| Age | Commit message (Collapse) | Author |
|---|
|
Also reduce nesting in if statements, remove CFX_SmartPointer, and
use more unique_ptrs.
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1393303004 .
|
|
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1360103002 .
|
|
- Use std::vector<uint8_t> instead of raw uint8_t*
- Make ICodec_ScanlineDecoder::GetScanline() return const uint8_t*
- Add FxFreeDeleter, use it in CCodec_ImageDataCache.
- Make CCodec_ImageDataCache encapsulate its data members.
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1361053002 .
|
|
Code is mostly stolen from Chromium's scoped_ptr.
- Add unit tests.
- Use this to fix a leak.
BUG=chromium:531408
R=jyasskin@chromium.org, tsepez@chromium.org
Review URL: https://codereview.chromium.org/1351383004 .
|
|
Lookups are log(n), but random insertions could result in n^2
behaviour. Replace with maps and sets.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1289703003 .
|
|
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1294683003 .
|
|
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1297723002 .
|
|
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1297713003 .
|
|
Cloning a CPDF_Stream actually happens via CPDF_Object::Clone().
Transitively, remove:
- GetStreamFilter()
-- all the filters.
R=jam@chromium.org
Review URL: https://codereview.chromium.org/1288543002 .
|
|
Hence, some of the routines taking filename strings are unused. This,
in turn allows us to get rid of some other fopen-ishy looking things
inside the library.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1264423003 .
|
|
No behavior change.
Generated by:
find . -name '*.cpp' -o -name '*.h' | \
grep -E -v 'third_party|thirdparties|lpng_v163' | \
xargs ../../buildtools/mac/clang-format -i
See thread "tabs vs spaces" on pdfium@googlegroups.com for discussion.
BUG=none
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1265503005 .
|
|
These are unused until we get to XFA.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1255113003 .
|
|
This reverts commit ff46aaf499edcf153ee2f57c7016587aa96dcfa0.
TBR=thestig@chromium.org
Review URL: https://codereview.chromium.org/1255293002 .
|
|
Try to reland this patch after fixing underlying issues that
caused it to be reverted.
fx_system.h is the only manual edit.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1258093002 .
|
|
This reverts commit 320b2313d19869333ed453af546e61a9fc2b81c9.
Reason for revert: build failure.
TBR=thestig@chromium.org
Review URL: https://codereview.chromium.org/1255693002 .
|
|
Fully automatic change, execpt for cleanup in fx_system.h
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1254703002 .
|
|
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1181593003.
|
|
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1187463003.
|
|
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1177973008.
|
|
At one point in time, it may have made sense to indicate the
expected alignment of the memory you're about to copy, but that
was last century. The compiler will take care of it just fine.
I stopped short of removing the FXSYS_ wrapper macros entirely.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1179693003.
|
|
These stand for const CFX_{Byte,Wide}StringC&, which is just
monumentally confusing, since there are so many string types
running around here.
The following had manual changes:
core/src/fpdfapi/fpdf_edit/fpdf_edit_content.cpp
core/src/fpdfapi/fpdf_render/fpdf_render_loadimage.cpp
core/src/fpdfdoc/doc_form.cpp
fpdfsdk/src/fpdf_ext.cpp
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1180593004.
|
|
This involves fixing some multiple variable per line
declarations, as the textually-substituted "*" applies
only to the first one.
This involves moving some consts around following the
substitution.
This involves replacing some typedefs used as constructors
with better code.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1171733003
|
|
It's redundant nowadays to provide our own equivalents, now
that this is done for us by the system header.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1177483002
|
|
Get rid of leading _CAPITAL identifiers.
A large number of these didn't actually match the filename.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1160443004
|
|
This avoids unchecked multiplications when computing a size argument
to malloc(). Such an overflow is very scary, and can result in
exploitable bugs.
Along the way, kill off some return checks, since we know this can't
return NULL.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1143663004
|
|
This mimics the std:: behaviour.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1130053003
|
|
Replace them with |new| so that we can tell by the presence of FX_NEW
the places that still need to be audited.
R=thestig@google.com, thestig@chromium.org
Review URL: https://codereview.chromium.org/1052553006
|
|
CFX_Object is a type that implements its own new operators that return
NULL on error. There's no need for this given the |new (std::nothrow)|
syntax; in fact, the current code can only work if there is no activity
in the constructors. This may explain the pervasive lack of
constructors and reliance on Init() methods throughout the codebase.
The activity takes place in fx_memory.h, where FX_NEW is mapped onto
the std::nothrow syntax. The rest is just cleanup.
Down the road, we will simply throw and remove all the error-checking
paths for new objects. Landing this patch first will at least show a
simple path back to the old behaviour without having to re-introduce
CFX_Object should someone want to do so in their own fork.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1088733002
|
|
Confirmed manually that:
g++ --std=c++0x -o /dev/null -I. ... -c fx_xxxxx.h
is now error-free for the files in this directory. Also kill
some ifndef's around inclusion since we know this doesn't
provide benefit with modern compilers.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1064433005
|
|
This is part of the project to kill off C-style casts in the code base.
Remove implict T* cast operator, and replace potentially unsafe C-style
casts with Get() method.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/889673003
|
|
A suitably corrupted file can cause the parser(s) to repeatedly re-read
sections of the file at increasing parser recursion depth until the
stack is exhausted. There is supposed to be a check for this based upon
the parser "level", but not all call paths pass or update the level as
required.
Much as I hate per-class statics, this introduces one to track the depth
so that the check is enforced no matter how screwy the call path might be
that leads the parser to re-enter itself. This is more palatable than trying
to find all these paths and fix them. We know this is OK since there is
only one thread in here modifying the static.
BUG=451830
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/875263002
|
|
This is done by explicitly adding a virtual dtor to interface classes,
since the cost is small given that there are already virtual functions.
The exceptions are for classes that have a Release() or Delete() method,
in which case it is non-virtual and protected to indicate that the virtual
class is never the deletion point.
BUG=
R=brucedawson@chromium.org, thestig@chromium.org
Review URL: https://codereview.chromium.org/810883005
|
|
FX_ArraySize macro.
pdfium has numerous places where the number of elements in an array is
calculated with expressions like:
sizeof(cFormats)/sizeof(FX_LPCWSTR)
This is suboptimal because it is verbose, it is easy to get wrong, and
it cannot be determined through casual inspection whether the code is
correct. It will give incorrect results if cFormats is a pointer instead
of an array and it will give incorrect results if FX_LPCWSTR is not the
type of the array elements.
The FX_WSTRC macro in fx_string.h which I fixed was particularly scary
because it would silently misbehave if passed a pointer.
The FX_ArraySize macro which I have added and started using (taken from
arraysize in v8's macros.h) is easier to use and will always give correct
results. If passed a pointer it will fail to compile.
For this change I only fixed instances of sizeof(FX_LPCWSTR). There
appear to be about 150 other places in the pdfium code that could
benefit from using FX_ArraySize.
R=bo_xu@foxitsoftware.com, tsepez@chromium.org
Review URL: https://codereview.chromium.org/729293003
|
|
BUG=pdfium:19
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/403163002
|
|
The |nGrowBy| argument to |SetSize| was always -1, which caused the
effective m_nGrowBy value to always be its default value: 0. So it was not
needed, and was cluttering up the logic.
BUG=384662
Check for integer overflow in CFX_BasicArray.
BUG=384662
R=bo_xu@foxitsoftware.com, rsesek@chromium.org
Review URL: https://codereview.chromium.org/415803002
|
|
BUG=
R=palmer@chromium.org
Review URL: https://codereview.chromium.org/372473003
|
|
BUG=382656
R=palmer@chromium.org
Review URL: https://codereview.chromium.org/334573007
|
|
|
|
|
