summaryrefslogtreecommitdiff
path: root/core/fxcodec/jbig2
AgeCommit message (Collapse)Author
2017-01-03Check for overflow in JBig2 Huffman decoderDan Sinclair
This CL updates the Huffman decoder in the JBig2 codex to check the low field does not overflow. BUG=chromium:675236 Change-Id: I7f5f6fe8329df4ece6f317fac521fe2373686479 Reviewed-on: https://pdfium-review.googlesource.com/2131 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2016-12-14Remove CJBig2_List in favor of std::vector<std::unique_ptr<>>tsepez
Review-Url: https://codereview.chromium.org/2578663002
2016-12-14Avoid the ptr.reset(new XXX()) anti-patterntsepez
Be suspicious of |new|. This removes some of the easy cases. Review-Url: https://codereview.chromium.org/2571913002
2016-12-12Fix JBig2 decoding logicweili
While decoding among instances, variable "FIRSTS" should hold its value, not be reset. This was accidently changed by earlier refactoring. BUG=chromium:625848,pdfium:636 Review-Url: https://codereview.chromium.org/2569023002
2016-11-09Add early returns in CJBig2_TRDProc::decode_Arith when decode fails.npm
None of the decodes in the method are currently being checked. This is causing pdfium to take a long time rendering corrupted files. Thus, I added a couple of early returns to help prevent this from happening. BUG=450971 Review-Url: https://codereview.chromium.org/2493633002
2016-11-02Remove FX_BOOL from coretsepez
Review-Url: https://codereview.chromium.org/2477443002
2016-10-28Change some ints to bools in JBIG2 code.thestig
Review-Url: https://codereview.chromium.org/2450393004
2016-10-27Fix FX_BOOL / int noise in JBig2, pass 3tsepez
Review-Url: https://codereview.chromium.org/2457943002
2016-10-27Fix FX_BOOL / int noise in JBig2, pass 2tsepez
Review-Url: https://codereview.chromium.org/2461543002
2016-10-27Fix FX_BOOL / int noise in JBig2_Grd*Proctsepez
Replace most of these with ints since the are used in integer operations. If it walks like a duck, and quacks like a duck ... despite what the hungarian notation might say. Review-Url: https://codereview.chromium.org/2455523005
2016-10-13Verify number of ex flags matches number of ex items.dsinclair
Currently the JBig2 decoder can leak subimages in the case where we mark more items in EXFLAGS then we have SDNUMEXSYMS. This Cl checks for this condition and fails the decode if it happens. BUG=chromium:654365 Review-Url: https://codereview.chromium.org/2419553002
2016-10-06Reject JBig2 Huffman table with too large shift valuekcwu
BUG=chromium:653044 Review-Url: https://codereview.chromium.org/2397783002
2016-10-04Move core/fpdfapi/fpdf_parser to core/fpdfapi/parserdsinclair
BUG=pdfium:603 Review-Url: https://codereview.chromium.org/2392603004
2016-09-29Move core/fxcrt/include to core/fxcrtdsinclair
BUG=pdfium:611 Review-Url: https://codereview.chromium.org/2382723003
2016-09-29Move core/fxcodec/codec/include and core/fxcodec/include files updsinclair
BUG=pdfium:611 Review-Url: https://codereview.chromium.org/2381063002
2016-09-29Move core/fpdfapi/fpdf_parser/include to core/fpdfapi/fpdf_parserdsinclair
BUG=pdfium:611 Review-Url: https://codereview.chromium.org/2383543002
2016-08-08Check if image width or height are zero before proceeding.dsinclair
If the width of the CJBig2_Image is set to 0 then the stride_pixels will be zero and when we divide we'll get a floating point exception. If the width or height are zero then we can exit early without proceeding with the rest of the constructor. BUG=chromium:635008 Review-Url: https://codereview.chromium.org/2222843004
2016-08-02Bound total pixels in JBig2 images to avoid overflows later.tsepez
Also make these private to ensure they aren't modified so as to violate the bounds checks applied at creation time. BUG=633002 Review-Url: https://codereview.chromium.org/2202013002
2016-07-24Remove CFX_Deletableweili
Change the last use of CFX_Deletable to its actual type and remove the use of CFX_Deletable. Review-Url: https://codereview.chromium.org/2178613002
2016-07-19Use smart pointers for various Jbig2 decoding contextsweili
Use unique_ptr for class owned member variables, and remove unnecessary or unused functions and member variable. BUG=pdfium:518 Review-Url: https://codereview.chromium.org/2149903002
2016-06-07Fix more code which has shadow variablesweili
The code has local variables that shadow struct or class member variables. Also, when this happens, different variable names should be used instead of namespaces. These were discovered by /Wshadow warning flag in Clang. Review-Url: https://codereview.chromium.org/2034253003
2016-06-07Get rid of NULLs in core/thestig
Review-Url: https://codereview.chromium.org/2032613003
2016-06-07Verify we have a CJBig2_Image before attempting use.dsinclair
In CJBig2_SDDProc::decode_Arith we will set a SDNEWSYMS value to nullptr if the height or width are 0. With the PDF from the bug, all of the decoders are set to nullptr. Then, we call into CJBig2_TRDProc::decode_Arith and pull out one of the nullptr decoders and attempt to use it, crashing. This CL adds a check that we have a non-null decoder before attempting to use the decoder. BUG=pdfium:511 Review-Url: https://codereview.chromium.org/2048683002
2016-06-03Fix some code which causes warnings when compiled by /analyze toolweili
The code may not cause error conditions, but can be improved. These warnings include uninitialized variables, signed/unsigned mismatch, redundant condition, and using bool in arithmetic operations. Also remove a chunk of unused code. BUG=chromium:613623, chromium:427616 Review-Url: https://codereview.chromium.org/2036203004
2016-05-26Fix a bug which may cause infinite loopweili
When the condition is "status == FXCODEC_STATUS_DECODE_TOBECONTINUE" while |status| never gets updated in the loop, it would enter infinite loop. Also, since Start_decode_MMR() never returns FXCODEC_STATUS_DECODE_TOBECONTINUE, there is no point to check on the return value for that. Review-Url: https://codereview.chromium.org/2013263002
2016-04-13Re-enable warning 4701 for GN build and some cleanupweili
Clean up three 4701 warnings (use potientially uninitialized variable) which are the only ones left; Re-enable warning 4701 for GN build; Remove an unused data structure; BUG=pdfium:29 Review URL: https://codereview.chromium.org/1885093002
2016-04-06Move include/fxcodec to fxcodec/includedsinclair
Review URL: https://codereview.chromium.org/1864153002
2016-04-06Rename FX_SAFE_DWORD to FX_SAFE_UINT32dsinclair
We removed the FX_DWORD typedef in favour of uint32_t. This CL cleans up the FX_SAFE_DWORD naming to match. BUG=pdfium:81, pdfium:470 Review URL: https://codereview.chromium.org/1861403002
2016-03-30Fix C4434 warning about 32-bit shift assigned to 64-bitsBruce Dawson
VS 2015 has a new or louder warning about 32-bit shifts that are then assigned to a 64-bit target. This type of code triggers it: int64_t size = 1 << shift_amount; Because the '1' being shifted is a 32-bit int the result of the shift will be a 32-bit result, so assigning it to a 64-bit variable is just misleading. In this case the code that triggers it is this: m_IAID.resize(1 << SBSYMCODELEN); The destination is a size_t so the warning only shows up on 64-bit builds and doesn't indicate a real bug. But, casting the '1' constant to size_t makes the behavior/intent more obvious and consistent and allows enabling C4334 in Chromium. BUG=593448 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/1843253002 .
2016-03-28Reduce signed/unsigned comparison warningsWei Li
The warnings generated by Clang. This is part 1 for some simple cases. BUG=pdfium:29 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/1840483003 .
2016-03-25Remove FX_DWORD from core/ and delete definitionchromium/2695chromium/2694chromium/2693chromium/2692tsepez
Review URL: https://codereview.chromium.org/1832173003
2016-03-23Move core/include/fxcrt to core/fxcrt/include.Dan Sinclair
This CL moves the fxcrt code into the core/fxcrt directory. The only exception was fx_bidi.h which was moved into core/fxcrt as it is not used outside of core/. R=tsepez@chromium.org Review URL: https://codereview.chromium.org/1825953002 .
2016-03-22Re-enable MSVC warning 4702Wei Li
BUG=pdfium:29 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/1821423002 .
2016-03-21Remove FX_WORD in favor of uint16_t.Tom Sepez
It isn't buying us anthing, and it looks strange in a struct when other uint types are already present. R=dsinclair@chromium.org Review URL: https://codereview.chromium.org/1821043003 .
2016-03-21Make a few more const tables smaller.chromium/2689chromium/2688Tom Sepez
Remove some tables from .h file (risk of duplication). R=ochang@chromium.org Review URL: https://codereview.chromium.org/1814233005 .
2016-03-21Re-enable several MSVC warningsWei Li
Re-enable the following warnings: 4245: signed/unsigned conversion mismatch; 4310: cast may truncate data; 4389: operator on signed/unsigned mismatch; 4701: use potentially uninitialized local variable; 4706: assignment within conditional expression Clean up the code to avoid those warnings. BUG=pdfium:29 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/1801383002 .
2016-03-15core/include/fdpfapi cleanup Part I.Dan Sinclair
This Cl moves a bunch of the files from core/include/fpdfapi to their correct location outside the core/include tree. R=tsepez@chromium.org Review URL: https://codereview.chromium.org/1805603002 .
2016-03-15Split CPDF_Stream/CPDF_StreamAcc into separate filesTom Sepez
R=dsinclair@chromium.org Review URL: https://codereview.chromium.org/1783933003 .
2016-03-14Move core/src/ up to core/.Dan Sinclair
This CL moves the core/src/ files up to core/ and fixes up the include guards, includes and build files. R=tsepez@chromium.org Review URL: https://codereview.chromium.org/1800523005 .