Age | Commit message (Collapse) | Author |
|
One lifetime issue was fixed by passing CPDF_RenderStatus into
Continue() methods rather than holidng a pointer which was going
stale.
Bug:
Change-Id: I63b9dce4c1a0d1377cc407b5460535f7c916a040
Reviewed-on: https://pdfium-review.googlesource.com/5659
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: Tom Sepez <tsepez@chromium.org>
|
|
There are places where an object "child" has a raw pointer
back to object "owner" with the understanding that owner will
always outlive child.
Violating this constraint can lead to use after free, but this
requires finding two paths: one that frees the objects in the
wrong order, and one that uses the object after the free. The
purpose of this patch is to detect the constraint violation
even when the second path is not hit.
We create a template that is used in place of TYPE*. It's dtor,
when a memory tool is present, goes out and probes the first
byte of the object to which it points. Used in "child", this
allows the memory tool to prove that the "owner" is still alive
at the time the child is destroyed, and hence the constraint is
never violated.
Change-Id: I2a6d696d51dda4a79ee2f00a6752965e058a6417
Reviewed-on: https://pdfium-review.googlesource.com/5475
Commit-Queue: Tom Sepez <tsepez@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
Reviewed-by: Lei Zhang <thestig@chromium.org>
|
|
This Cl moves the implementation of the archive buffer behind an
IFX_ArchiveStream interface. The buffer holds the current offset and the
offset parameter is removed from the CPDF_Creator and various other
methods.
Change-Id: Ia54e803b58bbfb6ef03fec4a940d2c056d541356
Reviewed-on: https://pdfium-review.googlesource.com/5255
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
Change-Id: I84cd8e91a296119ecf80b7a092b886f291bebb45
Reviewed-on: https://pdfium-review.googlesource.com/4953
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Reviewed-by: Nicolás Peña <npm@chromium.org>
Commit-Queue: Lei Zhang <thestig@chromium.org>
|
|
The AppendObject method has been removed and the functionality moved
to the individual CPDF_Object classes.
Change-Id: I5446c6cc3e792d849acf77caed34b63a88f3a2d2
Reviewed-on: https://pdfium-review.googlesource.com/5072
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|
|
When decoding the CPDF_HintTable we read the dwDeltaGroupLen value out
of the input stream which is a 16bit number. That value is then passed
in to read a uint32_t of the object number. If we have a group length of
> 32 bits we'll cause an undefined shift when we attempt to shift right
more then 32 bits.
This Cl bails out early if the dwDeltaGroupLen value is > 32 in order to
stop the undefined shifts.
Bug: chromium:718505
Change-Id: I919d6f4cd19826094a5e44d3a65d758029f5c236
Reviewed-on: https://pdfium-review.googlesource.com/5090
Reviewed-by: dsinclair <dsinclair@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
Consolidate all of the sha2 contexts while we're at it, the one
with the largest buf is suitable for use by all the others.
Change-Id: Iace6cd8ca4405f75f78842a1559c3a2478910218
Reviewed-on: https://pdfium-review.googlesource.com/4994
Commit-Queue: Tom Sepez <tsepez@chromium.org>
Reviewed-by: Lei Zhang <thestig@chromium.org>
|
|
- FXSYS_toDecimalDigit() becomes FXSYS_DecimalCharToInt().
- FXSYS_toHexDigit() becomes FXSYS_HexCharToInt().
Change-Id: If4683e8f85f05124b92ff075056cbc295442087d
Reviewed-on: https://pdfium-review.googlesource.com/4930
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: Lei Zhang <thestig@chromium.org>
|
|
Add a comment to clarify and remove some unneeded checks.
Change-Id: I8b0492548b245abc45e161085047c9f36d6c8e2b
Reviewed-on: https://pdfium-review.googlesource.com/4871
Commit-Queue: Lei Zhang <thestig@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|
|
Not a good practice even with correct bounds checks.
Same idea for fpdf_edit_create.cpp
Change-Id: I90b869ae4a07eb60d59997b9c5afc14830efc076
Reviewed-on: https://pdfium-review.googlesource.com/4830
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
Change-Id: Ic31d9cda5e919a754162e14e69cb63671a3fe8b9
Reviewed-on: https://pdfium-review.googlesource.com/4794
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
Commit-Queue: Tom Sepez <tsepez@chromium.org>
|
|
This CL prevents arbitrary position setting which may cause integer overflows.
In the bug in question, the PDF says the xrefs are located in a huge position.
This then causes problems when calling CPDF_SyntaxParser methods.
Bug: chromium:603545
Change-Id: I5f94c38f46a0217e9f12f1bf8b2f3bee3b03cb35
Reviewed-on: https://pdfium-review.googlesource.com/4813
Commit-Queue: Nicolás Peña <npm@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|
|
Change-Id: I13b43ceafc6a35bcc1e366546a4a408ea01fe4ab
Reviewed-on: https://pdfium-review.googlesource.com/4534
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: Tom Sepez <tsepez@chromium.org>
|
|
Change-Id: I8a50ed680c1e101f855644fca8d282dd21470577
Reviewed-on: https://pdfium-review.googlesource.com/4533
Commit-Queue: Tom Sepez <tsepez@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
The chain of destructors may attempt to use m_pDocPage
after it has been set to null by the unique_ptr destructor.
Verify it is still present before using it from any code
that may be called from some other CPDF_ destructor.
Change-Id: I007160231d73feed85d90efc687d6da993653f96
Reviewed-on: https://pdfium-review.googlesource.com/4499
Reviewed-by: Lei Zhang <thestig@chromium.org>
Commit-Queue: Tom Sepez <tsepez@chromium.org>
|
|
The CFX_MemoryStream is the only implementation of IFX_MemoryStream.
This CL removes the interfaces and uses CFX_MemoryStream directly.
Change-Id: I2f43fa39e82dafa7673517d214ae15fd2d0df331
Reviewed-on: https://pdfium-review.googlesource.com/4391
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
This CL cleans up the fx_extension file. The stream code was moved to
fx_stream. IFX_FileAccess was removed and CFX_CRTFileAccess split to its
own file. Code shuffled from header to cpp file.
Change-Id: I700fdfcc9797cf4e8050cd9ba010ad8854feefbf
Reviewed-on: https://pdfium-review.googlesource.com/4371
Reviewed-by: Nicolás Peña <npm@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
Rename arrays to use code page names to make it clearer what they
represent.
Change-Id: Ia7d74353f6bae5fd7f030c05675664dafda03a7a
Reviewed-on: https://pdfium-review.googlesource.com/4350
Reviewed-by: Nicolás Peña <npm@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
This Cl cleans up the unused defines in fx_codepage.h. The
FXFONT_CHARSET_ defines are replaced with fx_codepage defines, this
moves fx_codepage into core instead of xfa only. Static asserts are
added to verify the public/ charsets match the fx_codepage charsets.
Change-Id: Ie2f749e093de60a9a6743128a1fb087912e4cc96
Reviewed-on: https://pdfium-review.googlesource.com/4316
Commit-Queue: dsinclair <dsinclair@chromium.org>
Commit-Queue: Nicolás Peña <npm@chromium.org>
Reviewed-by: Nicolás Peña <npm@chromium.org>
|
|
Remove member m_pAcroForm as it is only used in one method,
and immediately set upon entry. A local will be fine here.
Change-Id: I373f68252249a248061828530098ad759907259a
Reviewed-on: https://pdfium-review.googlesource.com/4190
Reviewed-by: dsinclair <dsinclair@chromium.org>
Reviewed-by: Lei Zhang <thestig@chromium.org>
Commit-Queue: Tom Sepez <tsepez@chromium.org>
|
|
Prototype should be in header for .cpp file actually
implementing it.
Change-Id: I8f771a4840e09da419cee384e3d6dc2e7bba1cc4
Reviewed-on: https://pdfium-review.googlesource.com/4170
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
Avoid tracking ownership via m_bLocalCryptoHandler.
Also remove m_bEncryptCloned, as it is always false.
Replace some methods with direct calls to underlying code.
Change-Id: Ifa9d6f721c59d07e3b8e258f76832ca9f2ea0fc9
Reviewed-on: https://pdfium-review.googlesource.com/4111
Reviewed-by: Lei Zhang <thestig@chromium.org>
Commit-Queue: Lei Zhang <thestig@chromium.org>
|
|
Return strings where possible.
Add missing consts to strings passed by ref.
Convert non-const cases to pointers.
Rename a few methods to be clearer.
Change-Id: I86569bc1744f539e6dd67fc73649b272c016328c
Reviewed-on: https://pdfium-review.googlesource.com/3951
Commit-Queue: Tom Sepez <tsepez@chromium.org>
Reviewed-by: Nicolás Peña <npm@chromium.org>
|
|
Sigh, messed up std::min conversion.
TBR=npm@chromium.org
Bug: pdfium:697
Change-Id: I0091f178b08fa537ebc3962d9349eb46d0aa8a80
Reviewed-on: https://pdfium-review.googlesource.com/3751
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
When fixing https://crbug.com/672177 we added a guard that we aren't
reading off the end of the file. That guard used the file access
Position(). This is the wrong value to compare against as our read
position and the file access Position may be different. This CL updates
the check to use the correct current file position.
Bug: pdfium:697
Change-Id: I68a5eaed2f1f3d65422605f0a8474144cfa7d172
Reviewed-on: https://pdfium-review.googlesource.com/3711
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|
|
Combine some common CCodec_Jbig2Module code.
Change-Id: I9a046314bc0e9dddc9a8c1a06b37764e9f3cc4b6
Reviewed-on: https://pdfium-review.googlesource.com/3713
Commit-Queue: Lei Zhang <thestig@chromium.org>
Reviewed-by: Nicolás Peña <npm@chromium.org>
|
|
Pass stream argument to constructor; it feels like a
stream accessor should always be made from a stream rather
than passing one in after the fact.
Change-Id: Iaa46cb37677b81f0170f5d39bab76ad38ea4af44
Reviewed-on: https://pdfium-review.googlesource.com/3620
Commit-Queue: Tom Sepez <tsepez@chromium.org>
Reviewed-by: Lei Zhang <thestig@chromium.org>
|
|
Make the IccProfile track its stream so that it has a
proper key with which to purge the docpagedata map.
Change-Id: Ib05ebc1afb828f1f5e5df62a1a33a1bfdecf507d
Reviewed-on: https://pdfium-review.googlesource.com/3619
Commit-Queue: Tom Sepez <tsepez@chromium.org>
Reviewed-by: Lei Zhang <thestig@chromium.org>
|
|
Change-Id: Icf6b0ec88dfc8dc707b18ca4ad25dd77610b4c91
Reviewed-on: https://pdfium-review.googlesource.com/3622
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
This Cl drops the FXSYS_ from mem methods which are the same on all
platforms.
Bug: pdfium:694
Change-Id: I9d5ae905997dbaaec5aa0b2ae4c07358ed9c6236
Reviewed-on: https://pdfium-review.googlesource.com/3613
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
This Cl drops the FXSYS_ from string methods which are the same on
all platforms.
Bug: pdfium:694
Change-Id: I1698aafd84f40474997549ae91ce35603377e303
Reviewed-on: https://pdfium-review.googlesource.com/3597
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|
|
Remove the old externally-counted CPDF_CountedImage type.
Change-Id: Ia0b288586272da3f2daf7dfc153f08e62794321a
Reviewed-on: https://pdfium-review.googlesource.com/3553
Reviewed-by: Lei Zhang <thestig@chromium.org>
Commit-Queue: Lei Zhang <thestig@chromium.org>
|
|
This CL replaces some new's with pdfium::MakeUnique.
Change-Id: I50faf3ed55e7730b094c14a7989a9dd51cf33cbb
Reviewed-on: https://pdfium-review.googlesource.com/3430
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|
|
BUG=pdfium:601
Change-Id: I07756cd208cd2221802ff2d331f316b6618a41e0
Reviewed-on: https://pdfium-review.googlesource.com/3120
Commit-Queue: Lei Zhang <thestig@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
If we get a requested length that is longer then the available buffer
size we bail as we won't be able to read the needed data anyway.
Bug: chromium:672177
Change-Id: Idb41671c07fe758ec0c1d4d6f84ead0a58fa8339
Reviewed-on: https://pdfium-review.googlesource.com/3221
Reviewed-by: Nicolás Peña <npm@chromium.org>
Commit-Queue: Nicolás Peña <npm@chromium.org>
|
|
BUG=chromium:703912
Change-Id: I5b4e582afc95b845e8e5e7a4e14581127c18de2d
Reviewed-on: https://pdfium-review.googlesource.com/3193
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: Nicolás Peña <npm@chromium.org>
|
|
CloneNonCycle() tries to detect cyclic object references without copying
them. There are two issues:
-- for elements in an array or a dictionary, they should be able to
refer to the same object, which are not cyclic;
-- for cyclic referenced elements in an array or a dictionary, do not
clone the element at all. Having nullptr or <key, nullptr> as an element,
like we did before, might cause crash when the element being accessed.
BUG=chromium:701860
Change-Id: Id0304accde76ed06fa5ce640994c7628359600fb
Reviewed-on: https://pdfium-review.googlesource.com/3156
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
Change-Id: I909deca1d0bfc6de5ac0fd2e6956f9b918caf17a
Reviewed-on: https://pdfium-review.googlesource.com/3157
Reviewed-by: Lei Zhang <thestig@chromium.org>
Commit-Queue: Nicolás Peña <npm@chromium.org>
|
|
If ParseIndirectObjectAt fails, the replaced object will be null. So we can't
ASSERT the output of ValidatePage. CL introducing the ASSERT:
https://codereview.chromium.org/2483633002/
BUG=chromium:702897
Change-Id: Ib6e8c0bccaf2c05893f0abef27d431e112064865
Reviewed-on: https://pdfium-review.googlesource.com/3146
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: Nicolás Peña <npm@chromium.org>
|
|
If the Kids array for the Pages dictionary does not exist, just treat this
dictionary as the unique page in the document.
BUG=chromium:702883
Change-Id: I9cb9645a53d60306ffe563f9b27cbbd37442f4ec
Reviewed-on: https://pdfium-review.googlesource.com/3135
Commit-Queue: Nicolás Peña <npm@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
Change-Id: I959dbfebdc7a5a1ec9b201a80ff6cfdc031572b0
Reviewed-on: https://pdfium-review.googlesource.com/2833
Commit-Queue: Lei Zhang <thestig@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
If the PDF declares it has a gazillion pages when it does not, we just start
traversing again from the start. This CL fixes that.
BUG=chromium:680222
Change-Id: Ie9b55abc0aaa372429b3d995a7e1e7ab58fb7965
Reviewed-on: https://pdfium-review.googlesource.com/3060
Commit-Queue: Nicolás Peña <npm@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
Change-Id: I1e30d68dae3bf70cf3c426f6126d593b7f1c3ba4
Reviewed-on: https://pdfium-review.googlesource.com/2991
Commit-Queue: Lei Zhang <thestig@chromium.org>
Reviewed-by: Nicolás Peña <npm@chromium.org>
|
|
Avoid writing |Type| in CollectionSize<Type>() so that index
type can change without rewriting conditions.
Change-Id: I40c94ca39148b379908760ba9b861114b88af7bb
Reviewed-on: https://pdfium-review.googlesource.com/3056
Reviewed-by: Lei Zhang <thestig@chromium.org>
Commit-Queue: Tom Sepez <tsepez@chromium.org>
|
|
Change-Id: I158b7d80b0ec28b742a9f2d5a96f3dde7fb3ab56
Reviewed-on: https://pdfium-review.googlesource.com/3031
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Reviewed-by: Nicolás Peña <npm@chromium.org>
|
|
Change-Id: I96e0a20d66b9184d22f64d8e4ce0dadd5a78c1e8
Reviewed-on: https://pdfium-review.googlesource.com/2967
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|
|
Change-Id: I9dc32342e24361389841ecba83081a97fc043377
Reviewed-on: https://pdfium-review.googlesource.com/2959
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: Lei Zhang <thestig@chromium.org>
|
|
Change-Id: I6f9fd67cdac581e8f91f829a5934b763bb229d21
Reviewed-on: https://pdfium-review.googlesource.com/2838
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
Found by Coverity when scanning the bundled pdfium-3004 in LibreOffice.
This fixes:
- CID 1400335: Uninitialized members (UNINIT_CTOR)
CPDF_DataAvail::m_dwTrailerOffset
- CID 1400334: Uninitialized members (UNINIT_CTOR)
CXML_Element::m_pParent
Change-Id: I42da9a704ad75adf39c510c6ef89eb7a97860ea1
Reviewed-on: https://pdfium-review.googlesource.com/2670
Reviewed-by: Lei Zhang <thestig@chromium.org>
Commit-Queue: Lei Zhang <thestig@chromium.org>
|
|
Moved all the flags to CFX_Font. Explicitly stated which ones are valued
according to the PDF spec to avoid their values being changed.
Change-Id: Ib57593234a4b9b83ef1ad593d0396c64159f303f
Reviewed-on: https://pdfium-review.googlesource.com/2837
Commit-Queue: Nicolás Peña <npm@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|