Age | Commit message (Collapse) | Author |
|
MuPDF may attempt to load a page but fail to do so, e.g. due to
a circular page tree. When this happens the page will never be
introduced into the document's list of pages. Its next and prev
pointers are both NULL, but the code in fz_drop_page() falsely
assumed that the prev pointer was always set.
Thanks to oss-fuzz for reporting.
|
|
Keep a list of currently open pages for each document. Attempting to
load a page that is already loaded will return the same instance again.
|
|
There is a regression for 2325_-_JPX_image_with_padding_rejected.pdf.
Object 3 in that document is a JPX-encoded image. Its EOC marker is
preceded by two extra bytes of data, 0x80 0x80. This makes the file
broken according to the JPEG 2000 specification.
Acrobat Reader and the Kakadu JPX decoder accepts this file without
issues, so OpenJPEG 2.1.0 added code to fix this (bug 226, commit
005e75bdc). That fix detects exactly two bytes of 0x80 0x80, a rather
brittle fix. Adding more padding or changing the padding byte values
is not accepted. Adding more padding is acceptable to Acrobat Reader
and Kakadu. An unrelated fix for another problem has since broken
OpenJPEG's support for this broken image.
|
|
|
|
The upsampling code in the JPX decode attempted to guess a
suitable upsampling factor. The guessed factor was wrong,
causing writes of samples outside of the decoded image buffer.
Simply limiting the coordinates to the image buffer would
not suffice because the factor was wrong for every upsampled
row of pixels. openjpeg does provide an upsampling factor,
so use that instead and also take the component offsets into
account when decoding components into the pixmap. Combined
this resolves the issue that previously triggered ASAN.
Thanks to oss-fuzz for reporting.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
This makes it possible to change the colorspace when encountering
ICC colorspaces.
|
|
|
|
|
|
|
|
|
|
|
|
fz_open_jbig2d() is called at two locations in MuPDF. At one
location a reference to the JBIG2 globals struct was taken before
passing it to fz_open_jbig2d(). At the other location no such
reference was taken, but rather ownership of the struct was
implicitly transferred to fz_open_jbig2d(). This inconsistency
led to a leak of the globals struct at the first location.
Now, passing a JBIG2 globals struct to fz_open_jbig2d() never
implictly takes ownership. Instead the JBIG2 stream will take a
reference if it needs it and drops it in case of error. As usual
it is the callers responsibility to drop the reference to the
globals struct it owns.
|
|
When painting images using interpolation 16.16 fixpoint
arithmetics is used. This limits the width/height of any
image that can be painted to 32767. There was no size check,
so large images caused overflow and subsequent out of bounds
accesses which triggered MSAN. This c
Thanks to oss-fuzz for reporting.
|
|
Previously this would result in trying to dereference a NULL pointer.
Thanks to oss-fuzz for reporting.
|
|
This was used to prevent infinite cycles in the Type3 font CharProcs,
but the previous commits forbids all cycles in order to prevent memory
leaks due to cyclic reference counts.
|
|
There were two issues with the code parsing the triangle mesh's
edge flags:
* meshes were not require to start with an independent triangle
* out of range edge flags caused vertices to be ignored
A mesh where the edge flag of the first vertice is out of range,
and the edge flag of the second vertex indicates continuation
of a prior triangle would result in trying to create a triangle
where the third coordinate would be uninitialized.
This commit requires the edge flag of the first vertex to indicate
a new independent triangle and if out of range edge flags are
encountered they are treated as if they indicate a new triangle.
Thanks to oss-fuzz for reporting.
|
|
When fz_draw_clip_image_mask() calls fz_get_pixmap_from_image()
may throw an exception, in this case beacuse a predicted image
has an unsupported number of components (1, 2, 4, 8 and 16 are
supported, but 6 is not). When this happens the recently pushed
stack element is never popped, which later trips an assert() in
fz_draw_end_group() at a later stage.
By moving the call to fz_get_pixmap_from_image() inside fz_try
the stack will be popped, thus avoiding triggering the assert().
This also requires the pixmap variable to be fz_var()ed because
it changes inside the fz_try-block.
|
|
|
|
Follow bin2coff layout for hexdumped data instead of trying to emulate
the objcopy layout (which seems to break for the android tools).
Only use the basename of the resource in hexdump / bin2coff.
Ifdef on HAVE_OBJCOPY instead of _WIN32.
|
|
Use separate functions to keep the code simpler.
Use memmem to simplify and optimize search for 'endstream' token.
Do not look for 'endobj' since that could cause a false positives in
compressed object streams that have duff lengths.
|
|
|
|
|
|
|
|
|
|
Always look for the "endstream" marker after a PDF stream to see
if we've hit the end. Allow for "endobj" to cope with producers
that omit endstream entirely.
Avoid slowing down legal files by only checking for the end marker
after the specified length has been read.
|
|
|
|
Create a matrix that transforms a page with resolution and rotation,
and grid fits the resulting bounding box.
|
|
|
|
|
|
|
|
Several things irk me about passing values as const pointers:
* They can be NULL, which is not a valid value.
* They require explicit temporary variables for storage.
* They don't compose easily in a legible manner, requiring
weird pointer passing semantics where the variable being assigned
is hidden as an argument in the innermost function call.
* We can't change the value through the pointer, requiring yet more
local variables to hold copies of the input value.
In the device interface where we pass a matrix to a function, we often
find ourselves making a local copy of the matrix so we can concatenate
other transforms to it. This copying is a lot of unnecessary busywork
that I hope to eventually avoid by laying the groundwork with this
commit.
This is a rather large API change, so I apologize for the inconvenience,
but I hope the end result and gain in legibility will be worth the pain.
|
|
|
|
Updates the input point coordinates, and also returns a quad with
appropriate UI handles.
|
|
|
|
The Dingbats and Symbol fonts have not been changed.
|
|
|
|
|
|
|
|
|
|
Do not cache PDF fonts, since they have custom metrics and encodings that
cannot be shared. This is primarily to speed up font loading for EPUB, PDF
appearance synthesis, and any other uses of default metrics and unicode
encoded fonts.
|
|
|
|
This is the windows equivalent of objcopy or ld -r binary.
We need different bin2coff font object files for 32 and 64 bit builds,
so put the font object files in AdditionalDependencies.
Revamp Windows builds to use bin2coff.
Fix bin2coff to not use '-' in symbol names.
Add a new project file to make bin2coff.
Add a .rules file to tell MSVC how to call the built version of bin2coff.
Update libresources build to use this rules file.
Update noto.c to correctly find the symbols we make.
|
|
|
|
|