summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2016-10-11Convert Field to use CPDFSDK_FormFillEnvironmentdsinclair
This CL changes Field from using a CPDFSDK_Document to using a CPDFSDK_FormFillEnvironment. Review-Url: https://codereview.chromium.org/2400443005
2016-10-11Convert CPDFSDK_PageView to have a CPDFSDK_FormFillEnvironmentdsinclair
This CL changes CPDFSDK_PageView to have a CPDFSDK_FormFillEnvironment instead of a CPDFSDK_Document. Review-Url: https://codereview.chromium.org/2400673002
2016-10-11Convert CPDFSDK_InterForm to take a CPDFSDK_FormFillEnvironmentdsinclair
This CL removes CPDFSDK_Document from CPDFSDK_InterForm and has it work with a CPDFSDK_FormFillEnvironment. Review-Url: https://codereview.chromium.org/2397723005
2016-10-11Slightly simplify CFX_FontMapper::FindSubstFontnpm
- Deleted useless flag FXFONT_SUBST_STANDARD - Change kExternalFontIndex to something more meaningful - Fetch symbolic fonts using UseInternalSubst too Review-Url: https://codereview.chromium.org/2400773002
2016-10-11Fix cmdStageAllocMatrix parameter swap againkcwu
This is fixup of 958e57cb. BUG=chromium:651849,chromium:654198 Review-Url: https://codereview.chromium.org/2407113002
2016-10-10Move ToString() and friends from CPDF_Object.h to CPDF_String.htsepez
Ditto with the other ToXXX functions to CPDF_xxx.h. Shortly, we will want to introduce another variant: inline std::unique_ptr<CPDF_String> ToString( std::unique_ptr<CPDF_Object>); This will require that CPDF_String be complete which is not the case in the CPDF_Object.h header. Rather than dragging all the other .h's into it, move these to the subclass headers. That way, these will be together when the new form is added. Review-Url: https://codereview.chromium.org/2406033002
2016-10-10Land all the fixes from 5609f39c but don't enable assertchromium/2887tsepez
Split this off so that we don't keep losing this when the assert is reverted again. Review-Url: https://codereview.chromium.org/2401423005
2016-10-10Add method to convert to an indirect object in a dictionary.tsepez
Avoid an assert which previously could only be overcome by removing/re-inserting. Back-fill a unit test for the equivalent Array method. BUG=654387 Review-Url: https://codereview.chromium.org/2403143002
2016-10-10Revert "Re-land "Assert that only 0-numbered objects are Released()""tsepez
This reverts commit b69a98cf50537130f88ce3a799117f2ca8353ac5. Reason for revert: crashes on mac. BUG=654387 TBR=thestig@chromium.org Review-Url: https://codereview.chromium.org/2410483002
2016-10-10libtiff: Prevent a buffer overflow in function ChopUpSingleUncompressedStrip.stackexploit
The patch (https://codereview.chromium.org/2284063002) for Issue 618267 was insufficient. The integer overflow still could be triggered and could lead to heap buffer overflow. This CL strengthens integer overflow check in function _TIFFCheckRealloc. BUG=chromium:654169 R=ochang@chromium.org, tsepez@chromium.org, dsinclair@chromium.org Review-Url: https://codereview.chromium.org/2405693002
2016-10-06Fix assertion failure when decoding malform G4 fax imagechromium/2886chromium/2885chromium/2884kcwu
The position indexes of color elements must be monotonic increasing. Bail out if the decoded index is less or equal to the previous index. BUG=pdfium:615 Review-Url: https://codereview.chromium.org/2398033002
2016-10-06Reject JBig2 Huffman table with too large shift valuekcwu
BUG=chromium:653044 Review-Url: https://codereview.chromium.org/2397783002
2016-10-06Split m_InstalledTTFonts into two vectors to avoid sketchy logic.npm
Instead of relying on ' ' to determine whether the CFX_Bytestring is added on one place or another, use another vector. When trying to match fonts from the fontmapper, compare with both vectors. BUG=pdfium:510 Review-Url: https://codereview.chromium.org/2395883002
2016-10-06switch to new skia blend mode enum classcaryclark
Skia's interface to transfer modes is not described by an enum instead of a class. R=reed@google.com, dsinclair@chromium.org Review-Url: https://codereview.chromium.org/2394683004
2016-10-06Fixup MSan embeddertestsDan Sinclair
The embeddertests were closing the document before the formfill environment. This caused a use-after-free as we try to use the document during formfill destruction. This Cl fixes the destruction order in the embedder tests. As well, a few guards are put in place to keep the system from crashing if the wrong destruction order is called. R=tsepez@chromium.org Review URL: https://codereview.chromium.org/2398063002 .
2016-10-05Remove m_pOccontent from CPDFSDK_Documentchromium/2882dsinclair
Unused, remove. Review-Url: https://codereview.chromium.org/2397513003
2016-10-05Rename CPDFSDK_Environment to CPDFSDK_FormfillEnvironmentdsinclair
Rename CPDFSDK_Environment to make it explicit that this is part of the formfill system. Review-Url: https://codereview.chromium.org/2391313002
2016-10-05Remove ownership of CPDFSDK_Document from CPDFXFA_Documentdsinclair
This CL updates CPDFXFA_Document so it never owns the CPDFSDK_Document. The CPDFSDK_Document is now always owned by the CPDFXFA_Environment. This also cleans up the strange need to reverse the order of document and form destruction when using XFA. Review-Url: https://codereview.chromium.org/2397473006
2016-10-05Removed unused stuff, some FX_BOOL, and cleanup pageint.h a bitnpm
- Remove some unused stuff from pageint.h. - Replace some FX_BOOL with bool in pageint.h, and related. - Replace some "protected" with "private" in pageint.h. - Move 2 methods into namespace in fpdf_page_parser_old.cpp. Review-Url: https://codereview.chromium.org/2399573002
2016-10-05Re-land "Assert that only 0-numbered objects are Released()"tsepez
This reverts commit b73c99335bfbd158ad16dd59c9c52396ffd2b54b. TBR=thestig@chromium.org Review-Url: https://codereview.chromium.org/2393783004
2016-10-05Rework a redundant check when calling ConvertToIndirectObjectAt()tsepez
This avoids a re-assignment that can otherwise cause a later fault. BUG=pdfium:607 Review-Url: https://codereview.chromium.org/2393953002
2016-10-05Cleanup some CPDFSDK_PageView annotation code.dsinclair
This Cl cleans up the code regarding CPDFSDK_Annots in CPDFSDK_PageView. This includes: * Makes DeleteAnnot XFA only and wraps at the call site. * Removes unused methods * Replaces use of CountAnnots and GetAnnot with vector iteration * Removes {Set|Kill}FocusAnnot from CPDFSDK_PageView * Renames m_fxAnnotArray to m_SDKAnnotArray Review-Url: https://codereview.chromium.org/2384323005
2016-10-05Remove FX_BOOL from core/fpdfapi/fontnpm
FX_BOOL can be replaced by bool. Also replaced in a couple other places so that Winbots pass. Review-Url: https://codereview.chromium.org/2395803002
2016-10-04Fix cmdStageAllocMatrix parameter swapkcwu
For cmdStageAllocMatrix, InputChans is length of Matrix, OutputChans is length of Offsets. The original code will allocate NewElem->Offset with length Cols=InputChans (cmslut.c:417). This results in heap buffer overflow later. BUG=chromium:651849 Review-Url: https://codereview.chromium.org/2384063006
2016-10-04Fix ownership when making a private annot dictionary into a shared one.tsepez
There's no way to take ownership back from the CPDF_Array without deleting the object, so add a new primitive to make elements become indirect rather than manipulating them outside the class. This should solve the ASSERT(objnum == 0) issue that blocked the previous roll. Review-Url: https://codereview.chromium.org/2391883003
2016-10-04Rename fpdfsdk/fpdfxfa files to match contentschromium/2881dsinclair
Each of these files contains a single class, rename the file to match the internal class name. Review-Url: https://codereview.chromium.org/2385423004
2016-10-04Cleanup DEPS filesdsinclair
Remove redundant DEPS files and DEPS file entries. Review-Url: https://codereview.chromium.org/2390833003
2016-10-04Fix fuzzer pathsdsinclair
Missed these again. Scripting fail. BUG=pdfium:603 Review-Url: https://codereview.chromium.org/2393433003
2016-10-04Avoid crashing on CPDF_ToUnicodeMap::Load by using ValueOrDefault()npm
- Added private method to avoid duplicated code. - If the unicode calculation overflows, 0 is used instead of crashing. Review-Url: https://codereview.chromium.org/2392103002
2016-10-04Make sure the fuzzer read size does not go negative.dsinclair
When fuzzing the image formats, its possible to get a read request which would go negative. Handle the request and return FALSE for the read. BUG=chromium:621836 Review-Url: https://codereview.chromium.org/2386343002
2016-10-04Move core/fpdfapi/fpdf_render to core/fpdfapi/renderdsinclair
BUG=pdfium:603 Review-Url: https://codereview.chromium.org/2393593002
2016-10-04Move core/fpdfapi/fpdf_parser to core/fpdfapi/parserdsinclair
BUG=pdfium:603 Review-Url: https://codereview.chromium.org/2392603004
2016-10-04Move core/fpdfapi/fpdf_page to core/fpdfapi/pagedsinclair
BUG=pdfium:603 Review-Url: https://codereview.chromium.org/2386423004
2016-10-04Move core/fpdfapi/fpdf_font to core/fpdfapi/fontdsinclair
BUG=pdfium:603 Review-Url: https://codereview.chromium.org/2392773003
2016-10-04Move core/fpdfapi/fpdf_edit to core/fpdfapi/editdsinclair
BUG=pdfium:603 Review-Url: https://codereview.chromium.org/2386263003
2016-10-04Move core/fpdfapi/fpdf_cmaps to core/fpdfapi/cmapsdsinclair
BUG=pdfium:603 Review-Url: https://codereview.chromium.org/2391013002
2016-10-04Use FX_SAFE_UINT32 on CPDF_ToUnicodeMap::Loadnpm
m_Map maps to unsigned integer, but m_MultiCharBuf.GetLength() returns an integer. There will be integer overflow if the length is big, and UBSAN will complain. Thus, using FX_SAFE_UINT32. Replacing with uint32 would work as well: the point is to consider the length as uint instead of int. BUG=chromium:652232 Review-Url: https://codereview.chromium.org/2393573002
2016-10-04Update test expectations for unexpected successes.thestig
Review-Url: https://codereview.chromium.org/2387333002
2016-10-04update skia to latest sourcescaryclark
Update clip to use intersect verb from canvas. R=dsinclair@chromium.org Review-Url: https://codereview.chromium.org/2384283002
2016-10-03Revert of Assert that only 0-numbered objects are Released() (patchset #7 ↵thestig
id:120001 of https://codereview.chromium.org/2375343004/ ) Reason for revert: Broke PDFExtensionTest when rolling DEPS in Chromium. Original issue's description: > Assert that only 0-numbered objects are Released() > > This condition holds because numbered objects are brute-force > deleted by the indirect object holder, rather than being > released. > > Be careful about recursive deletion, check before advancing, > since we no longer count on Release() doing this for us. > Fix a few tests where the test was violating ownership rules. > > This should be the last step before completely removing Release() > in favor of direct delete everywhere. > > Committed: https://pdfium.googlesource.com/pdfium/+/aba528a362248a54b27a7e9e046e2b65ab83f624 TBR=tsepez@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true Review-Url: https://codereview.chromium.org/2387193003
2016-10-03Sync pdfium_test version to include updated test fileweili
The test file for fixing bug chromium:651304. Review-Url: https://codereview.chromium.org/2392553004
2016-10-03Assert that only 0-numbered objects are Released()tsepez
This condition holds because numbered objects are brute-force deleted by the indirect object holder, rather than being released. Be careful about recursive deletion, check before advancing, since we no longer count on Release() doing this for us. Fix a few tests where the test was violating ownership rules. This should be the last step before completely removing Release() in favor of direct delete everywhere. Review-Url: https://codereview.chromium.org/2375343004
2016-10-03Add ptr_util.h from base until std::make_unique<> availabletsepez
Review-Url: https://codereview.chromium.org/2386273004
2016-10-03Fix potentially uninitialized value.chromium/2880dsinclair
Depending on what ReadOK does it's possible for |dircount16| to be used without being initialized. The read code calls back into PDFium specific code which then calls into the stream reading code. Initialize the value to be sure it is set. BUG=chromium:651632 Review-Url: https://codereview.chromium.org/2389993002
2016-10-03Rename CFX_WeakPtr::Clear() to DestroyObject()tsepez
|Clear| is too easily mistaken for "clear this pointer only." Review-Url: https://codereview.chromium.org/2385303002
2016-10-03Guard against double deletion of page views.dsinclair
This CL adds a |IsBeingDestroyed| flag into the CPDFSDK_PageView. We then bail out of the pageview removal code early if the flag is set. BUG=chromium:652103 Review-Url: https://codereview.chromium.org/2384243002
2016-10-03Detect resursive loading of type3 font char to avoid infinite loopweili
The original way of detecting loops was passing a level parameter through various functions. This missed some cases which also lead to load type3 font char, for example, FindFont() may call CheckType3FontMetrics() which may eventually lead to LoadChar(). The new way is to store the char loading depth, and abort when the depth exceeds the max. BUG=chromium:651304 Review-Url: https://codereview.chromium.org/2384853002
2016-10-03Remove unused CPDFSDK_PageView::ClearFXAnnotsdsinclair
Method is not called, removing. Review-Url: https://codereview.chromium.org/2391663002
2016-10-03Remove _FX_OS_ checks in core/fxge/win32/.thestig
All the files are already excluded by the build system. Review-Url: https://codereview.chromium.org/2387863002
2016-09-30Move CPDF_Reference::SafeGetDirect() out of the header.chromium/2879chromium/2878thestig
Review-Url: https://codereview.chromium.org/2386433002