summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2016-10-06Reject JBig2 Huffman table with too large shift valuekcwu
BUG=chromium:653044 Review-Url: https://codereview.chromium.org/2397783002
2016-10-06Split m_InstalledTTFonts into two vectors to avoid sketchy logic.npm
Instead of relying on ' ' to determine whether the CFX_Bytestring is added on one place or another, use another vector. When trying to match fonts from the fontmapper, compare with both vectors. BUG=pdfium:510 Review-Url: https://codereview.chromium.org/2395883002
2016-10-06switch to new skia blend mode enum classcaryclark
Skia's interface to transfer modes is not described by an enum instead of a class. R=reed@google.com, dsinclair@chromium.org Review-Url: https://codereview.chromium.org/2394683004
2016-10-06Fixup MSan embeddertestsDan Sinclair
The embeddertests were closing the document before the formfill environment. This caused a use-after-free as we try to use the document during formfill destruction. This Cl fixes the destruction order in the embedder tests. As well, a few guards are put in place to keep the system from crashing if the wrong destruction order is called. R=tsepez@chromium.org Review URL: https://codereview.chromium.org/2398063002 .
2016-10-05Remove m_pOccontent from CPDFSDK_Documentchromium/2882dsinclair
Unused, remove. Review-Url: https://codereview.chromium.org/2397513003
2016-10-05Rename CPDFSDK_Environment to CPDFSDK_FormfillEnvironmentdsinclair
Rename CPDFSDK_Environment to make it explicit that this is part of the formfill system. Review-Url: https://codereview.chromium.org/2391313002
2016-10-05Remove ownership of CPDFSDK_Document from CPDFXFA_Documentdsinclair
This CL updates CPDFXFA_Document so it never owns the CPDFSDK_Document. The CPDFSDK_Document is now always owned by the CPDFXFA_Environment. This also cleans up the strange need to reverse the order of document and form destruction when using XFA. Review-Url: https://codereview.chromium.org/2397473006
2016-10-05Removed unused stuff, some FX_BOOL, and cleanup pageint.h a bitnpm
- Remove some unused stuff from pageint.h. - Replace some FX_BOOL with bool in pageint.h, and related. - Replace some "protected" with "private" in pageint.h. - Move 2 methods into namespace in fpdf_page_parser_old.cpp. Review-Url: https://codereview.chromium.org/2399573002
2016-10-05Re-land "Assert that only 0-numbered objects are Released()"tsepez
This reverts commit b73c99335bfbd158ad16dd59c9c52396ffd2b54b. TBR=thestig@chromium.org Review-Url: https://codereview.chromium.org/2393783004
2016-10-05Rework a redundant check when calling ConvertToIndirectObjectAt()tsepez
This avoids a re-assignment that can otherwise cause a later fault. BUG=pdfium:607 Review-Url: https://codereview.chromium.org/2393953002
2016-10-05Cleanup some CPDFSDK_PageView annotation code.dsinclair
This Cl cleans up the code regarding CPDFSDK_Annots in CPDFSDK_PageView. This includes: * Makes DeleteAnnot XFA only and wraps at the call site. * Removes unused methods * Replaces use of CountAnnots and GetAnnot with vector iteration * Removes {Set|Kill}FocusAnnot from CPDFSDK_PageView * Renames m_fxAnnotArray to m_SDKAnnotArray Review-Url: https://codereview.chromium.org/2384323005
2016-10-05Remove FX_BOOL from core/fpdfapi/fontnpm
FX_BOOL can be replaced by bool. Also replaced in a couple other places so that Winbots pass. Review-Url: https://codereview.chromium.org/2395803002
2016-10-04Fix cmdStageAllocMatrix parameter swapkcwu
For cmdStageAllocMatrix, InputChans is length of Matrix, OutputChans is length of Offsets. The original code will allocate NewElem->Offset with length Cols=InputChans (cmslut.c:417). This results in heap buffer overflow later. BUG=chromium:651849 Review-Url: https://codereview.chromium.org/2384063006
2016-10-04Fix ownership when making a private annot dictionary into a shared one.tsepez
There's no way to take ownership back from the CPDF_Array without deleting the object, so add a new primitive to make elements become indirect rather than manipulating them outside the class. This should solve the ASSERT(objnum == 0) issue that blocked the previous roll. Review-Url: https://codereview.chromium.org/2391883003
2016-10-04Rename fpdfsdk/fpdfxfa files to match contentschromium/2881dsinclair
Each of these files contains a single class, rename the file to match the internal class name. Review-Url: https://codereview.chromium.org/2385423004
2016-10-04Cleanup DEPS filesdsinclair
Remove redundant DEPS files and DEPS file entries. Review-Url: https://codereview.chromium.org/2390833003
2016-10-04Fix fuzzer pathsdsinclair
Missed these again. Scripting fail. BUG=pdfium:603 Review-Url: https://codereview.chromium.org/2393433003
2016-10-04Avoid crashing on CPDF_ToUnicodeMap::Load by using ValueOrDefault()npm
- Added private method to avoid duplicated code. - If the unicode calculation overflows, 0 is used instead of crashing. Review-Url: https://codereview.chromium.org/2392103002
2016-10-04Make sure the fuzzer read size does not go negative.dsinclair
When fuzzing the image formats, its possible to get a read request which would go negative. Handle the request and return FALSE for the read. BUG=chromium:621836 Review-Url: https://codereview.chromium.org/2386343002
2016-10-04Move core/fpdfapi/fpdf_render to core/fpdfapi/renderdsinclair
BUG=pdfium:603 Review-Url: https://codereview.chromium.org/2393593002
2016-10-04Move core/fpdfapi/fpdf_parser to core/fpdfapi/parserdsinclair
BUG=pdfium:603 Review-Url: https://codereview.chromium.org/2392603004
2016-10-04Move core/fpdfapi/fpdf_page to core/fpdfapi/pagedsinclair
BUG=pdfium:603 Review-Url: https://codereview.chromium.org/2386423004
2016-10-04Move core/fpdfapi/fpdf_font to core/fpdfapi/fontdsinclair
BUG=pdfium:603 Review-Url: https://codereview.chromium.org/2392773003
2016-10-04Move core/fpdfapi/fpdf_edit to core/fpdfapi/editdsinclair
BUG=pdfium:603 Review-Url: https://codereview.chromium.org/2386263003
2016-10-04Move core/fpdfapi/fpdf_cmaps to core/fpdfapi/cmapsdsinclair
BUG=pdfium:603 Review-Url: https://codereview.chromium.org/2391013002
2016-10-04Use FX_SAFE_UINT32 on CPDF_ToUnicodeMap::Loadnpm
m_Map maps to unsigned integer, but m_MultiCharBuf.GetLength() returns an integer. There will be integer overflow if the length is big, and UBSAN will complain. Thus, using FX_SAFE_UINT32. Replacing with uint32 would work as well: the point is to consider the length as uint instead of int. BUG=chromium:652232 Review-Url: https://codereview.chromium.org/2393573002
2016-10-04Update test expectations for unexpected successes.thestig
Review-Url: https://codereview.chromium.org/2387333002
2016-10-04update skia to latest sourcescaryclark
Update clip to use intersect verb from canvas. R=dsinclair@chromium.org Review-Url: https://codereview.chromium.org/2384283002
2016-10-03Revert of Assert that only 0-numbered objects are Released() (patchset #7 ↵thestig
id:120001 of https://codereview.chromium.org/2375343004/ ) Reason for revert: Broke PDFExtensionTest when rolling DEPS in Chromium. Original issue's description: > Assert that only 0-numbered objects are Released() > > This condition holds because numbered objects are brute-force > deleted by the indirect object holder, rather than being > released. > > Be careful about recursive deletion, check before advancing, > since we no longer count on Release() doing this for us. > Fix a few tests where the test was violating ownership rules. > > This should be the last step before completely removing Release() > in favor of direct delete everywhere. > > Committed: https://pdfium.googlesource.com/pdfium/+/aba528a362248a54b27a7e9e046e2b65ab83f624 TBR=tsepez@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true Review-Url: https://codereview.chromium.org/2387193003
2016-10-03Sync pdfium_test version to include updated test fileweili
The test file for fixing bug chromium:651304. Review-Url: https://codereview.chromium.org/2392553004
2016-10-03Assert that only 0-numbered objects are Released()tsepez
This condition holds because numbered objects are brute-force deleted by the indirect object holder, rather than being released. Be careful about recursive deletion, check before advancing, since we no longer count on Release() doing this for us. Fix a few tests where the test was violating ownership rules. This should be the last step before completely removing Release() in favor of direct delete everywhere. Review-Url: https://codereview.chromium.org/2375343004
2016-10-03Add ptr_util.h from base until std::make_unique<> availabletsepez
Review-Url: https://codereview.chromium.org/2386273004
2016-10-03Fix potentially uninitialized value.chromium/2880dsinclair
Depending on what ReadOK does it's possible for |dircount16| to be used without being initialized. The read code calls back into PDFium specific code which then calls into the stream reading code. Initialize the value to be sure it is set. BUG=chromium:651632 Review-Url: https://codereview.chromium.org/2389993002
2016-10-03Rename CFX_WeakPtr::Clear() to DestroyObject()tsepez
|Clear| is too easily mistaken for "clear this pointer only." Review-Url: https://codereview.chromium.org/2385303002
2016-10-03Guard against double deletion of page views.dsinclair
This CL adds a |IsBeingDestroyed| flag into the CPDFSDK_PageView. We then bail out of the pageview removal code early if the flag is set. BUG=chromium:652103 Review-Url: https://codereview.chromium.org/2384243002
2016-10-03Detect resursive loading of type3 font char to avoid infinite loopweili
The original way of detecting loops was passing a level parameter through various functions. This missed some cases which also lead to load type3 font char, for example, FindFont() may call CheckType3FontMetrics() which may eventually lead to LoadChar(). The new way is to store the char loading depth, and abort when the depth exceeds the max. BUG=chromium:651304 Review-Url: https://codereview.chromium.org/2384853002
2016-10-03Remove unused CPDFSDK_PageView::ClearFXAnnotsdsinclair
Method is not called, removing. Review-Url: https://codereview.chromium.org/2391663002
2016-10-03Remove _FX_OS_ checks in core/fxge/win32/.thestig
All the files are already excluded by the build system. Review-Url: https://codereview.chromium.org/2387863002
2016-09-30Move CPDF_Reference::SafeGetDirect() out of the header.chromium/2879chromium/2878thestig
Review-Url: https://codereview.chromium.org/2386433002
2016-09-30Switch CFX_SAXReader to use std::stack.thestig
Fix some nullptr errors. BUG=pdfium:608 Review-Url: https://codereview.chromium.org/2378133003
2016-09-30Fix build of pdf_hint_table_fuzzer.chromium/2877tsepez
Restore CPDF_Dictionary default constructor. Use it in places where reasonable in the code. TBR=dsinclair@chromium.org TBR=thestig@chromium.org Review-Url: https://codereview.chromium.org/2383843002
2016-09-30Fix #includes in libfuzzer so pdfium can be rollednpm
Note: pdfium bots don't seem to touch these files. Review-Url: https://codereview.chromium.org/2379973005
2016-09-29Move xfa/fxfa/include to xfa/fxfadsinclair
BUG=pdfium:611 Review-Url: https://codereview.chromium.org/2383593002
2016-09-29Move xfa/{fwl,fxbarcode,fxgraphics}/include up to parentdsinclair
BUG=pdfium:611 Review-Url: https://codereview.chromium.org/2383583002
2016-09-29Move fxjs/include to fxjsdsinclair
BUG=pdfium:611 Review-Url: https://codereview.chromium.org/2380713005
2016-09-29Move fpdfsdk/include to fpdfsdkdsinclair
BUG=pdfium:611 Review-Url: https://codereview.chromium.org/2384503003
2016-09-29Move fpdfsdk/fxedit/include to fpdfsdk/fxeditdsinclair
BUG=pdfium:611 Review-Url: https://codereview.chromium.org/2375963006
2016-09-29Move fpdfsdk/fpdfxfa/include to fpdfsdk/fpdfxfadsinclair
BUG=pdfium:611 Review-Url: https://codereview.chromium.org/2381993002
2016-09-29Move core/fxge/include to core/fxgedsinclair
BUG=pdfium:611 Review-Url: https://codereview.chromium.org/2377393002
2016-09-29Move core/fxcrt/include to core/fxcrtdsinclair
BUG=pdfium:611 Review-Url: https://codereview.chromium.org/2382723003