while (i & 0x80);
945
946 /* get height */
947 do {
948 i = php_stream_getc(stream);
949 if (i < 0) {
950 return 0;
951 }
952 height = (height << 7) | (i & 0x7f);
953 /* maximum valid height for wbmp (although 127 may be a more accurate one) */
954 if (height > 2048) {
955 return 0;
956 }
957 } while (i & 0x80);
958
959 if (!height || !width) {
960 return 0;
961 }
962
963 if (!check) {
964 (*result)->width = width;
965 (*result)->height = height;
966 }
967
968 return IMAGE_FILETYPE_WBMP;
969 }
970 /* }}} */
971
972 /* {{{ php_handle_wbmp */
php_handle_wbmp(php_stream * stream)973 static struct gfxinfo *php_handle_wbmp(php_stream * stream)
974 {
975 struct gfxinfo *result = (struct gfxinfo *) ecalloc(1, sizeof(struct gfxinfo));
976
977 if (!php_get_wbmp(stream, &result, 0)) {
978 efree(result);
979 return NULL;
980 }
981
982 return result;
983 }
984 /* }}} */
985
986 /* {{{ php_get_xbm */
php_get_xbm(php_stream * stream,struct gfxinfo ** result)987 static int php_get_xbm(php_stream *stream, struct gfxinfo **result)
988 {
989 char *fline;
990 char *iname;
991 char *type;
992 int value;
993 unsigned int width = 0, height = 0;
994
995 if (result) {
996 *result = NULL;
997 }
998 if (php_stream_rewind(stream)) {
999 return 0;
1000 }
1001 while ((fline=php_stream_gets(stream, NULL, 0)) != NULL) {
1002 iname = estrdup(fline); /* simple way to get necessary buffer of required size */
1003 if (sscanf(fline, "#define %s %d", iname, &value) == 2) {
1004 if (!(type = strrchr(iname, '_'))) {
1005 type = iname;
1006 } else {
1007 type++;
1008 }
1009
1010 if (!strcmp("width", type)) {
1011 width = (unsigned int) value;
1012 if (height) {
1013 efree(iname);
1014 break;
1015 }
1016 }
1017 if (!strcmp("height", type)) {
1018 height = (unsigned int) value;
1019 if (width) {
1020 efree(iname);
1021 break;
1022 }
1023 }
1024 }
1025 efree(fline);
1026 efree(iname);
1027 }
1028 if (fline) {
1029 efree(fline);
1030 }
1031
1032 if (width && height) {
1033 if (result) {
1034 *result = (struct gfxinfo *) ecalloc(1, sizeof(struct gfxinfo));
1035 (*result)->width = width;
1036 (*result)->height = height;
1037 }
1038 return IMAGE_FILETYPE_XBM;
1039 }
1040
1041 return 0;
1042 }
1043 /* }}} */
1044
1045 /* {{{ php_handle_xbm */
php_handle_xbm(php_stream * stream)1046 static struct gfxinfo *php_handle_xbm(php_stream * stream)
1047 {
1048 struct gfxinfo *result;
1049 php_get_xbm(stream, &result);
1050 return result;
1051 }
1052 /* }}} */
1053
1054 /* {{{ php_handle_ico */
php_handle_ico(php_stream * stream)1055 static struct gfxinfo *php_handle_ico(php_stream * stream)
1056 {
1057 struct gfxinfo *result = NULL;
1058 unsigned char dim[16];
1059 int num_icons = 0;
1060
1061 if (php_stream_read(stream, (char *) dim, 2) != 2)
1062 return NULL;
1063
1064 num_icons = (((unsigned int)dim[1]) << 8) + ((unsigned int) dim[0]);
1065
1066 if (num_icons < 1 || num_icons > 255)
1067 return NULL;
1068
1069 result = (struct gfxinfo *) ecalloc(1, sizeof(struct gfxinfo));
1070
1071 while (num_icons > 0)
1072 {
1073 if (php_stream_read(stream, (char *) dim, sizeof(dim)) != sizeof(dim))
1074 break;
1075
1076 if ((((unsigned int)dim[7]) << 8) + ((unsigned int)dim[6]) >= result->bits)
1077 {
1078 result->width = (unsigned int)dim[0];
1079 result->height = (unsigned int)dim[1];
1080 result->bits = (((unsigned int)dim[7]) << 8) + ((unsigned int)dim[6]);
1081 }
1082 num_icons--;
1083 }
1084
1085 if (0 == result->width)
1086 result->width = 256;
1087
1088 if (0 == result->height)
1089 result->height = 256;
1090
1091 return result;
1092 }
1093 /* }}} */
1094
1095 /* {{{ php_handle_webp */
php_handle_webp(php_stream * stream)1096 static struct gfxinfo *php_handle_webp(php_stream * stream)
1097 {
1098 struct gfxinfo *result = NULL;
1099 const char sig[3] = {'V', 'P', '8'};
1100 unsigned char buf[18];
1101 char format;
1102
1103 if (php_stream_read(stream, (char *) buf, 18) != 18)
1104 return NULL;
1105
1106 if (memcmp(buf, sig, 3)) {
1107 return NULL;
1108 }
1109 switch (buf[3]) {
1110 case ' ':
1111 case 'L':
1112 case 'X':
1113 format = buf[3];
1114 break;
1115 default:
1116 return NULL;
1117 }
1118
1119 result = (struct gfxinfo *) ecalloc(1, sizeof(struct gfxinfo));
1120
1121 switch (format) {
1122 case ' ':
1123 result->width = buf[14] + ((buf[15] & 0x3F) << 8);
1124 result->height = buf[16] + ((buf[17] & 0x3F) << 8);
1125 break;
1126 case 'L':
1127 result->width = buf[9] + ((buf[10] & 0x3F) << 8) + 1;
1128 result->height = (buf[10] >> 6) + (buf[11] << 2) + ((buf[12] & 0xF) << 10) + 1;
1129 break;
1130 case 'X':
1131 result->width = buf[12] + (buf[13] << 8) + (buf[14] << 16) + 1;
1132 result->height = buf[15] + (buf[16] << 8) + (buf[17] << 16) + 1;
1133 break;
1134 }
1135 result->bits = 8; /* always 1 byte */
1136
1137 return result;
1138 }
1139 /* }}} */
1140
1141 /* {{{ User struct and stream read/skip implementations for libavifinfo API */
1142 struct php_avif_stream {
1143 php_stream* stream;
1144 uint8_t buffer[AVIFINFO_MAX_NUM_READ_BYTES];
1145 };
1146
php_avif_stream_read(void * stream,size_t num_bytes)1147 static const uint8_t* php_avif_stream_read(void* stream, size_t num_bytes) {
1148 struct php_avif_stream* avif_stream = (struct php_avif_stream*)stream;
1149
1150 if (avif_stream == NULL || avif_stream->stream == NULL) {
1151 return NULL;
1152 }
1153 if (php_stream_read(avif_stream->stream, (char*)avif_stream->buffer, num_bytes) != num_bytes) {
1154 avif_stream->stream = NULL; /* fail further calls */
1155 return NULL;
1156 }
1157 return avif_stream->buffer;
1158 }
1159
php_avif_stream_skip(void * stream,size_t num_bytes)1160 static void php_avif_stream_skip(void* stream, size_t num_bytes) {
1161 struct php_avif_stream* avif_stream = (struct php_avif_stream*)stream;
1162
1163 if (avif_stream == NULL || avif_stream->stream == NULL) {
1164 return;
1165 }
1166 if (php_stream_seek(avif_stream->stream, num_bytes, SEEK_CUR)) {
1167 avif_stream->stream = NULL; /* fail further calls */
1168 }
1169 }
1170 /* }}} */
1171
1172 /* {{{ php_handle_avif
1173 * Parse AVIF features
1174 *
1175 * The stream must be positioned at the beginning of a box, so it does not
1176 * matter whether the "ftyp" box was already read by php_is_image_avif() or not.
1177 * It will read bytes from the stream until features are found or the file is
1178 * declared as invalid. Around 450 bytes are usually enough.
1179 * Transforms such as mirror and rotation are not applied on width and height.
1180 */
php_handle_avif(php_stream * stream)1181 static struct gfxinfo *php_handle_avif(php_stream * stream) {
1182 struct gfxinfo* result = NULL;
1183 AvifInfoFeatures features;
1184 struct php_avif_stream avif_stream;
1185 avif_stream.stream = stream;
1186
1187 if (AvifInfoGetFeaturesStream(&avif_stream, php_avif_stream_read, php_avif_stream_skip, &features) == kAvifInfoOk) {
1188 result = (struct gfxinfo*)ecalloc(1, sizeof(struct gfxinfo));
1189 result->width = features.width;
1190 result->height = features.height;
1191 result->bits = features.bit_depth;
1192 result->channels = features.num_channels;
1193 }
1194 return result;
1195 }
1196 /* }}} */
1197
1198 /* {{{ php_is_image_avif
1199 * Detect whether an image is of type AVIF
1200 *
1201 * Only the first "ftyp" box is read.
1202 * For a valid file, 12 bytes are usually read, but more might be necessary.
1203 */
php_is_image_avif(php_stream * stream)1204 bool php_is_image_avif(php_stream* stream) {
1205 struct php_avif_stream avif_stream;
1206 avif_stream.stream = stream;
1207
1208 if (AvifInfoIdentifyStream(&avif_stream, php_avif_stream_read, php_avif_stream_skip) == kAvifInfoOk) {
1209 return 1;
1210 }
1211 return 0;
1212 }
1213 /* }}} */
1214
1215 /* {{{ php_image_type_to_mime_type
1216 * Convert internal image_type to mime type */
php_image_type_to_mime_type(int image_type)1217 PHPAPI char * php_image_type_to_mime_type(int image_type)
1218 {
1219 switch( image_type) {
1220 case IMAGE_FILETYPE_GIF:
1221 return "image/gif";
1222 case IMAGE_FILETYPE_JPEG:
1223 return "image/jpeg";
1224 case IMAGE_FILETYPE_PNG:
1225 return "image/png";
1226 case IMAGE_FILETYPE_SWF:
1227 case IMAGE_FILETYPE_SWC:
1228 return "application/x-shockwave-flash";
1229 case IMAGE_FILETYPE_PSD:
1230 return "image/psd";
1231 case IMAGE_FILETYPE_BMP:
1232 return "image/bmp";
1233 case IMAGE_FILETYPE_TIFF_II:
1234 case IMAGE_FILETYPE_TIFF_MM:
1235 return "image/tiff";
1236 case IMAGE_FILETYPE_IFF:
1237 return "image/iff";
1238 case IMAGE_FILETYPE_WBMP:
1239 return "image/vnd.wap.wbmp";
1240 case IMAGE_FILETYPE_JPC:
1241 return "application/octet-stream";
1242 case IMAGE_FILETYPE_JP2:
1243 return "image/jp2";
1244 case IMAGE_FILETYPE_XBM:
1245 return "image/xbm";
1246 case IMAGE_FILETYPE_ICO:
1247 return "image/vnd.microsoft.icon";
1248 case IMAGE_FILETYPE_WEBP:
1249 return "image/webp";
1250 case IMAGE_FILETYPE_AVIF:
1251 return "image/avif";
1252 default:
1253 case IMAGE_FILETYPE_UNKNOWN:
1254 return "application/octet-stream"; /* suppose binary format */
1255 }
1256 }
1257 /* }}} */
1258
1259 /* {{{ Get Mime-Type for image-type returned by getimagesize, exif_read_data, exif_thumbnail, exif_imagetype */
PHP_FUNCTION(image_type_to_mime_type)1260 PHP_FUNCTION(image_type_to_mime_type)
1261 {
1262 zend_long p_image_type;
1263
1264 ZEND_PARSE_PARAMETERS_START(1, 1)
1265 Z_PARAM_LONG(p_image_type)
1266 ZEND_PARSE_PARAMETERS_END();
1267
1268 ZVAL_STRING(return_value, (char*)php_image_type_to_mime_type(p_image_type));
1269 }
1270 /* }}} */
1271
1272 /* {{{ Get file extension for image-type returned by getimagesize, exif_read_data, exif_thumbnail, exif_imagetype */
PHP_FUNCTION(image_type_to_extension)1273 PHP_FUNCTION(image_type_to_extension)
1274 {
1275 zend_long image_type;
1276 bool inc_dot=1;
1277 const char *imgext = NULL;
1278
1279 ZEND_PARSE_PARAMETERS_START(1, 2)
1280 Z_PARAM_LONG(image_type)
1281 Z_PARAM_OPTIONAL
1282 Z_PARAM_BOOL(inc_dot)
1283 ZEND_PARSE_PARAMETERS_END();
1284
1285 switch (image_type) {
1286 case IMAGE_FILETYPE_GIF:
1287 imgext = ".gif";
1288 break;
1289 case IMAGE_FILETYPE_JPEG:
1290 imgext = ".jpeg";
1291 break;
1292 case IMAGE_FILETYPE_PNG:
1293 imgext = ".png";
1294 break;
1295 case IMAGE_FILETYPE_SWF:
1296 case IMAGE_FILETYPE_SWC:
1297 imgext = ".swf";
1298 break;
1299 case IMAGE_FILETYPE_PSD:
1300 imgext = ".psd";
1301 break;
1302 case IMAGE_FILETYPE_BMP:
1303 case IMAGE_FILETYPE_WBMP:
1304 imgext = ".bmp";
1305 break;
1306 case IMAGE_FILETYPE_TIFF_II:
1307 case IMAGE_FILETYPE_TIFF_MM:
1308 imgext = ".tiff";
1309 break;
1310 case IMAGE_FILETYPE_IFF:
1311 imgext = ".iff";
1312 break;
1313 case IMAGE_FILETYPE_JPC:
1314 imgext = ".jpc";
1315 break;
1316 case IMAGE_FILETYPE_JP2:
1317 imgext = ".jp2";
1318 break;
1319 case IMAGE_FILETYPE_JPX:
1320 imgext = ".jpx";
1321 break;
1322 case IMAGE_FILETYPE_JB2:
1323 imgext = ".jb2";
1324 break;
1325 case IMAGE_FILETYPE_XBM:
1326 imgext = ".xbm";
1327 break;
1328 case IMAGE_FILETYPE_ICO:
1329 imgext = ".ico";
1330 break;
1331 case IMAGE_FILETYPE_WEBP:
1332 imgext = ".webp";
1333 break;
1334 case IMAGE_FILETYPE_AVIF:
1335 imgext = ".avif";
1336 break;
1337 }
1338
1339 if (imgext) {
1340 RETURN_STRING(&imgext[!inc_dot]);
1341 }
1342
1343 RETURN_FALSE;
1344 }
1345 /* }}} */
1346
1347 /* {{{ php_imagetype
1348 detect filetype from first bytes */
php_getimagetype(php_stream * stream,const char * input,char * filetype)1349 PHPAPI int php_getimagetype(php_stream *stream, const char *input, char *filetype)
1350 {
1351 char tmp[12];
1352 int twelve_bytes_read;
1353
1354 if ( !filetype) filetype = tmp;
1355 if((php_stream_read(stream, filetype, 3)) != 3) {
1356 php_error_docref(NULL, E_NOTICE, "Error reading from %s!", input);
1357 return IMAGE_FILETYPE_UNKNOWN;
1358 }
1359
1360 /* BYTES READ: 3 */
1361 if (!memcmp(filetype, php_sig_gif, 3)) {
1362 return IMAGE_FILETYPE_GIF;
1363 } else if (!memcmp(filetype, php_sig_jpg, 3)) {
1364 return IMAGE_FILETYPE_JPEG;
1365 } else if (!memcmp(filetype, php_sig_png, 3)) {
1366 if (php_stream_read(stream, filetype+3, 5) != 5) {
1367 php_error_docref(NULL, E_NOTICE, "Error reading from %s!", input);
1368 return IMAGE_FILETYPE_UNKNOWN;
1369 }
1370 if (!memcmp(filetype, php_sig_png, 8)) {
1371 return IMAGE_FILETYPE_PNG;
1372 } else {
1373 php_error_docref(NULL, E_WARNING, "PNG file corrupted by ASCII conversion");
1374 return IMAGE_FILETYPE_UNKNOWN;
1375 }
1376 } else if (!memcmp(filetype, php_sig_swf, 3)) {
1377 return IMAGE_FILETYPE_SWF;
1378 } else if (!memcmp(filetype, php_sig_swc, 3)) {
1379 return IMAGE_FILETYPE_SWC;
1380 } else if (!memcmp(filetype, php_sig_psd, 3)) {
1381 return IMAGE_FILETYPE_PSD;
1382 } else if (!memcmp(filetype, php_sig_bmp, 2)) {
1383 return IMAGE_FILETYPE_BMP;
1384 } else if (!memcmp(filetype, php_sig_jpc, 3)) {
1385 return IMAGE_FILETYPE_JPC;
1386 } else if (!memcmp(filetype, php_sig_riff, 3)) {
1387 if (php_stream_read(stream, filetype+3, 9) != 9) {
1388 php_error_docref(NULL, E_NOTICE, "Error reading from %s!", input);
1389 return IMAGE_FILETYPE_UNKNOWN;
1390 }
1391 if (!memcmp(filetype+8, php_sig_webp, 4)) {
1392 return IMAGE_FILETYPE_WEBP;
1393 } else {
1394 return IMAGE_FILETYPE_UNKNOWN;
1395 }
1396 }
1397
1398 if (php_stream_read(stream, filetype+3, 1) != 1) {
1399 php_error_docref(NULL, E_NOTICE, "Error reading from %s!", input);
1400 return IMAGE_FILETYPE_UNKNOWN;
1401 }
1402 /* BYTES READ: 4 */
1403 if (!memcmp(filetype, php_sig_tif_ii, 4)) {
1404 return IMAGE_FILETYPE_TIFF_II;
1405 } else if (!memcmp(filetype, php_sig_tif_mm, 4)) {
1406 return IMAGE_FILETYPE_TIFF_MM;
1407 } else if (!memcmp(filetype, php_sig_iff, 4)) {
1408 return IMAGE_FILETYPE_IFF;
1409 } else if (!memcmp(filetype, php_sig_ico, 4)) {
1410 return IMAGE_FILETYPE_ICO;
1411 }
1412
1413 /* WBMP may be smaller than 12 bytes, so delay error */
1414 twelve_bytes_read = (php_stream_read(stream, filetype+4, 8) == 8);
1415
1416 /* BYTES READ: 12 */
1417 if (twelve_bytes_read && !memcmp(filetype, php_sig_jp2, 12)) {
1418 return IMAGE_FILETYPE_JP2;
1419 }
1420
1421 if (!php_stream_rewind(stream) && php_is_image_avif(stream)) {
1422 return IMAGE_FILETYPE_AVIF;
1423 }
1424
1425 /* AFTER ALL ABOVE FAILED */
1426 if (php_get_wbmp(stream, NULL, 1)) {
1427 return IMAGE_FILETYPE_WBMP;
1428 }
1429
1430 if (!twelve_bytes_read) {
1431 php_error_docref(NULL, E_NOTICE, "Error reading from %s!", input);
1432 return IMAGE_FILETYPE_UNKNOWN;
1433 }
1434
1435 if (php_get_xbm(stream, NULL)) {
1436 return IMAGE_FILETYPE_XBM;
1437 }
1438
1439 return IMAGE_FILETYPE_UNKNOWN;
1440 }
1441 /* }}} */
1442
php_getimagesize_from_stream(php_stream * stream,char * input,zval * info,INTERNAL_FUNCTION_PARAMETERS)1443 static void php_getimagesize_from_stream(php_stream *stream, char *input, zval *info, INTERNAL_FUNCTION_PARAMETERS) /* {{{ */
1444 {
1445 int itype = 0;
1446 struct gfxinfo *result = NULL;
1447
1448 if (!stream) {
1449 RETURN_FALSE;
1450 }
1451
1452 itype = php_getimagetype(stream, input, NULL);
1453 switch( itype) {
1454 case IMAGE_FILETYPE_GIF:
1455 result = php_handle_gif(stream);
1456 break;
1457 case IMAGE_FILETYPE_JPEG:
1458 if (info) {
1459 result = php_handle_jpeg(stream, info);
1460 } else {
1461 result = php_handle_jpeg(stream, NULL);
1462 }
1463 break;
1464 case IMAGE_FILETYPE_PNG:
1465 result = php_handle_png(stream);
1466 break;
1467 case IMAGE_FILETYPE_SWF:
1468 result = php_handle_swf(stream);
1469 break;
1470 case IMAGE_FILETYPE_SWC:
1471 #if defined(HAVE_ZLIB) && !defined(COMPILE_DL_ZLIB)
1472 result = php_handle_swc(stream);
1473 #else
1474 php_error_docref(NULL, E_NOTICE, "The image is a compressed SWF file, but you do not have a static version of the zlib extension enabled");
1475 #endif
1476 break;
1477 case IMAGE_FILETYPE_PSD:
1478 result = php_handle_psd(stream);
1479 break;
1480 case IMAGE_FILETYPE_BMP:
1481 result = php_handle_bmp(stream);
1482 break;
1483 case IMAGE_FILETYPE_TIFF_II:
1484 result = php_handle_tiff(stream, NULL, 0);
1485 break;
1486 case IMAGE_FILETYPE_TIFF_MM:
1487 result = php_handle_tiff(stream, NULL, 1);
1488 break;
1489 case IMAGE_FILETYPE_JPC:
1490 result = php_handle_jpc(stream);
1491 break;
1492 case IMAGE_FILETYPE_JP2:
1493 result = php_handle_jp2(stream);
1494 break;
1495 case IMAGE_FILETYPE_IFF:
1496 result = php_handle_iff(stream);
1497 break;
1498 case IMAGE_FILETYPE_WBMP:
1499 result = php_handle_wbmp(stream);
1500 break;
1501 case IMAGE_FILETYPE_XBM:
1502 result = php_handle_xbm(stream);
1503 break;
1504 case IMAGE_FILETYPE_ICO:
1505 result = php_handle_ico(stream);
1506 break;
1507 case IMAGE_FILETYPE_WEBP:
1508 result = php_handle_webp(stream);
1509 break;
1510 case IMAGE_FILETYPE_AVIF:
1511 result = php_handle_avif(stream);
1512 break;
1513 default:
1514 case IMAGE_FILETYPE_UNKNOWN:
1515 break;
1516 }
1517
1518 if (result) {
1519 char temp[MAX_LENGTH_OF_LONG * 2 + sizeof("width=\"\" height=\"\"")];
1520 array_init(return_value);
1521 add_index_long(return_value, 0, result->width);
1522 add_index_long(return_value, 1, result->height);
1523 add_index_long(return_value, 2, itype);
1524 snprintf(temp, sizeof(temp), "width=\"%d\" height=\"%d\"", result->width, result->height);
1525 add_index_string(return_value, 3, temp);
1526
1527 if (result->bits != 0) {
1528 add_assoc_long(return_value, "bits", result->bits);
1529 }
1530 if (result->channels != 0) {
1531 add_assoc_long(return_value, "channels", result->channels);
1532 }
1533 add_assoc_string(return_value, "mime", (char*)php_image_type_to_mime_type(itype));
1534 efree(result);
1535 } else {
1536 RETURN_FALSE;
1537 }
1538 }
1539 /* }}} */
1540
1541 #define FROM_DATA 0
1542 #define FROM_PATH 1
1543
php_getimagesize_from_any(INTERNAL_FUNCTION_PARAMETERS,int mode)1544 static void php_getimagesize_from_any(INTERNAL_FUNCTION_PARAMETERS, int mode) { /* {{{ */
1545 zval *info = NULL;
1546 php_stream *stream = NULL;
1547 zend_string *input;
1548 const int argc = ZEND_NUM_ARGS();
1549
1550 ZEND_PARSE_PARAMETERS_START(1, 2)
1551 Z_PARAM_STR(input)
1552 Z_PARAM_OPTIONAL
1553 Z_PARAM_ZVAL(info)
1554 ZEND_PARSE_PARAMETERS_END();
1555
1556 if (mode == FROM_PATH && CHECK_NULL_PATH(ZSTR_VAL(input), ZSTR_LEN(input))) {
1557 zend_argument_value_error(1, "must not contain any null bytes");
1558 RETURN_THROWS();
1559 }
1560
1561 if (argc == 2) {
1562 info = zend_try_array_init(info);
1563 if (!info) {
1564 RETURN_THROWS();
1565 }
1566 }
1567
1568 if (mode == FROM_PATH) {
1569 stream = php_stream_open_wrapper(ZSTR_VAL(input), "rb", STREAM_MUST_SEEK|REPORT_ERRORS|IGNORE_PATH, NULL);
1570 } else {
1571 stream = php_stream_memory_open(TEMP_STREAM_READONLY, input);
1572 }
1573
1574 if (!stream) {
1575 RETURN_FALSE;
1576 }
1577
1578 php_getimagesize_from_stream(stream, ZSTR_VAL(input), info, INTERNAL_FUNCTION_PARAM_PASSTHRU);
1579 php_stream_close(stream);
1580 }
1581 /* }}} */
1582
1583 /* {{{ Get the size of an image as 4-element array */
PHP_FUNCTION(getimagesize)1584 PHP_FUNCTION(getimagesize)
1585 {
1586 php_getimagesize_from_any(INTERNAL_FUNCTION_PARAM_PASSTHRU, FROM_PATH);
1587 }
1588 /* }}} */
1589
1590 /* {{{ Get the size of an image as 4-element array */
PHP_FUNCTION(getimagesizefromstring)1591 PHP_FUNCTION(getimagesizefromstring)
1592 {
1593 php_getimagesize_from_any(INTERNAL_FUNCTION_PARAM_PASSTHRU, FROM_DATA);
1594 }
1595 /* }}} */
1596
