summaryrefslogtreecommitdiff
path: root/source/pdf/pdf-cmap.c
AgeCommit message (Collapse)Author
2018-08-10Bug 699629: Avoid referencing stale/moved nodes in CMap splay tree.Sebastian Rasmussen
Thanks to oss-fuzz for reporting.
2018-08-10Bug 699627: Ignore CMap input ranges outside of input codespaces.Sebastian Rasmussen
Thanks to oss-fuzz for reporting.
2018-08-10Implement check for range overlap between cmap splay tree nodes.Sebastian Rasmussen
2018-01-24Bug 698883: Reset cmap splay tree pointer, handling resized tree.Sebastian Rasmussen
Without this change a resized cmap splay tree leads to using stale pointers.
2018-01-24Assert node range conditions when checking cmap splay trees.Sebastian Rasmussen
2018-01-24Bug 698888: Keep one-to-many state when splitting nodes in cmap splay trees.Sebastian Rasmussen
Thanks to oss-fuzz for reporting this.
2017-07-03Don't leak cmap->tree if we abort cmap loading before sort.Robin Watts
2017-05-09Fix leak of dictionary in CMAP.Robin Watts
2017-04-27Include required system headers.Tor Andersson
2017-04-18Use splay trees for loading/merging cmaps.Robin Watts
This allows for overlaps, merges adjacent (mergeable) ranges and gets us properly searchable results. This causes 1 diff in the test suites (Bug694353.pdf), which is due to the fallback font not having a hypen present at UCS 0x2010.
2017-01-09Remove some dead code.Tor Andersson
2016-10-18Avoid checking argument to fz_drop_*()/fz_free().Sebastian Rasmussen
As fz_drop_*()/fz_free() all must handle NULL.
2016-02-22Remove pointless casts from void*.Tor Andersson
Extraneous explicit type casts can mask errors, especially if a function prototype or return value changes in the future.
2015-02-17Rename fz_close_* and fz_free_* to fz_drop_*.Tor Andersson
Rename fz_close to fz_drop_stream. Rename fz_close_archive to fz_drop_archive. Rename fz_close_output to fz_drop_output. Rename fz_free_* to fz_drop_*. Rename pdf_free_* to pdf_drop_*. Rename xps_free_* to xps_drop_*.
2014-05-13Fix signedness in cmap interface.Tor Andersson
2014-05-10Fix 694698: Support 32-bit values in CMaps.Tor Andersson
Increasing the existing data structure to 32-bit values would bloat the data tables too much. Simplify the data structure and use three separate range tables for lookups -- one with small 16-bit to 16-bit range lookups, one with 32-bit range lookups, and a final one for one-to-many lookups. This loses the range-to-table optimization we had before, but even with the extra ranges this necessitates, the total size of the compiled binary CMap data is smaller than if we were to extend the previous scheme to 32 bits.
2014-01-22Handle cmap table overflow gracefully in range-to-table mappings.Tor Andersson
2014-01-21Bug 694900: Avoid valgrind problems when cmap tables fill up.Robin Watts
The test file on this bug: de53b4bd41191f02d01a3c39b4880fa8_asan_heap-oob_caba3c_9561_7427.pdf includes a corrupt CMAP. When this is read into memory it produces a CMAP where the table gets too large. This produces lots of warnings from 'add_table', but the calls to add_table all assume that the process completed fine, resulting in range entries being added that point to nonexistent values. The fix is to make add_table return a bool to indicate success or failure, and to only add range entries if the add_table succeeds. Thanks to Mateusz Jurczyk and Gynvael Coldwind of the Google Security Team for providing the example files.
2013-11-28Bug 694127: Valgrind fix for pdf_decode_cmapRobin Watts
A poorly formed string can cause us to overrun the end of the buffer. Now we check the end of the string at each stage to avoid this.
2013-06-20Rearrange source files.Tor Andersson