summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2014-09-19Adjust the order of clearing resource in CPDF_DocPageData::ClearJun Fang
Images are basic resource and are referred or used by other objects in some cases. Images should be released after the objects who uses these objects. In this case, an image object is accessed in the process of CPDF_TilingPattern's destroy. Unlikely, this image has been destroyed before. BUG=414046 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/582993002
2014-09-18Fix Regression: Incomplete file loading is seen for multi page pdf files.chromium/2164chromium/2163Tom Sepez
This was introduced at PDFium revision 12a9940. There was a subtle logic change for null |parray|. BUG=415438 R=jun_fang@foxitsoftware.com Review URL: https://codereview.chromium.org/579363002
2014-09-18gn: don't remove -fno-exceptions to match gypScott Graham
Not required since: https://code.google.com/p/pdfium/issues/detail?id=28 R=jam@chromium.org BUG=chromium:335824 Review URL: https://codereview.chromium.org/567393004
2014-09-16When forcing clear page data, no need to release colorspace when releasing ↵Bo Xu
pattern BUG=414661 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/572853006
2014-09-15Add a boundary check before accessing the table of 'Index to Location'Jun Fang
Before this fix, only |gindex < face->num_locations| is checked. However, the pointer, p, will be moved to next location in the first FT_NEXT_ULONG or FT_NEXT_USHORT. It may cause a crashier. So a boundary check is needed before the second FT_NEXT_ULONG or FT_NEXT_USHORT. BUG=412457 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/571833002
2014-09-15Check Null pointer in CPDF_Dictionary::GetUnicodeTextBo Xu
BUG=414155 R=thakis@chromium.org Review URL: https://codereview.chromium.org/574463002
2014-09-11Fix hebrew character highlight issue in a special documentBo Xu
There is an image object and text objects in this document, but the character in each text object is reversed. When rendering, the image object is shown. However, when highlighting, the text object is selected, resulting in text index issue. Moreover, the character in the document is in reading order, which is different from normal document. BUG=pdfium:43 R=jbreiden@google.com Review URL: https://codereview.chromium.org/484503002
2014-09-10Check object type for objects used in the dictory of 'Index'chromium/2162chromium/2161chromium/2160chromium/2159chromium/2158chromium/2157chromium/2156Jun Fang
BUG=387970 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/551503003
2014-09-09Change the forced clear order of CPDF_DocPageData::Clear, and remove ↵Bo Xu
m_pDocument in CPDF_Color If not forced clear, the counter of CPDF_Pattern will take care the count of referenced instance. When forced clear, clear color first to make sure pattern still exists when referencing it. BUG=411154 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/554913003
2014-09-09Fix uninitialized value in CPDF_ColorStateDataBo Xu
BUG=411161 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/560673002
2014-09-09Revert of Fix uninitialized value in CPDF_ColorStateData (patchset #1 id:1 ↵Bo Xu
of https://codereview.chromium.org/547863002/) Reason for revert: The initialized member variable is wrong. Needs to undo this. Original issue's description: > Fix uninitialized value in CPDF_ColorStateData > > BUG=411161 > R=tsepez@chromium.org > > Committed: https://pdfium.googlesource.com/pdfium/+/a38d4c3572b566f8e64b9ca4f725cbbc581e85ab TBR=tsepez@chromium.org,jun_fang@foxitsoftware.com NOTREECHECKS=true NOTRY=true BUG=411161 Review URL: https://codereview.chromium.org/558803004
2014-09-08Fix uninitialized value in CPDF_ColorStateDataBo Xu
BUG=411161 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/547863002
2014-09-08Fix un-initialized R G B valueBo Xu
BUG=411163 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/551513005
2014-09-08Convert GN visibility to be a list.chromium/2155chromium/2154chromium/2152Brett Wilson
GN visibility currently allows either string or list types, but this is causing some problems for some templates. I'm going to require it to be lists, so am changing all callers before pushing the new binary. R=jam@chromium.org Review URL: https://codereview.chromium.org/555523002
2014-09-08Merge performance fix for cmsDupToneCurve from previous upstream branch.Chris Palmer
BUG= R=jun_fang@foxitsoftware.com Review URL: https://codereview.chromium.org/534363002
2014-09-08The cause of this issue is that there is an indirect object like '112 0 R' ↵Jun Fang
but no its direct object '112 0 object' in the test pdf file. Without checking the validity, it causes a null pointer when trying to get the direct object by an indirect object. BUG=390781 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/553613003
2014-09-04Add v8_platform to the JS dependencies in the GN build.chromium/2151chromium/2150chromium/2149chromium/2148chromium/2147Brett Wilson
This is required for the call to v8::platform::CreateDefaultPlatform. R=jam@chromium.org Review URL: https://codereview.chromium.org/540133002
2014-09-03Allocate m_pCompData when |m_nComponents| is updated.Bo Xu
When |m_nComponents| is changed from loading stream information, previously allocated memory that depends on |m_nComponents| needes to be freed and allocated again to enforce memory size consistency. BUG=409695 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/528163002
2014-09-02Check m_nComponents when using JBIG2Decodechromium/2146Bo Xu
BUG=409692 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/534763002
2014-09-02Add m_pDocument in CPDF_Color and check if page date has been forced clearBo Xu
This will prevent using freed pattern object. This is a better solution than https://pdfium.googlesource.com/pdfium/+/1b9c5c4dc41956b8c5ab17b9a882adf8a2513768 and in essence revert that patch BUG=409373 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/522483003
2014-09-02Tidy up opj_ callback functions in fx_codec_jpx_obj.cppTom Sepez
This is code cleanup rather than bug fixing. The motivation for this was to fix the casts at line 97 of the original file. These are wrong; you cannot correct via casting a function signature mismatch when passing a function as an argument. In theory, there's no reason to believe that the compiler will pass args in the same manner for a function of type (void*, size_t, void*) as for a function of type (void*, size_t, some_struct*). The cast will suppress the compile error, but you can't be assured the call will work as intended. In practice, it does, since the last architecture where a void* had a different representation than a struct* went extinct in the late 80s. In the functions themselves, note that we currently bail out if srcData->offset >= srcData->src_size, so the expression bufferLength = (OPJ_SIZE_T)(srcData->src_size - srcData->offset) will always be > 0. Hence the check if(bufferLength <= 0) is pointless, esp. since bufferLength is a signed type and < 0 makes no sense. The opj_seek_from_memory() has a bool return value, so returning -1 on error doesn't seem reasonable. Change this to TRUE/FALSE, and return false on seek past end. If we're truly passing readonly data, then perhaps it makes sense to make the write() function always return -1. I didn't do this. Lastly, I capitalize "DecodeData" so that it looks like a struct, and change its members to be size_t's to avoid casting back and forth. R=jun_fang@foxitsoftware.com Review URL: https://codereview.chromium.org/507273003
2014-08-31Remove the GetValidBpc check in application callers and move it to where ↵Bo Xu
m_bpc is assigned. The problem of using GetValidBpc() in each function call is it could result in mismatch as seen in this case: in ContinueToLoadMask(), m_bpc is re-assigned to 1 if m_bImageMask==1 regardless of the value from GetValidBpc(). This will result in mismatch if another function use the value from GetValidBpc(). The solution could be checking m_bImageMask in another function to make sure m_bpc is consistent, but that makes the code too cumbersome. Also, we have to bring and are bringing in more and more GetValidBpc check, and this will continue with other buggy documents. So better to fix it now. The original rational to use GetValidBpc() in where m_bpc is used is to respect the "raw" data from parsing. However, if it will be ignored anyway and using value from GetValidBpc(), we'd better correct it at the very beginning. BUG=408541 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/518443002
2014-08-28Remove unused fields and stack locals.Chris Palmer
Edge closer to getting PDFium to build in chromium_code mode. BUG=https://code.google.com/p/pdfium/issues/detail?id=29 R=bo_xu@foxitsoftware.com Review URL: https://codereview.chromium.org/437343002
2014-08-28No need to release resources in destructor of CPDF_ShadingObjectchromium/2145chromium/2144chromium/2143chromium/2142chromium/2141chromium/2140Bo Xu
CPDF_DocPageData::~CPDF_DocPageData() will force to release all resources, so no need to do it here, which can result in heap-use-after-free trouble. BUG=408164 R=jun_fang@foxitsoftware.com, tsepez@chromium.org Review URL: https://codereview.chromium.org/513063003
2014-08-27Restrict index not be greater than row_size in TIFF_PredictLineBo Xu
There is not strict way to limit invalid value of |Colors| from dictionary. We can make sure |index| does not go out of boundary of row_size. BUG=407614 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/509993003
2014-08-27Use valid bpc value in LoadPalette() and ContinueToLoadMask()Bo Xu
BUG=408141, 408147 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/508253003
2014-08-27Fix a bug when looping through m_pCompDataBo Xu
BUG=408154 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/509613005
2014-08-26Bounds check before fixed-size memcmp() in CJPX_Decoder::Init().Tom Sepez
BUG=407476 R=jun_fang@foxitsoftware.com Review URL: https://codereview.chromium.org/489703004
2014-08-26Fix compile on mac: format string mismatch error.chromium/2139chromium/2138Tom Sepez
See http://build.chromium.org/p/tryserver.chromium.mac/builders/mac_chromium_compile_dbg/builds/9542/steps/compile%20%28with%20patch%29/logs/stdio TBR=jun_fang@foxitsoftware.com, Review URL: https://codereview.chromium.org/506053003
2014-08-25Set m_pLinearized to NULL after releaseBo Xu
BUG=406868 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/504993002
2014-08-25Perform better input checks in early steps of parser.Tom Sepez
BUG=406591 R=jun_fang@foxitsoftware.com Review URL: https://codereview.chromium.org/501823003
2014-08-25Use number of components from ICC profile and alternate color spaceBo Xu
BUG=406806 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/503883002
2014-08-25Add GetValidBpc() check in CPDF_DIBSource::CreateDecoder()Bo Xu
BUG=406908 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/504673002
2014-08-25Add GetValidBpc() check in CPDF_DIBSource::GetScanLineBo Xu
BUG=406600, 406895 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/497733005
2014-08-25Revert of Use number of components from ICC profile and alternateCS ↵Bo Xu
(patchset #1 of https://codereview.chromium.org/493163003/) Reason for revert: Needs to address comments before landing Original issue's description: > Use number of components from ICC profile and alternate color space > > BUG=406806 > > Committed: https://pdfium.googlesource.com/pdfium/+/be83103 TBR=tsepez@chromium.org,jun_fang@foxitsoftware.com NOTREECHECKS=true NOTRY=true BUG=406806 Review URL: https://codereview.chromium.org/504883003
2014-08-25Use number of components from ICC profile and alternate color spaceBo Xu
BUG=406806 Review URL: https://codereview.chromium.org/493163003
2014-08-22Fix the issue 'SEGV on unknown address in CPDF_DataAvail::GetObjectSize'Jun Fang
BUG=387983 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/454283002
2014-08-22Fix a hang issue due to inconsistent page number in the test fileJun Fang
Pdfium reads the page number from the field of '/Count' but it can't load the number assigned by this field due to the damaged data. Add a check to ensure that the required page should be one of loaded pages. BUG=406090 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/477873003
2014-08-22Bounds check in CFX_Font::LoadGlyphPath().Tom Sepez
Add a check to CFX_Font::LoadGlyphPath() similar to the one that exists in CFX_FaceCache::RenderGlyph(). Also replace some scattered magic numbers in the file with constants, and make arrays not used outside this file be statically scoped. BUG=406144 R=jun_fang@foxitsoftware.com Review URL: https://codereview.chromium.org/497863002
2014-08-22Fix confusion between length in bytes and length in characters in ↵Tom Sepez
app::response(). I also clean up the code while we are here, rewriting a strange switch statement and tidying whitespace. BUG=406142 R=jun_fang@foxitsoftware.com Review URL: https://codereview.chromium.org/498773004
2014-08-22Don't stretch bitmaps if destination size is empty.Vitaly Buka
BUG=405201 R=bo_xu@foxitsoftware.com Review URL: https://codereview.chromium.org/474093003
2014-08-22Check the number of component in ICCBased colorspaceBo Xu
From PDF reference 8.6.5.5, this could only be 1, 3 or 4. BUG=387968 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/464083003
2014-08-21For pattern colorspace, its base colorspace should not be a pattern colorspaceBo Xu
BUG=405588 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/496883002
2014-08-20Check if user provided more than one option for pdfium_test.Vitaly Buka
R=bo_xu@foxitsoftware.com Review URL: https://codereview.chromium.org/477173003
2014-08-19Fix bug in CPDF_PageContentGenerate constructor and destructorBo Xu
m_pageObjects never gets initialize, thus making CPDF_PageContentGenerate::GenerateContent() doing nothing. Since the CPFD_PageObject are owned by m_pPage, no need to release them in the destructor. BUG=385119 R=thestig@chromium.org, vitalybuka@chromium.org Review URL: https://codereview.chromium.org/470253004
2014-08-19Fixed command line parting when no output is needed.Vitaly Buka
R=bo_xu@foxitsoftware.com Review URL: https://codereview.chromium.org/492523002
2014-08-18Font is used after release in CPDF_TextStateData::~CPDF_TextStateDataJun Fang
BUG=400996 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/477323002
2014-08-18Fix a double-free issue in CFX_PathData::~CFX_PathDataJun Fang
In CPDFSDK_InterForm::SubmitFields, the buffer pointed by m_pBuffer is returned and released by the caller. However, it will be released again in the destructor. BUG=401580 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/481733002
2014-08-18Check path point count overflow in DrawThisAppearanceBo Xu
BUG=387969 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/461343003
2014-08-18Add a null check before getting unicode text in CPDF_FormField::GetValueJun Fang
The test pdf file defines an invalid dictionary object with a NULL arrary in the filed of "/V". It causes that a NULL object is returned when trying to get the first element of this arrary. So it needs to check whether the returned object is NULL. BUG=395986 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/478183002