summaryrefslogtreecommitdiff
path: root/core
AgeCommit message (Collapse)Author
2016-10-04Fix ownership when making a private annot dictionary into a shared one.tsepez
There's no way to take ownership back from the CPDF_Array without deleting the object, so add a new primitive to make elements become indirect rather than manipulating them outside the class. This should solve the ASSERT(objnum == 0) issue that blocked the previous roll. Review-Url: https://codereview.chromium.org/2391883003
2016-10-04Avoid crashing on CPDF_ToUnicodeMap::Load by using ValueOrDefault()npm
- Added private method to avoid duplicated code. - If the unicode calculation overflows, 0 is used instead of crashing. Review-Url: https://codereview.chromium.org/2392103002
2016-10-04Move core/fpdfapi/fpdf_render to core/fpdfapi/renderdsinclair
BUG=pdfium:603 Review-Url: https://codereview.chromium.org/2393593002
2016-10-04Move core/fpdfapi/fpdf_parser to core/fpdfapi/parserdsinclair
BUG=pdfium:603 Review-Url: https://codereview.chromium.org/2392603004
2016-10-04Move core/fpdfapi/fpdf_page to core/fpdfapi/pagedsinclair
BUG=pdfium:603 Review-Url: https://codereview.chromium.org/2386423004
2016-10-04Move core/fpdfapi/fpdf_font to core/fpdfapi/fontdsinclair
BUG=pdfium:603 Review-Url: https://codereview.chromium.org/2392773003
2016-10-04Move core/fpdfapi/fpdf_edit to core/fpdfapi/editdsinclair
BUG=pdfium:603 Review-Url: https://codereview.chromium.org/2386263003
2016-10-04Move core/fpdfapi/fpdf_cmaps to core/fpdfapi/cmapsdsinclair
BUG=pdfium:603 Review-Url: https://codereview.chromium.org/2391013002
2016-10-04Use FX_SAFE_UINT32 on CPDF_ToUnicodeMap::Loadnpm
m_Map maps to unsigned integer, but m_MultiCharBuf.GetLength() returns an integer. There will be integer overflow if the length is big, and UBSAN will complain. Thus, using FX_SAFE_UINT32. Replacing with uint32 would work as well: the point is to consider the length as uint instead of int. BUG=chromium:652232 Review-Url: https://codereview.chromium.org/2393573002
2016-10-04update skia to latest sourcescaryclark
Update clip to use intersect verb from canvas. R=dsinclair@chromium.org Review-Url: https://codereview.chromium.org/2384283002
2016-10-03Revert of Assert that only 0-numbered objects are Released() (patchset #7 ↵thestig
id:120001 of https://codereview.chromium.org/2375343004/ ) Reason for revert: Broke PDFExtensionTest when rolling DEPS in Chromium. Original issue's description: > Assert that only 0-numbered objects are Released() > > This condition holds because numbered objects are brute-force > deleted by the indirect object holder, rather than being > released. > > Be careful about recursive deletion, check before advancing, > since we no longer count on Release() doing this for us. > Fix a few tests where the test was violating ownership rules. > > This should be the last step before completely removing Release() > in favor of direct delete everywhere. > > Committed: https://pdfium.googlesource.com/pdfium/+/aba528a362248a54b27a7e9e046e2b65ab83f624 TBR=tsepez@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true Review-Url: https://codereview.chromium.org/2387193003
2016-10-03Assert that only 0-numbered objects are Released()tsepez
This condition holds because numbered objects are brute-force deleted by the indirect object holder, rather than being released. Be careful about recursive deletion, check before advancing, since we no longer count on Release() doing this for us. Fix a few tests where the test was violating ownership rules. This should be the last step before completely removing Release() in favor of direct delete everywhere. Review-Url: https://codereview.chromium.org/2375343004
2016-10-03Add ptr_util.h from base until std::make_unique<> availabletsepez
Review-Url: https://codereview.chromium.org/2386273004
2016-10-03Rename CFX_WeakPtr::Clear() to DestroyObject()tsepez
|Clear| is too easily mistaken for "clear this pointer only." Review-Url: https://codereview.chromium.org/2385303002
2016-10-03Detect resursive loading of type3 font char to avoid infinite loopweili
The original way of detecting loops was passing a level parameter through various functions. This missed some cases which also lead to load type3 font char, for example, FindFont() may call CheckType3FontMetrics() which may eventually lead to LoadChar(). The new way is to store the char loading depth, and abort when the depth exceeds the max. BUG=chromium:651304 Review-Url: https://codereview.chromium.org/2384853002
2016-10-03Remove _FX_OS_ checks in core/fxge/win32/.thestig
All the files are already excluded by the build system. Review-Url: https://codereview.chromium.org/2387863002
2016-09-30Move CPDF_Reference::SafeGetDirect() out of the header.chromium/2879chromium/2878thestig
Review-Url: https://codereview.chromium.org/2386433002
2016-09-30Fix build of pdf_hint_table_fuzzer.chromium/2877tsepez
Restore CPDF_Dictionary default constructor. Use it in places where reasonable in the code. TBR=dsinclair@chromium.org TBR=thestig@chromium.org Review-Url: https://codereview.chromium.org/2383843002
2016-09-29Move fpdfsdk/include to fpdfsdkdsinclair
BUG=pdfium:611 Review-Url: https://codereview.chromium.org/2384503003
2016-09-29Move core/fxge/include to core/fxgedsinclair
BUG=pdfium:611 Review-Url: https://codereview.chromium.org/2377393002
2016-09-29Move core/fxcrt/include to core/fxcrtdsinclair
BUG=pdfium:611 Review-Url: https://codereview.chromium.org/2382723003
2016-09-29Move core/fxcodec/codec/include and core/fxcodec/include files updsinclair
BUG=pdfium:611 Review-Url: https://codereview.chromium.org/2381063002
2016-09-29Move core/fpdftext/include to core/fpdftextdsinclair
BUG=pdfium:611 Review-Url: https://codereview.chromium.org/2383563002
2016-09-29Move core/fpdfdoc/include to core/fpdfdocdsinclair
BUG=pdfium:611 Review-Url: https://codereview.chromium.org/2374383003
2016-09-29Move core/fpdfapi/include to core/fpdfapidsinclair
BUG=pdfium:611 Review-Url: https://codereview.chromium.org/2376153004
2016-09-29Move core/fpdfapi/fpdf_render/include to core/fpdfapi/fpdf_renderdsinclair
BUG=pdfium:611 Review-Url: https://codereview.chromium.org/2382763002
2016-09-29Move core/fpdfapi/fpdf_parser/include to core/fpdfapi/fpdf_parserdsinclair
BUG=pdfium:611 Review-Url: https://codereview.chromium.org/2383543002
2016-09-29Move core/fpdfapi/fpdf_page/include to core/fpdfapi/fpdf_pagedsinclair
BUG=pdfium:611 Review-Url: https://codereview.chromium.org/2379033002
2016-09-29Move core/fpdfapi/fpdf_font/include to core/fpdfapi/fpdf_fontdsinclair
BUG=pdfium:611 Review-Url: https://codereview.chromium.org/2375283003
2016-09-29Move core/fpdfapi/fpdf_edit/include to core/fpdfapi/fpdf_editdsinclair
BUG=pdfium:611 Review-Url: https://codereview.chromium.org/2381863003
2016-09-29Move core/fdrm/crypto/include to core/fdrm/cryptodsinclair
BUG=pdfium:611 Review-Url: https://codereview.chromium.org/2374413002
2016-09-29Check for negative page size in FindTextlineFlowOrientation()thestig
BUG=pdfium:606 Review-Url: https://codereview.chromium.org/2378373002
2016-09-29Remove FX_BOOL from font_int.hnpm
It is not necessary. For some methods, bool can be used instead. For some other methods, the returned boolean is never used, so they can be void. Review-Url: https://codereview.chromium.org/2382803002
2016-09-29Remove unused CFX_AutoFontCachethestig
All usage were refactored in commit 9972ff99. Review-Url: https://codereview.chromium.org/2377203002
2016-09-28Replace a few more std::unique_ptr.reset() with WrapUnique assignments.thestig
And fix a typo. TBR=tsepez@chromium.org Review-Url: https://codereview.chromium.org/2382443004
2016-09-28Fix leaks in CFieldTree::Node.thestig
Correctly account for non-leaf Nodes that have CPDF_FormField pointers. Review-Url: https://codereview.chromium.org/2376193002
2016-09-28Use string pools in some dictionaries, names, and strings.tsepez
BUG=pdfium:597 Review-Url: https://codereview.chromium.org/2345063002
2016-09-28Implement weak pointerschromium/2876chromium/2875tsepez
These will be a replacement for CFX_CountRef in future CLs, since CFX_CountRef is manually incremented and error-prone. Review-Url: https://codereview.chromium.org/2377143002
2016-09-28Remove dead code from CPDF_InterForm.thestig
Remove default arguments. Review-Url: https://codereview.chromium.org/2380753003
2016-09-28Revert "Rename CPDF_CountedObject to CFX_WeakPtr::Handle"tsepez
This reverts commit fe0179ded8202939ea4f2b92a879b8dede7821ea. This is blocking incremental revision, will try again. Review-Url: https://codereview.chromium.org/2377033003
2016-09-28Made CFieldTree::Node a class.thestig
Review-Url: https://codereview.chromium.org/2372423002
2016-09-27Remove unused cpdf_generalstatedata.htsepez
File was left behind when CPDF_GeneralStateData became CPDF_GeneralState::StateData internal class. Review-Url: https://codereview.chromium.org/2377843002
2016-09-26Clean up fx_codec_fax.cpp.thestig
Review-Url: https://codereview.chromium.org/2357173005
2016-09-26Strengthen bounds check in CWeightTable::Calc.stackexploit
The buffer PixelWeight.m_Weights was allocated by calling FX_TryAlloc(uint8_t, m_dwWeightTablesSize), but PixelWeight.m_Weights was an int array. Thus bounds check such as |if (idx >= m_dwWeightTablesSize)| in function CWeightTable::Calc() and |idx < m_dwWeightTablesSize ? &pWeight->m_Weights[idx] : nullptr| in function CWeightTable::GetValueFromPixelWeight() were insufficient. This CL strengthens bounds check for accessing int type array PixelWeight.m_Weights. BUG=chromium:619398 R=ochang@chromium.org, thestig@chromium.org Review-Url: https://codereview.chromium.org/2322903002
2016-09-26Fix memory leak in cmap parsingkcwu
found by libfuzzer Review-Url: https://codereview.chromium.org/2366143002
2016-09-23Remove FX_BOOL from cpdf_fontchromium/2872chromium/2871chromium/2870npm
In all cases, bool can be used instead without problems. Review-Url: https://codereview.chromium.org/2368693002
2016-09-23Clean CPDF_CIDFont a littlenpm
Remove C-casts, nits. Review-Url: https://codereview.chromium.org/2367743003
2016-09-23Avoid collisions in CPDF_IndirectObjectHolder::AddIndirectObject()tsepez
The change at 5b7c9bb differed from the original code in that a pre-existing object would now be freed, which showed that a collision could be possible if m_LastObjNum overflowed. BUG=649206 Review-Url: https://codereview.chromium.org/2361303002
2016-09-23Bail out on bad width and height in CCodec_FaxDecoder::CreateDecoderkcwu
BUG=648935,649436 Review-Url: https://codereview.chromium.org/2360283004
2016-09-23Make CPDF_Font::Create() return a std::unique_ptr.tsepez
Review-Url: https://codereview.chromium.org/2364643003