summaryrefslogtreecommitdiff
path: root/core/src/fxcrt
AgeCommit message (Collapse)Author
2015-07-01Fix some clang warnings with -Wmissing-braces in pdfium.Nico Weber
Clang warns if there are missing braces around a subobject initializer. The most common idiom that triggers this is: STRUCT s = {0}; if the first field of STRUCT is itself a struct. This can be more simply written as: STRUCT s = {}; which also prevents the warning from firing. Other instances of the warning have been fixed by adding braces where appropriate. R=brucedawson@chromium.org Review URL: https://codereview.chromium.org/1213523004.
2015-06-17Replace some Release() calls with virtual destructors.Tom Sepez
A virtual method that does |delete this| is an anti-pattern. Some classes can be de-virtualized instead. Throw in some unique_ptrs and delete dead code for good measure. R=thestig@chromium.org Review URL: https://codereview.chromium.org/1192013002.
2015-06-15Do some IWYU cleanups.Lei Zhang
R=tsepez@chromium.org Review URL: https://codereview.chromium.org/1176333002.
2015-06-11Remove trailing whitespaces in core.Lei Zhang
R=tsepez@chromium.org Review URL: https://codereview.chromium.org/1177973008.
2015-06-11Kill FXSYS_mem{cpy,cmp,set.move}{32,8}.Tom Sepez
At one point in time, it may have made sense to indicate the expected alignment of the memory you're about to copy, but that was last century. The compiler will take care of it just fine. I stopped short of removing the FXSYS_ wrapper macros entirely. R=thestig@chromium.org Review URL: https://codereview.chromium.org/1179693003.
2015-06-10Cleanup: Remove uses of "this->" in core/Lei Zhang
R=tsepez@chromium.org Review URL: https://codereview.chromium.org/1173223002.
2015-06-10Remove FX_BSTR and FX_WSTR typedefs.chromium/2434chromium/2433chromium/2432chromium/2431chromium/2430Tom Sepez
These stand for const CFX_{Byte,Wide}StringC&, which is just monumentally confusing, since there are so many string types running around here. The following had manual changes: core/src/fpdfapi/fpdf_edit/fpdf_edit_content.cpp core/src/fpdfapi/fpdf_render/fpdf_render_loadimage.cpp core/src/fpdfdoc/doc_form.cpp fpdfsdk/src/fpdf_ext.cpp R=thestig@chromium.org Review URL: https://codereview.chromium.org/1180593004.
2015-06-10Remove typdefs for pointer types in fx_system.h.Tom Sepez
This involves fixing some multiple variable per line declarations, as the textually-substituted "*" applies only to the first one. This involves moving some consts around following the substitution. This involves replacing some typedefs used as constructors with better code. R=thestig@chromium.org Review URL: https://codereview.chromium.org/1171733003
2015-06-09Use stdint.h types throughout PDFium.Tom Sepez
It's redundant nowadays to provide our own equivalents, now that this is done for us by the system header. R=thestig@chromium.org Review URL: https://codereview.chromium.org/1177483002
2015-06-08Remove more cruft from fx_system.hTom Sepez
- include system headers first and alphabetize. - remove unsupported FX_WIN32_MOBILE symbol. - actually define a FX_WIN64 symbol and make consistent. - use final/override, not FX_FINAL. - let stdint.h resolve FX_WORDSIZE concerns. - unused FX_ERR and FX_SUCCESS() macros. - unused FX_LSB_FIRST macro. - outline FX type deprecation plan. R=thestig@chromium.org Review URL: https://codereview.chromium.org/1169963003
2015-06-04Move fx_safe_types.h to include/ directory.Tom Sepez
Small bit of OCD here, since this file is included cross-library (i.e. from fpdfsk), it can't be in src/. In other words, the following should be empty: grep -R 'include.*core/src/' fpdfsdk Fix some IWYU in it at the same time. R=thestig@chromium.org Review URL: https://codereview.chromium.org/1147353006
2015-06-03Fix fx_basic_memmgr_unittest.cpp under stricter GN ruleschromium/2426chromium/2425chromium/2424chromium/2423chromium/2422Tom Sepez
This caused a revert of the PDFium roll. TBR=thestig@chromium.org Review URL: https://codereview.chromium.org/1165863003
2015-05-28Fix ALL the include guards.Tom Sepez
Get rid of leading _CAPITAL identifiers. A large number of these didn't actually match the filename. R=thestig@chromium.org Review URL: https://codereview.chromium.org/1160443004
2015-05-19Re-land: Remove FX_Alloc() null checks now that it can't return NULL.Tom Sepez
Fixes the ordering of some assignments broken when converting to checked numerics in CFX_PathData::AddPointCount(). Original Review URL: https://codereview.chromium.org/1142713005 R=thestig@chromium.org Review URL: https://codereview.chromium.org/1135893008
2015-05-19Revert "Remove FX_Alloc() null checks now that it can't return NULL."Tom Sepez
This reverts commit eb6527763171cdb4b0fbfea5a20d691f4d67b660. Reason for revert: broke javascript tests. TBR=thestig@chromium.org Review URL: https://codereview.chromium.org/1145843005
2015-05-19Remove FX_Alloc() null checks now that it can't return NULL.Tom Sepez
This permits some functions to become void's since they, in turn, can't fail. R=thestig@chromium.org Review URL: https://codereview.chromium.org/1142713005
2015-05-18Add safe FX_Alloc2D() macroTom Sepez
This avoids unchecked multiplications when computing a size argument to malloc(). Such an overflow is very scary, and can result in exploitable bugs. Along the way, kill off some return checks, since we know this can't return NULL. R=thestig@chromium.org Review URL: https://codereview.chromium.org/1143663004
2015-05-15Disable allocation tests that hose the bot.Tom Sepez
Triggering allocation failure can be ... slow. See http://build.chromium.org/p/client.pdfium/builders/win/builds/126 R=thestig@chromium.org Review URL: https://codereview.chromium.org/1142463005
2015-05-15Abort on OOM by default in FX_Alloc().Tom Sepez
Add a FX_TryAlloc() for those few cases where we might need to continue in face of OOM. Remove FX_AllocNL() (the context of its use would suggest that NL means "No Limit"). This is used for some big allocations, so replace it with TryAlloc(). Large allocations may be worth trying to continue from, since there are few and they have a large chance of failing. R=thestig@chromium.org Review URL: https://codereview.chromium.org/1128043009
2015-05-15Fix potential UAF in ConcatInPlace.Tom Sepez
If ConcatCopy somehow gets a zero nNewlen, it returns early, without allocating a new m_Data. ConcatInPlace then frees the old one, leaving m_Data dangling. Also be concerned about the multiplication in the widestring version. So use wmemcpy and let the library cope with it. R=thestig@chromium.org Review URL: https://codereview.chromium.org/1130763007
2015-05-14Make CFX_StringData be scoped by CFX_Bytestring and add methods.chromium/2421chromium/2420chromium/2419chromium/2418chromium/2417chromium/2416chromium/2415chromium/2414chromium/2413chromium/2412chromium/2411chromium/2410chromium/2409chromium/2408chromium/2407chromium/2406chromium/2405chromium/2404Tom Sepez
This is a precondition for someday combining Byte/Wide strings via templates. R=thestig@chromium.org Review URL: https://codereview.chromium.org/1142533002
2015-05-13Fix integer overflow in conversion from float to integer.JUN FANG
BUG=471991 R=brucedawson@chromium.org Review URL: https://codereview.chromium.org/1141613002
2015-05-13Fix comparison of CFX_ByteString and CFX_WideString against empty literals.Tom Sepez
Also corrects some ASSERT_'s to EXPECT_'s in the test. BUG=pdfium:160 R=thestig@chromium.org Review URL: https://codereview.chromium.org/1141763002
2015-05-06Remove FX_STRSIZE casts, use safe conversionsTom Sepez
BUG=pdfium:153 R=thestig@chromium.org Review URL: https://codereview.chromium.org/1124043003
2015-05-05Make sure string constructors are efficient on literalsTom Sepez
Separate out the overload when the length is not known, and be sure that strlen() call is in the header so that strlen("foo") => 3 (since many compilers support this optimization). Also delete some unused types. BUG=pdfium:151 R=thestig@chromium.org Review URL: https://codereview.chromium.org/1117263004
2015-05-04Fix issues with != and == in fx_basic_wstringTom Sepez
Part two. Fix same issue in wide strings as in their bytestring counterparts. R=thestig@chromium.org Review URL: https://codereview.chromium.org/1127753002
2015-05-04Fix issuse with != and == shown by fx_basic_bstring unit tests.Tom Sepez
R=thestig@chromium.org Review URL: https://codereview.chromium.org/1125703004
2015-05-01Backfill some FX StringC unit tests for == and !=.Tom Sepez
Continuation of https://codereview.chromium.org/1122573002 Applies similar test to immutable versions of strings. R=thestig@chromium.org Review URL: https://codereview.chromium.org/1118973005
2015-05-01Backfill some FX String unit tests for == and !=.Tom Sepez
... and there are a few inconsistencies which we can now fix. Also add a comment about why these strings aren't headed for the dust-bin long term. R=thestig@chromium.org Review URL: https://codereview.chromium.org/1122573002
2015-05-01Save 8 bytes in each CFX_ByteString/WideString (on "LP64" platforms).Tom Sepez
(Also makes the calculation robust in face of changes to the header). BUG=pdfium:149 R=thestig@chromium.org Review URL: https://codereview.chromium.org/1118983003
2015-04-30Take adavange of unused bytes at end of widestringTom Sepez
Follow-on to https://codereview.chromium.org/1120703003/ R=thestig@chromium.org Review URL: https://codereview.chromium.org/1112423003
2015-04-30Try to take advantage of unused bytes at end of CFX_ByteString.Tom Sepez
Given the representation of StringData, it seems sub-optimal not to be doing this. R=thestig@chromium.org Review URL: https://codereview.chromium.org/1120703003
2015-04-28Make CFX_WideString::LockBuffer() completely unused.Tom Sepez
Then remove CFX_{Wide,Byte}String::LockBuffer(). Prelude to a vast simplification. There's an additional copy now in one place, so shoot me. BUG=pdfium:144 R=thestig@chromium.org Committed: https://pdfium.googlesource.com/pdfium/+/ee7412f5aef353e5c6f1a64d0e1708ed926869d9 Committed: https://pdfium.googlesource.com/pdfium/+/5a256ad29483eb2b13e6e2c89fe0f77a9103f68f Review URL: https://codereview.chromium.org/1053613004
2015-04-28Revert "Make CFX_WideString::LockBuffer() completely unused."Tom Sepez
This reverts commit 5a256ad29483eb2b13e6e2c89fe0f77a9103f68f. Reason for revert: broke JS tests. TBR=thestig@chromium.org Review URL: https://codereview.chromium.org/1112673002
2015-04-28Make CFX_WideString::LockBuffer() completely unused.Tom Sepez
Then remove CFX_{Wide,Byte}String::LockBuffer(). Prelude to a vast simplification. There's an additional copy now in one place, so shoot me. BUG=pdfium:144 R=thestig@chromium.org Committed: https://pdfium.googlesource.com/pdfium/+/ee7412f5aef353e5c6f1a64d0e1708ed926869d9 Review URL: https://codereview.chromium.org/1053613004
2015-04-27Revert "Make CFX_WideString::LockBuffer() completely unused."Tom Sepez
This reverts commit ee7412f5aef353e5c6f1a64d0e1708ed926869d9. Reason for revert: VS compile broke. TBR=thestig@chromium.org Review URL: https://codereview.chromium.org/1106333003
2015-04-27Make CFX_WideString::LockBuffer() completely unused.Tom Sepez
Then remove CFX_{Wide,Byte}String::LockBuffer(). Prelude to a vast simplification. There's an additional copy now in one place, so shoot me. BUG=pdfium:144 R=thestig@chromium.org Review URL: https://codereview.chromium.org/1053613004
2015-04-27Fix windows-specific usage of CFX_WideStr::operator LPCWSTR().Tom Sepez
Carry-on from https://codereview.chromium.org/1108903002/ R=brucedawson@chromium.org Review URL: https://codereview.chromium.org/1103343002
2015-04-27Reduce usage of operator LPCWSTR from CFX_WideString().Tom Sepez
This involves adding some explicit c_str() calls. Doing so flagged PDF_EncodeText() and FindOptionValue() as having suboptimal signatures, in that we are often throwing away a perfectly fine length and recomputing it. There are still some platform-specific code that needs the operator. R=brucedawson@chromium.org Review URL: https://codereview.chromium.org/1101933003
2015-04-27Revert "Kill operator LPCWSTR from CFX_WideString()."Tom Sepez
This reverts commit 15a62973b9b89c3e229cc0ab501c45967f91b325. Reason for revert: broke build on windows, mac. I must have missed some platform-specific conversions. TBR=brucedawson@chromium.org Review URL: https://codereview.chromium.org/1108883002
2015-04-27Kill operator LPCWSTR from CFX_WideString().Tom Sepez
This involves adding some explicit c_str() calls. Doing so flagged PDF_EncodeText() and FindOptionValue() as having suboptimal signatures, in that we are often throwing away a perfectly fine length and recomputing it. R=brucedawson@chromium.org Review URL: https://codereview.chromium.org/1101933003
2015-04-22Add missing operators for CFX_WideStringC.Tom Sepez
Part 2 of 4. R=thestig@chromium.org TBR=brucedawson@chromium.org BUG=pdfium:142 Review URL: https://codereview.chromium.org/1099193002
2015-04-22Add missing operators for CFX_ByteStringC.Tom Sepez
Removing the implicit cast operator forces a build breakage should we use ByteStringC in STL containers. Adding an operator< restores correct behaviour. Adding an operator[] avoids re-writing some code to call GetPtr() prior to array indexing. Part 1 of 4. R=thestig@chromium.org TBR=brucedawson@chromium.org BUG=pdfium:142. Review URL: https://codereview.chromium.org/1090303003
2015-04-22Add missing operators for CFX_WideStringTom Sepez
Part 4 of 4. BUG=pdfium:142 R=brucedawson@chromium.org, thestig@chromium.org Review URL: https://codereview.chromium.org/1084293003
2015-04-22Add missing operators for CFX_ByteString.Tom Sepez
Part 3 of 4. BUG=pdfium:142 R=brucedawson@chromium.org, thestig@chromium.org Review URL: https://codereview.chromium.org/1099213002
2015-04-21Kill CFX_StringBufTemplate.Tom Sepez
It's unused. R=thestig@chromium.org Review URL: https://codereview.chromium.org/1098203002
2015-04-17Fix all remaining instances of FX_NEW.Tom Sepez
R=thestig@chromium.org Review URL: https://codereview.chromium.org/1084613006
2015-04-15Remove checks in fxcrt now that FX_NEW can't return 0.Tom Sepez
Replace them with |new| so that we can tell by the presence of FX_NEW the places that still need to be audited. R=thestig@google.com, thestig@chromium.org Review URL: https://codereview.chromium.org/1052553006
2015-04-14Kill CFX_Object.Tom Sepez
CFX_Object is a type that implements its own new operators that return NULL on error. There's no need for this given the |new (std::nothrow)| syntax; in fact, the current code can only work if there is no activity in the constructors. This may explain the pervasive lack of constructors and reliance on Init() methods throughout the codebase. The activity takes place in fx_memory.h, where FX_NEW is mapped onto the std::nothrow syntax. The rest is just cleanup. Down the road, we will simply throw and remove all the error-checking paths for new objects. Landing this patch first will at least show a simple path back to the old behaviour without having to re-introduce CFX_Object should someone want to do so in their own fork. R=thestig@chromium.org Review URL: https://codereview.chromium.org/1088733002
2015-04-10Better fix for snprintf non-termination on windows.Tom Sepez
Replaces https://codereview.chromium.org/1062983002/ BUG=469244 R=brucedawson@chromium.org Review URL: https://codereview.chromium.org/1077903002