summaryrefslogtreecommitdiff
path: root/core
AgeCommit message (Collapse)Author
2017-02-13core: fix a few uninitialized membersMiklos Vajna
Found by Coverity when scanning the bundled pdfium-3004 in LibreOffice. This fixes: - CID 1400341: Uninitialized members (UNINIT_CTOR) CFX_ImageRenderer::m_pIccTransform - CID 1400340: Uninitialized members (UNINIT_CTOR) CPDF_CharPosList::m_nChars - CID 1400339: Uninitialized members (UNINIT_CTOR) CPDF_StreamContentParser::m_PathStartX/Y - CID 1400337: Uninitialized members (UNINIT_CTOR) CFX_ScanlineCompositor::m_pIccTransform Change-Id: Iab3862eb77be8bf379093a47f6c60ce987099982 Reviewed-on: https://pdfium-review.googlesource.com/2630 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-02-10Add line width option for stroking pathschromium/3011chromium/3010chromium/3009Nicolas Pena
BUG=pdfium:661 Change-Id: Ie1dc82a1323a35ebbd63a5b7b8f8c95f9a5325fe Reviewed-on: https://pdfium-review.googlesource.com/2613 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: Nicolás Peña <npm@chromium.org>
2017-02-09Cleanup CFX_Matrix related methodsDan Sinclair
This CL removes unused CFX_Matrix methods and cleans up the implementaion of others. Change-Id: I72d1d10d4a45cc9341a980054df5225e52a0c4f2 Reviewed-on: https://pdfium-review.googlesource.com/2574 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-02-09Remove Transform in favour of TransformPointDan Sinclair
This CL removes the two Transform() overrides from CFX_Matrix and calls the TransformPoint methods directly. In the case of the 4 param version the values were assigned to the out values before calling. Change-Id: Id633826caec75b848774dcda6cfdcef2dbf5a7db Reviewed-on: https://pdfium-review.googlesource.com/2573 Reviewed-by: Nicolás Peña <npm@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-02-09Replace rect.Transform(matrix) with matrix.TransformRect(rect)Dan Sinclair
This Cl removes the rect based transform method which internally just called the matrix tranform method. The callers have been reversed to make it clearer the matrix is transforming the rect. Change-Id: I8ef57ccc2311e4e853b8180a6ff475f8eda2138e Reviewed-on: https://pdfium-review.googlesource.com/2572 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Nicolás Peña <npm@chromium.org>
2017-02-09Convert Get methods to return instead of using out params.Dan Sinclair
This Cl changes several Get methods to return their values instead of using out parameters. Change-Id: Ie9a930a5c2d0e809f2d7181ca033d801945c1cf9 Reviewed-on: https://pdfium-review.googlesource.com/2556 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Nicolás Peña <npm@chromium.org>
2017-02-08Add EmbedderTest for adding and filling pathsNicolas Pena
The PathObject uses GraphState to obtain the bounding box, so I set defaults, according to Table 4.2 of PDF spec 1.7. Not testing stroke for now because the default line width seems to be too small and is not being rendered. Methodology: add the test methods to the RenderPage method in pdfium_test, and run with --png and --md5. Check that the png is reasonable with respect to the expected result, and use the output md5 on the embeddertest. BUG=pdfium:661 Change-Id: I674fe3a68374c8d58cd99aaf9dad66e29e057281 Reviewed-on: https://pdfium-review.googlesource.com/2554 Reviewed-by: Tom Sepez <tsepez@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: Nicolás Peña <npm@chromium.org>
2017-02-08Rename x,y to width,height for Size typesdan sinclair
This Cl fixes the naming of the size types to match their purpose. This makes the code clearer. Change-Id: I37a41ab0fe01782f4749054f1f8ab29ddf8d2790 Reviewed-on: https://pdfium-review.googlesource.com/2551 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-02-08Update to use CFX_Rect{F} and CFX_Matrix constructors.Dan Sinclair
This Cl updates the code to use the constructors instead of creating an empty object and calling Set(). It also removes the various memsets of the CFX_Rect{F} classes. Change-Id: I6e20cec00866a38372858dcba5a30d31103172e4 Reviewed-on: https://pdfium-review.googlesource.com/2550 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Nicolás Peña <npm@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-02-07Add APIs for path construction and paintingchromium/3006Nicolas Pena
Added methods to create paths, set their colors, determine whether they will be stroked and/or filled. FPDFPage_InsertObject should be used to add a path to a page. BUG=pdfium:661 Change-Id: I8fd17b33a09c5126e517bfd1a69a893216c160e8 Reviewed-on: https://pdfium-review.googlesource.com/2534 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: Nicolás Peña <npm@chromium.org>
2017-02-07Use enum class for PathPoint types.Nicolas Pena
This hopefully makes it less confusing what the description of a point is. Currently we have defines for the types, which is confusing because a point can only be one of the three. And it is mixed up with whether the point is closing a figure or not. Change-Id: Icd71355d69c77b3d52ca78e03bc379081ff87753 Reviewed-on: https://pdfium-review.googlesource.com/2552 Commit-Queue: Nicolás Peña <npm@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-02-07Split CFX_STemplate from CFX_PSTemplateTom Sepez
This will allow the compiler to distinguish between rectangle initialization from a point and a size vs. two points. Add corresponding ctors, and fix style noise induced in XFA, now that rects have become a complex type. Change-Id: Iaa5887db63dafd41ac95f5c623989ca1d6443fd6 Reviewed-on: https://pdfium-review.googlesource.com/2533 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-02-06Fix stream reading from pFile.Graeme Connell
If m_pFile is set, m_bMemoryBased is set to false. However, ReadRawData incorrectly checks if m_bMemoryBased is TRUE before passing a read to m_pFile. This fix changes things to correctly call m_pFile's ReadBlock. Filed associated https://bugs.chromium.org/p/pdfium/issues/detail?id=662 BUG=pdfium:662 Change-Id: If58af9093e3de78261a4cf1eb0460b7c7c153e5a Reviewed-on: https://pdfium-review.googlesource.com/2532 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org>
2017-02-06Add support for fill and stroke RGBA in CPDF_PageContentGeneratorNicolas Pena
CPDF_PageObject is a CPDF_GraphicStates, which allows us to add graphics information to the object itself. The RGB can be added easily in the stream. The alpha parameter needs to be in a dictionary contained in the ExtGState, which should be part of the page's resources. BUG=pdfium:661 Change-Id: Id99b2ece7aa201e3550c765ac2b5eeff4b43fc48 Reviewed-on: https://pdfium-review.googlesource.com/2530 Reviewed-by: dsinclair <dsinclair@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: Nicolás Peña <npm@chromium.org>
2017-02-02Remove FX_WSTRC usagechromium/3003chromium/3002dan sinclair
Not needed with modern compilers, removed. Change-Id: Ia8977262b5791bd4445f02be8456641d1a7e18f3 Reviewed-on: https://pdfium-review.googlesource.com/2431 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-02-02Add CPDF_PageContentGenerator::ProcessPath supporting path constructionNicolas Pena
See Table 4.9 for path construction operators. Ignoring v, y, because those can be replaced with the more powerful c operator. The code added will be called by public methods that do not exist yet. BUG=pdfium:661 Change-Id: I9a1ad3fd0a601e4e3a292b55f3e5708fe0c9c8fb Reviewed-on: https://pdfium-review.googlesource.com/2495 Commit-Queue: Nicolás Peña <npm@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-01-30Properly refcount CPDF_StructElementTom Sepez
Change-Id: Idc9921fe7389abea8e23f07a58fb6e7bfd1c09eb Reviewed-on: https://pdfium-review.googlesource.com/2433 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org>
2017-01-30Refcount CPDF_OCContext.Tom Sepez
Avoids explicit deletes through CPDF_RenderOptions holding pointers to it which may have been copy constructed. Ick. Change-Id: Ic044b66d13bd7c5eaa53de995373858081e115ec Reviewed-on: https://pdfium-review.googlesource.com/2451 Reviewed-by: dsinclair <dsinclair@chromium.org> Reviewed-by: Nicolás Peña <npm@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org>
2017-01-30Cleanup memory allocations in ttgsubtable.cppTom Sepez
Rename array members to plurals. Use std::vectors rather than native arrays and counts. Use std::set instead of map of key to itself. Use unique_ptr inside vector to clean subtables. Mark non-existent constructors() = delete. Change-Id: Ifde189157e8affb5de654a44fac8b9358de7079b Reviewed-on: https://pdfium-review.googlesource.com/2452 Commit-Queue: Tom Sepez <tsepez@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-01-27Limit parsing recursion levels in CPDF_StreamParserNicolas Pena
We currently only limit the array recursion levels. This recursion level may also be reset when parsing. This is insufficient to protect against stack overflows. BUG=681920 Change-Id: I69bd0c912fb45c0e68b9b9fa961d43f0adc9bdd3 Reviewed-on: https://pdfium-review.googlesource.com/2434 Commit-Queue: Nicolás Peña <npm@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-01-26Cleanup CPDF_StructElement.tsepez
Pre-cursor to properly ref-counting it. Rename to match the CPDF_/IPDF_ conventions. Move CPDF_ structure out of IPDF-defining headers. Break friendships. Review-Url: https://codereview.chromium.org/2640923006
2017-01-25Calculate code_store safely in CGifLZWDecoder::DecodeNicolas Pena
BUG=682628 Change-Id: I8e88cc0c8392b078afb73f9549ea4dea9a5717fd Reviewed-on: https://pdfium-review.googlesource.com/2390 Commit-Queue: Nicolás Peña <npm@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-01-25Remove last usage of IFX_Retainable.chromium/2993Tom Sepez
Change-Id: Id2ece818c80e8cce4748b9a237871131a7acd6d1 Reviewed-on: https://pdfium-review.googlesource.com/2354 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-01-24Use std::vector for fx_ucd.h arrays.chromium/2992tsepez
Review-Url: https://codereview.chromium.org/2650773003
2017-01-24Replace some loose (ptr, len) pairs with CFX_ByteStringC in fpdfapi.tsepez
These separate scalars are an anti-pattern given the ability to pass a single entity and later operate on it sensibly. Review-Url: https://codereview.chromium.org/2652033002
2017-01-24Undefined shift in CPDF_PSEngine::DoOperatortsepez
Also fix an unsafe negation in same block. BUG=641551 BUG=681091 Review-Url: https://codereview.chromium.org/2649283002
2017-01-24Fix CPDF_InterForm::CheckRequiredFields and its callers.Nicolas Pena
The method is used twice in fpdfsdk/cpdfsdk_interform.cpp and twice in fpdfsdk/javascript/Document.cpp, but not in a compatible way. Changed the method so that it now returns true when checks pass, which is the more natural thing to do, considering the name of the method. BUG=pdfium:659 Change-Id: Iacf3049f328df1d4db3fbfc995acf184230ebf48 Reviewed-on: https://pdfium-review.googlesource.com/2297 Commit-Queue: Nicolás Peña <npm@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-01-24Use std::vector for CFX_RectF arraystsepez
Review-Url: https://codereview.chromium.org/2653743002
2017-01-23Fix bug found by fuzzer in A85 encoder (bad shift).rbpotter
A85 encoder is not called yet; fix before adding calls to this code in Chromium. BUG=682550 Review-Url: https://codereview.chromium.org/2649263002
2017-01-23Update safe numerics package to get bitwise opstsepez
Fix callers conventions to avoid ambiguity. Fix bad bounds check unmasked by change. Directly include headers no longer pulled in by numerics itself. Review-Url: https://codereview.chromium.org/2640143003
2017-01-20Replace CFX_ByteArray with CFX_ArrayTemplate<uint8_t>chromium/2990chromium/2989chromium/2988tsepez
Also replace CFX_Int32Array typedef with CFX_ArrayTemplate<int32_t>. Removing the typedefs makes subsequent conversion to std::vector<> easier on a case-by-case basis. Review-Url: https://codereview.chromium.org/2649563003
2017-01-20Remove CFX_Points, CFX_PointsF in favor of std::vectortsepez
CFX_Points was unused. Review-Url: https://codereview.chromium.org/2645523006
2017-01-19use unique_ptr in fpdf_font_cid.cpptsepez
Also return CFX_MaybeOwned<> from functions so to make cleanup automatic, avoiding a theoretical leak. Review-Url: https://codereview.chromium.org/2641853004
2017-01-18Bad indexing in CPDF_Document::FindPageIndex when page tree corrupt.tsepez
Moving to std::vector from the more forgiving CFX_ArrayTemplate revealed the dubious page tree traversal, which depends on the correctness of the /Count entries to properly summarize the total descendants under a given node. The only "correct" thing to do is to throw away these counts as parsed, and re-compute them, perhaps in CountPages(). But I'm not willing to do that since it may break unknown documents in the wild. Pass out-params as pointers while we're at it. BUG=680376 Review-Url: https://codereview.chromium.org/2636403003
2017-01-17Stop using Encoding array to get unicode from charcode in Type 3 fontschromium/2985npm
We should not fill out the m_Encoding for Type3 fonts. This way, we stop getting garbage characters from text extraction. Guessing that unicode == charcode (in the absence of ToUnicode) is our best bet. BUG=pdfium:642 Review-Url: https://codereview.chromium.org/2643543002
2017-01-17Avoid endless loop deleting CFGAS_GEFont.tsepez
It's a ref-counted class, so if we're in the destructor, the ref count has hit zero. We can't make a new ref pointer to itself here, as it will re-invoke the destructor when it goes out of scope. This should have been an obvious anti-pattern in hindsight. The object in question can't be in the m_pFontManager, since the font manager retains a reference, and we wouldn't get to this destructor while that is present. So the cleanup isn't required. Fixing this revealed a free-delete mismatch in cxfa_textlayout.cpp. I also converted to use unique_ptrs in a few places near this issue. Fixing this revealed a UAF in CFGAS_GEFont, memcpy'ing a RetainPtr is not a good idea as it doesn't bump the ref count. Also protect and friend the CFGAS_GEFont destructor, to make sure random deletes don't happen. Also kill off a const cast, and remove unnecessary conversion to retain_ptr when we already have one. TEST=look for absence of -11 in XFA corpus test logs, bots not currently noticing the segv. Argh. Review-Url: https://codereview.chromium.org/2631703003
2017-01-16Return early when gif_img_row_bytes is 0chromium/2984Nicolas Pena
We can get into a loop when gif_img_row_bytes is 0 since Decode will return 3 when the second parameter is 0, and there is a while(ret!=0). BUG=681170 Change-Id: I63502a8487c07030fce2373f74cec6b4f0c98297 Reviewed-on: https://pdfium-review.googlesource.com/2211 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-01-16Check blue,green,red bit count in bmp_decode_rgbNicolas Pena
If the values are going to overflow, return error code, which seems to be 2. BUG=668822 Change-Id: I89b3fcf277e98d65b8c3438e6d9bb84fe62a8de9 Reviewed-on: https://pdfium-review.googlesource.com/2213 Commit-Queue: Nicolás Peña <npm@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-01-16Return error when bits_left is too bigNicolas Pena
BUG=680062 Change-Id: I9e2fd960915cd1de5e0cc15aeabf9ccf27e5a795 Reviewed-on: https://pdfium-review.googlesource.com/2212 Commit-Queue: Nicolás Peña <npm@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-01-16Add default substitution for narrow fontsNicolas Pena
BUG=669893 Change-Id: I0977c031d5b272ce5182da6b3020ac092e30aef4 Reviewed-on: https://pdfium-review.googlesource.com/2210 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org> Commit-Queue: Nicolás Peña <npm@chromium.org>
2017-01-16Use FX_Alloc() properly in fxcodec.tsepez
It already has a sizeof() and a cast built into the macro, so we don't need to do sizeof() and cast on each usage. Review-Url: https://codereview.chromium.org/2625133009
2017-01-12Add postscript pathrbpotter
This patch adds the additional functions required to make postscript printing functional. The most significant additions are are two added compression functions and a new API for setting the postscript level. Not currently called from Chromium, Chromium patch to come. BUG= Review-Url: https://codereview.chromium.org/2612243005
2017-01-11Make tiff_read return actual length readNicolas Pena
The return value is used to determine whether TIFFReadFile fails. If we return just the length, libtiff will try reading uninitilized values afterwards, on corrupted files. BUG=679230, 670928 Change-Id: I579adc9d8a00e8cafab45dbdb728f1cb702da051 Reviewed-on: https://pdfium-review.googlesource.com/2172 Commit-Queue: Nicolás Peña <npm@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-01-10Remove CFX_ArrayTemplate in cfx_psrender.tsepez
Use unique_ptr while we're at it. Review-Url: https://codereview.chromium.org/2618373003
2017-01-10Restrict code size in CGifLZWDecoderchromium/2978Nicolas Pena
The code_size variable is the number of bits. We should make sure that the size is at most 31 to avoid having undefined shifts etc. BUG=620661 Change-Id: Ia533386d01de93a55048cfd63d63989b2731a210 Reviewed-on: https://pdfium-review.googlesource.com/2161 Reviewed-by: dsinclair <dsinclair@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: Nicolás Peña <npm@chromium.org>
2017-01-10Remove some CFX_ArrayTemplate in fpdfapi and fpdfdoctsepez
Also use unique_ptr in one spot while we're at it. Review-Url: https://codereview.chromium.org/2625483002
2017-01-10Remove more _LP* typedefs.tsepez
Code is much clearer when we use the actual types rather than this convention. Review-Url: https://codereview.chromium.org/2618993002
2017-01-09Check validity of width and height in CCodec_TiffContext::LoadFrameInfoNicolas Pena
We are using pdfium::base::checked_cast to get the width and height, but we may overflow and abort. Therefore, we should instead early return if the obtained width and height are not valid int32_t's. BUG=655056 Change-Id: Ic0c6b88a16dc3d547fe82736bb14ed3122cd356a Reviewed-on: https://pdfium-review.googlesource.com/2160 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: Nicolás Peña <npm@chromium.org>
2017-01-09HardClip all points used when building pathsNicolas Pena
CAgg_PathData::BuildPath already HardClips x, y. We need to do this to any other points used, otherwise we risk having huge numbers, and when calling agg methods on these we'll be super slow. BUG=670524, 678767 Change-Id: I35c1cee7bd6481ea57e0df27b2c5202d1cca3301 Reviewed-on: https://pdfium-review.googlesource.com/2158 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: Nicolás Peña <npm@chromium.org>
2017-01-09Do not parse references with invalid objnumnpm
We should not have valid objects where the object number is CPDF_Object::kInvalidObjNum. BUG=pdfium:609 Review-Url: https://codereview.chromium.org/2610393004