summaryrefslogtreecommitdiff
path: root/core
AgeCommit message (Collapse)Author
2015-04-17Fix an issue 'heap use after free'JUN FANG
This fix is for covering more scenarios. Some faces like Foxit defined faces and MM faces are managed in built-in manager. They are released in built-in manager not in fontMgr. BUG=452793 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/1095733003
2015-04-16Fix heap use after free in FT_Stream_ReleaseFrameJUN FANG
Adjust the release order of resource to fix this issue. BUG=452793 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/1082023002
2015-04-15Merge to XFA: Fix offset outside bounds of constant string warningsJUN FANG
BUG=380476 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/1061013003
2015-04-15Merge to XFA: Make FX_NEW throw on OOM.Tom Sepez
Original Review URL: https://codereview.chromium.org/1082253003 TBR=thestig@chromium.org Review URL: https://codereview.chromium.org/1061843005
2015-04-14Fix two new / free mismatchesTom Sepez
R=brucedawson@chromium.org Review URL: https://codereview.chromium.org/1085963002
2015-04-14Merge to XFA: Kill CFX_Object.Tom Sepez
Not just a simple merge, but changes to remove CFX_Object from XFA. Original Review URL: https://codereview.chromium.org/1088733002 TBR=thestig@chromium.org Review URL: https://codereview.chromium.org/1087053002
2015-04-13Merge to XFA: Fix a heap overflow in CJBig2_Context::parseSymbolDictJUN FANG
BUG=476107 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/1080893002
2015-04-11Merge to XFA: Fix compiling warnings on WindowsJun Fang
TBR=tsepez@chromium.org BUG=N/A Review URL: https://codereview.chromium.org/1081663002
2015-04-11Merge to XFA: Fix a heap buffer overflow issue in CPDF_CMap::GetNextCharJUN FANG
Add a check to make sure offset is less than the size of string in the function of GetNextChar(). BUG=471651 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/1067073003
2015-04-10XFA port: Fix the noisiest variable shadowing warnings in pdfium.Bruce Dawson
Three functions in fx_coordinates.h account for 60% of the warnings when building with VS 2015, due to variable shadowing. Renaming the function parameters is safe, resolves the warnings, and reduces confusion. From https://codereview.chromium.org/1077083003 TBR=tsepez@chromium.org BUG=440500 Review URL: https://codereview.chromium.org/1077283002
2015-04-10Merge to XFA: Better fix for snprintf non-termination on windows.Tom Sepez
TBR=brucedawson@chromium.org Review URL: https://codereview.chromium.org/1073313003
2015-04-10Merge to XFA: Fix a stack overflow in CPDF_Parser::LoadCrossRefV5JUN FANG
A stack overflow was triggered by checked_cast due to invalid index in pdf files like 'Index[45 -1661]'. BUG=473400 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/1054303005
2015-04-10Merge to XFA: Don't call FPDF_InitLibrary() in individual unit_tests.Tom Sepez
Original Review URL: https://codereview.chromium.org/1071343002 TBR=thestig@chromium.org Review URL: https://codereview.chromium.org/1079623002
2015-04-09Merge to XFA: Fix a global buffer overflow in ↵Jun Fang
GCPDF_CIDFont::_CharCodeFromUnicode There is not a code page (CP) used for converting unicode to mutli-bytes if the coding scheme is CID coding. Only return 0 if CID can't be retrieved. The difference on Windows and other platforms should be the function used for converting rather than others. BUG=466790 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/1074653002
2015-04-07Merge to XFA: Fix a stack overflow issue caused by an invalid usage of snprintfJun Fang
BUG=469244 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/1062983002
2015-04-07Merge to XFA: Fix IWYU in pdfwindow/ directory.Tom Sepez
This incorporates class vs. struct fix in 34f5fc0f2a18 TBR=thestig@chromium.org Review URL: https://codereview.chromium.org/1063283002
2015-04-06Merge to XFA: Fix IWYU in fxcrt headers.Tom Sepez
Note: new includes for XFA Original Review URL: https://codereview.chromium.org/1064433005 R=thestig@chromium.org TBR=thestig@chromium.org Review URL: https://codereview.chromium.org/1062843003
2015-04-03Merge to XFA: Update the path of header file to avoid a compiling error in ↵JUN FANG
chrome BUG=N/A R=tsepez@chromium.org Review URL: https://codereview.chromium.org/1059233005
2015-04-03Merge to XFA: No-op change to poke the bots after being out of sequence.Tom Sepez
Adds a comment and changes some whitespace. TBR=jun_fang@foxitsoftware.com Review URL: https://codereview.chromium.org/1059373002
2015-04-03Merge to XFA: Fix a compiling error in fpdf_parser_parser_embeddertest.cppJun Fang
BUG=N/A R=tsepez@chromium.org Review URL: https://codereview.chromium.org/1057383002
2015-04-03Merge to XFA: Add embedder test comparing with the last patch.JUN FANG
When there is a wrong keyword like '??ze' in the dictionary of the trailer, PDFium can't recognize it and aborts further parsing. After this change, PDFium continues even it can't get the right size at this moment. It will rebuild the cross reference table later since the size of the table is missing. BUG=459580 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/1055323003
2015-04-02Merge to XFA: Fix uninitialized face in fx_ge_font.cppJUN FANG
MSAN reported this issue when I tried to reproduce 460936 in the last version of freetype on Linux. BUG=N/A R=thestig@chromium.org Review URL: https://codereview.chromium.org/1050333002
2015-03-30Merge to XFA: Fix no text displayed issue when font embedded and font ↵JUN FANG
subsetting enabled BUG=465322 R=thestig@chromium.org Review URL: https://codereview.chromium.org/1045553004
2015-03-20Merge to XFA: Fix missing include for std::minTom Sepez
Original Review URL: https://codereview.chromium.org/1026843002 TBR=thestig@chromium.org Review URL: https://codereview.chromium.org/1025753002
2015-03-19Merge to XFA: Fix subtle issues in opj_skip_from_memory and add unit tests.Tom Sepez
Original Review URL: https://codereview.chromium.org/1016203002 TBR=thestig@chromium.org Review URL: https://codereview.chromium.org/1027443002
2015-03-16Merge to XFA: Fix a bug that JPX images can't be shownJUN FANG
In the process of opj_end_decompress, it will return fail when the end of coding stream is reached. However it returns true in the same scenario implemented in openJPEG. So the final solution is from openJPEG. Return true when the end of coding stream is reached. BUG=452671 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/990683002
2015-03-16Merge to XFA: Fix potential integer overflow in fpdf_render_image.cppJUN FANG
BUG=382661 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/1007643002
2015-03-11XFA: bound memcpy length in _png_load_bmp_attribute()Tom Sepez
BUG=466338 R=thestig@chromium.org Review URL: https://codereview.chromium.org/997273002
2015-03-11Merge to XFA: Kill remaining sprintfsTom Sepez
There is fx_codec_png.cpp that has a sprintf under XFA that was not present in master. Original Review URL: https://codereview.chromium.org/999543002 R=thestig@chromium.org Review URL: https://codereview.chromium.org/995993002
2015-03-06Merge to XFA: Make conversions for CPDF_Link explicit.Tom Sepez
Original Review URL: https://codereview.chromium.org/985503005 TBR=thestig@chromium.org Review URL: https://codereview.chromium.org/985153002
2015-03-06Merge to XFA: Make conversion between CPDF_Dest and its object explicit.Tom Sepez
Original Review URL: https://codereview.chromium.org/984703004 TBR=thestig@chromium.org Review URL: https://codereview.chromium.org/984143002
2015-03-05Merge to XFA: Make conversion between CPDF_Action and its dictionary explicit.Tom Sepez
Original Review URL: https://codereview.chromium.org/984773002 R=thestig@chromium.org TBR=thestig@chromium.org Review URL: https://codereview.chromium.org/984783002
2015-02-27Merge to XFA: Do hit tests against Annots in reverse order.Lei Zhang
Original Review URL: https://codereview.chromium.org/952423002 (cherry picked from commit 944ccad72d028ed5e37f53c5c8c0888866905bc3) Review URL: https://codereview.chromium.org/970523002
2015-02-27Merge to XFA: Fix JPX image rendering that regressed due to several security ↵Lei Zhang
fixes. Original Review URL: https://codereview.chromium.org/892553002 (cherry picked from commit 254360730190cc6d6e3de325ee101948b78c1e32) Review URL: https://codereview.chromium.org/967773002
2015-02-27Merge to XFA: Fix some typos in fpdf_render_loadimage.cpp.Lei Zhang
Original Review URL: https://codereview.chromium.org/885223004 (cherry picked from commit 900d7bf46efc26e0588e1777759f7716ed4f8dbd) Review URL: https://codereview.chromium.org/963413002
2015-02-27Merge to XFA: Cleanup: Fix some unused-function warnings.Lei Zhang
Original URL: https://codereview.chromium.org/891113002 (cherry picked from commit 44fc192f29a77c5864fabffe5ab63937dacdfd21) Review URL: https://codereview.chromium.org/966023002
2015-02-27Merge to XFA: Cleanup parts of fpdf_render_loadimage.cpp.Lei Zhang
Original URL: https://codereview.chromium.org/890883006 (cherry picked from commit 3f41851972a18762164d7110a82da3baed564b80) Review URL: https://codereview.chromium.org/966013002
2015-02-27Merge to XFA: Check for NULL pointers in CJBig2_SymbolDict::DeepCopy().Lei Zhang
Original URL: https://codereview.chromium.org/837093002 (cherry picked from commit f8105c665856863ad95da37fee6c12b98b953e2c) Review URL: https://codereview.chromium.org/967033002
2015-02-27Merge to XFA: Cleanup: Get rid of CRLF line endings.Lei Zhang
Original URL: https://codereview.chromium.org/837533003 (cherry picked from commit 256ef88a26cff56fc7c23119d2d9e1b41468bd1a) Review URL: https://codereview.chromium.org/963403002
2015-02-27Merge to XFA: Update externs in unicodenormalization.cpp to not have array ↵Lei Zhang
sizes. Original URL: https://codereview.chromium.org/825983004 (cherry picked from commit dd132d8d1e9a27673e5357a657db2b97dda9bcdb) Review URL: https://codereview.chromium.org/965033005
2015-02-27Merge to XFA: Fix an array size mismatch.Lei Zhang
BUG=446057 Original Author: sebmarchand@chromium.org Original CL: https://codereview.chromium.org/837523002/ Review URL: https://codereview.chromium.org/812843004 (cherry picked from commit f96404951bc1505887e2567088b59206316c9297) Review URL: https://codereview.chromium.org/966003002
2015-02-27Merge to XFA: Upgrade openjpeg to revision 2997.JUN FANG
BUG=457493 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/960183004
2015-02-24Merge to XFA: Add small flate decode unit test.Tom Sepez
Original Review URL: https://codereview.chromium.org/845313006 TBR=thestig@chromium.org Review URL: https://codereview.chromium.org/945793004
2015-02-12Merge to XFA: Fix an error 'Use-of-uninitialized-value in CPDF_Function::Call'JUN FANG
This issue was introduced in https://codereview.chromium.org/886953002/. BUG=454280 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/869343008
2015-02-11Merge to XFA: CPDF_Object() constructor should set its internal m_Type variable.Tom Sepez
Original Review URL: https://codereview.chromium.org/880233005 TBR=thestig@chromium.org Review URL: https://codereview.chromium.org/916953002
2015-02-10Merge to XFA: Fix uninitialized value in CFX_ByteString::FormatIntegerJUN FANG
BUG=449845 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/911293002
2015-02-10Merge to XFA: Fix heap buffer overflow in CPDF_SampledFunc::v_CallJUN FANG
This issue was caused by integer overflow in CPDF_SampledFunc::v_Call. The root cause of this issue is that the content in the test pdf file was damaged. The solution is to check whether an integer is overflow before using it. BUG=452455 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/886953002
2015-02-06Fix XFA build after combining PDFium into Chromium binary.John Abd-El-Malek
R=tsepez@chromium.org Review URL: https://codereview.chromium.org/889253003
2015-02-05Merge to XFA: Kill off some more unreachable fopen's.Tom Sepez
Original Review URL: https://codereview.chromium.org/902943003 TBR=jam@chromium.org Review URL: https://codereview.chromium.org/895903005
2015-02-05Kill off some dodgy JS callbacksTom Sepez
None of these are currently reachable because the IsSafeMode method always returns true. This, in turn, will let us kill off some file (as in fopen()) based parsing. That, in turn, will let us kill of some more now-unreachable code. In general, we don't want to have unsafe modes. BUG=https://code.google.com/p/pdfium/issues/detail?id=116 R=jam@chromium.org Review URL: https://codereview.chromium.org/883393007