Age | Commit message (Collapse) | Author |
|
In this CL we prevent integer overflow by checking that the integers are
in the appropriate range before casting from unsigned to signed.
Bug: 789524
Change-Id: I41572849f18ffb0f0739c80130ee6b5061845d29
Reviewed-on: https://pdfium-review.googlesource.com/20011
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: Nicolás Peña Moreno <npm@chromium.org>
|
|
Bug:
Change-Id: I0c930ca30637f58af3b60ed8f1383bd9234a1723
Reviewed-on: https://pdfium-review.googlesource.com/19850
Commit-Queue: Lei Zhang <thestig@chromium.org>
Reviewed-by: Lei Zhang <thestig@chromium.org>
|
|
Bug: pdfium:774
Change-Id: Ie7674ac55dea6284a0d974cef107ef357197a06b
Reviewed-on: https://pdfium-review.googlesource.com/19610
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
|
|
This CL removes the CollectionSize and updates call locations as needed.
Bug: pdfium:774
Change-Id: I813c500b3a17a194407ceb1304252b9b16fe1779
Reviewed-on: https://pdfium-review.googlesource.com/19590
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
|
|
This gets rid of most core/ non-const ref passing, either by passing by
pointer-to-pointer instead, or by returning std::pair.
Change-Id: Id7bdc355a1a725a05f9fa2f1e982ca8c975beef1
Reviewed-on: https://pdfium-review.googlesource.com/19030
Commit-Queue: Lei Zhang <thestig@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
This CL adds checks in CJBig2_GRRDProc to verify if the decoder is
completed before trying to decode. This is currently done in all
decoding calls in CJBig2_GRDProc.
Bug: chromium:782826
Change-Id: Ifb4ee4d09e8357e969aefa107b4dafbc2284324b
Reviewed-on: https://pdfium-review.googlesource.com/18333
Reviewed-by: Lei Zhang <thestig@chromium.org>
Commit-Queue: Nicolás Peña Moreno <npm@chromium.org>
|
|
This CL improves some method names and does other basic cleanup.
Change-Id: I32ea88ff29383e9685d4c686625088c96f73f035
Reviewed-on: https://pdfium-review.googlesource.com/18210
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
Commit-Queue: Nicolás Peña Moreno <npm@chromium.org>
|
|
This CL changes the type of |m_dwOffset| to safe unsigned integer to
prevent the offset from cycling from MAX_UINT32 back to 0.
Bug: chromium:778912
Change-Id: Ib93a8392e52eecf2cc223438ac85e9dc529b0f43
Reviewed-on: https://pdfium-review.googlesource.com/18130
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: Nicolás Peña Moreno <npm@chromium.org>
|
|
Change-Id: Id53cbb8c95f6eb929f6e4eb57333daa24f1b776f
Reviewed-on: https://pdfium-review.googlesource.com/18010
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: Nicolás Peña Moreno <npm@chromium.org>
|
|
Bug: chromium:781780
Change-Id: Ie92d8b570c37e9b3364d1ff4502f444a275ee6c2
Reviewed-on: https://pdfium-review.googlesource.com/17910
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
Change-Id: I24404be0065156a1cfdec31bafdf72c27fa70142
Reviewed-on: https://pdfium-review.googlesource.com/17792
Reviewed-by: Chris Palmer <palmer@chromium.org>
Commit-Queue: Lei Zhang <thestig@chromium.org>
|
|
PartitionAlloc does not handle free(NULL), so _TIFFfree() needs to do
the check, just like png_free_default() and _cmsFree() for other third
party code.
BUG=chromium:780709
Change-Id: I4e2ff0ba642c66e4a73e151c9ab42ebb42d34a5b
Reviewed-on: https://pdfium-review.googlesource.com/17791
Reviewed-by: Chris Palmer <palmer@chromium.org>
Commit-Queue: Lei Zhang <thestig@chromium.org>
|
|
Bug: chromium:778961
Change-Id: I1d08b3282304931276c24e50392c10b21780dcde
Reviewed-on: https://pdfium-review.googlesource.com/16971
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
Quoting the JBIG2 spec: "If B is a 0xFF byte, then B1 (the byte pointed
to by BP+1) is tested. If B1 exceeds 0x8F, then B1 must be one of the
marker codes. The marker code is interpreted as required, and the buffer
pointer remains pointed to the 0xFF prefix of the marker code which
terminates the arithmetically compressed data. 1-bits are then fed to
the decoder until the decoding is complete. This is shown by adding
0xFF00 to the C-register and setting the bit counter CT to 8."
Our implementation is the alternative (faster for software according to
the spec), where only CT is changed to 8.
Reaching this part of the code means we will never read from stream
again so we should be wrapping up the decoding. To ensure this, the
|m_Complete| attribute is set to true if we reach this code again,
which will result in bailing out next time DECODE is called.
Bug: 767156
Change-Id: I434d46bc7914713a065f0e4da079bbc9b5dd216c
Reviewed-on: https://pdfium-review.googlesource.com/16791
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: Nicolás Peña Moreno <npm@chromium.org>
|
|
Bug: 649278
Change-Id: Ib9084f6d9bb7dc7bf3713faa22d3a26822a96681
Reviewed-on: https://pdfium-review.googlesource.com/16550
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: Nicolás Peña Moreno <npm@chromium.org>
|
|
A frame with 0 height will have no data, so there is not point in
attempting to load it. Additionally some of the loading code assumes a
non-zero height implicitly.
BUG=chromium:770470
Change-Id: I38b222b46b43ce5d47924526913285510be40603
Reviewed-on: https://pdfium-review.googlesource.com/16551
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
|
|
Fixed issue with unit tests that was causing raw data to be backwards
and reverted related LSB -> MSB change that was introduced due to
this.
If global palette not set then the background colour index should be
0.
Check that background colour index is valid when global palette
exists.
Check if transparency index is valid for the palette of the frame it
is being applied to.
BUG=chromium:770337
Change-Id: I5d9b648f45bbb4c93218664a7035e4d01dbeb627
Reviewed-on: https://pdfium-review.googlesource.com/15453
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
Break up reading the signature and local screen descriptors into
seperate functions. Fix a bug in how matching in the signature
validation works. Move LSD value assignment to after sufficient data
has been confirmed. Convert LSB to MSB methods where they were just
wrong. Add unit tests for ReadData, SetInputBuffer, ReadSignature,
ReadLocalScreenDescriptor, and ReadHeader.
BUG=pdfium:913,chromium:770470
Change-Id: I1683b8aefc11300625b9be8087c6988549308a8f
Reviewed-on: https://pdfium-review.googlesource.com/15250
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
The existing implementation of a LSB first word method was incorrect,
in addition it was implemented to the BMP code, but also used in the
GIF code. Thus is should be moved to a common location.
Also added in an implementation for FXWORD_GET_MSBFIRST, since the
GIF code will need this.
BUG=pdfium:914
Change-Id: I0e84813356fbd456b293a190da3c2cde01a6580b
Reviewed-on: https://pdfium-review.googlesource.com/15210
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
|
|
Remove unused defines; Move to .cpp files where possible; Fixup values.
Change-Id: I88cd5deb04b14ab8e9f8097a695c3d0b52d64b4c
Reviewed-on: https://pdfium-review.googlesource.com/15130
Reviewed-by: Henrique Nakashima <hnakashima@chromium.org>
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
Remove unused defines.
Change-Id: Ibf10d8470f19cbf4528fe1342398a39ef15c1d12
Reviewed-on: https://pdfium-review.googlesource.com/15110
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
|
|
Speciifically replacing what was called the "stack_", an array, with a
vector called "decompressed_". The fact that this data structure
wasn't actually a stack caused a lot of grief when refactoring.
BUG=pdfium:903
Change-Id: I056f8fc9183bcde67a03dc9de0dae9ddf9fb0f37
Reviewed-on: https://pdfium-review.googlesource.com/15092
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
|
|
This CL simplifies the OS == WIN{32|64} checks to be PLATFORM == WINDOWS
checks.
Change-Id: I1493d316dd457b0228e4ef39db4cf1d2b8abf97d
Reviewed-on: https://pdfium-review.googlesource.com/14870
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
These are error strings are set but never used for anything.
BUG=pdfium:907
Change-Id: I08d9547009116f7386d15b4a965b9a99c7bf1997
Reviewed-on: https://pdfium-review.googlesource.com/15010
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
|
|
Moved everything from core/fxcodec/lgif to core/fxcodec/gif
Converted CGifContext -> CFX_GifContext
Removed _ptr suffixes from CXF_GifContext
Movef fx_gif.* -> cfx_gif.*
Renamed structs in cfx_gif.h
Renamed members of CFX_GifImage
Renamed members of CFX_GifContext
Renamed CFX_LZWDecoder -> CFX_LZWDecompressor
BUG=pdfium:903
Change-Id: I537e905e935da26832e6bbdc03e0373ed5500bcb
Reviewed-on: https://pdfium-review.googlesource.com/14990
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
This string is set, but never used.
BUG=pdfium:907
Change-Id: I57555d0dd3670b245554ff2d7163d1d04bcdb7e8
Reviewed-on: https://pdfium-review.googlesource.com/14930
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
|
|
With the conversion of internal string sizes to size_t, these wrappers
are no longer needed. Replacing them with strlen and wcslen
respectively.
BUG=pdfium:828
Change-Id: Ia087ca2ddaf688a57ec9bd9ddfb8533cbe41510d
Reviewed-on: https://pdfium-review.googlesource.com/14890
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
BUG=pdfium:828
Change-Id: I5c40237433ebabaeabdb43aec9cdf783e41dfe16
Reviewed-on: https://pdfium-review.googlesource.com/13230
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
|
|
A lot of the structs in the GIF code use acronyms that are non-obvious
unless you are familar with the GIF spec, and even then lead to lots
of looking back. Making the naming more explicit. Also converted
GifImage to be a struct, since it didn't have any methods defined for
it.
BUG=pdfium:903
Change-Id: I97ca2adfdc4ada8bcaef5f8f317c1dea7365d70d
Reviewed-on: https://pdfium-review.googlesource.com/14836
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
|
|
This was causing us to use the local palette values when they didn't
exist, instead of the global palette values.
BUG=chromium:769292
Change-Id: I02d19cbcf0cf9e362e123fc7648d8f47991b8155
Reviewed-on: https://pdfium-review.googlesource.com/14910
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
|
|
This CL removes unreachable code and also removes the flag
Icc_Format_DEFAULT which becomes unused.
Bug: chromium:346399
Change-Id: I1cdd0f70ffec2abcd20ddf5b181273971b92ecaa
Reviewed-on: https://pdfium-review.googlesource.com/14850
Commit-Queue: Nico Weber <thakis@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
Reviewed-by: Nico Weber <thakis@chromium.org>
|
|
This CL renames the FX_OS defines to have _OS_ in their names and drops
the _DESKTOP suffix. The FXM defines have been changed to just FX.
Change-Id: Iab172fba541713b5f6d14fb8098baf68e3364c74
Reviewed-on: https://pdfium-review.googlesource.com/14833
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
The _FX_IOS_ define is never defined, so it isn't useful to check
_FX_OS_ against. Remove.
Change-Id: I90b50a1a0dc165073ed223cbfe861b9a227818dd
Reviewed-on: https://pdfium-review.googlesource.com/14831
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|
|
Previous implementation assumed that if the local colour palette was
not specified and the global palette had its size specified, then use
the global. If the global palette is disable, it will not have data,
but it may have a size. Technically the size is giberish in this case,
but the value is allowed to be non-zero, so isn't a sufficient check.
BUG=chromium:768089
Change-Id: Iaec15fcd65f3983056df7d56d29118a516334cd9
Reviewed-on: https://pdfium-review.googlesource.com/14819
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
|
|
CGifLZWDecoder has been moved out into its own file, name changed to
CFX_LZWDecoder, member variable names updated, creation pattern
changed, and unit tests added.
Wrt the creation pattern, there is no longer a constructor and 2
initialization methods that need to be called. Instead all of the
initialization is done as part of the constructor. A wrapper has been
added for generating a std::unique_ptr<CFX_LZWDecoder>, so that params
can be validated.
BUG=pdfium:900,pdfium:901,pdfium:903,pdfium:904
Change-Id: Idcbe773f7fb18b08e64d5a89bfd87d4801332c53
Reviewed-on: https://pdfium-review.googlesource.com/14814
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
|
|
There are a number of functions in fx_gix.h/.cpp that take in a
pointer to a CGifContext as their first parameter. Moving these to be
methods in that class.
BUG=pdfium:902
Change-Id: I8c583ab9e42dda4241aa8a6f865408a94fa6d273
Reviewed-on: https://pdfium-review.googlesource.com/14670
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|
|
The core fix in this CL is a change to how LWZ decompression works, so
that when the min code table size and the color palette size are
different, color codes after the end of the defined color palette are
considered errors.
This CL also introduces a bunch of tweaks to the call return path,
since there were multiple locations where the GIF decode failing
status was being dropped on the floor, so the end widget would have a
bitmap with the default colour in it, instead of nothing.
BUG=chromium:616671
Change-Id: Id6f40d552dc24650c91e9903f710ff2fa63bc774
Reviewed-on: https://pdfium-review.googlesource.com/14630
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
This CL moves CFX_UnownedPtr to UnownedPtr and places in the fxcrt
namespace.
Bug: pdfium:898
Change-Id: I6d1fa463f365e5cb3aafa8c8a7a5f7eff62ed8e0
Reviewed-on: https://pdfium-review.googlesource.com/14620
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
This CL renames CFX_RetainPtr to RetainPtr and places in the fxcrt
namespace.
Bug: pdfium:898
Change-Id: I8798a9f79cb0840d3f037e8d04937cedd742914e
Reviewed-on: https://pdfium-review.googlesource.com/14616
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
This CL moves CFX_MaybeOwned into the fxcrt namespace and removes the
CFX_ prefix.
The test names for maybe owned were updated to be in the MaybeOned test
suite instead of the fxcrt suite.
Bug: pdfium:898
Change-Id: I0c07057d66c8610e7b19133094b4507fff725e76
Reviewed-on: https://pdfium-review.googlesource.com/14470
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|
|
Then set up the right dependencies for them.
BUG=chromium:765914
Change-Id: I036cd888c741927d5efe0d020c6676f169e7cbb1
Reviewed-on: https://pdfium-review.googlesource.com/14410
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
Change-Id: I020b862619f3f93f71dbb027b9e799d78744f686
Reviewed-on: https://pdfium-review.googlesource.com/14391
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
Change-Id: Icacf877e2b66ca7d49637dcf9eaec0f99bcdd8bb
Reviewed-on: https://pdfium-review.googlesource.com/14390
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
Change-Id: I703321108712e8c4a11a8343ecf8b1a8804c1d1a
Reviewed-on: https://pdfium-review.googlesource.com/14352
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: Lei Zhang <thestig@chromium.org>
|
|
Automated using git grep & sed.
Replace StringC classes with StringView classes.
Remove the CFX_ prefix and put string classes in fxcrt namespace.
Change AsStringC() to AsStringView().
Rename tests from TEST(fxcrt, *String*Foo) to TEST(*String*,
Foo).
Couple of tests needed to have their names regularlized.
BUG=pdfium:894
Change-Id: I7ca038685c8d803795f3ed02545124f7a224c83d
Reviewed-on: https://pdfium-review.googlesource.com/14151
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
|
|
Now considering anything not representable by a 32-bit signed int
as OOB rather than decoding some arbitrary overflowed value.
Bug: chromium:761666
Change-Id: I00f5a3abadca51f9bedc5e5d78f7f184040c2f33
Reviewed-on: https://pdfium-review.googlesource.com/14010
Commit-Queue: Henrique Nakashima <hnakashima@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
|
|
Due to some of the size parameters for allocating space in Decode()
depending on the values produced by opj_decode(), this change was
causing misallocation of space, which in turn was causing illegal
reads/writes.
The issue with excessive memory usage that the original CL was trying
to change is less significant than the above mentioned problems, so
reverting this fix and looking for another solution to the
problem. This will re-open bugs https://crbug.com/754423 and
https://crbug.com/761005.
BUG=chromium:764177,chromium:754423,chromium:761005
Change-Id: I1cafac8a8117ec1e3bc32b31196bdec719d46477
Reviewed-on: https://pdfium-review.googlesource.com/13950
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
Reviewed-by: Henrique Nakashima <hnakashima@chromium.org>
|
|
BUG=chromium:761005
Change-Id: I538e49f1eeb32891b33677d8587d2bed110b1fc1
Reviewed-on: https://pdfium-review.googlesource.com/13692
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
|
|
This patch was authored by Ke Liu of Tencent's Xuanwu Lab.
BUG=762374
Change-Id: Icb3ee98fb4c399b871ccf11e9920af7caf51be11
Reviewed-on: https://pdfium-review.googlesource.com/13610
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: Chris Palmer <palmer@chromium.org>
|
|
BUG=chromium:762106
Change-Id: I714d69320cc4fb81d535f811c18d4ef91fec44d3
Reviewed-on: https://pdfium-review.googlesource.com/13212
Commit-Queue: Lei Zhang <thestig@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|