Age | Commit message (Collapse) | Author |
|
The original way of detecting loops was passing a level parameter
through various functions. This missed some cases which also lead
to load type3 font char, for example, FindFont() may call
CheckType3FontMetrics() which may eventually lead to LoadChar().
The new way is to store the char loading depth, and abort when the depth
exceeds the max.
BUG=chromium:651304
Review-Url: https://codereview.chromium.org/2384853002
|
|
All the files are already excluded by the build system.
Review-Url: https://codereview.chromium.org/2387863002
|
|
Review-Url: https://codereview.chromium.org/2386433002
|
|
Restore CPDF_Dictionary default constructor.
Use it in places where reasonable in the code.
TBR=dsinclair@chromium.org
TBR=thestig@chromium.org
Review-Url: https://codereview.chromium.org/2383843002
|
|
BUG=pdfium:611
Review-Url: https://codereview.chromium.org/2384503003
|
|
BUG=pdfium:611
Review-Url: https://codereview.chromium.org/2377393002
|
|
BUG=pdfium:611
Review-Url: https://codereview.chromium.org/2382723003
|
|
BUG=pdfium:611
Review-Url: https://codereview.chromium.org/2381063002
|
|
BUG=pdfium:611
Review-Url: https://codereview.chromium.org/2383563002
|
|
BUG=pdfium:611
Review-Url: https://codereview.chromium.org/2374383003
|
|
BUG=pdfium:611
Review-Url: https://codereview.chromium.org/2376153004
|
|
BUG=pdfium:611
Review-Url: https://codereview.chromium.org/2382763002
|
|
BUG=pdfium:611
Review-Url: https://codereview.chromium.org/2383543002
|
|
BUG=pdfium:611
Review-Url: https://codereview.chromium.org/2379033002
|
|
BUG=pdfium:611
Review-Url: https://codereview.chromium.org/2375283003
|
|
BUG=pdfium:611
Review-Url: https://codereview.chromium.org/2381863003
|
|
BUG=pdfium:611
Review-Url: https://codereview.chromium.org/2374413002
|
|
BUG=pdfium:606
Review-Url: https://codereview.chromium.org/2378373002
|
|
It is not necessary. For some methods, bool can be used instead. For
some other methods, the returned boolean is never used, so they can be
void.
Review-Url: https://codereview.chromium.org/2382803002
|
|
All usage were refactored in commit 9972ff99.
Review-Url: https://codereview.chromium.org/2377203002
|
|
And fix a typo.
TBR=tsepez@chromium.org
Review-Url: https://codereview.chromium.org/2382443004
|
|
Correctly account for non-leaf Nodes that have CPDF_FormField pointers.
Review-Url: https://codereview.chromium.org/2376193002
|
|
BUG=pdfium:597
Review-Url: https://codereview.chromium.org/2345063002
|
|
These will be a replacement for CFX_CountRef in future CLs, since
CFX_CountRef is manually incremented and error-prone.
Review-Url: https://codereview.chromium.org/2377143002
|
|
Remove default arguments.
Review-Url: https://codereview.chromium.org/2380753003
|
|
This reverts commit fe0179ded8202939ea4f2b92a879b8dede7821ea.
This is blocking incremental revision, will try again.
Review-Url: https://codereview.chromium.org/2377033003
|
|
Review-Url: https://codereview.chromium.org/2372423002
|
|
File was left behind when CPDF_GeneralStateData became
CPDF_GeneralState::StateData internal class.
Review-Url: https://codereview.chromium.org/2377843002
|
|
Review-Url: https://codereview.chromium.org/2357173005
|
|
The buffer PixelWeight.m_Weights was allocated by calling FX_TryAlloc(uint8_t, m_dwWeightTablesSize),
but PixelWeight.m_Weights was an int array. Thus bounds check such as |if (idx >= m_dwWeightTablesSize)|
in function CWeightTable::Calc() and |idx < m_dwWeightTablesSize ? &pWeight->m_Weights[idx] : nullptr|
in function CWeightTable::GetValueFromPixelWeight() were insufficient.
This CL strengthens bounds check for accessing int type array PixelWeight.m_Weights.
BUG=chromium:619398
R=ochang@chromium.org, thestig@chromium.org
Review-Url: https://codereview.chromium.org/2322903002
|
|
found by libfuzzer
Review-Url: https://codereview.chromium.org/2366143002
|
|
In all cases, bool can be used instead without problems.
Review-Url: https://codereview.chromium.org/2368693002
|
|
Remove C-casts, nits.
Review-Url: https://codereview.chromium.org/2367743003
|
|
The change at 5b7c9bb differed from the original code in
that a pre-existing object would now be freed, which showed
that a collision could be possible if m_LastObjNum overflowed.
BUG=649206
Review-Url: https://codereview.chromium.org/2361303002
|
|
BUG=648935,649436
Review-Url: https://codereview.chromium.org/2360283004
|
|
Review-Url: https://codereview.chromium.org/2364643003
|
|
Specialize default_delete to avoid having to say
ReleaseDeleter<CPDF_ColorSpace> throughout the code.
Review-Url: https://codereview.chromium.org/2368433003
|
|
This better describes its purpose, and reduces confusion
with the CFX_CountRef class, which is unrelated.
The WeakPtr class itself that manipulates handles is NYI.
Review-Url: https://codereview.chromium.org/2366673003
|
|
This gives additional protection in case of re-entry. Also
make CFX_CountRef more robust in face of errors.
BUG=649229
Review-Url: https://codereview.chromium.org/2364673002
|
|
Also, it's idempotent, so simplify some logic in callers to
not care if objnum is zero.
The alternate forms are rarely used, using the objnum form
makes it clear that SetReferenceFor() can't possibly register
the object as a side-effect.
Review-Url: https://codereview.chromium.org/2361713002
|
|
Review-Url: https://codereview.chromium.org/2358243002
|
|
The old SetParam() method had "maybe take ownership" semanitcs
based upon the type argument.
Make GetParam() handle the None case and simplify callers
based upon that behaviour.
Review-Url: https://codereview.chromium.org/2358043003
|
|
Given a large enough value for the character code it's possible to overflow
the conversion to an int. This Cl updates the code to guard against overflow.
BUG=chromium:648739
Review-Url: https://codereview.chromium.org/2358023002
|
|
Review-Url: https://codereview.chromium.org/2353383002
|
|
Review-Url: https://codereview.chromium.org/2356603003
|
|
and in CPDF_CMapParser
Review-Url: https://codereview.chromium.org/2353963003
|
|
Review-Url: https://codereview.chromium.org/2353143002
|
|
We remove the indirect object holder argument and check that
call sites pass ownable objects, adding a reference in one
place that always was passing an indirect object.
Also check that the invariant isn't violated, we need to fail
here in the wild and investigate -- these are existing UAFs.
Review-Url: https://codereview.chromium.org/2355083002
|
|
Remove CPDF_Creator and CPDF_Parser as friends of CPDF_Document. Move all
member variables to the private section, and add CPDF_TestDocument as a
private friend.
Review-Url: https://codereview.chromium.org/2349353003
|
|
Remove friendship as there doesn't appear to be anything protected that is
being accessed by CPDF_OCContext.
Review-Url: https://codereview.chromium.org/2355823002
|