summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2014-08-05The root cause of this issue is shown as below:Jun Fang
Patterns are managed in CPDF_DocPageData. When a document is closed, all patterns will be released in the deconstruction of CPDF_DocPageData. However, some patterns which are referenced in CPDF_Color can't get the notification from the destroy of CPDF_DocPageData. It will cause use-after-free in CPDF_Color::~CPDF_Color. BUG=392719 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/439693002
2014-08-04Fix unninitialized 'tmp' in CJBig2_Image::composeTo_opt2Jun Fang
BUG=387811 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/437483004
2014-08-04Remove unused |m_pEvi| field.Chris Palmer
Edge closer to the goal of building PDFium with the chromium_code configuration. BUG=https://code.google.com/p/pdfium/issues/detail?id=29 R=bo_xu@foxitsoftware.com, thakis@chromium.org Review URL: https://codereview.chromium.org/441763002
2014-08-04Fix a segmentation fault in CPDF_DataAvail::CheckPage due to invalid usage ↵Jun Fang
of i++ BUG=387979 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/439733002
2014-08-02Fix buffer size boundary check offset by 1chromium/2117chromium/2116chromium/2115chromium/2114chromium/2113Bo Xu
When newPos == file size, the current block will not be read or Get. If this block is a crucial part of the document (like m_pTrailer), the program will exit with parse error and the document will not be rendered. BUG=None R=jun_fang@foxitsoftware.com Review URL: https://codereview.chromium.org/440563003
2014-08-01Add more |bpc| value check in GetValidBpc()Bo Xu
BUG=382988 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/430733004
2014-07-31Fix for min/max compile error on WindowsScott Graham
Patch from jschuh@chromium.org. BUG=pdfium:31 TBR=jschuh@chromium.org,thakis@chromium.org Review URL: https://codereview.chromium.org/438843003
2014-07-31Revert 'gn: cross-platform exception disable'Scott Graham
This reverts commit 4923e3cfbc2b617614858c427fa87a8c67aca784. Since exceptions are in the process of being removed, and the code currently isn't rollable into pdfium (for other reasons) I'm going to revert this for now, so that this CL doesn't become blocking-for-rolls if the other min/max problem is addressed. And, hopefully by the time I get back to this it won't be necessary anyway. BUG=pdfium:28,pdfium:31,chromium:354261 R=thakis@chromium.org Review URL: https://codereview.chromium.org/432243002
2014-07-31gn: cross-platform exception disableScott Graham
Goes with https://codereview.chromium.org/431803003/ R=jam@chromium.org BUG=chromium:354261 Review URL: https://codereview.chromium.org/426153007
2014-07-31remove .gitattributes to prevent automatic CRLF conversionsScott Graham
Added by https://codereview.chromium.org/292313014/ but causes annoying warnings on Windows. Just don't add CRLFs. R=jam@chromium.org Review URL: https://codereview.chromium.org/430043002
2014-07-31Correct the names of the FX_SAFE_* typedefs.Chris Palmer
R=jun_fang@foxitsoftware.com Review URL: https://codereview.chromium.org/417263008
2014-07-31Fix a few more -Wreorder warnings.Nico Weber
No intended behavior change. BUG=pdfium:29 R=bo_xu@foxitsoftware.com Review URL: https://codereview.chromium.org/436483002
2014-07-31Remove CPDFSDK_Annot::ResetAppearance().Nico Weber
It's unused, and it caused a warning about CPDFSDK_Widget::ResetAppearance() failing to override it (since these two unrelated methods had the same name). No intended behavior change. BUG=pdfium:29 R=bo_xu@foxitsoftware.com Review URL: https://codereview.chromium.org/429483004
2014-07-31Fix integer overflow when stretch bitmapBo Xu
When an image object is zoomed in by a big factor, the scaling factor in the transformation matrix is big as well, resulting in a large |dest_width| and |dest_height| value(they can be think of as the equivalent pixel size of the entire image, although most of it is outside the device). BUG=395636 R=vitalybuka@chromium.org Review URL: https://codereview.chromium.org/432543002
2014-07-30Fix uninitialized coords and one of infinite loopsJUN FANG
BUG=387854 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/372453005
2014-07-30Remove a few unused variables, functions, and member variables.Nico Weber
No intended behavior change. BUG=pdfium:29 R=bo_xu@foxitsoftware.com Review URL: https://codereview.chromium.org/426763003
2014-07-30Fix a few -Wreorder warnings.Nico Weber
BUG=pdfium:29 R=bo_xu@foxitsoftware.com Review URL: https://codereview.chromium.org/427353003
2014-07-30Add missing braces for aggregate initializers.Nico Weber
No intended behavior change. BUG=pdfium:29 R=bo_xu@foxitsoftware.com Review URL: https://codereview.chromium.org/426763004
2014-07-30Fix potential integer overflow in fpdf_render_loadimage.cppJUN FANG
BUG=391929 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/419693003
2014-07-30Attempt to fix some -Woverloaded-virtual warnings.Nico Weber
There are many warnings that look like: error: 'CPWL_RadioButton::OnChar' hides overloaded virtual function [-Werror,-Woverloaded-virtual] virtual FX_BOOL OnChar(FX_WORD nChar); ^ note: hidden overloaded virtual function 'CPWL_Wnd::OnChar' declared here: different number of parameters (2 vs 1) virtual FX_BOOL OnChar(FX_WORD nChar, FX_DWORD nFlag); ^ It looks like someone added the nFlag parameter to the methods in CPWL_Wnd at some point and missed to update all overloads This patch attempts to fix this: It adds the parameter to all methods that look like they're trying to overload the base class method, and renames the method in one case where it fairly clearly looks like that it's not supposed to be an overload. BUG=pdfium:29 R=bo_xu@foxitsoftware.com Review URL: https://codereview.chromium.org/416383004
2014-07-30Fix incorrect override of GetLayoutOrder().Nico Weber
fsdk_baseform.h:63:19: error: 'CPDFSDK_Widget::GetLayoutOrder' hides overloaded virtual function [-Werror,-Woverloaded-virtual] virtual int GetLayoutOrder() {return 2;} ^ fsdk_baseannot.h:70:18: note: hidden overloaded virtual function 'CPDFSDK_Annot::GetLayoutOrder' declared here: different qualifiers (const vs none) virtual int GetLayoutOrder() const { return 5; } ^ On Windows, I believe MSVS treats these as override since it's such a common and easy mistake, but clang and gcc do what the standard specifies. Add a "const" to the function in the subclass so that this is actually an override, as intended. BUG=pdfium:29 R=bo_xu@foxitsoftware.com Review URL: https://codereview.chromium.org/427173002
2014-07-30Fix the potential integer overflow from 'offset+size' in extension.h and ↵JUN FANG
fpdfview.cpp BUG=397258 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/419063002
2014-07-30Speculative fix for uninitialized value in CFX_ByteString().Tom Sepez
If somehow different length values could be obtained by two successive calls to Doc_getFilePath() (and FieldBrowse() for that matter), and the method is true to the API documentation that says "The return value always indicated number of bytes required for the buffer, even when there is no buffer specified, or the buffer size is less then required", then it is possible to get a returned length describing memory beyond the current buffer. We can make the corresponding JS_docGetFilePath() method more robust against this case by applying better checks to the returned value. This probably is unrelated since ASAN seems to be flagging the corresponding bug as UAF, but doesn't hurt to make things more robust. BUG=392956 R=jun_fang@foxitsoftware.com Review URL: https://codereview.chromium.org/423233002
2014-07-29Fix the typo of "Resources" keywordBo Xu
BUG=None R=thestig@chromium.org Review URL: https://codereview.chromium.org/420793004
2014-07-29Tidy up app::response().Tom Sepez
Follow-up from https://codereview.chromium.org/424883002/ - Remove some stray whitespace. - Fix "else after return". - Remove unused swResponse local. - Treat unexpectedly large responses as errors. BUG= R=jun_fang@foxitsoftware.com Review URL: https://codereview.chromium.org/423953002
2014-07-29Fix a few more warnings in chromium_code mode.Nico Weber
No intended behavior change. - Remove more unused variables, functions, member variables. - Put a few constructor initializers in the order they execute in. - Add braces for subobject initializers. - Fix a handful of signed / unsigned comparisons. BUG=pdfium:29 R=bo_xu@foxitsoftware.com Review URL: https://codereview.chromium.org/429593005
2014-07-29Remove a few unused variables, functions, and tables.Nico Weber
Found by clang's -Wunused-variable, -Wunused-function, -Wunused-const-variable. BUG=none R=bo_xu@foxitsoftware.com Review URL: https://codereview.chromium.org/404653005
2014-07-28Remove 'inline' from two methods.Nico Weber
The methods are only defined in the cpp and thus can't always be inlined, the methods are virtual and so can only be inlined when the concrete type is known, and inline functions need their definition available in all translation units. So just remove the 'inline'. BUG=none R=bo_xu@foxitsoftware.com Review URL: https://codereview.chromium.org/409253004
2014-07-24CalRGB color correctionBo Xu
BUG=pdfium:19 R=thestig@chromium.org Review URL: https://codereview.chromium.org/403163002
2014-07-24This change is for fixing the potential integer overflow from "offset + size"JUN FANG
BUG=382667 R=palmer@chromium.org Review URL: https://codereview.chromium.org/322333002
2014-07-23Refactor CFX_BasicArray.chromium/2112chromium/2111chromium/2110chromium/2109chromium/2108chromium/2107chromium/2106chromium/2105chromium/2104Chris Palmer
The |nGrowBy| argument to |SetSize| was always -1, which caused the effective m_nGrowBy value to always be its default value: 0. So it was not needed, and was cluttering up the logic. BUG=384662 Check for integer overflow in CFX_BasicArray. BUG=384662 R=bo_xu@foxitsoftware.com, rsesek@chromium.org Review URL: https://codereview.chromium.org/415803002
2014-07-23Check for integer overflow in CFX_BasicArray.Chris Palmer
BUG=384662 R=bo_xu@foxitsoftware.com, rsesek@chromium.org Review URL: https://codereview.chromium.org/411033003
2014-07-23Remove unnecessary aligned memory check when __SSE__ is usedBo Xu
Since the land of https://pdfium.googlesource.com/pdfium/+/3522876d5291922ddc62bf1b70d02743b0850673, memory is assured to be 16 byte aligned. So no need to do this check. Plus, the removed code was causing bug in M36: https://code.google.com/p/pdfium/issues/detail?id=27. BUG=None R=thestig@chromium.org Review URL: https://codereview.chromium.org/418563002
2014-07-23Only use "final" on MSVS2012+, to keep pdfium building with 2010.Nico Weber
BUG=pdfium:26 TBR=bo_xu@foxitsoftware.com Review URL: https://codereview.chromium.org/418463002
2014-07-23Fix potential memory violation in CJS_PublicMethods::StrRTrim()Tom Sepez
BUG=395266 R=jun_fang@foxitsoftware.com Review URL: https://codereview.chromium.org/411713003
2014-07-23Fix lookahead beyond bounds in CJS_PublicMethods::MakeFormatDate().Tom Sepez
BUG=396255 R=jun_fang@foxitsoftware.com Review URL: https://codereview.chromium.org/407243003
2014-07-23Fix FPDF_RenderPage 2x zoom in when bBackgroundAlphaNeeded is trueBo Xu
BUG=179413 R=thestig@chromium.org Review URL: https://codereview.chromium.org/410073002
2014-07-22Added options to save pages into BMP and EMF on Windows.Vitaly Buka
BUG=179413 R=bo_xu@foxitsoftware.com Review URL: https://codereview.chromium.org/408403002
2014-07-21Adjust null object checkchromium/2103chromium/2102Bo Xu
BUG=None R=thakis@chromium.org Review URL: https://codereview.chromium.org/396173003
2014-07-21Fix remaining -Wdelete-non-virtual-dtor violations on Windows.Nico Weber
Follow-up to https://codereview.chromium.org/370853002/ BUG=none R=bo_xu@foxitsoftware.com Review URL: https://codereview.chromium.org/406683005
2014-07-18Build with exceptions enabled on Windows too.chromium/2101chromium/2100chromium/2099Nico Weber
This should be set consistently on all platforms. Ideally, we wouldn't need exceptions, but for now they're used. BUG=none (noticed while looking at chromium:82385) R=jam@chromium.org Review URL: https://codereview.chromium.org/404803005
2014-07-18Fix the potential integer overflow from "offset + size".Chris Palmer
BUG=382667 R=jschuh@chromium.org, jun_fang@foxitsoftware.com Review URL: https://codereview.chromium.org/390983007
2014-07-18Fix bounds checking in CJS_PublicMethods::MakeRegularDate().Tom Sepez
The function is looking ahead N characters at both its "format" and "value" strings without validating that accesses are in bounds. Add those validations. There are also duplicate checks in the else-branches which re-test the inverse of the if-branch. These are removed for simplicity. I also tidied some stray whitespace in the function while I was at it. BUG=393831 R=jun_fang@foxitsoftware.com Review URL: https://codereview.chromium.org/395303004
2014-07-18Fix pdfium building issue on VS2010chromium/2098Jun Fang
BUG=pdfium_23 R=palmer@chromium.org Review URL: https://codereview.chromium.org/399233002
2014-07-18pdfium: Fix all -Wdelete-non-virtual-dtor violations on Mac.Nico Weber
Calling `delete` on an object of a type that has virtual functions but not a virtual destructor is questionable: Since the object has virtual functions, it likely has subclasses, so if it's deleted through the base pointer and the destructor isn't virtual, the subclass destructor won't be called. In most cases, the classes getting deleted can just be marked final to tell the compiler that it can't possibly have subclasses (this also enables the compiler to generate better code). Two classes didn't have any sub- or superclasses but virtual functions - this doesn't make sense, so make all methods of these classes non-virtual. (Also delete an unused function on one of the two classes.) In one case, a class actually did have a subclass that needs to be deleted virtually, so mark one destructor as virtual. BUG=none R=bo_xu@foxitsoftware.com Review URL: https://codereview.chromium.org/370853002
2014-07-17Fix garbled text when loading linearized pdf documentBo Xu
BUG=260112, 249006, 275281, 354966, 365302, 236952 R=thestig@chromium.org Review URL: https://codereview.chromium.org/400083002
2014-07-17Fix building pdfium for x64 with ninja under windows.Nico Weber
This adds the necessary directives to the standalone gyp file. R=jschuh@chromium.org, jam@chromium.org BUG=22 Patch from Michael Doppler <m.doppler@gmail.com>. Review URL: https://codereview.chromium.org/360273002
2014-07-17Hook up the default v8::Platform implementation to pdfiumJochen Eisinger
It remains to call the PumpMessageLoop() method at a regular interval, however, since nothing posts to the loop yet, that shouldn't be a problem. BUG=25 R=jam@chromium.org Review URL: https://codereview.chromium.org/374123002
2014-07-16Disable warning 4267 in pdfium until it is fixed.chromium/2097Nico Weber
BUG=376399 TBR=thestig@chromium.org Review URL: https://codereview.chromium.org/398163006
2014-07-16Remove unused variable orig_size.Bo Xu
Original patch by Andrey Khalyavin <halyavin@google.com> BUG=N/A R=bo_xu@foxitsoftware.com Review URL: https://codereview.chromium.org/384143002