| Age | Commit message (Collapse) | Author |
|---|
|
For cmdStageAllocMatrix, InputChans is length of Matrix, OutputChans is
length of Offsets. The original code will allocate NewElem->Offset with
length Cols=InputChans (cmslut.c:417). This results in heap buffer
overflow later.
BUG=chromium:651849
Review-Url: https://codereview.chromium.org/2384063006
|
|
There's no way to take ownership back from the CPDF_Array
without deleting the object, so add a new primitive to make
elements become indirect rather than manipulating them
outside the class.
This should solve the ASSERT(objnum == 0) issue that
blocked the previous roll.
Review-Url: https://codereview.chromium.org/2391883003
|
|
Each of these files contains a single class, rename the file to match the
internal class name.
Review-Url: https://codereview.chromium.org/2385423004
|
|
Remove redundant DEPS files and DEPS file entries.
Review-Url: https://codereview.chromium.org/2390833003
|
|
Missed these again. Scripting fail.
BUG=pdfium:603
Review-Url: https://codereview.chromium.org/2393433003
|
|
- Added private method to avoid duplicated code.
- If the unicode calculation overflows, 0 is used instead of crashing.
Review-Url: https://codereview.chromium.org/2392103002
|
|
When fuzzing the image formats, its possible to get a read request which
would go negative. Handle the request and return FALSE for the read.
BUG=chromium:621836
Review-Url: https://codereview.chromium.org/2386343002
|
|
BUG=pdfium:603
Review-Url: https://codereview.chromium.org/2393593002
|
|
BUG=pdfium:603
Review-Url: https://codereview.chromium.org/2392603004
|
|
BUG=pdfium:603
Review-Url: https://codereview.chromium.org/2386423004
|
|
BUG=pdfium:603
Review-Url: https://codereview.chromium.org/2392773003
|
|
BUG=pdfium:603
Review-Url: https://codereview.chromium.org/2386263003
|
|
BUG=pdfium:603
Review-Url: https://codereview.chromium.org/2391013002
|
|
m_Map maps to unsigned integer, but m_MultiCharBuf.GetLength() returns
an integer. There will be integer overflow if the length is big, and
UBSAN will complain. Thus, using FX_SAFE_UINT32. Replacing with uint32
would work as well: the point is to consider the length as uint instead
of int.
BUG=chromium:652232
Review-Url: https://codereview.chromium.org/2393573002
|
|
Review-Url: https://codereview.chromium.org/2387333002
|
|
Update clip to use intersect verb
from canvas.
R=dsinclair@chromium.org
Review-Url: https://codereview.chromium.org/2384283002
|
|
id:120001 of https://codereview.chromium.org/2375343004/ )
Reason for revert:
Broke PDFExtensionTest when rolling DEPS in Chromium.
Original issue's description:
> Assert that only 0-numbered objects are Released()
>
> This condition holds because numbered objects are brute-force
> deleted by the indirect object holder, rather than being
> released.
>
> Be careful about recursive deletion, check before advancing,
> since we no longer count on Release() doing this for us.
> Fix a few tests where the test was violating ownership rules.
>
> This should be the last step before completely removing Release()
> in favor of direct delete everywhere.
>
> Committed: https://pdfium.googlesource.com/pdfium/+/aba528a362248a54b27a7e9e046e2b65ab83f624
TBR=tsepez@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
Review-Url: https://codereview.chromium.org/2387193003
|
|
The test file for fixing bug chromium:651304.
Review-Url: https://codereview.chromium.org/2392553004
|
|
This condition holds because numbered objects are brute-force
deleted by the indirect object holder, rather than being
released.
Be careful about recursive deletion, check before advancing,
since we no longer count on Release() doing this for us.
Fix a few tests where the test was violating ownership rules.
This should be the last step before completely removing Release()
in favor of direct delete everywhere.
Review-Url: https://codereview.chromium.org/2375343004
|
|
Review-Url: https://codereview.chromium.org/2386273004
|
|
Depending on what ReadOK does it's possible for |dircount16| to be used without
being initialized. The read code calls back into PDFium specific code which then
calls into the stream reading code.
Initialize the value to be sure it is set.
BUG=chromium:651632
Review-Url: https://codereview.chromium.org/2389993002
|
|
|Clear| is too easily mistaken for "clear this pointer only."
Review-Url: https://codereview.chromium.org/2385303002
|
|
This CL adds a |IsBeingDestroyed| flag into the CPDFSDK_PageView. We then
bail out of the pageview removal code early if the flag is set.
BUG=chromium:652103
Review-Url: https://codereview.chromium.org/2384243002
|
|
The original way of detecting loops was passing a level parameter
through various functions. This missed some cases which also lead
to load type3 font char, for example, FindFont() may call
CheckType3FontMetrics() which may eventually lead to LoadChar().
The new way is to store the char loading depth, and abort when the depth
exceeds the max.
BUG=chromium:651304
Review-Url: https://codereview.chromium.org/2384853002
|
|
Method is not called, removing.
Review-Url: https://codereview.chromium.org/2391663002
|
|
All the files are already excluded by the build system.
Review-Url: https://codereview.chromium.org/2387863002
|
|
Review-Url: https://codereview.chromium.org/2386433002
|
|
Fix some nullptr errors.
BUG=pdfium:608
Review-Url: https://codereview.chromium.org/2378133003
|
|
Restore CPDF_Dictionary default constructor.
Use it in places where reasonable in the code.
TBR=dsinclair@chromium.org
TBR=thestig@chromium.org
Review-Url: https://codereview.chromium.org/2383843002
|
|
Note: pdfium bots don't seem to touch these files.
Review-Url: https://codereview.chromium.org/2379973005
|
|
BUG=pdfium:611
Review-Url: https://codereview.chromium.org/2383593002
|
|
BUG=pdfium:611
Review-Url: https://codereview.chromium.org/2383583002
|
|
BUG=pdfium:611
Review-Url: https://codereview.chromium.org/2380713005
|
|
BUG=pdfium:611
Review-Url: https://codereview.chromium.org/2384503003
|
|
BUG=pdfium:611
Review-Url: https://codereview.chromium.org/2375963006
|
|
BUG=pdfium:611
Review-Url: https://codereview.chromium.org/2381993002
|
|
BUG=pdfium:611
Review-Url: https://codereview.chromium.org/2377393002
|
|
BUG=pdfium:611
Review-Url: https://codereview.chromium.org/2382723003
|
|
BUG=pdfium:611
Review-Url: https://codereview.chromium.org/2381063002
|
|
BUG=pdfium:611
Review-Url: https://codereview.chromium.org/2383563002
|
|
BUG=pdfium:611
Review-Url: https://codereview.chromium.org/2374383003
|
|
BUG=pdfium:611
Review-Url: https://codereview.chromium.org/2376153004
|
|
BUG=pdfium:611
Review-Url: https://codereview.chromium.org/2382763002
|
|
BUG=pdfium:611
Review-Url: https://codereview.chromium.org/2383543002
|
|
BUG=pdfium:611
Review-Url: https://codereview.chromium.org/2379033002
|
|
BUG=pdfium:611
Review-Url: https://codereview.chromium.org/2375283003
|
|
BUG=pdfium:611
Review-Url: https://codereview.chromium.org/2381863003
|
|
BUG=pdfium:611
Review-Url: https://codereview.chromium.org/2374413002
|
|
BUG=pdfium:606
Review-Url: https://codereview.chromium.org/2378373002
|
|
It is not necessary. For some methods, bool can be used instead. For
some other methods, the returned boolean is never used, so they can be
void.
Review-Url: https://codereview.chromium.org/2382803002
|
