summaryrefslogtreecommitdiff
path: root/core
AgeCommit message (Collapse)Author
2015-01-31Fix heap buffer overflow in CPDF_SampledFunc::v_CallJUN FANG
This issue was caused by integer overflow in CPDF_SampledFunc::v_Call. The root cause of this issue is that the content in the test pdf file was damaged. The solution is to check whether an integer is overflow before using it. BUG=452455 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/886953002
2015-01-30Don't export any OpenJPEG methods from PDFium.John Abd-El-Malek
It's only used internally. This also avoids errors from the verify_order script when linking PDFium into Chromium BUG=453844 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/887193002
2015-01-30Use system FreeType on Linux.John Abd-El-Malek
This saves 406KB in the binary size of the plugin. More importantly, it gets rid of the linker flag preventing bundling PDFium into the Chromium binary. BUG=453844 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/826613004
2015-01-29Fix infinite recursion in CPDF_RenderStatus::RenderSingleObject().Tom Sepez
Introduce a local static to track the recursion depth, thereby removing the burden for callers to track and pass a level parameter correctly through all call paths. Also increase the depth tolerated, since we know there were paths that were under-counting this value. BUG=451265 R=thestig@chromium.org Review URL: https://codereview.chromium.org/868253009
2015-01-27Kill scattered extern _PDF_CharType declarations.chromium/2292chromium/2291chromium/2290Tom Sepez
While we're at it, avoid an indirection through a pointer, and use a name that isn't reserved for the compiler (leading _ CAP). This is a small portion of the associated bug: BUG=https://code.google.com/p/pdfium/issues/detail?id=112 R=brucedawson@chromium.org Review URL: https://codereview.chromium.org/880663003
2015-01-26Fix infinite recursion in CPDF_Parser::ParseIndirectObjectAt().Tom Sepez
A suitably corrupted file can cause the parser(s) to repeatedly re-read sections of the file at increasing parser recursion depth until the stack is exhausted. There is supposed to be a check for this based upon the parser "level", but not all call paths pass or update the level as required. Much as I hate per-class statics, this introduces one to track the depth so that the check is enforced no matter how screwy the call path might be that leads the parser to re-enter itself. This is more palatable than trying to find all these paths and fix them. We know this is OK since there is only one thread in here modifying the static. BUG=451830 R=thestig@chromium.org Review URL: https://codereview.chromium.org/875263002
2015-01-23Fix null crash in CheckTrailer.Tom Sepez
We are making checks in the incorrect order. Also adds two test cases, one for the this crash, and another for the original issue that motivated the patch. Original Patch by Bo at https://codereview.chromium.org/866003003/ BUG=450871 R=bo_xu@foxitsoftware.com Review URL: https://codereview.chromium.org/872563002
2015-01-22Use IPDF_DataAvail interface to hide CPDF_DataAvail.Tom Sepez
Currently, no callers go through the Interface, which makes having a separate interface class kind of pointless. After converting callers away from using the CPDF_DataAvail concrete class, it can be moved from the header to the .cpp file. R=bo_xu@foxitsoftware.com Review URL: https://codereview.chromium.org/873523002
2015-01-21Simplify UTF16LE_Encode and add unittest.Bo Xu
Previously, UTF16LE_Encode take an optional flag to indicate if the returned byte string has trailing zeros. In fact, no where needs the flag to be false. So just get rid of it so callers won't misuse. The bug is found by https://codereview.chromium.org/837723009 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/860973002
2015-01-12Merge to master: Fix include paths for pdfium_unittests under chromium checkoutTom Sepez
Orignal CL at https://codereview.chromium.org/852493002/ TBR=bo_xu@foxitsoftware.com Review URL: https://codereview.chromium.org/849603003
2015-01-09Check for NULL pointers in CJBig2_SymbolDict::DeepCopy().chromium/2276chromium/2275chromium/2274chromium/2273Lei Zhang
BUG=445475 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/837093002
2015-01-09Fix -Wnon-virtual-dtor compiler warnings.Tom Sepez
This is done by explicitly adding a virtual dtor to interface classes, since the cost is small given that there are already virtual functions. The exceptions are for classes that have a Release() or Delete() method, in which case it is non-virtual and protected to indicate that the virtual class is never the deletion point. BUG= R=brucedawson@chromium.org, thestig@chromium.org Review URL: https://codereview.chromium.org/810883005
2015-01-08Land: Protect against a seg fault in CPDF_StructElementImpl constructor.Tom Sepez
patch from issue 680873002 at patchset 40001 (http://crrev.com/680873002#ps40001) TBR=jam@chromium.org Review URL: https://codereview.chromium.org/841943003
2015-01-07Finish unit test for CFX_ByteStringC class.Tom Sepez
This fixes a few cut-n-paste errors in the previous version, plus adds more corner cases. The implementation is fixed to handle a few of these that failed. R=brucedawson@chromium.org Review URL: https://codereview.chromium.org/808553013
2015-01-07Add ostream helpers for FX String classes.Tom Sepez
This allows integration with the gtest EXPECT_* macros. R=brucedawson@chromium.org Review URL: https://codereview.chromium.org/837843002
2015-01-06Resolve all but two VC++ build warnings in pdfium.Bruce Dawson
pdfium builds on Win32 have about 85 warnings (250 in the XFA branch, totaling over 480 lines!), mostly from four lines in a header file and a warning that should be disabled. This change resolves all but two of them and turns on warning-as-errors. Bugs have been filed for the two remaining warnings: https://code.google.com/p/pdfium/issues/detail?id=100 the 64-bit warnings: https://code.google.com/p/pdfium/issues/detail?id=101 and the Linux warnings: https://code.google.com/p/pdfium/issues/detail?id=102 The fix to the double->float truncation bugs will also improve code-generation. R=bo_xu@foxitsoftware.com, scottmg@chromium.org, tsepez@chromium.org Review URL: https://codereview.chromium.org/792953005
2015-01-05Cleanup: Get rid of CRLF line endings.Lei Zhang
R=brucedawson@chromium.org Review URL: https://codereview.chromium.org/837533003
2015-01-05Update externs in unicodenormalization.cpp to not have array sizes.Lei Zhang
This is a follow-up to f9640495. R=brucedawson@chromium.org Review URL: https://codereview.chromium.org/825983004
2015-01-05Fix an array size mismatch.Lei Zhang
The g_UnicodeData_Normalization_Map2 array is initialized with a size of 1724 in core\src\fpdftext\unicodenormalizationdata.cpp but its size is 1734 (+10) in core\src\fpdftext\unicodenormalization.cpp, 1724 seems to be the real size (i.e. there's 1724 values in the initialization list). BUG=446057 Original Author: sebmarchand@chromium.org Original CL: https://codereview.chromium.org/837523002/ Review URL: https://codereview.chromium.org/812843004
2015-01-05Clean up bookmark related codes.Bo Xu
Remove CPDF_Dictionary*() operator in CPDF_Bookmark class. Unify naming conventions and coding styles. Change some functions to const. Change the name of function argument to |pDict| for FPDF_xxx type variable. This makes the code more clear and gives better variable naming R=tsepez@chromium.org Review URL: https://codereview.chromium.org/828203002
2015-01-05Remove static declared SymbolDictCache.Bo Xu
This is a follow up CL on https://codereview.chromium.org/761313004/ BUG=https://code.google.com/p/pdfium/issues/detail?id=93 R=brucedawson@chromium.org, tsepez@chromium.org Review URL: https://codereview.chromium.org/828183002
2014-12-30Get rid of FX_LPCSTR cast.Bo Xu
Follow up on https://codereview.chromium.org/733693003 R=brucedawson@chromium.org, tsepez@chromium.org Review URL: https://codereview.chromium.org/809993004
2014-12-29Create pdfium_unittests binary.Tom Sepez
PDFium has not yet had a unit-tests binary, so introduce one based on the typical gtest framework. Also provide a small initial test fragment for fxcrt strings for instructional purposes. Naturally, doing so kicked out one corner case that isn't handled, we'll fix that in a separate patch. This is a small part of the testing strategy tracking bug. BUG=https://code.google.com/p/pdfium/issues/detail?id=62 R=brucedawson@chromium.org, palmer@chromium.org Review URL: https://codereview.chromium.org/831653002
2014-12-19Refactor some code in CPDF_TextPage::ProcessTextObject().Lei Zhang
Fix a memory leak while we are at it. R=bo_xu@foxitsoftware.com Review URL: https://codereview.chromium.org/813153002
2014-12-19Transform font size to user space for valid text size comparison.Bo Xu
BUG=438441 R=thestig@chromium.org Review URL: https://codereview.chromium.org/816153002
2014-12-19Update freetype to 2.5.4.Bo Xu
Put freetype into third_party directory, cleaning up header files. Previously freetype header files are in core/src/fxge/freetype and core/include/thirdparties. There were also multiple fx_freetype.h. This patch removes the additional Foxit wrapper to make further update easier. Notice, for original freetype source code, the following files are modified and need to be updated accordingly in future update: third_party/freetype/include/config/ftmodule.h third_party/freetype/include/config/ftoption.h BUG=407341 R=thestig@chromium.org Review URL: https://codereview.chromium.org/815103002
2014-12-19Fix a few windows compile warningschromium/2268chromium/2267chromium/2266chromium/2265chromium/2264chromium/2263chromium/2262chromium/2261chromium/2260chromium/2259chromium/2258chromium/2257chromium/2256Bo Xu
R=tsepez@chromium.org Review URL: https://codereview.chromium.org/817753002
2014-12-18Cleanup: Refactor some code into its own function in fpdf_text_int.cpp.Lei Zhang
Also use stdlib algorithms in a few places. R=tsepez@chromium.org Review URL: https://codereview.chromium.org/810223003
2014-12-17Cleanup: Remove a shadow variable in CPDF_TextPage::CloseTempLine().Lei Zhang
R=bo_xu@foxitsoftware.com Review URL: https://codereview.chromium.org/816593002
2014-12-17Add a small LRU cache for the JBIG2 symbol dictionary.Bo Xu
This reduces rendering time on my test document by over 10 seconds. It is super common for a JBIG2 dictionary to span multiple pages, so we don't want to decode the same dictionary over and over again. Original patch from Jeff Breidenbach (breidenbach@gmail.com) BUG=https://code.google.com/p/pdfium/issues/detail?id=85 R=bo_xu@foxitsoftware.com, thestig@chromium.org Review URL: https://codereview.chromium.org/761313004
2014-12-17Cleanup: Pass by const reference in fpdftext.Lei Zhang
R=tsepez@chromium.org Review URL: https://codereview.chromium.org/790213005
2014-12-17Fix a bug that occurs when an object has the same object number with the ↵JUN FANG
root object Before this fix, the root will be released when an indirect object has the same object number with the root. However, the root object is loaded when the trailer is parsed. It shall not be updated or replaced anymore. BUG=425040 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/803103002
2014-12-12Avoid duplicate definitions of JSCONST_n*Hash and QeTable variables.Bruce Dawson
QeTable is a 752 byte array that was defined in a header file. This caused it to be instantiated by the VC++ compiler 12 times, wasting 8,272 bytes of space in the data segment. Because 'const' implies 'static' this did not cause any duplicate symbol errors. JSCONST_n*HASH are a set of eight variables that are defined in a header file. This causes them to be replicated 15 times. The variables themselves are tiny but they are dynamically initialized and this dynamic initialization code is replicated 15 times. When tested on pdfium_test.exe the effect of this change is to: Reduce the .text (code) segment by 3,616 bytes. Reduce the .rdata section by 8,656 bytes. Reduce the total binary file size by 13312 bytes. These are the worst offenders for pdf.dll as shown in: https://drive.google.com/open?id=1BvubxoA2SU_2e4T5cq7jHTjc1TlT0qOndpIfX3DMeA8&authuser=0 This will also drastically simplify the list of work to be done for bug 441899 (getting rid of initializers). BUG=441988 R=bo_xu@foxitsoftware.com Review URL: https://codereview.chromium.org/802013002
2014-12-12Fix build after previous commit.chromium/2255chromium/2254chromium/2253chromium/2252chromium/2251John Abd-El-Malek
TBR=tsepez Review URL: https://codereview.chromium.org/804463003
2014-12-12Simplify PDFium by removing code that's not used in the open source repo.John Abd-El-Malek
-remove parameter from FPDF_InitLibrary -remove a bunch of ifdefs that are unused R=tsepez@chromium.org Review URL: https://codereview.chromium.org/801913002
2014-12-11m_pColorSpace can not be NULL for image object with DCTDecode filterBo Xu
BUG=411842 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/792113003
2014-12-10Do not do strict check of BitsPerComponent for RunLengthDecode filterBo Xu
BUG=438421 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/790363002
2014-12-10Lab colorspace needs to be 3 componentBo Xu
BUG=429134 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/791223002
2014-12-09Trailer should be a dictionary objectBo Xu
BUG=https://code.google.com/p/pdfium/issues/detail?id=86 a "<<" token should follow "trailer" but "<" will trick the parser to make trailer a hex string object. R=tsepez@chromium.org Review URL: https://codereview.chromium.org/787753002
2014-12-08Replace manual/error-prone/hard-to-verify arraysize calculations with safe ↵Bruce Dawson
FX_ArraySize macro. pdfium has numerous places where the number of elements in an array is calculated with expressions like: sizeof(cFormats)/sizeof(FX_LPCWSTR) This is suboptimal because it is verbose, it is easy to get wrong, and it cannot be determined through casual inspection whether the code is correct. It will give incorrect results if cFormats is a pointer instead of an array and it will give incorrect results if FX_LPCWSTR is not the type of the array elements. The FX_WSTRC macro in fx_string.h which I fixed was particularly scary because it would silently misbehave if passed a pointer. The FX_ArraySize macro which I have added and started using (taken from arraysize in v8's macros.h) is easier to use and will always give correct results. If passed a pointer it will fail to compile. For this change I only fixed instances of sizeof(FX_LPCWSTR). There appear to be about 150 other places in the pdfium code that could benefit from using FX_ArraySize. R=bo_xu@foxitsoftware.com, tsepez@chromium.org Review URL: https://codereview.chromium.org/729293003
2014-12-08Getting rid of more (FX_LPCWSTR) casts and fixing two bugs revealed by this.Bruce Dawson
Since casts to FX_LPCWSTR have been shown to hide bugs I tried removing more of them, targeting those places where a cast was used to force a conversion from CFX_WideString to FX_LPCWSTR, replacing these casts with calls to the newly added .c_str() function. This revealed two places where the cast was hiding a bug -- where ->c_str() was required instead! This removes ~33 FX_LPCWSTR casts and there are ~31 left, many of which will go away in some future change. Also includes this change: Removing unnecessary casts from wchar_t* to wchar_t*, by various names. Original patch from Bruce Dawson(brucedawson@chromium.org) R=bo_xu@foxitsoftware.com, tsepez@chromium.org Review URL: https://codereview.chromium.org/733693003
2014-12-03Cleanup: Remove an unused function.Lei Zhang
R=bo_xu@foxitsoftware.com Review URL: https://codereview.chromium.org/775903002
2014-11-24Update to openjpeg r2944Bo Xu
BUG=429139,430566,431288 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/758593002
2014-11-19Fix blank page issues caused by too strict checkchromium/2250chromium/2249chromium/2248chromium/2247chromium/2246chromium/2245chromium/2244chromium/2243chromium/2242chromium/2241chromium/2240chromium/2239chromium/2238chromium/2237Jun Fang
Before this fix, PDF parser aborts the parsering process when detecting an error. For this case, PDF parser just gives up parsering when it detects that the length of image stream is incorrect. The solution to this case is to find the tag "endstream" and "endobj" to calculate the length rather than aborting the parsering process. BUG=433339 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/743263002
2014-11-18Fixed crash on NULL de-referencing.Vitaly Buka
BUG=433992 R=bo_xu@foxitsoftware.com Review URL: https://codereview.chromium.org/733273002
2014-11-18Fixing operator so that bCheckRight isn't always true. Unknown effect!Bruce Dawson
VC++'s /analyze points out that this expression: FX_BOOL bCheckRight = type != 'D' || type != 'W';" is always true. This means that the tests for the right edge of a word Original patch from Bruce Dawson(brucedawson@chromium.org) BUG=427616 R=jun_fang@foxitsoftware.com Review URL: https://codereview.chromium.org/731673003
2014-11-18Fixing format strings to remove 'z' size specifier.Bruce Dawson
As of the 2013 version VC++ still doesn't support the 'z' size specifier. This makes portable printing of size_t types frustrating. The simplest general solution is to use %u and cast to unsigned. If there was any possibility of the numbers getting larger than 32-bit then we would need better alternatives, but there is not. This was found through code inspection, through /analyze, and through pdfium_test print this non-helpful message: Loaded, parsed and rendered zu pages. Skipped zu bad pages. I can confirm that the fix works on Windows and it should work identically on mac. This is a follow-on to change 02e6ca4c4f. R=tsepez@chromium.org Review URL: https://codereview.chromium.org/738433003
2014-11-17Removing unnecessary casts from wchar_t* to wchar_t*, by various names.Bruce Dawson
Remove casts that merely cast from wchar_t* to wchar_t*. Sometimes the types or casts are FX_LPCWSTR but the idea is the same. Excess casts can (and have) hidden bugs so removing these may prevent future problems. Original patch from Bruce Dawson(brucedawson@chromium.org) R=bo_xu@foxitsoftware.com, tsepez@chromium.org Review URL: https://codereview.chromium.org/730993002
2014-11-17Zero initialize ch to avoid possible bug - conditions are very subtle.Bruce Dawson
Whether ch and iRet are read without being initialized depends on complex preconditions and cannot be determined by looking at these function. Therefore it seems prudent to zero initialize them to avoid any risk. BUG=427616 R=bo_xu@foxitsoftware.com Review URL: https://codereview.chromium.org/727083002
2014-11-14Remove FX_LPCWSTR cast to wchar_t* literalsBo Xu
BUG=https://code.google.com/p/pdfium/issues/detail?id=78 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/726143002