Age | Commit message (Collapse) | Author |
|
BUG=682628
Change-Id: I8e88cc0c8392b078afb73f9549ea4dea9a5717fd
Reviewed-on: https://pdfium-review.googlesource.com/2390
Commit-Queue: Nicolás Peña <npm@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|
|
We can get into a loop when gif_img_row_bytes is 0 since Decode will
return 3 when the second parameter is 0, and there is a while(ret!=0).
BUG=681170
Change-Id: I63502a8487c07030fce2373f74cec6b4f0c98297
Reviewed-on: https://pdfium-review.googlesource.com/2211
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
BUG=680062
Change-Id: I9e2fd960915cd1de5e0cc15aeabf9ccf27e5a795
Reviewed-on: https://pdfium-review.googlesource.com/2212
Commit-Queue: Nicolás Peña <npm@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
It already has a sizeof() and a cast built into the macro,
so we don't need to do sizeof() and cast on each usage.
Review-Url: https://codereview.chromium.org/2625133009
|
|
The code_size variable is the number of bits. We should make sure that
the size is at most 31 to avoid having undefined shifts etc.
BUG=620661
Change-Id: Ia533386d01de93a55048cfd63d63989b2731a210
Reviewed-on: https://pdfium-review.googlesource.com/2161
Reviewed-by: dsinclair <dsinclair@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: Nicolás Peña <npm@chromium.org>
|
|
Remove unused m_Segments.
Review-Url: https://codereview.chromium.org/2618863004
|
|
|code_size_cur| could be larger than |code_size|, so |code| could be
larger than |code_end|. If this happens, early return, since the Decode
has failed.
BUG=659417
Review-Url: https://codereview.chromium.org/2542673004
|
|
Review-Url: https://codereview.chromium.org/2477443002
|
|
We allocate the GifPlainText object on line ~685 inside GIF_D_STATUS_EXT_PTE.
We cleanup the internal pointers in the gif_destroy_decompress() but we
failed to cleanup the pointer itself.
This CL frees the allocated pointer once the data is cleaned up.
BUG=chromium:638499
Review-Url: https://codereview.chromium.org/2291143003
|
|
to fix bug 617135
617135 described an exploit against pdfium using a malformed gif.
This fix introduced a couple edge case handling lines to address
the OOB issue.
BUG= 617135
Review-Url: https://codereview.chromium.org/2230683002
|
|
This change contains files in core directory which were not covered
in part I. This is part of the efforts to make PDFium code compilable
by Clang chromium style plugins.
The changes are mainly the following:
-- move inline constructor/destructor of complex class/struct out-of-line;
-- add constructor/destructor of complex class/struct if not
explicitly defined;
-- add explicit out-of-line copy constructor when needed;
-- move inline virtual functions out-of-line;
-- Properly mark virtual functions with 'override';
-- some minor cleanups;
BUG=pdfium:469
Review-Url: https://codereview.chromium.org/2060913003
|
|
The code has local variables that shadow struct or class member
variables. Also, when this happens, different variable names should be
used instead of namespaces.
These were discovered by /Wshadow warning flag in Clang.
Review-Url: https://codereview.chromium.org/2034253003
|
|
Review-Url: https://codereview.chromium.org/2032613003
|
|
Use the more standard name "clear()" instead.
Review URL: https://codereview.chromium.org/1888103002
|
|
Review URL: https://codereview.chromium.org/1832173003
|
|
It isn't buying us anthing, and it looks strange in
a struct when other uint types are already present.
R=dsinclair@chromium.org
Review URL: https://codereview.chromium.org/1821043003 .
|
|
This CL moves the core/src/ files up to core/ and fixes up the include guards,
includes and build files.
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1800523005 .
|