| Age | Commit message (Collapse) | Author |
|---|
|
Simple patch to replace const char * with char *. I made the patch
myself, but I suspect it's extremely close to the one submitted
by Evgeniy A Dushistov, who reported the bug - many thanks!
|
|
While investigating samples_mupdf_001/2599.pdf.asan.58.1778, a leak
showed up while cleaning the file, due to not dropping an object in
an error case.
mutool clean -dif samples_mupdf_001/2599.pdf.asan.58.1778 leak.pdf
Simple Fix. Also extend PDF writing so that it can cope with skipping
errors so we at least get something out at the end.
Problem found in a test file supplied by Mateusz "j00ru" Jurczyk and
Gynvael Coldwind of the Google Security Team using Address Sanitizer.
Many thanks!
|
|
Two problems with tiling are fixed here.
Firstly, if the tiling bounds are huge, the 'patch' region (the region
we are writing into), can overflow, causing a SEGV due to the paint code
being very confused by pixmaps that go from just under INT_MAX to just
over INT_MIN. Fix this by checking explicitly for overflow in these
bounds.
If the tiles are stupidly huge, but the scissor is small, we can end up
looping many more times than we need to. We fix mapping the scissor
region back through the inverse transform, and intersecting this
with the pattern area.
Problem found in 4201.pdf.SIGSEGV.622.3560, a test file supplied by
Mateusz "j00ru" Jurczyk and Gynvael Coldwind of the Google Security
Team using Address Sanitizer. Many thanks!
|
|
When calculating the bbox for draw_glyph, if the x and y origins of
the glyph are extreme (too large to fit in an int), we get overflows
of the bbox; empty bboxes are transformed to large ones.
The fix is to introduce an fz_translate_bbox function that checks for
such things.
Also, we update various bbox/rect functions to check for empty bboxes
before they check for infinite ones (as a bbox of x0=0 x1=0 y0=0 y1=-1
will be detected both as infinite and empty).
Problem found in 2485.pdf.SIGSEGV.2a.1652, a test file supplied by
Mateusz "j00ru" Jurczyk and Gynvael Coldwind of the Google Security
Team using Address Sanitizer. Many thanks!
|
|
Whenever we have an error while pushing a gstate, we run the risk of
getting confused over how many pops we need etc.
With this commit we introduce some checking at the dev_null level that
attempts to make this behaviour consistent.
Any caller may now assume that calling an operation that pushes a clip
will always succeed. This means the only error cleanup they need to
do is to ensure that if they have pushed a clip (or begun a group, or
a mask etc) is to pop it too.
Any callee may now assume that if it throws an error during the call
to a device entrypoint that would create a group/clip/mask then no more
calls will be forthcoming until after the caller has completely finished
with that group.
This is achieved by the dev_null layer (the layer that indirects from
device calls through the device structure to the function pointers)
swallowing errors and regurgitating them later as required. A count is
kept of the number of pushes that have happened since an error
occurred during a push (including that initial one). When this count
reaches zero, the original error is regurgitated. This allows the
caller to keep the cookie correctly updated.
|
|
Throwing from within the always block is bad practice, but attempt
to cope with it gracefully.
|
|
Thanks to zeniko for these.
Use otf as extension for opentype fonts.
fz_clampi should take ints, not floats!
Fix typo in prototype.
Squash unwanted warning.
Remove magic number in favour of #define.
Reset generation numbers when renumbering.
|
|
|
|
|
|
|
|
|
|
|
|
Regenerate dirty appearance streams and report changed annotations since
last call.
Also include a partial revert of changes in 96f335bc, that turn out not
to be necessary.
fz_update_page must now be called between each document-changing event and
the next render. pdfapp.c and the android app have been updated to do so,
but do not yet take advantage of the possibility to render only the updated
areas of the screen.
|
|
|
|
Only Fade, Wipe and Blinds supported so far.
Hit 'p' in the viewer to go into 'presentation' mode. Page swaps
then transition from page to page. Pages auto advance until key
or mouse is used.
|
|
Also add a function to report whether the core has javascript support,
so that the additional features can be enabled only when the javascript
engine is present
|
|
|
|
|
|
app.execDialog looks very difficult to support. Hopefully we wont have to
|
|
The name of the menu item is passed, so presumably the app could respond
to some of the possibilities.
|
|
|
|
|
|
Conflicts:
pdf/pdf_xref_aux.c
|
|
|
|
Conflicts:
cbz/mucbz.c
pdf/pdf_parse.c
pdf/pdf_form.c
xps/xps_zip.c
|
|
Use a "magic" string for filetype detection: filename or mime-type.
|
|
Mountian Lion causes various different warnings to be given,
possibly because a change to clang by default. Fix them here.
|
|
|
|
Conflicts:
Makefile
apps/mudraw.c
pdf/pdf_write.c
win32/libmupdf-v8.vcproj
|
|
Rather than specifically checking for the nesting getting too deep and
hence throwing an error, the error handling should do this for itself.
Make it so that we spot the depth being too great in the fz_try() and
throw to the fz_catch().
|
|
Previously we would run out of error stacks in the context and fail abruptly.
Now, throw an exception and hope for the best. At least this plugs any memory
leaks.
|
|
|
|
|
|
Conflicts:
pdf/mupdf-internal.h
pdf/pdf_font.c
|
|
|
|
|
|
Now reusing the internal representation of an annotation for widgets
to avoid two separate lists
|
|
|
|
|
|
Instead of using macros for min/max/abs/clamp, we move to using
inline functions. These are more typesafe, and should produce
equivalent code on compilers that support inline (i.e. pretty much
everything we care about these days).
People can always do their own macro versions if they prefer.
|
|
Rather than having a dedicated call to enumerate the rectangles for the
annotations on a page, add an interface for enumerating annotations
with accessor functions. Currently the only accessor function is
the one to get the annotation rectangle.
Use this new scheme in place of fz_bound_annots within mudraw.
Also use this scheme to set the caret cursor in the viewer when over
a data field.
|
|
We add a new fz_bound_annots function (and associated pdf_bound_annots
function) that calls a given callback with the page rectangle of the
annotations on a given page. This is marked as being a 'temporary'
function, so we can remove it/change it in future if required. It
seems likely that we'll want to have some sort of 'iterate over
annotations' function eventually, and this does the job for now.
Add a -j flag to mudraw that outputs a simple mujstest script.
For each page with annotations, the script jumps to that page, then
for each annotation on the page, it sets some text to be entered,
and clicks the annotation. In the case of text fields, this will cause
the text to be entered into that text field; in the case of buttons
it will execute the button.
At the end of each page with annotations, the script is told to
snapshot the page.
These test scripts are not designed to be full tests, but they do
at least provide an easy way for us to generate scripts where
every field in our test suite is interacted with.
|
|
Conflicts:
fitz/fitz-internal.h
fitz/stm_buffer.c
pdf/mupdf-internal.h
|
|
|
|
Previously we used to have a special case hack in for MacOS. Now
we call sigsetjmp/siglongjmp on all platforms that define __unix.
(i.e. pretty much all of them except windows).
|
|
The file supplied with the bug contains corrupt jpeg data on page
61. This causes an error to be thrown which results in mudraw
exiting.
Previously, when image decode was done at loading time, the error
would have been thrown under the pdf interpreter rather than under
the display list renderer. This error would have been caught, a
warning given, and the program would have continued. This is not
ideal behaviour, as there is no way for a caller to know that there
was a problem, and that the image is potentially incomplete.
The solution adopted here, solves both these problems. The fz_cookie
structure is expanded to include a 'errors' count. Whenever we meet
an error during rendering, we increment the 'errors' count, and
continue.
This enables applications to spot the errors count being non-zero on
exit and to display a warning.
mupdf is updated here to pass a cookie in and to check the error count
at the end; if it is found to be non zero, then a warning is given (just
once per visit to each page) to say that the page may have errors on it.
|
|
Conflicts:
fitz/doc_document.c
fitz/fitz-internal.h
fitz/fitz.h
fitz/stm_buffer.c
pdf/mupdf-internal.h
pdf/pdf_object.c
pdf/pdf_xobject.c
pdf/pdf_xref.c
win32/mupdf.sln
|
|
|
|
Extend mupdfclean to have a new -l file that writes the file
linearized. This should still be considered experimental
When writing a pdf file, analyse object use, flatten resource use,
reorder the objects, generate a hintstream and output with linearisaton
parameters.
This is enough for Acrobat to accept the file as being optimised
for Fast Web View. We ought to add more tables to the hintstream
in some cases, but I doubt anyone actually uses it, the spec is so
badly written. Certainly acrobat accepts the file as being optimised
for 'Fast Web View'.
Update fz_dict_put to allow for us adding a reference to the dictionary
that is the sole owner of that reference already (i.e. don't drop then
keep something that has a reference count of just 1).
Update pdf_load_image_stream to use the stm_buf from the xref if there
is one.
Update pdf_close_document to discard any stm_bufs it may be holding.
Update fz_dict_put to be pdf_dict_put - this was missed in a renaming
ages ago and has been inconsistent since.
|
|
When including fitz.h from C++ files, we must not alter the definition
of inline, as it may upset code that follows it. We only alter the
definition to enable it if it's available, and it's always available
in C++ - so simply avoiding changing it in the C++ case gives us what
we want.
|
