summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2014-08-22Bounds check in CFX_Font::LoadGlyphPath().Tom Sepez
Add a check to CFX_Font::LoadGlyphPath() similar to the one that exists in CFX_FaceCache::RenderGlyph(). Also replace some scattered magic numbers in the file with constants, and make arrays not used outside this file be statically scoped. BUG=406144 R=jun_fang@foxitsoftware.com Review URL: https://codereview.chromium.org/497863002
2014-08-22Fix confusion between length in bytes and length in characters in ↵Tom Sepez
app::response(). I also clean up the code while we are here, rewriting a strange switch statement and tidying whitespace. BUG=406142 R=jun_fang@foxitsoftware.com Review URL: https://codereview.chromium.org/498773004
2014-08-22Don't stretch bitmaps if destination size is empty.Vitaly Buka
BUG=405201 R=bo_xu@foxitsoftware.com Review URL: https://codereview.chromium.org/474093003
2014-08-22Check the number of component in ICCBased colorspaceBo Xu
From PDF reference 8.6.5.5, this could only be 1, 3 or 4. BUG=387968 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/464083003
2014-08-21For pattern colorspace, its base colorspace should not be a pattern colorspaceBo Xu
BUG=405588 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/496883002
2014-08-20Check if user provided more than one option for pdfium_test.Vitaly Buka
R=bo_xu@foxitsoftware.com Review URL: https://codereview.chromium.org/477173003
2014-08-19Fix bug in CPDF_PageContentGenerate constructor and destructorBo Xu
m_pageObjects never gets initialize, thus making CPDF_PageContentGenerate::GenerateContent() doing nothing. Since the CPFD_PageObject are owned by m_pPage, no need to release them in the destructor. BUG=385119 R=thestig@chromium.org, vitalybuka@chromium.org Review URL: https://codereview.chromium.org/470253004
2014-08-19Fixed command line parting when no output is needed.Vitaly Buka
R=bo_xu@foxitsoftware.com Review URL: https://codereview.chromium.org/492523002
2014-08-18Font is used after release in CPDF_TextStateData::~CPDF_TextStateDataJun Fang
BUG=400996 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/477323002
2014-08-18Fix a double-free issue in CFX_PathData::~CFX_PathDataJun Fang
In CPDFSDK_InterForm::SubmitFields, the buffer pointed by m_pBuffer is returned and released by the caller. However, it will be released again in the destructor. BUG=401580 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/481733002
2014-08-18Check path point count overflow in DrawThisAppearanceBo Xu
BUG=387969 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/461343003
2014-08-18Add a null check before getting unicode text in CPDF_FormField::GetValueJun Fang
The test pdf file defines an invalid dictionary object with a NULL arrary in the filed of "/V". It causes that a NULL object is returned when trying to get the first element of this arrary. So it needs to check whether the returned object is NULL. BUG=395986 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/478183002
2014-08-18Add a null pointer check before getting the family name of the given color ↵Jun Fang
space in CPDF_ColorSpace::Load The test file defines a wrong color space object (7 0 obj). In the content of 7 0 obj, the reserved obj (0 0 R) is used. The process of loading color space returns NULL when the reserved obj (0 0 R) is found. For the error color space, it only needs to return NULL when an error is detected. BUG=403032 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/477413002
2014-08-18Fix tzHour usage on systems where char is unsigned.chromium/2137chromium/2136chromium/2135chromium/2133chromium/2132chromium/2131chromium/2130chromium/2129chromium/2128Nico Weber
BUG=chromium:395832 R=bo_xu@foxitsoftware.com Review URL: https://codereview.chromium.org/478353002
2014-08-18No need to release m_pBaseCS in CPDF_IndexedCS and CPDF_PatternCSBo Xu
m_pBaseCS will be released in CPDF_DocPageData::Clear. BUG=401372 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/472653002
2014-08-15Fix buffer size offset error in PNG_PredictorBo Xu
BUG=393602 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/466153005
2014-08-13Add FX_OVERRIDE and use it for virtual functions of FX_FINAL classes.Tom Sepez
Should there be cases where this fails to compile, it indicates a mistake, either an incorrectly declared overrriden virtual method, or a method that should be declared non-virtual. The only issues were with CPDF_CustomAccess::GetBlock(), CPDF_CustomAccess::GetByte(), and CPDF_CustomAccess::GetFullPath(). These don't appear to be used anywhere, and are removed. Two members are removed that are no longer needed once those methods are removed. R=jam@chromium.org, jun_fang@foxitsoftware.com Review URL: https://codereview.chromium.org/454983003
2014-08-13Disable exceptions for the pdfium targets, now that pdfium:29 is done.chromium/2127chromium/2126chromium/2124chromium/2123Nico Weber
BUG=pdfium:29 R=scottmg@chromium.org Review URL: https://codereview.chromium.org/470503004
2014-08-13Remove try/catch blockBo Xu
BUG=pdfium:28 R=thakis@chromium.org Review URL: https://codereview.chromium.org/472563002
2014-08-12Treat null Parent as no Parent for dictionary objectsBo Xu
To be complient with PDF reference chapter 7.3.7 BUG=402437 R=vitalybuka@chromium.org Review URL: https://codereview.chromium.org/469573002
2014-08-12Fix missing or broken include guard macros in pdfium headers.Tom Sepez
This has no ill-effect at present, but may be distracting when viewing the file since it just looks wrong. R=jun_fang@foxitsoftware.com Review URL: https://codereview.chromium.org/461933003
2014-08-12For a CPDF_Color object, when set a new pattern to it, disconnect its link ↵Bo Xu
with the old pattern This patch is related to https://pdfium.googlesource.com/pdfium/+/1b9c5c4dc41956b8c5ab17b9a882adf8a2513768 BUG=402260 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/460383004
2014-08-07When normalize coordinate, return instead of assert() when divide by 0Bo Xu
BUG=382988 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/433293002
2014-08-07Change '>=' back to '>' in extension.h due to bad fixchromium/2122chromium/2121chromium/2120chromium/2119chromium/2118Jun Fang
BUG=400662 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/445303002
2014-08-06gclient DEPS file for auto checking out depsAneesh Mulye
Added a DEPS file so that bot_update and gclient can automatically check out dependencies (GYP, V8, ICU, and on Windows, Cygwin). BUG=375773 R=jam@chromium.org, nodir@chromium.org Review URL: https://codereview.chromium.org/416663002
2014-08-06Clean up meaningless branch on commented-out code.Chris Palmer
BUG=https://code.google.com/p/pdfium/issues/detail?id=35 R=bo_xu@foxitsoftware.com Review URL: https://codereview.chromium.org/451483003
2014-08-05Fix the problem that memory is accessed after released due to invalid type-castJun Fang
BUG=387774 R=palmer@chromium.org, tsepez@chromium.org Review URL: https://codereview.chromium.org/441503003
2014-08-05The root cause of this issue is shown as below:Jun Fang
Patterns are managed in CPDF_DocPageData. When a document is closed, all patterns will be released in the deconstruction of CPDF_DocPageData. However, some patterns which are referenced in CPDF_Color can't get the notification from the destroy of CPDF_DocPageData. It will cause use-after-free in CPDF_Color::~CPDF_Color. BUG=392719 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/439693002
2014-08-04Fix unninitialized 'tmp' in CJBig2_Image::composeTo_opt2Jun Fang
BUG=387811 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/437483004
2014-08-04Remove unused |m_pEvi| field.Chris Palmer
Edge closer to the goal of building PDFium with the chromium_code configuration. BUG=https://code.google.com/p/pdfium/issues/detail?id=29 R=bo_xu@foxitsoftware.com, thakis@chromium.org Review URL: https://codereview.chromium.org/441763002
2014-08-04Fix a segmentation fault in CPDF_DataAvail::CheckPage due to invalid usage ↵Jun Fang
of i++ BUG=387979 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/439733002
2014-08-02Fix buffer size boundary check offset by 1chromium/2117chromium/2116chromium/2115chromium/2114chromium/2113Bo Xu
When newPos == file size, the current block will not be read or Get. If this block is a crucial part of the document (like m_pTrailer), the program will exit with parse error and the document will not be rendered. BUG=None R=jun_fang@foxitsoftware.com Review URL: https://codereview.chromium.org/440563003
2014-08-01Add more |bpc| value check in GetValidBpc()Bo Xu
BUG=382988 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/430733004
2014-07-31Fix for min/max compile error on WindowsScott Graham
Patch from jschuh@chromium.org. BUG=pdfium:31 TBR=jschuh@chromium.org,thakis@chromium.org Review URL: https://codereview.chromium.org/438843003
2014-07-31Revert 'gn: cross-platform exception disable'Scott Graham
This reverts commit 4923e3cfbc2b617614858c427fa87a8c67aca784. Since exceptions are in the process of being removed, and the code currently isn't rollable into pdfium (for other reasons) I'm going to revert this for now, so that this CL doesn't become blocking-for-rolls if the other min/max problem is addressed. And, hopefully by the time I get back to this it won't be necessary anyway. BUG=pdfium:28,pdfium:31,chromium:354261 R=thakis@chromium.org Review URL: https://codereview.chromium.org/432243002
2014-07-31gn: cross-platform exception disableScott Graham
Goes with https://codereview.chromium.org/431803003/ R=jam@chromium.org BUG=chromium:354261 Review URL: https://codereview.chromium.org/426153007
2014-07-31remove .gitattributes to prevent automatic CRLF conversionsScott Graham
Added by https://codereview.chromium.org/292313014/ but causes annoying warnings on Windows. Just don't add CRLFs. R=jam@chromium.org Review URL: https://codereview.chromium.org/430043002
2014-07-31Correct the names of the FX_SAFE_* typedefs.Chris Palmer
R=jun_fang@foxitsoftware.com Review URL: https://codereview.chromium.org/417263008
2014-07-31Fix a few more -Wreorder warnings.Nico Weber
No intended behavior change. BUG=pdfium:29 R=bo_xu@foxitsoftware.com Review URL: https://codereview.chromium.org/436483002
2014-07-31Remove CPDFSDK_Annot::ResetAppearance().Nico Weber
It's unused, and it caused a warning about CPDFSDK_Widget::ResetAppearance() failing to override it (since these two unrelated methods had the same name). No intended behavior change. BUG=pdfium:29 R=bo_xu@foxitsoftware.com Review URL: https://codereview.chromium.org/429483004
2014-07-31Fix integer overflow when stretch bitmapBo Xu
When an image object is zoomed in by a big factor, the scaling factor in the transformation matrix is big as well, resulting in a large |dest_width| and |dest_height| value(they can be think of as the equivalent pixel size of the entire image, although most of it is outside the device). BUG=395636 R=vitalybuka@chromium.org Review URL: https://codereview.chromium.org/432543002
2014-07-30Fix uninitialized coords and one of infinite loopsJUN FANG
BUG=387854 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/372453005
2014-07-30Remove a few unused variables, functions, and member variables.Nico Weber
No intended behavior change. BUG=pdfium:29 R=bo_xu@foxitsoftware.com Review URL: https://codereview.chromium.org/426763003
2014-07-30Fix a few -Wreorder warnings.Nico Weber
BUG=pdfium:29 R=bo_xu@foxitsoftware.com Review URL: https://codereview.chromium.org/427353003
2014-07-30Add missing braces for aggregate initializers.Nico Weber
No intended behavior change. BUG=pdfium:29 R=bo_xu@foxitsoftware.com Review URL: https://codereview.chromium.org/426763004
2014-07-30Fix potential integer overflow in fpdf_render_loadimage.cppJUN FANG
BUG=391929 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/419693003
2014-07-30Attempt to fix some -Woverloaded-virtual warnings.Nico Weber
There are many warnings that look like: error: 'CPWL_RadioButton::OnChar' hides overloaded virtual function [-Werror,-Woverloaded-virtual] virtual FX_BOOL OnChar(FX_WORD nChar); ^ note: hidden overloaded virtual function 'CPWL_Wnd::OnChar' declared here: different number of parameters (2 vs 1) virtual FX_BOOL OnChar(FX_WORD nChar, FX_DWORD nFlag); ^ It looks like someone added the nFlag parameter to the methods in CPWL_Wnd at some point and missed to update all overloads This patch attempts to fix this: It adds the parameter to all methods that look like they're trying to overload the base class method, and renames the method in one case where it fairly clearly looks like that it's not supposed to be an overload. BUG=pdfium:29 R=bo_xu@foxitsoftware.com Review URL: https://codereview.chromium.org/416383004
2014-07-30Fix incorrect override of GetLayoutOrder().Nico Weber
fsdk_baseform.h:63:19: error: 'CPDFSDK_Widget::GetLayoutOrder' hides overloaded virtual function [-Werror,-Woverloaded-virtual] virtual int GetLayoutOrder() {return 2;} ^ fsdk_baseannot.h:70:18: note: hidden overloaded virtual function 'CPDFSDK_Annot::GetLayoutOrder' declared here: different qualifiers (const vs none) virtual int GetLayoutOrder() const { return 5; } ^ On Windows, I believe MSVS treats these as override since it's such a common and easy mistake, but clang and gcc do what the standard specifies. Add a "const" to the function in the subclass so that this is actually an override, as intended. BUG=pdfium:29 R=bo_xu@foxitsoftware.com Review URL: https://codereview.chromium.org/427173002
2014-07-30Fix the potential integer overflow from 'offset+size' in extension.h and ↵JUN FANG
fpdfview.cpp BUG=397258 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/419063002
2014-07-30Speculative fix for uninitialized value in CFX_ByteString().Tom Sepez
If somehow different length values could be obtained by two successive calls to Doc_getFilePath() (and FieldBrowse() for that matter), and the method is true to the API documentation that says "The return value always indicated number of bytes required for the buffer, even when there is no buffer specified, or the buffer size is less then required", then it is possible to get a returned length describing memory beyond the current buffer. We can make the corresponding JS_docGetFilePath() method more robust against this case by applying better checks to the returned value. This probably is unrelated since ASAN seems to be flagging the corresponding bug as UAF, but doesn't hurt to make things more robust. BUG=392956 R=jun_fang@foxitsoftware.com Review URL: https://codereview.chromium.org/423233002