summaryrefslogtreecommitdiff
path: root/core/fxcodec
AgeCommit message (Collapse)Author
2016-11-28Replace ASSERT with error return in bmp_read_headernpm
The width and compress flag are read, so returning with error is more appropriate than having an ASSERT. BUG=659497 Review-Url: https://codereview.chromium.org/2535863002
2016-11-22Multiply safely in CCodec_TiffContext::Decodenpm
BUG=667074 Review-Url: https://codereview.chromium.org/2520253003
2016-11-22pdfium: Fix inconsistent number of color components of ICC profilekcwu
fx_codec_icc.cpp specify default number of color components as 3 for unknown profiles. However, lcms may know such profile with different number of components. The inconsistency may lead to array access violation. This CL uses cmsChannelsOf() from lcms to ensure consistency. And rejects unexpected number according to PDF spec. BUG=chromium:667694 Review-Url: https://codereview.chromium.org/2522933002
2016-11-21Check dimensions and content of bitmaps in EmbedderTests.chromium/2927thestig
Review-Url: https://codereview.chromium.org/2514173002
2016-11-21Fixup lint flags.Dan Sinclair
The -build/include setting was masking out build/include_what_you_use. This CL restores them, fixes any build errors, and adds NOLINT as needed. As well, the runtime/explicit and runtime/printf flags are aslo enabled and NOLINT'd. lint cleanups Change-Id: Ib013b3eb29c8d0e48cad74c5df9028684130719f Reviewed-on: https://pdfium-review.googlesource.com/2030 Reviewed-by: Tom Sepez <tsepez@chromium.org>
2016-11-11Relax colorspace checks in CPDF_DIBSource::CreateDecoder().chromium/2917thestig
Previously the log just made sure the colorspace and the image have exact matches for the number of colorspace components. Now, for some colorspace types, check the type and make sure the number of components meets or exceeds what is required by the spec. Also do some refactoring. BUG=chromium:650230 Review-Url: https://codereview.chromium.org/2486123002
2016-11-09Add early returns in CJBig2_TRDProc::decode_Arith when decode fails.npm
None of the decodes in the method are currently being checked. This is causing pdfium to take a long time rendering corrupted files. Thus, I added a couple of early returns to help prevent this from happening. BUG=450971 Review-Url: https://codereview.chromium.org/2493633002
2016-11-09Revert of Clean up fx_codec_icc.cpp (patchset #1 id:1 of ↵kcwu
https://codereview.chromium.org/2482663002/ ) Reason for revert: Max cmsChannelsOf() is 15, which is larger than expectation of existing code and cause crashes (at least the fuzzer). BUG=chromium:663240 Original issue's description: > Clean up fx_codec_icc.cpp > > Committed: https://pdfium.googlesource.com/pdfium/+/a94fc11866adb1b9ca4a4e1afb4fb574ed472e07 TBR=dsinclair@chromium.org # Not skipping CQ checks because original CL landed more than 1 days ago. Review-Url: https://codereview.chromium.org/2485363002
2016-11-07Clean up fx_codec_icc.cppkcwu
Review-Url: https://codereview.chromium.org/2482663002
2016-11-02Remove FX_BOOL from coretsepez
Review-Url: https://codereview.chromium.org/2477443002
2016-11-01Fix founding difference in pdfium_test on AdobeCMYK_to_sRGBbrucedawson
An optimization to speed up float-to-int rounding caused a different result for one input value. This tweaks the conversion constant so that the results are identical across the entire valid range, and adds a test that checks the part of the range that is most sensitive to errors. BUG=pdfium:624 Review-Url: https://codereview.chromium.org/2466203002
2016-10-28Change some ints to bools in JBIG2 code.thestig
Review-Url: https://codereview.chromium.org/2450393004
2016-10-28Fix more FX_BOOL / int noise in core/fpdfsdktsepez
Review-Url: https://codereview.chromium.org/2454263002
2016-10-27Fix FX_BOOL / int noise in JBig2, pass 3tsepez
Review-Url: https://codereview.chromium.org/2457943002
2016-10-27Fix FX_BOOL / int noise in JBig2, pass 2tsepez
Review-Url: https://codereview.chromium.org/2461543002
2016-10-27Fix FX_BOOL / int noise in JBig2_Grd*Proctsepez
Replace most of these with ints since the are used in integer operations. If it walks like a duck, and quacks like a duck ... despite what the hungarian notation might say. Review-Url: https://codereview.chromium.org/2455523005
2016-10-27Fix some FX_BOOL / int noise in core/fx*chromium/2903tsepez
Review-Url: https://codereview.chromium.org/2459673002
2016-10-26Add more checks to tiff_read() and tiff_seek().thestig
BUG=chromium:659519 Review-Url: https://codereview.chromium.org/2456553002
2016-10-26Avoid some FX_BOOL/bool noise in fx_codec_fax.cpptsepez
NEXTBIT() is particularly pernicious in that it isn't syntactically an expression, but rather two expressions. Replace it with an inline along the way. Review-Url: https://codereview.chromium.org/2452123002
2016-10-24Rename IFX_ stream nameschromium/2900tsepez
It's been troubling for some time that an IFX_FileStream might actually be an in-memory buffer with no backing file. Review-Url: https://codereview.chromium.org/2443723002
2016-10-13Verify number of ex flags matches number of ex items.dsinclair
Currently the JBig2 decoder can leak subimages in the case where we mark more items in EXFLAGS then we have SDNUMEXSYMS. This Cl checks for this condition and fails the decode if it happens. BUG=chromium:654365 Review-Url: https://codereview.chromium.org/2419553002
2016-10-06Fix assertion failure when decoding malform G4 fax imagechromium/2886chromium/2885chromium/2884kcwu
The position indexes of color elements must be monotonic increasing. Bail out if the decoded index is less or equal to the previous index. BUG=pdfium:615 Review-Url: https://codereview.chromium.org/2398033002
2016-10-06Reject JBig2 Huffman table with too large shift valuekcwu
BUG=chromium:653044 Review-Url: https://codereview.chromium.org/2397783002
2016-10-04Move core/fpdfapi/fpdf_parser to core/fpdfapi/parserdsinclair
BUG=pdfium:603 Review-Url: https://codereview.chromium.org/2392603004
2016-10-04Move core/fpdfapi/fpdf_page to core/fpdfapi/pagedsinclair
BUG=pdfium:603 Review-Url: https://codereview.chromium.org/2386423004
2016-09-29Move core/fxge/include to core/fxgedsinclair
BUG=pdfium:611 Review-Url: https://codereview.chromium.org/2377393002
2016-09-29Move core/fxcrt/include to core/fxcrtdsinclair
BUG=pdfium:611 Review-Url: https://codereview.chromium.org/2382723003
2016-09-29Move core/fxcodec/codec/include and core/fxcodec/include files updsinclair
BUG=pdfium:611 Review-Url: https://codereview.chromium.org/2381063002
2016-09-29Move core/fpdfapi/fpdf_parser/include to core/fpdfapi/fpdf_parserdsinclair
BUG=pdfium:611 Review-Url: https://codereview.chromium.org/2383543002
2016-09-29Move core/fpdfapi/fpdf_page/include to core/fpdfapi/fpdf_pagedsinclair
BUG=pdfium:611 Review-Url: https://codereview.chromium.org/2379033002
2016-09-26Clean up fx_codec_fax.cpp.thestig
Review-Url: https://codereview.chromium.org/2357173005
2016-09-23Bail out on bad width and height in CCodec_FaxDecoder::CreateDecoderkcwu
BUG=648935,649436 Review-Url: https://codereview.chromium.org/2360283004
2016-09-19Remove dead code in CCodec_IccModulekcwu
TEST=build pdfium and chromium BUG=pdfium:599 Review-Url: https://codereview.chromium.org/2355523002
2016-09-19Avoid nullptr access in sycc422_to_rgb and sycc420_to_rgbstackexploit
BUG=648127 Review-Url: https://codereview.chromium.org/2351623002
2016-09-12Verify value of prec before usingdsinclair
The fx_codec_jpx_opj code will attempt to do a 1 << (prec - 1). If the prec value is >=32 then that shift will overflow the int value. This CL adds a check that prec is < 32 before attempting the shift. BUG=chromium:633208 Review-Url: https://codereview.chromium.org/2334823002
2016-09-12change memcpy to memmove for potential nearby addressestracy_jiang
BUG=645186 Review-Url: https://codereview.chromium.org/2326103002
2016-09-12fix some uninitialized variableshong_zhang
BUG=627399 Review-Url: https://codereview.chromium.org/2328003002
2016-08-31Free the GifPlainText object when complete.dsinclair
We allocate the GifPlainText object on line ~685 inside GIF_D_STATUS_EXT_PTE. We cleanup the internal pointers in the gif_destroy_decompress() but we failed to cleanup the pointer itself. This CL frees the allocated pointer once the data is cleaned up. BUG=chromium:638499 Review-Url: https://codereview.chromium.org/2291143003
2016-08-29Skip the channel if there is no data.dsinclair
The JPX decoder needs to verify there is data associated with an image channel before access. This was already done in one side of the if() but seems to be missing from the other. This Cl updates the loop to check the existance of channel data and to continue iteration if none found. BUG=chromium:637232 Review-Url: https://codereview.chromium.org/2291813002
2016-08-29Fix for #618267. Adding a method to determine if multiplication hastracy_jiang
overflow. BUG=618267 Review-Url: https://codereview.chromium.org/2284063002
2016-08-12fix 617135hong_zhang
to fix bug 617135 617135 described an exploit against pdfium using a malformed gif. This fix introduced a couple edge case handling lines to address the OOB issue. BUG= 617135 Review-Url: https://codereview.chromium.org/2230683002
2016-08-08Check if image width or height are zero before proceeding.dsinclair
If the width of the CJBig2_Image is set to 0 then the stride_pixels will be zero and when we divide we'll get a floating point exception. If the width or height are zero then we can exit early without proceeding with the rest of the constructor. BUG=chromium:635008 Review-Url: https://codereview.chromium.org/2222843004
2016-08-02Bound total pixels in JBig2 images to avoid overflows later.tsepez
Also make these private to ensure they aren't modified so as to violate the bounds checks applied at creation time. BUG=633002 Review-Url: https://codereview.chromium.org/2202013002
2016-08-02Verify row bytes before alloc in BMP codec.dsinclair
If the out_row_bytes is negative the alloc will fail. Verify the size before alloc and bail if it's negative. BUG=633381 Review-Url: https://codereview.chromium.org/2202283003
2016-08-02Fix Jbig2 document context creation by checking proper pointerweili
The pointer a unique_ptr contains should be checked instead of the pointer of the unique_ptr itself. BUG=chromium:631912 Review-Url: https://codereview.chromium.org/2205573004
2016-07-24Remove CFX_Deletableweili
Change the last use of CFX_Deletable to its actual type and remove the use of CFX_Deletable. Review-Url: https://codereview.chromium.org/2178613002
2016-07-19Use smart pointers for various Jbig2 decoding contextsweili
Use unique_ptr for class owned member variables, and remove unnecessary or unused functions and member variable. BUG=pdfium:518 Review-Url: https://codereview.chromium.org/2149903002
2016-07-12Replace void* to actual type for jbig2 context to avoid castsweili
Also clear up a few variable names and unnecessary brackets. Review-Url: https://codereview.chromium.org/2143083002
2016-06-27Double AdobeCMYK_to_sRGB speed with faster roundingbrucedawson
FXSYS_round is painfully slow on Windows. It does range checking and then calls an extremely expensive function. It ends up consuming half the CPU time when decoding the images in PDFs such as this one: https://www.ets.org/Media/Tests/GRE/pdf/gre_research_validity_data.pdf SSE can be used to optimize this: __m128 cmyk = {c * 255, m * 255, y * 255, k * 255}; uint32_t output[4]; _mm_storeu_si128((__m128i*)output, _mm_cvtps_epi32(cmyk)); but is cryptic, only works for x86/x64, and gives basically identical performance to this solution - int(c * 255 + 0.5f); The rounding behavior is not identical but in practice this rarely matters, and in this specific case it does not matter because the edge cases that vary are not hit. The three divisions at the end were changed to multiplies because profiling showed they were a significant cost. This change reduces the image-decode stalls in the PDF listed above by about 40%, making for a noticeably better experience. Further optimizations are possible but would require significantly more time and testing. BUG=617365 Review-Url: https://codereview.chromium.org/2096723003
2016-06-20Fixup LoadImageInfo type checking.dsinclair
The ::DetectImageType method does more then just detecting the image type, it also sets up various needed structures to handle the decoding. Instead of skipping the ::DetectImageType call this CL changes the code to return early if the image check fails. This should allow us to stop working on images which do not match the required data format. BUG=chromium:621094 Review-Url: https://codereview.chromium.org/2085493002