summaryrefslogtreecommitdiff
path: root/core/fpdfapi
AgeCommit message (Collapse)Author
2016-09-21Delete unused methods in CPDF_Parsernpm
Review-Url: https://codereview.chromium.org/2353383002
2016-09-20Change protected to private in CPDF_CID2UnicodeMap and CPDF_ToUnicodeMapchromium/2867npm
Review-Url: https://codereview.chromium.org/2356603003
2016-09-20Delete unused methods and variables in CPDF_CMapManagernpm
and in CPDF_CMapParser Review-Url: https://codereview.chromium.org/2353963003
2016-09-20Make CPDF_Array not do indirect object creation.tsepez
We remove the indirect object holder argument and check that call sites pass ownable objects, adding a reference in one place that always was passing an indirect object. Also check that the invariant isn't violated, we need to fail here in the wild and investigate -- these are existing UAFs. Review-Url: https://codereview.chromium.org/2355083002
2016-09-20CPDF_Document friend cleanupdsinclair
Remove CPDF_Creator and CPDF_Parser as friends of CPDF_Document. Move all member variables to the private section, and add CPDF_TestDocument as a private friend. Review-Url: https://codereview.chromium.org/2349353003
2016-09-20CPDF_OCContext and CPDF_Document are no longer friendsdsinclair
Remove friendship as there doesn't appear to be anything protected that is being accessed by CPDF_OCContext. Review-Url: https://codereview.chromium.org/2355823002
2016-09-20CPDF_Document and CPDF_DataAvail are no longer friendsdsinclair
Remove the friendship between these two classes and replace with accessor methods. Review-Url: https://codereview.chromium.org/2355813002
2016-09-20Cleanup CPDFXFA and CPDF document methodsdsinclair
This CL renames and cleans up some methods that are similar between CPDF_Document and CPDFXFA_Document. Review-Url: https://codereview.chromium.org/2351673004
2016-09-20Re-land "Make CPDF_IndirectObjectHolder use unique_ptr to objects""tsepez
This reverts commit 81e1e3fd2d33478733e47bd007b76fac1a663e74. Review-Url: https://codereview.chromium.org/2353013003
2016-09-20Fix memory leaking on ClosePage.art-snake
BUG=79367, 48791 The fonts was not cleared after unloading pages. Test pdf: http://www.nasa.gov/pdf/750614main_NASA_FY_2014_Budget_Estimates-508.pdf For this file, we have ~5 fonts per page, which equal ~1 Mb per page. In this PDF we have 670 pages, as result after slow scrolling(reading) full document we have ~600 Mb fonts data in memory. Memory usage of PDF Plugin: before this CL: ~660 Mb after this CL: ~100 Mb This is last part of reverted CL: Original CL: https://codereview.chromium.org/2158023002 Revert reason: BUG=647612 Fix bug CL: https://codereview.chromium.org/2350193003 Previous CL: https://codereview.chromium.org/2350243002 Review-Url: https://codereview.chromium.org/2351193002
2016-09-20Assert that dictionary can own the objects it is given.tsepez
Upon indirect object holder destruction, all indirect objects are destroyed -- currently by order of increasing object number -- but ideally without ordering constraints. So currently, we can get away with a dictionary pointing directly at an indirect object with a higher number. It gets destroyed first, invoking Release() on its subordinates, which skips destroying them if they are indirect objects. But we don't want to rely on this artifact of destruction order. Should it happen to be reversed, the dictionary would invoke Release() on freed memory. Interestingly, CPDF_Array skirts the issue by replacing any indirect objects it is given with references. Not clear whether we should do the same thing for dictionaries, or remove it from arrays. The technique certainly complicates understanding ownership. The one violation found is in the unittest that broke the previous CL which tried to use unique_ptrs in indirect object holder. Review-Url: https://codereview.chromium.org/2353093002
2016-09-20Refactor CFX_FontCache to have only one in GE Module.art-snake
After this CL: only one global CFX_FontCache used. Any cached items from it, are released, when they are not being used. This is restore part of reverted CL: Original CL: https://codereview.chromium.org/2158023002 Revert reason: BUG=647612 Fix bug CL: https://codereview.chromium.org/2350193003 Review-Url: https://codereview.chromium.org/2350243002
2016-09-20Fix stack exhaustion in CPDF_PSProc::Parse()tsepez
BUG=648059 Review-Url: https://codereview.chromium.org/2350013003
2016-09-19Revert "Make CPDF_IndirectObjectHolder use unique_ptr to objects"Tom Sepez
This reverts commit c8544d634a1993e2592e41458be215fcd0956031. TBR=dsinclair@chromium.org Review URL: https://codereview.chromium.org/2355683002 .
2016-09-19Make CPDF_IndirectObjectHolder use unique_ptr to objectstsepez
The objects it is given are owned by it and are simply deleted without regard to Release() used by others. Review-Url: https://codereview.chromium.org/2350263002
2016-09-19Remove CPDF_Object::Destroy { delete this; }chromium/2866tsepez
We can delete this just fine on our own. Review-Url: https://codereview.chromium.org/2355593002
2016-09-19Fix "heap use after free" bug.art-snake
BUG=647612 Review-Url: https://codereview.chromium.org/2350193003
2016-09-19Clean up CPDF_Stream.tsepez
Replace the CPDF_Stream(nullptr, 0, nullptr) pattern with a default ctor. Remove unused parameters from CPDF_Stream::SetData(). Both are always passed as FALSE. CPDF_Stream declared its own m_GenNum, which shadowed the one in CPDF_Object. It was used only to distinguish file/memory streams, so add a bool explicitly for this purpose. Remove the union, it would be sad if we confused user data with a C++ object with virtual function calls. Use unique_ptrs with appropriate deleters to manage memory. Review-Url: https://codereview.chromium.org/2347993002
2016-09-19Revert of Pdfium: Fix fonts leaking on ClosePage. (patchset #10 id:180001 of ↵dsinclair
https://codereview.chromium.org/2158023002/ ) Reason for revert: Causes heap-use-after-free. See crbug.com/647612. Original issue's description: > Fix memory leaking on ClosePage. > CFX_FontCache refactoring: > after this CL: Only one global CFX_FontCache used. Any cached items from it, are released, when its are not used. > > BUG=79367,48791 > > The fonts was not cleared after unloading pages. > > Test pdf: > > http://www.nasa.gov/pdf/750614main_NASA_FY_2014_Budget_Estimates-508.pdf > > For this file, we have ~5 fonts per page, which equal ~1 Mb per page. > In this PDF we have 670 pages, as result after slow scrolling(reading) full document we have ~600 Mb fonts data in memory. > > memory usage of PDF Plugin: > before this CL: ~660 Mb > after this CL: ~100 Mb > > Committed: https://pdfium.googlesource.com/pdfium/+/cde5101eb15b24519e89fa500fe37038bc8e2201 TBR=tsepez@chromium.org,brucedawson@chromium.org,npm@chromium.org,art-snake@yandex-team.ru # Not skipping CQ checks because original CL landed more than 1 days ago. BUG=79367,48791 Review-Url: https://codereview.chromium.org/2350763002
2016-09-19Remove duplicated charset definitions, and move them to fx_font.hnpm
PWL_FontMap does not need its own charset definitions. fx_edit.h does not need to define DEFAULT_CHARSET. XFA have their own definitions. They look different in that most are MAC or MSWin charset definitions. So they are left untouched. public/fpdf_sysfontinfo.h duplicate ones were left untouched due to being in public folder. Review-Url: https://codereview.chromium.org/2347313002
2016-09-19Fix compare between signed and unsigned values in ↵stackexploit
CPDF_ImageRenderer::StartDIBSource. Correct the compare logic in CPDF_ImageRenderer::StartDIBSource() by using size_t instead of int. BUG=chromium:645036 R=ochang@chromium.org Review-Url: https://codereview.chromium.org/2323663002
2016-09-16Reduce duplicated code in CPDF_Document by adding auxiliary methodschromium/2865chromium/2864chromium/2863npm
ProcessbCJK and CalculateFontDesc methods are used to reduce the code duplication between AddFont and AddWindowsFont methods. Review-Url: https://codereview.chromium.org/2341373003
2016-09-15Fix memory leaking on ClosePage.chromium/2862art-snake
CFX_FontCache refactoring: after this CL: Only one global CFX_FontCache used. Any cached items from it, are released, when its are not used. BUG=79367,48791 The fonts was not cleared after unloading pages. Test pdf: http://www.nasa.gov/pdf/750614main_NASA_FY_2014_Budget_Estimates-508.pdf For this file, we have ~5 fonts per page, which equal ~1 Mb per page. In this PDF we have 670 pages, as result after slow scrolling(reading) full document we have ~600 Mb fonts data in memory. memory usage of PDF Plugin: before this CL: ~660 Mb after this CL: ~100 Mb Review-Url: https://codereview.chromium.org/2158023002
2016-09-15Rename dictionary set and get methodsdsinclair
This Cl makes the Get and Set methods consistenly use {G|S}et<Type>For. BUG=pdfium:596 Review-Url: https://codereview.chromium.org/2334323005
2016-09-13Sort include entries.dsinclair
This CL updates all of the includes to be correctly sorted. A PRESUBMIT warning is added (from chromium) that will warn if the includes are in the wrong order on upload. Review-Url: https://codereview.chromium.org/2337293002
2016-09-13Remove more strcmp/memcmp usage.tsepez
Review-Url: https://codereview.chromium.org/2340513002
2016-09-12Refactor CPDF_Document by creating new methodsnpm
- Methods GetPagesDict, ProcessNonbCJK, CalculateFlags, and CalculateEncodingDict created to reduce duplicated code. - Code nits Review-Url: https://codereview.chromium.org/2323793003
2016-09-09Define behaviors of FPDF_RenderPageBitmap_Retail and FPDF_FFLDraw.chromium/2858chromium/2857chromium/2856jaepark
Previously, PDFium only supported widget annotations to draw forms. As we've implemented other annotations, the behavior of FPDF_RenderPageBitmap_Retail and FPDF_FFLDraw changed. So, this CL clearly defines what needs to be done in FPDF_RenderPageBitmap_Retail and FPDF_FFLDraw. This CL first assumes that PDFium users will always call FPDF_RenderPageBitmap_Retail and FPDF_FFLDraw to render PDF pages, because otherwise they are not able to support PDF forms. FPDF_RenderPageBitmap_Retail should only deal with non-widget annotations, such as highlight, underline, text, etc. If FPDF_ANNOT flag is passed, non-widget annotations are drawn. Otherwise, they are hidden. FPDF_FFLDraw should only deal with annotations that requires user-interaction, such as widget annotations and popup annotation. Since popup annotation is associated with non-widget annotation, they should not be drawn if the associated annotation is hidden. Thus, if FPDF_ANNOT flag is passed, popup annotations are drawn. Otherwise, they are hidden. Widget annotations should be always drawn regardless of FPDF_ANNOT flag since they need to be always displayed for PDF forms. Also, roll DEPS for testing/corpus to 8485b30. BUG=pdfium:594 Review-Url: https://codereview.chromium.org/2323203002
2016-09-08Delete unused methods in CPDF_Documentnpm
Review-Url: https://codereview.chromium.org/2323933002
2016-09-08Switch to ValueOrDiedsinclair
We know the values are always valid at this point, so use ValueOrDie instead of ValueOrDefault. BUG=chromium:637984 Review-Url: https://codereview.chromium.org/2319343003
2016-09-07Verify image dimentions before usingdsinclair
Verify the provided image size is within bounds before loading. BUG=chromium:639160 Review-Url: https://codereview.chromium.org/2323473002
2016-09-07Verify pattern start values.dsinclair
When calculating the starting x and y for a pattern it is possible to overflow the int value. Use checked math to make sure we don't overflow. BUG=chromium:637984 Review-Url: https://codereview.chromium.org/2317283002
2016-09-07Maybe avoid a copy in CPDF_RenderStatus::SelectClipPathtsepez
Use the shared copy-on-write version instead of the underlying CFX_GraphStateData since it may not always get modified. Review-Url: https://codereview.chromium.org/2316823002
2016-09-06Make CPDF_TextStateData private to CPDF_TextState.chromium/2853tsepez
Review-Url: https://codereview.chromium.org/2313083002
2016-09-06Move CPDF_GraphState to CFX_GraphStatetsepez
The FX layer is spying on its private data, so make the job of ref-counting it live in FX as well, instead of up a layer at pdfapi. Pre-cursor to making this private and passing the graph state itself everywhere. Review-Url: https://codereview.chromium.org/2314223002
2016-09-06Make CPDF_ContentMarkData private to CPDF_ContentMarktsepez
Review-Url: https://codereview.chromium.org/2312743005
2016-09-06Make ColorStateData private to CPDF_ColorStatetsepez
Review-Url: https://codereview.chromium.org/2311313002
2016-09-03Use safe bool conversion operators in fpdf_page/chromium/2852chromium/2851chromium/2850tsepez
Review-Url: https://codereview.chromium.org/2310693002
2016-09-02Make CPDF_ClipPath have a CPDF_ClipPathData rather than inheriting.tsepez
Make Data private to the ClipPath class which manages it transparently for its callers. This prevents the callers from having to remember to make a copy before dirtying the shared data, since the operations that modify state will do this under the covers for us. Review-Url: https://codereview.chromium.org/2301263003
2016-09-02Remove CFX_Matrix::Copy() in favor of assignmenttsepez
The default assignment operator will suffice and allows us to write matrix1 = matrix2; Review-Url: https://codereview.chromium.org/2307953003
2016-09-02Make CPDF_GeneralStateData private.tsepez
All interaction goes through the CPDF_GeneralState, which manages the underlying storage transparently to the callers. Make StateData use a real string and a real matrix rather than C-style arrays. Review-Url: https://codereview.chromium.org/2302683002
2016-09-02Make CPDF_Path have a CFX_Path rather than inheritingtsepez
Review-Url: https://codereview.chromium.org/2305103002
2016-09-02Make CPDF_GeneralState have a CPDF_GeneralStateDatachromium/2848tsepez
Remove a const cast along the way and propagate to callers. Review-Url: https://codereview.chromium.org/2303553002
2016-09-01Use unsigned page indexes in CPDF_HintTables.thestig
Fix up callers from CPDF_DataAvail. Review-Url: https://codereview.chromium.org/2294383003
2016-09-01Move CPDF_Type3Cache and CPDF_Type3Glyphs to their own filesnpm
Review-Url: https://codereview.chromium.org/2298163004
2016-09-01Fix CPDF_CIDFont::GlyphFromCharCode for fonts flagged with PDFFONT_SYMBOLICnpm
UnicodeFromCharCode should be tried even if the font is flagged as PDFFONT_SYMBOLIC. The result should be checked in case it's empty. This fixes some corpus tests that were being incorrectly rendered, as well as the bug below. A deps change will be required before landing this CL. BUG=chromium:591303 Review-Url: https://codereview.chromium.org/2300893003
2016-09-01Handle another integer overflow in ReadPageHintTable().thestig
Return false instead of crashing. BUG=641882 Review-Url: https://codereview.chromium.org/2300903002
2016-09-01Better validate hint table header bits entries.thestig
BUG=637119 Review-Url: https://codereview.chromium.org/2305443003
2016-09-01Make CPDF_ContentMark have a CPDF_ContentMarkData.tsepez
This one doesn't require an explict Emplace(), as the object seems to get constructed only as a side-effect of making a private copy. Review-Url: https://codereview.chromium.org/2298953002
2016-08-31Check first page number in CPDF_HintTables::ReadPageHintTable().thestig
BUG=642655 Review-Url: https://codereview.chromium.org/2298753003