summaryrefslogtreecommitdiff
path: root/core/src
AgeCommit message (Collapse)Author
2015-04-27Merge to XFA: SEGV in CFX_BaseSegmentedArray::Iterate().Tom Sepez
Original Review URL: https://codereview.chromium.org/1110653002 R=thestig@chromium.org TBR=thestig@chromium.org BUG=481363 Review URL: https://codereview.chromium.org/1110763002
2015-04-27Merge to XFA: Fix windows-specific usage of CFX_WideStr::operator LPCWSTR().Tom Sepez
Original Review URL: https://codereview.chromium.org/1103343002 R=brucedawson@chromium.org TBR=brucedawson@chromium.org Review URL: https://codereview.chromium.org/1105253002
2015-04-27Merge to XFA: Reduce usage of operator LPCWSTR from CFX_WideString().Tom Sepez
Original Review URL: https://codereview.chromium.org/1101933003 TBR=brucedawson@chromium.org Review URL: https://codereview.chromium.org/1108903002
2015-04-23Merge to XFA: Fix segmentation fault 'denial of service condition'JUN FANG
BUG=467392 R=thestig@chromium.org, tsepez@chromium.org Review URL: https://codereview.chromium.org/1064713008
2015-04-22Merge to XFA: Add missing operators for CFX_xxxString combo patch.Tom Sepez
This pulls in: Review URL: https://codereview.chromium.org/1099193002 Review URL: https://codereview.chromium.org/1090303003 Review URL: https://codereview.chromium.org/1084293003 Review URL: https://codereview.chromium.org/1099213002 Plus one fix to an XFA file to fix compilation. TBR=thestig@chromium.org Review URL: https://codereview.chromium.org/1095893005
2015-04-21Merge to XFA: Kill CFX_StringBufTemplate.Tom Sepez
Original Review URL: https://codereview.chromium.org/1098203002 TBR=thestig@chromium.org Review URL: https://codereview.chromium.org/1080633008
2015-04-21Merge to XFA: Fix a crashier due to images with abnormal sizeJUN FANG
BUG=453553 R=thestig@chromium.org, tsepez@chromium.org Review URL: https://codereview.chromium.org/1093323003
2015-04-20Merge to XFA: Remove Release() combo patch.Tom Sepez
Includes: Original Review URL: https://codereview.chromium.org/1098043002 Original Review URL: https://codereview.chromium.org/1097843003 Original Review URL: https://codereview.chromium.org/1093213002 R=thestig@chromium.org Review URL: https://codereview.chromium.org/1092033004
2015-04-17Merge to XFA: Set m_FontType in CPDF_Font() constructor.Tom Sepez
Original Review URL: https://codereview.chromium.org/1060813003 TBR=thestig@chromium.org Review URL: https://codereview.chromium.org/1060843005
2015-04-17Fix an issue 'heap use after free'JUN FANG
This fix is for covering more scenarios. Some faces like Foxit defined faces and MM faces are managed in built-in manager. They are released in built-in manager not in fontMgr. BUG=452793 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/1095733003
2015-04-16Fix heap use after free in FT_Stream_ReleaseFrameJUN FANG
Adjust the release order of resource to fix this issue. BUG=452793 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/1082023002
2015-04-15Merge to XFA: Fix offset outside bounds of constant string warningsJUN FANG
BUG=380476 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/1061013003
2015-04-14Fix two new / free mismatchesTom Sepez
R=brucedawson@chromium.org Review URL: https://codereview.chromium.org/1085963002
2015-04-14Merge to XFA: Kill CFX_Object.Tom Sepez
Not just a simple merge, but changes to remove CFX_Object from XFA. Original Review URL: https://codereview.chromium.org/1088733002 TBR=thestig@chromium.org Review URL: https://codereview.chromium.org/1087053002
2015-04-13Merge to XFA: Fix a heap overflow in CJBig2_Context::parseSymbolDictJUN FANG
BUG=476107 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/1080893002
2015-04-11Merge to XFA: Fix a heap buffer overflow issue in CPDF_CMap::GetNextCharJUN FANG
Add a check to make sure offset is less than the size of string in the function of GetNextChar(). BUG=471651 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/1067073003
2015-04-10Merge to XFA: Better fix for snprintf non-termination on windows.Tom Sepez
TBR=brucedawson@chromium.org Review URL: https://codereview.chromium.org/1073313003
2015-04-10Merge to XFA: Fix a stack overflow in CPDF_Parser::LoadCrossRefV5JUN FANG
A stack overflow was triggered by checked_cast due to invalid index in pdf files like 'Index[45 -1661]'. BUG=473400 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/1054303005
2015-04-10Merge to XFA: Don't call FPDF_InitLibrary() in individual unit_tests.Tom Sepez
Original Review URL: https://codereview.chromium.org/1071343002 TBR=thestig@chromium.org Review URL: https://codereview.chromium.org/1079623002
2015-04-09Merge to XFA: Fix a global buffer overflow in ↵Jun Fang
GCPDF_CIDFont::_CharCodeFromUnicode There is not a code page (CP) used for converting unicode to mutli-bytes if the coding scheme is CID coding. Only return 0 if CID can't be retrieved. The difference on Windows and other platforms should be the function used for converting rather than others. BUG=466790 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/1074653002
2015-04-07Merge to XFA: Fix a stack overflow issue caused by an invalid usage of snprintfJun Fang
BUG=469244 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/1062983002
2015-04-03Merge to XFA: Update the path of header file to avoid a compiling error in ↵JUN FANG
chrome BUG=N/A R=tsepez@chromium.org Review URL: https://codereview.chromium.org/1059233005
2015-04-03Merge to XFA: No-op change to poke the bots after being out of sequence.Tom Sepez
Adds a comment and changes some whitespace. TBR=jun_fang@foxitsoftware.com Review URL: https://codereview.chromium.org/1059373002
2015-04-03Merge to XFA: Fix a compiling error in fpdf_parser_parser_embeddertest.cppJun Fang
BUG=N/A R=tsepez@chromium.org Review URL: https://codereview.chromium.org/1057383002
2015-04-03Merge to XFA: Add embedder test comparing with the last patch.JUN FANG
When there is a wrong keyword like '??ze' in the dictionary of the trailer, PDFium can't recognize it and aborts further parsing. After this change, PDFium continues even it can't get the right size at this moment. It will rebuild the cross reference table later since the size of the table is missing. BUG=459580 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/1055323003
2015-04-02Merge to XFA: Fix uninitialized face in fx_ge_font.cppJUN FANG
MSAN reported this issue when I tried to reproduce 460936 in the last version of freetype on Linux. BUG=N/A R=thestig@chromium.org Review URL: https://codereview.chromium.org/1050333002
2015-03-30Merge to XFA: Fix no text displayed issue when font embedded and font ↵JUN FANG
subsetting enabled BUG=465322 R=thestig@chromium.org Review URL: https://codereview.chromium.org/1045553004
2015-03-20Merge to XFA: Fix missing include for std::minTom Sepez
Original Review URL: https://codereview.chromium.org/1026843002 TBR=thestig@chromium.org Review URL: https://codereview.chromium.org/1025753002
2015-03-19Merge to XFA: Fix subtle issues in opj_skip_from_memory and add unit tests.Tom Sepez
Original Review URL: https://codereview.chromium.org/1016203002 TBR=thestig@chromium.org Review URL: https://codereview.chromium.org/1027443002
2015-03-16Merge to XFA: Fix a bug that JPX images can't be shownJUN FANG
In the process of opj_end_decompress, it will return fail when the end of coding stream is reached. However it returns true in the same scenario implemented in openJPEG. So the final solution is from openJPEG. Return true when the end of coding stream is reached. BUG=452671 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/990683002
2015-03-16Merge to XFA: Fix potential integer overflow in fpdf_render_image.cppJUN FANG
BUG=382661 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/1007643002
2015-03-11XFA: bound memcpy length in _png_load_bmp_attribute()Tom Sepez
BUG=466338 R=thestig@chromium.org Review URL: https://codereview.chromium.org/997273002
2015-03-11Merge to XFA: Kill remaining sprintfsTom Sepez
There is fx_codec_png.cpp that has a sprintf under XFA that was not present in master. Original Review URL: https://codereview.chromium.org/999543002 R=thestig@chromium.org Review URL: https://codereview.chromium.org/995993002
2015-03-06Merge to XFA: Make conversions for CPDF_Link explicit.Tom Sepez
Original Review URL: https://codereview.chromium.org/985503005 TBR=thestig@chromium.org Review URL: https://codereview.chromium.org/985153002
2015-03-06Merge to XFA: Make conversion between CPDF_Dest and its object explicit.Tom Sepez
Original Review URL: https://codereview.chromium.org/984703004 TBR=thestig@chromium.org Review URL: https://codereview.chromium.org/984143002
2015-03-05Merge to XFA: Make conversion between CPDF_Action and its dictionary explicit.Tom Sepez
Original Review URL: https://codereview.chromium.org/984773002 R=thestig@chromium.org TBR=thestig@chromium.org Review URL: https://codereview.chromium.org/984783002
2015-02-27Merge to XFA: Do hit tests against Annots in reverse order.Lei Zhang
Original Review URL: https://codereview.chromium.org/952423002 (cherry picked from commit 944ccad72d028ed5e37f53c5c8c0888866905bc3) Review URL: https://codereview.chromium.org/970523002
2015-02-27Merge to XFA: Fix JPX image rendering that regressed due to several security ↵Lei Zhang
fixes. Original Review URL: https://codereview.chromium.org/892553002 (cherry picked from commit 254360730190cc6d6e3de325ee101948b78c1e32) Review URL: https://codereview.chromium.org/967773002
2015-02-27Merge to XFA: Fix some typos in fpdf_render_loadimage.cpp.Lei Zhang
Original Review URL: https://codereview.chromium.org/885223004 (cherry picked from commit 900d7bf46efc26e0588e1777759f7716ed4f8dbd) Review URL: https://codereview.chromium.org/963413002
2015-02-27Merge to XFA: Cleanup: Fix some unused-function warnings.Lei Zhang
Original URL: https://codereview.chromium.org/891113002 (cherry picked from commit 44fc192f29a77c5864fabffe5ab63937dacdfd21) Review URL: https://codereview.chromium.org/966023002
2015-02-27Merge to XFA: Cleanup parts of fpdf_render_loadimage.cpp.Lei Zhang
Original URL: https://codereview.chromium.org/890883006 (cherry picked from commit 3f41851972a18762164d7110a82da3baed564b80) Review URL: https://codereview.chromium.org/966013002
2015-02-27Merge to XFA: Check for NULL pointers in CJBig2_SymbolDict::DeepCopy().Lei Zhang
Original URL: https://codereview.chromium.org/837093002 (cherry picked from commit f8105c665856863ad95da37fee6c12b98b953e2c) Review URL: https://codereview.chromium.org/967033002
2015-02-27Merge to XFA: Cleanup: Get rid of CRLF line endings.Lei Zhang
Original URL: https://codereview.chromium.org/837533003 (cherry picked from commit 256ef88a26cff56fc7c23119d2d9e1b41468bd1a) Review URL: https://codereview.chromium.org/963403002
2015-02-27Merge to XFA: Update externs in unicodenormalization.cpp to not have array ↵Lei Zhang
sizes. Original URL: https://codereview.chromium.org/825983004 (cherry picked from commit dd132d8d1e9a27673e5357a657db2b97dda9bcdb) Review URL: https://codereview.chromium.org/965033005
2015-02-27Merge to XFA: Fix an array size mismatch.Lei Zhang
BUG=446057 Original Author: sebmarchand@chromium.org Original CL: https://codereview.chromium.org/837523002/ Review URL: https://codereview.chromium.org/812843004 (cherry picked from commit f96404951bc1505887e2567088b59206316c9297) Review URL: https://codereview.chromium.org/966003002
2015-02-27Merge to XFA: Upgrade openjpeg to revision 2997.JUN FANG
BUG=457493 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/960183004
2015-02-24Merge to XFA: Add small flate decode unit test.Tom Sepez
Original Review URL: https://codereview.chromium.org/845313006 TBR=thestig@chromium.org Review URL: https://codereview.chromium.org/945793004
2015-02-12Merge to XFA: Fix an error 'Use-of-uninitialized-value in CPDF_Function::Call'JUN FANG
This issue was introduced in https://codereview.chromium.org/886953002/. BUG=454280 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/869343008
2015-02-11Merge to XFA: CPDF_Object() constructor should set its internal m_Type variable.Tom Sepez
Original Review URL: https://codereview.chromium.org/880233005 TBR=thestig@chromium.org Review URL: https://codereview.chromium.org/916953002
2015-02-10Merge to XFA: Fix heap buffer overflow in CPDF_SampledFunc::v_CallJUN FANG
This issue was caused by integer overflow in CPDF_SampledFunc::v_Call. The root cause of this issue is that the content in the test pdf file was damaged. The solution is to check whether an integer is overflow before using it. BUG=452455 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/886953002