summaryrefslogtreecommitdiff
path: root/core
AgeCommit message (Collapse)Author
2016-10-03Detect resursive loading of type3 font char to avoid infinite loopweili
The original way of detecting loops was passing a level parameter through various functions. This missed some cases which also lead to load type3 font char, for example, FindFont() may call CheckType3FontMetrics() which may eventually lead to LoadChar(). The new way is to store the char loading depth, and abort when the depth exceeds the max. BUG=chromium:651304 Review-Url: https://codereview.chromium.org/2384853002
2016-10-03Remove _FX_OS_ checks in core/fxge/win32/.thestig
All the files are already excluded by the build system. Review-Url: https://codereview.chromium.org/2387863002
2016-09-30Move CPDF_Reference::SafeGetDirect() out of the header.chromium/2879chromium/2878thestig
Review-Url: https://codereview.chromium.org/2386433002
2016-09-30Fix build of pdf_hint_table_fuzzer.chromium/2877tsepez
Restore CPDF_Dictionary default constructor. Use it in places where reasonable in the code. TBR=dsinclair@chromium.org TBR=thestig@chromium.org Review-Url: https://codereview.chromium.org/2383843002
2016-09-29Move fpdfsdk/include to fpdfsdkdsinclair
BUG=pdfium:611 Review-Url: https://codereview.chromium.org/2384503003
2016-09-29Move core/fxge/include to core/fxgedsinclair
BUG=pdfium:611 Review-Url: https://codereview.chromium.org/2377393002
2016-09-29Move core/fxcrt/include to core/fxcrtdsinclair
BUG=pdfium:611 Review-Url: https://codereview.chromium.org/2382723003
2016-09-29Move core/fxcodec/codec/include and core/fxcodec/include files updsinclair
BUG=pdfium:611 Review-Url: https://codereview.chromium.org/2381063002
2016-09-29Move core/fpdftext/include to core/fpdftextdsinclair
BUG=pdfium:611 Review-Url: https://codereview.chromium.org/2383563002
2016-09-29Move core/fpdfdoc/include to core/fpdfdocdsinclair
BUG=pdfium:611 Review-Url: https://codereview.chromium.org/2374383003
2016-09-29Move core/fpdfapi/include to core/fpdfapidsinclair
BUG=pdfium:611 Review-Url: https://codereview.chromium.org/2376153004
2016-09-29Move core/fpdfapi/fpdf_render/include to core/fpdfapi/fpdf_renderdsinclair
BUG=pdfium:611 Review-Url: https://codereview.chromium.org/2382763002
2016-09-29Move core/fpdfapi/fpdf_parser/include to core/fpdfapi/fpdf_parserdsinclair
BUG=pdfium:611 Review-Url: https://codereview.chromium.org/2383543002
2016-09-29Move core/fpdfapi/fpdf_page/include to core/fpdfapi/fpdf_pagedsinclair
BUG=pdfium:611 Review-Url: https://codereview.chromium.org/2379033002
2016-09-29Move core/fpdfapi/fpdf_font/include to core/fpdfapi/fpdf_fontdsinclair
BUG=pdfium:611 Review-Url: https://codereview.chromium.org/2375283003
2016-09-29Move core/fpdfapi/fpdf_edit/include to core/fpdfapi/fpdf_editdsinclair
BUG=pdfium:611 Review-Url: https://codereview.chromium.org/2381863003
2016-09-29Move core/fdrm/crypto/include to core/fdrm/cryptodsinclair
BUG=pdfium:611 Review-Url: https://codereview.chromium.org/2374413002
2016-09-29Check for negative page size in FindTextlineFlowOrientation()thestig
BUG=pdfium:606 Review-Url: https://codereview.chromium.org/2378373002
2016-09-29Remove FX_BOOL from font_int.hnpm
It is not necessary. For some methods, bool can be used instead. For some other methods, the returned boolean is never used, so they can be void. Review-Url: https://codereview.chromium.org/2382803002
2016-09-29Remove unused CFX_AutoFontCachethestig
All usage were refactored in commit 9972ff99. Review-Url: https://codereview.chromium.org/2377203002
2016-09-28Replace a few more std::unique_ptr.reset() with WrapUnique assignments.thestig
And fix a typo. TBR=tsepez@chromium.org Review-Url: https://codereview.chromium.org/2382443004
2016-09-28Fix leaks in CFieldTree::Node.thestig
Correctly account for non-leaf Nodes that have CPDF_FormField pointers. Review-Url: https://codereview.chromium.org/2376193002
2016-09-28Use string pools in some dictionaries, names, and strings.tsepez
BUG=pdfium:597 Review-Url: https://codereview.chromium.org/2345063002
2016-09-28Implement weak pointerschromium/2876chromium/2875tsepez
These will be a replacement for CFX_CountRef in future CLs, since CFX_CountRef is manually incremented and error-prone. Review-Url: https://codereview.chromium.org/2377143002
2016-09-28Remove dead code from CPDF_InterForm.thestig
Remove default arguments. Review-Url: https://codereview.chromium.org/2380753003
2016-09-28Revert "Rename CPDF_CountedObject to CFX_WeakPtr::Handle"tsepez
This reverts commit fe0179ded8202939ea4f2b92a879b8dede7821ea. This is blocking incremental revision, will try again. Review-Url: https://codereview.chromium.org/2377033003
2016-09-28Made CFieldTree::Node a class.thestig
Review-Url: https://codereview.chromium.org/2372423002
2016-09-27Remove unused cpdf_generalstatedata.htsepez
File was left behind when CPDF_GeneralStateData became CPDF_GeneralState::StateData internal class. Review-Url: https://codereview.chromium.org/2377843002
2016-09-26Clean up fx_codec_fax.cpp.thestig
Review-Url: https://codereview.chromium.org/2357173005
2016-09-26Strengthen bounds check in CWeightTable::Calc.stackexploit
The buffer PixelWeight.m_Weights was allocated by calling FX_TryAlloc(uint8_t, m_dwWeightTablesSize), but PixelWeight.m_Weights was an int array. Thus bounds check such as |if (idx >= m_dwWeightTablesSize)| in function CWeightTable::Calc() and |idx < m_dwWeightTablesSize ? &pWeight->m_Weights[idx] : nullptr| in function CWeightTable::GetValueFromPixelWeight() were insufficient. This CL strengthens bounds check for accessing int type array PixelWeight.m_Weights. BUG=chromium:619398 R=ochang@chromium.org, thestig@chromium.org Review-Url: https://codereview.chromium.org/2322903002
2016-09-26Fix memory leak in cmap parsingkcwu
found by libfuzzer Review-Url: https://codereview.chromium.org/2366143002
2016-09-23Remove FX_BOOL from cpdf_fontchromium/2872chromium/2871chromium/2870npm
In all cases, bool can be used instead without problems. Review-Url: https://codereview.chromium.org/2368693002
2016-09-23Clean CPDF_CIDFont a littlenpm
Remove C-casts, nits. Review-Url: https://codereview.chromium.org/2367743003
2016-09-23Avoid collisions in CPDF_IndirectObjectHolder::AddIndirectObject()tsepez
The change at 5b7c9bb differed from the original code in that a pre-existing object would now be freed, which showed that a collision could be possible if m_LastObjNum overflowed. BUG=649206 Review-Url: https://codereview.chromium.org/2361303002
2016-09-23Bail out on bad width and height in CCodec_FaxDecoder::CreateDecoderkcwu
BUG=648935,649436 Review-Url: https://codereview.chromium.org/2360283004
2016-09-23Make CPDF_Font::Create() return a std::unique_ptr.tsepez
Review-Url: https://codereview.chromium.org/2364643003
2016-09-22Make CPDF_ColorSpace::Load() return a unique_ptrtsepez
Specialize default_delete to avoid having to say ReleaseDeleter<CPDF_ColorSpace> throughout the code. Review-Url: https://codereview.chromium.org/2368433003
2016-09-22Rename CPDF_CountedObject to CFX_WeakPtr::Handlechromium/2869tsepez
This better describes its purpose, and reduces confusion with the CFX_CountRef class, which is unrelated. The WeakPtr class itself that manipulates handles is NYI. Review-Url: https://codereview.chromium.org/2366673003
2016-09-22Null CPDF_CountedObj::m_pObj prior to deletiontsepez
This gives additional protection in case of re-entry. Also make CFX_CountRef more robust in face of errors. BUG=649229 Review-Url: https://codereview.chromium.org/2364673002
2016-09-21Remove some objnum locals with AddIndirectObjecttsepez
Also, it's idempotent, so simplify some logic in callers to not care if objnum is zero. The alternate forms are rarely used, using the objnum form makes it clear that SetReferenceFor() can't possibly register the object as a side-effect. Review-Url: https://codereview.chromium.org/2361713002
2016-09-21Use unique_ptr<CPDF_Object, ReleaseDeleter<>> in more placeschromium/2868tsepez
Review-Url: https://codereview.chromium.org/2358243002
2016-09-21Make ownership explicit in CPDF_ContentMarkItem.tsepez
The old SetParam() method had "maybe take ownership" semanitcs based upon the type argument. Make GetParam() handle the None case and simplify callers based upon that behaviour. Review-Url: https://codereview.chromium.org/2358043003
2016-09-21Check for overflow in CMap_GetCode.dsinclair
Given a large enough value for the character code it's possible to overflow the conversion to an int. This Cl updates the code to guard against overflow. BUG=chromium:648739 Review-Url: https://codereview.chromium.org/2358023002
2016-09-21Delete unused methods in CPDF_Parsernpm
Review-Url: https://codereview.chromium.org/2353383002
2016-09-20Change protected to private in CPDF_CID2UnicodeMap and CPDF_ToUnicodeMapchromium/2867npm
Review-Url: https://codereview.chromium.org/2356603003
2016-09-20Delete unused methods and variables in CPDF_CMapManagernpm
and in CPDF_CMapParser Review-Url: https://codereview.chromium.org/2353963003
2016-09-20Delete unused GetBitMap() in fx_agg_drivernpm
Review-Url: https://codereview.chromium.org/2353143002
2016-09-20Make CPDF_Array not do indirect object creation.tsepez
We remove the indirect object holder argument and check that call sites pass ownable objects, adding a reference in one place that always was passing an indirect object. Also check that the invariant isn't violated, we need to fail here in the wild and investigate -- these are existing UAFs. Review-Url: https://codereview.chromium.org/2355083002
2016-09-20CPDF_Document friend cleanupdsinclair
Remove CPDF_Creator and CPDF_Parser as friends of CPDF_Document. Move all member variables to the private section, and add CPDF_TestDocument as a private friend. Review-Url: https://codereview.chromium.org/2349353003
2016-09-20CPDF_OCContext and CPDF_Document are no longer friendsdsinclair
Remove friendship as there doesn't appear to be anything protected that is being accessed by CPDF_OCContext. Review-Url: https://codereview.chromium.org/2355823002