summaryrefslogtreecommitdiff
path: root/core
AgeCommit message (Collapse)Author
2016-08-12fix 617135hong_zhang
to fix bug 617135 617135 described an exploit against pdfium using a malformed gif. This fix introduced a couple edge case handling lines to address the OOB issue. BUG= 617135 Review-Url: https://codereview.chromium.org/2230683002
2016-08-12Make g_LinuxGpFontList be a 2D char array.npm
Review-Url: https://codereview.chromium.org/2240863002
2016-08-11Fix an integer overflow in CStretchEngine constructorweili
When the source bitmap's width and height are large, the multiplication could easily overflow a signed integer. Change to use 'long long' type for calculation to avoid that. BUG=chromium:635663 Review-Url: https://codereview.chromium.org/2240723002
2016-08-11Clean up cfx_fontmapper a littlenpm
Added methods to reduce duplicated code Nit fixes Review-Url: https://codereview.chromium.org/2239703003
2016-08-11Relax a check in CPDF_HintTables.thestig
CPDF_HintTables::ReadSharedObjHintTable() unnecessarily constraints a FX_FILESIZE value to an int32_t. Relax this check, since the result will be stored in |m_szSharedObjOffsetArray| which is of FX_FILESIZE. Bad values in |m_szSharedObjOffsetArray| will still cause hint table loading to eventually fail. BUG=635565 Review-Url: https://codereview.chromium.org/2230883003
2016-08-10Minor cleanup of fpdf_cmapsdsinclair
Cleanup some dead code and c-style casts. Review-Url: https://codereview.chromium.org/2235743003
2016-08-10Clean up CPDF_HintTables::LoadHintStream a little.thestig
- Return earlier when possible. - Fail rather than crash on invalid values. Review-Url: https://codereview.chromium.org/2235843002
2016-08-10Move CFX_RenderDevice, CFX_FxgeDevice, and CFX_GraphStateData into their own ↵npm
files. This is the third CL to separate fx_ge into classes, one per file. All fx_ge.h includes had to be replaced with new includes The method definitions for CFX_FxgeDevice were not moved to a single file. These methods are defined in two folders different from fxge/ge, so they were left untouched for now. Review-Url: https://codereview.chromium.org/2223213002
2016-08-09Fix a leak with FPDFPageObj_NewImgeObj().thestig
BUG=pdfium:545 Review-Url: https://codereview.chromium.org/2194393002
2016-08-09Generate default AP stream for ink annotation.jaepark
This patch generates a default AP stream for ink annotation so that ink annotations without AP stream can be displayed. Also, roll DEPS for testing/corpus to 4119f8e to test ink annotations. BUG=62625 Review-Url: https://codereview.chromium.org/2232553002
2016-08-09Fix typos of the word outer.thestig
Review-Url: https://codereview.chromium.org/2226003003
2016-08-09Generate default AP stream for circle annotation.jaepark
This patch generates a default AP stream for circle annotation so that circle annotations without AP stream can be displayed. Also, roll DEPS for testing/corpus to 71d1f22 to test circle annotations. BUG=62625 Review-Url: https://codereview.chromium.org/2228093002
2016-08-09Generate default AP stream for square annotation.jaepark
This patch generates a default AP stream for square annotation so that square annotations without AP stream can be displayed. Also, roll DEPS for testing/corpus to 7f07c22 to test square annotations. BUG=62625 Review-Url: https://codereview.chromium.org/2219683002
2016-08-09Fixup various overflow conditionsdsinclair
There were several overflows detected by the PDF from the linked bug. This Cl fixes up the base causes of each of them. BUG=chromium:635473 Review-Url: https://codereview.chromium.org/2226023002
2016-08-08Add CPDF_Array::IsEmpty().jaepark
Using IsEmpty() is more readable than using GetCount() == 0. Review-Url: https://codereview.chromium.org/2226113002
2016-08-08Check if image width or height are zero before proceeding.dsinclair
If the width of the CJBig2_Image is set to 0 then the stride_pixels will be zero and when we divide we'll get a floating point exception. If the width or height are zero then we can exit early without proceeding with the rest of the constructor. BUG=chromium:635008 Review-Url: https://codereview.chromium.org/2222843004
2016-08-08Move CFX_ClipRgn and CFX_PathData into their own files.npm
This is the second CL in an attempt to split up the classes in fxge/include/fx_ge.h into their own files. CFX_ClipRgn is moved to core/fxge/ge because it is only used in core/fxge. The header for CFX_PathData is left in core/fxge/include since it is used elsewhere. Review-Url: https://codereview.chromium.org/2216853004
2016-08-05Add CPDF_ImageObject::GetImage().thestig
And use it where appropriate. Review-Url: https://codereview.chromium.org/2224623002
2016-08-04Move CFX_GEModule into its own filenpm
This is the first CL in an attempt to split up the classes in fxge/include/fx_ge.h into their own files. Review-Url: https://codereview.chromium.org/2217663002
2016-08-04Remove unnecessary casting in CPVT_GenerateAP.jaepark
Since CFX_BinaryBuf::GetBuffer() returns uint8_t*, casting to uint8_t* is unnecessary. Review-Url: https://codereview.chromium.org/2218633002
2016-08-04Clean up fx_ge_linux.cpp a little.thestig
Review-Url: https://codereview.chromium.org/2218433002
2016-08-04Add bounds checks to CWeightTable::Calc() and friends.thestig
BUG=624514 Review-Url: https://codereview.chromium.org/2204773003
2016-08-03Generate default AP stream for squiggly annotation.jaepark
This patch generates a default AP stream for squiggly annotation so that squiggly annotations without AP stream can be displayed. Also, roll DEPS for testing/corpus to a89e4fb to test squiggly annotations. BUG=62625 Review-Url: https://codereview.chromium.org/2206773004
2016-08-02Generate default AP stream for strike out annotation.jaepark
This patch generates a default AP stream for strike out annotation so that strike out annotations without AP stream can be displayed. Also, roll DEPS for testing/corpus to ddc1938 to test strike out annotations. BUG=62625 Review-Url: https://codereview.chromium.org/2206083002
2016-08-02Generate default AP stream for underline annotation.jaepark
This patch generates a default AP stream for underline annotation so that underline annotations without AP stream can be displayed. Also, roll DEPS for testing/corpus to cae29d1 to test underline annotations. BUG=62625 Review-Url: https://codereview.chromium.org/2205543002
2016-08-02Splitting fpdfdoc/doc_* part III.dsinclair
This CL cleans up the remaining doc_* files, splitting into .h and .pp files as needed. Review-Url: https://codereview.chromium.org/2190983002
2016-08-02Bound total pixels in JBig2 images to avoid overflows later.tsepez
Also make these private to ensure they aren't modified so as to violate the bounds checks applied at creation time. BUG=633002 Review-Url: https://codereview.chromium.org/2202013002
2016-08-02Verify row bytes before alloc in BMP codec.dsinclair
If the out_row_bytes is negative the alloc will fail. Verify the size before alloc and bail if it's negative. BUG=633381 Review-Url: https://codereview.chromium.org/2202283003
2016-08-02Use PaintOperation instead of bFillOrStroke in CPVT_GenerateAP.jaepark
Also, use PaintOperation instead of bStrokingOperation in CPDF_DefaultAppearance. Review-Url: https://codereview.chromium.org/2197353002
2016-08-02Splitting fpdfdoc/doc_* part II.dsinclair
This splits the doc_ocg, doc_vt and doc_basic files into individual class files. Review-Url: https://codereview.chromium.org/2187073005
2016-08-02Fix Jbig2 document context creation by checking proper pointerweili
The pointer a unique_ptr contains should be checked instead of the pointer of the unique_ptr itself. BUG=chromium:631912 Review-Url: https://codereview.chromium.org/2205573004
2016-08-02Splitting fpdfdoc/doc_* part Idsinclair
The first of several CLs to split the core/fpdfdoc/doc_* files up to individual class files. Review-Url: https://codereview.chromium.org/2192823002
2016-08-02Fixup crypto key generation.dsinclair
This CL fixes up the crypto key copying code to better handle big endian machines. BUG=pdfium:147 Review-Url: https://codereview.chromium.org/2190123002
2016-08-01Support PDF highlight annotation with opacity.jaepark
BUG=62625 Review-Url: https://codereview.chromium.org/2202063002
2016-07-29Generate default AP stream for highlight annotation.jaepark
This patch generates a default AP stream for highlight annotation so that highlight annotations without AP stream can be displayed. BUG=62625 Review-Url: https://codereview.chromium.org/2193983002
2016-07-29Simplify some FPDF edit functions.thestig
Fix an unlikely memory leak in FPDFPage_InsertObject(). BUG=pdfium:545 Review-Url: https://codereview.chromium.org/2195643002
2016-07-29Use bool instead of FX_BOOL as return values in CPVT_GenerateAP.jaepark
Review-Url: https://codereview.chromium.org/2196903002
2016-07-29Refactor fxge/fx_apple and fx_win header filesnpm
- Renamed header for CFX_QuartzDevice class - Removed unused class CFX_WinBitmapDevice - Split remaining fx_ge_win32 header Review-Url: https://codereview.chromium.org/2197513004
2016-07-29Fix a FPE in CStretchEngine::StartStretchHorz().thestig
Do some cleanup in the process. BUG=629839 Review-Url: https://codereview.chromium.org/2190283003
2016-07-29Cleanup CPDF_DocPageData release methods and callers.thestig
Review-Url: https://codereview.chromium.org/2194853002
2016-07-28Remove the document tagged code as it is unused.dsinclair
The fpdf_tagged.h, tagged_int.h and doc_tagged.cpp code is currently unused and can be removed. Review-Url: https://codereview.chromium.org/2188213002
2016-07-28Split fpdfdoc/include/fpdf_doc.h into individual classes.dsinclair
This CL splits the header file apart. The cpp files are not touched as part of this CL, they will be done as a followup. This de-duplicates the fpdf_doc.h BUG=pdfium:249 Review-Url: https://codereview.chromium.org/2183313004
2016-07-28fix text matrix againcaryclark
The text matrix for Skia is still wrong. The last fix allowed text to draw correctly when rotated, but did not draw correctly when skewed. With this edit, text draws correctly rotated, skewed horizontally, skewed vertically, and rotated and skewed. R=dsinclair@chromium.org Review-Url: https://codereview.chromium.org/2189093002
2016-07-27Fixup integer conversion logic.chromium/2813chromium/2812chromium/2811dsinclair
In bc8a64029f898286c3dcad3a6cecdc98ef30b139 we updated the FX_atonum logic to correctly handle integer overflow. This causes issues when parsing the Permissions flag of encrypted documents as that flag isn't encoded like other numbers. The Permissions flag is a unsigned value, and has to be treated as such since the sign bit is always set. The current logic will detect an overflow of the int value and return 0. The old logic would have detected the overflow and returned the negative result regardless. This CL updates the logic to do the string to int conversion as a uint32_t and then verifies the uint32_t value, if a sign was provided, fits within the int range, otherwise it converts it to an int and lets it be positive or negative as needed. BUG=pdfium:539 Review-Url: https://codereview.chromium.org/2168173002
2016-07-27Splitting fx_ge_fontmap.cppnpm
Move CFX_FolderFontInfo, CFX_FontMgr, and CFX_FontMapper into their own classes. There are namespaces in each of the new files, having methods from the original namespace in fx_ge_fontmap, according to what each class needs. Review-Url: https://codereview.chromium.org/2185533006
2016-07-26Use smart pointer for CPDF_Form in CPDF_Annot.jaepark
CPDF_Annot owns CPDF_Form, so use std::unique_ptr for memory management. BUG=pdfium:518 Review-Url: https://codereview.chromium.org/2189463003
2016-07-26Remove unused m_bFirstLayer in CPDF_RenderContext.jaepark
Review-Url: https://codereview.chromium.org/2183933002
2016-07-25Remove FX_FONTCACHE_DEFINEtsepez
This macro isn't buying us anything and reduces transparency. Review-Url: https://codereview.chromium.org/2179953002
2016-07-25fix text rotation for skiacaryclark
My initial guess for text rotation worked for scaled but not skewed or rotated. R=dsinclair@chromium.org,reed@google.com Review-Url: https://codereview.chromium.org/2178623002
2016-07-25Use smart pointers for CFX_Font and CFX_Type3Font classesweili
For the class owned member variables, use std::unique_ptr or std::vector for memory management. BUG=pdfium:518 Review-Url: https://codereview.chromium.org/2169793002