Age | Commit message (Collapse) | Author |
|
Revert "Revert "Fix else-after-returns throughout pdfium.""
This reverts commit 4eb4d7f6c707cc2c23c806aa540d055c8832b55d.
Fix one naming conflict.
TBR=thestig@chromium.org
Review URL: https://codereview.chromium.org/1243953004 .
|
|
This reverts commit 7cc97521db1e52d5927f5605de5f9a7102f8af40.
|
|
Driven by CS search for
pcre:yes file:third_party/pdfium/ -file:pdfium/third_party/
\breturn\b[^;]*;\s*\n*\s*\}*\s*\n*\r*else
Note: Care is required to ensure the preceding block is not an else-if.
As usual, removed any tabs I saw.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1243883003 .
|
|
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1249643003 .
|
|
(cherry picked from commit 8a0a834d2aea61fc92590839b86471ac73daa967)
Original Review URL: https://codereview.chromium.org/1247213002 .
Note: inadvertantly landed on XFA first.
TBR=thestig@chromium.org
Review URL: https://codereview.chromium.org/1252013002 .
|
|
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1195363002 .
|
|
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1240713004 .
|
|
Allows the following command to return only legitimate
warnings:
buildtools/checkdeps/checkdeps.py --resolve-dotdot
The remaining warnings consist of:
- fx_parser_filters.cpp, due to inclusion of
third_party/zlib_v128/zlib.h, showing the lack
of a header and some prototypes in that .cpp file.
- third_party/*, due to inclusion of fx_system.h and
the like, indicating adulterated libraries that should
be restored to their pristine state.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1233583004 .
|
|
Standard delete operator should do noting for nullptr.
Overloaded CJBig2_Object::operator delete de-referenced
provided pointer causing crashes after
https://codereview.chromium.org/1192743004/
TBR=thestig
BUG=508197
Review URL: https://codereview.chromium.org/1230763007 .
|
|
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1192743004.
|
|
Removed several header files that simply proxy other headers.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1199553002.
|
|
Remove some fx_* files that simply included other files along the way.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1197693003.
|
|
We get to delete a whole bunch of fx_foo.c files that did nothing
but #include "foo.c" after defining _CRT_SECURE_NO_WARNINGS. Do this
from the .gyp/.gn files instead.
Also sort some "config"s in .gn file.
R=thestig@chromium.org
Committed: https://pdfium.googlesource.com/pdfium/+/c7a17bf9cdb0d646aa8b653e6ab2678a1837ed6a
Review URL: https://codereview.chromium.org/1185373010.
|
|
This reverts commit c7a17bf9cdb0d646aa8b653e6ab2678a1837ed6a.
|
|
We get to delete a whole bunch of fx_foo.c files that did nothing
but #include "foo.c" after defining _CRT_SECURE_NO_WARNINGS. Do this
from the .gyp/.gn files instead.
Also sort some "config"s in .gn file.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1185373010.
|
|
A virtual method that does |delete this| is an anti-pattern.
Some classes can be de-virtualized instead.
Throw in some unique_ptrs and delete dead code for good measure.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1192013002.
|
|
Removal of fpdfapi_ suffix can be part of a future CL.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1186113005.
|
|
Second CL to apply less restrictive flags to third party.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1181943008.
|
|
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1176333002.
|
|
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1177973008.
|
|
At one point in time, it may have made sense to indicate the
expected alignment of the memory you're about to copy, but that
was last century. The compiler will take care of it just fine.
I stopped short of removing the FXSYS_ wrapper macros entirely.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1179693003.
|
|
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1173223002.
|
|
This involves fixing some multiple variable per line
declarations, as the textually-substituted "*" applies
only to the first one.
This involves moving some consts around following the
substitution.
This involves replacing some typedefs used as constructors
with better code.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1171733003
|
|
It's redundant nowadays to provide our own equivalents, now
that this is done for us by the system header.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1177483002
|
|
- include system headers first and alphabetize.
- remove unsupported FX_WIN32_MOBILE symbol.
- actually define a FX_WIN64 symbol and make consistent.
- use final/override, not FX_FINAL.
- let stdint.h resolve FX_WORDSIZE concerns.
- unused FX_ERR and FX_SUCCESS() macros.
- unused FX_LSB_FIRST macro.
- outline FX type deprecation plan.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1169963003
|
|
Small bit of OCD here, since this file is included cross-library
(i.e. from fpdfsk), it can't be in src/. In other words, the
following should be empty:
grep -R 'include.*core/src/' fpdfsdk
Fix some IWYU in it at the same time.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1147353006
|
|
Get rid of leading _CAPITAL identifiers.
A large number of these didn't actually match the filename.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1160443004
|
|
BUG=459215
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1160663002
|
|
This issue is trigged by the conversion from unsigned int to signed int.
A large unsigned int is converted to int. It's represented as a negative
int which is used in the condition of while later.
BUG=482639
R=brucedawson@chromium.org
Review URL: https://codereview.chromium.org/1146913003
|
|
1. New size should be larger than old size in JBig2_Realloc.
2. Arguments are integers but parameters are size_t in JBIG2_memset.
After integer overflows, it will be presented as a huge
unsigned number on 64 bits system.
BUG=483981
R=brucedawson@chromium.org, tsepez@chromium.org
Review URL: https://codereview.chromium.org/1148643002
|
|
Fixes the ordering of some assignments broken when converting to checked
numerics in CFX_PathData::AddPointCount().
Original Review URL: https://codereview.chromium.org/1142713005
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1135893008
|
|
This reverts commit eb6527763171cdb4b0fbfea5a20d691f4d67b660.
Reason for revert: broke javascript tests.
TBR=thestig@chromium.org
Review URL: https://codereview.chromium.org/1145843005
|
|
This permits some functions to become void's since
they, in turn, can't fail.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1142713005
|
|
Integer overflow in CJBig2_Image::expand.
It causes the size of reallocated is not
expected.
BUG=483981
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1131023008
|
|
The opj_j2k_copy_default_tcp_and_create_tcp() function memcpy's a top-level
struct, and then replaces pointers to memory owned by the original struct
with new blocks of memory. Unfortunately, an early return can leave the
copy with pointers to memory it doesn't own, which causes problems when
cleaning up the partially-initialized struct.
The referenced bug is triggered when we get a return at original
line 7969 or 7385 due to OOM.
Moral of the story: creating a "copy constructor" equivalent
based on memcpy() instead of copying field by field for structs
containing pointers is usually a bad idea.
BUG=486538
R=jun_fang@foxitsoftware.com
Review URL: https://codereview.chromium.org/1138033007
|
|
This CL is used for:
1. keeping the same logic as before (the behaviour
of FX_Alloc was changed for OOM).
2. fixing a potential integer overflow.
BUG=N/A
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1126013006
|
|
This avoids unchecked multiplications when computing a size argument
to malloc(). Such an overflow is very scary, and can result in
exploitable bugs.
Along the way, kill off some return checks, since we know this can't
return NULL.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1143663004
|
|
For FlateEncode(), error handling code leaked memory.
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1144603002
|
|
Add a FX_TryAlloc() for those few cases where we might need to continue
in face of OOM.
Remove FX_AllocNL() (the context of its use would suggest that NL
means "No Limit"). This is used for some big allocations, so replace
it with TryAlloc(). Large allocations may be worth trying to continue
from, since there are few and they have a large chance of failing.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1128043009
|
|
Also fix a few nits and other errors along the way.
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1098583002
|
|
BUG=484002
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1124563002
|
|
BUG=453553
R=thestig@chromium.org, tsepez@chromium.org
Review URL: https://codereview.chromium.org/1093323003
|
|
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1084303002
|
|
CFX_Object is a type that implements its own new operators that return
NULL on error. There's no need for this given the |new (std::nothrow)|
syntax; in fact, the current code can only work if there is no activity
in the constructors. This may explain the pervasive lack of
constructors and reliance on Init() methods throughout the codebase.
The activity takes place in fx_memory.h, where FX_NEW is mapped onto
the std::nothrow syntax. The rest is just cleanup.
Down the road, we will simply throw and remove all the error-checking
paths for new objects. Landing this patch first will at least show a
simple path back to the old behaviour without having to re-introduce
CFX_Object should someone want to do so in their own fork.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1088733002
|
|
BUG=476107
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1080893002
|
|
Needed to fix the failed pdfium_unittests on windows. Ironically,
I created these constants so I wouldn't mix up size_t's and off_t's
in these tests, but I didn't apply them consistently.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1036743005
|
|
Build broken on trybot at
http://build.chromium.org/p/tryserver.chromium.win/builders/win8_chromium_rel/builds/66012/steps/compile%20%28with%20patch%29/logs/stdio
R=thestig@chromium.org
TBR=thestig@chromium.org
Review URL: https://codereview.chromium.org/1026843002
|
|
Follow on to https://codereview.chromium.org/990683002/.
This more closely mimics what fseek() actually does, so as
to avoid subtle bugs down the road.
Move the DecodeData struct into a header so the test can
use it, and provide a constructor for it.
Along the way, I added include guards, removed the p_
prefix from some non-pointer vars, fixed some IWYU, and
resolved some signed/unsigned comparison warnings with
careful casting.
BUG=452671
R=jun_fang@foxitsoftware.com, thestig@chromium.org
Review URL: https://codereview.chromium.org/1016203002
|
|
In the process of opj_end_decompress, it will return fail when the end of coding stream is reached. However it returns true in the same scenario implemented in openJPEG. So the final solution is from openJPEG. Return true when the end of coding stream is reached.
BUG=452671
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/990683002
|
|
I thought I had done this already, apart from the third-party
libraries, but there were a couple remaining (the third-party
libraries will still call this, they should be tweaked
upstream as needed).
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/999543002
|