Age | Commit message (Collapse) | Author |
|
BUG=N/A
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1059233005
|
|
Adds a comment and changes some whitespace.
TBR=jun_fang@foxitsoftware.com
Review URL: https://codereview.chromium.org/1059373002
|
|
BUG=N/A
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1057383002
|
|
When there is a wrong keyword like '??ze' in the dictionary
of the trailer, PDFium can't recognize it and aborts further
parsing. After this change, PDFium continues even it can't
get the right size at this moment. It will rebuild the cross
reference table later since the size of the table is missing.
BUG=459580
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1055323003
|
|
space is used"
This reverts commit 5a0e504d53195892458d819e52c62bea0c710bd5.
Original review URL https://codereview.chromium.org/1009513003
Reason for revert: New "corpus" tests show that this is no longer rendering some images. See, e.g. http://chromegw/i/client.pdfium/builders/linux/builds/144/steps/corpus%20tests/logs/stdio for those that diff'd.
TBR=jun_fang@foxitsoftware.com
Review URL: https://codereview.chromium.org/1016823003
|
|
There are two issues in this bug.
One is that JP2 image is not displayed because it aborts loading Jpx bitmap when the number of components in color space is different with that one in JPX images. I found that the number of components in color space isn't updated after it's initialized. For index color space, the component shall inherit from its base color space.
The second issue is that displayed color is not correct after I fixed the first issue. The root cause is that sRGB is used in JPX image, it doesn't need to map from index to RGB again.
BUG=464215
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1009513003
|
|
BUG=382661
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1007643002
|
|
As we remove flate encoded sections from test cases (to
promote clarity), we should first have a simple unit test
for the underlying functionality.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/845313006
|
|
BUG=453723
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/892553002
|
|
This issue was introduced in https://codereview.chromium.org/886953002/.
BUG=454280
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/869343008
|
|
Follow-on from https://codereview.chromium.org/911293002/
Currently, all the subclass constructors are reaching up
into the parent class to do this. Fix this, just because.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/880233005
|
|
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/885223004
|
|
BUG=pdfium:29
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/891113002
|
|
- Add functions to do pitch calculation.
- Delete dead code.
- Don't bother checking pointers before deleting them.
- Don't bother setting pointers to NULL in dtors.
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/890883006
|
|
The bstring's read from file is unused.
The load from file paths aren't taken.
R=jam@chromium.org
Review URL: https://codereview.chromium.org/902943003
|
|
Note that this work was done opposite the usual branch order, because I
didn't want to kill things in master that turned out to be in use in XFA.
Original Review URL: https://codereview.chromium.org/883393007
TBR=jam@chromium.org
Review URL: https://codereview.chromium.org/903893002
|
|
Handles the case of this malformed PDF without crashing. Note that to
get a reproducible test case, a small fix is applied to our .py script
which results in some whitespace/numbering difs across the resources
(down the road, we ought to generate them on the fly in an intermediate
directory).
BUG=454695
R=jun_fang@foxitsoftware.com, thestig@chromium.org
Review URL: https://codereview.chromium.org/895933003
|
|
Any projects DEPS'd into chromium and requiring a /base
subset should have a local copy of that subset in a
separate namespace. This will avoid future naming conflicts.
Re-arrange the directory structure to better identify what
came from chromium's base, and to make drop-in replacement
easier for files that contain hard-coded "base/" in their
#include directives.
R=jam@chromium.org
Review URL: https://codereview.chromium.org/900753002
|
|
Headers in /include directories should be free of implementation details
from third_party. Put the types into a new header outside of /include.
Requires https://codereview.chromium.org/902443003/ before a version containing this patch is rolled into chromium.
R=jam@chromium.org
Review URL: https://codereview.chromium.org/896023003
|
|
This is part of the project to kill off C-style casts in the code base.
Remove implict T* cast operator, and replace potentially unsafe C-style
casts with Get() method.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/889673003
|
|
BUG=https://code.google.com/p/pdfium/issues/detail?id=113
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/880043004
|
|
This issue was caused by integer overflow in CPDF_SampledFunc::v_Call.
The root cause of this issue is that the content in the test pdf file
was damaged. The solution is to check whether an integer is overflow
before using it.
BUG=452455
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/886953002
|
|
Introduce a local static to track the recursion depth, thereby removing
the burden for callers to track and pass a level parameter correctly through
all call paths. Also increase the depth tolerated, since we know there
were paths that were under-counting this value.
BUG=451265
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/868253009
|
|
While we're at it, avoid an indirection through a pointer, and
use a name that isn't reserved for the compiler (leading _ CAP).
This is a small portion of the associated bug:
BUG=https://code.google.com/p/pdfium/issues/detail?id=112
R=brucedawson@chromium.org
Review URL: https://codereview.chromium.org/880663003
|
|
A suitably corrupted file can cause the parser(s) to repeatedly re-read
sections of the file at increasing parser recursion depth until the
stack is exhausted. There is supposed to be a check for this based upon
the parser "level", but not all call paths pass or update the level as
required.
Much as I hate per-class statics, this introduces one to track the depth
so that the check is enforced no matter how screwy the call path might be
that leads the parser to re-enter itself. This is more palatable than trying
to find all these paths and fix them. We know this is OK since there is
only one thread in here modifying the static.
BUG=451830
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/875263002
|
|
We are making checks in the incorrect order. Also adds two test
cases, one for the this crash, and another for the original issue
that motivated the patch.
Original Patch by Bo at https://codereview.chromium.org/866003003/
BUG=450871
R=bo_xu@foxitsoftware.com
Review URL: https://codereview.chromium.org/872563002
|
|
Currently, no callers go through the Interface, which makes having a
separate interface class kind of pointless. After converting callers
away from using the CPDF_DataAvail concrete class, it can be moved
from the header to the .cpp file.
R=bo_xu@foxitsoftware.com
Review URL: https://codereview.chromium.org/873523002
|
|
This is done by explicitly adding a virtual dtor to interface classes,
since the cost is small given that there are already virtual functions.
The exceptions are for classes that have a Release() or Delete() method,
in which case it is non-virtual and protected to indicate that the virtual
class is never the deletion point.
BUG=
R=brucedawson@chromium.org, thestig@chromium.org
Review URL: https://codereview.chromium.org/810883005
|
|
R=brucedawson@chromium.org
Review URL: https://codereview.chromium.org/837533003
|
|
Follow up on https://codereview.chromium.org/733693003
R=brucedawson@chromium.org, tsepez@chromium.org
Review URL: https://codereview.chromium.org/809993004
|
|
Put freetype into third_party directory, cleaning up header files.
Previously freetype header files are in core/src/fxge/freetype and core/include/thirdparties. There were also multiple fx_freetype.h.
This patch removes the additional Foxit wrapper to make further update easier.
Notice, for original freetype source code, the following files are modified and need to be updated accordingly in future update:
third_party/freetype/include/config/ftmodule.h
third_party/freetype/include/config/ftoption.h
BUG=407341
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/815103002
|
|
root object
Before this fix, the root will be released when an indirect object has the
same object number with the root. However, the root object is loaded when
the trailer is parsed. It shall not be updated or replaced anymore.
BUG=425040
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/803103002
|
|
-remove parameter from FPDF_InitLibrary
-remove a bunch of ifdefs that are unused
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/801913002
|
|
BUG=411842
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/792113003
|
|
BUG=438421
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/790363002
|
|
BUG=429134
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/791223002
|
|
BUG=https://code.google.com/p/pdfium/issues/detail?id=86
a "<<" token should follow "trailer" but "<" will trick the parser to make trailer a hex string object.
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/787753002
|
|
Since casts to FX_LPCWSTR have been shown to hide bugs I tried removing
more of them, targeting those places where a cast was used to force a
conversion from CFX_WideString to FX_LPCWSTR, replacing these casts with
calls to the newly added .c_str() function. This revealed two places
where the cast was hiding a bug -- where ->c_str() was required instead!
This removes ~33 FX_LPCWSTR casts and there are ~31 left, many of which
will go away in some future change.
Also includes this change:
Removing unnecessary casts from wchar_t* to wchar_t*, by various names.
Original patch from Bruce Dawson(brucedawson@chromium.org)
R=bo_xu@foxitsoftware.com, tsepez@chromium.org
Review URL: https://codereview.chromium.org/733693003
|
|
R=bo_xu@foxitsoftware.com
Review URL: https://codereview.chromium.org/775903002
|
|
Before this fix, PDF parser aborts the parsering process when detecting an error.
For this case, PDF parser just gives up parsering when it detects that the length of
image stream is incorrect. The solution to this case is to find the tag "endstream"
and "endobj" to calculate the length rather than aborting the parsering process.
BUG=433339
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/743263002
|
|
VC++'s /analyze points out that this expression:
FX_BOOL bCheckRight = type != 'D' || type != 'W';"
is always true. This means that the tests for the right edge of a word
Original patch from Bruce Dawson(brucedawson@chromium.org)
BUG=427616
R=jun_fang@foxitsoftware.com
Review URL: https://codereview.chromium.org/731673003
|
|
Whether ch and iRet are read without being initialized depends on complex
preconditions and cannot be determined by looking at these function.
Therefore it seems prudent to zero initialize them to avoid any risk.
BUG=427616
R=bo_xu@foxitsoftware.com
Review URL: https://codereview.chromium.org/727083002
|
|
The flag variable is conditionally initialized but unconditionally read.
Warning was:
src\fpdfapi\fpdf_page\fpdf_page_pattern.cpp(274) : warning C6001:
Using uninitialized memory 'flag'.
BUG=427616
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/703213004
|
|
Add a check for zero-length keys to avoid hitting the equivalent of |""[1]|.
BUG=https://code.google.com/p/pdfium/issues/detail?id=58
R=jun_fang@foxitsoftware.com
Review URL: https://codereview.chromium.org/665223003
|
|
pTransfer function is released in pDocRender cleanup but is still being accessed in
~CPDF_GeneralStateData in pDocPage cleanup.
BUG=419320
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/662063003
|
|
CPDF_Pattern objects are counted and maintained in m_PatternedMap.
When a CPDF_Pattern object "pattern" is deleted, it's address is marked as NULL in m_PatternMap.
This patch stores the address of CPDF_Pattern's adderss in all objects that references "pattern",
to ensure valid referencing after deletion.
BUG=416319, 419976, 418392
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/656753002
|
|
CPDF_StreamContentParser::Parse.
This is just a bit of defensive programming; I'm not sure the situation can
occur in the current code, but the following code is likely to set off a red
flag to anyone who reads it:
CPDF_StreamParser syntax(pData, dwSize);
m_pSyntax = &syntax;
since the extent of the local |syntax| is far less than the pointer member
|m_pSyntax|. NULL it out before syntax goes out of scope.
R=jun_fang@foxitsoftware.com
Review URL: https://codereview.chromium.org/652063002
|
|
BUG=421196
R=bo_xu@foxitsoftware.com
Review URL: https://codereview.chromium.org/656463006
|
|
BUG=408532
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/524443002
|
|
Images are basic resource and are referred or used by other objects in some cases. Images should be released after the objects who uses these objects. In this case, an image object is accessed in the process of CPDF_TilingPattern's destroy. Unlikely, this image has been destroyed before.
BUG=414046
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/582993002
|