Age | Commit message (Collapse) | Author |
|
Bug: 808902
Change-Id: Iad5ab63eeedc3ea85001337ba73626178c71f8b8
Reviewed-on: https://pdfium-review.googlesource.com/26470
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: Nicolás Peña Moreno <npm@chromium.org>
|
|
This reverts commit 77d8ed02c7e97471ceccee5abbabeb2fdea413c7.
Reason for revert: <INSERT REASONING HERE>
Original change's description:
> Revert "Use UnownedPtr instead of T* in MaybeOwned."
>
> This reverts commit e563e8352139e4852a955e319023b09f2844aee9.
>
> Reason for revert: <INSERT REASONING HERE>
>
> Original change's description:
> > Use UnownedPtr instead of T* in MaybeOwned.
> >
> > Always check the liftime in the unowned case. Doing so unearthed
> > the following issues:
> >
> > Transient lifetime issue in jbig2_image when doing realloc().
> > Stale (but unused) dictionary pointer in CPDF_Image.
> > Destruction order in error branch in cpdf_dibsource.cpp
> >
> > Change-Id: I12b758aafeefedc7abe1e8b21a18db959929e95f
> > Reviewed-on: https://pdfium-review.googlesource.com/24552
> > Commit-Queue: Tom Sepez <tsepez@chromium.org>
> > Reviewed-by: dsinclair <dsinclair@chromium.org>
>
> TBR=thestig@chromium.org,tsepez@chromium.org,dsinclair@chromium.org
>
> Change-Id: I3c56ee6ab502da90e3adb7507dbc8cc92f090140
> No-Presubmit: true
> No-Tree-Checks: true
> No-Try: true
> Reviewed-on: https://pdfium-review.googlesource.com/24670
> Reviewed-by: Tom Sepez <tsepez@chromium.org>
> Commit-Queue: Tom Sepez <tsepez@chromium.org>
TBR=thestig@chromium.org,tsepez@chromium.org,dsinclair@chromium.org
Change-Id: I0ccbbeab8be6cadc9b3a5bfefe2aca733654342f
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://pdfium-review.googlesource.com/24671
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: Tom Sepez <tsepez@chromium.org>
|
|
This reverts commit e563e8352139e4852a955e319023b09f2844aee9.
Reason for revert: <INSERT REASONING HERE>
Original change's description:
> Use UnownedPtr instead of T* in MaybeOwned.
>
> Always check the liftime in the unowned case. Doing so unearthed
> the following issues:
>
> Transient lifetime issue in jbig2_image when doing realloc().
> Stale (but unused) dictionary pointer in CPDF_Image.
> Destruction order in error branch in cpdf_dibsource.cpp
>
> Change-Id: I12b758aafeefedc7abe1e8b21a18db959929e95f
> Reviewed-on: https://pdfium-review.googlesource.com/24552
> Commit-Queue: Tom Sepez <tsepez@chromium.org>
> Reviewed-by: dsinclair <dsinclair@chromium.org>
TBR=thestig@chromium.org,tsepez@chromium.org,dsinclair@chromium.org
Change-Id: I3c56ee6ab502da90e3adb7507dbc8cc92f090140
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://pdfium-review.googlesource.com/24670
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: Tom Sepez <tsepez@chromium.org>
|
|
Always check the liftime in the unowned case. Doing so unearthed
the following issues:
Transient lifetime issue in jbig2_image when doing realloc().
Stale (but unused) dictionary pointer in CPDF_Image.
Destruction order in error branch in cpdf_dibsource.cpp
Change-Id: I12b758aafeefedc7abe1e8b21a18db959929e95f
Reviewed-on: https://pdfium-review.googlesource.com/24552
Commit-Queue: Tom Sepez <tsepez@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
BUG=chromium:802983
Change-Id: I866ece9c370bf05571b76b50ad23598f5038332b
Reviewed-on: https://pdfium-review.googlesource.com/23151
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: Lei Zhang <thestig@chromium.org>
|
|
Change-Id: Ifabaf71bb45ffa7e9af7da4acb21d8757e9596ce
Reviewed-on: https://pdfium-review.googlesource.com/23150
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
Commit-Queue: Lei Zhang <thestig@chromium.org>
|
|
This reverts commit dca380ffe0571be4023b11b06b8aecad9934bb06.
Reason for revert: Causes missing text in a user's PDF
Original change's description:
> Check for success of decodes to avoid infinite loops
>
> Bug: 790693
> Change-Id: I9b1d87e024229d8b01f55ec554e2cc544db6ac06
> Reviewed-on: https://pdfium-review.googlesource.com/20230
> Reviewed-by: Henrique Nakashima <hnakashima@chromium.org>
> Commit-Queue: Nicolás Peña Moreno <npm@chromium.org>
TBR=npm@chromium.org,hnakashima@chromium.org,rharrison@chromium.org
# Not skipping CQ checks because original CL landed > 1 day ago.
Bug: 790693
Change-Id: I886b14e120c34da757a96f8a1f9c6a081d8326b6
Reviewed-on: https://pdfium-review.googlesource.com/22950
Reviewed-by: Nicolás Peña Moreno <npm@chromium.org>
Commit-Queue: Nicolás Peña Moreno <npm@chromium.org>
|
|
Add LoadAllDataFiltered() and LoadAllDataRaw() and update callers.
Change-Id: I9b80ee34a358db204968acdc8b1adc9db0b6b83f
Reviewed-on: https://pdfium-review.googlesource.com/20810
Commit-Queue: Lei Zhang <thestig@chromium.org>
Reviewed-by: Henrique Nakashima <hnakashima@chromium.org>
|
|
Change-Id: I3efc57cd7325d16e3ca8ebdeeaec06012b2c56e3
Reviewed-on: https://pdfium-review.googlesource.com/20110
Reviewed-by: Henrique Nakashima <hnakashima@chromium.org>
Commit-Queue: Lei Zhang <thestig@chromium.org>
|
|
Bug: 790693
Change-Id: I9b1d87e024229d8b01f55ec554e2cc544db6ac06
Reviewed-on: https://pdfium-review.googlesource.com/20230
Reviewed-by: Henrique Nakashima <hnakashima@chromium.org>
Commit-Queue: Nicolás Peña Moreno <npm@chromium.org>
|
|
In this CL we prevent integer overflow by checking that the integers are
in the appropriate range before casting from unsigned to signed.
Bug: 789524
Change-Id: I41572849f18ffb0f0739c80130ee6b5061845d29
Reviewed-on: https://pdfium-review.googlesource.com/20011
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: Nicolás Peña Moreno <npm@chromium.org>
|
|
Bug: pdfium:774
Change-Id: Ie7674ac55dea6284a0d974cef107ef357197a06b
Reviewed-on: https://pdfium-review.googlesource.com/19610
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
|
|
This CL adds checks in CJBig2_GRRDProc to verify if the decoder is
completed before trying to decode. This is currently done in all
decoding calls in CJBig2_GRDProc.
Bug: chromium:782826
Change-Id: Ifb4ee4d09e8357e969aefa107b4dafbc2284324b
Reviewed-on: https://pdfium-review.googlesource.com/18333
Reviewed-by: Lei Zhang <thestig@chromium.org>
Commit-Queue: Nicolás Peña Moreno <npm@chromium.org>
|
|
This CL improves some method names and does other basic cleanup.
Change-Id: I32ea88ff29383e9685d4c686625088c96f73f035
Reviewed-on: https://pdfium-review.googlesource.com/18210
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
Commit-Queue: Nicolás Peña Moreno <npm@chromium.org>
|
|
This CL changes the type of |m_dwOffset| to safe unsigned integer to
prevent the offset from cycling from MAX_UINT32 back to 0.
Bug: chromium:778912
Change-Id: Ib93a8392e52eecf2cc223438ac85e9dc529b0f43
Reviewed-on: https://pdfium-review.googlesource.com/18130
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: Nicolás Peña Moreno <npm@chromium.org>
|
|
Change-Id: Id53cbb8c95f6eb929f6e4eb57333daa24f1b776f
Reviewed-on: https://pdfium-review.googlesource.com/18010
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: Nicolás Peña Moreno <npm@chromium.org>
|
|
Bug: chromium:781780
Change-Id: Ie92d8b570c37e9b3364d1ff4502f444a275ee6c2
Reviewed-on: https://pdfium-review.googlesource.com/17910
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
Bug: chromium:778961
Change-Id: I1d08b3282304931276c24e50392c10b21780dcde
Reviewed-on: https://pdfium-review.googlesource.com/16971
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
Quoting the JBIG2 spec: "If B is a 0xFF byte, then B1 (the byte pointed
to by BP+1) is tested. If B1 exceeds 0x8F, then B1 must be one of the
marker codes. The marker code is interpreted as required, and the buffer
pointer remains pointed to the 0xFF prefix of the marker code which
terminates the arithmetically compressed data. 1-bits are then fed to
the decoder until the decoding is complete. This is shown by adding
0xFF00 to the C-register and setting the bit counter CT to 8."
Our implementation is the alternative (faster for software according to
the spec), where only CT is changed to 8.
Reaching this part of the code means we will never read from stream
again so we should be wrapping up the decoding. To ensure this, the
|m_Complete| attribute is set to true if we reach this code again,
which will result in bailing out next time DECODE is called.
Bug: 767156
Change-Id: I434d46bc7914713a065f0e4da079bbc9b5dd216c
Reviewed-on: https://pdfium-review.googlesource.com/16791
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: Nicolás Peña Moreno <npm@chromium.org>
|
|
Bug: 649278
Change-Id: Ib9084f6d9bb7dc7bf3713faa22d3a26822a96681
Reviewed-on: https://pdfium-review.googlesource.com/16550
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: Nicolás Peña Moreno <npm@chromium.org>
|
|
Remove unused defines.
Change-Id: Ibf10d8470f19cbf4528fe1342398a39ef15c1d12
Reviewed-on: https://pdfium-review.googlesource.com/15110
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
|
|
This CL moves CFX_UnownedPtr to UnownedPtr and places in the fxcrt
namespace.
Bug: pdfium:898
Change-Id: I6d1fa463f365e5cb3aafa8c8a7a5f7eff62ed8e0
Reviewed-on: https://pdfium-review.googlesource.com/14620
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
This CL renames CFX_RetainPtr to RetainPtr and places in the fxcrt
namespace.
Bug: pdfium:898
Change-Id: I8798a9f79cb0840d3f037e8d04937cedd742914e
Reviewed-on: https://pdfium-review.googlesource.com/14616
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
This CL moves CFX_MaybeOwned into the fxcrt namespace and removes the
CFX_ prefix.
The test names for maybe owned were updated to be in the MaybeOned test
suite instead of the fxcrt suite.
Bug: pdfium:898
Change-Id: I0c07057d66c8610e7b19133094b4507fff725e76
Reviewed-on: https://pdfium-review.googlesource.com/14470
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|
|
Now considering anything not representable by a 32-bit signed int
as OOB rather than decoding some arbitrary overflowed value.
Bug: chromium:761666
Change-Id: I00f5a3abadca51f9bedc5e5d78f7f184040c2f33
Reviewed-on: https://pdfium-review.googlesource.com/14010
Commit-Queue: Henrique Nakashima <hnakashima@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
|
|
This CL removes the fx_basic.h header and fixes up includes as needed.
Change-Id: I49af32a8327bdbcda40c50a61ffbd75d06609040
Reviewed-on: https://pdfium-review.googlesource.com/12670
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|
|
Change-Id: Ic54e0491d9b33a06b5f85963f8127bfa4263f4d6
Reviewed-on: https://pdfium-review.googlesource.com/12450
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: Nicolás Peña <npm@chromium.org>
|
|
This CL moves IFX_Pause out to its own class from fx_basic and updates
includes as needed.
Change-Id: Iebdd183d8c85aa17570f190f1a7d1602c0af3c8b
Reviewed-on: https://pdfium-review.googlesource.com/12491
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|
|
Bug: chromium:755532
Change-Id: Ib04426fab52d0ca1d2544a21fd2ce4faaa57123f
Reviewed-on: https://pdfium-review.googlesource.com/12430
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: Nicolás Peña <npm@chromium.org>
|
|
Refactor identical code used in decode_Template0_unopt() into their own
methods.
Change-Id: I37348a280ecc66d91fdcd3c9aabe49d2a8065417
Reviewed-on: https://pdfium-review.googlesource.com/11950
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
Commit-Queue: Lei Zhang <thestig@chromium.org>
|
|
BUG=chromium:749610.
Change-Id: I4de7855aec552e6c143e7a8be6b90e44945a0fcb
Reviewed-on: https://pdfium-review.googlesource.com/11930
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: Henrique Nakashima <hnakashima@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
This CL creates CJBig2_HTRDProc::decode_image to reduce duplicated code
in the class.
Change-Id: Ie348179c96ff534f95cba401c4b9bd46e1c4e6ac
Reviewed-on: https://pdfium-review.googlesource.com/8410
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: Nicolás Peña <npm@chromium.org>
|
|
This CL removes the JBig2_GsidProc since it is only used as a single
instance in each of the methods in CJBig2_HTRDProc, so it is completely
unnecessary.
Change-Id: I69d0a4a059b9eb6ebcbbb79b92ea1cd6c22cb1cb
Reviewed-on: https://pdfium-review.googlesource.com/7930
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
This CL removes duplicate huffman_assign_code()s and changes some
return values and members to std::vector.
Change-Id: I47a1e0e2e88ff54ec799c97e92ec9ff5ca87c6c7
Reviewed-on: https://pdfium-review.googlesource.com/7910
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
Change-Id: I874c537454bda024224a01c905b7ba01a90a6970
Reviewed-on: https://pdfium-review.googlesource.com/7732
Commit-Queue: Nicolás Peña <npm@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|
|
This CL makes HDPATS in CJBig2_PatternDict be a vector of unique_ptr.
Change-Id: Ib23aed6323d4a988b2eedc4bfe95f2098d32c188
Reviewed-on: https://pdfium-review.googlesource.com/7871
Commit-Queue: Nicolás Peña <npm@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|
|
This CL makes CJBig2_Segment own the results: symbol, pattern, huffman,
and huffman. This causes a lot more unique_ptr usage in JBig2 code.
Change-Id: I1f0a5bfaaf85053658b467bef5325c72d1f496c7
Reviewed-on: https://pdfium-review.googlesource.com/7690
Commit-Queue: Nicolás Peña <npm@chromium.org>
Reviewed-by: Lei Zhang <thestig@chromium.org>
|
|
Avoids the possibility of having a stale pointer in the context.
Bug: 726653
Change-Id: I8b41d2ab04e7ab07e694431b53491b3d0861e4ee
Reviewed-on: https://pdfium-review.googlesource.com/6074
Reviewed-by: Lei Zhang <thestig@chromium.org>
Commit-Queue: Tom Sepez <tsepez@chromium.org>
|
|
Avoid holding a stale pointer to it in CJBig2_GRDProc.
Bug: 726732
Change-Id: Ia3797a3e087f61bd2126f867fd5a282e873de5bc
Reviewed-on: https://pdfium-review.googlesource.com/6050
Reviewed-by: Lei Zhang <thestig@chromium.org>
Commit-Queue: Tom Sepez <tsepez@chromium.org>
|
|
Change-Id: I8365ba80e3395d59a3cf35dbd9d9162e86e712e3
Reviewed-on: https://pdfium-review.googlesource.com/5970
Commit-Queue: Tom Sepez <tsepez@chromium.org>
Reviewed-by: Lei Zhang <thestig@chromium.org>
|
|
Sed + minimal conversions to compile, including moving some
constructors into the .cpp file. Any that caused ASAN issues
during the tests were omitted rather than trying to resolve
the underlying issue.
Change-Id: I00a421f33b253eb4071ffd9af3f2922c7443b335
Reviewed-on: https://pdfium-review.googlesource.com/5891
Commit-Queue: Tom Sepez <tsepez@chromium.org>
Reviewed-by: Lei Zhang <thestig@chromium.org>
|
|
Remove IFX_Pause parameters which are passed but not used.
Change-Id: I51a491c7f9a429676d114a387390fac3ae65e187
Reviewed-on: https://pdfium-review.googlesource.com/4950
Reviewed-by: Nicolás Peña <npm@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
The IFX_Pause param is stored but never used. Remove.
Change-Id: I9e5298fc05c6d408873b7bee307a76dcf3d2d4da
Reviewed-on: https://pdfium-review.googlesource.com/4931
Reviewed-by: Nicolás Peña <npm@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
It's possible for the nVal to become negative as it is shifted. This Cl
changes nVal to be a checked_numeric and bails out if the shift is invalid.
Bug: chromium:708504
Change-Id: Ia2ebbc828ece7f7d443432542784b39defe6a897
Reviewed-on: https://pdfium-review.googlesource.com/4010
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: Nicolás Peña <npm@chromium.org>
|
|
It's possible for the RANGELEN[NTEMP] value to be larger then 32. This
will make the shift invalid if the 1 is an int. This CL changes to 1L
and uses the CheckedNumeric to validate that the result is inside the
needed range for an int.
Bug: chromium:708439
Change-Id: I1f0359985c2d7769367bd0edcf5e081f5bb58816
Reviewed-on: https://pdfium-review.googlesource.com/3991
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: Nicolás Peña <npm@chromium.org>
|
|
Depending on the code table, it's possible to have the largest PREFLEN
value in the huffman table to be > 32. This will, potentially, cause the
calcuation of ((FIRSTCODE[i - 1] + LENCOUNT[i - 1]) << 1 to overflow the
int value and cause a negative shift.
This Cl checks the shift value and failes the initialization if we would
shift a negative value.
Bug: chromium:709781
Change-Id: Ia165a01ba9412e31c5e5a43717d415fcb42eafe5
Reviewed-on: https://pdfium-review.googlesource.com/3990
Reviewed-by: Lei Zhang <thestig@chromium.org>
Reviewed-by: Nicolás Peña <npm@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
Combine some common CCodec_Jbig2Module code.
Change-Id: I9a046314bc0e9dddc9a8c1a06b37764e9f3cc4b6
Reviewed-on: https://pdfium-review.googlesource.com/3713
Commit-Queue: Lei Zhang <thestig@chromium.org>
Reviewed-by: Nicolás Peña <npm@chromium.org>
|
|
Pass stream argument to constructor; it feels like a
stream accessor should always be made from a stream rather
than passing one in after the fact.
Change-Id: Iaa46cb37677b81f0170f5d39bab76ad38ea4af44
Reviewed-on: https://pdfium-review.googlesource.com/3620
Commit-Queue: Tom Sepez <tsepez@chromium.org>
Reviewed-by: Lei Zhang <thestig@chromium.org>
|
|
This Cl drops the FXSYS_ from mem methods which are the same on all
platforms.
Bug: pdfium:694
Change-Id: I9d5ae905997dbaaec5aa0b2ae4c07358ed9c6236
Reviewed-on: https://pdfium-review.googlesource.com/3613
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
This CL replaces some new's with pdfium::MakeUnique.
Change-Id: I50faf3ed55e7730b094c14a7989a9dd51cf33cbb
Reviewed-on: https://pdfium-review.googlesource.com/3430
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|