Age | Commit message (Collapse) | Author |
|
This issue was caused by integer overflow in CPDF_SampledFunc::v_Call.
The root cause of this issue is that the content in the test pdf file
was damaged. The solution is to check whether an integer is overflow
before using it.
BUG=452455
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/886953002
|
|
It's only used internally. This also avoids errors from the verify_order script when linking PDFium into Chromium
BUG=453844
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/887193002
|
|
This saves 406KB in the binary size of the plugin. More importantly, it gets rid of the linker flag preventing bundling PDFium into the Chromium binary.
BUG=453844
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/826613004
|
|
Introduce a local static to track the recursion depth, thereby removing
the burden for callers to track and pass a level parameter correctly through
all call paths. Also increase the depth tolerated, since we know there
were paths that were under-counting this value.
BUG=451265
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/868253009
|
|
While we're at it, avoid an indirection through a pointer, and
use a name that isn't reserved for the compiler (leading _ CAP).
This is a small portion of the associated bug:
BUG=https://code.google.com/p/pdfium/issues/detail?id=112
R=brucedawson@chromium.org
Review URL: https://codereview.chromium.org/880663003
|
|
A suitably corrupted file can cause the parser(s) to repeatedly re-read
sections of the file at increasing parser recursion depth until the
stack is exhausted. There is supposed to be a check for this based upon
the parser "level", but not all call paths pass or update the level as
required.
Much as I hate per-class statics, this introduces one to track the depth
so that the check is enforced no matter how screwy the call path might be
that leads the parser to re-enter itself. This is more palatable than trying
to find all these paths and fix them. We know this is OK since there is
only one thread in here modifying the static.
BUG=451830
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/875263002
|
|
We are making checks in the incorrect order. Also adds two test
cases, one for the this crash, and another for the original issue
that motivated the patch.
Original Patch by Bo at https://codereview.chromium.org/866003003/
BUG=450871
R=bo_xu@foxitsoftware.com
Review URL: https://codereview.chromium.org/872563002
|
|
Currently, no callers go through the Interface, which makes having a
separate interface class kind of pointless. After converting callers
away from using the CPDF_DataAvail concrete class, it can be moved
from the header to the .cpp file.
R=bo_xu@foxitsoftware.com
Review URL: https://codereview.chromium.org/873523002
|
|
Previously, UTF16LE_Encode take an optional flag to indicate
if the returned byte string has trailing zeros. In fact, no where
needs the flag to be false. So just get rid of it so callers won't
misuse.
The bug is found by https://codereview.chromium.org/837723009
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/860973002
|
|
Orignal CL at https://codereview.chromium.org/852493002/
TBR=bo_xu@foxitsoftware.com
Review URL: https://codereview.chromium.org/849603003
|
|
BUG=445475
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/837093002
|
|
This is done by explicitly adding a virtual dtor to interface classes,
since the cost is small given that there are already virtual functions.
The exceptions are for classes that have a Release() or Delete() method,
in which case it is non-virtual and protected to indicate that the virtual
class is never the deletion point.
BUG=
R=brucedawson@chromium.org, thestig@chromium.org
Review URL: https://codereview.chromium.org/810883005
|
|
patch from issue 680873002 at patchset 40001 (http://crrev.com/680873002#ps40001)
TBR=jam@chromium.org
Review URL: https://codereview.chromium.org/841943003
|
|
This fixes a few cut-n-paste errors in the previous version, plus
adds more corner cases. The implementation is fixed to handle a
few of these that failed.
R=brucedawson@chromium.org
Review URL: https://codereview.chromium.org/808553013
|
|
This allows integration with the gtest EXPECT_* macros.
R=brucedawson@chromium.org
Review URL: https://codereview.chromium.org/837843002
|
|
pdfium builds on Win32 have about 85 warnings (250 in the XFA
branch, totaling over 480 lines!), mostly from four lines in
a header file and a warning that should be disabled. This
change resolves all but two of them and turns on
warning-as-errors. Bugs have been filed for the two
remaining warnings:
https://code.google.com/p/pdfium/issues/detail?id=100
the 64-bit warnings:
https://code.google.com/p/pdfium/issues/detail?id=101
and the Linux warnings:
https://code.google.com/p/pdfium/issues/detail?id=102
The fix to the double->float truncation bugs will also
improve code-generation.
R=bo_xu@foxitsoftware.com, scottmg@chromium.org, tsepez@chromium.org
Review URL: https://codereview.chromium.org/792953005
|
|
R=brucedawson@chromium.org
Review URL: https://codereview.chromium.org/837533003
|
|
This is a follow-up to f9640495.
R=brucedawson@chromium.org
Review URL: https://codereview.chromium.org/825983004
|
|
The g_UnicodeData_Normalization_Map2 array is initialized with a size of
1724 in core\src\fpdftext\unicodenormalizationdata.cpp but its size is
1734 (+10) in core\src\fpdftext\unicodenormalization.cpp, 1724 seems to be
the real size (i.e. there's 1724 values in the initialization list).
BUG=446057
Original Author: sebmarchand@chromium.org
Original CL: https://codereview.chromium.org/837523002/
Review URL: https://codereview.chromium.org/812843004
|
|
Remove CPDF_Dictionary*() operator in CPDF_Bookmark class.
Unify naming conventions and coding styles.
Change some functions to const.
Change the name of function argument to |pDict| for FPDF_xxx type variable.
This makes the code more clear and gives better variable naming
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/828203002
|
|
This is a follow up CL on https://codereview.chromium.org/761313004/
BUG=https://code.google.com/p/pdfium/issues/detail?id=93
R=brucedawson@chromium.org, tsepez@chromium.org
Review URL: https://codereview.chromium.org/828183002
|
|
Follow up on https://codereview.chromium.org/733693003
R=brucedawson@chromium.org, tsepez@chromium.org
Review URL: https://codereview.chromium.org/809993004
|
|
PDFium has not yet had a unit-tests binary, so introduce one based on
the typical gtest framework. Also provide a small initial test fragment
for fxcrt strings for instructional purposes.
Naturally, doing so kicked out one corner case that isn't handled, we'll
fix that in a separate patch.
This is a small part of the testing strategy tracking bug.
BUG=https://code.google.com/p/pdfium/issues/detail?id=62
R=brucedawson@chromium.org, palmer@chromium.org
Review URL: https://codereview.chromium.org/831653002
|
|
Fix a memory leak while we are at it.
R=bo_xu@foxitsoftware.com
Review URL: https://codereview.chromium.org/813153002
|
|
BUG=438441
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/816153002
|
|
Put freetype into third_party directory, cleaning up header files.
Previously freetype header files are in core/src/fxge/freetype and core/include/thirdparties. There were also multiple fx_freetype.h.
This patch removes the additional Foxit wrapper to make further update easier.
Notice, for original freetype source code, the following files are modified and need to be updated accordingly in future update:
third_party/freetype/include/config/ftmodule.h
third_party/freetype/include/config/ftoption.h
BUG=407341
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/815103002
|
|
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/817753002
|
|
Also use stdlib algorithms in a few places.
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/810223003
|
|
R=bo_xu@foxitsoftware.com
Review URL: https://codereview.chromium.org/816593002
|
|
This reduces rendering time on my test document by over
10 seconds. It is super common for a JBIG2 dictionary to
span multiple pages, so we don't want to decode the same
dictionary over and over again.
Original patch from Jeff Breidenbach (breidenbach@gmail.com)
BUG=https://code.google.com/p/pdfium/issues/detail?id=85
R=bo_xu@foxitsoftware.com, thestig@chromium.org
Review URL: https://codereview.chromium.org/761313004
|
|
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/790213005
|
|
root object
Before this fix, the root will be released when an indirect object has the
same object number with the root. However, the root object is loaded when
the trailer is parsed. It shall not be updated or replaced anymore.
BUG=425040
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/803103002
|
|
QeTable is a 752 byte array that was defined in a header file. This
caused it to be instantiated by the VC++ compiler 12 times, wasting
8,272 bytes of space in the data segment. Because 'const' implies
'static' this did not cause any duplicate symbol errors.
JSCONST_n*HASH are a set of eight variables that are defined in a header
file. This causes them to be replicated 15 times. The variables
themselves are tiny but they are dynamically initialized and this
dynamic initialization code is replicated 15 times.
When tested on pdfium_test.exe the effect of this change is to:
Reduce the .text (code) segment by 3,616 bytes.
Reduce the .rdata section by 8,656 bytes.
Reduce the total binary file size by 13312 bytes.
These are the worst offenders for pdf.dll as shown in:
https://drive.google.com/open?id=1BvubxoA2SU_2e4T5cq7jHTjc1TlT0qOndpIfX3DMeA8&authuser=0
This will also drastically simplify the list of work to be done
for bug 441899 (getting rid of initializers).
BUG=441988
R=bo_xu@foxitsoftware.com
Review URL: https://codereview.chromium.org/802013002
|
|
TBR=tsepez
Review URL: https://codereview.chromium.org/804463003
|
|
-remove parameter from FPDF_InitLibrary
-remove a bunch of ifdefs that are unused
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/801913002
|
|
BUG=411842
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/792113003
|
|
BUG=438421
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/790363002
|
|
BUG=429134
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/791223002
|
|
BUG=https://code.google.com/p/pdfium/issues/detail?id=86
a "<<" token should follow "trailer" but "<" will trick the parser to make trailer a hex string object.
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/787753002
|
|
FX_ArraySize macro.
pdfium has numerous places where the number of elements in an array is
calculated with expressions like:
sizeof(cFormats)/sizeof(FX_LPCWSTR)
This is suboptimal because it is verbose, it is easy to get wrong, and
it cannot be determined through casual inspection whether the code is
correct. It will give incorrect results if cFormats is a pointer instead
of an array and it will give incorrect results if FX_LPCWSTR is not the
type of the array elements.
The FX_WSTRC macro in fx_string.h which I fixed was particularly scary
because it would silently misbehave if passed a pointer.
The FX_ArraySize macro which I have added and started using (taken from
arraysize in v8's macros.h) is easier to use and will always give correct
results. If passed a pointer it will fail to compile.
For this change I only fixed instances of sizeof(FX_LPCWSTR). There
appear to be about 150 other places in the pdfium code that could
benefit from using FX_ArraySize.
R=bo_xu@foxitsoftware.com, tsepez@chromium.org
Review URL: https://codereview.chromium.org/729293003
|
|
Since casts to FX_LPCWSTR have been shown to hide bugs I tried removing
more of them, targeting those places where a cast was used to force a
conversion from CFX_WideString to FX_LPCWSTR, replacing these casts with
calls to the newly added .c_str() function. This revealed two places
where the cast was hiding a bug -- where ->c_str() was required instead!
This removes ~33 FX_LPCWSTR casts and there are ~31 left, many of which
will go away in some future change.
Also includes this change:
Removing unnecessary casts from wchar_t* to wchar_t*, by various names.
Original patch from Bruce Dawson(brucedawson@chromium.org)
R=bo_xu@foxitsoftware.com, tsepez@chromium.org
Review URL: https://codereview.chromium.org/733693003
|
|
R=bo_xu@foxitsoftware.com
Review URL: https://codereview.chromium.org/775903002
|
|
BUG=429139,430566,431288
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/758593002
|
|
Before this fix, PDF parser aborts the parsering process when detecting an error.
For this case, PDF parser just gives up parsering when it detects that the length of
image stream is incorrect. The solution to this case is to find the tag "endstream"
and "endobj" to calculate the length rather than aborting the parsering process.
BUG=433339
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/743263002
|
|
BUG=433992
R=bo_xu@foxitsoftware.com
Review URL: https://codereview.chromium.org/733273002
|
|
VC++'s /analyze points out that this expression:
FX_BOOL bCheckRight = type != 'D' || type != 'W';"
is always true. This means that the tests for the right edge of a word
Original patch from Bruce Dawson(brucedawson@chromium.org)
BUG=427616
R=jun_fang@foxitsoftware.com
Review URL: https://codereview.chromium.org/731673003
|
|
As of the 2013 version VC++ still doesn't support the 'z' size specifier. This makes portable printing of size_t types frustrating. The simplest general solution is to use %u and cast to unsigned. If there was any possibility of the numbers getting larger than 32-bit then we would need better alternatives, but there is not.
This was found through code inspection, through /analyze, and through pdfium_test print this non-helpful message:
Loaded, parsed and rendered zu pages.
Skipped zu bad pages.
I can confirm that the fix works on Windows and it should work identically on mac. This is a follow-on to change 02e6ca4c4f.
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/738433003
|
|
Remove casts that merely cast from wchar_t* to wchar_t*. Sometimes the
types or casts are FX_LPCWSTR but the idea is the same. Excess casts
can (and have) hidden bugs so removing these may prevent future problems.
Original patch from Bruce Dawson(brucedawson@chromium.org)
R=bo_xu@foxitsoftware.com, tsepez@chromium.org
Review URL: https://codereview.chromium.org/730993002
|
|
Whether ch and iRet are read without being initialized depends on complex
preconditions and cannot be determined by looking at these function.
Therefore it seems prudent to zero initialize them to avoid any risk.
BUG=427616
R=bo_xu@foxitsoftware.com
Review URL: https://codereview.chromium.org/727083002
|
|
BUG=https://code.google.com/p/pdfium/issues/detail?id=78
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/726143002
|