summaryrefslogtreecommitdiff
path: root/core/fpdfapi/parser
AgeCommit message (Collapse)Author
2017-05-18Add more CFX_UnownedPtr usage.Tom Sepez
One lifetime issue was fixed by passing CPDF_RenderStatus into Continue() methods rather than holidng a pointer which was going stale. Bug: Change-Id: I63b9dce4c1a0d1377cc407b5460535f7c916a040 Reviewed-on: https://pdfium-review.googlesource.com/5659 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org>
2017-05-16Introduce CFX_UnownedPtr to detect lifetime inversion issues.Tom Sepez
There are places where an object "child" has a raw pointer back to object "owner" with the understanding that owner will always outlive child. Violating this constraint can lead to use after free, but this requires finding two paths: one that frees the objects in the wrong order, and one that uses the object after the free. The purpose of this patch is to detect the constraint violation even when the second path is not hit. We create a template that is used in place of TYPE*. It's dtor, when a memory tool is present, goes out and probes the first byte of the object to which it points. Used in "child", this allows the memory tool to prove that the "owner" is still alive at the time the child is destroyed, and hence the constraint is never violated. Change-Id: I2a6d696d51dda4a79ee2f00a6752965e058a6417 Reviewed-on: https://pdfium-review.googlesource.com/5475 Commit-Queue: Tom Sepez <tsepez@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org>
2017-05-10Store the offset in the archive bufferDan Sinclair
This Cl moves the implementation of the archive buffer behind an IFX_ArchiveStream interface. The buffer holds the current offset and the offset parameter is removed from the CPDF_Creator and various other methods. Change-Id: Ia54e803b58bbfb6ef03fec4a940d2c056d541356 Reviewed-on: https://pdfium-review.googlesource.com/5255 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-05-10Use FXSYS_IntToTwoHexChars() in more places.Lei Zhang
Change-Id: I84cd8e91a296119ecf80b7a092b886f291bebb45 Reviewed-on: https://pdfium-review.googlesource.com/4953 Reviewed-by: Tom Sepez <tsepez@chromium.org> Reviewed-by: Nicolás Peña <npm@chromium.org> Commit-Queue: Lei Zhang <thestig@chromium.org>
2017-05-09Remove AppendObject from CPDF_CreatorDan Sinclair
The AppendObject method has been removed and the functionality moved to the individual CPDF_Object classes. Change-Id: I5446c6cc3e792d849acf77caed34b63a88f3a2d2 Reviewed-on: https://pdfium-review.googlesource.com/5072 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-05-08Check bits to decode will fit before decodingDan Sinclair
When decoding the CPDF_HintTable we read the dwDeltaGroupLen value out of the input stream which is a 16bit number. That value is then passed in to read a uint32_t of the object number. If we have a group length of > 32 bits we'll cause an undefined shift when we attempt to shift right more then 32 bits. This Cl bails out early if the dwDeltaGroupLen value is > 32 in order to stop the undefined shifts. Bug: chromium:718505 Change-Id: I919d6f4cd19826094a5e44d3a65d758029f5c236 Reviewed-on: https://pdfium-review.googlesource.com/5090 Reviewed-by: dsinclair <dsinclair@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-05-06Remove type-unsafe void* / uint8_t* usage in fx_crypt.hTom Sepez
Consolidate all of the sha2 contexts while we're at it, the one with the largest buf is suitable for use by all the others. Change-Id: Iace6cd8ca4405f75f78842a1559c3a2478910218 Reviewed-on: https://pdfium-review.googlesource.com/4994 Commit-Queue: Tom Sepez <tsepez@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org>
2017-05-04Give a couple of char to int functions better names.chromium/3090Lei Zhang
- FXSYS_toDecimalDigit() becomes FXSYS_DecimalCharToInt(). - FXSYS_toHexDigit() becomes FXSYS_HexCharToInt(). Change-Id: If4683e8f85f05124b92ff075056cbc295442087d Reviewed-on: https://pdfium-review.googlesource.com/4930 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: Lei Zhang <thestig@chromium.org>
2017-05-04CPDF_Document::GetPageData() normally does not return NULL.Lei Zhang
Add a comment to clarify and remove some unneeded checks. Change-Id: I8b0492548b245abc45e161085047c9f36d6c8e2b Reviewed-on: https://pdfium-review.googlesource.com/4871 Commit-Queue: Lei Zhang <thestig@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-05-04CPDF_DataAvail: avoid reads into stack buffers.Tom Sepez
Not a good practice even with correct bounds checks. Same idea for fpdf_edit_create.cpp Change-Id: I90b869ae4a07eb60d59997b9c5afc14830efc076 Reviewed-on: https://pdfium-review.googlesource.com/4830 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-05-03CPDF_SyntaxParser::SearchWord() is always backwards and for whole-wordsTom Sepez
Change-Id: Ic31d9cda5e919a754162e14e69cb63671a3fe8b9 Reviewed-on: https://pdfium-review.googlesource.com/4794 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org>
2017-05-03SetPos to at most the file length to avoid overflowsNicolas Pena
This CL prevents arbitrary position setting which may cause integer overflows. In the bug in question, the PDF says the xrefs are located in a huge position. This then causes problems when calling CPDF_SyntaxParser methods. Bug: chromium:603545 Change-Id: I5f94c38f46a0217e9f12f1bf8b2f3bee3b03cb35 Reviewed-on: https://pdfium-review.googlesource.com/4813 Commit-Queue: Nicolás Peña <npm@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-04-27Remove more |new|s, part 2Tom Sepez
Change-Id: I13b43ceafc6a35bcc1e366546a4a408ea01fe4ab Reviewed-on: https://pdfium-review.googlesource.com/4534 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org>
2017-04-26Remove a few more |new|s.Tom Sepez
Change-Id: I8a50ed680c1e101f855644fca8d282dd21470577 Reviewed-on: https://pdfium-review.googlesource.com/4533 Commit-Queue: Tom Sepez <tsepez@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-04-26Get rid of a few |new|s in CPDF_Document.Tom Sepez
The chain of destructors may attempt to use m_pDocPage after it has been set to null by the unique_ptr destructor. Verify it is still present before using it from any code that may be called from some other CPDF_ destructor. Change-Id: I007160231d73feed85d90efc687d6da993653f96 Reviewed-on: https://pdfium-review.googlesource.com/4499 Reviewed-by: Lei Zhang <thestig@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org>
2017-04-20Convert IFX_MemoryStream to CFX_MemoryStreamDan Sinclair
The CFX_MemoryStream is the only implementation of IFX_MemoryStream. This CL removes the interfaces and uses CFX_MemoryStream directly. Change-Id: I2f43fa39e82dafa7673517d214ae15fd2d0df331 Reviewed-on: https://pdfium-review.googlesource.com/4391 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-04-20Cleanup the fx_extension code.Dan Sinclair
This CL cleans up the fx_extension file. The stream code was moved to fx_stream. IFX_FileAccess was removed and CFX_CRTFileAccess split to its own file. Code shuffled from header to cpp file. Change-Id: I700fdfcc9797cf4e8050cd9ba010ad8854feefbf Reviewed-on: https://pdfium-review.googlesource.com/4371 Reviewed-by: Nicolás Peña <npm@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-04-19Rename array names to match codepage namesDan Sinclair
Rename arrays to use code page names to make it clearer what they represent. Change-Id: Ia7d74353f6bae5fd7f030c05675664dafda03a7a Reviewed-on: https://pdfium-review.googlesource.com/4350 Reviewed-by: Nicolás Peña <npm@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-04-19Cleanup codepage and charset definitions.Dan Sinclair
This Cl cleans up the unused defines in fx_codepage.h. The FXFONT_CHARSET_ defines are replaced with fx_codepage defines, this moves fx_codepage into core instead of xfa only. Static asserts are added to verify the public/ charsets match the fx_codepage charsets. Change-Id: Ie2f749e093de60a9a6743128a1fb087912e4cc96 Reviewed-on: https://pdfium-review.googlesource.com/4316 Commit-Queue: dsinclair <dsinclair@chromium.org> Commit-Queue: Nicolás Peña <npm@chromium.org> Reviewed-by: Nicolás Peña <npm@chromium.org>
2017-04-13Use vector of unique ptr in cpdf_data_avail.cpp.Tom Sepez
Remove member m_pAcroForm as it is only used in one method, and immediately set upon entry. A local will be fine here. Change-Id: I373f68252249a248061828530098ad759907259a Reviewed-on: https://pdfium-review.googlesource.com/4190 Reviewed-by: dsinclair <dsinclair@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org>
2017-04-13Move another opertator<<() prototype into correct .h file.Tom Sepez
Prototype should be in header for .cpp file actually implementing it. Change-Id: I8f771a4840e09da419cee384e3d6dc2e7bba1cc4 Reviewed-on: https://pdfium-review.googlesource.com/4170 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-04-13Refcount CPDF_CryptoHandlerchromium/3076chromium/3075chromium/3074chromium/3073chromium/3072Tom Sepez
Avoid tracking ownership via m_bLocalCryptoHandler. Also remove m_bEncryptCloned, as it is always false. Replace some methods with direct calls to underlying code. Change-Id: Ifa9d6f721c59d07e3b8e258f76832ca9f2ea0fc9 Reviewed-on: https://pdfium-review.googlesource.com/4111 Reviewed-by: Lei Zhang <thestig@chromium.org> Commit-Queue: Lei Zhang <thestig@chromium.org>
2017-04-07Cleanup string passing in core/fpdf*Tom Sepez
Return strings where possible. Add missing consts to strings passed by ref. Convert non-const cases to pointers. Rename a few methods to be clearer. Change-Id: I86569bc1744f539e6dd67fc73649b272c016328c Reviewed-on: https://pdfium-review.googlesource.com/3951 Commit-Queue: Tom Sepez <tsepez@chromium.org> Reviewed-by: Nicolás Peña <npm@chromium.org>
2017-04-05Fix assignment to len.dan sinclair
Sigh, messed up std::min conversion. TBR=npm@chromium.org Bug: pdfium:697 Change-Id: I0091f178b08fa537ebc3962d9349eb46d0aa8a80 Reviewed-on: https://pdfium-review.googlesource.com/3751 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-04-05Use correct length in guard checkdan sinclair
When fixing https://crbug.com/672177 we added a guard that we aren't reading off the end of the file. That guard used the file access Position(). This is the wrong value to compare against as our read position and the file access Position may be different. This CL updates the check to use the correct current file position. Bug: pdfium:697 Change-Id: I68a5eaed2f1f3d65422605f0a8474144cfa7d172 Reviewed-on: https://pdfium-review.googlesource.com/3711 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-04-04Remove a couple checks for MakeUnique failures.Lei Zhang
Combine some common CCodec_Jbig2Module code. Change-Id: I9a046314bc0e9dddc9a8c1a06b37764e9f3cc4b6 Reviewed-on: https://pdfium-review.googlesource.com/3713 Commit-Queue: Lei Zhang <thestig@chromium.org> Reviewed-by: Nicolás Peña <npm@chromium.org>
2017-04-04RefCount CPDF_StreamAcc all the time.Tom Sepez
Pass stream argument to constructor; it feels like a stream accessor should always be made from a stream rather than passing one in after the fact. Change-Id: Iaa46cb37677b81f0170f5d39bab76ad38ea4af44 Reviewed-on: https://pdfium-review.googlesource.com/3620 Commit-Queue: Tom Sepez <tsepez@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org>
2017-04-04RefCount CPDF_IccProfile all the timeTom Sepez
Make the IccProfile track its stream so that it has a proper key with which to purge the docpagedata map. Change-Id: Ib05ebc1afb828f1f5e5df62a1a33a1bfdecf507d Reviewed-on: https://pdfium-review.googlesource.com/3619 Commit-Queue: Tom Sepez <tsepez@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org>
2017-04-04Remove unneeded void* casts.Lei Zhang
Change-Id: Icf6b0ec88dfc8dc707b18ca4ad25dd77610b4c91 Reviewed-on: https://pdfium-review.googlesource.com/3622 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-04-03Drop FXSYS_ from mem methodsDan Sinclair
This Cl drops the FXSYS_ from mem methods which are the same on all platforms. Bug: pdfium:694 Change-Id: I9d5ae905997dbaaec5aa0b2ae4c07358ed9c6236 Reviewed-on: https://pdfium-review.googlesource.com/3613 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-04-03Drop FXSYS_ from string methodsDan Sinclair
This Cl drops the FXSYS_ from string methods which are the same on all platforms. Bug: pdfium:694 Change-Id: I1698aafd84f40474997549ae91ce35603377e303 Reviewed-on: https://pdfium-review.googlesource.com/3597 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-04-01Refcount CPDF_Image all the time.chromium/3061chromium/3060Tom Sepez
Remove the old externally-counted CPDF_CountedImage type. Change-Id: Ia0b288586272da3f2daf7dfc153f08e62794321a Reviewed-on: https://pdfium-review.googlesource.com/3553 Reviewed-by: Lei Zhang <thestig@chromium.org> Commit-Queue: Lei Zhang <thestig@chromium.org>
2017-03-30Add some calls to MakeUniqueDan Sinclair
This CL replaces some new's with pdfium::MakeUnique. Change-Id: I50faf3ed55e7730b094c14a7989a9dd51cf33cbb Reviewed-on: https://pdfium-review.googlesource.com/3430 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-03-30Upgrade to FreeType 2.7.1.Lei Zhang
BUG=pdfium:601 Change-Id: I07756cd208cd2221802ff2d331f316b6618a41e0 Reviewed-on: https://pdfium-review.googlesource.com/3120 Commit-Queue: Lei Zhang <thestig@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-03-27Guard against lengths greater then input sizeDan Sinclair
If we get a requested length that is longer then the available buffer size we bail as we won't be able to read the needed data anyway. Bug: chromium:672177 Change-Id: Idb41671c07fe758ec0c1d4d6f84ead0a58fa8339 Reviewed-on: https://pdfium-review.googlesource.com/3221 Reviewed-by: Nicolás Peña <npm@chromium.org> Commit-Queue: Nicolás Peña <npm@chromium.org>
2017-03-27Remove old test expectations after the Mac 10.12 upgrade.Lei Zhang
BUG=chromium:703912 Change-Id: I5b4e582afc95b845e8e5e7a4e14581127c18de2d Reviewed-on: https://pdfium-review.googlesource.com/3193 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Nicolás Peña <npm@chromium.org>
2017-03-23Fix two CloneNonCycle issuesWei Li
CloneNonCycle() tries to detect cyclic object references without copying them. There are two issues: -- for elements in an array or a dictionary, they should be able to refer to the same object, which are not cyclic; -- for cyclic referenced elements in an array or a dictionary, do not clone the element at all. Having nullptr or <key, nullptr> as an element, like we did before, might cause crash when the element being accessed. BUG=chromium:701860 Change-Id: Id0304accde76ed06fa5ce640994c7628359600fb Reviewed-on: https://pdfium-review.googlesource.com/3156 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-03-22Return errors after validation instead of ASSERT in CPDF_DataAvailNicolas Pena
Change-Id: I909deca1d0bfc6de5ac0fd2e6956f9b918caf17a Reviewed-on: https://pdfium-review.googlesource.com/3157 Reviewed-by: Lei Zhang <thestig@chromium.org> Commit-Queue: Nicolás Peña <npm@chromium.org>
2017-03-22Fix ASSERT in CPDF_Data_AvailNicolas Pena
If ParseIndirectObjectAt fails, the replaced object will be null. So we can't ASSERT the output of ValidatePage. CL introducing the ASSERT: https://codereview.chromium.org/2483633002/ BUG=chromium:702897 Change-Id: Ib6e8c0bccaf2c05893f0abef27d431e112064865 Reviewed-on: https://pdfium-review.googlesource.com/3146 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: Nicolás Peña <npm@chromium.org>
2017-03-21Pop when Pages is malformed and has no kidsNicolas Pena
If the Kids array for the Pages dictionary does not exist, just treat this dictionary as the unique page in the document. BUG=chromium:702883 Change-Id: I9cb9645a53d60306ffe563f9b27cbbd37442f4ec Reviewed-on: https://pdfium-review.googlesource.com/3135 Commit-Queue: Nicolás Peña <npm@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-03-16Remove some nested statements in CPDF_DataAvail.Lei Zhang
Change-Id: I959dbfebdc7a5a1ec9b201a80ff6cfdc031572b0 Reviewed-on: https://pdfium-review.googlesource.com/2833 Commit-Queue: Lei Zhang <thestig@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-03-15Reset tree traversal when we think we're at the startchromium/3043Nicolas Pena
If the PDF declares it has a gazillion pages when it does not, we just start traversing again from the start. This CL fixes that. BUG=chromium:680222 Change-Id: Ie9b55abc0aaa372429b3d995a7e1e7ab58fb7965 Reviewed-on: https://pdfium-review.googlesource.com/3060 Commit-Queue: Nicolás Peña <npm@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-03-15Refactor some CPDF_ColorSpace code.Lei Zhang
Change-Id: I1e30d68dae3bf70cf3c426f6126d593b7f1c3ba4 Reviewed-on: https://pdfium-review.googlesource.com/2991 Commit-Queue: Lei Zhang <thestig@chromium.org> Reviewed-by: Nicolás Peña <npm@chromium.org>
2017-03-15Add IndexInBounds() convenience routine.Tom Sepez
Avoid writing |Type| in CollectionSize<Type>() so that index type can change without rewriting conditions. Change-Id: I40c94ca39148b379908760ba9b861114b88af7bb Reviewed-on: https://pdfium-review.googlesource.com/3056 Reviewed-by: Lei Zhang <thestig@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org>
2017-03-14Replace FX_FLOAT with underlying float type.Dan Sinclair
Change-Id: I158b7d80b0ec28b742a9f2d5a96f3dde7fb3ab56 Reviewed-on: https://pdfium-review.googlesource.com/3031 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org> Reviewed-by: Nicolás Peña <npm@chromium.org>
2017-03-14Replace FX_CHAR and FX_WCHAR with underlying types.Dan Sinclair
Change-Id: I96e0a20d66b9184d22f64d8e4ce0dadd5a78c1e8 Reviewed-on: https://pdfium-review.googlesource.com/2967 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-03-13Make most PDFium code pass Clang plugin's auto raw check.Lei Zhang
Change-Id: I9dc32342e24361389841ecba83081a97fc043377 Reviewed-on: https://pdfium-review.googlesource.com/2959 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: Lei Zhang <thestig@chromium.org>
2017-02-27Remove some pointless checks and assignments.Lei Zhang
Change-Id: I6f9fd67cdac581e8f91f829a5934b763bb229d21 Reviewed-on: https://pdfium-review.googlesource.com/2838 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-02-26core: fix two more uninitialized memberschromium/3025chromium/3024Miklos Vajna
Found by Coverity when scanning the bundled pdfium-3004 in LibreOffice. This fixes: - CID 1400335: Uninitialized members (UNINIT_CTOR) CPDF_DataAvail::m_dwTrailerOffset - CID 1400334: Uninitialized members (UNINIT_CTOR) CXML_Element::m_pParent Change-Id: I42da9a704ad75adf39c510c6ef89eb7a97860ea1 Reviewed-on: https://pdfium-review.googlesource.com/2670 Reviewed-by: Lei Zhang <thestig@chromium.org> Commit-Queue: Lei Zhang <thestig@chromium.org>
2017-02-24Remove repeated flags from CPDF_Fontchromium/3023Nicolas Pena
Moved all the flags to CFX_Font. Explicitly stated which ones are valued according to the PDF spec to avoid their values being changed. Change-Id: Ib57593234a4b9b83ef1ad593d0396c64159f303f Reviewed-on: https://pdfium-review.googlesource.com/2837 Commit-Queue: Nicolás Peña <npm@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>