RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-26 16:37:47 +00:00
Code Issues Activity Actions

LibGfx+icc: Look at profile_size field

Browse source 
This trims the input bytes to the profile size stored in the file.
Alternatively, we could reject files where the stored size doesn't
match the handed in size. But ICC profiles can be embedded in other
files, and those could conceivably pad the ICC profile data some.
This commit is contained in:
Nico Weber 2023-01-08 07:07:21 -05:00 committed by Linus Groh
parent 7d4ec4fecf
commit 7ae97c9fc4
3 changed files with 29 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

21
Userland/Libraries/LibGfx/ICCProfile.cpp
View file

@ -116,6 +116,22 @@ struct ICCHeader {
};
static_assert(sizeof(ICCHeader) == 128);
ErrorOr<u32> parse_size(ICCHeader const& header, ReadonlyBytes icc_bytes)
{
// ICC v4, 7.2.2 Profile size field
// "The value in the profile size field shall be the exact size obtained by combining the profile header,
// the tag table, and the tagged element data, including the pad bytes for the last tag."
// Valid files have enough data for profile header and tag table entry count.
if (header.profile_size < sizeof(ICCHeader) + sizeof(u32))
return Error::from_string_literal("ICC::Profile: Profile size too small");
if (header.profile_size > icc_bytes.size())
return Error::from_string_literal("ICC::Profile: Profile size larger than input data");
return header.profile_size;
}
Optional<PreferredCMMType> parse_preferred_cmm_type(ICCHeader const& header)
{
// ICC v4, 7.2.3 Preferred CMM type field
@ -504,6 +520,7 @@ ErrorOr<NonnullRefPtr<Profile>> Profile::try_load_from_externally_owned_memory(R
auto header = *bit_cast<ICCHeader const*>(bytes.data());
TRY(parse_file_signature(header));
profile->m_on_disk_size = TRY(parse_size(header, bytes));
profile->m_preferred_cmm_type = parse_preferred_cmm_type(header);
profile->m_version = TRY(parse_version(header));
profile->m_device_class = TRY(parse_device_class(header));
@ -521,6 +538,10 @@ ErrorOr<NonnullRefPtr<Profile>> Profile::try_load_from_externally_owned_memory(R
profile->m_id = TRY(parse_profile_id(header, bytes));
TRY(parse_reserved(header));
bytes = bytes.trim(header.profile_size);
bytes = bytes.slice(sizeof(ICCHeader));
// FIXME: Read tag table.
return profile;
}