summaryrefslogtreecommitdiff
path: root/core/fpdfapi/page/cpdf_contentmarkitem.cpp
AgeCommit message (Collapse)Author
2017-05-16Introduce CFX_UnownedPtr to detect lifetime inversion issues.Tom Sepez
There are places where an object "child" has a raw pointer back to object "owner" with the understanding that owner will always outlive child. Violating this constraint can lead to use after free, but this requires finding two paths: one that frees the objects in the wrong order, and one that uses the object after the free. The purpose of this patch is to detect the constraint violation even when the second path is not hit. We create a template that is used in place of TYPE*. It's dtor, when a memory tool is present, goes out and probes the first byte of the object to which it points. Used in "child", this allows the memory tool to prove that the "owner" is still alive at the time the child is destroyed, and hence the constraint is never violated. Change-Id: I2a6d696d51dda4a79ee2f00a6752965e058a6417 Reviewed-on: https://pdfium-review.googlesource.com/5475 Commit-Queue: Tom Sepez <tsepez@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org>
2016-11-21Fixup lint flags.Dan Sinclair
The -build/include setting was masking out build/include_what_you_use. This CL restores them, fixes any build errors, and adds NOLINT as needed. As well, the runtime/explicit and runtime/printf flags are aslo enabled and NOLINT'd. lint cleanups Change-Id: Ib013b3eb29c8d0e48cad74c5df9028684130719f Reviewed-on: https://pdfium-review.googlesource.com/2030 Reviewed-by: Tom Sepez <tsepez@chromium.org>
2016-11-09Return unique_ptr from CPDF_Object::Clone().tsepez
Because that's what clone does. There are numerous release() calls that will go away as more code is converted. Review-Url: https://codereview.chromium.org/2484033002
2016-11-04Reland "Remove CPDF_Object::Release() in favor of direct delete"tsepez
This reverts commit f0d5b6c35fa343108a3ab7a25bc2cc2b3cf105b3. Review-Url: https://codereview.chromium.org/2478303002
2016-11-04Revert of Remove CPDF_Object::Release() in favor of direct delete (patchset ↵dsinclair
#11 id:200001 of https://codereview.chromium.org/2384883003/ ) Reason for revert: Looks like it's blocking the roll. https://build.chromium.org/p/tryserver.chromium.linux/builders/linux_chromium_compile_dbg_ng/builds/186619 Original issue's description: > Remove CPDF_Object::Release() in favor of direct delete > > Follow-on once we prove Release always deletes in previous CL. > > Committed: https://pdfium.googlesource.com/pdfium/+/4de3d095c9d9e961f93750cf1ebd489fd515be12 TBR=thestig@chromium.org,tsepez@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true Review-Url: https://codereview.chromium.org/2478253002
2016-11-03Remove CPDF_Object::Release() in favor of direct deletetsepez
Follow-on once we prove Release always deletes in previous CL. Review-Url: https://codereview.chromium.org/2384883003
2016-11-02Remove FX_BOOL from coretsepez
Review-Url: https://codereview.chromium.org/2477443002
2016-10-04Move core/fpdfapi/fpdf_parser to core/fpdfapi/parserdsinclair
BUG=pdfium:603 Review-Url: https://codereview.chromium.org/2392603004
2016-10-04Move core/fpdfapi/fpdf_page to core/fpdfapi/pagedsinclair
BUG=pdfium:603 Review-Url: https://codereview.chromium.org/2386423004