summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2017-03-06Check size before writtingchromium/3033dan sinclair
Before writting to the stream buffer make sure that we won't walk off the end of the allocated size. In this specific case the dest_size of the buffer is 0, so we're basically just looping over to free the temp results. BUG=chromium:697847 Change-Id: I229eea96179692216cb2685facbb7d5379c501c7 Reviewed-on: https://pdfium-review.googlesource.com/2903 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-03-06Simplify RTFBreak AppendChar.Dan Sinclair
This Cl simplifies the AppendChar code by removing the array of callback methods and using a switch instead. Change-Id: I07475d3950395dea2189569d95bfba1be1f9ceb5 Reviewed-on: https://pdfium-review.googlesource.com/2918 Reviewed-by: Nicolás Peña <npm@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-03-06Adding tests for CFX_RTFBreakDan Sinclair
This CL starts adding tests to the CFX_RTFBreak class. In doing so, the code to append char has been simplified to make it clearer. Change-Id: I5a2c8c114b52e1efa0c41a18670c6542b733baae Reviewed-on: https://pdfium-review.googlesource.com/2900 Reviewed-by: Nicolás Peña <npm@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-03-03Add unit test for xfa node iteratorschromium/3032chromium/3031Tom Sepez
The code under test is too complicate to be refactored without first establishing tests. Change-Id: Id7dc87ec67c513220e64df9d82afb8bcd6acef21 Reviewed-on: https://pdfium-review.googlesource.com/2914 Reviewed-by: Nicolás Peña <npm@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org>
2017-03-03remove CFX_StackTemplate<CFDE_XMLNode*>chromium/3030Tom Sepez
Change-Id: I1112d18e0d18514227d363b3010eb8f90fb0ffe4 Reviewed-on: https://pdfium-review.googlesource.com/2910 Reviewed-by: Nicolás Peña <npm@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org>
2017-03-03Remove CXFA_NodeStackTom Sepez
Also replace CXFA_NodeSet with underlying type. Change-Id: Iba38ef67bab5d7b23a0bb2b8272a1effa1015c9c Reviewed-on: https://pdfium-review.googlesource.com/2905 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-03-03Remove CFX_StackTemplate<FDE_CANVASITEM>Tom Sepez
Change-Id: I2dbea7665b5fc2ca239ad2f75c91d4a1e0d522c7 Reviewed-on: https://pdfium-review.googlesource.com/2911 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-03-03Remove CFX_StackTemplate from fde_xml_imp.hTom Sepez
Change-Id: I61552fba2387533699e917918318b002a14bba6b Reviewed-on: https://pdfium-review.googlesource.com/2912 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-03-02Remove unused CFX_ObjectStackTemplateTom Sepez
Change-Id: I9341f38cbea8c325e0d50f26987bc9e55e295630 Reviewed-on: https://pdfium-review.googlesource.com/2904 Commit-Queue: Tom Sepez <tsepez@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-03-02Remove CFX_MassArrayTemplateTom Sepez
CFX_BaseMassArrayImp is still used under the covers; leave it for now. Change-Id: Iad8bec13243b92c36e9d13130b89fd61a7e63436 Reviewed-on: https://pdfium-review.googlesource.com/2902 Commit-Queue: Tom Sepez <tsepez@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-03-02Use std::deque for CFX_MassArrayTemplate<FDE_TEXTEDITPIECE>Tom Sepez
Change-Id: I1080eefb4e47d7bc86fb3384fd7479a1fd49b203 Reviewed-on: https://pdfium-review.googlesource.com/2898 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-03-02Use std::deque for CFX_MassArrayTemplate<FDE_TTOPIECE>Tom Sepez
Change-Id: Ib6ad46c0d79f51579a99869c5ff87cc9baf75c6e Reviewed-on: https://pdfium-review.googlesource.com/2897 Commit-Queue: Tom Sepez <tsepez@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-03-02Use std::deque for CFX_FontDescriptorsTom Sepez
Change-Id: Ic6edc7740513075c2a738cc8897460af17bb0103 Reviewed-on: https://pdfium-review.googlesource.com/2895 Commit-Queue: Tom Sepez <tsepez@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-03-02Remove CFX_MassArrayTemplate<CFX_Rect> backing array.Tom Sepez
The map is one-to-one, so no need for a pointer to an externally stored rect. Change-Id: I4cd6f728cdadeb4c7b25b6f34f5d50bb5db89623 Reviewed-on: https://pdfium-review.googlesource.com/2896 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-03-02Improve catching narrow fonts on LinuxNicolas Pena
Using the font name instead of the family name on Linux to increase the amount of fonts that get mapped to the default one. This is not done on the other OS because this is a hard-coding that should be avoided, and our bug PDF works fine on those OS. BUG=309664 Change-Id: I2d51f66d65dc042dd638c72c55a403ea78a90dfe Reviewed-on: https://pdfium-review.googlesource.com/2892 Commit-Queue: Nicolás Peña <npm@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-03-02Use std::deque for CFX_TPOArrayTom Sepez
They both encompass the same concept: a segmented array that can grow without copying. Change-Id: Ifc02207385b1bc106df41932c7b78ec2e9cc2146 Reviewed-on: https://pdfium-review.googlesource.com/2894 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-03-01Convert positioned tabs to std::vectorchromium/3028Dan Sinclair
This Cl changes from an CFX_ArrayTemplate to a std::vector and cleans up the supporting code. Change-Id: If07cb4fbd5fb9bcb078b5792a74ea62527cdd9a4 Reviewed-on: https://pdfium-review.googlesource.com/2884 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Nicolás Peña <npm@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-03-01Remove unused FX_AdjustCharDisplayPos type, always nullptr argsTom Sepez
Found while looking for c-style callbacks. Change-Id: If21ad273e23eb83c25297e9fc123c3a2228fed70 Reviewed-on: https://pdfium-review.googlesource.com/2893 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org>
2017-03-01Change CreateBreak to return a unique_ptrDan Sinclair
The value is always set into a unique_ptr, so return one and assign. Change-Id: Ieda649c8f86caf1344ca2ce342a141c3ab70aa0f Reviewed-on: https://pdfium-review.googlesource.com/2883 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Nicolás Peña <npm@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-03-01Return values instead of out paramsDan Sinclair
This Cl converts CFX_RTFPiece::GetString and CFX_RTFPiece::GetWidths to return CFX_WideString and std::vector<int32_t> respectively instead of taking pointers out parameters. Change-Id: Ie153caa0336861b3efa9b8ce26f75f0e019526e9 Reviewed-on: https://pdfium-review.googlesource.com/2882 Reviewed-by: Nicolás Peña <npm@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-03-01Create virtual codec APIs so chrome/fuzzers can link separatelyTom Sepez
The one step to make an actual concrete class is conditionalized in fpdfview and is unconditional in the fuzzer. Also replace the clumsy C-style callbacks with a delegate interface as long as we are making new interfaces. Change-Id: I733a437483ce5e0c34211cfbbda05105336f55b5 Reviewed-on: https://pdfium-review.googlesource.com/2887 Commit-Queue: Tom Sepez <tsepez@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-03-01Fix font manager negation issueDan Sinclair
In https://codereview.chromium.org/2559903002 we refactored the font manager in XFA but got part of the negation wrong. Fixup logic. Change-Id: Idd51ff846fe64a56908ec26bf2798c1df8433611 Reviewed-on: https://pdfium-review.googlesource.com/2891 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-03-01Fix infinite loops in CPDF_MeshStream.Lei Zhang
BUG=chromium:690501 Change-Id: I74b09d90a8082554a67f737eb6adc3bff82ed93e Reviewed-on: https://pdfium-review.googlesource.com/2889 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-03-01LibOpenJPEG upstream: check size in opj_j2k_read_sizNicolas Pena
This happens to fix the bug in question but I suspect they still do not have enough checks to prevent undefined shifts. Patch: https://github.com/uclouvain/openjpeg/pull/762/commits/5afb4d0546dd1b0a162b4e895cfdcfa4b32f1180 BUG=694042 Change-Id: I9466eb2b095f07233517ff5f1bcb0c2437be78ac Reviewed-on: https://pdfium-review.googlesource.com/2888 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-03-01More RTFBreak unused code and default paramsDan Sinclair
This Cl removes more unused methods from the RTFBreak code along with removing all default params. Change-Id: I31d2880acde590ca9239440239ac56f5bb370f56 Reviewed-on: https://pdfium-review.googlesource.com/2881 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Nicolás Peña <npm@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-03-01Fixup RTFBreak and TextBreak nitsDan Sinclair
Change-Id: Ied5d23e18e9194e66d8be8d1057f55d83faada88 Reviewed-on: https://pdfium-review.googlesource.com/2880 Reviewed-by: Nicolás Peña <npm@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-02-28Remove always true method paramschromium/3027Dan Sinclair
Cleanup a couple methods in RTFBreak and TextBreak which always recieve true as their parameter. Change-Id: I4704cdb6200b85e0a1a2990d16158ea58699a110 Reviewed-on: https://pdfium-review.googlesource.com/2879 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org> Reviewed-by: Nicolás Peña <npm@chromium.org>
2017-02-28Remove unused methods from RTFBreak and TextBreakDan Sinclair
This Cl removes unused methods from the RTFBreak and TextBreak classes. Change-Id: If1e7e041cfd32b3be1240ae759f73c503b9c4cad Reviewed-on: https://pdfium-review.googlesource.com/2878 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org> Reviewed-by: Nicolás Peña <npm@chromium.org>
2017-02-28Convert the FX_RTFBREAK defines to an enum classDan Sinclair
This Cl converts the type and updates the usage as required. Change-Id: I7c0f13aeabee1117086728333618504d3b65bb06 Reviewed-on: https://pdfium-review.googlesource.com/2876 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org> Reviewed-by: Nicolás Peña <npm@chromium.org>
2017-02-28Convert FX_RTFLINEALIGNMENT to an enum classDan Sinclair
This Cl removes unused items and converts the remaining members to an enum class. Change-Id: I86e95231275ab20f274a5913715c1579a6fbc5dc Reviewed-on: https://pdfium-review.googlesource.com/2875 Reviewed-by: Tom Sepez <tsepez@chromium.org> Reviewed-by: Nicolás Peña <npm@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-02-28Remove unused layout stylesDan Sinclair
This Cl removes the unused layout styles from RTF Break and the supporting code. Change-Id: I5f4ef593250be1c9b3ae32f1ae3d9ce6913abdcc Reviewed-on: https://pdfium-review.googlesource.com/2874 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-02-28Remove unused RTF Break PoliciesDan Sinclair
The break policy was always set to 0 so it would never match any of the polices. Removed and simplified the code. Change-Id: I260631a2210037ae75ca1a3a282a1fe4e7f8ef6f Reviewed-on: https://pdfium-review.googlesource.com/2873 Reviewed-by: Nicolás Peña <npm@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-02-28Enable XFA codecs by defaultDan Sinclair
This Cl enables the XFA codecs by default in order to get the fuzzers working again. Change-Id: Icea6df42b1b7bcee22618bd436502c518e69041f Reviewed-on: https://pdfium-review.googlesource.com/2877 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-02-28Avoid crash above CFWL_ListItem::GetText()Tom Sepez
The issue at hand is caused by a raw pointer rather than a retained pointer in InheritedData::m_pFontFamily. But the larger issue is that it's bad to Get() raw pointers from these, especially when its so cheap to pass them by const reference. One reason to Get() a raw pointer is to aid in down-casts, so add a helper to CFX_RetainPtr to give us downcasted retained pointers. BUG=pdfium:665 Change-Id: Ic8624af09664ff603de2e1fda8dbde0cf889f80d Reviewed-on: https://pdfium-review.googlesource.com/2871 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-02-28Roll clang to 9913fb19.Lei Zhang
AKA roll clang 287685:295762. Change-Id: Ie74172a1986908eeca2f913f7c4500cc51095e1b Reviewed-on: https://pdfium-review.googlesource.com/2870 Commit-Queue: Lei Zhang <thestig@chromium.org> Reviewed-by: Nico Weber <thakis@chromium.org>
2017-02-28Remove unused IconElement::IconStream.Lei Zhang
Follow up to https://pdfium-review.googlesource.com/c/2829/ Change-Id: Ic743a5931f743c3e0e3f24246dca768cec09be4f Reviewed-on: https://pdfium-review.googlesource.com/2843 Commit-Queue: Lei Zhang <thestig@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-02-28Clean up CXML_Element.chromium/3026Lei Zhang
- Set more members in the ctor - Remove dead code - Use more unique_ptrs Change-Id: Idfe85d07c784a57862f9314bc85f407f817b8f2f Reviewed-on: https://pdfium-review.googlesource.com/2844 Commit-Queue: Lei Zhang <thestig@chromium.org> Reviewed-by: Nicolás Peña <npm@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-02-27Spacing nit in libtiff patchNicolas Pena
Original patch: https://pdfium-review.googlesource.com/c/2830/ Procedure: revert original patch, cherry-pick it, fix spacing, use git diff to obtain the new patch file (index changed). Change-Id: I1b5d2fd3cc17780c9428417fb1cd1e6b9a05f1fc Reviewed-on: https://pdfium-review.googlesource.com/2848 Reviewed-by: Lei Zhang <thestig@chromium.org> Commit-Queue: Nicolás Peña <npm@chromium.org>
2017-02-27LCMS upstream patch to fix integer overflowsNicolas Pena
Patch: https://github.com/mm2/Little-CMS/commit/9f427d5ff544ab1be37f485ac13b2419a1610cc3 BUG=696430 Change-Id: I20b8b4aad565d6f6aaed8c66be7e9709eec2b5ce Reviewed-on: https://pdfium-review.googlesource.com/2849 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: Nicolás Peña <npm@chromium.org>
2017-02-27Add public API for creating a Type1 fontNicolas Pena
Given a stream of data, we create a type1 font and fill up the required dictionary entries according to PDF spec 1.7. Table 5.8 describes Type 1 font dictionaries, and Table 5.19 describes font descriptors. BUG=pdfium:667 Change-Id: I571b09fb533467d77ed0104e613726387aec1f87 Reviewed-on: https://pdfium-review.googlesource.com/2835 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: Nicolás Peña <npm@chromium.org>
2017-02-27Explicitly tag fxjs native objects.Tom Sepez
Native object callbacks have to distinguish whether the object they have been given is actually a native object and not some ordinary JS object. For method/property calls, this happens via v8's signature mechanism, but signature checks aren't applied to method arguments themselves. Currently, we do this by treating any object with an internal field count of 2 as being such, but this is fragile, and it has been pointed out that other objects with two internal fields are present. Additionally, that the first field points to a structure with a small zero-based object definition ID doesn't really have enough entropy to trust that it isn't some other entity. So add a pointer to an internal address in the second slot to make this safer. Note that we'll also get the same release_assert in the majority of cases as described in the bug. This is great from a security standpoint, but not great from a functional standpoint, except this likely only occurs in the wild if they are trying to mess with us. This just guards the theoretical cases that might pass the existing release_assert. BUG=695830 Change-Id: I42db27d6ed1143269a852805e4e4d862a8ab8773 Reviewed-on: https://pdfium-review.googlesource.com/2847 Commit-Queue: Tom Sepez <tsepez@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-02-27Fix nits from commit db764708.Lei Zhang
- Constify test data - ASSERT_EQ() buffer size - EXPECT_EQ() arguments are reversed - Fix typos in comments Change-Id: I846bfcc29bbf43d0a8b333250d1cce1aae5a8d59 Reviewed-on: https://pdfium-review.googlesource.com/2841 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: Lei Zhang <thestig@chromium.org>
2017-02-27Fix uninitialized memory read in CJS_Object::GetEmbedObject()Tom Sepez
The expected way to create native PDFium objects for JS is via the NewFxDynamicObject() call in C++, but that doesn't mean that the corresponding constructors won't be called from JS. In that case, the internal fields will be uninitialized, and subsequent method calls may try to use them. Add a constructor callback for all PDFium objects that nulls out these fields (shame that v8 doesn't do this by default, but probably saves some cycles). Then ensure that we check for this possibility in all the places it might turn up. Conversely, if we've just gotten a successful return from NewFxDynamicObject(), we know the CJS_Object/EmbedObj are good, so avoid checking there. BUG=695826 Change-Id: Iadad644c4af937def967ddc83daac1dad7544d69 Reviewed-on: https://pdfium-review.googlesource.com/2839 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org>
2017-02-27Allow building XFA without additional codecs.Tom Sepez
This is something we'd like to try for initial XFA launches adding in codecs as justified by results in the wild. Adding statistics for the unsupported cases is a follow-up exercise once this builds correctly. We always build all the additional libraries, to allow fuzzers to link against them even if we are not shipping them. The linker will sort it out for the actual code. Rename some files to match the classes contained within. That the existing tests seem to pass with the codecs disabled warrants further investigation. Change-Id: Iad269db91289f12dc9f5dda8f48121d27a0c4367 Reviewed-on: https://pdfium-review.googlesource.com/2836 Commit-Queue: Tom Sepez <tsepez@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org>
2017-02-27Remove some pointless checks and assignments.Lei Zhang
Change-Id: I6f9fd67cdac581e8f91f829a5934b763bb229d21 Reviewed-on: https://pdfium-review.googlesource.com/2838 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-02-27Whitespace changeDan Sinclair
TBR=tsepez@chromium.org NOTRY=true Change-Id: I60e0f4d40a471c3b84232d9790b14dbe37aa89df Reviewed-on: https://pdfium-review.googlesource.com/2846 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-02-27Whitespace changeDan Sinclair
TBR=tsepez@chromium.org NOTRY=true Cr-Commit-Position: refs/heads/master@{#1} Change-Id: I11a43e7e9761788626fbbbab2a0902e492076ef1 Reviewed-on: https://pdfium-review.googlesource.com/2845 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-02-26core: fix two more uninitialized memberschromium/3025chromium/3024Miklos Vajna
Found by Coverity when scanning the bundled pdfium-3004 in LibreOffice. This fixes: - CID 1400335: Uninitialized members (UNINIT_CTOR) CPDF_DataAvail::m_dwTrailerOffset - CID 1400334: Uninitialized members (UNINIT_CTOR) CXML_Element::m_pParent Change-Id: I42da9a704ad75adf39c510c6ef89eb7a97860ea1 Reviewed-on: https://pdfium-review.googlesource.com/2670 Reviewed-by: Lei Zhang <thestig@chromium.org> Commit-Queue: Lei Zhang <thestig@chromium.org>
2017-02-24Remove repeated flags from CPDF_Fontchromium/3023Nicolas Pena
Moved all the flags to CFX_Font. Explicitly stated which ones are valued according to the PDF spec to avoid their values being changed. Change-Id: Ib57593234a4b9b83ef1ad593d0396c64159f303f Reviewed-on: https://pdfium-review.googlesource.com/2837 Commit-Queue: Nicolás Peña <npm@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-02-24Libtiff: fix leaking tables in tif_ojpeg.cNicolas Pena
Tables should be freed before they are reassigned. This CL fixes the three places where this is not happening. BUG=694599 Change-Id: I4e7cf1a6354b1129ecaf7ddcc74d8a36ba289df7 Reviewed-on: https://pdfium-review.googlesource.com/2830 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: Nicolás Peña <npm@chromium.org>