Age | Commit message (Collapse) | Author |
|
BUG=387970
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/551503003
|
|
m_pDocument in CPDF_Color
If not forced clear, the counter of CPDF_Pattern will take care the count of referenced instance.
When forced clear, clear color first to make sure pattern still exists when referencing it.
BUG=411154
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/554913003
|
|
BUG=411163
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/551513005
|
|
BUG=
R=jun_fang@foxitsoftware.com
Review URL: https://codereview.chromium.org/534363002
|
|
When |m_nComponents| is changed from loading stream information,
previously allocated memory that depends on |m_nComponents| needes to be freed
and allocated again to enforce memory size consistency.
BUG=409695
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/528163002
|
|
BUG=409692
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/534763002
|
|
This will prevent using freed pattern object.
This is a better solution than https://pdfium.googlesource.com/pdfium/+/1b9c5c4dc41956b8c5ab17b9a882adf8a2513768
and in essence revert that patch
BUG=409373
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/522483003
|
|
This is code cleanup rather than bug fixing.
The motivation for this was to fix the casts at line 97 of the original file. These are wrong; you cannot correct via casting a function signature mismatch when passing a function as an argument. In theory, there's no reason to believe that the compiler will pass args in the same manner for a function of type (void*, size_t, void*) as for a function of type (void*, size_t, some_struct*). The cast will suppress the compile error, but you can't be assured the call will work as intended. In practice, it does, since the last architecture where a void* had a different representation than a struct* went extinct in the late 80s.
In the functions themselves, note that we currently bail out if srcData->offset >= srcData->src_size, so the expression
bufferLength = (OPJ_SIZE_T)(srcData->src_size - srcData->offset)
will always be > 0. Hence the check
if(bufferLength <= 0)
is pointless, esp. since bufferLength is a signed type and < 0 makes no sense.
The opj_seek_from_memory() has a bool return value, so returning -1 on error doesn't seem reasonable. Change this to TRUE/FALSE, and return false on seek past end.
If we're truly passing readonly data, then perhaps it makes sense to make the write() function always return -1. I didn't do this.
Lastly, I capitalize "DecodeData" so that it looks like a struct, and change its members to be size_t's to avoid casting back and forth.
R=jun_fang@foxitsoftware.com
Review URL: https://codereview.chromium.org/507273003
|
|
m_bpc is assigned.
The problem of using GetValidBpc() in each function call is it could result in mismatch as seen in this case:
in ContinueToLoadMask(), m_bpc is re-assigned to 1 if m_bImageMask==1 regardless of the value from GetValidBpc().
This will result in mismatch if another function use the value from GetValidBpc().
The solution could be checking m_bImageMask in another function to make sure m_bpc is consistent, but that makes the code too cumbersome.
Also, we have to bring and are bringing in more and more GetValidBpc check, and this will continue with other buggy documents. So better to fix it now.
The original rational to use GetValidBpc() in where m_bpc is used is to respect the "raw" data from parsing.
However, if it will be ignored anyway and using value from GetValidBpc(), we'd better correct it at the very beginning.
BUG=408541
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/518443002
|
|
Edge closer to getting PDFium to build in chromium_code mode.
BUG=https://code.google.com/p/pdfium/issues/detail?id=29
R=bo_xu@foxitsoftware.com
Review URL: https://codereview.chromium.org/437343002
|
|
CPDF_DocPageData::~CPDF_DocPageData() will force to release all resources, so no need to do it here, which can result in heap-use-after-free trouble.
BUG=408164
R=jun_fang@foxitsoftware.com, tsepez@chromium.org
Review URL: https://codereview.chromium.org/513063003
|
|
There is not strict way to limit invalid value of |Colors| from dictionary. We can make sure |index| does not go out of boundary of row_size.
BUG=407614
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/509993003
|
|
BUG=408141, 408147
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/508253003
|
|
BUG=408154
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/509613005
|
|
BUG=407476
R=jun_fang@foxitsoftware.com
Review URL: https://codereview.chromium.org/489703004
|
|
BUG=406868
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/504993002
|
|
BUG=406591
R=jun_fang@foxitsoftware.com
Review URL: https://codereview.chromium.org/501823003
|
|
BUG=406806
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/503883002
|
|
BUG=406908
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/504673002
|
|
BUG=406600, 406895
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/497733005
|
|
(patchset #1 of https://codereview.chromium.org/493163003/)
Reason for revert:
Needs to address comments before landing
Original issue's description:
> Use number of components from ICC profile and alternate color space
>
> BUG=406806
>
> Committed: https://pdfium.googlesource.com/pdfium/+/be83103
TBR=tsepez@chromium.org,jun_fang@foxitsoftware.com
NOTREECHECKS=true
NOTRY=true
BUG=406806
Review URL: https://codereview.chromium.org/504883003
|
|
BUG=406806
Review URL: https://codereview.chromium.org/493163003
|
|
BUG=387983
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/454283002
|
|
Pdfium reads the page number from the field of '/Count' but it can't
load the number assigned by this field due to the damaged data. Add a
check to ensure that the required page should be one of loaded pages.
BUG=406090
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/477873003
|
|
Add a check to CFX_Font::LoadGlyphPath() similar to the one that exists
in CFX_FaceCache::RenderGlyph().
Also replace some scattered magic numbers in the file with constants,
and make arrays not used outside this file be statically scoped.
BUG=406144
R=jun_fang@foxitsoftware.com
Review URL: https://codereview.chromium.org/497863002
|
|
BUG=405201
R=bo_xu@foxitsoftware.com
Review URL: https://codereview.chromium.org/474093003
|
|
From PDF reference 8.6.5.5, this could only be 1, 3 or 4.
BUG=387968
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/464083003
|
|
BUG=405588
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/496883002
|
|
m_pageObjects never gets initialize, thus making CPDF_PageContentGenerate::GenerateContent() doing nothing.
Since the CPFD_PageObject are owned by m_pPage, no need to release them in the destructor.
BUG=385119
R=thestig@chromium.org, vitalybuka@chromium.org
Review URL: https://codereview.chromium.org/470253004
|
|
BUG=400996
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/477323002
|
|
The test pdf file defines an invalid dictionary object with a NULL arrary
in the filed of "/V". It causes that a NULL object is returned when trying
to get the first element of this arrary. So it needs to check whether the
returned object is NULL.
BUG=395986
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/478183002
|
|
space in CPDF_ColorSpace::Load
The test file defines a wrong color space object (7 0 obj). In the content of 7 0 obj,
the reserved obj (0 0 R) is used. The process of loading color space returns NULL when
the reserved obj (0 0 R) is found. For the error color space, it only needs to return
NULL when an error is detected.
BUG=403032
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/477413002
|
|
m_pBaseCS will be released in CPDF_DocPageData::Clear.
BUG=401372
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/472653002
|
|
BUG=393602
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/466153005
|
|
Should there be cases where this fails to compile, it indicates a mistake,
either an incorrectly declared overrriden virtual method, or a method that
should be declared non-virtual.
The only issues were with CPDF_CustomAccess::GetBlock(), CPDF_CustomAccess::GetByte(),
and CPDF_CustomAccess::GetFullPath(). These don't appear to be used anywhere,
and are removed. Two members are removed that are no longer needed once those
methods are removed.
R=jam@chromium.org, jun_fang@foxitsoftware.com
Review URL: https://codereview.chromium.org/454983003
|
|
BUG=pdfium:28
R=thakis@chromium.org
Review URL: https://codereview.chromium.org/472563002
|
|
This has no ill-effect at present, but may be distracting when viewing the file
since it just looks wrong.
R=jun_fang@foxitsoftware.com
Review URL: https://codereview.chromium.org/461933003
|
|
with the old pattern
This patch is related to https://pdfium.googlesource.com/pdfium/+/1b9c5c4dc41956b8c5ab17b9a882adf8a2513768
BUG=402260
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/460383004
|
|
BUG=400662
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/445303002
|
|
BUG=387774
R=palmer@chromium.org, tsepez@chromium.org
Review URL: https://codereview.chromium.org/441503003
|
|
Patterns are managed in CPDF_DocPageData. When
a document is closed, all patterns will be
released in the deconstruction of CPDF_DocPageData.
However, some patterns which are referenced in
CPDF_Color can't get the notification from the
destroy of CPDF_DocPageData. It will cause
use-after-free in CPDF_Color::~CPDF_Color.
BUG=392719
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/439693002
|
|
BUG=387811
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/437483004
|
|
of i++
BUG=387979
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/439733002
|
|
BUG=382988
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/430733004
|
|
Patch from jschuh@chromium.org.
BUG=pdfium:31
TBR=jschuh@chromium.org,thakis@chromium.org
Review URL: https://codereview.chromium.org/438843003
|
|
R=jun_fang@foxitsoftware.com
Review URL: https://codereview.chromium.org/417263008
|
|
No intended behavior change.
BUG=pdfium:29
R=bo_xu@foxitsoftware.com
Review URL: https://codereview.chromium.org/436483002
|
|
When an image object is zoomed in by a big factor, the scaling factor in the transformation matrix is big as well, resulting in a large |dest_width| and |dest_height| value(they can be think of as the equivalent pixel size of the entire image, although most of it is outside the device).
BUG=395636
R=vitalybuka@chromium.org
Review URL: https://codereview.chromium.org/432543002
|
|
BUG=387854
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/372453005
|
|
No intended behavior change.
BUG=pdfium:29
R=bo_xu@foxitsoftware.com
Review URL: https://codereview.chromium.org/426763003
|