Age | Commit message (Collapse) | Author |
|
Review-Url: https://codereview.chromium.org/2409283002
|
|
Notice that this is just making it analoguous to how it works when the
font is positive: the b and d components are reversed. Currently, when
the font is negative, only the a component is reversed. The c one needs
to be reversed as well.
BUG=chromium:653941
Review-Url: https://codereview.chromium.org/2411833002
|
|
This CL converts the IJS_Context and implementations over to use
CPDFSDK_FormFillEnvironment instead of CPDFSDK_Document.
Review-Url: https://codereview.chromium.org/2399943002
|
|
This CL changes Field from using a CPDFSDK_Document to using a
CPDFSDK_FormFillEnvironment.
Review-Url: https://codereview.chromium.org/2400443005
|
|
This CL changes CPDFSDK_PageView to have a CPDFSDK_FormFillEnvironment instead
of a CPDFSDK_Document.
Review-Url: https://codereview.chromium.org/2400673002
|
|
This CL removes CPDFSDK_Document from CPDFSDK_InterForm and has it work with
a CPDFSDK_FormFillEnvironment.
Review-Url: https://codereview.chromium.org/2397723005
|
|
- Deleted useless flag FXFONT_SUBST_STANDARD
- Change kExternalFontIndex to something more meaningful
- Fetch symbolic fonts using UseInternalSubst too
Review-Url: https://codereview.chromium.org/2400773002
|
|
This is fixup of 958e57cb.
BUG=chromium:651849,chromium:654198
Review-Url: https://codereview.chromium.org/2407113002
|
|
Ditto with the other ToXXX functions to CPDF_xxx.h.
Shortly, we will want to introduce another variant:
inline std::unique_ptr<CPDF_String> ToString(
std::unique_ptr<CPDF_Object>);
This will require that CPDF_String be complete which is
not the case in the CPDF_Object.h header. Rather than
dragging all the other .h's into it, move these to the
subclass headers. That way, these will be together
when the new form is added.
Review-Url: https://codereview.chromium.org/2406033002
|
|
Split this off so that we don't keep losing this when
the assert is reverted again.
Review-Url: https://codereview.chromium.org/2401423005
|
|
Avoid an assert which previously could only be overcome
by removing/re-inserting.
Back-fill a unit test for the equivalent Array method.
BUG=654387
Review-Url: https://codereview.chromium.org/2403143002
|
|
This reverts commit b69a98cf50537130f88ce3a799117f2ca8353ac5.
Reason for revert: crashes on mac.
BUG=654387
TBR=thestig@chromium.org
Review-Url: https://codereview.chromium.org/2410483002
|
|
The patch (https://codereview.chromium.org/2284063002) for Issue 618267
was insufficient. The integer overflow still could be triggered and could
lead to heap buffer overflow.
This CL strengthens integer overflow check in function _TIFFCheckRealloc.
BUG=chromium:654169
R=ochang@chromium.org, tsepez@chromium.org, dsinclair@chromium.org
Review-Url: https://codereview.chromium.org/2405693002
|
|
The position indexes of color elements must be monotonic increasing.
Bail out if the decoded index is less or equal to the previous index.
BUG=pdfium:615
Review-Url: https://codereview.chromium.org/2398033002
|
|
BUG=chromium:653044
Review-Url: https://codereview.chromium.org/2397783002
|
|
Instead of relying on ' ' to determine whether the CFX_Bytestring
is added on one place or another, use another vector. When trying
to match fonts from the fontmapper, compare with both vectors.
BUG=pdfium:510
Review-Url: https://codereview.chromium.org/2395883002
|
|
Skia's interface to transfer modes is
not described by an enum instead
of a class.
R=reed@google.com, dsinclair@chromium.org
Review-Url: https://codereview.chromium.org/2394683004
|
|
The embeddertests were closing the document before the formfill environment.
This caused a use-after-free as we try to use the document during formfill
destruction.
This Cl fixes the destruction order in the embedder tests. As well, a few guards
are put in place to keep the system from crashing if the wrong destruction
order is called.
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/2398063002 .
|
|
Unused, remove.
Review-Url: https://codereview.chromium.org/2397513003
|
|
Rename CPDFSDK_Environment to make it explicit that this is part of the formfill
system.
Review-Url: https://codereview.chromium.org/2391313002
|
|
This CL updates CPDFXFA_Document so it never owns the CPDFSDK_Document. The
CPDFSDK_Document is now always owned by the CPDFXFA_Environment. This also
cleans up the strange need to reverse the order of document and form destruction
when using XFA.
Review-Url: https://codereview.chromium.org/2397473006
|
|
- Remove some unused stuff from pageint.h.
- Replace some FX_BOOL with bool in pageint.h, and related.
- Replace some "protected" with "private" in pageint.h.
- Move 2 methods into namespace in fpdf_page_parser_old.cpp.
Review-Url: https://codereview.chromium.org/2399573002
|
|
This reverts commit b73c99335bfbd158ad16dd59c9c52396ffd2b54b.
TBR=thestig@chromium.org
Review-Url: https://codereview.chromium.org/2393783004
|
|
This avoids a re-assignment that can otherwise cause a later fault.
BUG=pdfium:607
Review-Url: https://codereview.chromium.org/2393953002
|
|
This Cl cleans up the code regarding CPDFSDK_Annots in CPDFSDK_PageView.
This includes:
* Makes DeleteAnnot XFA only and wraps at the call site.
* Removes unused methods
* Replaces use of CountAnnots and GetAnnot with vector iteration
* Removes {Set|Kill}FocusAnnot from CPDFSDK_PageView
* Renames m_fxAnnotArray to m_SDKAnnotArray
Review-Url: https://codereview.chromium.org/2384323005
|
|
FX_BOOL can be replaced by bool. Also replaced in a couple other places
so that Winbots pass.
Review-Url: https://codereview.chromium.org/2395803002
|
|
For cmdStageAllocMatrix, InputChans is length of Matrix, OutputChans is
length of Offsets. The original code will allocate NewElem->Offset with
length Cols=InputChans (cmslut.c:417). This results in heap buffer
overflow later.
BUG=chromium:651849
Review-Url: https://codereview.chromium.org/2384063006
|
|
There's no way to take ownership back from the CPDF_Array
without deleting the object, so add a new primitive to make
elements become indirect rather than manipulating them
outside the class.
This should solve the ASSERT(objnum == 0) issue that
blocked the previous roll.
Review-Url: https://codereview.chromium.org/2391883003
|
|
Each of these files contains a single class, rename the file to match the
internal class name.
Review-Url: https://codereview.chromium.org/2385423004
|
|
Remove redundant DEPS files and DEPS file entries.
Review-Url: https://codereview.chromium.org/2390833003
|
|
Missed these again. Scripting fail.
BUG=pdfium:603
Review-Url: https://codereview.chromium.org/2393433003
|
|
- Added private method to avoid duplicated code.
- If the unicode calculation overflows, 0 is used instead of crashing.
Review-Url: https://codereview.chromium.org/2392103002
|
|
When fuzzing the image formats, its possible to get a read request which
would go negative. Handle the request and return FALSE for the read.
BUG=chromium:621836
Review-Url: https://codereview.chromium.org/2386343002
|
|
BUG=pdfium:603
Review-Url: https://codereview.chromium.org/2393593002
|
|
BUG=pdfium:603
Review-Url: https://codereview.chromium.org/2392603004
|
|
BUG=pdfium:603
Review-Url: https://codereview.chromium.org/2386423004
|
|
BUG=pdfium:603
Review-Url: https://codereview.chromium.org/2392773003
|
|
BUG=pdfium:603
Review-Url: https://codereview.chromium.org/2386263003
|
|
BUG=pdfium:603
Review-Url: https://codereview.chromium.org/2391013002
|
|
m_Map maps to unsigned integer, but m_MultiCharBuf.GetLength() returns
an integer. There will be integer overflow if the length is big, and
UBSAN will complain. Thus, using FX_SAFE_UINT32. Replacing with uint32
would work as well: the point is to consider the length as uint instead
of int.
BUG=chromium:652232
Review-Url: https://codereview.chromium.org/2393573002
|
|
Review-Url: https://codereview.chromium.org/2387333002
|
|
Update clip to use intersect verb
from canvas.
R=dsinclair@chromium.org
Review-Url: https://codereview.chromium.org/2384283002
|
|
id:120001 of https://codereview.chromium.org/2375343004/ )
Reason for revert:
Broke PDFExtensionTest when rolling DEPS in Chromium.
Original issue's description:
> Assert that only 0-numbered objects are Released()
>
> This condition holds because numbered objects are brute-force
> deleted by the indirect object holder, rather than being
> released.
>
> Be careful about recursive deletion, check before advancing,
> since we no longer count on Release() doing this for us.
> Fix a few tests where the test was violating ownership rules.
>
> This should be the last step before completely removing Release()
> in favor of direct delete everywhere.
>
> Committed: https://pdfium.googlesource.com/pdfium/+/aba528a362248a54b27a7e9e046e2b65ab83f624
TBR=tsepez@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
Review-Url: https://codereview.chromium.org/2387193003
|
|
The test file for fixing bug chromium:651304.
Review-Url: https://codereview.chromium.org/2392553004
|
|
This condition holds because numbered objects are brute-force
deleted by the indirect object holder, rather than being
released.
Be careful about recursive deletion, check before advancing,
since we no longer count on Release() doing this for us.
Fix a few tests where the test was violating ownership rules.
This should be the last step before completely removing Release()
in favor of direct delete everywhere.
Review-Url: https://codereview.chromium.org/2375343004
|
|
Review-Url: https://codereview.chromium.org/2386273004
|
|
Depending on what ReadOK does it's possible for |dircount16| to be used without
being initialized. The read code calls back into PDFium specific code which then
calls into the stream reading code.
Initialize the value to be sure it is set.
BUG=chromium:651632
Review-Url: https://codereview.chromium.org/2389993002
|
|
|Clear| is too easily mistaken for "clear this pointer only."
Review-Url: https://codereview.chromium.org/2385303002
|
|
This CL adds a |IsBeingDestroyed| flag into the CPDFSDK_PageView. We then
bail out of the pageview removal code early if the flag is set.
BUG=chromium:652103
Review-Url: https://codereview.chromium.org/2384243002
|
|
The original way of detecting loops was passing a level parameter
through various functions. This missed some cases which also lead
to load type3 font char, for example, FindFont() may call
CheckType3FontMetrics() which may eventually lead to LoadChar().
The new way is to store the char loading depth, and abort when the depth
exceeds the max.
BUG=chromium:651304
Review-Url: https://codereview.chromium.org/2384853002
|