summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2017-01-19Return error in opj_j2k_read_header_procedure if l_marker_size < 2Nicolas Pena
If we do not do this check, it will overflow to a huge unsigned int, so we will allocate a lot of memory etc. BUG=682182 Change-Id: I24b6654860c43e5d4deea753868b9d842f859cff Reviewed-on: https://pdfium-review.googlesource.com/2272 Reviewed-by: dsinclair <dsinclair@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: Nicolás Peña <npm@chromium.org>
2017-01-19Split fde/css files into individual class files.Dan Sinclair
This CL splits the files in xfa/fde/css into class per file and renames any needed files to match the class names. Update some of the classes to use std::stack. Change-Id: I4eca0fb3556d949a15a873bb0f0fd732f47e4fb1 Reviewed-on: https://pdfium-review.googlesource.com/2253 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org> Reviewed-by: Nicolás Peña <npm@chromium.org>
2017-01-19use unique_ptr in fpdf_font_cid.cpptsepez
Also return CFX_MaybeOwned<> from functions so to make cleanup automatic, avoiding a theoretical leak. Review-Url: https://codereview.chromium.org/2641853004
2017-01-18Tidy FXJS_V8, backfill tests.chromium/2986tsepez
Move checks performed as part of JS_Value's object and array handling back into FXJS, to ease removal of JS_Value in the future. Remove some convenience routines in FXJS for objects, to shrink API to be covered during testing. Change some naming (number => double, string => widestring) to make it clearer when there is a C++ type involved. BUG= Review-Url: https://codereview.chromium.org/2637503002
2017-01-18use unique_ptr in xfa_checksum.htsepez
Review-Url: https://codereview.chromium.org/2613143002
2017-01-18Bad indexing in CPDF_Document::FindPageIndex when page tree corrupt.tsepez
Moving to std::vector from the more forgiving CFX_ArrayTemplate revealed the dubious page tree traversal, which depends on the correctness of the /Count entries to properly summarize the total descendants under a given node. The only "correct" thing to do is to throw away these counts as parsed, and re-compute them, perhaps in CountPages(). But I'm not willing to do that since it may break unknown documents in the wild. Pass out-params as pointers while we're at it. BUG=680376 Review-Url: https://codereview.chromium.org/2636403003
2017-01-18Split CFDE_CSSPrimitiveValue apartDan Sinclair
This CL splits the CFDE_CSSPrimitiveValue class into individual classes per value type. This moves the numeric itypes out of the FDE_CSSPrimitiveType list and creates a new CFDE_CSSNumberType list. Change-Id: I6f55e9e3509de7ff1e82dcf018a1f1c472565e54 Reviewed-on: https://pdfium-review.googlesource.com/2250 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-01-18Convert CSS mode stack to std::stackDan Sinclair
This CL converts the css syntax parser to use a std::stack instead of a custom CFX stack. Change-Id: I650c8340693d3608b9264bbf887f1d14847cb68f Reviewed-on: https://pdfium-review.googlesource.com/2218 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org> Reviewed-by: Nicolás Peña <npm@chromium.org>
2017-01-18Remove unused syntax parser initialize method.Dan Sinclair
This Cl removes the stream initializer from the FDE CSS parser. The only consumer was the css fuzzer. The fuzzer has been moved to use the string initializer to match the rest of the code. Change-Id: I65445af1159058b7c71d5e1d7c12e60383da6dbd Reviewed-on: https://pdfium-review.googlesource.com/2217 Reviewed-by: Tom Sepez <tsepez@chromium.org> Reviewed-by: Nicolás Peña <npm@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-01-18Remove unused codePage and URL code.Dan Sinclair
These methods are never called, removed. Change-Id: I47930c209229c9e50effc433579809b882cd2dc9 Reviewed-on: https://pdfium-review.googlesource.com/2215 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Nicolás Peña <npm@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-01-18Remove GetDeclImp methods in favour of GetDeclarationDan Sinclair
Change-Id: I245d755814123f351a661bda1f38eaa96d4e68ae Reviewed-on: https://pdfium-review.googlesource.com/2214 Reviewed-by: Nicolás Peña <npm@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-01-17Stop using Encoding array to get unicode from charcode in Type 3 fontschromium/2985npm
We should not fill out the m_Encoding for Type3 fonts. This way, we stop getting garbage characters from text extraction. Guessing that unicode == charcode (in the absence of ToUnicode) is our best bet. BUG=pdfium:642 Review-Url: https://codereview.chromium.org/2643543002
2017-01-17More css parser tests; more memory fixes.Dan Sinclair
Change-Id: I929b00204e05eea71c6fd4d52e480cc9c6d6018e Reviewed-on: https://pdfium-review.googlesource.com/2230 Reviewed-by: Nicolás Peña <npm@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-01-17Start CSS parser unit testsDan Sinclair
Start adding unit tests for the css parser. Fixup memory leaks that are exposed by the tests. Change-Id: Id863d9cd5f13ab82626bc7b945de925253c88d43 Reviewed-on: https://pdfium-review.googlesource.com/2180 Reviewed-by: Nicolás Peña <npm@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-01-17Add optional coverage flags to buildDan Sinclair
This CL allows generating coverage information for the source files. By adding use_coverage=true to the GN build settings clang will generate .gcno files for each source file and executing the binary will generate a .gcda file for each source file. Those files can then be processed by llvm-cov to generate .gcov reports for each source file. i.e. (assuming use_coverage=true is set for out/coverage) * ninja -C out/coverage pdfium_unittests * cd out/coverage * find obj -name "*.o" -exec llvm-cov -af -stats {} > d.out \; There should now be .gcov files for each source file in the out/coverage directory. Note, llvm-gcov may have a different name or syntax on your machine. Change-Id: I7379579f5f20a5b8b2f3a3b409b868bba4b4d74d Reviewed-on: https://pdfium-review.googlesource.com/2216 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-01-17Avoid endless loop deleting CFGAS_GEFont.tsepez
It's a ref-counted class, so if we're in the destructor, the ref count has hit zero. We can't make a new ref pointer to itself here, as it will re-invoke the destructor when it goes out of scope. This should have been an obvious anti-pattern in hindsight. The object in question can't be in the m_pFontManager, since the font manager retains a reference, and we wouldn't get to this destructor while that is present. So the cleanup isn't required. Fixing this revealed a free-delete mismatch in cxfa_textlayout.cpp. I also converted to use unique_ptrs in a few places near this issue. Fixing this revealed a UAF in CFGAS_GEFont, memcpy'ing a RetainPtr is not a good idea as it doesn't bump the ref count. Also protect and friend the CFGAS_GEFont destructor, to make sure random deletes don't happen. Also kill off a const cast, and remove unnecessary conversion to retain_ptr when we already have one. TEST=look for absence of -11 in XFA corpus test logs, bots not currently noticing the segv. Argh. Review-Url: https://codereview.chromium.org/2631703003
2017-01-17Rename FDE_CSSRECT and FDE_CSSLENGTHDan Sinclair
This Cl converts the names to FDE_CSSRect and FDE_CSSLength to better match other parts of the code base. Change-Id: I33367ae3d93d912755671486d6d5317cddbc4f62 Reviewed-on: https://pdfium-review.googlesource.com/2179 Commit-Queue: dsinclair <dsinclair@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-01-16Return early when gif_img_row_bytes is 0chromium/2984Nicolas Pena
We can get into a loop when gif_img_row_bytes is 0 since Decode will return 3 when the second parameter is 0, and there is a while(ret!=0). BUG=681170 Change-Id: I63502a8487c07030fce2373f74cec6b4f0c98297 Reviewed-on: https://pdfium-review.googlesource.com/2211 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-01-16Check blue,green,red bit count in bmp_decode_rgbNicolas Pena
If the values are going to overflow, return error code, which seems to be 2. BUG=668822 Change-Id: I89b3fcf277e98d65b8c3438e6d9bb84fe62a8de9 Reviewed-on: https://pdfium-review.googlesource.com/2213 Commit-Queue: Nicolás Peña <npm@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-01-16Replace remaining CSS interfaces with concrete classesDan Sinclair
This Cl moves IFDE_CSSValue and IFDE_CSSRule to concrete classes and moves the holding of the type into the base class. Change-Id: Iea29cc55256dd2183b60ca8711367d5dc8daaa24 Reviewed-on: https://pdfium-review.googlesource.com/2178 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-01-16Remove IFDE_CSS interfaces which are only implemented once.Dan Sinclair
This CL cleans up some interface classes from FDE CSS. Change-Id: I975e5d63f8ae6a0bc7bb849b6f11f0ae43092e4d Reviewed-on: https://pdfium-review.googlesource.com/2177 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-01-16Return error when bits_left is too bigNicolas Pena
BUG=680062 Change-Id: I9e2fd960915cd1de5e0cc15aeabf9ccf27e5a795 Reviewed-on: https://pdfium-review.googlesource.com/2212 Commit-Queue: Nicolás Peña <npm@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-01-16Add default substitution for narrow fontsNicolas Pena
BUG=669893 Change-Id: I0977c031d5b272ce5182da6b3020ac092e30aef4 Reviewed-on: https://pdfium-review.googlesource.com/2210 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org> Commit-Queue: Nicolás Peña <npm@chromium.org>
2017-01-16Use FX_Alloc() properly in fxcodec.tsepez
It already has a sizeof() and a cast built into the macro, so we don't need to do sizeof() and cast on each usage. Review-Url: https://codereview.chromium.org/2625133009
2017-01-13Ensures that the gold output directory existschromium/2983chromium/2982chromium/2981stephana
This will land after this CL https://chromium-review.googlesource.com/c/424575/ as a way of making sure it works as intended. TBR=borenet BUG=skia:5973 Review-Url: https://codereview.chromium.org/2629943002
2017-01-12Remove used items from the CSS code.chromium/2980Dan Sinclair
This Cl cleans up the property and property value definitions which are never used in the FDE CSS parser code. A few other unused methods are also removed. Change-Id: Ib5a316d9c877d87f1d5e0003de4d85d59eab087a Reviewed-on: https://pdfium-review.googlesource.com/2175 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-01-12Don't put timers with ID == 0 into the global timer map.tsepez
A return of ID == 0 from the embedder means the timer was not created (see public/fpdf_formfill.h), although few embedders actually conform to this convention. Firing a timer with ID == 0 will thus do nothing since there can't be such a timer in the map. BUG=679649 Review-Url: https://codereview.chromium.org/2626863003
2017-01-12Custom toString() methods may delete annots.tsepez
In this case, we observe the destruction of the object, but have unfortunately saved a pointer to it in a local variable. BUG=679643 Review-Url: https://codereview.chromium.org/2628233002
2017-01-12Fix leak in OJPEGReadHeaderInfoSecTablesAcTable when read fails.Nicolas Pena
If rb is allocated memory but p != q, then it will not be assigned to sp->actable[m], so it will leak. BUG=680520 Change-Id: Ib0b178b043b2a9821fb289d033ca0ab52e4cbe48 Reviewed-on: https://pdfium-review.googlesource.com/2176 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: Nicolás Peña <npm@chromium.org>
2017-01-12Add postscript pathrbpotter
This patch adds the additional functions required to make postscript printing functional. The most significant additions are are two added compression functions and a new API for setting the postscript level. Not currently called from Chromium, Chromium patch to come. BUG= Review-Url: https://codereview.chromium.org/2612243005
2017-01-12Prevent undefined shift in putagreytileNicolas Pena
Patch has been accepted upstream, see: http://bugzilla.maptools.org/show_bug.cgi?id=2658 BUG=655008 Change-Id: I7ef69e6f71e66bd7e0a4d334c4f8e60ed02213d2 Reviewed-on: https://pdfium-review.googlesource.com/2174 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: Nicolás Peña <npm@chromium.org>
2017-01-12Remove unused CJS_Object::ExitInstance() methodtsepez
All the work happens in the virtual dtors like it should. Review-Url: https://codereview.chromium.org/2628843003
2017-01-12Disable CQ bot retriesDan Sinclair
PDFium doesn't have any flaky tests, so re-running the tests on failure just cause the failure to happen again. The only time re-run is useful is if the bot goes away which is fairly exceptional. Change-Id: Id7b615cf91b502fdfdc2882fc85df0cdcaa512a1 Reviewed-on: https://pdfium-review.googlesource.com/2173 Reviewed-by: Nicolás Peña <npm@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-01-11Use observed pointers in CPDFSDK_AnnotIterator.chromium/2979tsepez
Rename to CPDFSDK_AnnotIteration, as it is now an ordered set of annots, and not the iterator itself. Review-Url: https://codereview.chromium.org/2626073005
2017-01-11Make tiff_read return actual length readNicolas Pena
The return value is used to determine whether TIFFReadFile fails. If we return just the length, libtiff will try reading uninitilized values afterwards, on corrupted files. BUG=679230, 670928 Change-Id: I579adc9d8a00e8cafab45dbdb728f1cb702da051 Reviewed-on: https://pdfium-review.googlesource.com/2172 Commit-Queue: Nicolás Peña <npm@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-01-11Convert FDE CSS enums to enum classes.Dan Sinclair
This CL updates the possible FDE CSS enums to enum classes and fixes up any instances of incorrect values being used. A few other cleanups and changes were needed to complete the conversion. Change-Id: Ibcca5229a9ca8de1f4beb6462535f61705fd4f8c Reviewed-on: https://pdfium-review.googlesource.com/2170 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-01-11Really fix m_nb_mct_records calculation in opj_j2k_read_mctNicolas Pena
My previous attempt did not follow precisely the way m_nb_mcc_records is increased in opj_j2k_read_mcc. Previous: https://pdfium-review.googlesource.com/c/2165/ BUG=678461, 680102 Change-Id: I3e14c440e3a49b714f8cd82d44992fe647200336 Reviewed-on: https://pdfium-review.googlesource.com/2171 Commit-Queue: Nicolás Peña <npm@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-01-11Annotation deleted while retrieving it in JStsepez
Widgets as returned from GetWidgets() can pop out of existence unexpectedly, so always return observed pointers. This extends the same pattern used elsewhere in the file to all occurrences. BUG=679642 Review-Url: https://codereview.chromium.org/2624933002
2017-01-11Cleaning up memory allocation in CXFA_FM2JSContext - IVDan Sinclair
This CL removes the use of FX_Alloc and any remaining new'd CFXJSE_Value objects from CXFA_FM2JSContext and replaces them with unique_ptrs and vectors. Change-Id: I30ba697d65ee326d2faa895c3217bdc407419298 Reviewed-on: https://pdfium-review.googlesource.com/2157 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-01-11Pass expose-gc flag to pdfium test programs.tsepez
I also made the call to set the flags occur before the Initialize() call, as this appears to be the pattern elsewhere in our codebase. Review-Url: https://codereview.chromium.org/2627563003
2017-01-10Fix m_nb_mct_records calculation in opj_j2k_read_mctNicolas Pena
Now we update m_nb_mct_records only when there was a new mct record, and l_mct_data computations all went through. In previous version, the ++l_tcp->m_nb_mcc_records was in the end, without the if. Notice that this is similar to the analoguous in opj_j2k_read_mcc. CL that changed the calculation: https://github.com/uclouvain/openjpeg/commit/7a8cdc4bb071494fccf4714413191a52eb924b60 BUG=678461 Change-Id: I9a9e7eb03d1da085f8eb15a221a6bc0a91736662 Reviewed-on: https://pdfium-review.googlesource.com/2165 Commit-Queue: Nicolás Peña <npm@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-01-10Strip out custom allocator codeDan Sinclair
This Cl replaces the custom IFX_MemoryAllocator code with new/delete as needed. Change-Id: Ie786f607c9e0b3035ffd87733bc3e29a4b6426d9 Reviewed-on: https://pdfium-review.googlesource.com/2164 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-01-10Split xfa_textlayout apart.Dan Sinclair
This CL splits the xfa_texlayout.{cpp|h} files into individual class files. Minor reformatting was done in the new clasess. Change-Id: Id79ffcb8dca3fcf287a2e6dec78fd2b1f990a542 Reviewed-on: https://pdfium-review.googlesource.com/2162 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-01-10Remove custom allocator from CFDE_TxtEdtBuf.Dan Sinclair
This CL removes the custom allocator from CFDE_TxtEdtBuf and uses std::vector<std::unique_ptr>> instead. The Iterator code has been made an inner class of the buffer and rename to CFDE_TxtEdtBuf::Iterator instead of CFDE_TxtEdtBufIter. Change-Id: Ied8e844dea700e0ef37087f0d3fad4882d9eada1 Reviewed-on: https://pdfium-review.googlesource.com/2159 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-01-10Remove CFX_ArrayTemplate in cfx_psrender.tsepez
Use unique_ptr while we're at it. Review-Url: https://codereview.chromium.org/2618373003
2017-01-10Restrict code size in CGifLZWDecoderchromium/2978Nicolas Pena
The code_size variable is the number of bits. We should make sure that the size is at most 31 to avoid having undefined shifts etc. BUG=620661 Change-Id: Ia533386d01de93a55048cfd63d63989b2731a210 Reviewed-on: https://pdfium-review.googlesource.com/2161 Reviewed-by: dsinclair <dsinclair@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: Nicolás Peña <npm@chromium.org>
2017-01-10Remove some CFX_ArrayTemplate in fpdfapi and fpdfdoctsepez
Also use unique_ptr in one spot while we're at it. Review-Url: https://codereview.chromium.org/2625483002
2017-01-10Remove more _LP* typedefs.tsepez
Code is much clearer when we use the actual types rather than this convention. Review-Url: https://codereview.chromium.org/2618993002
2017-01-09Add CFDE_TxtEdtBuf testschromium/2977dsinclair
This CL adds a set of unit tests for the text edit buffer. It fixes up a few bugs found adding the tests and removes the unused ::Optimize method. Review-Url: https://codereview.chromium.org/2614383003
2017-01-09Check validity of width and height in CCodec_TiffContext::LoadFrameInfoNicolas Pena
We are using pdfium::base::checked_cast to get the width and height, but we may overflow and abort. Therefore, we should instead early return if the obtained width and height are not valid int32_t's. BUG=655056 Change-Id: Ic0c6b88a16dc3d547fe82736bb14ed3122cd356a Reviewed-on: https://pdfium-review.googlesource.com/2160 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: Nicolás Peña <npm@chromium.org>