summaryrefslogtreecommitdiff
path: root/core/fpdfdoc
AgeCommit message (Collapse)Author
2017-09-21Move CFX_WeakPtr to WeakPtrDan Sinclair
This CL renames CFX_WeakPtr to WeakPtr and moves into the fxcrt namespace. Bug: pdfium:898 Change-Id: Ide50a8afeb1e987c48c8fbd103898745c9199d6a Reviewed-on: https://pdfium-review.googlesource.com/14621 Commit-Queue: dsinclair <dsinclair@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-09-21Move CFX_UnownedPtr to UnownedPtrDan Sinclair
This CL moves CFX_UnownedPtr to UnownedPtr and places in the fxcrt namespace. Bug: pdfium:898 Change-Id: I6d1fa463f365e5cb3aafa8c8a7a5f7eff62ed8e0 Reviewed-on: https://pdfium-review.googlesource.com/14620 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-09-21Move CFX_StringPoolTemplate to StringPoolTemplateDan Sinclair
This CL moves CFX_StringPoolTemplate to StringPoolTemplate and places in the fxcrt namespace. Bug: pdfium:898 Change-Id: I41c8f23d6ad814d65cd154092143efaa630a96d1 Reviewed-on: https://pdfium-review.googlesource.com/14619 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-09-21Rename CFX_RetainPtr to RetainPtrDan Sinclair
This CL renames CFX_RetainPtr to RetainPtr and places in the fxcrt namespace. Bug: pdfium:898 Change-Id: I8798a9f79cb0840d3f037e8d04937cedd742914e Reviewed-on: https://pdfium-review.googlesource.com/14616 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-09-21Move CFX_MaybeOwned to fxcrt::MaybeOwnedDan Sinclair
This CL moves CFX_MaybeOwned into the fxcrt namespace and removes the CFX_ prefix. The test names for maybe owned were updated to be in the MaybeOned test suite instead of the fxcrt suite. Bug: pdfium:898 Change-Id: I0c07057d66c8610e7b19133094b4507fff725e76 Reviewed-on: https://pdfium-review.googlesource.com/14470 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-09-18Convert string class namesRyan Harrison
Automated using git grep & sed. Replace StringC classes with StringView classes. Remove the CFX_ prefix and put string classes in fxcrt namespace. Change AsStringC() to AsStringView(). Rename tests from TEST(fxcrt, *String*Foo) to TEST(*String*, Foo). Couple of tests needed to have their names regularlized. BUG=pdfium:894 Change-Id: I7ca038685c8d803795f3ed02545124f7a224c83d Reviewed-on: https://pdfium-review.googlesource.com/14151 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: Ryan Harrison <rharrison@chromium.org>
2017-09-15Make static const char* arrays more const.Lei Zhang
Change-Id: I87b5e6cefe973b82b4868e56fc5285c95c53a12b Reviewed-on: https://pdfium-review.googlesource.com/12550 Commit-Queue: Lei Zhang <thestig@chromium.org> Reviewed-by: Henrique Nakashima <hnakashima@chromium.org>
2017-08-31Remove fx_basic.hDan Sinclair
This CL removes the fx_basic.h header and fixes up includes as needed. Change-Id: I49af32a8327bdbcda40c50a61ffbd75d06609040 Reviewed-on: https://pdfium-review.googlesource.com/12670 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-08-31Change CPDF_Form::ParseContent() to ParseContentWithParams().Lei Zhang
Add a new ParseContent() method as a convenience to call ParseContentWithParams() with the default parameters. Change-Id: I274682845a72e125c3fc6299289edb760104ac4d Reviewed-on: https://pdfium-review.googlesource.com/12250 Commit-Queue: Ryan Harrison <rharrison@chromium.org> Reviewed-by: Ryan Harrison <rharrison@chromium.org>
2017-08-30Add truly const versions of CPDF_Document getters.Lei Zhang
Instead of only having CPDF_Dictionary* GetRoot() const, provide const CPDF_Dictionary* GetRoot() const and CPDF_Dictionary* GetRoot(). Do the same for GetInfo(). Change-Id: I6eae1208d38327fcdc7d0cd75069a01c95f4a92a Reviewed-on: https://pdfium-review.googlesource.com/11671 Commit-Queue: Lei Zhang <thestig@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-08-30Convert int* references to FX_STRSIZERyan Harrison
Through out the code base there are numerous places where variables are declared using a signed integer type when interacting with the string classes, since they assume that FX_STRSIZE is 'int'. As part of changing the underling type of FX_STRSIZE to be unsigned, these locations are being changed to use FX_STRSIZE. This is necessary as part of converting the type, but has been broken off into a separate CL, since it should be low risk. Some related cleanups that are low risk are included as part of this CL. BUG=pdfium:828 Change-Id: Ifaae54ad195ccde0fe8672f71271d29a6ebd65fd Reviewed-on: https://pdfium-review.googlesource.com/12210 Reviewed-by: Tom Sepez <tsepez@chromium.org> Reviewed-by: Henrique Nakashima <hnakashima@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: Ryan Harrison <rharrison@chromium.org>
2017-08-28Change DrawAppearance() methods to take CFX_Matrix by const-ref.Lei Zhang
Change-Id: If038850c745ac26e50c313bdbe630483434caedc Reviewed-on: https://pdfium-review.googlesource.com/11390 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-08-23Convert string Find methods to return an OptionalRyan Harrison
The Find and ReverseFind methods for WideString, WideStringC, ByteString, and ByteStringC have been converted from returning a raw FX_STRSIZE, to returning Optional<FX_STRSIZE>, so that success/failure can be indicated without using FX_STRNPOS. This allows for removing FX_STRNPOS and by association makes the conversion of FX_STRSIZE to size_t easier, since it forces checking the return value of Find to be explictly done as well as taking the error value out of the range of FX_STRSIZE. New Contains methods have been added for cases where the success or failure is all the call site to Find cared about, and the actual position was ignored. BUG=pdfium:828 Change-Id: Id827e508c8660affa68cc08a13d96121369364b7 Reviewed-on: https://pdfium-review.googlesource.com/11350 Commit-Queue: Ryan Harrison <rharrison@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-08-22Converted CFX_Matrix::TransformRect() to take in constsJane Liu
Currently, all three of CFX_Matrix::TransformRect() take in rect values and modify them in place. This CL converts them to take in constant values and return the transformed values instead, and fixes all the call sites. Bug=pdfium:874 Change-Id: I9c274df3b14e9d88c100ba0530068e06e8fec32b Reviewed-on: https://pdfium-review.googlesource.com/11550 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: Jane Liu <janeliulwq@google.com>
2017-08-21Avoid annotation popups to be clipped at page edgesJane Liu
Currently, annotation popups are placed at a fixed location relative to the annotation. If an annotation is too much on the right or the bottom of the page, then its popup will be clipped at the edge of the page. This CL translates the popups appropriately to avoid getting clipped at page edges. Also, if an annotation is at the bottom-right corner of the page, then the popup is placed above and to the left of the annotation, instead of below and to the right of it. See a set of comparison screenshots here: https://drive.google.com/drive/folders/0B7Fvv7JszRyGZXZXR05yVEFWSlE?usp=sharing Bug=chromium:645367,pdfium:750 Change-Id: Ie048281e965523c292dcc704b51188d794f8877b Reviewed-on: https://pdfium-review.googlesource.com/11470 Commit-Queue: Jane Liu <janeliulwq@google.com> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-08-15Add missing length check before getting element from stringRyan Harrison
BUG=chromium:754993 Change-Id: I9444ef83fb62784fef3bf8d294b2ab88b6574b5a Reviewed-on: https://pdfium-review.googlesource.com/11070 Commit-Queue: Ryan Harrison <rharrison@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-08-15Remove GetAt from string classesRyan Harrison
This method duplicates the behaviour of the const [] operator and doesn't offer any additional safety. Folding them into one implementation. SetAt is retained, since implementing the non-const [] operator to replace SetAt has potential performance concerns. Specifically many non-obvious cases of reading an element using [] will cause a realloc & copy. BUG=pdfium:860 Change-Id: I3ef5e5e5a15376f040256b646eb0d90636e24b67 Reviewed-on: https://pdfium-review.googlesource.com/10870 Commit-Queue: Ryan Harrison <rharrison@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-08-11Add checks of index operations on string classesRyan Harrison
Specifically the index parameter passed in to GetAt(), SetAt() and operator[] are now being tested to be in bounds. BUG=chromium:752480, pdfium:828 Change-Id: I9e94d58c98a8eaaaae53cd0e3ffe2123ea17d8c4 Reviewed-on: https://pdfium-review.googlesource.com/10651 Commit-Queue: Ryan Harrison <rharrison@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-08-01Replace raw value for constant error value in string operationsRyan Harrison
Currently Find() and other methods that return a FX_STRSIZE return -1 to indicate error/failure. This means that there is a lot of magic numbers and magic checks floating around. The standard library for similar operations uses a npos constant. This CL implements FX_STRNPOS, and replaces usages of magic number checking. It also does some type cleanup along the way where it was obvious that FX_STRSIZE should be being used. Removing the magic numbers should make eventually changing FX_STRSIZE to be unsigned easier in the future. BUG=pdfium:828 Change-Id: I67e481e44cf2f75a1698afa8fbee4f375a74c490 Reviewed-on: https://pdfium-review.googlesource.com/9651 Commit-Queue: Ryan Harrison <rharrison@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-07-28Add CPDF_Stream::ReplaceData method.chromium/3170Artem Strygin
Change-Id: I94b2e8f6fd522b97c917037e32fb3bcbeea0cbeb Reviewed-on: https://pdfium-review.googlesource.com/8911 Commit-Queue: Lei Zhang <thestig@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org>
2017-07-28Convert calls to Mid() to Left() or Right() if possibleRyan Harrison
The various string/byte classes support Mid(), Left(), and Right() for extracting substrings. Mid() can handle all possible cases, but Left() and Right() are useful for common cases and more explicit about what is going on. Calls like Mid(offset, length - offset) can be converted to Right(length - offset). Calls like Mid(0, length) can be converted to Left(length). If the substring being extracted does not extend all the way to one of the edges of the string, then Mid() still needs to be used. BUG=pdfium:828 Change-Id: I2ec46ad3d71aac0f7b513e103c69cbe8c854cf62 Reviewed-on: https://pdfium-review.googlesource.com/9510 Commit-Queue: Ryan Harrison <rharrison@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-07-27Remove single param Mid() method from string classesRyan Harrison
This support is being removed from CFX_ByteString, CFX_ByteStringC, CFX_WideString, and CFX_WideStringC. This standardizes all of these classes to only have one Mid method that takes in 2 params, offset and count. Count now must be positive. The old behaviour of calculating the length for the user if -1 is passed in for the count has been removed. This work is in preperation for converting these classes to not accept negative lengths anywhere and thus make the underlying size type unsigned. BUG=pdfium:828 Change-Id: I5f15e7b7b00b264231817f143e2da88ee6f69e7b Reviewed-on: https://pdfium-review.googlesource.com/9430 Reviewed-by: (OOO Jul 28 - Aug 8) dsinclair <dsinclair@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: Ryan Harrison <rharrison@chromium.org>
2017-07-27Added CPDF_NameTree::DeleteValueAndName()Jane Liu
1. Added CPDF_NameTree::DeleteValueAndName() for deleting new name and value pairs from a nametree. This function will be used for the API for deleting embedded files. * Added an anonymous helper function for updating the tree nodes and limits upon deletion. * Added a unit test. Bug=pdfium:174 Change-Id: I3ee4c27af637f721ee0ccda26fbae3d3a5e58f5e Reviewed-on: https://pdfium-review.googlesource.com/8931 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-07-24Added CPDF_NameTree::AddValueAndName()Jane Liu
1. Added CPDF_NameTree::AddValueAndName() for inserting new name and values pairs into a nametree while following nametree order rules. This function will be used for the API for adding embedded files. * Added anonymous helper functions. * Added two unit tests. Bug=pdfium:174 Change-Id: Ic3e2f32f7147ef5c164cf5c2a28e0a652ffed74a Reviewed-on: https://pdfium-review.googlesource.com/8271 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: Jane Liu <janeliulwq@google.com>
2017-07-21Fix nits from commit 67ccef7.chromium/3164Lei Zhang
Change-Id: I24b191ecfe8b65a7d0ddc4958dc117de9ed9ae83 Reviewed-on: https://pdfium-review.googlesource.com/8630 Reviewed-by: Jane Liu <janeliulwq@google.com> Commit-Queue: Lei Zhang <thestig@chromium.org>
2017-07-20Convert CFX_ListItem to use CFX_FloatRectDan Sinclair
The CFX_ListItem never calls the Height() method so doesn't need to use CLST_Rect. This CL removes unused methods from CLST_Rect and CPVT_FloatRect. Change-Id: I82d4f07ec104345e9275ccd838e3c8eed1de7a50 Reviewed-on: https://pdfium-review.googlesource.com/8431 Reviewed-by: Henrique Nakashima <hnakashima@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-07-19Rename StringCs c_str() to unterminated_c_str().Tom Sepez
Since there is no guarantee of termination if the StringC was extracted from a snippet of another string. Make it more obvious that things like strlen(str.unterminated_c_str()) might be a bad idea. Change-Id: I7832248ed89ebbddf5c0bcd402aac7d40ec2adc2 Reviewed-on: https://pdfium-review.googlesource.com/8170 Commit-Queue: Tom Sepez <tsepez@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org> Reviewed-by: Henrique Nakashima <hnakashima@chromium.org>
2017-07-19Use CFX_WideString in CPDF_NameTree functions to strip BOMchromium/3162Jane Liu
PDFium doesn't strip BOMs during parsing, but we should strip BOMs when retrieving parsed strings in CPDF_NameTree to ensure consistency and appropriate function behavior. See the bug for more info. As outlined in Bug=pdfium:593, the solution is to call GetUnicodeText() instead of GetString(). I added a GetUnicodeTextAt() function in CPDF_Array, which is symmetrical to GetUnicodeTextFor() in CPDF_Dictionary. I then changed the input variable types to CPDF_NameTree functions to be CFX_WideString instead of CFX_ByteString, and modified all the calls to them. I also added a unit test for nametree, which would fail prior to this change. Nametrees with non-unicode names are already tested by embedder tests. Bug=pdfium:820 Change-Id: Id69d7343632f83d1f5180348c0eea290f478183f Reviewed-on: https://pdfium-review.googlesource.com/8091 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: Jane Liu <janeliulwq@google.com>
2017-07-13Move CPWL_Utils::OverlapWordRange to CPVT_WordRange::IntersectDan Sinclair
This method only deals with CPVT_WordRange objects so move to the correct class. Change-Id: If5f28178301affa8633f8ef8e89894dfb94f1ac9 Reviewed-on: https://pdfium-review.googlesource.com/7713 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-07-13Changed CPDF_FileSpec::GetFileName() to directly return CFX_WideStringJane Liu
Changed CPDF_FileSpec::GetFileName() to directly return CFX_WideString, instead of taking in a CFX_WideString* and returning a bool. Also fixed test calls in the unit test. Bug=pdfium:808 Change-Id: Ie081fc9f4f1c15d23c86d7222d8480ab9cb56056 Reviewed-on: https://pdfium-review.googlesource.com/7671 Commit-Queue: Jane Liu <janeliulwq@google.com> Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org>
2017-07-12Added helper functions in the class CPDF_FileSpecJane Liu
1. Added two helper functions in CPDF_FileSpec, which will be useful when adding support for embedded files: CPDF_FileSpec::GetFileStream() - useful because the stream object contains the file's data CPDF_FileSpec::GetParamsDict() - useful because the params dictionary contains parameters of the file, such as creation date, size, etc. * Added two unit tests testing both functions. Bug=pdfium:174 Change-Id: I33ea21ddb621434007f94767f281ead0b00ecb8a Reviewed-on: https://pdfium-review.googlesource.com/7355 Reviewed-by: dsinclair <dsinclair@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org> Commit-Queue: Jane Liu <janeliulwq@google.com>
2017-06-29Basic APIs and tests for extracting and setting annotation pathsJane Liu
1. Added APIs for retrieving existing annotation paths and setting annotation paths. * Added an embedder test testing all the new functions. Bug=pdfium:737 Change-Id: Ic451bcd3be488261baf2182549c4238b887b219e Reviewed-on: https://pdfium-review.googlesource.com/6676 Commit-Queue: Jane Liu <janeliulwq@google.com> Reviewed-by: Lei Zhang <thestig@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-06-28Converting CFX_ByteTextBuf to ostringstream in cpvt_generateap.cppHenrique Nakashima
https://pdfium-review.googlesource.com/c/7033/ contains the changes in the corpus tests expected pngs. They are imperceptible and due to a difference in float rounding when writing the appearance stream. Bug: pdfium:731 Change-Id: I815ca5b9ddd02382b74285a32bfde8bd3e8eeaae Reviewed-on: https://pdfium-review.googlesource.com/7010 Commit-Queue: Henrique Nakashima <hnakashima@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org>
2017-06-27Made existing annotation APIs to work with APchromium/3143Jane Liu
1. Modified some existing annotation APIs to take into account the effect of annotation's appearance streams. * Added an embedder test testing annotations with APs. This CL is refactored out of https://pdfium-review.googlesource.com/c/6676/. Bug=pdfium:737 Change-Id: I27d5e66dfdb90038d147cab1a26e0bf86b324982 Reviewed-on: https://pdfium-review.googlesource.com/7030 Commit-Queue: Jane Liu <janeliulwq@google.com> Reviewed-by: Lei Zhang <thestig@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-06-22Avoid regenerating appearance stream when already present.Henrique Nakashima
Since cpdfsdk_widget.cpp already generates it, we can expect that FPDF_GenerateAP will not be called. That implementation does not work with widgets with a shared field. Bug: chromium:733528 Change-Id: Ia436b4e8bc87ca86b67a02cf7301ac2328339128 Reviewed-on: https://pdfium-review.googlesource.com/6752 Reviewed-by: Lei Zhang <thestig@chromium.org> Commit-Queue: Henrique Nakashima <hnakashima@chromium.org>
2017-06-22Minor change to AP generation logicJane Liu
Current behavior: Our CPVT_GenerateAP::Generate*AP() functions do not get called as long as the annotation dictionary has an "AP" entry. Problem: We always need the "N" entry in AP dictionary to display an annotation. Even though the spec requires "AP" dictionary to have an "N" entry for normal mode appearance, in case of a malformed pdf with "AP" but without "N" in "AP", we won't be able to display the annotation at all. Fix: Always check if "AP" has "N" entry to decide whether AP needs to be generated. If not, then we still need to generate AP, and add to the AP dictionary under the key "N". Bug=pdfium:778 Change-Id: Icf0c6a681b3c8c22b0b67bf8d16ce6fefdc2c45b Reviewed-on: https://pdfium-review.googlesource.com/6692 Reviewed-by: Lei Zhang <thestig@chromium.org> Commit-Queue: Jane Liu <janeliulwq@google.com>
2017-06-21Fixed optional content not rendered when OCGs array is empty.chromium/3138Henrique Nakashima
At least one nonnull entry needs to be in OCGs for it to be considered present. See "OCGs" in table 4.49 in the PDF 1.7 spec. Bug: pdfium:491. Change-Id: I7eae65ba1fabff9cf1d5cea50d059a04814a3fec Reviewed-on: https://pdfium-review.googlesource.com/6751 Commit-Queue: Henrique Nakashima <hnakashima@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-06-20Cleanup fpdf_parser_decodeNicolas Pena
This CL fixes some nits in fpdf_parser_decode, especially avoiding non-const reference parameters. Change-Id: Ibb914850afd924bb398f886ac862f7589519ef7e Reviewed-on: https://pdfium-review.googlesource.com/6750 Commit-Queue: Nicolás Peña <npm@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-05-25Mass conversion of remaining class members (non-xfa)Tom Sepez
Change-Id: I8365ba80e3395d59a3cf35dbd9d9162e86e712e3 Reviewed-on: https://pdfium-review.googlesource.com/5970 Commit-Queue: Tom Sepez <tsepez@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org>
2017-05-25Mass conversion of all const-lifetime class membersTom Sepez
Sed + minimal conversions to compile, including moving some constructors into the .cpp file. Any that caused ASAN issues during the tests were omitted rather than trying to resolve the underlying issue. Change-Id: I00a421f33b253eb4071ffd9af3f2922c7443b335 Reviewed-on: https://pdfium-review.googlesource.com/5891 Commit-Queue: Tom Sepez <tsepez@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org>
2017-05-24Convert to CFX_UnownedPtr, part 10Tom Sepez
Change-Id: I4eab5e843580845753c5f80c05cf9490a85114b6 Reviewed-on: https://pdfium-review.googlesource.com/5890 Reviewed-by: Lei Zhang <thestig@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org>
2017-05-24Convert to CFX_UnownedPtr, part 9Tom Sepez
Change-Id: Ia1151e0855accda0873251938a521df1913c73fa Reviewed-on: https://pdfium-review.googlesource.com/5852 Reviewed-by: Lei Zhang <thestig@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org>
2017-05-24Convert to CFX_UnownedPtr, part 5Tom Sepez
Change-Id: Ibdb20fca7e4daae9d61286df4801ac02faf3b281 Reviewed-on: https://pdfium-review.googlesource.com/5831 Commit-Queue: Lei Zhang <thestig@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org>
2017-05-24Convert to CFX_UnownedPtr, part 3.Tom Sepez
Remove an explicit clear to re-order the member destruction order. Change-Id: I33da3f3de4b8e8e0cfbdceaf5140e98f5d6f904a Reviewed-on: https://pdfium-review.googlesource.com/5791 Reviewed-by: Lei Zhang <thestig@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org>
2017-05-23Use NOTREACHED() in more places.Lei Zhang
Change-Id: I88466943171f19259f84add69679741d44c8e123 Reviewed-on: https://pdfium-review.googlesource.com/5551 Commit-Queue: Lei Zhang <thestig@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-05-22Convert more c-style pointers to CFX_UnownedPtrTom Sepez
Change-Id: I551b4210c95db0b916e9fe6cddf11e6c3d015c50 Reviewed-on: https://pdfium-review.googlesource.com/5790 Reviewed-by: Lei Zhang <thestig@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org>
2017-05-18Use UnownedPtr to check CFX_*StringC lifetimeschromium/3104Tom Sepez
Change interform to avoid temp StringC with dangling ptr. Change-Id: I8d8659973bcdf2cdbcaa6efa6012e4acce5f1604 Reviewed-on: https://pdfium-review.googlesource.com/5571 Commit-Queue: Tom Sepez <tsepez@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org>
2017-05-16Introduce CFX_UnownedPtr to detect lifetime inversion issues.Tom Sepez
There are places where an object "child" has a raw pointer back to object "owner" with the understanding that owner will always outlive child. Violating this constraint can lead to use after free, but this requires finding two paths: one that frees the objects in the wrong order, and one that uses the object after the free. The purpose of this patch is to detect the constraint violation even when the second path is not hit. We create a template that is used in place of TYPE*. It's dtor, when a memory tool is present, goes out and probes the first byte of the object to which it points. Used in "child", this allows the memory tool to prove that the "owner" is still alive at the time the child is destroyed, and hence the constraint is never violated. Change-Id: I2a6d696d51dda4a79ee2f00a6752965e058a6417 Reviewed-on: https://pdfium-review.googlesource.com/5475 Commit-Queue: Tom Sepez <tsepez@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org>
2017-04-28Disallow CPDF_FormField with deep node trees.Lei Zhang
Otherwise the destruction can stack overflow. BUG=pdfium:716525 Change-Id: I415176a361a0fc2310d3671c1c0e804d11a98261 Reviewed-on: https://pdfium-review.googlesource.com/4613 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: Lei Zhang <thestig@chromium.org>
2017-04-28Fix stack overflow in CFieldTree::Node::GetFieldInternal().Lei Zhang
Limit recursion depth, just like in CountFieldsInternal(). BUG=chromium:716523 Change-Id: I70c052347a1d8fb9a4dbc065a1c9af55c02818f2 Reviewed-on: https://pdfium-review.googlesource.com/4612 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: Lei Zhang <thestig@chromium.org>