Age | Commit message (Collapse) | Author |
|
In CCodec_ProgressiveDecoder::GifInputRecordPositionBufCallback, m_pSrcPalette
can be allocated size pal_num. So if pal_index >= pal_num, then bail out.
BUG=691278
Change-Id: Ib0157cf51cbf52ecd5d60b027e5fc32898a906ed
Reviewed-on: https://pdfium-review.googlesource.com/2699
Commit-Queue: Nicolás Peña <npm@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
This CL fixes up the bits of the CPDF_MeshStream CL that depended on the Origin
CL and integrates the fixes for the Skia bots.
Change-Id: I470e49c35b809f00fecbaeb303de15c0db3fe590
Reviewed-on: https://pdfium-review.googlesource.com/2698
Reviewed-by: Nicolás Peña <npm@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
This CL updates the CFX_FloatPoint Cl to accommodate for the Origin CL being
reverted.
Change-Id: I345fe1117938a49ad9ee5f310fe7b5e21d9f1948
Reviewed-on: https://pdfium-review.googlesource.com/2697
Reviewed-by: Nicolás Peña <npm@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
BUG=pdfium:667
Change-Id: I701719144127881ebdb5be01a51e833d1e576477
Reviewed-on: https://pdfium-review.googlesource.com/2691
Commit-Queue: Nicolás Peña <npm@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
This reverts commit da83d3a5cc09c4056310b3cf299dbbccd5c70d11.
Reason for revert: Reverting chain to see if fixes Chrome roll.
Original change's description:
> Convert Origins to points
>
> This CL converts various OriginX, OriginY pairs into CFX_PointF objects.
>
> Change-Id: I9141f7fc713c710b2014d4fdcdec7dc93501f844
> Reviewed-on: https://pdfium-review.googlesource.com/2575
> Commit-Queue: dsinclair <dsinclair@chromium.org>
> Reviewed-by: Nicolás Peña <npm@chromium.org>
>
TBR=tsepez@chromium.org,dsinclair@chromium.org,npm@chromium.org,pdfium-reviews@googlegroups.com
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=
Change-Id: I949fb4ec712e2587e7d0ef0191c34db198b61dcc
Reviewed-on: https://pdfium-review.googlesource.com/2696
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
This reverts commit 9787a7441a905e582b10d9ffc425098b3233d36c.
Reason for revert: Reverting chain to see if fixes Chrome roll.
Original change's description:
> Cleanup CPDF_MeshStream
>
> This CL converts the MeshVertex to a point and the TransformPoint to the
> CFX_PointF override.
>
> Change-Id: I3faa5c14cedcf5af6aafca1c566acbc68577cca7
> Reviewed-on: https://pdfium-review.googlesource.com/2610
> Commit-Queue: dsinclair <dsinclair@chromium.org>
> Reviewed-by: Nicolás Peña <npm@chromium.org>
>
TBR=tsepez@chromium.org,dsinclair@chromium.org,npm@chromium.org,caryclark@google.com,pdfium-reviews@googlegroups.com
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
Change-Id: Ie1b1dae3ede7581128a81cf7cd86a348c651233b
Reviewed-on: https://pdfium-review.googlesource.com/2695
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
This reverts commit 4797c4240cb9e2d8cd36c583d46cd52ff94af95d.
Reason for revert: Reverting chain to see if fixes Chrome roll.
Original change's description:
> Convert CFX_FloatPoint to CFX_PointF
>
> The two classes store the same information, remove the CFX_FloatPoint variant.
>
> Change-Id: Ie598c2ba5af04fb2bb3347dd48c30fd5e4845e62
> Reviewed-on: https://pdfium-review.googlesource.com/2612
> Commit-Queue: dsinclair <dsinclair@chromium.org>
> Reviewed-by: Tom Sepez <tsepez@chromium.org>
>
TBR=tsepez@chromium.org,dsinclair@chromium.org,pdfium-reviews@googlegroups.com
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
Change-Id: Ia42074e706983c62d2e57497c3079b3c338343a3
Reviewed-on: https://pdfium-review.googlesource.com/2694
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
The two classes store the same information, remove the CFX_FloatPoint variant.
Change-Id: Ie598c2ba5af04fb2bb3347dd48c30fd5e4845e62
Reviewed-on: https://pdfium-review.googlesource.com/2612
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|
|
Modernizing CPDF_TextObject a little bit, in preparation for the addition of
APIs for adding text to PDFs. m_pCharCodes, m_pCharPos are now vectors, this
caused some propagation to other classes. Also m_Pos is now a point. Note that
GetItemInfo is being changed in another CL, so did minimal changes there.
Change-Id: I6e5f19b5d45872e3e714a7cb587c81c92e640ea3
Reviewed-on: https://pdfium-review.googlesource.com/2614
Commit-Queue: Nicolás Peña <npm@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|
|
This CL converts the MeshVertex to a point and the TransformPoint to the
CFX_PointF override.
Change-Id: I3faa5c14cedcf5af6aafca1c566acbc68577cca7
Reviewed-on: https://pdfium-review.googlesource.com/2610
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: Nicolás Peña <npm@chromium.org>
|
|
This CL converts various OriginX, OriginY pairs into CFX_PointF objects.
Change-Id: I9141f7fc713c710b2014d4fdcdec7dc93501f844
Reviewed-on: https://pdfium-review.googlesource.com/2575
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: Nicolás Peña <npm@chromium.org>
|
|
Doing so reveals places where there are needless copies
and conversions.
Change-Id: I24a868d40aa63836f4167eaf4541964049df7916
Reviewed-on: https://pdfium-review.googlesource.com/2555
Commit-Queue: Tom Sepez <tsepez@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
Found by Coverity when scanning the bundled pdfium-3004 in LibreOffice.
This fixes:
- CID 1400341: Uninitialized members (UNINIT_CTOR)
CFX_ImageRenderer::m_pIccTransform
- CID 1400340: Uninitialized members (UNINIT_CTOR)
CPDF_CharPosList::m_nChars
- CID 1400339: Uninitialized members (UNINIT_CTOR)
CPDF_StreamContentParser::m_PathStartX/Y
- CID 1400337: Uninitialized members (UNINIT_CTOR)
CFX_ScanlineCompositor::m_pIccTransform
Change-Id: Iab3862eb77be8bf379093a47f6c60ce987099982
Reviewed-on: https://pdfium-review.googlesource.com/2630
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
BUG=pdfium:661
Change-Id: Ie1dc82a1323a35ebbd63a5b7b8f8c95f9a5325fe
Reviewed-on: https://pdfium-review.googlesource.com/2613
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: Nicolás Peña <npm@chromium.org>
|
|
This CL removes unused CFX_Matrix methods and cleans up the implementaion
of others.
Change-Id: I72d1d10d4a45cc9341a980054df5225e52a0c4f2
Reviewed-on: https://pdfium-review.googlesource.com/2574
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|
|
This CL removes the two Transform() overrides from CFX_Matrix and calls the
TransformPoint methods directly. In the case of the 4 param version the
values were assigned to the out values before calling.
Change-Id: Id633826caec75b848774dcda6cfdcef2dbf5a7db
Reviewed-on: https://pdfium-review.googlesource.com/2573
Reviewed-by: Nicolás Peña <npm@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
This Cl removes the rect based transform method which internally just called
the matrix tranform method. The callers have been reversed to make it clearer
the matrix is transforming the rect.
Change-Id: I8ef57ccc2311e4e853b8180a6ff475f8eda2138e
Reviewed-on: https://pdfium-review.googlesource.com/2572
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: Nicolás Peña <npm@chromium.org>
|
|
This Cl changes several Get methods to return their values instead of using
out parameters.
Change-Id: Ie9a930a5c2d0e809f2d7181ca033d801945c1cf9
Reviewed-on: https://pdfium-review.googlesource.com/2556
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: Nicolás Peña <npm@chromium.org>
|
|
The PathObject uses GraphState to obtain the bounding box, so I set defaults,
according to Table 4.2 of PDF spec 1.7. Not testing stroke for now because the
default line width seems to be too small and is not being rendered.
Methodology: add the test methods to the RenderPage method in pdfium_test, and
run with --png and --md5. Check that the png is reasonable with respect to the
expected result, and use the output md5 on the embeddertest.
BUG=pdfium:661
Change-Id: I674fe3a68374c8d58cd99aaf9dad66e29e057281
Reviewed-on: https://pdfium-review.googlesource.com/2554
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: Nicolás Peña <npm@chromium.org>
|
|
This Cl fixes the naming of the size types to match their purpose. This makes
the code clearer.
Change-Id: I37a41ab0fe01782f4749054f1f8ab29ddf8d2790
Reviewed-on: https://pdfium-review.googlesource.com/2551
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|
|
This Cl updates the code to use the constructors instead of creating an
empty object and calling Set(). It also removes the various memsets of
the CFX_Rect{F} classes.
Change-Id: I6e20cec00866a38372858dcba5a30d31103172e4
Reviewed-on: https://pdfium-review.googlesource.com/2550
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: Nicolás Peña <npm@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|
|
Added methods to create paths, set their colors, determine whether they will be
stroked and/or filled. FPDFPage_InsertObject should be used to add a path to a
page.
BUG=pdfium:661
Change-Id: I8fd17b33a09c5126e517bfd1a69a893216c160e8
Reviewed-on: https://pdfium-review.googlesource.com/2534
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: Nicolás Peña <npm@chromium.org>
|
|
This hopefully makes it less confusing what the description of a point is.
Currently we have defines for the types, which is confusing because a point
can only be one of the three. And it is mixed up with whether the point is
closing a figure or not.
Change-Id: Icd71355d69c77b3d52ca78e03bc379081ff87753
Reviewed-on: https://pdfium-review.googlesource.com/2552
Commit-Queue: Nicolás Peña <npm@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|
|
This will allow the compiler to distinguish between rectangle
initialization from a point and a size vs. two points.
Add corresponding ctors, and fix style noise induced in XFA,
now that rects have become a complex type.
Change-Id: Iaa5887db63dafd41ac95f5c623989ca1d6443fd6
Reviewed-on: https://pdfium-review.googlesource.com/2533
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
If m_pFile is set, m_bMemoryBased is set to false. However, ReadRawData
incorrectly checks if m_bMemoryBased is TRUE before passing a read to
m_pFile. This fix changes things to correctly call m_pFile's ReadBlock.
Filed associated https://bugs.chromium.org/p/pdfium/issues/detail?id=662
BUG=pdfium:662
Change-Id: If58af9093e3de78261a4cf1eb0460b7c7c153e5a
Reviewed-on: https://pdfium-review.googlesource.com/2532
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: Tom Sepez <tsepez@chromium.org>
|
|
CPDF_PageObject is a CPDF_GraphicStates, which allows us to add graphics
information to the object itself. The RGB can be added easily in the stream.
The alpha parameter needs to be in a dictionary contained in the ExtGState,
which should be part of the page's resources.
BUG=pdfium:661
Change-Id: Id99b2ece7aa201e3550c765ac2b5eeff4b43fc48
Reviewed-on: https://pdfium-review.googlesource.com/2530
Reviewed-by: dsinclair <dsinclair@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: Nicolás Peña <npm@chromium.org>
|
|
Not needed with modern compilers, removed.
Change-Id: Ia8977262b5791bd4445f02be8456641d1a7e18f3
Reviewed-on: https://pdfium-review.googlesource.com/2431
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|
|
See Table 4.9 for path construction operators. Ignoring v, y, because those can
be replaced with the more powerful c operator. The code added will be called by
public methods that do not exist yet.
BUG=pdfium:661
Change-Id: I9a1ad3fd0a601e4e3a292b55f3e5708fe0c9c8fb
Reviewed-on: https://pdfium-review.googlesource.com/2495
Commit-Queue: Nicolás Peña <npm@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
Change-Id: Idc9921fe7389abea8e23f07a58fb6e7bfd1c09eb
Reviewed-on: https://pdfium-review.googlesource.com/2433
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: Tom Sepez <tsepez@chromium.org>
|
|
Avoids explicit deletes through CPDF_RenderOptions holding pointers
to it which may have been copy constructed. Ick.
Change-Id: Ic044b66d13bd7c5eaa53de995373858081e115ec
Reviewed-on: https://pdfium-review.googlesource.com/2451
Reviewed-by: dsinclair <dsinclair@chromium.org>
Reviewed-by: Nicolás Peña <npm@chromium.org>
Commit-Queue: Tom Sepez <tsepez@chromium.org>
|
|
Rename array members to plurals.
Use std::vectors rather than native arrays and counts.
Use std::set instead of map of key to itself.
Use unique_ptr inside vector to clean subtables.
Mark non-existent constructors() = delete.
Change-Id: Ifde189157e8affb5de654a44fac8b9358de7079b
Reviewed-on: https://pdfium-review.googlesource.com/2452
Commit-Queue: Tom Sepez <tsepez@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
We currently only limit the array recursion levels. This recursion
level may also be reset when parsing. This is insufficient to protect
against stack overflows.
BUG=681920
Change-Id: I69bd0c912fb45c0e68b9b9fa961d43f0adc9bdd3
Reviewed-on: https://pdfium-review.googlesource.com/2434
Commit-Queue: Nicolás Peña <npm@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|
|
Pre-cursor to properly ref-counting it.
Rename to match the CPDF_/IPDF_ conventions.
Move CPDF_ structure out of IPDF-defining headers.
Break friendships.
Review-Url: https://codereview.chromium.org/2640923006
|
|
BUG=682628
Change-Id: I8e88cc0c8392b078afb73f9549ea4dea9a5717fd
Reviewed-on: https://pdfium-review.googlesource.com/2390
Commit-Queue: Nicolás Peña <npm@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|
|
Change-Id: Id2ece818c80e8cce4748b9a237871131a7acd6d1
Reviewed-on: https://pdfium-review.googlesource.com/2354
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
Review-Url: https://codereview.chromium.org/2650773003
|
|
These separate scalars are an anti-pattern given the ability to pass a single entity and later operate on it sensibly.
Review-Url: https://codereview.chromium.org/2652033002
|
|
Also fix an unsafe negation in same block.
BUG=641551
BUG=681091
Review-Url: https://codereview.chromium.org/2649283002
|
|
The method is used twice in fpdfsdk/cpdfsdk_interform.cpp and twice in
fpdfsdk/javascript/Document.cpp, but not in a compatible way. Changed
the method so that it now returns true when checks pass, which is the
more natural thing to do, considering the name of the method.
BUG=pdfium:659
Change-Id: Iacf3049f328df1d4db3fbfc995acf184230ebf48
Reviewed-on: https://pdfium-review.googlesource.com/2297
Commit-Queue: Nicolás Peña <npm@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|
|
Review-Url: https://codereview.chromium.org/2653743002
|
|
A85 encoder is not called yet; fix before adding
calls to this code in Chromium.
BUG=682550
Review-Url: https://codereview.chromium.org/2649263002
|
|
Fix callers conventions to avoid ambiguity.
Fix bad bounds check unmasked by change.
Directly include headers no longer pulled in by numerics itself.
Review-Url: https://codereview.chromium.org/2640143003
|
|
Also replace CFX_Int32Array typedef with CFX_ArrayTemplate<int32_t>.
Removing the typedefs makes subsequent conversion to std::vector<>
easier on a case-by-case basis.
Review-Url: https://codereview.chromium.org/2649563003
|
|
CFX_Points was unused.
Review-Url: https://codereview.chromium.org/2645523006
|
|
Also return CFX_MaybeOwned<> from functions so to make cleanup automatic,
avoiding a theoretical leak.
Review-Url: https://codereview.chromium.org/2641853004
|
|
Moving to std::vector from the more forgiving CFX_ArrayTemplate
revealed the dubious page tree traversal, which depends on the
correctness of the /Count entries to properly summarize the total
descendants under a given node.
The only "correct" thing to do is to throw away these counts as parsed,
and re-compute them, perhaps in CountPages(). But I'm not willing to do
that since it may break unknown documents in the wild.
Pass out-params as pointers while we're at it.
BUG=680376
Review-Url: https://codereview.chromium.org/2636403003
|
|
We should not fill out the m_Encoding for Type3 fonts. This way, we
stop getting garbage characters from text extraction. Guessing that
unicode == charcode (in the absence of ToUnicode) is our best bet.
BUG=pdfium:642
Review-Url: https://codereview.chromium.org/2643543002
|
|
It's a ref-counted class, so if we're in the destructor, the ref
count has hit zero. We can't make a new ref pointer to itself here,
as it will re-invoke the destructor when it goes out of scope. This
should have been an obvious anti-pattern in hindsight.
The object in question can't be in the m_pFontManager, since the font
manager retains a reference, and we wouldn't get to this destructor
while that is present. So the cleanup isn't required.
Fixing this revealed a free-delete mismatch in cxfa_textlayout.cpp.
I also converted to use unique_ptrs in a few places near this issue.
Fixing this revealed a UAF in CFGAS_GEFont, memcpy'ing a RetainPtr
is not a good idea as it doesn't bump the ref count.
Also protect and friend the CFGAS_GEFont destructor, to make sure
random deletes don't happen.
Also kill off a const cast, and remove unnecessary conversion to
retain_ptr when we already have one.
TEST=look for absence of -11 in XFA corpus test logs, bots not
currently noticing the segv. Argh.
Review-Url: https://codereview.chromium.org/2631703003
|
|
We can get into a loop when gif_img_row_bytes is 0 since Decode will
return 3 when the second parameter is 0, and there is a while(ret!=0).
BUG=681170
Change-Id: I63502a8487c07030fce2373f74cec6b4f0c98297
Reviewed-on: https://pdfium-review.googlesource.com/2211
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
If the values are going to overflow, return error code, which seems to
be 2.
BUG=668822
Change-Id: I89b3fcf277e98d65b8c3438e6d9bb84fe62a8de9
Reviewed-on: https://pdfium-review.googlesource.com/2213
Commit-Queue: Nicolás Peña <npm@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|