summaryrefslogtreecommitdiff
path: root/core/src/fpdfapi
AgeCommit message (Collapse)Author
2014-09-03Allocate m_pCompData when |m_nComponents| is updated.Bo Xu
When |m_nComponents| is changed from loading stream information, previously allocated memory that depends on |m_nComponents| needes to be freed and allocated again to enforce memory size consistency. BUG=409695 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/528163002
2014-09-02Check m_nComponents when using JBIG2Decodechromium/2146Bo Xu
BUG=409692 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/534763002
2014-09-02Add m_pDocument in CPDF_Color and check if page date has been forced clearBo Xu
This will prevent using freed pattern object. This is a better solution than https://pdfium.googlesource.com/pdfium/+/1b9c5c4dc41956b8c5ab17b9a882adf8a2513768 and in essence revert that patch BUG=409373 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/522483003
2014-08-31Remove the GetValidBpc check in application callers and move it to where ↵Bo Xu
m_bpc is assigned. The problem of using GetValidBpc() in each function call is it could result in mismatch as seen in this case: in ContinueToLoadMask(), m_bpc is re-assigned to 1 if m_bImageMask==1 regardless of the value from GetValidBpc(). This will result in mismatch if another function use the value from GetValidBpc(). The solution could be checking m_bImageMask in another function to make sure m_bpc is consistent, but that makes the code too cumbersome. Also, we have to bring and are bringing in more and more GetValidBpc check, and this will continue with other buggy documents. So better to fix it now. The original rational to use GetValidBpc() in where m_bpc is used is to respect the "raw" data from parsing. However, if it will be ignored anyway and using value from GetValidBpc(), we'd better correct it at the very beginning. BUG=408541 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/518443002
2014-08-28No need to release resources in destructor of CPDF_ShadingObjectchromium/2145chromium/2144chromium/2143chromium/2142chromium/2141chromium/2140Bo Xu
CPDF_DocPageData::~CPDF_DocPageData() will force to release all resources, so no need to do it here, which can result in heap-use-after-free trouble. BUG=408164 R=jun_fang@foxitsoftware.com, tsepez@chromium.org Review URL: https://codereview.chromium.org/513063003
2014-08-27Use valid bpc value in LoadPalette() and ContinueToLoadMask()Bo Xu
BUG=408141, 408147 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/508253003
2014-08-27Fix a bug when looping through m_pCompDataBo Xu
BUG=408154 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/509613005
2014-08-25Set m_pLinearized to NULL after releaseBo Xu
BUG=406868 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/504993002
2014-08-25Perform better input checks in early steps of parser.Tom Sepez
BUG=406591 R=jun_fang@foxitsoftware.com Review URL: https://codereview.chromium.org/501823003
2014-08-25Use number of components from ICC profile and alternate color spaceBo Xu
BUG=406806 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/503883002
2014-08-25Add GetValidBpc() check in CPDF_DIBSource::CreateDecoder()Bo Xu
BUG=406908 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/504673002
2014-08-25Add GetValidBpc() check in CPDF_DIBSource::GetScanLineBo Xu
BUG=406600, 406895 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/497733005
2014-08-25Revert of Use number of components from ICC profile and alternateCS ↵Bo Xu
(patchset #1 of https://codereview.chromium.org/493163003/) Reason for revert: Needs to address comments before landing Original issue's description: > Use number of components from ICC profile and alternate color space > > BUG=406806 > > Committed: https://pdfium.googlesource.com/pdfium/+/be83103 TBR=tsepez@chromium.org,jun_fang@foxitsoftware.com NOTREECHECKS=true NOTRY=true BUG=406806 Review URL: https://codereview.chromium.org/504883003
2014-08-25Use number of components from ICC profile and alternate color spaceBo Xu
BUG=406806 Review URL: https://codereview.chromium.org/493163003
2014-08-22Fix the issue 'SEGV on unknown address in CPDF_DataAvail::GetObjectSize'Jun Fang
BUG=387983 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/454283002
2014-08-22Fix a hang issue due to inconsistent page number in the test fileJun Fang
Pdfium reads the page number from the field of '/Count' but it can't load the number assigned by this field due to the damaged data. Add a check to ensure that the required page should be one of loaded pages. BUG=406090 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/477873003
2014-08-22Check the number of component in ICCBased colorspaceBo Xu
From PDF reference 8.6.5.5, this could only be 1, 3 or 4. BUG=387968 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/464083003
2014-08-21For pattern colorspace, its base colorspace should not be a pattern colorspaceBo Xu
BUG=405588 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/496883002
2014-08-19Fix bug in CPDF_PageContentGenerate constructor and destructorBo Xu
m_pageObjects never gets initialize, thus making CPDF_PageContentGenerate::GenerateContent() doing nothing. Since the CPFD_PageObject are owned by m_pPage, no need to release them in the destructor. BUG=385119 R=thestig@chromium.org, vitalybuka@chromium.org Review URL: https://codereview.chromium.org/470253004
2014-08-18Font is used after release in CPDF_TextStateData::~CPDF_TextStateDataJun Fang
BUG=400996 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/477323002
2014-08-18Add a null pointer check before getting the family name of the given color ↵Jun Fang
space in CPDF_ColorSpace::Load The test file defines a wrong color space object (7 0 obj). In the content of 7 0 obj, the reserved obj (0 0 R) is used. The process of loading color space returns NULL when the reserved obj (0 0 R) is found. For the error color space, it only needs to return NULL when an error is detected. BUG=403032 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/477413002
2014-08-18No need to release m_pBaseCS in CPDF_IndexedCS and CPDF_PatternCSBo Xu
m_pBaseCS will be released in CPDF_DocPageData::Clear. BUG=401372 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/472653002
2014-08-13Add FX_OVERRIDE and use it for virtual functions of FX_FINAL classes.Tom Sepez
Should there be cases where this fails to compile, it indicates a mistake, either an incorrectly declared overrriden virtual method, or a method that should be declared non-virtual. The only issues were with CPDF_CustomAccess::GetBlock(), CPDF_CustomAccess::GetByte(), and CPDF_CustomAccess::GetFullPath(). These don't appear to be used anywhere, and are removed. Two members are removed that are no longer needed once those methods are removed. R=jam@chromium.org, jun_fang@foxitsoftware.com Review URL: https://codereview.chromium.org/454983003
2014-08-12Fix missing or broken include guard macros in pdfium headers.Tom Sepez
This has no ill-effect at present, but may be distracting when viewing the file since it just looks wrong. R=jun_fang@foxitsoftware.com Review URL: https://codereview.chromium.org/461933003
2014-08-12For a CPDF_Color object, when set a new pattern to it, disconnect its link ↵Bo Xu
with the old pattern This patch is related to https://pdfium.googlesource.com/pdfium/+/1b9c5c4dc41956b8c5ab17b9a882adf8a2513768 BUG=402260 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/460383004
2014-08-05Fix the problem that memory is accessed after released due to invalid type-castJun Fang
BUG=387774 R=palmer@chromium.org, tsepez@chromium.org Review URL: https://codereview.chromium.org/441503003
2014-08-05The root cause of this issue is shown as below:Jun Fang
Patterns are managed in CPDF_DocPageData. When a document is closed, all patterns will be released in the deconstruction of CPDF_DocPageData. However, some patterns which are referenced in CPDF_Color can't get the notification from the destroy of CPDF_DocPageData. It will cause use-after-free in CPDF_Color::~CPDF_Color. BUG=392719 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/439693002
2014-08-04Fix a segmentation fault in CPDF_DataAvail::CheckPage due to invalid usage ↵Jun Fang
of i++ BUG=387979 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/439733002
2014-08-01Add more |bpc| value check in GetValidBpc()Bo Xu
BUG=382988 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/430733004
2014-07-31Correct the names of the FX_SAFE_* typedefs.Chris Palmer
R=jun_fang@foxitsoftware.com Review URL: https://codereview.chromium.org/417263008
2014-07-30Fix uninitialized coords and one of infinite loopsJUN FANG
BUG=387854 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/372453005
2014-07-30Remove a few unused variables, functions, and member variables.Nico Weber
No intended behavior change. BUG=pdfium:29 R=bo_xu@foxitsoftware.com Review URL: https://codereview.chromium.org/426763003
2014-07-30Fix potential integer overflow in fpdf_render_loadimage.cppJUN FANG
BUG=391929 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/419693003
2014-07-29Fix the typo of "Resources" keywordBo Xu
BUG=None R=thestig@chromium.org Review URL: https://codereview.chromium.org/420793004
2014-07-29Fix a few more warnings in chromium_code mode.Nico Weber
No intended behavior change. - Remove more unused variables, functions, member variables. - Put a few constructor initializers in the order they execute in. - Add braces for subobject initializers. - Fix a handful of signed / unsigned comparisons. BUG=pdfium:29 R=bo_xu@foxitsoftware.com Review URL: https://codereview.chromium.org/429593005
2014-07-29Remove a few unused variables, functions, and tables.Nico Weber
Found by clang's -Wunused-variable, -Wunused-function, -Wunused-const-variable. BUG=none R=bo_xu@foxitsoftware.com Review URL: https://codereview.chromium.org/404653005
2014-07-24CalRGB color correctionBo Xu
BUG=pdfium:19 R=thestig@chromium.org Review URL: https://codereview.chromium.org/403163002
2014-07-24This change is for fixing the potential integer overflow from "offset + size"JUN FANG
BUG=382667 R=palmer@chromium.org Review URL: https://codereview.chromium.org/322333002
2014-07-18Fix the potential integer overflow from "offset + size".Chris Palmer
BUG=382667 R=jschuh@chromium.org, jun_fang@foxitsoftware.com Review URL: https://codereview.chromium.org/390983007
2014-07-18pdfium: Fix all -Wdelete-non-virtual-dtor violations on Mac.Nico Weber
Calling `delete` on an object of a type that has virtual functions but not a virtual destructor is questionable: Since the object has virtual functions, it likely has subclasses, so if it's deleted through the base pointer and the destructor isn't virtual, the subclass destructor won't be called. In most cases, the classes getting deleted can just be marked final to tell the compiler that it can't possibly have subclasses (this also enables the compiler to generate better code). Two classes didn't have any sub- or superclasses but virtual functions - this doesn't make sense, so make all methods of these classes non-virtual. (Also delete an unused function on one of the two classes.) In one case, a class actually did have a subclass that needs to be deleted virtually, so mark one destructor as virtual. BUG=none R=bo_xu@foxitsoftware.com Review URL: https://codereview.chromium.org/370853002
2014-07-17Fix garbled text when loading linearized pdf documentBo Xu
BUG=260112, 249006, 275281, 354966, 365302, 236952 R=thestig@chromium.org Review URL: https://codereview.chromium.org/400083002
2014-07-16Remove unused variable orig_size.Bo Xu
Original patch by Andrey Khalyavin <halyavin@google.com> BUG=N/A R=bo_xu@foxitsoftware.com Review URL: https://codereview.chromium.org/384143002
2014-07-15Error handling for invalid component number in CPDF_ICCBasedCS::v_LoadJun Fang
BUG=386728 R=palmer@chromium.org Review URL: https://codereview.chromium.org/397803002
2014-07-14Fix uninitialized coords in _DrawCoonPatchMeshesJun Fang
BUG=391470 R=palmer@chromium.org Review URL: https://codereview.chromium.org/384593002
2014-07-14Fix uninitialized nresults in GetRGBJun Fang
BUG=387809 R=palmer@chromium.org Review URL: https://codereview.chromium.org/379283003
2014-07-14Fix uninitialized RGB in DrawShadingJun Fang
BUG=386730 R=palmer@chromium.org Review URL: https://codereview.chromium.org/379923012
2014-07-10Fix uninitialized okeybuffoxit
BUG=387011 R=palmer@chromium.org Review URL: https://codereview.chromium.org/382603003
2014-07-10Fix uninitialized trianglefoxit
BUG=387835 R=palmer@chromium.org Review URL: https://codereview.chromium.org/381173002
2014-07-10Zero out temporary arrays before use in PDF encryption.Bo Xu
BUG=387834 R=palmer@chromium.org Review URL: https://codereview.chromium.org/386663003
2014-07-09Fix a null object bugBo Xu
BUG=387975 R=thakis@chromium.org Review URL: https://codereview.chromium.org/379273002