Age | Commit message (Collapse) | Author |
|
When the value read is equal to -INT_MIN, we cannot negate it since it will
be out of bounds, so return error in this case.
BUG=chromium:628559
Change-Id: I7e47a71ef0d35cfb2d1fddc0ba644f9aac79ec3f
Reviewed-on: https://pdfium-review.googlesource.com/2965
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: Nicolás Peña <npm@chromium.org>
|
|
Change-Id: I16acba7b3eda26b4edfbfe0cb356267bd536fee8
Reviewed-on: https://pdfium-review.googlesource.com/2964
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: Nicolás Peña <npm@chromium.org>
|
|
The spec says a1 is to the right of a0, a2 to the right of a1. I think that
means that the run lengths have to be positive, but that certainly means that
they cannot be negative.
BUG=chromium:699340
Change-Id: Ic07a272e63610f7a66c5073179cdb2768f80e2b8
Reviewed-on: https://pdfium-review.googlesource.com/2963
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: Nicolás Peña <npm@chromium.org>
|
|
This CL cleans up the namespacing along with some type confusion in the flate
codec class.
Change-Id: I4772ee571bcd78f1c839b5cefc370860aca06bb3
Reviewed-on: https://pdfium-review.googlesource.com/2917
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|
|
BMP_WIDTHBYTES starts with: (width * bitCount) + 31. Since bitCount can be as
large as 32, to avoid this overflowing we need width <= 67108863.
BUG=chromium:628559
Change-Id: I4fd33b65da76225c8200a22380f2bfc4523c5c8d
Reviewed-on: https://pdfium-review.googlesource.com/2934
Commit-Queue: Nicolás Peña <npm@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
Before writting to the stream buffer make sure that we won't walk off the end
of the allocated size.
In this specific case the dest_size of the buffer is 0, so we're basically just
looping over to free the temp results.
BUG=chromium:697847
Change-Id: I229eea96179692216cb2685facbb7d5379c501c7
Reviewed-on: https://pdfium-review.googlesource.com/2903
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|
|
The one step to make an actual concrete class is conditionalized
in fpdfview and is unconditional in the fuzzer.
Also replace the clumsy C-style callbacks with a delegate
interface as long as we are making new interfaces.
Change-Id: I733a437483ce5e0c34211cfbbda05105336f55b5
Reviewed-on: https://pdfium-review.googlesource.com/2887
Commit-Queue: Tom Sepez <tsepez@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
- Constify test data
- ASSERT_EQ() buffer size
- EXPECT_EQ() arguments are reversed
- Fix typos in comments
Change-Id: I846bfcc29bbf43d0a8b333250d1cce1aae5a8d59
Reviewed-on: https://pdfium-review.googlesource.com/2841
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: Lei Zhang <thestig@chromium.org>
|
|
This is something we'd like to try for initial XFA launches
adding in codecs as justified by results in the wild.
Adding statistics for the unsupported cases is a follow-up
exercise once this builds correctly.
We always build all the additional libraries, to allow
fuzzers to link against them even if we are not shipping
them. The linker will sort it out for the actual code.
Rename some files to match the classes contained within.
That the existing tests seem to pass with the codecs
disabled warrants further investigation.
Change-Id: Iad269db91289f12dc9f5dda8f48121d27a0c4367
Reviewed-on: https://pdfium-review.googlesource.com/2836
Commit-Queue: Tom Sepez <tsepez@chromium.org>
Reviewed-by: Lei Zhang <thestig@chromium.org>
|
|
In CCodec_ProgressiveDecoder::GifInputRecordPositionBufCallback, m_pSrcPalette
can be allocated size pal_num. So if pal_index >= pal_num, then bail out.
BUG=691278
Change-Id: Ib0157cf51cbf52ecd5d60b027e5fc32898a906ed
Reviewed-on: https://pdfium-review.googlesource.com/2699
Commit-Queue: Nicolás Peña <npm@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
BUG=682628
Change-Id: I8e88cc0c8392b078afb73f9549ea4dea9a5717fd
Reviewed-on: https://pdfium-review.googlesource.com/2390
Commit-Queue: Nicolás Peña <npm@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|
|
A85 encoder is not called yet; fix before adding
calls to this code in Chromium.
BUG=682550
Review-Url: https://codereview.chromium.org/2649263002
|
|
We can get into a loop when gif_img_row_bytes is 0 since Decode will
return 3 when the second parameter is 0, and there is a while(ret!=0).
BUG=681170
Change-Id: I63502a8487c07030fce2373f74cec6b4f0c98297
Reviewed-on: https://pdfium-review.googlesource.com/2211
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
If the values are going to overflow, return error code, which seems to
be 2.
BUG=668822
Change-Id: I89b3fcf277e98d65b8c3438e6d9bb84fe62a8de9
Reviewed-on: https://pdfium-review.googlesource.com/2213
Commit-Queue: Nicolás Peña <npm@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
BUG=680062
Change-Id: I9e2fd960915cd1de5e0cc15aeabf9ccf27e5a795
Reviewed-on: https://pdfium-review.googlesource.com/2212
Commit-Queue: Nicolás Peña <npm@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
It already has a sizeof() and a cast built into the macro,
so we don't need to do sizeof() and cast on each usage.
Review-Url: https://codereview.chromium.org/2625133009
|
|
This patch adds the additional functions required to make postscript
printing functional. The most significant additions are are two added
compression functions and a new API for setting the postscript level.
Not currently called from Chromium, Chromium patch to come.
BUG=
Review-Url: https://codereview.chromium.org/2612243005
|
|
The return value is used to determine whether TIFFReadFile fails. If we
return just the length, libtiff will try reading uninitilized values
afterwards, on corrupted files.
BUG=679230, 670928
Change-Id: I579adc9d8a00e8cafab45dbdb728f1cb702da051
Reviewed-on: https://pdfium-review.googlesource.com/2172
Commit-Queue: Nicolás Peña <npm@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|
|
The code_size variable is the number of bits. We should make sure that
the size is at most 31 to avoid having undefined shifts etc.
BUG=620661
Change-Id: Ia533386d01de93a55048cfd63d63989b2731a210
Reviewed-on: https://pdfium-review.googlesource.com/2161
Reviewed-by: dsinclair <dsinclair@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: Nicolás Peña <npm@chromium.org>
|
|
We are using pdfium::base::checked_cast to get the width and height,
but we may overflow and abort. Therefore, we should instead early
return if the obtained width and height are not valid int32_t's.
BUG=655056
Change-Id: Ic0c6b88a16dc3d547fe82736bb14ed3122cd356a
Reviewed-on: https://pdfium-review.googlesource.com/2160
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: Nicolás Peña <npm@chromium.org>
|
|
Remove unused m_Segments.
Review-Url: https://codereview.chromium.org/2618863004
|
|
Revert CL http://crrev.com/2608663003 in preparation for adding
postscript generation to Pdfium.
Note postscript generation code will not be called until additional
patches land. These patches will also include modifications needed to
make this code functional (currently missing a few compression functions).
BUG=
Review-Url: https://codereview.chromium.org/2615703002
|
|
This CL updates the Huffman decoder in the JBig2 codex to check the low field
does not overflow.
BUG=chromium:675236
Change-Id: I7f5f6fe8329df4ece6f317fac521fe2373686479
Reviewed-on: https://pdfium-review.googlesource.com/2131
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
Review-Url: https://codereview.chromium.org/2578663002
|
|
Be suspicious of |new|. This removes some of the
easy cases.
Review-Url: https://codereview.chromium.org/2571913002
|
|
Review-Url: https://codereview.chromium.org/2572843002
|
|
While decoding among instances, variable "FIRSTS" should hold its
value, not be reset. This was accidently changed by earlier
refactoring.
BUG=chromium:625848,pdfium:636
Review-Url: https://codereview.chromium.org/2569023002
|
|
We can remove a lot of "bOwnsStream" logic in the process.
Always pass these by const reference, in case the called method
wants to hang on to the stream (one exception is where we stick
a raw pointer into a void* slot in a context from another layer).
Review-Url: https://codereview.chromium.org/2451493002
|
|
Because that's what clone does. Perform immediate release
in some spots to avoid disrupting too much at once.
Review-Url: https://codereview.chromium.org/2534953004
|
|
|code_size_cur| could be larger than |code_size|, so |code| could be
larger than |code_end|. If this happens, early return, since the Decode
has failed.
BUG=659417
Review-Url: https://codereview.chromium.org/2542673004
|
|
The width and compress flag are read, so returning with error is more
appropriate than having an ASSERT.
BUG=659497
Review-Url: https://codereview.chromium.org/2535863002
|
|
BUG=667074
Review-Url: https://codereview.chromium.org/2520253003
|
|
fx_codec_icc.cpp specify default number of color components as 3 for
unknown profiles. However, lcms may know such profile with different
number of components. The inconsistency may lead to array access
violation.
This CL uses cmsChannelsOf() from lcms to ensure consistency. And
rejects unexpected number according to PDF spec.
BUG=chromium:667694
Review-Url: https://codereview.chromium.org/2522933002
|
|
Review-Url: https://codereview.chromium.org/2514173002
|
|
The -build/include setting was masking out build/include_what_you_use. This CL
restores them, fixes any build errors, and adds NOLINT as needed. As well,
the runtime/explicit and runtime/printf flags are aslo enabled and NOLINT'd.
lint cleanups
Change-Id: Ib013b3eb29c8d0e48cad74c5df9028684130719f
Reviewed-on: https://pdfium-review.googlesource.com/2030
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|
|
Previously the log just made sure the colorspace and the image have
exact matches for the number of colorspace components. Now, for some
colorspace types, check the type and make sure the number of
components meets or exceeds what is required by the spec.
Also do some refactoring.
BUG=chromium:650230
Review-Url: https://codereview.chromium.org/2486123002
|
|
None of the decodes in the method are currently being checked. This is
causing pdfium to take a long time rendering corrupted files. Thus, I
added a couple of early returns to help prevent this from happening.
BUG=450971
Review-Url: https://codereview.chromium.org/2493633002
|
|
https://codereview.chromium.org/2482663002/ )
Reason for revert:
Max cmsChannelsOf() is 15, which is larger than expectation of existing code and cause crashes (at least the fuzzer).
BUG=chromium:663240
Original issue's description:
> Clean up fx_codec_icc.cpp
>
> Committed: https://pdfium.googlesource.com/pdfium/+/a94fc11866adb1b9ca4a4e1afb4fb574ed472e07
TBR=dsinclair@chromium.org
# Not skipping CQ checks because original CL landed more than 1 days ago.
Review-Url: https://codereview.chromium.org/2485363002
|
|
Review-Url: https://codereview.chromium.org/2482663002
|
|
Review-Url: https://codereview.chromium.org/2477443002
|
|
An optimization to speed up float-to-int rounding caused a different
result for one input value. This tweaks the conversion constant so
that the results are identical across the entire valid range, and
adds a test that checks the part of the range that is most sensitive
to errors.
BUG=pdfium:624
Review-Url: https://codereview.chromium.org/2466203002
|
|
Review-Url: https://codereview.chromium.org/2450393004
|
|
Review-Url: https://codereview.chromium.org/2454263002
|
|
Review-Url: https://codereview.chromium.org/2457943002
|
|
Review-Url: https://codereview.chromium.org/2461543002
|
|
Replace most of these with ints since the are used in integer
operations. If it walks like a duck, and quacks like a duck
... despite what the hungarian notation might say.
Review-Url: https://codereview.chromium.org/2455523005
|
|
Review-Url: https://codereview.chromium.org/2459673002
|
|
BUG=chromium:659519
Review-Url: https://codereview.chromium.org/2456553002
|
|
NEXTBIT() is particularly pernicious in that it isn't syntactically
an expression, but rather two expressions. Replace it with an inline
along the way.
Review-Url: https://codereview.chromium.org/2452123002
|
|
It's been troubling for some time that an IFX_FileStream might
actually be an in-memory buffer with no backing file.
Review-Url: https://codereview.chromium.org/2443723002
|