Age | Commit message (Collapse) | Author |
|
Clang warns if there are missing braces around a subobject
initializer. The most common idiom that triggers this is:
STRUCT s = {0};
if the first field of STRUCT is itself a struct. This can
be more simply written as:
STRUCT s = {};
which also prevents the warning from firing.
Other instances of the warning have been fixed by adding
braces where appropriate.
R=brucedawson@chromium.org
Review URL: https://codereview.chromium.org/1213523004.
|
|
A virtual method that does |delete this| is an anti-pattern.
Some classes can be de-virtualized instead.
Throw in some unique_ptrs and delete dead code for good measure.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1192013002.
|
|
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1176333002.
|
|
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1177973008.
|
|
At one point in time, it may have made sense to indicate the
expected alignment of the memory you're about to copy, but that
was last century. The compiler will take care of it just fine.
I stopped short of removing the FXSYS_ wrapper macros entirely.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1179693003.
|
|
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1173223002.
|
|
These stand for const CFX_{Byte,Wide}StringC&, which is just
monumentally confusing, since there are so many string types
running around here.
The following had manual changes:
core/src/fpdfapi/fpdf_edit/fpdf_edit_content.cpp
core/src/fpdfapi/fpdf_render/fpdf_render_loadimage.cpp
core/src/fpdfdoc/doc_form.cpp
fpdfsdk/src/fpdf_ext.cpp
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1180593004.
|
|
This involves fixing some multiple variable per line
declarations, as the textually-substituted "*" applies
only to the first one.
This involves moving some consts around following the
substitution.
This involves replacing some typedefs used as constructors
with better code.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1171733003
|
|
It's redundant nowadays to provide our own equivalents, now
that this is done for us by the system header.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1177483002
|
|
- include system headers first and alphabetize.
- remove unsupported FX_WIN32_MOBILE symbol.
- actually define a FX_WIN64 symbol and make consistent.
- use final/override, not FX_FINAL.
- let stdint.h resolve FX_WORDSIZE concerns.
- unused FX_ERR and FX_SUCCESS() macros.
- unused FX_LSB_FIRST macro.
- outline FX type deprecation plan.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1169963003
|
|
Small bit of OCD here, since this file is included cross-library
(i.e. from fpdfsk), it can't be in src/. In other words, the
following should be empty:
grep -R 'include.*core/src/' fpdfsdk
Fix some IWYU in it at the same time.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1147353006
|
|
This caused a revert of the PDFium roll.
TBR=thestig@chromium.org
Review URL: https://codereview.chromium.org/1165863003
|
|
Get rid of leading _CAPITAL identifiers.
A large number of these didn't actually match the filename.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1160443004
|
|
Fixes the ordering of some assignments broken when converting to checked
numerics in CFX_PathData::AddPointCount().
Original Review URL: https://codereview.chromium.org/1142713005
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1135893008
|
|
This reverts commit eb6527763171cdb4b0fbfea5a20d691f4d67b660.
Reason for revert: broke javascript tests.
TBR=thestig@chromium.org
Review URL: https://codereview.chromium.org/1145843005
|
|
This permits some functions to become void's since
they, in turn, can't fail.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1142713005
|
|
This avoids unchecked multiplications when computing a size argument
to malloc(). Such an overflow is very scary, and can result in
exploitable bugs.
Along the way, kill off some return checks, since we know this can't
return NULL.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1143663004
|
|
Triggering allocation failure can be ... slow. See
http://build.chromium.org/p/client.pdfium/builders/win/builds/126
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1142463005
|
|
Add a FX_TryAlloc() for those few cases where we might need to continue
in face of OOM.
Remove FX_AllocNL() (the context of its use would suggest that NL
means "No Limit"). This is used for some big allocations, so replace
it with TryAlloc(). Large allocations may be worth trying to continue
from, since there are few and they have a large chance of failing.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1128043009
|
|
If ConcatCopy somehow gets a zero nNewlen, it returns early, without
allocating a new m_Data. ConcatInPlace then frees the old one, leaving
m_Data dangling.
Also be concerned about the multiplication in the widestring version.
So use wmemcpy and let the library cope with it.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1130763007
|
|
This is a precondition for someday combining Byte/Wide strings
via templates.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1142533002
|
|
BUG=471991
R=brucedawson@chromium.org
Review URL: https://codereview.chromium.org/1141613002
|
|
Also corrects some ASSERT_'s to EXPECT_'s in the test.
BUG=pdfium:160
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1141763002
|
|
BUG=pdfium:153
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1124043003
|
|
Separate out the overload when the length is not known, and be sure that
strlen() call is in the header so that strlen("foo") => 3 (since many
compilers support this optimization).
Also delete some unused types.
BUG=pdfium:151
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1117263004
|
|
Part two. Fix same issue in wide strings as in their bytestring
counterparts.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1127753002
|
|
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1125703004
|
|
Continuation of https://codereview.chromium.org/1122573002
Applies similar test to immutable versions of strings.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1118973005
|
|
... and there are a few inconsistencies which we can now fix. Also add a
comment about why these strings aren't headed for the dust-bin long term.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1122573002
|
|
(Also makes the calculation robust in face of changes to the header).
BUG=pdfium:149
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1118983003
|
|
Follow-on to https://codereview.chromium.org/1120703003/
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1112423003
|
|
Given the representation of StringData, it seems sub-optimal not to be doing this.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1120703003
|
|
Then remove CFX_{Wide,Byte}String::LockBuffer(). Prelude to a vast
simplification. There's an additional copy now in one place, so
shoot me.
BUG=pdfium:144
R=thestig@chromium.org
Committed: https://pdfium.googlesource.com/pdfium/+/ee7412f5aef353e5c6f1a64d0e1708ed926869d9
Committed: https://pdfium.googlesource.com/pdfium/+/5a256ad29483eb2b13e6e2c89fe0f77a9103f68f
Review URL: https://codereview.chromium.org/1053613004
|
|
This reverts commit 5a256ad29483eb2b13e6e2c89fe0f77a9103f68f.
Reason for revert: broke JS tests.
TBR=thestig@chromium.org
Review URL: https://codereview.chromium.org/1112673002
|
|
Then remove CFX_{Wide,Byte}String::LockBuffer(). Prelude to a vast
simplification. There's an additional copy now in one place, so
shoot me.
BUG=pdfium:144
R=thestig@chromium.org
Committed: https://pdfium.googlesource.com/pdfium/+/ee7412f5aef353e5c6f1a64d0e1708ed926869d9
Review URL: https://codereview.chromium.org/1053613004
|
|
This reverts commit ee7412f5aef353e5c6f1a64d0e1708ed926869d9.
Reason for revert: VS compile broke.
TBR=thestig@chromium.org
Review URL: https://codereview.chromium.org/1106333003
|
|
Then remove CFX_{Wide,Byte}String::LockBuffer(). Prelude to a vast
simplification. There's an additional copy now in one place, so
shoot me.
BUG=pdfium:144
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1053613004
|
|
Carry-on from https://codereview.chromium.org/1108903002/
R=brucedawson@chromium.org
Review URL: https://codereview.chromium.org/1103343002
|
|
This involves adding some explicit c_str() calls. Doing so flagged
PDF_EncodeText() and FindOptionValue() as having suboptimal signatures, in
that we are often throwing away a perfectly fine length and recomputing it.
There are still some platform-specific code that needs the operator.
R=brucedawson@chromium.org
Review URL: https://codereview.chromium.org/1101933003
|
|
This reverts commit 15a62973b9b89c3e229cc0ab501c45967f91b325.
Reason for revert: broke build on windows, mac. I must have missed
some platform-specific conversions.
TBR=brucedawson@chromium.org
Review URL: https://codereview.chromium.org/1108883002
|
|
This involves adding some explicit c_str() calls. Doing so flagged
PDF_EncodeText() and FindOptionValue() as having suboptimal signatures, in
that we are often throwing away a perfectly fine length and recomputing it.
R=brucedawson@chromium.org
Review URL: https://codereview.chromium.org/1101933003
|
|
Part 2 of 4.
R=thestig@chromium.org
TBR=brucedawson@chromium.org
BUG=pdfium:142
Review URL: https://codereview.chromium.org/1099193002
|
|
Removing the implicit cast operator forces a build breakage should we
use ByteStringC in STL containers. Adding an operator< restores correct
behaviour. Adding an operator[] avoids re-writing some code to call
GetPtr() prior to array indexing.
Part 1 of 4.
R=thestig@chromium.org
TBR=brucedawson@chromium.org
BUG=pdfium:142.
Review URL: https://codereview.chromium.org/1090303003
|
|
Part 4 of 4.
BUG=pdfium:142
R=brucedawson@chromium.org, thestig@chromium.org
Review URL: https://codereview.chromium.org/1084293003
|
|
Part 3 of 4.
BUG=pdfium:142
R=brucedawson@chromium.org, thestig@chromium.org
Review URL: https://codereview.chromium.org/1099213002
|
|
It's unused.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1098203002
|
|
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1084613006
|
|
Replace them with |new| so that we can tell by the presence of FX_NEW
the places that still need to be audited.
R=thestig@google.com, thestig@chromium.org
Review URL: https://codereview.chromium.org/1052553006
|
|
CFX_Object is a type that implements its own new operators that return
NULL on error. There's no need for this given the |new (std::nothrow)|
syntax; in fact, the current code can only work if there is no activity
in the constructors. This may explain the pervasive lack of
constructors and reliance on Init() methods throughout the codebase.
The activity takes place in fx_memory.h, where FX_NEW is mapped onto
the std::nothrow syntax. The rest is just cleanup.
Down the road, we will simply throw and remove all the error-checking
paths for new objects. Landing this patch first will at least show a
simple path back to the old behaviour without having to re-introduce
CFX_Object should someone want to do so in their own fork.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1088733002
|
|
Replaces https://codereview.chromium.org/1062983002/
BUG=469244
R=brucedawson@chromium.org
Review URL: https://codereview.chromium.org/1077903002
|