Age | Commit message (Collapse) | Author |
|
This avoids unchecked multiplications when computing a size argument
to malloc(). Such an overflow is very scary, and can result in
exploitable bugs.
Along the way, kill off some return checks, since we know this can't
return NULL.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1143663004
|
|
Add a FX_TryAlloc() for those few cases where we might need to continue
in face of OOM.
Remove FX_AllocNL() (the context of its use would suggest that NL
means "No Limit"). This is used for some big allocations, so replace
it with TryAlloc(). Large allocations may be worth trying to continue
from, since there are few and they have a large chance of failing.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1128043009
|
|
Also fix typos and remove trailing spaces/tabs.
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1141123002
|
|
- fread() returns the number of items read.
- fix a memory leak in error handling.
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1135713004
|
|
Also fix a few nits and other errors along the way.
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1098583002
|
|
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1084613006
|
|
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1062863006
|
|
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1081443004
|
|
CFX_Object is a type that implements its own new operators that return
NULL on error. There's no need for this given the |new (std::nothrow)|
syntax; in fact, the current code can only work if there is no activity
in the constructors. This may explain the pervasive lack of
constructors and reliance on Init() methods throughout the codebase.
The activity takes place in fx_memory.h, where FX_NEW is mapped onto
the std::nothrow syntax. The rest is just cleanup.
Down the road, we will simply throw and remove all the error-checking
paths for new objects. Landing this patch first will at least show a
simple path back to the old behaviour without having to re-introduce
CFX_Object should someone want to do so in their own fork.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1088733002
|
|
MSAN reported this issue when I tried to reproduce 460936 in the last version of freetype on Linux.
BUG=N/A
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1050333002
|
|
BUG=465322
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1045553004
|
|
BUG=pdfium:29
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/891113002
|
|
This saves 406KB in the binary size of the plugin. More importantly, it gets rid of the linker flag preventing bundling PDFium into the Chromium binary.
BUG=453844
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/826613004
|
|
R=brucedawson@chromium.org
Review URL: https://codereview.chromium.org/837533003
|
|
Follow up on https://codereview.chromium.org/733693003
R=brucedawson@chromium.org, tsepez@chromium.org
Review URL: https://codereview.chromium.org/809993004
|
|
Put freetype into third_party directory, cleaning up header files.
Previously freetype header files are in core/src/fxge/freetype and core/include/thirdparties. There were also multiple fx_freetype.h.
This patch removes the additional Foxit wrapper to make further update easier.
Notice, for original freetype source code, the following files are modified and need to be updated accordingly in future update:
third_party/freetype/include/config/ftmodule.h
third_party/freetype/include/config/ftoption.h
BUG=407341
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/815103002
|
|
TBR=tsepez
Review URL: https://codereview.chromium.org/804463003
|
|
-remove parameter from FPDF_InitLibrary
-remove a bunch of ifdefs that are unused
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/801913002
|
|
Error is "converting to non-pointer type 'FX_DWORD'".
TBR=bo_xu@foxitsoftware.com
Review URL: https://codereview.chromium.org/726033002
|
|
BUG=401988
R=vitalybuka@chromium.org
Review URL: https://codereview.chromium.org/618073003
|
|
BUG=418582
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/680833006
|
|
Glyph index shall be less than number of glyphs.
BUG=418585
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/652363002
|
|
Before this fix, only |gindex < face->num_locations| is checked. However, the pointer, p, will be moved to next location in the first FT_NEXT_ULONG or FT_NEXT_USHORT. It may cause a crashier. So a boundary check is needed before the second FT_NEXT_ULONG or FT_NEXT_USHORT.
BUG=412457
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/571833002
|
|
Edge closer to getting PDFium to build in chromium_code mode.
BUG=https://code.google.com/p/pdfium/issues/detail?id=29
R=bo_xu@foxitsoftware.com
Review URL: https://codereview.chromium.org/437343002
|
|
Add a check to CFX_Font::LoadGlyphPath() similar to the one that exists
in CFX_FaceCache::RenderGlyph().
Also replace some scattered magic numbers in the file with constants,
and make arrays not used outside this file be statically scoped.
BUG=406144
R=jun_fang@foxitsoftware.com
Review URL: https://codereview.chromium.org/497863002
|
|
BUG=405201
R=bo_xu@foxitsoftware.com
Review URL: https://codereview.chromium.org/474093003
|
|
Should there be cases where this fails to compile, it indicates a mistake,
either an incorrectly declared overrriden virtual method, or a method that
should be declared non-virtual.
The only issues were with CPDF_CustomAccess::GetBlock(), CPDF_CustomAccess::GetByte(),
and CPDF_CustomAccess::GetFullPath(). These don't appear to be used anywhere,
and are removed. Two members are removed that are no longer needed once those
methods are removed.
R=jam@chromium.org, jun_fang@foxitsoftware.com
Review URL: https://codereview.chromium.org/454983003
|
|
This has no ill-effect at present, but may be distracting when viewing the file
since it just looks wrong.
R=jun_fang@foxitsoftware.com
Review URL: https://codereview.chromium.org/461933003
|
|
Patch from jschuh@chromium.org.
BUG=pdfium:31
TBR=jschuh@chromium.org,thakis@chromium.org
Review URL: https://codereview.chromium.org/438843003
|
|
When an image object is zoomed in by a big factor, the scaling factor in the transformation matrix is big as well, resulting in a large |dest_width| and |dest_height| value(they can be think of as the equivalent pixel size of the entire image, although most of it is outside the device).
BUG=395636
R=vitalybuka@chromium.org
Review URL: https://codereview.chromium.org/432543002
|
|
No intended behavior change.
BUG=pdfium:29
R=bo_xu@foxitsoftware.com
Review URL: https://codereview.chromium.org/426763003
|
|
No intended behavior change.
- Remove more unused variables, functions, member variables.
- Put a few constructor initializers in the order they execute in.
- Add braces for subobject initializers.
- Fix a handful of signed / unsigned comparisons.
BUG=pdfium:29
R=bo_xu@foxitsoftware.com
Review URL: https://codereview.chromium.org/429593005
|
|
Found by clang's -Wunused-variable, -Wunused-function, -Wunused-const-variable.
BUG=none
R=bo_xu@foxitsoftware.com
Review URL: https://codereview.chromium.org/404653005
|
|
Follow-up to https://codereview.chromium.org/370853002/
BUG=none
R=bo_xu@foxitsoftware.com
Review URL: https://codereview.chromium.org/406683005
|
|
BUG=pdfium_23
R=palmer@chromium.org
Review URL: https://codereview.chromium.org/399233002
|
|
Calling `delete` on an object of a type that has virtual functions but
not a virtual destructor is questionable: Since the object has virtual functions,
it likely has subclasses, so if it's deleted through the base pointer and the
destructor isn't virtual, the subclass destructor won't be called.
In most cases, the classes getting deleted can just be marked final to tell
the compiler that it can't possibly have subclasses (this also enables the
compiler to generate better code).
Two classes didn't have any sub- or superclasses but virtual functions -
this doesn't make sense, so make all methods of these classes non-virtual.
(Also delete an unused function on one of the two classes.)
In one case, a class actually did have a subclass that needs to be deleted
virtually, so mark one destructor as virtual.
BUG=none
R=bo_xu@foxitsoftware.com
Review URL: https://codereview.chromium.org/370853002
|
|
C++11 makes uninitialized const PODs an error, because they contain
uninitialized memory (they're uninitialized that can never be initialized
(because they're const).
In this case, the memory was only used by _GetSubFontName() if the lang
parameter was 1, but _GetSubFontName() is only called from one place, with
a lang parameter of 0. So remove _GetSubFontName()'s lang parameter too.
(Using bsearch for searching an array that always has exactly 2 entries is
overkill too, but I'm trying to keep the diff small.)
No intended behavior change. Fixes this error on the clang/win bot:
..\..\third_party\pdfium\core\src\fxge\win32\fx_win32_device.cpp(207,20) : error(clang): default initialization of an object of const type 'const _FontNameMap [1]'
const _FontNameMap g_GbFontNameMap[1];
^
BUG=chromium:82385
R=bo_xu@foxitsoftware.com
Review URL: https://codereview.chromium.org/369343003
|
|
BUG=381521
R=palmer@chromium.org
Review URL: https://codereview.chromium.org/383563002
|
|
BUG=
R=palmer@chromium.org
Review URL: https://codereview.chromium.org/372473003
|
|
BUG=387840
R=palmer@chromium.org
Review URL: https://codereview.chromium.org/354413002
|
|
|
|
BUG=11
|
|
BUG=chromium:381011
R=bo_xu@foxitsoftware.com
Review URL: https://codereview.chromium.org/317203003
|
|
https://code.google.com/p/pdfium/issues/detail?id=9
https://code.google.com/p/pdfium/issues/detail?id=10
BUG=
R=bo_xu@foxitsoftware.com
Review URL: https://codereview.chromium.org/312273002
|
|
BUG=chromium:374943
R=jam@chromium.org
Review URL: https://codereview.chromium.org/303723004
|
|
wrong characters representation, and addjust some code indent
BUG=
R=jam@chromium.org
Review URL: https://codereview.chromium.org/294353002
|
|
Original patch by Lucas Nihlen <luken@chromium.org>
|
|
|
|
|
|
- Silence -Wheader-hygiene warning on Clang. Between fx_agg_driver.cpp
and fxjs_v8.h there are hundreds or thousands of things that depend on
"using namespace", so it is best to just suppress this warning than
fix it.
- gzguts.h: Include unistd.h on all non-Windows platforms, not just
Apple platforms. Fixes implicit include warnings on Linux.
- Added parens to silence a warning about mixing && and ||.
- Removed a check if an enum is negative. Enums can be unsigned,
generating an always-false warning. The check isn't necessary.
- Removed some statements that are just names of variables that do
nothing.
BUG=375114
Patch by Matt Giuca <mgiuca@chromium.org>
|