summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2017-05-16Introduce CFX_UnownedPtr to detect lifetime inversion issues.Tom Sepez
There are places where an object "child" has a raw pointer back to object "owner" with the understanding that owner will always outlive child. Violating this constraint can lead to use after free, but this requires finding two paths: one that frees the objects in the wrong order, and one that uses the object after the free. The purpose of this patch is to detect the constraint violation even when the second path is not hit. We create a template that is used in place of TYPE*. It's dtor, when a memory tool is present, goes out and probes the first byte of the object to which it points. Used in "child", this allows the memory tool to prove that the "owner" is still alive at the time the child is destroyed, and hence the constraint is never violated. Change-Id: I2a6d696d51dda4a79ee2f00a6752965e058a6417 Reviewed-on: https://pdfium-review.googlesource.com/5475 Commit-Queue: Tom Sepez <tsepez@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org>
2017-05-16Handle when XFA parser error handlers cannot format error messages.Lei Zhang
Limit the length of error messages to avoid string formatting failure. Simplify some CXFA_FMParse error handling code too. BUG=chromium:708428 Change-Id: I2f5fdb61349a90b3ba681dcc04a26ce0d7f2bdda Reviewed-on: https://pdfium-review.googlesource.com/5331 Commit-Queue: Lei Zhang <thestig@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-05-16Add formcalc lexer tests.Dan Sinclair
This CL adds tests for CXFA_FMLexer. Change-Id: I4cb7000212dda6d2b32211005a1c22deabb813ae Reviewed-on: https://pdfium-review.googlesource.com/5554 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Nicolás Peña <npm@chromium.org>
2017-05-16Update formcalc return typesDan Sinclair
Update return types to be bools instead of ints. Make some methods private. Change-Id: I5d55c48a861f90e9bd116ef835c11cdb515002a6 Reviewed-on: https://pdfium-review.googlesource.com/5553 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Nicolás Peña <npm@chromium.org>
2017-05-16Do not walk off end of formcalc stringDan Sinclair
The fm2js code takes a pointer to the input string and then walks along that pointer. There are currently no checks to verify we haven't walked off the end of the pointer into random memory. If this happens, we can end up allocating large chunks of memory and copying random bits. BUG=chromium:721533 Change-Id: Ia61fe96c1ff9eb9ded63cf8326b7be44986bd9e1 Reviewed-on: https://pdfium-review.googlesource.com/5550 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Nicolás Peña <npm@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org>
2017-05-16Minor xfa_lexer.cpp cleanupDan Sinclair
Remove the inc/dec/get methods that aren't helpful. Change methods to return void instead of uint32_t and make sure they set the proper error messages. Change-Id: I741316e7990a776d528625f34fd941316c524c15 Reviewed-on: https://pdfium-review.googlesource.com/5530 Reviewed-by: Nicolás Peña <npm@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-05-16Simplify ContrastAdjust().chromium/3102Lei Zhang
Add a few constants in the process. Change-Id: Id69b939e4ea6a3de879e0a1f29d1453e95c838db Reviewed-on: https://pdfium-review.googlesource.com/5552 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-05-15Remove gamma codeDan Sinclair
The gamma value is always 2.2, which means the table entries all point to themselves. Remove the usage of the gamma table. Change-Id: Idbb06015e8acd9f106f4bd1da5ef06563fb26296 Reviewed-on: https://pdfium-review.googlesource.com/5352 Reviewed-by: Lei Zhang <thestig@chromium.org> Reviewed-by: Nicolás Peña <npm@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-05-15Remove unused flags from CPDF_CreatorNicolas Pena
The only user of CPDF_Creator is FPDF_Doc_Save, and it only uses flags 1 or 2 when calling Create. Thus, the other two flags will never be set. Change-Id: Ib2eb0ce5585469c7749f0ab350855f1c6a2bba08 Reviewed-on: https://pdfium-review.googlesource.com/5491 Reviewed-by: Lei Zhang <thestig@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: Nicolás Peña <npm@chromium.org>
2017-05-15Libtiff: upstream fix for heap buffer overflowNicolas Pena
Upstream patch: https://github.com/vadz/libtiff/commit/5a4eceed8d2f28d05f49add9ce647684d59d461a Bug: chromium:722071 Change-Id: Idef412edbeb3255375ab18c68721dbaf7c601119 Reviewed-on: https://pdfium-review.googlesource.com/5511 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-05-15Check correctness of PDF Skia argsNicolas Pena
Users get confused when they set both Skia args to true and their code does not compile. This CL adds a check for this when generating gn args. Bug: pdfium:722 Change-Id: I0fb6f6a3fa64b094b674c602f38c736ee7b7fd65 Reviewed-on: https://pdfium-review.googlesource.com/5510 Commit-Queue: Nicolás Peña <npm@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Cary Clark <caryclark@google.com> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-05-15Gif: error out on invalid code sizeschromium/3101Nicolas Pena
From the Gif spec: 'The output codes are of variable length, starting at <code size>+1 bits per code, up to 12 bits per code. This defines a maximum code value of 4095 (0xFFF).' 'Because the LZW compression used for GIF creates a series of variable length codes, of between 3 and 12 bits each' Bug: chromium:722115 Change-Id: Ic9cff99e6012195a6b5173693b029dc710285688 Reviewed-on: https://pdfium-review.googlesource.com/5490 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-05-15Convert CPSOutput to an IFX_WriteStreamdan sinclair
This Cl updates CPSOutput to inherit from IFX_WriteStream and converts the CFX_PSRenderer to accept an IFX_WriteStream instead of a CPSOutput. Change-Id: Ibde5c7da1c2f6df0a10cb6e9a470e18fbab167b8 Reviewed-on: https://pdfium-review.googlesource.com/5431 Reviewed-by: Nicolás Peña <npm@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-05-15Add a WriteString method to IFX_WriteStreamdan sinclair
This Cl allows passing a CFX_ByteStringC to IFX_WriteStream along with the buffer method. This makes it easier to pass C-style strings to the stream. Change-Id: I1051eb3ba17c7fbd42984c14dc60cbce24d72f3f Reviewed-on: https://pdfium-review.googlesource.com/5430 Reviewed-by: Nicolás Peña <npm@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-05-15Smells like a leak in PWL_ComboBox.cppTom Sepez
Change-Id: I519d79b2b22d2b947c546c6285195b8ca52f4993 Reviewed-on: https://pdfium-review.googlesource.com/5471 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-05-15Return unique_ptr from xfa lexer Scan() methodTom Sepez
Change-Id: I7586194b59d2c8e28fc24b698ea93f4a2ab636e2 Reviewed-on: https://pdfium-review.googlesource.com/5474 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-05-12Rename ErrorData and fix potential leakchromium/3100chromium/3099Nicolas Pena
This CL fixes a leak that can be caused by a longjmp in ErrorData. The method is renamed to express the fact that it includes such, and a followup should remove the jmps altogether. Bug: chromium:721488 Change-Id: Iefcc82a77a30ff77b7973b05611440a8d5bf275e Reviewed-on: https://pdfium-review.googlesource.com/5450 Commit-Queue: Nicolás Peña <npm@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-05-12Merge FXGIF_Context and CGifDecompressor into CGifContextchromium/3098Nicolas Pena
Change-Id: I60c9cbd83ff9e7a30a5a570a6ad1cf8f52360c07 Reviewed-on: https://pdfium-review.googlesource.com/5410 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: Nicolás Peña <npm@chromium.org>
2017-05-11Use clamp() in a couple more places.Lei Zhang
Change-Id: I9b7a1c101e3c73d0270f9216225e5a13d9937b97 Reviewed-on: https://pdfium-review.googlesource.com/5332 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: Lei Zhang <thestig@chromium.org>
2017-05-11Rename render device classesDan Sinclair
This Cl renames the CFX_RenderDevice subclasses to make their usage clearer. Change-Id: Ie820b57df9a3743ce8c6893fb483b398a1f1bdbe Reviewed-on: https://pdfium-review.googlesource.com/5390 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-05-11Remove unused GetPlatformSurface and GetDC methodsdan sinclair
The times we need the DC we call ::GetDC to retrieve it from the platform. These methods are unused. Change-Id: If83aa9b37ae2231d8029db6f2e6d8d17f1825611 Reviewed-on: https://pdfium-review.googlesource.com/5350 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-05-11Add missing CheckUnsupportedErrorDan Sinclair
The FPDF_LoadDocument call was missing the CheckUnSupportedError so, if the document contained unsuppoted information the user would not be notified. This brings the method in line with the other loading methods. Change-Id: I308b25335a228eb02c51562f9caf91cda9193b73 Reviewed-on: https://pdfium-review.googlesource.com/5336 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-05-11Do not use vector data() when it is emptyNicolas Pena
Before, all pointers were being initialized to 0. After raw pointers were changed to vectors, data() was used in some cases, but now no longer returns nullptr when it is supposed to. This CL fixes that. Bug: chromium:721417 Change-Id: Ia31b75b18dc17d7eed48538145fe5d0d59668843 Reviewed-on: https://pdfium-review.googlesource.com/5353 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: Nicolás Peña <npm@chromium.org>
2017-05-11Move map and codec loading into managerDan Sinclair
This Cl consolidates the code to load maps and codecs into the CPDF_ModuleMgr class instead of putting it directly into fpdfview. Change-Id: Ia08f212f43a33e51ab1c7832051ee4f28eecb50d Reviewed-on: https://pdfium-review.googlesource.com/5335 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-05-11Fixup Initialize spellingchromium/3097Dan Sinclair
Change-Id: Ibd8d70264d79afc0baabaa5093aceb21ee777196 Reviewed-on: https://pdfium-review.googlesource.com/5334 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-05-11Stop rendering if a span length overflowed in AGGNicolas Pena
In AGG, len is of type coord_type, which we have as int16_t, but we can add to it large values, causing it to become negative. Stop the rendering when that occurs. Bug: chromium:719258 Change-Id: Ic7497666b01220a9cd3e7d749f1fc6ae4a210870 Reviewed-on: https://pdfium-review.googlesource.com/5370 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: Nicolás Peña <npm@chromium.org>
2017-05-11LibOpenJPEG: undefined shift in opj_t1_dec_clnpassNicolas Pena
bpno_plus_one is used as a parameter bpno for a bunch of methods that calculate 1 << bpno. Thus, use a reduced value when it's large enough to cause undefined shift. bpno_plus_one itself remains unchanged so that the number of calls remains the same Bug: chromium:698526 Change-Id: I40431d41a04f3e2315bd3c80114cd0fcbd2815b4 Reviewed-on: https://pdfium-review.googlesource.com/5310 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: Nicolás Peña <npm@chromium.org>
2017-05-11Limit XFA FormCalc program translation size.Lei Zhang
BUG=chromium:665087,chromium:718492 Change-Id: I09e93b4167ab2c0b3b53641243aa0cbeb5b98c4f Reviewed-on: https://pdfium-review.googlesource.com/3114 Commit-Queue: Lei Zhang <thestig@chromium.org> Reviewed-by: Nicolás Peña <npm@chromium.org>
2017-05-10Split DCT decoder creation from CPDF_DIBSource::CreateDecoder().Lei Zhang
Change-Id: Ia0ea49f0460fcb8e55542f237d321bb9207aa8e1 Reviewed-on: https://pdfium-review.googlesource.com/5250 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: Lei Zhang <thestig@chromium.org>
2017-05-10Replace operator bool with HasRef() in classes with a CFX_SharedCopyOnWrite ↵Lei Zhang
member. Change-Id: I51e30d298e87b9ae0d5aca83b2f1d6787efce70a Reviewed-on: https://pdfium-review.googlesource.com/5290 Commit-Queue: Lei Zhang <thestig@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org> Reviewed-by: Nicolás Peña <npm@chromium.org>
2017-05-10Check CXFA_FM2JSContext::Translate() return value.Lei Zhang
Remove not useful error parameter. Change-Id: I6f49a51a47c9d7f45e75a585679e15f0414aac26 Reviewed-on: https://pdfium-review.googlesource.com/5254 Commit-Queue: Lei Zhang <thestig@chromium.org> Reviewed-by: Nicolás Peña <npm@chromium.org>
2017-05-10Store the offset in the archive bufferDan Sinclair
This Cl moves the implementation of the archive buffer behind an IFX_ArchiveStream interface. The buffer holds the current offset and the offset parameter is removed from the CPDF_Creator and various other methods. Change-Id: Ia54e803b58bbfb6ef03fec4a940d2c056d541356 Reviewed-on: https://pdfium-review.googlesource.com/5255 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-05-10Cleaning up Edit codeDan Sinclair
This Cl conslidates if statements, converts int returns to bools where possible and various other cleanups in fpdfapi/edit. Change-Id: Ia31ecc69843117eb5ebfff449a6046a267d08e89 Reviewed-on: https://pdfium-review.googlesource.com/5190 Reviewed-by: Nicolás Peña <npm@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-05-10Cleanup CGifDecompressor part 2Nicolas Pena
Change-Id: I9754da8d1bf54b328761ac9d83fcc4a3518b4a73 Reviewed-on: https://pdfium-review.googlesource.com/5230 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: Nicolás Peña <npm@chromium.org>
2017-05-10Fix FPDFImageObj_LoadJpegFile(Inline) to allow NULL to be passed in for ↵chromium/3096Andrew Weintraub
pages, as the documentation explicitly allows this. Bug:pdfium:710 Change-Id: I0535b45c16ae7a53609da3b09ff7d427c52567b5 Reviewed-on: https://pdfium-review.googlesource.com/5270 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-05-10Simplify CPDF_ImageRenderer::StartRenderDIBSource().Lei Zhang
Change-Id: Ia0a78be3320c5d6c3d0c40d4199cae1473e0e8dc Reviewed-on: https://pdfium-review.googlesource.com/5253 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-05-10Use FXSYS_IntToTwoHexChars() in more places.Lei Zhang
Change-Id: I84cd8e91a296119ecf80b7a092b886f291bebb45 Reviewed-on: https://pdfium-review.googlesource.com/4953 Reviewed-by: Tom Sepez <tsepez@chromium.org> Reviewed-by: Nicolás Peña <npm@chromium.org> Commit-Queue: Lei Zhang <thestig@chromium.org>
2017-05-10Fix typos for the word start.Lei Zhang
Change-Id: Ic602126dc5407fcbb56dca5ec43e1824a5ca55b6 Reviewed-on: https://pdfium-review.googlesource.com/5251 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: Lei Zhang <thestig@chromium.org>
2017-05-09Create common CXML_Object base class for CXML_Content and CXML_Element.Tom Sepez
They should each know what they are rather than having an external ChildRecord struct to track the type. Change-Id: Ic647ba45569764073e944d30af1a96dccdc29eb3 Reviewed-on: https://pdfium-review.googlesource.com/5210 Reviewed-by: Lei Zhang <thestig@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org>
2017-05-09Remove FPDFPageObj_NewImgeObj().Lei Zhang
Callers should use FPDFPageObj_NewImageObj() instead. Change-Id: If9f262af771344799a372645e466d3b8e64482ed Reviewed-on: https://pdfium-review.googlesource.com/5153 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: Lei Zhang <thestig@chromium.org>
2017-05-09LibOpenJPEG: restrict l_img_comp->prec to avoid undefined shiftNicolas Pena
The 38 value seems arbitrary, and the prec is used in OPJ_INT32 with 1 << (prec - 1). So limit it to be at most 31, and avoid undefined shifts. Bug: chromium:698498 Change-Id: I840f2e65231ac7847ed26bcaea36471a53be49e8 Reviewed-on: https://pdfium-review.googlesource.com/5173 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: Nicolás Peña <npm@chromium.org>
2017-05-09Edit code cleanupDan Sinclair
Minor cleans in the fpdfapi/edit code. Change-Id: I7bb2f4add7c6e84f072501035b1f77c218174cca Reviewed-on: https://pdfium-review.googlesource.com/5152 Reviewed-by: Nicolás Peña <npm@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-05-09Cleanup of CGifDecompressor part 1Nicolas Pena
This CL changes the tag_gif_decompress_struct into CGifDecompressor. It cleans up a bunch of unnecessary function pointers and starts cleaning up the members of the new class. Change-Id: Id49cd8f5377dc8daaa15118551dadad4ddde7931 Reviewed-on: https://pdfium-review.googlesource.com/5170 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: Nicolás Peña <npm@chromium.org>
2017-05-09Move FPDF_FILEWRITE adapter to own fileDan Sinclair
This Cl moves the adapater out of the fpdfsave.cpp file into its own h/cpp files. The adapter was renamed for clarity. The CPDF_Creator was modified to take the adapter as a constructor param and the Create methods consolidated. Change-Id: Icb104f195ef532dda053c859aae356a8d4a7a54c Reviewed-on: https://pdfium-review.googlesource.com/5151 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-05-09Rename fpdf_edit_create.cpp to cpdf_creator.cppDan Sinclair
This Cl renames the fpdf_edit_create file to better match the cpdf_creator content. The CPDF_ObjectStream and CPDF_XRefStream code is moved out to their own .cpp files. Needed anonymous classes are split out as well. Change-Id: Ic83fb319ce28c816db82a4286e22032dc68811bc Reviewed-on: https://pdfium-review.googlesource.com/5171 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org> Reviewed-by: Nicolás Peña <npm@chromium.org>
2017-05-09Use CXFA_TextUserData in place of CFX_Retainable where possible.Tom Sepez
Layering prevents the (newly-moved) CFX_Char from knowing about this class, so some casting is still required. Change-Id: I5b7556fdfa80d09e5116b171b01ab5e707763bf0 Reviewed-on: https://pdfium-review.googlesource.com/5172 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-05-09No-effect cast in cxfa_layoutitem.cppTom Sepez
Change-Id: I5bc24fb56adfa2ef9b46edd7409e6086093ccf8a Reviewed-on: https://pdfium-review.googlesource.com/5150 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-05-09Remove downcast in cxfa_layoutpagemgr.cppTom Sepez
The cast is too strict for all of the objects to be processed, however all of the fields in use are present in a parent class to which these objects all belong. Bug: 718498 Change-Id: Ibe1d800c73215c36550e54bf18de90cc9d295ef9 Reviewed-on: https://pdfium-review.googlesource.com/5130 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-05-09Remove editint.h and create individual headerschromium/3095Dan Sinclair
This Cl creates a cpdf_objectstream and cpdf_xrefstream headers from the editint header. Change-Id: I857981fa055ee9296cbd344860e55c67acf200ce Reviewed-on: https://pdfium-review.googlesource.com/5113 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org> Reviewed-by: Nicolás Peña <npm@chromium.org>
2017-05-09Remove CPDF_Creator friendsDan Sinclair
This CL removes the friend declarations from CPDF_Creator and adds accessor methods instead. Change-Id: I6d8f67b5944aed34af00ff6ea9d23fe7d17cec18 Reviewed-on: https://pdfium-review.googlesource.com/5112 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>