Working support for AVIF in imagecreatefromstring()

morsssss · morsssss · commit c10268e300c1 · 2021-06-09T22:37:47.000-04:00
diff --git a/ext/gd/gd.c b/ext/gd/gd.c
@@ -145,7 +145,7 @@ static void _php_image_output(INTERNAL_FUNCTION_PARAMETERS, int image_type, char
 static gdIOCtx *create_stream_context_from_zval(zval *to_zval);
 static gdIOCtx *create_stream_context(php_stream *stream, int close_stream);
 static gdIOCtx *create_output_context(void);
-static int _php_image_type(char data[12]);
+static int _php_image_type (zend_string *data);
 
 /* output streaming (formerly gd_ctx.c) */
 static void _php_image_output_ctx(INTERNAL_FUNCTION_PARAMETERS, int image_type, char *tn, void (*func_p)());
@@ -1469,14 +1469,15 @@ static int _php_ctx_getmbi(gdIOCtx *ctx)
 }
 /* }}} */
 
-/* {{{ _php_image_type */
+/* {{{ _php_image_type
+ * Based on ext/standard/image.c
+ */
 static const char php_sig_gd2[3] = {'g', 'd', '2'};
 
-static int _php_image_type (char data[12])
+static int _php_image_type (zend_string *data)
 {
-	/* Based on ext/standard/image.c */
-
-	if (data == NULL) {
+	if (ZSTR_LEN(data) < 12) {
+		/* Handle this the same way as an unknown image type. */
 		return -1;
 	}
 
@@ -1493,18 +1494,24 @@ static int _php_image_type (char data[12])
 	} else if(!memcmp(data, php_sig_riff, sizeof(php_sig_riff)) && !memcmp(data + sizeof(php_sig_riff) + sizeof(uint32_t), php_sig_webp, sizeof(php_sig_webp))) {
 		return PHP_GDIMG_TYPE_WEBP;
 	}
-	else {
-		gdIOCtx *io_ctx;
-		io_ctx = gdNewDynamicCtxEx(8, data, 0);
-		if (io_ctx) {
-			if (_php_ctx_getmbi(io_ctx) == 0 && _php_ctx_getmbi(io_ctx) >= 0) {
-				io_ctx->gd_free(io_ctx);
-				return PHP_GDIMG_TYPE_WBM;
-			} else {
-				io_ctx->gd_free(io_ctx);
-			}
+
+	php_gd_image_reader reader = { .data = data, .data_pos = 0 };
+
+  if (php_is_image_avif(&reader)) {
+  	return PHP_GDIMG_TYPE_AVIF;
+	}
+
+	gdIOCtx *io_ctx;
+	io_ctx = gdNewDynamicCtxEx(8, data, 0);
+	if (io_ctx) {
+		if (_php_ctx_getmbi(io_ctx) == 0 && _php_ctx_getmbi(io_ctx) >= 0) {
+			io_ctx->gd_free(io_ctx);
+			return PHP_GDIMG_TYPE_WBM;
+		} else {
+			io_ctx->gd_free(io_ctx);
 		}
 	}
+
 	return -1;
 }
 /* }}} */
@@ -1540,21 +1547,12 @@ PHP_FUNCTION(imagecreatefromstring)
 	zend_string *data;
 	gdImagePtr im;
 	int imtype;
-	char sig[12];
 
 	if (zend_parse_parameters(ZEND_NUM_ARGS(), "S", &data) == FAILURE) {
 		RETURN_THROWS();
 	}
 
-	if (ZSTR_LEN(data) < sizeof(sig)) {
-		/* Handle this the same way as an unknown image type. */
-		php_error_docref(NULL, E_WARNING, "Data is not in a recognized format");
-		RETURN_FALSE;
-	}
-
-	memcpy(sig, ZSTR_VAL(data), sizeof(sig));
-
-	imtype = _php_image_type(sig);
+	imtype = _php_image_type(data);
 
 	switch (imtype) {
 		case PHP_GDIMG_TYPE_JPG:
diff --git a/ext/gd/php_gd.h b/ext/gd/php_gd.h
@@ -18,6 +18,9 @@
 #ifndef PHP_GD_H
 #define PHP_GD_H
 
+#include "zend_string.h"
+#include "php_streams.h"
+
 #if defined(HAVE_LIBGD) || defined(HAVE_GD_BUNDLED)
 
 /* open_basedir and safe_mode checks */
@@ -86,6 +89,15 @@ PHP_RSHUTDOWN_FUNCTION(gd);
 
 PHP_GD_API struct gdImageStruct *php_gd_libgdimageptr_from_zval_p(zval* zp);
 
+/* Struct and function to be used for testing whether an image is AVIF */
+typedef struct {
+  php_stream * stream;
+  zend_string * data;
+  size_t data_pos;
+} php_gd_image_reader;
+
+int php_is_image_avif(php_gd_image_reader * reader);
+
 #else
 
 #define phpext_gd_ptr NULL
diff --git a/ext/standard/image.c b/ext/standard/image.c
@@ -26,6 +26,7 @@
 #include <unistd.h>
 #endif
 #include "php_image.h"
+#include "../gd/php_gd.h"
 
 #if HAVE_ZLIB && !defined(COMPILE_DL_ZLIB)
 #include "zlib.h"
@@ -1149,9 +1150,9 @@ static struct gfxinfo *php_handle_webp(php_stream * stream)
 }
 /* }}} */
 
-/* {{{ php_handle_avif */
-/* There's no simple way to get this information - so, for now, this is unsupported.
-   Simply return 0 for everything.
+/* {{{ php_handle_avif
+ * There's no simple way to get this information - so, for now, this is unsupported.
+ * Simply return 0 for everything.
  */
 static struct gfxinfo *php_handle_avif(php_stream * stream) {
 		struct gfxinfo * result;
@@ -1178,64 +1179,82 @@ static uint32_t php_ntohl(val) {
 }
 /* }}} */
 
+/* {{{ php_image_read_bytes 
+ * A generalized function that reads bytes from an image_reader struct.
+ * It can read either from a php_stream or a zend_string.
+ */
+static size_t php_image_read_bytes(php_gd_image_reader * reader, char * buf, size_t count) {
+  if (reader->stream) {
+    return php_stream_read(reader->stream, buf, count);
+  }
+  
+  if (reader->data) {
+    if (ZSTR_LEN(reader->data) < reader->data_pos + count) {
+      return 0;
+    }
+
+    memcpy(buf, ZSTR_VAL(reader->data) + reader->data_pos, count);
+    reader->data_pos += count;
+    return count;
+  }
+
+  return 0;
+}
+/* }}} */
+
 /* {{{ php_is_image_avif
-   detect whether an image is of type AVIF
-	 
-	 An AVIF image will start off a header "box".
-	 This starts with with a four-byte integer containing the number of bytes in the filetype box.
-	 This must be followed by the string "ftyp".
-	 Next comes a four-byte string indicating the "major brand".
-	 If that's "avif" or "avis", this is an AVIF image.
-	 Next, there's a four-byte "minor version" field, which we can ignore.
-	 Next comes an array of four-byte strings containing "compatible brands".
-	 These extend to the end of the box.
-	 If any of the compatible brands is "avif" or "avis", then this is an AVIF image.
-	 Otherwise, well, it's not.
-
-	 For more, see https://mpeg.chiariglione.org/standards/mpeg-4/iso-base-media-file-format/text-isoiec-14496-12-5th-edition
-*/
-static int php_is_image_avif(php_stream * stream) {
+ * detect whether an image is of type AVIF
+ * 
+ * An AVIF image will start off a header "box".
+ * This starts with with a four-byte integer containing the number of bytes in the filetype box.
+ * This must be followed by the string "ftyp".
+ * Next comes a four-byte string indicating the "major brand".
+ * If that's "avif" or "avis", this is an AVIF image.
+ * Next, there's a four-byte "minor version" field, which we can ignore.
+ * Next comes an array of four-byte strings containing "compatible brands".
+ * These extend to the end of the box.
+ * If any of the compatible brands is "avif" or "avis", then this is an AVIF image.
+ * Otherwise, well, it's not.
+ * For more, see https://mpeg.chiariglione.org/standards/mpeg-4/iso-base-media-file-format/text-isoiec-14496-12-5th-edition
+ */
+int php_is_image_avif(php_gd_image_reader * reader) {
 	uint32_t header_size_reversed, header_size, i;
 	char box_type[4], brand[4];
 
-	if (php_stream_rewind(stream)) {
-		return 0;
-	}
-
-	if (php_stream_read(stream, (char *) &header_size_reversed, 4) != 4) {
+	if (php_image_read_bytes(reader, (char *) &header_size_reversed, 4) != 4) {
 		return 0;
 	}
 
 	header_size = php_ntohl(header_size_reversed);
 
-	// If the box type isn't "ftyp", it can't be an AVIF image.
-	if (php_stream_read(stream, box_type, 4) != 4) {
+	/* If the box type isn't "ftyp", it can't be an AVIF image. */
+	if (php_image_read_bytes(reader, box_type, 4) != 4) {
 		return 0;
 	}
 
 	if (memcmp(box_type, "ftyp", 4)) {
 		return 0;
 	}
 	
-	// If the major brand is "avif" or "avis", it's an AVIF image.
-	if (php_stream_read(stream, brand, 4) != 4) {
+	/* If the major brand is "avif" or "avis", it's an AVIF image. */
+	if (php_image_read_bytes(reader, brand, 4) != 4) {
 		return 0;
 	}
 
 	if (!memcmp(brand, "avif", 4) || !memcmp(brand, "avis", 4)) {
 		return 1;
 	}
 
-	// Skip the next four bytes, which are the "minor version".
-	if (php_stream_read(stream, brand, 4) != 4) {
+	/* Skip the next four bytes, which are the "minor version". */
+	if (php_image_read_bytes(reader, brand, 4) != 4) {
 		return 0;
 	}
 
-	// Look for "avif" or "avis" in any member of compatible_brands[], to the end of the header.
-	// Note we've already read four groups of four bytes.
+	/* Look for "avif" or "avis" in any member of compatible_brands[], to the end of the header.
+	   Note we've already read four groups of four bytes. */
 
 	for (i = 16; i < header_size; i += 4) {
-		if (php_stream_read(stream, brand, 4) != 4) {
+		if (php_image_read_bytes(reader, brand, 4) != 4) {
 			return 0;
 		}
 
@@ -1381,7 +1400,7 @@ PHP_FUNCTION(image_type_to_extension)
 
 /* {{{ php_imagetype
    detect filetype from first bytes */
-PHPAPI int php_getimagetype(php_stream * stream, const char *input, char *filetype)
+PHPAPI int php_getimagetype(php_stream * stream, const char * input, char * filetype)
 {
 	char tmp[12];
     int twelve_bytes_read;
@@ -1458,7 +1477,10 @@ PHPAPI int php_getimagetype(php_stream * stream, const char *input, char *filety
 		return IMAGE_FILETYPE_WBMP;
 	}
 
-	if (php_is_image_avif(stream)) {
+	php_gd_image_reader reader;
+	reader.stream = stream;
+
+	if (!php_stream_rewind(stream) && php_is_image_avif(&reader)) {
 		return IMAGE_FILETYPE_AVIF;
 	}
 
