summaryrefslogtreecommitdiff
path: root/core/fxcodec
AgeCommit message (Collapse)Author
2017-08-28Skip decoding of excessively large JBIG2 images.Lei Zhang
BUG=chromium:749610. Change-Id: I4de7855aec552e6c143e7a8be6b90e44945a0fcb Reviewed-on: https://pdfium-review.googlesource.com/11930 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Henrique Nakashima <hnakashima@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-08-10LCMS: rename folderNicolas Pena
Change-Id: I5f240cb0779648dc5427fecb5561086e7c0fb16a Reviewed-on: https://pdfium-review.googlesource.com/10650 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: Nicolás Peña <npm@chromium.org>
2017-08-07Tidy fx_codec_jpx_opj.cppchromium/3180Tom Sepez
Single no-op callback. pdfium::clamp() where appropriate. Use post-increment where appropriate. Add helper functions for image type. Change-Id: I1584a1c90b46bd87f6ee983b78b6a2119212d0fb Reviewed-on: https://pdfium-review.googlesource.com/10270 Reviewed-by: Lei Zhang <thestig@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org>
2017-08-07Convert static functions to anonymous namespaceTom Sepez
Mechanical change to bring into conformance with style guide. Change-Id: I80d06708ed5c40af7e797ea5dc6279a0b4f3cf6a Reviewed-on: https://pdfium-review.googlesource.com/10250 Reviewed-by: Lei Zhang <thestig@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org>
2017-08-07Fix PartitionAlloc vs. opj_malloc mismatch in fx_codec_jpx_opj.cppTom Sepez
Apply patch suggestions from reporter. Move all FX_Alloc'd memory into unique_ptrs so that no bare FX_Alloc/Free_Free calls remain. Fix a realloc / opj_realloc mismatch. Remove unused functions color_apply_icc_profile() and color_apply_conversion(). Tidy along the way, add some missing statics, and fix a confusing (but not quite member shadowing) local name. Bug: 752829 Change-Id: Ibf2d108a857e3de39e752c2c553a31e002a07caf Reviewed-on: https://pdfium-review.googlesource.com/10230 Reviewed-by: Lei Zhang <thestig@chromium.org> Reviewed-by: Chris Palmer <palmer@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org>
2017-07-20Create helper method in CJBig2_HTRDProcNicolas Pena
This CL creates CJBig2_HTRDProc::decode_image to reduce duplicated code in the class. Change-Id: Ie348179c96ff534f95cba401c4b9bd46e1c4e6ac Reviewed-on: https://pdfium-review.googlesource.com/8410 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: Nicolás Peña <npm@chromium.org>
2017-07-19Remove JBig2_GsidProc classNicolas Pena
This CL removes the JBig2_GsidProc since it is only used as a single instance in each of the methods in CJBig2_HTRDProc, so it is completely unnecessary. Change-Id: I69d0a4a059b9eb6ebcbbb79b92ea1cd6c22cb1cb Reviewed-on: https://pdfium-review.googlesource.com/7930 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-07-17Simplify CJBig2_Context::huffman_assign_codeNicolas Pena
This CL removes duplicate huffman_assign_code()s and changes some return values and members to std::vector. Change-Id: I47a1e0e2e88ff54ec799c97e92ec9ff5ca87c6c7 Reviewed-on: https://pdfium-review.googlesource.com/7910 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-07-14Use CFX_MaybeOwned in CJBig2_TRDProcNicolas Pena
Change-Id: I874c537454bda024224a01c905b7ba01a90a6970 Reviewed-on: https://pdfium-review.googlesource.com/7732 Commit-Queue: Nicolás Peña <npm@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-07-14More unique_ptrs in JBIG2 code part 2Nicolas Pena
This CL makes HDPATS in CJBig2_PatternDict be a vector of unique_ptr. Change-Id: Ib23aed6323d4a988b2eedc4bfe95f2098d32c188 Reviewed-on: https://pdfium-review.googlesource.com/7871 Commit-Queue: Nicolás Peña <npm@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-07-13More unique_ptrs in JBig2 codeNicolas Pena
This CL makes CJBig2_Segment own the results: symbol, pattern, huffman, and huffman. This causes a lot more unique_ptr usage in JBig2 code. Change-Id: I1f0a5bfaaf85053658b467bef5325c72d1f496c7 Reviewed-on: https://pdfium-review.googlesource.com/7690 Commit-Queue: Nicolás Peña <npm@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org>
2017-07-12Move CMYKtoRGB methods to fx_codec and clean them upNicolas Pena
This CL moves CMYKtoRGB methods to fx_codec. It also cleans them up a bit, including allowing them to return tuples instead of having non-const refs in their parameters. Change-Id: Ib3ec45102ec7eff623cd07a624e852d39bf335e4 Reviewed-on: https://pdfium-review.googlesource.com/7591 Commit-Queue: Nicolás Peña <npm@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-07-12Cleanup ICC code part 1Nicolas Pena
This CL switches void* to CLcmsCmm*, simplifies the ownership and destruction of CLcmsCmm, and reduces unnecessary function calling in fx_codec_icc.cpp. Change-Id: Ifdbf59dcdaede497d1684b161dd066726cf08ee3 Reviewed-on: https://pdfium-review.googlesource.com/7590 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: Nicolás Peña <npm@chromium.org>
2017-07-07Check that there is enough data remaining in source BMP before readingchromium/3152Ryan Harrison
When reading in a BMP, after processing the header, make sure that there is enough data remaining in the source before proceeding. If not signal that the BMP is improperly formatted. BUG=chromium:738635 Change-Id: I506bc0e6db7dcd4b5984fd91a1f39516320a2037 Reviewed-on: https://pdfium-review.googlesource.com/7280 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: Ryan Harrison <rharrison@chromium.org>
2017-06-30Use the right free function for ICC color profiles.chromium/3146Chris Palmer
They are allocated with |opj_malloc| (which is just |malloc|), but we were freeing them with |FX_Free|. But |FX_Free| recently changed to be |PartitionFree|. This is probably not the right ultimate fix, but it should solve the high-occurence crash we're seeing in the short term. BUG=chromium:737033 Change-Id: Ia162fe4e39731bd774d3eccb2357d9add26aa079 Reviewed-on: https://pdfium-review.googlesource.com/7230 Commit-Queue: Chris Palmer <palmer@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org>
2017-06-23Cleaning up fx_string_testhelpers.Henrique Nakashima
This is unused except for being a pathway for indirect deps. Change-Id: I717290235ccbc59429ad24231033382958e2a086 Reviewed-on: https://pdfium-review.googlesource.com/6910 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: Henrique Nakashima <hnakashima@chromium.org>
2017-06-22Continue BMP decoder cleanupNicolas Pena
This CL replaces raw pointers with vector and unique_ptr. It also fixes other nits. Change-Id: I45c99c9aa658681ec3f0b48fc4f407b278b250f5 Reviewed-on: https://pdfium-review.googlesource.com/6830 Commit-Queue: Nicolás Peña <npm@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org>
2017-06-20Cleanup fpdf_parser_decodeNicolas Pena
This CL fixes some nits in fpdf_parser_decode, especially avoiding non-const reference parameters. Change-Id: Ibb914850afd924bb398f886ac862f7589519ef7e Reviewed-on: https://pdfium-review.googlesource.com/6750 Commit-Queue: Nicolás Peña <npm@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-06-20Fix signedness of height in BMP decoderNicolas Pena
Change-Id: I8a17739538a9ecd63d713007550177579c0b72f0 Reviewed-on: https://pdfium-review.googlesource.com/6731 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-06-19Make out_row_buffer an std::vectorNicolas Pena
The out_row_buffer of BMPDecompressor is made a vector. This forces the class to have constructor/destructor. Some other members were changed to be of size_t instead of int32_t. Change-Id: I3f70b0322dcee2ddf9a00da7962b43f3415ba545 Reviewed-on: https://pdfium-review.googlesource.com/6691 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-06-15Remove unused BMP compressing codeNicolas Pena
Change-Id: I64e32fc9226f57e1c9adff7809fabc6cd56e7a8f Reviewed-on: https://pdfium-review.googlesource.com/6611 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: Nicolás Peña <npm@chromium.org>
2017-06-14Cleanup fx_bmp part 1Nicolas Pena
This CL creates BMPDecompressor from a struct and moves into this class many methods which naturally belong to it. Change-Id: I042fac9b48d0b732ee9e43fbeb0eec6b52007dab Reviewed-on: https://pdfium-review.googlesource.com/6511 Commit-Queue: Nicolás Peña <npm@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-06-13Check validity of color indices in bmp_decode_rgbNicolas Pena
The pal_num member of bmp_ptr indicates the number of color indices used by the bitmap. This CL returns an error when an invalid index is found, since otherwise a heap-buffer-overflow can occur since the size of m_pSrcPalette is calculated based on pal_num. Bug: chromium:616670 Change-Id: I397958704bed1aa1ae259016ffd5033c07a801ee Reviewed-on: https://pdfium-review.googlesource.com/6470 Reviewed-by: dsinclair <dsinclair@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-06-08Guard against undefined shifting in JPX decoderDan Sinclair
If the prec value in syncc444_to_rgb is more then 30 then when we shift left we'll go negative. The subsequent -1 will cause an overflow. This CL early returns if the prec value is > 30. Bug: chromium:728321 Change-Id: I4d25e9bab840bc6d46f8db3490c9484392cd7a32 Reviewed-on: https://pdfium-review.googlesource.com/6414 Reviewed-by: Lei Zhang <thestig@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-06-01Use unique_ptrs for codec contexts in ccodec_progressivedecoder.chromium/3118Tom Sepez
Change-Id: I4deaf8ca946c2dcb6842c5702b02eed1c22b1201 Reviewed-on: https://pdfium-review.googlesource.com/6191 Reviewed-by: Lei Zhang <thestig@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org>
2017-06-01Move CCodec_GifModule state to CGifContextTom Sepez
Introduce a base CCodec_GifModule::Context class with a virtual destructor so holders of unique_ptr's to these can delete them without actually having any knowledge of the implementation details of the context. Bug: 728669 Change-Id: Ia50f94300924a1053c326984eac3b03f25f1b83c Reviewed-on: https://pdfium-review.googlesource.com/6190 Commit-Queue: Tom Sepez <tsepez@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org>
2017-06-01Missing one unowned_ptr in ccodec_progressivedecoder.hTom Sepez
Change-Id: Ief386ce0d3887cc2876ce4b430f657b7462e3277 Reviewed-on: https://pdfium-review.googlesource.com/6170 Reviewed-by: Lei Zhang <thestig@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org>
2017-06-01Rename FXJPEG_Context and use unowned ptrTom Sepez
The module class itself is already stateless. Clean up context in its dtor. Change-Id: Icbab7b23ec9d3ceb773b74383056c12b61a38907 Reviewed-on: https://pdfium-review.googlesource.com/6151 Commit-Queue: Tom Sepez <tsepez@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org>
2017-05-31Put all CCodec_PngModule state into its context.Tom Sepez
Rename FXPNG_Context and use unowned ptr. Clean up context in its dtor. Then create and destroy using |new|. Change-Id: I7b66e6d0da50a16d3b8d5108ffd931bb01145892 Reviewed-on: https://pdfium-review.googlesource.com/6152 Commit-Queue: Tom Sepez <tsepez@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org>
2017-05-31Move all of ccodec_bmpmodule state to its contextTom Sepez
This avoids a stale delegate pointer issue in the module. In theory, it should also allow for multiple decodes at the same time from different contexts within the same module, but this isn't used. Rename associated context, and use |new| to create it. Along the way, resolve a subtle FX_Alloc() vs. user-supplied callback free() issue, and remove supporting code. Bug: 728323 Change-Id: I7bb66bb5d5b4fa173bec2b445a8e71ab691fdf5c Reviewed-on: https://pdfium-review.googlesource.com/6133 Reviewed-by: Lei Zhang <thestig@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org>
2017-05-30Use unowned ptr back to delegates in codec moduleschromium/3117Tom Sepez
Change-Id: I8e31305dcf888665cb0656ac518f07541566b177 Reviewed-on: https://pdfium-review.googlesource.com/6084 Reviewed-by: Lei Zhang <thestig@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org>
2017-05-30Release unowned m_pTiffContext before deleting through itTom Sepez
Workaround for murky ownership. Note the member will now get cleared as a consequence of Release() Bug: 726887 Change-Id: I3eac3d1aa915497f66a57c5effa892a15d10f583 Reviewed-on: https://pdfium-review.googlesource.com/6079 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org>
2017-05-30Do not store pointer to IFX_Pause in CCodec_Jbig2ContextTom Sepez
It's passed everywhere it is needed, and there's no reason to believe that any specific instance will outlive the context. Bug: 727245 Change-Id: Ie902d02fc668fb5c21adb9c4d8eb329008f3a665 Reviewed-on: https://pdfium-review.googlesource.com/6078 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org>
2017-05-26IFX_Pause is passed to CJBig2_Context, no need to store.chromium/3113Tom Sepez
Avoids the possibility of having a stale pointer in the context. Bug: 726653 Change-Id: I8b41d2ab04e7ab07e694431b53491b3d0861e4ee Reviewed-on: https://pdfium-review.googlesource.com/6074 Reviewed-by: Lei Zhang <thestig@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org>
2017-05-26Pass CJBig2_ArithDecoder to CJBig2_GRDProc as needed.Tom Sepez
Avoid holding a stale pointer to it in CJBig2_GRDProc. Bug: 726732 Change-Id: Ia3797a3e087f61bd2126f867fd5a282e873de5bc Reviewed-on: https://pdfium-review.googlesource.com/6050 Reviewed-by: Lei Zhang <thestig@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org>
2017-05-25Mass conversion of remaining class members (non-xfa)Tom Sepez
Change-Id: I8365ba80e3395d59a3cf35dbd9d9162e86e712e3 Reviewed-on: https://pdfium-review.googlesource.com/5970 Commit-Queue: Tom Sepez <tsepez@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org>
2017-05-25Remove some unused definesDan Sinclair
Change-Id: Id816174391ee3a5612fb22df0b4c15fb3112cc8d Reviewed-on: https://pdfium-review.googlesource.com/5954 Reviewed-by: Nicolás Peña <npm@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-05-25Mass conversion of all const-lifetime class membersTom Sepez
Sed + minimal conversions to compile, including moving some constructors into the .cpp file. Any that caused ASAN issues during the tests were omitted rather than trying to resolve the underlying issue. Change-Id: I00a421f33b253eb4071ffd9af3f2922c7443b335 Reviewed-on: https://pdfium-review.googlesource.com/5891 Commit-Queue: Tom Sepez <tsepez@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org>
2017-05-24core: allow building against system lcms2chromium/3111Miklos Vajna
In a way similar to the existing USE_SYSTEM_ZLIB. The default is of course still the bundled lcms2. Change-Id: I219b50854b3c7870b0f4d94574ba39f6cb26f556 Reviewed-on: https://pdfium-review.googlesource.com/5870 Reviewed-by: Lei Zhang <thestig@chromium.org> Commit-Queue: Lei Zhang <thestig@chromium.org>
2017-05-23Remove longjmp from the Gif moduleNicolas Pena
The Gif module is only using the longjmp as a way to catch errors, so this CL makes it use GifDecodeStatus::Error instead. Change-Id: I9c97e63ed851d2a80e38f1d2cd9e8f297d608cb2 Reviewed-on: https://pdfium-review.googlesource.com/5850 Commit-Queue: Nicolás Peña <npm@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-05-23Use NOTREACHED() in more places.Lei Zhang
Change-Id: I88466943171f19259f84add69679741d44c8e123 Reviewed-on: https://pdfium-review.googlesource.com/5551 Commit-Queue: Lei Zhang <thestig@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-05-19Move CCodec_ModuleMgr ownership to CPDF_ModuleMgr.Lei Zhang
More straight forward than CFX_GEModule owning in and CPDF_ModuleMgr holding a pointer to it. Remove assumptions that the codec modules may return nullptr, and do IWYU. Change-Id: Iba7fc3c7ec223fd6d29a1ab74ed13d35689bc5d5 Reviewed-on: https://pdfium-review.googlesource.com/5654 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-05-17Gif: Detect string decoding errorsNicolas Pena
This CL adds some checks to make sure the DecodeString method does not go out out control: If code is equal to code_table[code].prefix, it will try to loop forever. Even if that's not the case, avoid reading a negative position from the stack. Bug: chromium:722672 Change-Id: I638f91542ba21f3a9915198fef853cc3cf94f4f1 Reviewed-on: https://pdfium-review.googlesource.com/5513 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: Nicolás Peña <npm@chromium.org>
2017-05-15Gif: error out on invalid code sizeschromium/3101Nicolas Pena
From the Gif spec: 'The output codes are of variable length, starting at <code size>+1 bits per code, up to 12 bits per code. This defines a maximum code value of 4095 (0xFFF).' 'Because the LZW compression used for GIF creates a series of variable length codes, of between 3 and 12 bits each' Bug: chromium:722115 Change-Id: Ic9cff99e6012195a6b5173693b029dc710285688 Reviewed-on: https://pdfium-review.googlesource.com/5490 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-05-12Rename ErrorData and fix potential leakchromium/3100chromium/3099Nicolas Pena
This CL fixes a leak that can be caused by a longjmp in ErrorData. The method is renamed to express the fact that it includes such, and a followup should remove the jmps altogether. Bug: chromium:721488 Change-Id: Iefcc82a77a30ff77b7973b05611440a8d5bf275e Reviewed-on: https://pdfium-review.googlesource.com/5450 Commit-Queue: Nicolás Peña <npm@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-05-12Merge FXGIF_Context and CGifDecompressor into CGifContextchromium/3098Nicolas Pena
Change-Id: I60c9cbd83ff9e7a30a5a570a6ad1cf8f52360c07 Reviewed-on: https://pdfium-review.googlesource.com/5410 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: Nicolás Peña <npm@chromium.org>
2017-05-11Do not use vector data() when it is emptyNicolas Pena
Before, all pointers were being initialized to 0. After raw pointers were changed to vectors, data() was used in some cases, but now no longer returns nullptr when it is supposed to. This CL fixes that. Bug: chromium:721417 Change-Id: Ia31b75b18dc17d7eed48538145fe5d0d59668843 Reviewed-on: https://pdfium-review.googlesource.com/5353 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: Nicolás Peña <npm@chromium.org>
2017-05-10Cleanup CGifDecompressor part 2Nicolas Pena
Change-Id: I9754da8d1bf54b328761ac9d83fcc4a3518b4a73 Reviewed-on: https://pdfium-review.googlesource.com/5230 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: Nicolás Peña <npm@chromium.org>
2017-05-09Cleanup of CGifDecompressor part 1Nicolas Pena
This CL changes the tag_gif_decompress_struct into CGifDecompressor. It cleans up a bunch of unnecessary function pointers and starts cleaning up the members of the new class. Change-Id: Id49cd8f5377dc8daaa15118551dadad4ddde7931 Reviewed-on: https://pdfium-review.googlesource.com/5170 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: Nicolás Peña <npm@chromium.org>
2017-05-08Remove default params in CFX_DIBSourceNicolas Pena
Change-Id: I9306afed2747e3b0054adeea1d39916cac47f5c5 Reviewed-on: https://pdfium-review.googlesource.com/5091 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>