Age | Commit message (Collapse) | Author |
|
Skip a lot of work that will all fail anyway.
BUG=chromium:838347
Change-Id: Iba45120e436b5547e106feb27dadea92cc948258
Reviewed-on: https://pdfium-review.googlesource.com/32053
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
|
|
The current implementation of the GIF codec does not handle the file
cursor moving backwards correctly. Specifically the input buffer that
the data is being read into is not invalidated, so if the entirity of
the buffer hasn't been consumed, a chunk of it will be moved to the
front before reading in more data, which is just
incorrect. Additionally, depending on the specific series of
operations, it is possible that the buffer was allocated for more
space then had been read into it and the uninitialized portion at the
end is being copied to the beginning.
The file cursor may move backwards when dealing with an animated gif
or other image with multiple frames, since all of the control data is
read in on load, and future calls specify what frame to fetch. The
code has been changed to treat the input buffer as invalid when moving
the cursor to a frame location, which will bypass any of the
problematic unused saving behaviour. A call to std::min has been added
to prevent allocation of an input buffer larger then the file size.
Additionally this CL refactors GifReadMoreData to be clearer about
what calculations are occuring, since the existing code reuses a
number of vaguely named variables, making it difficult to follow.
BUG=chromium:839348, chromium:839361
Change-Id: I2865658187bdf30bcad13ef4cac4f51a8966db11
Reviewed-on: https://pdfium-review.googlesource.com/32054
Reviewed-by: Henrique Nakashima <hnakashima@chromium.org>
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
|
|
BUG=pdfium:1007
Change-Id: Ib8aecf2e4833f22a4288f6e1381edc11d114c865
Reviewed-on: https://pdfium-review.googlesource.com/31952
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
Reviewed-by: Henrique Nakashima <hnakashima@chromium.org>
|
|
BUG=chromium:837972
Change-Id: I6cfa28bff38870419e4b1e2bced427cfcbf843cd
Reviewed-on: https://pdfium-review.googlesource.com/31912
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
|
|
Track the decode state in one data structure. Also grab pointers to data
structure members before tight loops when decoding. It turns out
referring to this->foo in tight loops can actually slow down decoding.
Change-Id: I6a09b08ca06ef05968966055b5ad20f8c89896af
Reviewed-on: https://pdfium-review.googlesource.com/31790
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
|
|
- Mark them private when possible.
- Disambiguate method names.
- Make method names match the style guide.
- Pass in rects by reference.
Change-Id: I0bf848756e81a92d20e46a81cd6260b660eaf482
Reviewed-on: https://pdfium-review.googlesource.com/31772
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
|
|
Use C++ style struct syntax (file already has other C++ features).
Assert that things have packed as intended since they map to
known layouts. Order these asserts in the same order as .h file.
Change-Id: I0a006c4b5789fb544783f488d5b4e609e32c7ec1
Reviewed-on: https://pdfium-review.googlesource.com/31654
Reviewed-by: Lei Zhang <thestig@chromium.org>
Commit-Queue: Tom Sepez <tsepez@chromium.org>
|
|
Use CJBig2_Context::HuffmanAssignCode() instead.
Change-Id: Ief187420494a8cefa26eeedb98a55683caf7807b
Reviewed-on: https://pdfium-review.googlesource.com/31538
Commit-Queue: Lei Zhang <thestig@chromium.org>
Reviewed-by: Henrique Nakashima <hnakashima@chromium.org>
|
|
The type is known where we need it, and we avoid some dubious
casts in the process. Also avoid clumsy indexing and use the
members directly in computations.
Bug: pdfium:243
Change-Id: I1e061465fd0f9045cf5b82067204f26ac7df53f0
Reviewed-on: https://pdfium-review.googlesource.com/31651
Reviewed-by: Lei Zhang <thestig@chromium.org>
Commit-Queue: Tom Sepez <tsepez@chromium.org>
|
|
Change-Id: I6461f81a3d8005efa75b8141c18c502a63252883
Reviewed-on: https://pdfium-review.googlesource.com/31537
Commit-Queue: Lei Zhang <thestig@chromium.org>
Reviewed-by: Henrique Nakashima <hnakashima@chromium.org>
|
|
It looks a lot like CJBig2_HuffmanTable::InitCodes(). Port over the
UBSAN error fix from commit 76c9a1b1.
BUG=chromium:709781
Change-Id: I5d2f8fb013c09099c82b0565627b77e4fb0f8a98
Reviewed-on: https://pdfium-review.googlesource.com/31536
Commit-Queue: Lei Zhang <thestig@chromium.org>
Reviewed-by: Henrique Nakashima <hnakashima@chromium.org>
|
|
One of its parameters is a member variable.
Change-Id: I0dcb78275d9ea5b05a77e211d178a0efb8699395
Reviewed-on: https://pdfium-review.googlesource.com/31535
Commit-Queue: Lei Zhang <thestig@chromium.org>
Reviewed-by: Henrique Nakashima <hnakashima@chromium.org>
|
|
Pick from a set of functions before calling it, instead of having code
to call all of the functions with the same parameters.
Change-Id: I7f479948f50bdc1a9eb2764d5eb7505dc7434418
Reviewed-on: https://pdfium-review.googlesource.com/31533
Commit-Queue: Lei Zhang <thestig@chromium.org>
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
|
|
Also remove method parameters that always refer to the same member
variables.
Change-Id: I9751d63895cc59e5280283795e39b50fd42eef94
Reviewed-on: https://pdfium-review.googlesource.com/31532
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
|
|
It only looks for a single segment type.
Change-Id: I83457c6f74c210299caec79a563e7876f4d1d9ea
Reviewed-on: https://pdfium-review.googlesource.com/31534
Commit-Queue: Lei Zhang <thestig@chromium.org>
Reviewed-by: Henrique Nakashima <hnakashima@chromium.org>
|
|
Change-Id: Ie700e132f13f2cb4851ea59b68c891e3c42af243
Reviewed-on: https://pdfium-review.googlesource.com/31531
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
|
|
Change-Id: Ic2acd6f03b9b2e52b3d94d7579d5dc36c8e62c96
Reviewed-on: https://pdfium-review.googlesource.com/31530
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
|
|
BUG=chromium:836872
Change-Id: I0362fd7708043648bffa26c9248b401ea2793a21
Reviewed-on: https://pdfium-review.googlesource.com/31510
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
|
|
BUG=chromium:837192
Change-Id: Ib9c0e7b4aeb6501e81308844d344a784f7c138d8
Reviewed-on: https://pdfium-review.googlesource.com/31490
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
|
|
Change-Id: Ic62f1def8e043494c9fa6c08a937d7d872513567
Reviewed-on: https://pdfium-review.googlesource.com/31314
Commit-Queue: Tom Sepez <tsepez@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
GIF extensions are laid out as follows: <size byte> <chunk of data>
<size byte> <chunk of data> ... <terminator byte>. The decoder needs
to scan along the data, finding the size bytes to determine where
the block ends in the stream, even if we don't care about the
content. Currently the decoder is storing all of the data chunks,
which are never used and take a lot of time to concat together if
they are very small.
Our implementation of the GIF spec does not handle this extension, so
when scanning for the end of the block, just don't bother storing
data from it.
BUG=chromium:833168
Change-Id: Iadf3ab3afd8145b6c5c7c22c30fe9316efcafc15
Reviewed-on: https://pdfium-review.googlesource.com/31315
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
Reviewed-by: Henrique Nakashima <hnakashima@chromium.org>
Reviewed-by: Lei Zhang <thestig@chromium.org>
|
|
Change-Id: If75c0db94d341715e0bc6406f0fd89812f1ea73c
Reviewed-on: https://pdfium-review.googlesource.com/31311
Commit-Queue: Lei Zhang <thestig@chromium.org>
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
|
|
Change-Id: Ifbacab2868232a5597ef782fb24a749ebb4871bf
Reviewed-on: https://pdfium-review.googlesource.com/31270
Commit-Queue: Lei Zhang <thestig@chromium.org>
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
|
|
- Merge Create() with the ctor.
- Initialize all member variables and mark them const when possible.
- Add an enum class for the predictor type.
- Move it into an anonymous namespace.
Change-Id: If7bb62ddf4a4e00ec2d02355e7c178028a7c187c
Reviewed-on: https://pdfium-review.googlesource.com/31233
Commit-Queue: Lei Zhang <thestig@chromium.org>
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
|
|
Applies std::remove_ptr to the public API types so that we can
deduce a correct unique ptr type no matter how that API might
change away from void* usage.
Creates shorter names for std::unique_ptr<std::remove_pointer<>, ...>
Change-Id: I04a0ff43cb7d5a4d3867939a53a54c9cef00db86
Reviewed-on: https://pdfium-review.googlesource.com/31292
Reviewed-by: Lei Zhang <thestig@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: Tom Sepez <tsepez@chromium.org>
|
|
BUG=pdfium:41
Change-Id: I98070a5a6c88a0769f2b571eae4fe62092f7dfcd
Reviewed-on: https://pdfium-review.googlesource.com/31232
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: Lei Zhang <thestig@chromium.org>
|
|
BUG=chromium:834557
Change-Id: I8fb8d74f87097b39608c3f83f2fa1c4e49e69980
Reviewed-on: https://pdfium-review.googlesource.com/31170
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
|
|
FX_Realloc() never fails. So either remove the check or switch to
FX_TryRealloc().
Change-Id: I11fd02508add50db900a7502835018c2b61bcd09
Reviewed-on: https://pdfium-review.googlesource.com/30712
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: Lei Zhang <thestig@chromium.org>
|
|
In the case that the low level LZW decoder has indicated insufficient
destination size, if another call to decode returns this status after
adjusting the destination size, consider it an error. Subsequent
iterations will not return a larger destination size, since the
expected row size doesn't change, so the code will just loop
infinitely, trying to decode a too large row.
BUG=pdfium:1059
Change-Id: I14c8cee721fa77d8aab5e99deff9406490f01468
Reviewed-on: https://pdfium-review.googlesource.com/30452
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
|
|
It is set in a couple of places, but the value is never used
for any purpose.
Change-Id: I6fc0839bc14b21ee8217fcb3eadf6c252ad67aa7
Reviewed-on: https://pdfium-review.googlesource.com/30330
Reviewed-by: Lei Zhang <thestig@chromium.org>
Commit-Queue: Tom Sepez <tsepez@chromium.org>
|
|
This might make the memory tools more effective in finding OOBs.
Change-Id: Id093bb0a88c37954c80d612ac00b5a168e75bdbf
Reviewed-on: https://pdfium-review.googlesource.com/29550
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: Tom Sepez <tsepez@chromium.org>
|
|
Change-Id: I94412dd183535c18f4421b465f64870b44ad230d
Reviewed-on: https://pdfium-review.googlesource.com/28971
Reviewed-by: Henrique Nakashima <hnakashima@chromium.org>
Commit-Queue: Lei Zhang <thestig@chromium.org>
|
|
Destination variables usually have "dest" or "dst" as the prefix.
Change-Id: If5bb01a5eafe1e4b42d1a6d653abb1b444b1b2fa
Reviewed-on: https://pdfium-review.googlesource.com/28970
Reviewed-by: Henrique Nakashima <hnakashima@chromium.org>
Commit-Queue: Lei Zhang <thestig@chromium.org>
|
|
Helper functions make getting the bpp and component count more readable.
Change-Id: Ie0f97d52136d11ef5251f6e22748e87aea289ae1
Reviewed-on: https://pdfium-review.googlesource.com/28572
Commit-Queue: Lei Zhang <thestig@chromium.org>
Reviewed-by: Henrique Nakashima <hnakashima@chromium.org>
|
|
This CL renames the 3 IFX files in core/fxcrt to Iface instead.
Change-Id: I7cee6836650b71bc5c5729a8147fda62f0910fe3
Reviewed-on: https://pdfium-review.googlesource.com/27970
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
Change-Id: Ic1260417e7d1475dd518655b2ab08f0184955d88
Reviewed-on: https://pdfium-review.googlesource.com/27170
Commit-Queue: Tom Sepez <tsepez@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
Get things out of the .data section.
Change-Id: I375cf00186a3d5d8d10f5d147bd4b692f5db3683
Reviewed-on: https://pdfium-review.googlesource.com/27130
Commit-Queue: Tom Sepez <tsepez@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
Change-Id: I1fd4bf85cd709de1c14ed2895d045018f79bc61f
Reviewed-on: https://pdfium-review.googlesource.com/26950
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: Henrique Nakashima <hnakashima@chromium.org>
|
|
BUG=chromium:811733
Change-Id: Idce50b8ea4ca06fc77d5b3931557cd1d6fe48bd5
Reviewed-on: https://pdfium-review.googlesource.com/26710
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Reviewed-by: Henrique Nakashima <hnakashima@chromium.org>
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
|
|
Currently the BMP decompressor doesn't verify the
returned data length was the amount requested. This
means we may end up with part of our structure
uninitialized if we didn't copy in enough data.
This CL verifies the length of data copied is the
size we require.
BUG=chromium:811853
Change-Id: I20e0e9b3ff1176a620fcb38c3c7e585848b7e428
Reviewed-on: https://pdfium-review.googlesource.com/26850
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
This changes the return value from uint32_t to FX_FILESIZE, which is
the type the methods is uses return. The existing code does an
unguarded static cast, so something like -1 could cause a very large
value being returned.
This change has a cascading impact up to the top of the progressive
codec, which now has to handle negative values gracefully.
Change-Id: I813fb71e932dd5da014dbaed0dbf3bb28f8d4e9f
Reviewed-on: https://pdfium-review.googlesource.com/26450
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
Reviewed-by: Lei Zhang <thestig@chromium.org>
|
|
Bug: 808902
Change-Id: Iad5ab63eeedc3ea85001337ba73626178c71f8b8
Reviewed-on: https://pdfium-review.googlesource.com/26470
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: Nicolás Peña Moreno <npm@chromium.org>
|
|
This also adds a Seek method to CFX_MemoryStream
BUG=pdfium:1007
Change-Id: I2c7e1d3b6d8aff36e302014cb2e8ffc0f23ef7c4
Reviewed-on: https://pdfium-review.googlesource.com/26230
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
Reviewed-by: Lei Zhang <thestig@chromium.org>
|
|
Do some additional checks in test cases where pages were rendered but
the resulting bitmap was immediately destroyed.
Change-Id: I2f4678140cdc672ab4ced70f748135464447ff59
Reviewed-on: https://pdfium-review.googlesource.com/25510
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: Lei Zhang <thestig@chromium.org>
|
|
Add replacement methods that make themselves clear as to what they are
rendering, and return unique_ptrs to help prevent leakage. Mark existing
methods deprecated.
Change-Id: I9055407e614dfbe765428fb32a7da64df3418d1d
Reviewed-on: https://pdfium-review.googlesource.com/25470
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: Lei Zhang <thestig@chromium.org>
|
|
When a very large, bogus value, was being passed in for the number of
bytes to read, this could cause an overflow in the check for if there
is data available.
BUG=chromium:809824
Change-Id: I54af6655b61d39275f3ae6fabb27be2bee3fef05
Reviewed-on: https://pdfium-review.googlesource.com/25871
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
|
|
BUG=pdfium:1006
Change-Id: I84d2a13ac7b24e7f2f5cba8765d6433860241b58
Reviewed-on: https://pdfium-review.googlesource.com/25710
Reviewed-by: Henrique Nakashima <hnakashima@chromium.org>
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
|
|
BUG=chromium:808336
Change-Id: I84443a00e2ebaf0a1e8590464486ec92bcb0e3b5
Reviewed-on: https://pdfium-review.googlesource.com/25690
Reviewed-by: Henrique Nakashima <hnakashima@chromium.org>
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
|
|
BUG=chromium:808336
Change-Id: I3201805a374b5403149eca701714ef4369a2e337
Reviewed-on: https://pdfium-review.googlesource.com/25630
Reviewed-by: Henrique Nakashima <hnakashima@chromium.org>
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
|
|
BMPDecompressor -> CFX_BmpDecompressor
CBmpContext -> CFX_BmpContext
BUG=chromium:808336
Change-Id: If8ef5294171e3619ae1d7c5175ddf23b7673ec78
Reviewed-on: https://pdfium-review.googlesource.com/25611
Reviewed-by: Henrique Nakashima <hnakashima@chromium.org>
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
|