Age | Commit message (Collapse) | Author |
|
Before writting to the stream buffer make sure that we won't walk off the end
of the allocated size.
In this specific case the dest_size of the buffer is 0, so we're basically just
looping over to free the temp results.
BUG=chromium:697847
Change-Id: I229eea96179692216cb2685facbb7d5379c501c7
Reviewed-on: https://pdfium-review.googlesource.com/2903
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|
|
This Cl simplifies the AppendChar code by removing the array of callback
methods and using a switch instead.
Change-Id: I07475d3950395dea2189569d95bfba1be1f9ceb5
Reviewed-on: https://pdfium-review.googlesource.com/2918
Reviewed-by: Nicolás Peña <npm@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
This CL starts adding tests to the CFX_RTFBreak class. In doing so, the code
to append char has been simplified to make it clearer.
Change-Id: I5a2c8c114b52e1efa0c41a18670c6542b733baae
Reviewed-on: https://pdfium-review.googlesource.com/2900
Reviewed-by: Nicolás Peña <npm@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
The code under test is too complicate to be refactored
without first establishing tests.
Change-Id: Id7dc87ec67c513220e64df9d82afb8bcd6acef21
Reviewed-on: https://pdfium-review.googlesource.com/2914
Reviewed-by: Nicolás Peña <npm@chromium.org>
Commit-Queue: Tom Sepez <tsepez@chromium.org>
|
|
Change-Id: I1112d18e0d18514227d363b3010eb8f90fb0ffe4
Reviewed-on: https://pdfium-review.googlesource.com/2910
Reviewed-by: Nicolás Peña <npm@chromium.org>
Commit-Queue: Tom Sepez <tsepez@chromium.org>
|
|
Also replace CXFA_NodeSet with underlying type.
Change-Id: Iba38ef67bab5d7b23a0bb2b8272a1effa1015c9c
Reviewed-on: https://pdfium-review.googlesource.com/2905
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
Change-Id: I2dbea7665b5fc2ca239ad2f75c91d4a1e0d522c7
Reviewed-on: https://pdfium-review.googlesource.com/2911
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
Change-Id: I61552fba2387533699e917918318b002a14bba6b
Reviewed-on: https://pdfium-review.googlesource.com/2912
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
Change-Id: I9341f38cbea8c325e0d50f26987bc9e55e295630
Reviewed-on: https://pdfium-review.googlesource.com/2904
Commit-Queue: Tom Sepez <tsepez@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
CFX_BaseMassArrayImp is still used under the covers; leave
it for now.
Change-Id: Iad8bec13243b92c36e9d13130b89fd61a7e63436
Reviewed-on: https://pdfium-review.googlesource.com/2902
Commit-Queue: Tom Sepez <tsepez@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
Change-Id: I1080eefb4e47d7bc86fb3384fd7479a1fd49b203
Reviewed-on: https://pdfium-review.googlesource.com/2898
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
Change-Id: Ib6ad46c0d79f51579a99869c5ff87cc9baf75c6e
Reviewed-on: https://pdfium-review.googlesource.com/2897
Commit-Queue: Tom Sepez <tsepez@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
Change-Id: Ic6edc7740513075c2a738cc8897460af17bb0103
Reviewed-on: https://pdfium-review.googlesource.com/2895
Commit-Queue: Tom Sepez <tsepez@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
The map is one-to-one, so no need for a pointer to an
externally stored rect.
Change-Id: I4cd6f728cdadeb4c7b25b6f34f5d50bb5db89623
Reviewed-on: https://pdfium-review.googlesource.com/2896
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
Using the font name instead of the family name on Linux to increase the amount
of fonts that get mapped to the default one. This is not done on the other OS
because this is a hard-coding that should be avoided, and our bug PDF works
fine on those OS.
BUG=309664
Change-Id: I2d51f66d65dc042dd638c72c55a403ea78a90dfe
Reviewed-on: https://pdfium-review.googlesource.com/2892
Commit-Queue: Nicolás Peña <npm@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
They both encompass the same concept: a segmented
array that can grow without copying.
Change-Id: Ifc02207385b1bc106df41932c7b78ec2e9cc2146
Reviewed-on: https://pdfium-review.googlesource.com/2894
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
This Cl changes from an CFX_ArrayTemplate to a std::vector and cleans up the
supporting code.
Change-Id: If07cb4fbd5fb9bcb078b5792a74ea62527cdd9a4
Reviewed-on: https://pdfium-review.googlesource.com/2884
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: Nicolás Peña <npm@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|
|
Found while looking for c-style callbacks.
Change-Id: If21ad273e23eb83c25297e9fc123c3a2228fed70
Reviewed-on: https://pdfium-review.googlesource.com/2893
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: Tom Sepez <tsepez@chromium.org>
|
|
The value is always set into a unique_ptr, so return one and assign.
Change-Id: Ieda649c8f86caf1344ca2ce342a141c3ab70aa0f
Reviewed-on: https://pdfium-review.googlesource.com/2883
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: Nicolás Peña <npm@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|
|
This Cl converts CFX_RTFPiece::GetString and CFX_RTFPiece::GetWidths to
return CFX_WideString and std::vector<int32_t> respectively instead of taking
pointers out parameters.
Change-Id: Ie153caa0336861b3efa9b8ce26f75f0e019526e9
Reviewed-on: https://pdfium-review.googlesource.com/2882
Reviewed-by: Nicolás Peña <npm@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
The one step to make an actual concrete class is conditionalized
in fpdfview and is unconditional in the fuzzer.
Also replace the clumsy C-style callbacks with a delegate
interface as long as we are making new interfaces.
Change-Id: I733a437483ce5e0c34211cfbbda05105336f55b5
Reviewed-on: https://pdfium-review.googlesource.com/2887
Commit-Queue: Tom Sepez <tsepez@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
In https://codereview.chromium.org/2559903002 we refactored the font manager
in XFA but got part of the negation wrong. Fixup logic.
Change-Id: Idd51ff846fe64a56908ec26bf2798c1df8433611
Reviewed-on: https://pdfium-review.googlesource.com/2891
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
BUG=chromium:690501
Change-Id: I74b09d90a8082554a67f737eb6adc3bff82ed93e
Reviewed-on: https://pdfium-review.googlesource.com/2889
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
This happens to fix the bug in question but I suspect they still do not
have enough checks to prevent undefined shifts. Patch:
https://github.com/uclouvain/openjpeg/pull/762/commits/5afb4d0546dd1b0a162b4e895cfdcfa4b32f1180
BUG=694042
Change-Id: I9466eb2b095f07233517ff5f1bcb0c2437be78ac
Reviewed-on: https://pdfium-review.googlesource.com/2888
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
This Cl removes more unused methods from the RTFBreak code along with removing
all default params.
Change-Id: I31d2880acde590ca9239440239ac56f5bb370f56
Reviewed-on: https://pdfium-review.googlesource.com/2881
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: Nicolás Peña <npm@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|
|
Change-Id: Ied5d23e18e9194e66d8be8d1057f55d83faada88
Reviewed-on: https://pdfium-review.googlesource.com/2880
Reviewed-by: Nicolás Peña <npm@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
Cleanup a couple methods in RTFBreak and TextBreak which always recieve true
as their parameter.
Change-Id: I4704cdb6200b85e0a1a2990d16158ea58699a110
Reviewed-on: https://pdfium-review.googlesource.com/2879
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Reviewed-by: Nicolás Peña <npm@chromium.org>
|
|
This Cl removes unused methods from the RTFBreak and TextBreak classes.
Change-Id: If1e7e041cfd32b3be1240ae759f73c503b9c4cad
Reviewed-on: https://pdfium-review.googlesource.com/2878
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Reviewed-by: Nicolás Peña <npm@chromium.org>
|
|
This Cl converts the type and updates the usage as required.
Change-Id: I7c0f13aeabee1117086728333618504d3b65bb06
Reviewed-on: https://pdfium-review.googlesource.com/2876
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Reviewed-by: Nicolás Peña <npm@chromium.org>
|
|
This Cl removes unused items and converts the remaining members to an enum
class.
Change-Id: I86e95231275ab20f274a5913715c1579a6fbc5dc
Reviewed-on: https://pdfium-review.googlesource.com/2875
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Reviewed-by: Nicolás Peña <npm@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
This Cl removes the unused layout styles from RTF Break and the supporting code.
Change-Id: I5f4ef593250be1c9b3ae32f1ae3d9ce6913abdcc
Reviewed-on: https://pdfium-review.googlesource.com/2874
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
The break policy was always set to 0 so it would never match any of the polices.
Removed and simplified the code.
Change-Id: I260631a2210037ae75ca1a3a282a1fe4e7f8ef6f
Reviewed-on: https://pdfium-review.googlesource.com/2873
Reviewed-by: Nicolás Peña <npm@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
This Cl enables the XFA codecs by default in order to get the fuzzers working
again.
Change-Id: Icea6df42b1b7bcee22618bd436502c518e69041f
Reviewed-on: https://pdfium-review.googlesource.com/2877
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
The issue at hand is caused by a raw pointer rather than a
retained pointer in InheritedData::m_pFontFamily. But the
larger issue is that it's bad to Get() raw pointers from
these, especially when its so cheap to pass them by const
reference.
One reason to Get() a raw pointer is to aid in down-casts, so
add a helper to CFX_RetainPtr to give us downcasted retained
pointers.
BUG=pdfium:665
Change-Id: Ic8624af09664ff603de2e1fda8dbde0cf889f80d
Reviewed-on: https://pdfium-review.googlesource.com/2871
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
AKA roll clang 287685:295762.
Change-Id: Ie74172a1986908eeca2f913f7c4500cc51095e1b
Reviewed-on: https://pdfium-review.googlesource.com/2870
Commit-Queue: Lei Zhang <thestig@chromium.org>
Reviewed-by: Nico Weber <thakis@chromium.org>
|
|
Follow up to https://pdfium-review.googlesource.com/c/2829/
Change-Id: Ic743a5931f743c3e0e3f24246dca768cec09be4f
Reviewed-on: https://pdfium-review.googlesource.com/2843
Commit-Queue: Lei Zhang <thestig@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|
|
- Set more members in the ctor
- Remove dead code
- Use more unique_ptrs
Change-Id: Idfe85d07c784a57862f9314bc85f407f817b8f2f
Reviewed-on: https://pdfium-review.googlesource.com/2844
Commit-Queue: Lei Zhang <thestig@chromium.org>
Reviewed-by: Nicolás Peña <npm@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
Original patch: https://pdfium-review.googlesource.com/c/2830/
Procedure: revert original patch, cherry-pick it, fix spacing, use git
diff to obtain the new patch file (index changed).
Change-Id: I1b5d2fd3cc17780c9428417fb1cd1e6b9a05f1fc
Reviewed-on: https://pdfium-review.googlesource.com/2848
Reviewed-by: Lei Zhang <thestig@chromium.org>
Commit-Queue: Nicolás Peña <npm@chromium.org>
|
|
Patch:
https://github.com/mm2/Little-CMS/commit/9f427d5ff544ab1be37f485ac13b2419a1610cc3
BUG=696430
Change-Id: I20b8b4aad565d6f6aaed8c66be7e9709eec2b5ce
Reviewed-on: https://pdfium-review.googlesource.com/2849
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: Nicolás Peña <npm@chromium.org>
|
|
Given a stream of data, we create a type1 font and fill up the required
dictionary entries according to PDF spec 1.7. Table 5.8 describes Type 1 font
dictionaries, and Table 5.19 describes font descriptors.
BUG=pdfium:667
Change-Id: I571b09fb533467d77ed0104e613726387aec1f87
Reviewed-on: https://pdfium-review.googlesource.com/2835
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: Nicolás Peña <npm@chromium.org>
|
|
Native object callbacks have to distinguish whether the object
they have been given is actually a native object and not some
ordinary JS object. For method/property calls, this happens
via v8's signature mechanism, but signature checks aren't applied
to method arguments themselves.
Currently, we do this by treating any object with an internal field
count of 2 as being such, but this is fragile, and it has been pointed
out that other objects with two internal fields are present.
Additionally, that the first field points to a structure with a
small zero-based object definition ID doesn't really have enough
entropy to trust that it isn't some other entity. So add a pointer
to an internal address in the second slot to make this safer.
Note that we'll also get the same release_assert in the majority
of cases as described in the bug. This is great from a security
standpoint, but not great from a functional standpoint, except this
likely only occurs in the wild if they are trying to mess with us.
This just guards the theoretical cases that might pass the
existing release_assert.
BUG=695830
Change-Id: I42db27d6ed1143269a852805e4e4d862a8ab8773
Reviewed-on: https://pdfium-review.googlesource.com/2847
Commit-Queue: Tom Sepez <tsepez@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
- Constify test data
- ASSERT_EQ() buffer size
- EXPECT_EQ() arguments are reversed
- Fix typos in comments
Change-Id: I846bfcc29bbf43d0a8b333250d1cce1aae5a8d59
Reviewed-on: https://pdfium-review.googlesource.com/2841
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: Lei Zhang <thestig@chromium.org>
|
|
The expected way to create native PDFium objects for JS is via
the NewFxDynamicObject() call in C++, but that doesn't mean that the
corresponding constructors won't be called from JS. In that case,
the internal fields will be uninitialized, and subsequent method
calls may try to use them.
Add a constructor callback for all PDFium objects that nulls out
these fields (shame that v8 doesn't do this by default, but probably
saves some cycles). Then ensure that we check for this possibility
in all the places it might turn up.
Conversely, if we've just gotten a successful return from
NewFxDynamicObject(), we know the CJS_Object/EmbedObj are good,
so avoid checking there.
BUG=695826
Change-Id: Iadad644c4af937def967ddc83daac1dad7544d69
Reviewed-on: https://pdfium-review.googlesource.com/2839
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: Tom Sepez <tsepez@chromium.org>
|
|
This is something we'd like to try for initial XFA launches
adding in codecs as justified by results in the wild.
Adding statistics for the unsupported cases is a follow-up
exercise once this builds correctly.
We always build all the additional libraries, to allow
fuzzers to link against them even if we are not shipping
them. The linker will sort it out for the actual code.
Rename some files to match the classes contained within.
That the existing tests seem to pass with the codecs
disabled warrants further investigation.
Change-Id: Iad269db91289f12dc9f5dda8f48121d27a0c4367
Reviewed-on: https://pdfium-review.googlesource.com/2836
Commit-Queue: Tom Sepez <tsepez@chromium.org>
Reviewed-by: Lei Zhang <thestig@chromium.org>
|
|
Change-Id: I6f9fd67cdac581e8f91f829a5934b763bb229d21
Reviewed-on: https://pdfium-review.googlesource.com/2838
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
TBR=tsepez@chromium.org
NOTRY=true
Change-Id: I60e0f4d40a471c3b84232d9790b14dbe37aa89df
Reviewed-on: https://pdfium-review.googlesource.com/2846
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
TBR=tsepez@chromium.org
NOTRY=true
Cr-Commit-Position: refs/heads/master@{#1}
Change-Id: I11a43e7e9761788626fbbbab2a0902e492076ef1
Reviewed-on: https://pdfium-review.googlesource.com/2845
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
Found by Coverity when scanning the bundled pdfium-3004 in LibreOffice.
This fixes:
- CID 1400335: Uninitialized members (UNINIT_CTOR)
CPDF_DataAvail::m_dwTrailerOffset
- CID 1400334: Uninitialized members (UNINIT_CTOR)
CXML_Element::m_pParent
Change-Id: I42da9a704ad75adf39c510c6ef89eb7a97860ea1
Reviewed-on: https://pdfium-review.googlesource.com/2670
Reviewed-by: Lei Zhang <thestig@chromium.org>
Commit-Queue: Lei Zhang <thestig@chromium.org>
|
|
Moved all the flags to CFX_Font. Explicitly stated which ones are valued
according to the PDF spec to avoid their values being changed.
Change-Id: Ib57593234a4b9b83ef1ad593d0396c64159f303f
Reviewed-on: https://pdfium-review.googlesource.com/2837
Commit-Queue: Nicolás Peña <npm@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|
|
Tables should be freed before they are reassigned. This CL fixes the three
places where this is not happening.
BUG=694599
Change-Id: I4e7cf1a6354b1129ecaf7ddcc74d8a36ba289df7
Reviewed-on: https://pdfium-review.googlesource.com/2830
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: Nicolás Peña <npm@chromium.org>
|