summaryrefslogtreecommitdiff
path: root/source
AgeCommit message (Collapse)Author
2018-09-21Regularize language and script names.Tor Andersson
Drop the unused 'serif' argument to the CJK lookup functions. Use the BCP 47 names for CJK scripts and languages: zh-Hant for traditional Chinese, zh-Hans for simplified Chinese, ja for Japanese, ko for Korean. The lookup function also allows commonly used language+country codes: zh-TW and zh-HK for traditional Chinese, zh-CN for simplified Chinese.
2018-09-20Be consistent in use of #if FZ_ENABLE_...Robin Watts
Using #ifdef FZ_ENABLE_ means we build code in, even if we have defined FZ_ENABLE_WHATEVER to be 0 (as we do in config.h).
2018-09-20Bug 699798: Avoid removing page from list if page was not loaded.Sebastian Rasmussen
MuPDF may attempt to load a page but fail to do so, e.g. due to a circular page tree. When this happens the page will never be introduced into the document's list of pages. Its next and prev pointers are both NULL, but the code in fz_drop_page() falsely assumed that the prev pointer was always set. Thanks to oss-fuzz for reporting.
2018-09-19Add accessor for field text label.Tor Andersson
2018-09-19Make fz_page objects singleton.Tor Andersson
Keep a list of currently open pages for each document. Attempting to load a page that is already loaded will return the same instance again.
2018-09-19Fix warning.Tor Andersson
2018-09-19Update to OpenJPEG 2.3.0.Sebastian Rasmussen
There is a regression for 2325_-_JPX_image_with_padding_rejected.pdf. Object 3 in that document is a JPX-encoded image. Its EOC marker is preceded by two extra bytes of data, 0x80 0x80. This makes the file broken according to the JPEG 2000 specification. Acrobat Reader and the Kakadu JPX decoder accepts this file without issues, so OpenJPEG 2.1.0 added code to fix this (bug 226, commit 005e75bdc). That fix detects exactly two bytes of 0x80 0x80, a rather brittle fix. Adding more padding or changing the padding byte values is not accepted. Adding more padding is acceptable to Acrobat Reader and Kakadu. An unrelated fix for another problem has since broken OpenJPEG's support for this broken image.
2018-09-16GPROOF: Move away from unlink to remove.Robin Watts
This removes the need for unistd.h, which isn't around on VS2005. Also remove unused variable.
2018-09-13jpx: Handle ICC color profiles.Sebastian Rasmussen
2018-09-13Bug 699769: Fix bugs in upsampling code for JPX images.Sebastian Rasmussen
The upsampling code in the JPX decode attempted to guess a suitable upsampling factor. The guessed factor was wrong, causing writes of samples outside of the decoded image buffer. Simply limiting the coordinates to the image buffer would not suffice because the factor was wrong for every upsampled row of pixels. openjpeg does provide an upsampling factor, so use that instead and also take the component offsets into account when decoding components into the pixmap. Combined this resolves the issue that previously triggered ASAN. Thanks to oss-fuzz for reporting.
2018-09-13Bug 699768: Drop default colorspaces even if page transformation fails.Sebastian Rasmussen
pdf_page_transform() may throw due to a cycle in the page tree. When this happened mupdf would previously forget to drop the default colorspaces obtained, after this commit they are dropped. Thanks to oss-fuzz for reporting.
2018-09-13Make naming of effective overprint argument consistent.Sebastian Rasmussen
2018-09-13Bug 699750: Check for overprinting correctly.Sebastian Rasmussen
2018-09-12Set the profile BGR flag for non-default ICC colorspaces too.Sebastian Rasmussen
2018-09-07Bug 699743: Pop clip upon error when flushing text.Sebastian Rasmussen
Not popping causes assert to be triggered in fz_draw_end_group().
2018-09-06Bug 699723: Free alternative colorspace upon error when loading ICC colorspace.Sebastian Rasmussen
2018-09-06Fix typo in size field of ICC profile colorspace.Sebastian Rasmussen
2018-09-06Bug 699717: Pop clip even in case of error.Sebastian Rasmussen
Not popping causes assert to be triggered in fz_draw_end_group().
2018-09-05Take colorspace name from ICC profile.Sebastian Rasmussen
2018-09-05Bug 699715: Support embedded ICC color profiles in GIF.Sebastian Rasmussen
2018-09-05When decoding GIF, move pixmap into struct so it can be changed.Sebastian Rasmussen
This makes it possible to change the colorspace when encountering ICC colorspaces.
2018-09-05Bug 699702: Handle ICC profiles split into multiple APP-markers.Sebastian Rasmussen
2018-09-05Add missing fz_var declarations.Tor Andersson
2018-09-05Add fz_new_stext_page_from_annot utility function.Tor Andersson
2018-09-05Use colorspace type enum instead of magic profile names.Tor Andersson
2018-09-05mutool run: Pass script path and arguments as scriptPath and scriptArgs.Tor Andersson
2018-09-04Fix 699177: Don't clamp line width to 1 after scaling by matrix expansion.Tor Andersson
2018-09-04Check for missing filename when saving gproof.Sebastian Rasmussen
2018-09-04Fix string handling when using gproof files.Sebastian Rasmussen
2018-09-04Add -dSAFER to gs calls in gproof.Michael Vrhel
Unlikely that this could be an issue, but lets add it for safety.
2018-09-04Fix bit rot in gproof support.Michael Vrhel
2018-08-30When unrecoverable errors occur on a page, at least print them.Sebastian Rasmussen
Previously there was no visibility as to what the error was.
2018-08-30Bug 699695: Remember to end groups/softmasks even upon exception.Sebastian Rasmussen
fz_fill_path() may throw an exception halfway through pdf_show_path(), which in this case would not attempt to end any begun groups or softmasks. This led to e.g. leaks of pixmaps held by a group that was never ended. Moving the cleanup to the always block is not foolproof because the cleanup code itself may also throw exceptions, hence preventing the end of the fz_always block from being executed. This commit does put pdf_show_path() in the same situation as pdf_run_xobject() that has the same problem with its cleanup code. Thanks to oss-fuzz for reporting.
2018-08-30Bug 699694: Fix reference counting for JBIG2 globals.Sebastian Rasmussen
fz_open_jbig2d() is called at two locations in MuPDF. At one location a reference to the JBIG2 globals struct was taken before passing it to fz_open_jbig2d(). At the other location no such reference was taken, but rather ownership of the struct was implicitly transferred to fz_open_jbig2d(). This inconsistency led to a leak of the globals struct at the first location. Now, passing a JBIG2 globals struct to fz_open_jbig2d() never implictly takes ownership. Instead the JBIG2 stream will take a reference if it needs it and drops it in case of error. As usual it is the callers responsibility to drop the reference to the globals struct it owns.
2018-08-30Remove unreachable code.Sebastian Rasmussen
JBIG2 images are detected by build_compression_params() and then always passed to fz_open_image_decomp_stream() by build_filter(). Therefore there is no chance for build_filter() at a later stage to detect JBIG2 images, and so that check can be removed.
2018-08-30Remember type of exception upon error while running xobjects.Sebastian Rasmussen
2018-08-28Bug 699683: Skip painting too large images when using interpolation.Tor Andersson
When painting images using interpolation 16.16 fixpoint arithmetics is used. This limits the width/height of any image that can be painted to 32767. There was no size check, so large images caused overflow and subsequent out of bounds accesses which triggered MSAN. This c Thanks to oss-fuzz for reporting.
2018-08-28Bug 699675: Handle lack of default colorspaces when rendering type 3 font glyph.Sebastian Rasmussen
Previously this would result in trying to dereference a NULL pointer. Thanks to oss-fuzz for reporting.
2018-08-28Bug 699672: Handle out of bounds pointer to previous xref.Sebastian Rasmussen
Previously a value of 0 would cause the document not to be rendered.
2018-08-28Avoid use of fixed size buffers for the digest when document signingPaul Gardiner
The signer object now has an extra method that informs the caller of the maximum size the digest might be. This is used to allocate space for the digest within the file and to size some of the buffers used in the code. The openssl-based inplementation of the signer object has been updated to perform a test digest generation so as to find the size needed. We believe that the digest size is indendent of the hashed data.
2018-08-28Truncate name tokens that are too long.Tor Andersson
2018-08-23Honour the read-only form-field flag.Paul Gardiner
Avoid pdf_pass_event interacting with widgets that have the read-only field set.
2018-08-22Bug 699667: Remember to update gstate pointers when showing patterns.Sebastian Rasmussen
pdf_show_pattern() may resize the pdf run processors gstate array. In doing so any pointers to it saved by called will become stale. Similarly to pdf_begin_group() pdf_show_pattern() now returns the updated pointer to the top of the gstate stack. For the same reason pdf_show_pattern() can not be given a pointer to a gstate stack entry and continue using it after the gstate array has been resized. So, have pdf_show_pattern() take an index to the desired state instead.
2018-08-22Plug leak of buffer when button widgets are ignored.Sebastian Rasmussen
The leak was triggered by the PDF from 699576, but this commit does not fully fix that bug.
2018-08-22Remove the old 'nested depth' tracking.Tor Andersson
This was used to prevent infinite cycles in the Type3 font CharProcs, but the previous commits forbids all cycles in order to prevent memory leaks due to cyclic reference counts.
2018-08-22Bug 699666: Forbid cycles in Type3 font CharProcs.Tor Andersson
Thanks to oss-fuzz for reporting.
2018-08-22Bug 699653: Avoid dropping filter chain once too often in case of error.Sebastian Rasmussen
build_filter_chain_drop() promises to extend (according to the fs argument) the filter chain it is given, or in case of exception throw away the at that point potentially extended filter chain it was given from the beginning. Because build_filter_chain_drop() calls build_filter_drop() for every filter it adds it doesn't need to do any cleanup of the filter chain on its own, that's build_filter_drop()'s responsibility. Prior to this commit fz_catch() in build_filter_chain_drop() which would drop the filter chain one time too many (it was already dropped by build_filter_drop()), causing the callers to use a stale pointer. Now once the extra fz_drop_stream() has been removed the logic works as it ought to, even in the case of exceptions. Thanks to oss-fuzz for reporting.
2018-08-21Bug 699652: Fix postscript value stack underflow for index operator.Sebastian Rasmussen
Thanks to oss-fuzz for reporting.
2018-08-21Bug 699271: Fix eternal loop when skipping space before EOF.Sebastian Rasmussen
Thanks to Michael J Gruber for providing this oneliner.
2018-08-21Fix form recalculation issue.Tor Andersson
Commit f533104 accidentally removed the line that updated the value variable. Also set the field value to a name object for check boxes and radio buttons, as per the specification.