Age | Commit message (Collapse) | Author |
|
There are places where an object "child" has a raw pointer
back to object "owner" with the understanding that owner will
always outlive child.
Violating this constraint can lead to use after free, but this
requires finding two paths: one that frees the objects in the
wrong order, and one that uses the object after the free. The
purpose of this patch is to detect the constraint violation
even when the second path is not hit.
We create a template that is used in place of TYPE*. It's dtor,
when a memory tool is present, goes out and probes the first
byte of the object to which it points. Used in "child", this
allows the memory tool to prove that the "owner" is still alive
at the time the child is destroyed, and hence the constraint is
never violated.
Change-Id: I2a6d696d51dda4a79ee2f00a6752965e058a6417
Reviewed-on: https://pdfium-review.googlesource.com/5475
Commit-Queue: Tom Sepez <tsepez@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
Reviewed-by: Lei Zhang <thestig@chromium.org>
|
|
Add a few constants in the process.
Change-Id: Id69b939e4ea6a3de879e0a1f29d1453e95c838db
Reviewed-on: https://pdfium-review.googlesource.com/5552
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
The gamma value is always 2.2, which means the table entries all point
to themselves. Remove the usage of the gamma table.
Change-Id: Idbb06015e8acd9f106f4bd1da5ef06563fb26296
Reviewed-on: https://pdfium-review.googlesource.com/5352
Reviewed-by: Lei Zhang <thestig@chromium.org>
Reviewed-by: Nicolás Peña <npm@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
This Cl updates CPSOutput to inherit from IFX_WriteStream and converts
the CFX_PSRenderer to accept an IFX_WriteStream instead of a CPSOutput.
Change-Id: Ibde5c7da1c2f6df0a10cb6e9a470e18fbab167b8
Reviewed-on: https://pdfium-review.googlesource.com/5431
Reviewed-by: Nicolás Peña <npm@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
Change-Id: I9b7a1c101e3c73d0270f9216225e5a13d9937b97
Reviewed-on: https://pdfium-review.googlesource.com/5332
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: Lei Zhang <thestig@chromium.org>
|
|
This Cl renames the CFX_RenderDevice subclasses to make their usage
clearer.
Change-Id: Ie820b57df9a3743ce8c6893fb483b398a1f1bdbe
Reviewed-on: https://pdfium-review.googlesource.com/5390
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
The times we need the DC we call ::GetDC to retrieve it from the platform.
These methods are unused.
Change-Id: If83aa9b37ae2231d8029db6f2e6d8d17f1825611
Reviewed-on: https://pdfium-review.googlesource.com/5350
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
This Cl consolidates the code to load maps and codecs into the
CPDF_ModuleMgr class instead of putting it directly into fpdfview.
Change-Id: Ia08f212f43a33e51ab1c7832051ee4f28eecb50d
Reviewed-on: https://pdfium-review.googlesource.com/5335
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|
|
In AGG, len is of type coord_type, which we have as int16_t, but we can add to
it large values, causing it to become negative. Stop the rendering when that
occurs.
Bug: chromium:719258
Change-Id: Ic7497666b01220a9cd3e7d749f1fc6ae4a210870
Reviewed-on: https://pdfium-review.googlesource.com/5370
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: Nicolás Peña <npm@chromium.org>
|
|
Change-Id: Ic602126dc5407fcbb56dca5ec43e1824a5ca55b6
Reviewed-on: https://pdfium-review.googlesource.com/5251
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: Lei Zhang <thestig@chromium.org>
|
|
Change-Id: I9306afed2747e3b0054adeea1d39916cac47f5c5
Reviewed-on: https://pdfium-review.googlesource.com/5091
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
This CL cleans up a bunch of nits and improves ownership in the CStretchEngine
class.
Change-Id: I6527f29c50dab329ef58d0724cd24b94fca50ee6
Reviewed-on: https://pdfium-review.googlesource.com/4970
Commit-Queue: Lei Zhang <thestig@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|
|
Remove IFX_Pause parameters which are passed but not used.
Change-Id: I51a491c7f9a429676d114a387390fac3ae65e187
Reviewed-on: https://pdfium-review.googlesource.com/4950
Reviewed-by: Nicolás Peña <npm@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
This CL does more cleanup in CFX_ScanlineCompositor:
- Use private initization methods instead of passing member refs to namespace.
- Own the m_pSrcPalette properly by getting rid of the raw pointer.
- Remove members that are unused.
- Fix some nits.
Change-Id: I2447032f8f92614dc026f62bd0cdcd2204ab37de
Reviewed-on: https://pdfium-review.googlesource.com/4851
Commit-Queue: Nicolás Peña <npm@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|
|
Many of these are already unique_ptrs.
Change-Id: I3695d4ff5a8f7483ad994ac7657897fd55069cd5
Reviewed-on: https://pdfium-review.googlesource.com/4690
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
If any of the values in the matrix used to initialize the
CFX_BilinearMatrix are close to INT_MAX then the numbers can overflow
when multipled causing undefined behaviour.
This Cl uses a pdfium::CheckedNumeric to handle the multiplications and
then assigns back to the int value if valid.
Bug: chromium:702041
Change-Id: Ia1895e2e39c0ac2bf099d45f97e33209cb50d134
Reviewed-on: https://pdfium-review.googlesource.com/4495
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
Change-Id: Ie50deca34dd3c122efb483ef210f96798abe9e4e
Reviewed-on: https://pdfium-review.googlesource.com/4498
Reviewed-by: Lei Zhang <thestig@chromium.org>
Commit-Queue: Tom Sepez <tsepez@chromium.org>
|
|
Change-Id: I656e8028001fadd7869a08593f10b0b8e25fe01c
Reviewed-on: https://pdfium-review.googlesource.com/4497
Commit-Queue: Tom Sepez <tsepez@chromium.org>
Reviewed-by: Lei Zhang <thestig@chromium.org>
|
|
Fix illegal leading underscore in class name while at it.
Change-Id: Idd138eb42f4a0676552aa02d7dda4c29d1877348
Reviewed-on: https://pdfium-review.googlesource.com/4438
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: Tom Sepez <tsepez@chromium.org>
|
|
Avoid a string duplication along the way.
Change-Id: I866c34ad1afb20b9578aeb7cabeb8a185674c884
Reviewed-on: https://pdfium-review.googlesource.com/4437
Reviewed-by: Lei Zhang <thestig@chromium.org>
Commit-Queue: Tom Sepez <tsepez@chromium.org>
|
|
Change-Id: Ie34942e6e577dfa270417b17c59a51813f310d27
Reviewed-on: https://pdfium-review.googlesource.com/4436
Commit-Queue: Tom Sepez <tsepez@chromium.org>
Reviewed-by: Lei Zhang <thestig@chromium.org>
|
|
Avoid cleanup on every return path.
Change-Id: I6978adb6f31020d812ac88c5d46c703d1461d373
Reviewed-on: https://pdfium-review.googlesource.com/4435
Reviewed-by: Lei Zhang <thestig@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: Tom Sepez <tsepez@chromium.org>
|
|
Change-Id: Ic4e766d9417f9a9ece5f9e4269d0f96e1e91639b
Reviewed-on: https://pdfium-review.googlesource.com/4392
Commit-Queue: Nicolás Peña <npm@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|
|
This CL cleans up the fx_extension file. The stream code was moved to
fx_stream. IFX_FileAccess was removed and CFX_CRTFileAccess split to its
own file. Code shuffled from header to cpp file.
Change-Id: I700fdfcc9797cf4e8050cd9ba010ad8854feefbf
Reviewed-on: https://pdfium-review.googlesource.com/4371
Reviewed-by: Nicolás Peña <npm@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
Change-Id: I5b78fe4238a68bb6ba56aa76b53b315ef6f8574c
Reviewed-on: https://pdfium-review.googlesource.com/3730
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
The code is completely separated into CMYK vs RGB cases, so having two
separate private methods is better.
Change-Id: I67f885ee2f4393b722c6d6e770b230a5aa6b0cb1
Reviewed-on: https://pdfium-review.googlesource.com/4372
Commit-Queue: Nicolás Peña <npm@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
Reviewed-by: Wei Li <weili@chromium.org>
|
|
This Cl cleans up the unused defines in fx_codepage.h. The
FXFONT_CHARSET_ defines are replaced with fx_codepage defines, this
moves fx_codepage into core instead of xfa only. Static asserts are
added to verify the public/ charsets match the fx_codepage charsets.
Change-Id: Ie2f749e093de60a9a6743128a1fb087912e4cc96
Reviewed-on: https://pdfium-review.googlesource.com/4316
Commit-Queue: dsinclair <dsinclair@chromium.org>
Commit-Queue: Nicolás Peña <npm@chromium.org>
Reviewed-by: Nicolás Peña <npm@chromium.org>
|
|
- The agg driver never initializes an ICC transform and always uses an
alpha_flag equal to 0 in a couple of methods.
- The skia driver is not using CFX_Renderer. If it needs it later, we should
move it out of fx_agg_driver.cpp into its own file, instead of duplicating the
code.
Change-Id: Ibd721cf1760270bea3f8f95d6e1e8edbc6ba1792
Reviewed-on: https://pdfium-review.googlesource.com/3952
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Reviewed-by: Cary Clark <caryclark@google.com>
Commit-Queue: Nicolás Peña <npm@chromium.org>
|
|
Change-Id: I85c8423c177fd7ecd5da90ef89419efc0f9cf44b
Reviewed-on: https://pdfium-review.googlesource.com/4262
Reviewed-by: Lei Zhang <thestig@chromium.org>
Commit-Queue: Tom Sepez <tsepez@chromium.org>
|
|
Skia tracks the font passed so it can
use it later to draw. In XFA's case,
the font is discarded after Skia sees it,
but before it draws with it.
Track the TypeFace instead, which
remains available across the XFA
lifetime.
R=dsinclair@chromium.org
Bug: 705193
Change-Id: I4fc9fee4a7d96ea25f242975f6c0d10941f5c549
Reviewed-on: https://pdfium-review.googlesource.com/4058
Reviewed-by: Nicolás Peña <npm@chromium.org>
Commit-Queue: Nicolás Peña <npm@chromium.org>
|
|
If a clip with bounds (0, 0, 0, 0) is used to specify
the limits of a gradient, the clipping rectangle will
be degenerate.
Leave the clip empty in this case.
R=dsinclair@chromium.org
Bug: 705736
Change-Id: I4a5845459c1527f2c643563d6bef4d6dcc6781d3
Reviewed-on: https://pdfium-review.googlesource.com/4071
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: Cary Clark <caryclark@google.com>
|
|
To help find future bugs, add printf and checking
to see that the skia clip stack and the pdfium
clip stack are in sync.
Bug: 705783,795821
Change-Id: I3ed39cbe2514ab18e5bee6eb363cc2d0f042bff5
Reviewed-on: https://pdfium-review.googlesource.com/4090
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
The pointer members point to owned arrays. Avoid FX_Free in CFX_Palette.
Use std::pair and avoid the use of a buggy quicksort.
Change-Id: I5d5471d56dbfd32800e204c84664c436d1fbab08
Reviewed-on: https://pdfium-review.googlesource.com/4038
Commit-Queue: Nicolás Peña <npm@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|
|
Change pass by reference to const reference or pointer.
Change-Id: Ic007f14e6569679a846980a96cc627eac4ecd5d6
Reviewed-on: https://pdfium-review.googlesource.com/3953
Commit-Queue: Tom Sepez <tsepez@chromium.org>
Reviewed-by: Lei Zhang <thestig@chromium.org>
|
|
m_Transparency is set in the Init method of the CFX_ScanlineCompositor. After
the removal of the icc transform, it is clear that m_Transparency can only take
values strictly less than 64.
Change-Id: I6c33b9971b3b8a1ec45fbf50901f9815f323a2a5
Reviewed-on: https://pdfium-review.googlesource.com/3970
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
- All callers of CFX_DIBitmap methods use nullptr as the ICC Transform.
- The CFX_ScanlineCompositor is always initialized with a null ICC transform.
Many of its methods call TranslateScanline from the ICC module. This method
casts just uses ((CLcmsCmm*)pTransform)->m_hTransform, and this should not be
done when pTransform is nullptr.
Change-Id: I1b846d1f20699fa017cb9a276be3214eb8fabd4b
Reviewed-on: https://pdfium-review.googlesource.com/3931
Commit-Queue: Nicolás Peña <npm@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|
|
Change-Id: Ia4181a2838de60e4e177165b3689338c86f45771
Reviewed-on: https://pdfium-review.googlesource.com/3817
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: Nicolás Peña <npm@chromium.org>
|
|
Remove default params, use more unique_ptr, and fix some nits.
Change-Id: I4ed9a576fb3ebd9afd64c6544d1f6a1103e9d270
Reviewed-on: https://pdfium-review.googlesource.com/3872
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: Nicolás Peña <npm@chromium.org>
|
|
If windows is unable to resolve the font stream,
use the custom empty handler instead, which
maps to freetype.
R=dsinclair@chromium.org,bungeman@google.com
Bug:chrome:705580
Change-Id: Ib1732f29f462fc5d5e42329088c80c83abe3ea25
Reviewed-on: https://pdfium-review.googlesource.com/3771
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: Cary Clark <caryclark@google.com>
|
|
This CL removes dib_int.h by moving CStretchEngine to its own file, other
classes to where they are used, and the remaining to fx_dib.h.
Change-Id: Ie2d4bb39389737cd631f92b88000ea942608da21
Reviewed-on: https://pdfium-review.googlesource.com/3714
Reviewed-by: Lei Zhang <thestig@chromium.org>
Commit-Queue: Nicolás Peña <npm@chromium.org>
|
|
This CL avoids some void* usage and removes CancelDIBits after making a
CPDF_ImageRenderer own its CFX_ImageRenderer.
Bug: pdfium:686
Change-Id: Ied205c57a858cc14d8e2c592db3444ed465b2796
Reviewed-on: https://pdfium-review.googlesource.com/3673
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: Nicolás Peña <npm@chromium.org>
|
|
After this CL, fx_dib.h only has some definitions used in multiple places.
Definitions that were of restricted usage were moved out to the corresponding
place. Includes in fx_dib were reduced, thus revealing other needed includes.
Change-Id: I3607da0af81c491256d64c0aa085225631efbdcc
Reviewed-on: https://pdfium-review.googlesource.com/3594
Commit-Queue: Nicolás Peña <npm@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
This Cl drops the FXSYS_ from utility methods which are the same on all
platforms.
Bug: pdfium:694
Change-Id: I0859b60c5ba7af68c929a519dd76f48c27a6c896
Reviewed-on: https://pdfium-review.googlesource.com/3614
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
This Cl drops the FXSYS_ from mem methods which are the same on all
platforms.
Bug: pdfium:694
Change-Id: I9d5ae905997dbaaec5aa0b2ae4c07358ed9c6236
Reviewed-on: https://pdfium-review.googlesource.com/3613
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
This Cl drops the FXSYS_ from file methods which are the same on all
platforms.
Bug: pdfium:694
Change-Id: I095c64fed69bf70e00a2594fa94a1fdc71a7060e
Reviewed-on: https://pdfium-review.googlesource.com/3610
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
This Cl drops the FXSYS_ from math methods which are the same on all
platforms.
Bug: pdfium:694
Change-Id: I85c9ff841fd9095b1434f67319847ba0cd9df7ac
Reviewed-on: https://pdfium-review.googlesource.com/3598
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|
|
Move more classes into their own files.
Change-Id: Ic505be9e406eafb378235216ea19221ce172f32e
Reviewed-on: https://pdfium-review.googlesource.com/3593
Commit-Queue: Nicolás Peña <npm@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
- Moved CFX_DIBitmap code to its own cpp file.
- Moved CFX_DIBExtractor out from fx_dib.h
Change-Id: I7b3fe9c657a350320b7ecb3f005017080491fe29
Reviewed-on: https://pdfium-review.googlesource.com/3591
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
Change-Id: I51bdba3e3d48533398618942669cf5ea93bb2f9a
Reviewed-on: https://pdfium-review.googlesource.com/3590
Commit-Queue: Nicolás Peña <npm@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
Moved CFX_ImageRenderer, CFX_ImageTransformer to their own files.
Change-Id: Ic98403f62bea317600a933f79946a2a9bad30eeb
Reviewed-on: https://pdfium-review.googlesource.com/3551
Commit-Queue: Nicolás Peña <npm@chromium.org>
Reviewed-by: Lei Zhang <thestig@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|