| Age | Commit message (Collapse) | Author |
|---|
|
|
|
And 'tofumax' to build without even the base14 PDF fonts.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
A lot of EPUB pool allocated data is much smaller than the default size,
leading to a lot of wasted memory.
|
|
|
|
|
|
The bug reports a buffer overflow, but after that was fixed this leak
was reported by ASAN.
|
|
Opening in append mode was used before commit
c4d3a9142761a567fce9f66946a917e087c0de67
when the same file was reopened multiple times for formats that
support it. Nowadays the files is only opened once anyway so there
is no reason to use append mode.
|
|
|
|
This will allow us to read and write documents using I/O written
in Java, exposed by SeekableInputStream and SeekableOutputStream.
We supply an example FileStream which implements seekable streams
backed by a RandomAccessFile.
|
|
|
|
|
|
If fz_new_pixmap_with_bbox() threw conv would be NULL and temp would
be pointing to a pixmap that would be dropped 2 times.
If fz_clone_pixmap_area_with_different_seps() threw temp and conv
would be pointing to the same pixmap that would be dropped 3 times.
|
|
Without this change future calls to fz_fin_cached_color_converter()
will try to dereference the already freed pointer.
|
|
Without this change a resized cmap splay tree leads to using stale pointers.
|
|
|
|
Thanks to oss-fuzz for reporting this.
|
|
|
|
|
|
|
|
|
|
An earlier commit changed the mode used to open a file for saving so that
it could also be read from. The mode used was rb+ independently of whether
the saving mode was incremental or not. Doing so neglected that for
non-incemental saves the file may not already exist in which case opening
rb+ will fail. This commit arranges that wb+ is used in the non-incremental
case.
|
|
|
|
Don't output linewidth as mitrerlimit. This confuses Acrobat.
|
|
Thanks to oss-fuzz for reporting this.
|
|
Thanks to oss-fuzz for reporting this.
|
|
Thanks to malc for spotting this.
|
|
Because of the structure of openssl's signature checking, we temporarily
permit certain errors in the certificate trust stage, so that openssl will
continue onto the digest check. That way we can detect special error cases
such as the only failure being that a self-signed certificate is present.
This commit misses out one of the cases we'd missed.
|
|
|
|
Previously, signature verification worked only for file-based documents
and the file path had to be passed into the verification function.
|
|
This change achieves two goals. It allows signing to be performed even
when the document is obtained other than from a disk file. It also
reestablishes to a working state signing of file-based documents, a feature
that was broken due to complete_signatures being called after certain
tables, avaialble via the output options object, had been destroyed.
|
|
This provides a way for some output streams to also be read, a feature
needed for the sake of document signing. Currently this is supported only
for file output.
|
|
We'd neglected to specify binary mode when opening the file. Possibly
this affected only running under Windows.
|
|
Reinstate the separate consideration of errors relating to the
certificate trust checking phase.
Remove the key-usage records from the certificate before signature
verification. This is done so that openssl will recognise self
signed cerificates. openssl doesn't consider them as such when
the key usage doesn't include certificate signing.
|
|
The openssl-version check within Makerules has been updated to
ensure we include signature support only when 1.0.1u or later is
available. 1.0.1u is the version at which the API changes which
necessitated this commit were introduced.
|
|
|
|
Do not throw an exception, just ignore the faulty color profile.
|
|
Without deleteing it the local reference table may overflow.
|
|
|
|
The lock checking functions are always enabled in debug mode, but
since they are not thread safe they may not be used in a
multi-threaded application. Multi-threaded applications are
required to set their own locking functions so the lock checking
functions should only be run if the default locking functions
are in use.
|
|
|
|
|
|
Once a stream has thrown an exception or reached EOF,
don't allow further reading.
The EOF flag is reset when fz_seek is invoked.
|
|
|
|
The subarea rect used for lookups could mismatch the subarea returned
by the get_pixmap function due to adjusting to whole bytes. Refactor
and use a common subarea adjustment function.
Many image formats which do not support subarea tiles will decode
and cache the full image, so if a subarea tile cannot be found,
look for the full image tile as well.
|
