| Age | Commit message (Collapse) | Author |
|---|
|
Leaks can happen in several places. For this particular bug, it happens
when there is a colorspace component count mismatch.
BUG=497191
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1153633009
|
|
Remove dead code in CPDF_Annot as well.
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1157773012
|
|
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1162203007
|
|
This will pull in the checkdeps utility for standalone builds.
Write some include rules, too.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1149623011
|
|
Caught by checkdeps rules. That this still compiled is probably due to
some stray -I flag somewhere.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1149213008
|
|
Small bit of OCD here, since this file is included cross-library
(i.e. from fpdfsk), it can't be in src/. In other words, the
following should be empty:
grep -R 'include.*core/src/' fpdfsdk
Fix some IWYU in it at the same time.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1147353006
|
|
Some are simply never defined. Some are never instantiated. Some have
paths that are never reached.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1168503003
|
|
This caused a revert of the PDFium roll.
TBR=thestig@chromium.org
Review URL: https://codereview.chromium.org/1165863003
|
|
Reproducing this bug requires the embedder to fire timers, something the
single-pass pdfium-test binary doesn't do properly at the present. So
we modify the embedder test delegate to allow the immediate triggering
of the same.
Perform some cleanup along the way by removing EmbedderTestDefaultDelegate
-- it buys us nothing over the the no-op one.
And, of course, v8 initialization is busted again, and we need v8 here.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1153213004
|
|
As indicated by:
http://build.chromium.org/p/tryserver.chromium.win/builders/win_chromium_x64_rel_ng/builds/63417/steps/compile%20%28with%20patch%29/logs/stdio
R=thestig@chromium.org
TBR=thestig@chromium.org
Review URL: https://codereview.chromium.org/1160293003
|
|
Its fine to program to interfaces, but since the sole concrete implementation
is in the same header as the interface, the code is bypassing it anyways. We
can de-virtualize some things along the way, and remove two non-existent
function prototypes from one of the headers.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1158053003
|
|
This fix removes CJS_DelayData object from m_DelayData array and copies them to
a new array, before processing them. So contents of m_DelayData array cannot be
used after they get freed.
BUG=487928
R=tsepez@chromium.org
TEST= Chrome pdf plugin should not crash when poc_stable,testuafdocument1.pdf
and testuafdocument2.pdf are viewed.
see crbug.com/487928 and crbug.com/487928#c18 for more details.
Review URL: https://codereview.chromium.org/1163823002
|
|
A reference to nonstd_unique_ptr.h was added with
https://codereview.chromium.org/1091283002 but a comma is missing
after it. This causes this string to be concatenated with the next,
leading to broken sources. This went unnoticed by the build due to
the fact that the affected sources are both headers, but they should
be properly separated.
R=brucedawson@chromium.org
Review URL: https://codereview.chromium.org/1156663006
|
|
This won't post tasks to the background threads
BUG=none
R=kcc@chromium.org, tsepez@chromium.org
Review URL: https://codereview.chromium.org/1157123003
|
|
TBR=thestig@chromium.org
Review URL: https://codereview.chromium.org/1154993003
|
|
This will undoubtedly RED the tree due to differences in platforms
and environments. A subsequent CL will add suppressions to get back
to GREEN.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1153393004
|
|
Get rid of leading _CAPITAL identifiers.
A large number of these didn't actually match the filename.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1160443004
|
|
Tiny bit of tidying I noticed while trying to figure out include rules.
In other words,
cd core/include
git grep 'include.*include'
git grep 'include.*src'
Should produce no output, and
cd fpdfsdk/include
git grep 'include.*include' | grep -v ../core/include
git grep 'include.*src'
Should produce no output as well.
Fix some IWYU, header guards, include ordering, whitespace along the way.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1162453003
|
|
BUG=459215
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1160663002
|
|
Fix a division by zero when multiplying 0 * y with SafeNumerics.
BUG=488302
R=jschuh@chromium.org
Review URL: https://codereview.chromium.org/1126243007
|
|
Two "set but unused", one of which is surely an artifact from
copying code around, and the other which ought to be used for
the sake of clarity.
Two are unknown "optimize" pragmas, remove them since the code
has been shipped for years on other platforms under full optimization.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1148353002
|
|
This issue is trigged by the conversion from unsigned int to signed int.
A large unsigned int is converted to int. It's represented as a negative
int which is used in the condition of while later.
BUG=482639
R=brucedawson@chromium.org
Review URL: https://codereview.chromium.org/1146913003
|
|
testing/tools/run_corpus_tests.py assumes a debug build and will
fail cryptically if only a release build is available.
Arguably there shouldn't be a default because having one could lead
to accidentally running a stale version, but that is probably too
much of a change.
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1150823003
|
|
1. New size should be larger than old size in JBig2_Realloc.
2. Arguments are integers but parameters are size_t in JBIG2_memset.
After integer overflows, it will be presented as a huge
unsigned number on 64 bits system.
BUG=483981
R=brucedawson@chromium.org, tsepez@chromium.org
Review URL: https://codereview.chromium.org/1148643002
|
|
Mostly cosmetic; fix a spelling error, make comment style
consistent, remove unnecessary #ifdefs, remove unused globals.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1139993003
|
|
R=vogelheim@chromium.org
BUG=
Review URL: https://codereview.chromium.org/1146933002
|
|
Fixes the ordering of some assignments broken when converting to checked
numerics in CFX_PathData::AddPointCount().
Original Review URL: https://codereview.chromium.org/1142713005
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1135893008
|
|
This reverts commit eb6527763171cdb4b0fbfea5a20d691f4d67b660.
Reason for revert: broke javascript tests.
TBR=thestig@chromium.org
Review URL: https://codereview.chromium.org/1145843005
|
|
This permits some functions to become void's since
they, in turn, can't fail.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1142713005
|
|
Integer overflow in CJBig2_Image::expand.
It causes the size of reallocated is not
expected.
BUG=483981
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1131023008
|
|
The opj_j2k_copy_default_tcp_and_create_tcp() function memcpy's a top-level
struct, and then replaces pointers to memory owned by the original struct
with new blocks of memory. Unfortunately, an early return can leave the
copy with pointers to memory it doesn't own, which causes problems when
cleaning up the partially-initialized struct.
The referenced bug is triggered when we get a return at original
line 7969 or 7385 due to OOM.
Moral of the story: creating a "copy constructor" equivalent
based on memcpy() instead of copying field by field for structs
containing pointers is usually a bad idea.
BUG=486538
R=jun_fang@foxitsoftware.com
Review URL: https://codereview.chromium.org/1138033007
|
|
those types are just aliases, and we should consistently use the new version
R=tsepez@chromium.org
BUG=
Review URL: https://codereview.chromium.org/1138823004
|
|
This CL is used for:
1. keeping the same logic as before (the behaviour
of FX_Alloc was changed for OOM).
2. fixing a potential integer overflow.
BUG=N/A
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1126013006
|
|
This avoids unchecked multiplications when computing a size argument
to malloc(). Such an overflow is very scary, and can result in
exploitable bugs.
Along the way, kill off some return checks, since we know this can't
return NULL.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1143663004
|
|
R=tsepez@chromium.org
BUG=
Review URL: https://codereview.chromium.org/1133333005
|
|
In most cases, we just CHECK() that no exception was thrown. Previously,
we'd just crash.
Ideally, this should all be fixed and the system should cope with those
exceptions, but that's beyond this CL.
R=tsepez@chromium.org
BUG=
Review URL: https://codereview.chromium.org/1126203010
|
|
For FlateEncode(), error handling code leaked memory.
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1144603002
|
|
Triggering allocation failure can be ... slow. See
http://build.chromium.org/p/client.pdfium/builders/win/builds/126
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1142463005
|
|
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1137933004
|
|
Also change EmbedderTest::TearDown() to match the destruction order in
Chromium's PDF code.
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1138143003
|
|
Add a FX_TryAlloc() for those few cases where we might need to continue
in face of OOM.
Remove FX_AllocNL() (the context of its use would suggest that NL
means "No Limit"). This is used for some big allocations, so replace
it with TryAlloc(). Large allocations may be worth trying to continue
from, since there are few and they have a large chance of failing.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1128043009
|
|
There isn't much point in having macros that obscure obvious
language features.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1135273004
|
|
If ConcatCopy somehow gets a zero nNewlen, it returns early, without
allocating a new m_Data. ConcatInPlace then frees the old one, leaving
m_Data dangling.
Also be concerned about the multiplication in the widestring version.
So use wmemcpy and let the library cope with it.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1130763007
|
|
Also fix typos and remove trailing spaces/tabs.
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1141123002
|
|
This is a precondition for someday combining Byte/Wide strings
via templates.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1142533002
|
|
BUG=471991
R=brucedawson@chromium.org
Review URL: https://codereview.chromium.org/1141613002
|
|
Phantom handles allow for freeing objects with one pass of GC. However,
this means that by the time the callback is invoked, the v8 object already
does no longer exist. To avoid accidential access to the dead object, there
are now two callbacks, where the first must only reset the handle, and the
second does the clean-up work.
R=tsepez@chromium.org
BUG=
Review URL: https://codereview.chromium.org/1129253004
|
|
- Make include guards consistent with standard and filenames.
- Remove stray semicolon folowing extern "C" section close-brace.
- Untabify.
- Delete trailing whitespace.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1128003005
|
|
Also corrects some ASSERT_'s to EXPECT_'s in the test.
BUG=pdfium:160
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1141763002
|
|
The internal fields are scanned by the garbage collector, so they can't contain arbitrary data. However, aligned pointers are supported by the V8 GC, so the V8
API allows for setting a pointer directly instead of wrapping it in an External
container.
Not only is this faster, but it's also required for the new v8::Global API which
I'm going to update to in a follow-up patch.
R=tsepez@chromium.org
BUG=
Review URL: https://codereview.chromium.org/1139853003
|
