Age | Commit message (Collapse) | Author |
|
If jpeg_read_scanlines() ends up calling the error callback, we longjmp
into some undefined state.
BUG=558840
TBR=thestig@chromium.org
Original Review URL: https://codereview.chromium.org/1463563003 .
(cherry picked from commit 06e33aec03f13c76d9eff5c09cb03e142b0c5ef1)
Review URL: https://codereview.chromium.org/1471913005 .
|
|
This matches the type of the corresponding |CFX_DIBSource::m_Pitch|,
where integer overflow is checked for FX_DWORD. This change is
propagated to many other places.
Also, check for integer overflow in |CCodec_RLScanlineDecoder::Create|
during the calculation of |m_Pitch| since it aligns to 4 bytes while
overflow was was previously checked without this alignment.
TBR=thestig@chromium.org
BUG=555784
Original Review URL: https://codereview.chromium.org/1460033002 .
(cherry picked from commit e7950df70a2fd658f466751b29483436cb31e829)
Review URL: https://codereview.chromium.org/1473143003 .
|
|
CPDF_DIBSource::DownSampleScanline32Bit
Previously, if |m_bpc| was < 8 (e.g. 4), this function may still try to
access the source components as if |m_bpc| == 8. Even when it fell into
the codepath that tried to do the right thing in this case, it was
wrong.
BUG=554151
Review URL: https://codereview.chromium.org/1433423002 .
(cherry picked from commit e21fe98d5b5da7da01503b985b07b90c8e811689)
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1441973002 .
|
|
During decoding, when an image decoder is encountered, any
subsequent decoders are ignored, but remain in the array. However,
later on CPDF_DIBSource::ValidateDictParam expects the image
decoder to be the last in the array, causing issues.
A check is also added in CPDF_DIBSource::GetScanline to ensure
that the calculated pitch value is <= the (4-aligned) pitch value in the
cached bitmap to prevent future issues.
Also cleans up some NULL usages.
BUG=552046
Review URL: https://codereview.chromium.org/1406943005 .
(cherry picked from commit 182d129bcee8f7731b9bbfde0064295ad3b37271)
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1444503002 .
|
|
TBR=thestig@chromium.org
BUG=554115
Review URL: https://codereview.chromium.org/1435473004 .
(cherry picked from commit 46d2e278f62454ed2392630b6d18d33d380a20eb)
Review URL: https://codereview.chromium.org/1438733004 .
|
|
This regressed in commit 794c9b6.
Also fix the build after that commit.
BUG=551248
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1424743006 .
(cherry picked from commit 8cadf995e9a0fec8da19f69edac9d10fccca7eed)
(cherry picked from commit 955930dce7e4b5c764cdd34b134baea4207de523)
Review URL: https://codereview.chromium.org/1435553006 .
|
|
Also adds a README.pdfium and 0000-include.patch that
details the local modifications made.
Also rolls testing/corpus to 45f88c6914fcac26ad930bb0ebbfa468c21db0a5
which includes regenerated corpus expectations.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1413673003 .
(cherry picked from commit 87ee069d05ca06f60d6cfacd9e426739d8f2053d)
Review URL: https://codereview.chromium.org/1414493009 .
|
|
Also cleans up some places in the relevant functions since we're here.
BUG=551460
TBR=ochang@chromium.org
Review URL: https://codereview.chromium.org/1421783004 .
(cherry picked from commit 4f85605cbc652a17bc833f883186e0a68af6006d)
Review URL: https://codereview.chromium.org/1433533003 .
|
|
Previously, blur event actions could potentially touch deleted PageViews
as CPDFSDK_Document deletes the PageViews one by one.
This also fixes a related issue: CPDFSDK_Document::SetFocusAnnot no
longer does anything if the document is being destroyed. Otherwise, it
eventually tries to use m_pEnv->GetSDKDocument() at which point has
already been set to NULL by FPDFDOC_ExitFormFillEnvironment.
R=ochang@chromium.org
BUG=512445
Review URL: https://codereview.chromium.org/1414353007 .
(cherry picked from commit a548b1d3e2444f256bcbf6c2fa2165798e33ba8d)
Review URL: https://codereview.chromium.org/1417033009 .
|
|
BUG=pdfium:205
TBR=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1409743004 .
(cherry picked from commit 9ddafc82bddb984ae46ee0df801ba20b446d5158)
Review URL: https://codereview.chromium.org/1406113005 .
|
|
PDF specs say that end of line markers shall follow the
keyword "stream". But a white space before end of line
markers follows this keyword in the test pdf files.
BUG=543018
TBR=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1401923005 .
(cherry picked from commit b5cbfb4cd12b6499912367f9a1e11c666157acb8)
Review URL: https://codereview.chromium.org/1410613004 .
|
|
BUG=457480,497355
TBR=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1338973005 .
(cherry picked from commit c212b684cb028a5d98e57f711c9eed931b853a44)
Review URL: https://codereview.chromium.org/1413543002 .
|
|
- Use std::vector<JBig2ArithCtx> instead of storing pointers to arrays.
- Make CJBig2_SymbolDict's members private with accessors.
- Use std::vector<JBig2ArithCtx> in related places.
- Steal Chromium's vector_as_array() and use it as an adaptor as needed.
BUG=514891
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1388203003 .
(cherry picked from commit 3acb1ef909a22368507ed13817c4988c818e3aee)
Review URL: https://codereview.chromium.org/1399243003 .
|
|
Also mark it private.
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1395613003 .
(cherry picked from commit 8793b4a071fad51a770b93838e0752505b020e43)
Review URL: https://codereview.chromium.org/1396013005 .
|
|
BUG=497357
TBR=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1395493003 .
(cherry picked from commit 3ea79bbba24a1c0918ea42368e746097dab40663)
Review URL: https://codereview.chromium.org/1404553002 .
|
|
It's a bug existing in the conversion from YUV420 to RGB.
For YUV 420 format, four pixels have 4 Y but only one U and
one V. In some cases, there are odd columns or lines in
some images. The pixels on last line or column may have Y
but no U or V data. For this case, We shall extend U or V
using the data on previous column or line.
BUG=497357
TBR=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1342683002 .
(cherry picked from commit f1f19f1fff801c9970af627e050becc2f13f82e7)
Review URL: https://codereview.chromium.org/1405463002 .
|
|
CPDF_SyntaxParser::ReadStream() originally created stream objects when
the length is 0. Commit 2526930 tightened the constraint and returned
NULL. This has some adverse affects, as seen in Chromium's print
preview of PDFs.
Instead, relax the constraint a little so when the length is 0, return a
CPDF_Stream with NULL data and size 0.
BUG=531835
TBR=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1394743002 .
(cherry picked from commit 4fa0e27ba39f49ba92fb4c160ab836a6f1dd2893)
Review URL: https://codereview.chromium.org/1391183005 .
|
|
many callers can tolerate CJBig2_ArithIntDecoder::decode() OOB failure.
BUG=539749, pdfium:209
TBR=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1384663007 .
(cherry picked from commit 35902e725aa6cc83a317c3b6fdd1926b81b8e44b)
Review URL: https://codereview.chromium.org/1394953002 .
|
|
BUG=539106
TBR=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1386823002 .
(cherry picked from commit 7dfe5929282cb6d78d7b5e32e1d72e9db99d3066)
Review URL: https://codereview.chromium.org/1391753002 .
|
|
Also remove dead CJS_EmbedObj::{Begin,End}Timer code.
BUG=539107
TBR=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1384883002 .
(cherry picked from commit 794c9b67d3d519342aa7e15052766f7d4a99f551)
Review URL: https://codereview.chromium.org/1385373002 .
|
|
BUG=531339
TBR=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1377463005 .
(cherry picked from commit 9b6735445f20ae17b883b5739bf79a7c1f99e139)
Review URL: https://codereview.chromium.org/1393643002 .
|
|
Move the external isolate and embedder slot from the
IPDF_JSPlatforms struct supplied at the
FPDFDOC_InitFormFillEnvironment() call time to arguments to
the FPDF_InitLibraryWithConfig() call.
This has several benefits:
-- Avoids the crash that could happen if multiple
FPDFDOC_InitFormFillEnvironmen() calls should happen to be
made by an embedder with different slot values.
-- Down the road, for XFA, there may be XFA but no FormFill
environment.
We support both forms for the time being, until the chrome
side catches up, at which point we will deprecate the old
way.
TBR=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1367033002 .
(cherry picked from commit 3dedace9623fef6161a8666e53a4ab2b9be61e4c)
Review URL: https://codereview.chromium.org/1392723002 .
|
|
BUG=537173
TBR=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1376093002 .
(cherry picked from commit ac67d4765a8ac36cd00c9fc8b6f2b80a3e1cff72)
Review URL: https://codereview.chromium.org/1386273003 .
|
|
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1360103002 .
|
|
Check the image size before attempting to decode.
BUG=538103
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1377493005 .
|
|
Found using the test examples from https://crbug.com/537780
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1376413003 .
|
|
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1386463003 .
|
|
BUG=537790
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1379243002 .
|
|
Original patch by chamalsl.
Trailer size in bug_507316 was wrong.
embedder_test.cpp's GetPageTrampoline passed null parameter.
It will affect future test cases even if it does not affect
this.
BUG=507316
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1377403003 .
|
|
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1372103004 .
|
|
BUG=pdfium:207
Original author: jbreiden@google.com
Original CL: http://codereview.chromium.org/1362133003/
R=jbreiden@google.com
Review URL: https://codereview.chromium.org/1382073002 .
|
|
- Use std::vector<uint8_t> instead of raw uint8_t*
- Make ICodec_ScanlineDecoder::GetScanline() return const uint8_t*
- Add FxFreeDeleter, use it in CCodec_ImageDataCache.
- Make CCodec_ImageDataCache encapsulate its data members.
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1361053002 .
|
|
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1359013003 .
|
|
This reverts commit 3e144b8c23d7c52ed36329e87f0cb01f38ec1ed7.
This may be causing the failures seen in crbug.com/537799.
BUG=537799
Review URL: https://codereview.chromium.org/1382433003 .
|
|
BUG=chromium:529012
R=jochen@chromium.org, krasin@google.com
Review URL: https://codereview.chromium.org/1353193004 .
|
|
Right now we're freeing per-isolate data everytime a document is destroyed even
though it may be in use by other documents. For now we leak the per-isolate
data until crbug.com/531339 is fixed.
BUG=531339
R=jochen@chromium.org
Review URL: https://codereview.chromium.org/1372353002 .
Patch from Raymes Khoury <raymes@chromium.org>.
|
|
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1368153003 .
|
|
TBR=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1380663003 .
|
|
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1373333002 .
|
|
For bit per component (bpc), PDF spec mentions that a RunLengthDecode or DCTDecode filter shall always deliver 8-bit samples. However, some PDF files don't follow this rule. We can find that filter is RunLengthDecode but bpc is 1 in the provided test file. In this case, pdfium will correct bpc to 8 but the actual bpc is 1. It causes a failure because the data is much more than the expected. To handle this case, pdfium doesn't correct bpc to 8 when the original bpc is 1.
BUG=512557
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1328213002 .
|
|
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1367633005 .
|
|
Also changes DEPS to specify a specific v8 version, this will
require us to manually update this version from time to time,
but also solves a longstanding problem where going back to an
older version (say for bisecting) wouldn't always work.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1372963003 .
|
|
Follow-up from https://codereview.chromium.org/1366053003/
- use kPerIsolateDataIndex rather than magic constant 1.
- make a helper function for common code in JS_Define.h
- remove dead prototypes missed in earlier CL.
- fxjs_v8 can't include generic fpdfsdk includes (layering).
R=jochen@chromium.org
Review URL: https://codereview.chromium.org/1367813003 .
|
|
The font is slightly different from Linux/Windows.
BUG=524043
R=jun_fang@foxitsoftware.com
Review URL: https://codereview.chromium.org/1366363002 .
|
|
files""
This reverts commit fa9756f77ad6145940d3dc697814b84f5755ae17.
TBR=thestig@chromium.org
Review URL: https://codereview.chromium.org/1307353005/
|
|
This reverts commit 9bd18183ba8210c91d71c3060146235750a4c71c.
|
|
Pdfium swallows 'fi' or 'ff' in some tested files because it doesn't load the embedded font file correctly. The root cause is that there is incorrect keyword like 'ngendstream' in the stream of the embedded font file. Pdfium tries to find another correct keyword but uses wrong offset rather than accumulated offset.
BUG=524043
R=thestig@chromium.org, tsepez@chromium.org
Review URL: https://codereview.chromium.org/1307353005 .
|
|
This reverts commit 3b4382a847b5a7439a3107512dbe54c317108579.
The difference between this CL and the one that failed is
fxjs_v8.cpp:271. In master, we pass the runtime information
as:
v8::isolate -> v8::Context -> FXJS Runtime,
but in XFA:
V8::Isolate -> PerIsolate struct -> FXJS Runtime.
The master way is more correct, in that FXJS_Runtime is 1:1
with v8 contexts and many:1 (in theory) with isolates.
It looks like the XFA branch missed a patch along the way.
I'll do that next.
Having made this change, the only data in the per-isolate
struct will be the ptr array (on master); it will also
include the XFA context (on XFA). I've kept the struct on
master for the sake of similarity.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1365733003 .
|
|
- Remove dead code
- Use unique_ptr
BUG=pdfium:202
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1365903002 .
|
|
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1359233002 .
|