#include "termhooks.h"
#include "font.h"
+#define RANGED_INTEGERP(lo, x, hi) \
+ (INTEGERP (x) && (lo) <= XINT (x) && XINT (x) <= (hi))
+#define TYPE_RANGED_INTEGERP(type, x) \
+ RANGED_INTEGERP (TYPE_MINIMUM (type), x, TYPE_MAXIMUM (type))
+
#ifdef HAVE_X_WINDOWS
#include "xterm.h"
#include <sys/types.h>
#ifdef COLOR_TABLE_SUPPORT
static void free_color_table (void);
static unsigned long *colors_in_color_table (int *n);
-static unsigned long lookup_pixel_color (struct frame *f, unsigned long p);
#endif
static Lisp_Object Finit_image_library (Lisp_Object, Lisp_Object);
/* Functions to access the contents of a bitmap, given an id. */
int
-x_bitmap_height (FRAME_PTR f, int id)
+x_bitmap_height (FRAME_PTR f, ptrdiff_t id)
{
return FRAME_X_DISPLAY_INFO (f)->bitmaps[id - 1].height;
}
int
-x_bitmap_width (FRAME_PTR f, int id)
+x_bitmap_width (FRAME_PTR f, ptrdiff_t id)
{
return FRAME_X_DISPLAY_INFO (f)->bitmaps[id - 1].width;
}
#if defined (HAVE_X_WINDOWS) || defined (HAVE_NTGUI)
int
-x_bitmap_pixmap (FRAME_PTR f, int id)
+x_bitmap_pixmap (FRAME_PTR f, ptrdiff_t id)
{
- return (int) FRAME_X_DISPLAY_INFO (f)->bitmaps[id - 1].pixmap;
+ return FRAME_X_DISPLAY_INFO (f)->bitmaps[id - 1].pixmap;
}
#endif
#ifdef HAVE_X_WINDOWS
int
-x_bitmap_mask (FRAME_PTR f, int id)
+x_bitmap_mask (FRAME_PTR f, ptrdiff_t id)
{
return FRAME_X_DISPLAY_INFO (f)->bitmaps[id - 1].mask;
}
/* Allocate a new bitmap record. Returns index of new record. */
-static int
+static ptrdiff_t
x_allocate_bitmap_record (FRAME_PTR f)
{
Display_Info *dpyinfo = FRAME_X_DISPLAY_INFO (f);
- int i;
+ ptrdiff_t i;
if (dpyinfo->bitmaps == NULL)
{
if (dpyinfo->bitmaps[i].refcount == 0)
return i + 1;
+ if (min (PTRDIFF_MAX, SIZE_MAX) / sizeof (Bitmap_Record) / 2
+ < dpyinfo->bitmaps_size)
+ memory_full (SIZE_MAX);
dpyinfo->bitmaps_size *= 2;
dpyinfo->bitmaps
= (Bitmap_Record *) xrealloc (dpyinfo->bitmaps,
/* Add one reference to the reference count of the bitmap with id ID. */
void
-x_reference_bitmap (FRAME_PTR f, int id)
+x_reference_bitmap (FRAME_PTR f, ptrdiff_t id)
{
++FRAME_X_DISPLAY_INFO (f)->bitmaps[id - 1].refcount;
}
/* Create a bitmap for frame F from a HEIGHT x WIDTH array of bits at BITS. */
-int
+ptrdiff_t
x_create_bitmap_from_data (struct frame *f, char *bits, unsigned int width, unsigned int height)
{
Display_Info *dpyinfo = FRAME_X_DISPLAY_INFO (f);
- int id;
+ ptrdiff_t id;
#ifdef HAVE_X_WINDOWS
Pixmap bitmap;
/* Create bitmap from file FILE for frame F. */
-int
+ptrdiff_t
x_create_bitmap_from_file (struct frame *f, Lisp_Object file)
{
Display_Info *dpyinfo = FRAME_X_DISPLAY_INFO (f);
#endif /* HAVE_NTGUI */
#ifdef HAVE_NS
- int id;
+ ptrdiff_t id;
void *bitmap = ns_image_from_file (file);
if (!bitmap)
#ifdef HAVE_X_WINDOWS
unsigned int width, height;
Pixmap bitmap;
- int xhot, yhot, result, id;
+ int xhot, yhot, result;
+ ptrdiff_t id;
Lisp_Object found;
int fd;
char *filename;
/* Remove reference to bitmap with id number ID. */
void
-x_destroy_bitmap (FRAME_PTR f, int id)
+x_destroy_bitmap (FRAME_PTR f, ptrdiff_t id)
{
Display_Info *dpyinfo = FRAME_X_DISPLAY_INFO (f);
void
x_destroy_all_bitmaps (Display_Info *dpyinfo)
{
- int i;
+ ptrdiff_t i;
Bitmap_Record *bm = dpyinfo->bitmaps;
for (i = 0; i < dpyinfo->bitmaps_last; i++, bm++)
It's nicer with some borders in this context */
int
-x_create_bitmap_mask (struct frame *f, int id)
+x_create_bitmap_mask (struct frame *f, ptrdiff_t id)
{
Pixmap pixmap, mask;
XImagePtr ximg, mask_img;
break;
case IMAGE_POSITIVE_INTEGER_VALUE:
- if (!INTEGERP (value) || XINT (value) <= 0)
+ if (! RANGED_INTEGERP (1, value, INT_MAX))
return 0;
break;
case IMAGE_POSITIVE_INTEGER_VALUE_OR_PAIR:
- if (INTEGERP (value) && XINT (value) >= 0)
+ if (RANGED_INTEGERP (1, value, INT_MAX))
break;
if (CONSP (value)
- && INTEGERP (XCAR (value)) && INTEGERP (XCDR (value))
- && XINT (XCAR (value)) >= 0 && XINT (XCDR (value)) >= 0)
+ && RANGED_INTEGERP (1, XCAR (value), INT_MAX)
+ && RANGED_INTEGERP (1, XCDR (value), INT_MAX))
break;
return 0;
case IMAGE_ASCENT_VALUE:
if (SYMBOLP (value) && EQ (value, Qcenter))
break;
- else if (INTEGERP (value)
- && XINT (value) >= 0
- && XINT (value) <= 100)
+ else if (RANGED_INTEGERP (0, value, 100))
break;
return 0;
case IMAGE_NON_NEGATIVE_INTEGER_VALUE:
+ /* Unlike the other integer-related cases, this one does not
+ verify that VALUE fits in 'int'. This is because callers
+ want EMACS_INT. */
if (!INTEGERP (value) || XINT (value) < 0)
return 0;
break;
break;
case IMAGE_INTEGER_VALUE:
- if (!INTEGERP (value))
+ if (! TYPE_RANGED_INTEGERP (int, value))
return 0;
break;
if (valid_image_p (spec))
{
struct frame *f = check_x_frame (frame);
- int id = lookup_image (f, spec);
+ ptrdiff_t id = lookup_image (f, spec);
struct image *img = IMAGE_FROM_ID (f, id);
int width = img->width + 2 * img->hmargin;
int height = img->height + 2 * img->vmargin;
if (valid_image_p (spec))
{
struct frame *f = check_x_frame (frame);
- int id = lookup_image (f, spec);
+ ptrdiff_t id = lookup_image (f, spec);
struct image *img = IMAGE_FROM_ID (f, id);
if (img->mask)
mask = Qt;
if (valid_image_p (spec))
{
struct frame *f = check_x_frame (frame);
- int id = lookup_image (f, spec);
+ ptrdiff_t id = lookup_image (f, spec);
struct image *img = IMAGE_FROM_ID (f, id);
ext = img->lisp_data;
}
***********************************************************************/
static void free_image (struct frame *f, struct image *img);
-static int check_image_size (struct frame *f, int width, int height);
#define MAX_IMAGE_SIZE 6.0
/* Allocate and return a new image structure for image specification
/* Return 1 if the given widths and heights are valid for display;
otherwise, return 0. */
-int
+static int
check_image_size (struct frame *f, int width, int height)
{
int w, h;
return 0;
if (INTEGERP (Vmax_image_size))
- w = h = XINT (Vmax_image_size);
+ return (width <= XINT (Vmax_image_size)
+ && height <= XINT (Vmax_image_size));
else if (FLOATP (Vmax_image_size))
{
- if (f != NULL)
- {
- w = FRAME_PIXEL_WIDTH (f);
- h = FRAME_PIXEL_HEIGHT (f);
- }
- else
- w = h = 1024; /* Arbitrary size for unknown frame. */
- w = (int) (XFLOAT_DATA (Vmax_image_size) * w);
- h = (int) (XFLOAT_DATA (Vmax_image_size) * h);
+ xassert (f);
+ w = FRAME_PIXEL_WIDTH (f);
+ h = FRAME_PIXEL_HEIGHT (f);
+ return (width <= XFLOAT_DATA (Vmax_image_size) * w
+ && height <= XFLOAT_DATA (Vmax_image_size) * h);
}
else
return 1;
-
- return (width <= w && height <= h);
}
/* Prepare image IMG for display on frame F. Must be called before
ascent = height / 2;
}
else
- ascent = (int) (height * img->ascent / 100.0);
+ ascent = height * (img->ascent / 100.0);
return ascent;
}
xassert (STRINGP (color_name));
- if (x_defined_color (f, SSDATA (color_name), &color, 1))
+ if (x_defined_color (f, SSDATA (color_name), &color, 1)
+ && img->ncolors < min (min (PTRDIFF_MAX, SIZE_MAX) / sizeof *img->colors,
+ INT_MAX))
{
/* This isn't called frequently so we get away with simply
reallocating the color vector to the needed size, here. */
struct image_cache *c = FRAME_IMAGE_CACHE (f);
if (c)
{
- int i;
+ ptrdiff_t i;
/* Cache should not be referenced by any frame when freed. */
xassert (c->refcount == 0);
if (c)
{
- int i, nfreed = 0;
+ ptrdiff_t i, nfreed = 0;
/* Block input so that we won't be interrupted by a SIGIO
while being in an inconsistent state. */
{
/* Free cache based on timestamp. */
EMACS_TIME t;
- time_t old;
- int delay, nimages = 0;
+ double old, delay;
+ ptrdiff_t nimages = 0;
for (i = 0; i < c->used; ++i)
if (c->images[i])
/* If the number of cached images has grown unusually large,
decrease the cache eviction delay (Bug#6230). */
- delay = XFASTINT (Vimage_cache_eviction_delay);
+ delay = XINT (Vimage_cache_eviction_delay);
if (nimages > 40)
- delay = max (1, 1600 * delay / (nimages*nimages));
+ delay = 1600 * delay / nimages / nimages;
+ delay = max (delay, 1);
EMACS_GET_TIME (t);
old = EMACS_SECS (t) - delay;
/* Return the id of image with Lisp specification SPEC on frame F.
SPEC must be a valid Lisp image specification (see valid_image_p). */
-int
+ptrdiff_t
lookup_image (struct frame *f, Lisp_Object spec)
{
struct image *img;
img->ascent = CENTERED_IMAGE_ASCENT;
margin = image_spec_value (spec, QCmargin, NULL);
- if (INTEGERP (margin) && XINT (margin) >= 0)
+ if (INTEGERP (margin))
img->vmargin = img->hmargin = XFASTINT (margin);
- else if (CONSP (margin) && INTEGERP (XCAR (margin))
- && INTEGERP (XCDR (margin)))
+ else if (CONSP (margin))
{
- if (XINT (XCAR (margin)) > 0)
- img->hmargin = XFASTINT (XCAR (margin));
- if (XINT (XCDR (margin)) > 0)
- img->vmargin = XFASTINT (XCDR (margin));
+ img->hmargin = XFASTINT (XCAR (margin));
+ img->vmargin = XFASTINT (XCDR (margin));
}
relief = image_spec_value (spec, QCrelief, NULL);
cache_image (struct frame *f, struct image *img)
{
struct image_cache *c = FRAME_IMAGE_CACHE (f);
- int i;
+ ptrdiff_t i;
/* Find a free slot in c->images. */
for (i = 0; i < c->used; ++i)
/* If no free slot found, maybe enlarge c->images. */
if (i == c->used && c->used == c->size)
{
+ if (min (PTRDIFF_MAX, SIZE_MAX) / sizeof *c->images / 2 < c->size)
+ memory_full (SIZE_MAX);
c->size *= 2;
c->images = (struct image **) xrealloc (c->images,
c->size * sizeof *c->images);
{
if (c)
{
- int i;
+ ptrdiff_t i;
for (i = 0; i < c->used; ++i)
if (c->images[i])
mark_image (c->images[i]);
static void x_destroy_x_image (XImagePtr);
static void x_put_x_image (struct frame *, XImagePtr, Pixmap, int, int);
+/* Return nonzero if XIMG's size WIDTH x HEIGHT doesn't break X.
+ WIDTH and HEIGHT must both be positive.
+ If XIMG is null, assume it is a bitmap. */
+static int
+x_check_image_size (XImagePtr ximg, int width, int height)
+{
+ /* Respect Xlib's limits: it cannot deal with images that have more
+ than INT_MAX (and/or UINT_MAX) bytes. And respect Emacs's limits
+ of PTRDIFF_MAX (and/or SIZE_MAX) bytes for any object. For now,
+ assume all windowing systems have the same limits that X does. */
+ enum
+ {
+ XLIB_BYTES_MAX = min (INT_MAX, UINT_MAX),
+ X_IMAGE_BYTES_MAX = min (XLIB_BYTES_MAX, min (PTRDIFF_MAX, SIZE_MAX))
+ };
+
+ int bitmap_pad, depth, bytes_per_line;
+ if (ximg)
+ {
+ bitmap_pad = ximg->bitmap_pad;
+ depth = ximg->depth;
+ bytes_per_line = ximg->bytes_per_line;
+ }
+ else
+ {
+ bitmap_pad = 8;
+ depth = 1;
+ bytes_per_line = (width >> 3) + ((width & 7) != 0);
+ }
+ return (width <= (INT_MAX - (bitmap_pad - 1)) / depth
+ && height <= X_IMAGE_BYTES_MAX / bytes_per_line);
+}
/* Create an XImage and a pixmap of size WIDTH x HEIGHT for use on
frame F. Set *XIMG and *PIXMAP to the XImage and Pixmap created.
return 0;
}
+ if (! x_check_image_size (*ximg, width, height))
+ {
+ x_destroy_x_image (*ximg);
+ *ximg = NULL;
+ image_error ("Image too large (%dx%d)",
+ make_number (width), make_number (height));
+ return 0;
+ }
+
/* Allocate image raster. */
(*ximg)->data = (char *) xmalloc ((*ximg)->bytes_per_line * height);
palette_colors = 1 << depth - 1;
*ximg = xmalloc (sizeof (XImage) + palette_colors * sizeof (RGBQUAD));
- if (*ximg == NULL)
- {
- image_error ("Unable to allocate memory for XImage", Qnil, Qnil);
- return 0;
- }
header = &(*ximg)->info.bmiHeader;
memset (&(*ximg)->info, 0, sizeof (BITMAPINFO));
DWORD err = GetLastError ();
Lisp_Object errcode;
/* All system errors are < 10000, so the following is safe. */
- XSETINT (errcode, (int) err);
+ XSETINT (errcode, err);
image_error ("Unable to create bitmap, error code %d", errcode, Qnil);
x_destroy_x_image (*ximg);
return 0;
data. */
if (VECTORP (data))
{
- int i;
+ EMACS_INT i;
/* Number of elements of the vector must be >= height. */
if (ASIZE (data) < height)
}
else if (BOOL_VECTOR_P (data))
{
- if (XBOOL_VECTOR (data)->size < width * height)
+ if (XBOOL_VECTOR (data)->size / height < width)
return 0;
}
else
img->pixmap = ns_image_from_XBM (data, img->width, img->height);
#else
- img->pixmap
- = XCreatePixmapFromBitmapData (FRAME_X_DISPLAY (f),
+ img->pixmap =
+ (x_check_image_size (0, img->width, img->height)
+ ? XCreatePixmapFromBitmapData (FRAME_X_DISPLAY (f),
FRAME_X_WINDOW (f),
data,
img->width, img->height,
fg, bg,
- DefaultDepthOfScreen (FRAME_X_SCREEN (f)));
+ DefaultDepthOfScreen (FRAME_X_SCREEN (f)))
+ : NO_PIXMAP);
#endif /* !HAVE_NTGUI && !HAVE_NS */
}
expect ('=');
expect ('{');
+ if (! x_check_image_size (0, *width, *height))
+ {
+ if (!inhibit_image_error)
+ image_error ("Image too large (%dx%d)",
+ make_number (*width), make_number (*height));
+ goto failure;
+ }
bytes_per_line = (*width + 7) / 8 + padding_p;
nbytes = bytes_per_line * *height;
p = *data = (char *) xmalloc (nbytes);
}
success_p = xbm_load_image (f, img, contents, contents + size);
+ xfree (contents);
}
else
{
img->width = XFASTINT (fmt[XBM_WIDTH].value);
img->height = XFASTINT (fmt[XBM_HEIGHT].value);
xassert (img->width > 0 && img->height > 0);
+ if (!check_image_size (f, img->width, img->height))
+ {
+ image_error ("Invalid image size (see `max-image-size')",
+ Qnil, Qnil);
+ return 0;
+ }
}
/* Get foreground and background colors, maybe allocate colors. */
#endif
/* Create the pixmap. */
- Create_Pixmap_From_Bitmap_Data (f, img, bits,
- foreground, background,
- non_default_colors);
+ if (x_check_image_size (0, img->width, img->height))
+ Create_Pixmap_From_Bitmap_Data (f, img, bits,
+ foreground, background,
+ non_default_colors);
+ else
+ img->pixmap = NO_PIXMAP;
+
if (img->pixmap)
success_p = 1;
else
static int
xpm_color_bucket (char *color_name)
{
- unsigned h = 0;
- char *s;
-
- for (s = color_name; *s; ++s)
- h = (h << 2) ^ *s;
- return h %= XPM_COLOR_CACHE_BUCKETS;
+ EMACS_UINT hash = hash_string (color_name, strlen (color_name));
+ return hash % XPM_COLOR_CACHE_BUCKETS;
}
if (bucket < 0)
bucket = xpm_color_bucket (color_name);
- nbytes = sizeof *p + strlen (color_name);
+ nbytes = offsetof (struct xpm_cached_color, name) + strlen (color_name) + 1;
p = (struct xpm_cached_color *) xmalloc (nbytes);
strcpy (p->name, color_name);
p->color = *color;
#endif /* HAVE_XPM || HAVE_NS */
#if defined HAVE_XPM && defined HAVE_X_WINDOWS && !defined USE_GTK
-int
+ptrdiff_t
x_create_bitmap_from_xpm_data (struct frame *f, const char **bits)
{
Display_Info *dpyinfo = FRAME_X_DISPLAY_INFO (f);
- int id, rc;
+ ptrdiff_t id;
+ int rc;
XpmAttributes attrs;
Pixmap bitmap, mask;
/* XPM support functions for NS where libxpm is not available.
Only XPM version 3 (without any extensions) is supported. */
-static int xpm_scan (const unsigned char **, const unsigned char *,
- const unsigned char **, int *);
-static Lisp_Object xpm_make_color_table_v
- (void (**) (Lisp_Object, const unsigned char *, int, Lisp_Object),
- Lisp_Object (**) (Lisp_Object, const unsigned char *, int));
static void xpm_put_color_table_v (Lisp_Object, const unsigned char *,
int, Lisp_Object);
static Lisp_Object xpm_get_color_table_v (Lisp_Object,
const unsigned char *, int);
-static Lisp_Object xpm_make_color_table_h
- (void (**) (Lisp_Object, const unsigned char *, int, Lisp_Object),
- Lisp_Object (**) (Lisp_Object, const unsigned char *, int));
static void xpm_put_color_table_h (Lisp_Object, const unsigned char *,
int, Lisp_Object);
static Lisp_Object xpm_get_color_table_h (Lisp_Object,
const unsigned char *, int);
-static int xpm_str_to_color_key (const char *);
-static int xpm_load_image (struct frame *, struct image *,
- const unsigned char *, const unsigned char *);
/* Tokens returned from xpm_scan. */
xpm_scan (const unsigned char **s,
const unsigned char *end,
const unsigned char **beg,
- int *len)
+ ptrdiff_t *len)
{
int c;
unsigned char buffer[BUFSIZ];
int width, height, x, y;
int num_colors, chars_per_pixel;
- int len, LA1;
+ ptrdiff_t len;
+ int LA1;
void (*put_color_table) (Lisp_Object, const unsigned char *, int, Lisp_Object);
Lisp_Object (*get_color_table) (Lisp_Object, const unsigned char *, int);
Lisp_Object frame, color_symbols, color_table;
goto failure;
}
+ if (!x_create_x_image_and_pixmap (f, width, height, 0,
+ &ximg, &img->pixmap)
+#ifndef HAVE_NS
+ || !x_create_x_image_and_pixmap (f, width, height, 1,
+ &mask_img, &img->mask)
+#endif
+ )
+ {
+ image_error ("Image too large", Qnil, Qnil);
+ goto failure;
+ }
+
expect (',');
XSETFRAME (frame, f);
expect (',');
}
- if (!x_create_x_image_and_pixmap (f, width, height, 0,
- &ximg, &img->pixmap)
-#ifndef HAVE_NS
- || !x_create_x_image_and_pixmap (f, width, height, 1,
- &mask_img, &img->mask)
-#endif
- )
- {
- image_error ("Out of memory (%s)", img->spec, Qnil);
- goto error;
- }
-
for (y = 0; y < height; y++)
{
expect (XPM_TK_STRING);
occurred. *SIZE is set to the size of the file. */
static char *
-pbm_read_file (file, size)
- Lisp_Object file;
- int *size;
+pbm_read_file (Lisp_Object file, int *size)
{
FILE *fp = NULL;
char *buf = NULL;
struct png_memory_storage
{
unsigned char *bytes; /* The data */
- size_t len; /* How big is it? */
- int index; /* Where are we? */
+ ptrdiff_t len; /* How big is it? */
+ ptrdiff_t index; /* Where are we? */
};
{
Lisp_Object file, specified_file;
Lisp_Object specified_data;
- int x, y, i;
+ int x, y;
+ ptrdiff_t i;
XImagePtr ximg, mask_img = NULL;
png_struct *png_ptr = NULL;
png_info *info_ptr = NULL, *end_info = NULL;
fn_png_get_IHDR (png_ptr, info_ptr, &width, &height, &bit_depth, &color_type,
&interlace_type, NULL, NULL);
- if (!check_image_size (f, width, height))
+ if (! (width <= INT_MAX && height <= INT_MAX
+ && check_image_size (f, width, height)))
{
image_error ("Invalid image size (see `max-image-size')", Qnil, Qnil);
goto error;
}
+
+ /* Create the X image and pixmap now, so that the work below can be
+ omitted if the image is too large for X. */
+ if (!x_create_x_image_and_pixmap (f, width, height, 0, &ximg,
+ &img->pixmap))
+ goto error;
+
/* If image contains simply transparency data, we prefer to
construct a clipping mask. */
if (fn_png_get_valid (png_ptr, info_ptr, PNG_INFO_tRNS))
row_bytes = fn_png_get_rowbytes (png_ptr, info_ptr);
/* Allocate memory for the image. */
- pixels = (png_byte *) xmalloc (row_bytes * height * sizeof *pixels);
+ if (min (PTRDIFF_MAX, SIZE_MAX) / sizeof *rows < height
+ || min (PTRDIFF_MAX, SIZE_MAX) / sizeof *pixels / height < row_bytes)
+ memory_full (SIZE_MAX);
+ pixels = (png_byte *) xmalloc (sizeof *pixels * row_bytes * height);
rows = (png_byte **) xmalloc (height * sizeof *rows);
for (i = 0; i < height; ++i)
rows[i] = pixels + i * row_bytes;
fp = NULL;
}
- /* Create the X image and pixmap. */
- if (!x_create_x_image_and_pixmap (f, width, height, 0, &ximg,
- &img->pixmap))
- goto error;
-
/* Create an image and pixmap serving as mask if the PNG image
contains an alpha channel. */
if (channels == 4
for (x = 0; x < width; ++x)
{
- unsigned r, g, b;
+ int r, g, b;
r = *p++ << 8;
g = *p++ << 8;
src = (struct jpeg_stdio_mgr *) cinfo->src;
if (!src->finished)
{
- size_t bytes;
+ ptrdiff_t bytes;
bytes = fread (src->buffer, 1, JPEG_STDIO_BUFFER_SIZE, src->file);
if (bytes > 0)
typedef struct
{
unsigned char *bytes;
- size_t len;
- int index;
+ ptrdiff_t len;
+ ptrdiff_t index;
}
tiff_memory_source;
-static size_t
+static tsize_t
tiff_read_from_memory (thandle_t data, tdata_t buf, tsize_t size)
{
tiff_memory_source *src = (tiff_memory_source *) data;
- if (size > src->len - src->index)
- return (size_t) -1;
+ size = min (size, src->len - src->index);
memcpy (buf, src->bytes + src->index, size);
src->index += size;
return size;
}
-static size_t
+static tsize_t
tiff_write_from_memory (thandle_t data, tdata_t buf, tsize_t size)
{
- return (size_t) -1;
+ return -1;
}
static toff_t
tiff_seek_in_memory (thandle_t data, toff_t off, int whence)
{
tiff_memory_source *src = (tiff_memory_source *) data;
- int idx;
+ ptrdiff_t idx;
switch (whence)
{
}
+static void tiff_handler (const char *, const char *, const char *, va_list)
+ ATTRIBUTE_FORMAT_PRINTF (3, 0);
+static void
+tiff_handler (const char *log_format, const char *title,
+ const char *format, va_list ap)
+{
+ /* doprnt is not suitable here, as TIFF handlers are called from
+ libtiff and are passed arbitrary printf directives. Instead, use
+ vsnprintf, taking care to be portable to nonstandard environments
+ where vsnprintf returns -1 on buffer overflow. Since it's just a
+ log entry, it's OK to truncate it. */
+ char buf[4000];
+ int len = vsnprintf (buf, sizeof buf, format, ap);
+ add_to_log (log_format, build_string (title),
+ make_string (buf, max (0, min (len, sizeof buf - 1))));
+}
+
static void tiff_error_handler (const char *, const char *, va_list)
ATTRIBUTE_FORMAT_PRINTF (2, 0);
static void
tiff_error_handler (const char *title, const char *format, va_list ap)
{
- char buf[512];
- int len;
-
- len = sprintf (buf, "TIFF error: %s ", title);
- vsprintf (buf + len, format, ap);
- add_to_log (buf, Qnil, Qnil);
+ tiff_handler ("TIFF error: %s %s", title, format, ap);
}
static void
tiff_warning_handler (const char *title, const char *format, va_list ap)
{
- char buf[512];
- int len;
-
- len = sprintf (buf, "TIFF warning: %s ", title);
- vsprintf (buf + len, format, ap);
- add_to_log (buf, Qnil, Qnil);
+ tiff_handler ("TIFF warning: %s %s", title, format, ap);
}
memsrc.index = 0;
tiff = fn_TIFFClientOpen ("memory_source", "r", (thandle_t)&memsrc,
- (TIFFReadWriteProc) tiff_read_from_memory,
- (TIFFReadWriteProc) tiff_write_from_memory,
+ tiff_read_from_memory,
+ tiff_write_from_memory,
tiff_seek_in_memory,
tiff_close_memory,
tiff_size_of_memory,
image = image_spec_value (img->spec, QCindex, NULL);
if (INTEGERP (image))
{
- int ino = XFASTINT (image);
- if (!fn_TIFFSetDirectory (tiff, ino))
+ EMACS_INT ino = XFASTINT (image);
+ if (! (TYPE_MINIMUM (tdir_t) <= ino && ino <= TYPE_MAXIMUM (tdir_t)
+ && fn_TIFFSetDirectory (tiff, ino)))
{
image_error ("Invalid image number `%s' in image `%s'",
image, img->spec);
return 0;
}
- buf = (uint32 *) xmalloc (width * height * sizeof *buf);
+ /* Create the X image and pixmap. */
+ if (! (height <= min (PTRDIFF_MAX, SIZE_MAX) / sizeof *buf / width
+ && x_create_x_image_and_pixmap (f, width, height, 0,
+ &ximg, &img->pixmap)))
+ {
+ fn_TIFFClose (tiff);
+ return 0;
+ }
+
+ buf = (uint32 *) xmalloc (sizeof *buf * width * height);
rc = fn_TIFFReadRGBAImage (tiff, width, height, buf, 0);
return 0;
}
- /* Create the X image and pixmap. */
- if (!x_create_x_image_and_pixmap (f, width, height, 0, &ximg, &img->pixmap))
- {
- xfree (buf);
- return 0;
- }
-
/* Initialize the color table. */
init_color_table ();
typedef struct
{
unsigned char *bytes;
- size_t len;
- int index;
+ ptrdiff_t len;
+ ptrdiff_t index;
}
gif_memory_source;
Lisp_Object specified_file = image_spec_value (img->spec, QCfile, NULL);
Lisp_Object specified_data = image_spec_value (img->spec, QCdata, NULL);
unsigned long bgcolor = 0;
- int idx;
+ EMACS_INT idx;
if (NILP (specified_data))
{
img->lisp_data = Qnil;
if (gif->SavedImages[idx].ExtensionBlockCount > 0)
{
- unsigned int delay = 0;
+ int delay = 0;
ExtensionBlock *ext = gif->SavedImages[idx].ExtensionBlocks;
for (i = 0; i < gif->SavedImages[idx].ExtensionBlockCount; i++, ext++)
/* Append (... FUNCTION "BYTES") */
if (delay)
img->lisp_data
= Fcons (Qdelay,
- Fcons (make_float (((double) delay) * 0.01),
+ Fcons (make_float (delay / 100.0),
img->lisp_data));
}
Lisp_Object image;
Lisp_Object value;
Lisp_Object crop;
- long ino;
+ EMACS_INT ino;
int desired_width, desired_height;
double rotation;
- int imagemagick_rendermethod;
+ EMACS_INT imagemagick_rendermethod;
int pixelwidth;
ImageInfo *image_info;
ExceptionInfo *exception;
status = MagickPingImageBlob (ping_wand, contents, size);
}
- if (ino >= MagickGetNumberImages (ping_wand))
+ if (! (0 <= ino && ino < MagickGetNumberImages (ping_wand)))
{
image_error ("Invalid image number `%s' in image `%s'",
image, img->spec);
efficient. */
crop = image_spec_value (img->spec, QCcrop, NULL);
- if (CONSP (crop) && INTEGERP (XCAR (crop)))
+ if (CONSP (crop) && TYPE_RANGED_INTEGERP (size_t, XCAR (crop)))
{
/* After some testing, it seems MagickCropImage is the fastest crop
function in ImageMagick. This crop function seems to do less copying
than the alternatives, but it still reads the entire image into memory
- before croping, which is aparently difficult to avoid when using
+ before cropping, which is apparently difficult to avoid when using
imagemagick. */
- int w, h;
- w = XFASTINT (XCAR (crop));
+ size_t crop_width = XINT (XCAR (crop));
crop = XCDR (crop);
- if (CONSP (crop) && INTEGERP (XCAR (crop)))
+ if (CONSP (crop) && TYPE_RANGED_INTEGERP (size_t, XCAR (crop)))
{
- h = XFASTINT (XCAR (crop));
+ size_t crop_height = XINT (XCAR (crop));
crop = XCDR (crop);
- if (CONSP (crop) && INTEGERP (XCAR (crop)))
+ if (CONSP (crop) && TYPE_RANGED_INTEGERP (ssize_t, XCAR (crop)))
{
- x = XFASTINT (XCAR (crop));
+ ssize_t crop_x = XINT (XCAR (crop));
crop = XCDR (crop);
- if (CONSP (crop) && INTEGERP (XCAR (crop)))
+ if (CONSP (crop) && TYPE_RANGED_INTEGERP (ssize_t, XCAR (crop)))
{
- y = XFASTINT (XCAR (crop));
- MagickCropImage (image_wand, w, h, x, y);
+ ssize_t crop_y = XINT (XCAR (crop));
+ MagickCropImage (image_wand, crop_width, crop_height,
+ crop_x, crop_y);
}
}
}
height = MagickGetImageHeight (image_wand);
width = MagickGetImageWidth (image_wand);
- if (! check_image_size (f, width, height))
+ if (! (width <= INT_MAX && height <= INT_MAX
+ && check_image_size (f, width, height)))
{
image_error ("Invalid image size (see `max-image-size')", Qnil, Qnil);
goto imagemagick_error;
init_color_table ();
imagemagick_rendermethod = (INTEGERP (Vimagemagick_render_type)
- ? XFASTINT (Vimagemagick_render_type) : 0);
+ ? XINT (Vimagemagick_render_type) : 0);
if (imagemagick_rendermethod == 0)
{
+ size_t image_height;
+
/* Try to create a x pixmap to hold the imagemagick pixmap. */
if (!x_create_x_image_and_pixmap (f, width, height, 0,
&ximg, &img->pixmap))
goto imagemagick_error;
}
- for (y = 0; y < (long) MagickGetImageHeight (image_wand); y++)
+ image_height = MagickGetImageHeight (image_wand);
+ for (y = 0; y < image_height; y++)
{
pixels = PixelGetNextIteratorRow (iterator, &width);
if (pixels == (PixelWand **) NULL)
size_t numf = 0;
ExceptionInfo ex;
char **imtypes = GetMagickList ("*", &numf, &ex);
- int i;
+ size_t i;
Lisp_Object Qimagemagicktype;
for (i = 0; i < numf; i++)
{
{
for (x = 0; x < width; ++x)
{
- unsigned red;
- unsigned green;
- unsigned blue;
- unsigned opacity;
+ int red;
+ int green;
+ int blue;
+ int opacity;
red = *pixels++;
green = *pixels++;
static int
gs_load (struct frame *f, struct image *img)
{
- char buffer[100];
+ uprintmax_t printnum1, printnum2;
+ char buffer[sizeof " " + INT_STRLEN_BOUND (printmax_t)];
Lisp_Object window_and_pixmap_id = Qnil, loader, pt_height, pt_width;
Lisp_Object frame;
double in_width, in_height;
info. */
pt_width = image_spec_value (img->spec, QCpt_width, NULL);
in_width = INTEGERP (pt_width) ? XFASTINT (pt_width) / 72.0 : 0;
- img->width = in_width * FRAME_X_DISPLAY_INFO (f)->resx;
+ in_width *= FRAME_X_DISPLAY_INFO (f)->resx;
pt_height = image_spec_value (img->spec, QCpt_height, NULL);
in_height = INTEGERP (pt_height) ? XFASTINT (pt_height) / 72.0 : 0;
- img->height = in_height * FRAME_X_DISPLAY_INFO (f)->resy;
+ in_height *= FRAME_X_DISPLAY_INFO (f)->resy;
- if (!check_image_size (f, img->width, img->height))
+ if (! (in_width <= INT_MAX && in_height <= INT_MAX
+ && check_image_size (f, in_width, in_height)))
{
image_error ("Invalid image size (see `max-image-size')", Qnil, Qnil);
return 0;
}
+ img->width = in_width;
+ img->height = in_height;
/* Create the pixmap. */
xassert (img->pixmap == NO_PIXMAP);
- /* Only W32 version did BLOCK_INPUT here. ++kfs */
- BLOCK_INPUT;
- img->pixmap = XCreatePixmap (FRAME_X_DISPLAY (f), FRAME_X_WINDOW (f),
- img->width, img->height,
- DefaultDepthOfScreen (FRAME_X_SCREEN (f)));
- UNBLOCK_INPUT;
+ if (x_check_image_size (0, img->width, img->height))
+ {
+ /* Only W32 version did BLOCK_INPUT here. ++kfs */
+ BLOCK_INPUT;
+ img->pixmap = XCreatePixmap (FRAME_X_DISPLAY (f), FRAME_X_WINDOW (f),
+ img->width, img->height,
+ DefaultDepthOfScreen (FRAME_X_SCREEN (f)));
+ UNBLOCK_INPUT;
+ }
if (!img->pixmap)
{
if successful. We do not record_unwind_protect here because
other places in redisplay like calling window scroll functions
don't either. Let the Lisp loader use `unwind-protect' instead. */
- sprintf (buffer, "%lu %lu",
- (unsigned long) FRAME_X_WINDOW (f),
- (unsigned long) img->pixmap);
+ printnum1 = FRAME_X_WINDOW (f);
+ printnum2 = img->pixmap;
+ sprintf (buffer, "%"pMu" %"pMu, printnum1, printnum2);
window_and_pixmap_id = build_string (buffer);
- sprintf (buffer, "%lu %lu",
- FRAME_FOREGROUND_PIXEL (f),
- FRAME_BACKGROUND_PIXEL (f));
+ printnum1 = FRAME_FOREGROUND_PIXEL (f);
+ printnum2 = FRAME_BACKGROUND_PIXEL (f);
+ sprintf (buffer, "%"pMu" %"pMu, printnum1, printnum2);
pixel_colors = build_string (buffer);
XSETFRAME (frame, f);
x_kill_gs_process (Pixmap pixmap, struct frame *f)
{
struct image_cache *c = FRAME_IMAGE_CACHE (f);
- int class, i;
+ int class;
+ ptrdiff_t i;
struct image *img;
/* Find the image containing PIXMAP. */
DEFUN ("lookup-image", Flookup_image, Slookup_image, 1, 1, 0, "")
(Lisp_Object spec)
{
- int id = -1;
+ ptrdiff_t id = -1;
if (valid_image_p (spec))
id = lookup_image (SELECTED_FRAME (), spec);