summaryrefslogtreecommitdiff
path: root/fpdfsdk/javascript
AgeCommit message (Collapse)Author
2017-10-05Add ObservedPtr to catch Widget being killed by JSRyan Harrison
Another case of a call causing JS to run, which can remove a widget that is called later. BUG=chromium:771979 Change-Id: I5f25a38097662b70cfb777f76f0e3d50e7c11b1b Reviewed-on: https://pdfium-review.googlesource.com/15610 Commit-Queue: Ryan Harrison <rharrison@chromium.org> Reviewed-by: Henrique Nakashima <hnakashima@chromium.org>
2017-09-27Remove FXSYS_strlen and FXSYS_wcslenchromium/3226Ryan Harrison
With the conversion of internal string sizes to size_t, these wrappers are no longer needed. Replacing them with strlen and wcslen respectively. BUG=pdfium:828 Change-Id: Ia087ca2ddaf688a57ec9bd9ddfb8533cbe41510d Reviewed-on: https://pdfium-review.googlesource.com/14890 Commit-Queue: Ryan Harrison <rharrison@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-09-27Remove FX_STRSIZE and replace with size_tRyan Harrison
BUG=pdfium:828 Change-Id: I5c40237433ebabaeabdb43aec9cdf783e41dfe16 Reviewed-on: https://pdfium-review.googlesource.com/13230 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: Ryan Harrison <rharrison@chromium.org>
2017-09-27Cleanup FX macrosDan Sinclair
This CL renames the FX_OS defines to have _OS_ in their names and drops the _DESKTOP suffix. The FXM defines have been changed to just FX. Change-Id: Iab172fba541713b5f6d14fb8098baf68e3364c74 Reviewed-on: https://pdfium-review.googlesource.com/14833 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-09-21Move CFX_UnownedPtr to UnownedPtrDan Sinclair
This CL moves CFX_UnownedPtr to UnownedPtr and places in the fxcrt namespace. Bug: pdfium:898 Change-Id: I6d1fa463f365e5cb3aafa8c8a7a5f7eff62ed8e0 Reviewed-on: https://pdfium-review.googlesource.com/14620 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-09-21Move CFX_Observable to ObservableDan Sinclair
This CL renames CFX_Observable to Observable and moves into the fxcrt namespace. The test suite names were updated to ObservedPtr from fxcrt. Bug: pdfium:898 Change-Id: Ia507482bc0a1d6d8bbf12c0c55c4a88f6c8910e2 Reviewed-on: https://pdfium-review.googlesource.com/14615 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-09-21Move CFX_AutoRestorer to fxcrt::AutoRestorerDan Sinclair
This CL renames CFX_AutoRestorer to just AutoRestorer and places in the fxcrt namespace. Bug: pdfium:898 Change-Id: Id9f36df94e95f3b2a55054bc198ca1bfd249ee3d Reviewed-on: https://pdfium-review.googlesource.com/14450 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-09-18Convert string class namesRyan Harrison
Automated using git grep & sed. Replace StringC classes with StringView classes. Remove the CFX_ prefix and put string classes in fxcrt namespace. Change AsStringC() to AsStringView(). Rename tests from TEST(fxcrt, *String*Foo) to TEST(*String*, Foo). Couple of tests needed to have their names regularlized. BUG=pdfium:894 Change-Id: I7ca038685c8d803795f3ed02545124f7a224c83d Reviewed-on: https://pdfium-review.googlesource.com/14151 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: Ryan Harrison <rharrison@chromium.org>
2017-09-01Prepare for converting FX_STRSIZE int->size_tRyan Harrison
When turning on this conversion a number of typing issues and other nits where found in the code base that can be merged in without actually changing the underlying type. Landing these changes before the type change CL, since there is a high likelihood that the type change will need to be rolled back, since it is high risk. BUG=pdfium:828 Change-Id: I587443d9090055963446485a1aacb8772eb5ca64 Reviewed-on: https://pdfium-review.googlesource.com/12810 Commit-Queue: Ryan Harrison <rharrison@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org> Reviewed-by: Henrique Nakashima <hnakashima@chromium.org>
2017-09-01Adjust loops in preperation for FX_STRSIZE int->size_tRyan Harrison
Adjust loop conditions and behaviours in preperation for convering the underlying type of FX_STRSIZE to size_t. These changes are not dependent on the type switch occuring, so can be landed before hand. BUG=pdfium:828 Change-Id: I5f950c99c10e5ef0836959e3b1dd2e09f8f5afc0 Reviewed-on: https://pdfium-review.googlesource.com/12750 Commit-Queue: Ryan Harrison <rharrison@chromium.org> Reviewed-by: Henrique Nakashima <hnakashima@chromium.org>
2017-08-31Remove fx_basic.hDan Sinclair
This CL removes the fx_basic.h header and fixes up includes as needed. Change-Id: I49af32a8327bdbcda40c50a61ffbd75d06609040 Reviewed-on: https://pdfium-review.googlesource.com/12670 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-08-30Add truly const versions of CPDF_Document getters.Lei Zhang
Instead of only having CPDF_Dictionary* GetRoot() const, provide const CPDF_Dictionary* GetRoot() const and CPDF_Dictionary* GetRoot(). Do the same for GetInfo(). Change-Id: I6eae1208d38327fcdc7d0cd75069a01c95f4a92a Reviewed-on: https://pdfium-review.googlesource.com/11671 Commit-Queue: Lei Zhang <thestig@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-08-30Move CFX_BinaryBuf out of fx_basicDan Sinclair
This CL splits the CFX_BinaryBuf out of fx_basic into its own files. The various includes have been updated. Change-Id: I0fa616eeb4df6dd229c02dc3a0597b3dced59425 Reviewed-on: https://pdfium-review.googlesource.com/12412 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-08-30Split auto restorer from fx_basicDan Sinclair
This CL moves CFX_AutoRestorer into its own file, separate from fx_basic.h. Change-Id: I415cb9207416bd4744b8ac8e2d7466852db53f0a Reviewed-on: https://pdfium-review.googlesource.com/12390 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-08-30Convert int* references to FX_STRSIZERyan Harrison
Through out the code base there are numerous places where variables are declared using a signed integer type when interacting with the string classes, since they assume that FX_STRSIZE is 'int'. As part of changing the underling type of FX_STRSIZE to be unsigned, these locations are being changed to use FX_STRSIZE. This is necessary as part of converting the type, but has been broken off into a separate CL, since it should be low risk. Some related cleanups that are low risk are included as part of this CL. BUG=pdfium:828 Change-Id: Ifaae54ad195ccde0fe8672f71271d29a6ebd65fd Reviewed-on: https://pdfium-review.googlesource.com/12210 Reviewed-by: Tom Sepez <tsepez@chromium.org> Reviewed-by: Henrique Nakashima <hnakashima@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: Ryan Harrison <rharrison@chromium.org>
2017-08-23Convert string Find methods to return an OptionalRyan Harrison
The Find and ReverseFind methods for WideString, WideStringC, ByteString, and ByteStringC have been converted from returning a raw FX_STRSIZE, to returning Optional<FX_STRSIZE>, so that success/failure can be indicated without using FX_STRNPOS. This allows for removing FX_STRNPOS and by association makes the conversion of FX_STRSIZE to size_t easier, since it forces checking the return value of Find to be explictly done as well as taking the error value out of the range of FX_STRSIZE. New Contains methods have been added for cases where the success or failure is all the call site to Find cared about, and the actual position was ignored. BUG=pdfium:828 Change-Id: Id827e508c8660affa68cc08a13d96121369364b7 Reviewed-on: https://pdfium-review.googlesource.com/11350 Commit-Queue: Ryan Harrison <rharrison@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-08-16Add in missting string length checkRyan Harrison
BUG=chromium:754984 Change-Id: I106d460c80804797cee537d1990f901b5bf5a519 Reviewed-on: https://pdfium-review.googlesource.com/11171 Commit-Queue: Ryan Harrison <rharrison@chromium.org> Reviewed-by: Henrique Nakashima <hnakashima@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-08-16Check for possible empty object returns from NewFxDynamicObj()Tom Sepez
Avoid some potential crashiness. TBR=jochen@chromium.org Bug: 754610 Change-Id: Ie8143c1909df7ba5783b7d20b61e31f093d04b34 Reviewed-on: https://pdfium-review.googlesource.com/10970 Commit-Queue: Tom Sepez <tsepez@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-08-15Remove GetAt from string classesRyan Harrison
This method duplicates the behaviour of the const [] operator and doesn't offer any additional safety. Folding them into one implementation. SetAt is retained, since implementing the non-const [] operator to replace SetAt has potential performance concerns. Specifically many non-obvious cases of reading an element using [] will cause a realloc & copy. BUG=pdfium:860 Change-Id: I3ef5e5e5a15376f040256b646eb0d90636e24b67 Reviewed-on: https://pdfium-review.googlesource.com/10870 Commit-Queue: Ryan Harrison <rharrison@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-08-04Remove _MSC_VER from JS_Value.cppchromium/3179chromium/3178Tom Sepez
Use one of the _FXM_PLATFORM_ macros we defined in fx_system.h in its place. Change-Id: Iabf56c2aa840927aa48532320b9cbf095b9b7b6e Reviewed-on: https://pdfium-review.googlesource.com/10210 Reviewed-by: Lei Zhang <thestig@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org>
2017-08-04Remove platform-specific IsFinite, JS_PortIsNan, and GetNan.Tom Sepez
Because C++11 gives us std::isfinite(), std::isnan() and std::nan(). Bug: pdfium:459 Change-Id: I128f332ec908df6aff66ef76012288fd22d423ed Reviewed-on: https://pdfium-review.googlesource.com/10190 Reviewed-by: Lei Zhang <thestig@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org>
2017-08-04Remove CFX_ByteTextBuf from cpdfsdk_interform.cpp and others.chromium/3177Henrique Nakashima
New version of the CL that include fpdf_parser_utility.cpp where there is an overload for CFX_ByteTextBuf << CPDF_Object* used by CFDF_Document. Bug: pdfium:731 Change-Id: I54f4e9ee7e10e94388f6f6584f3999f43689e84c Reviewed-on: https://pdfium-review.googlesource.com/10170 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: Henrique Nakashima <hnakashima@chromium.org>
2017-08-04Enforce recent VC++ version (2015 or later).Tom Sepez
Remove ifdef'd code for versions we know will no longer work. Change-Id: I036c80168f846df1b98e9df4972f84655e8418fb Reviewed-on: https://pdfium-review.googlesource.com/10051 Reviewed-by: Lei Zhang <thestig@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org>
2017-08-04Revert "Remove CFX_ByteTextBuf from cpdfsdk_interform.cpp and others."Henrique Nakashima
This reverts commit aea80dcc0abc0c310316fa502f91a359bc684758. Reason for revert: WriteBuf's behavior was altered Original change's description: > Remove CFX_ByteTextBuf from cpdfsdk_interform.cpp and others. > > Bug: pdfium:731 > Change-Id: I61d38ab3f2b0ac68b8479ade25bab50f3a73c27b > Reviewed-on: https://pdfium-review.googlesource.com/9770 > Reviewed-by: Tom Sepez <tsepez@chromium.org> > Commit-Queue: Henrique Nakashima <hnakashima@chromium.org> TBR=tsepez@chromium.org,hnakashima@chromium.org,rharrison@chromium.org # Not skipping CQ checks because original CL landed > 1 day ago. Bug: pdfium:731 Change-Id: Ic66a2641c259173fb3792f7a4206e19ee4707fc9 Reviewed-on: https://pdfium-review.googlesource.com/10150 Reviewed-by: Henrique Nakashima <hnakashima@chromium.org> Commit-Queue: Henrique Nakashima <hnakashima@chromium.org>
2017-08-02Remove CFX_ByteTextBuf from cpdfsdk_interform.cpp and others.Henrique Nakashima
Bug: pdfium:731 Change-Id: I61d38ab3f2b0ac68b8479ade25bab50f3a73c27b Reviewed-on: https://pdfium-review.googlesource.com/9770 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: Henrique Nakashima <hnakashima@chromium.org>
2017-08-01Replace raw value for constant error value in string operationsRyan Harrison
Currently Find() and other methods that return a FX_STRSIZE return -1 to indicate error/failure. This means that there is a lot of magic numbers and magic checks floating around. The standard library for similar operations uses a npos constant. This CL implements FX_STRNPOS, and replaces usages of magic number checking. It also does some type cleanup along the way where it was obvious that FX_STRSIZE should be being used. Removing the magic numbers should make eventually changing FX_STRSIZE to be unsigned easier in the future. BUG=pdfium:828 Change-Id: I67e481e44cf2f75a1698afa8fbee4f375a74c490 Reviewed-on: https://pdfium-review.googlesource.com/9651 Commit-Queue: Ryan Harrison <rharrison@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-07-28Convert calls to Mid() to Left() or Right() if possibleRyan Harrison
The various string/byte classes support Mid(), Left(), and Right() for extracting substrings. Mid() can handle all possible cases, but Left() and Right() are useful for common cases and more explicit about what is going on. Calls like Mid(offset, length - offset) can be converted to Right(length - offset). Calls like Mid(0, length) can be converted to Left(length). If the substring being extracted does not extend all the way to one of the edges of the string, then Mid() still needs to be used. BUG=pdfium:828 Change-Id: I2ec46ad3d71aac0f7b513e103c69cbe8c854cf62 Reviewed-on: https://pdfium-review.googlesource.com/9510 Commit-Queue: Ryan Harrison <rharrison@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-07-27Remove single param Mid() method from string classesRyan Harrison
This support is being removed from CFX_ByteString, CFX_ByteStringC, CFX_WideString, and CFX_WideStringC. This standardizes all of these classes to only have one Mid method that takes in 2 params, offset and count. Count now must be positive. The old behaviour of calculating the length for the user if -1 is passed in for the count has been removed. This work is in preperation for converting these classes to not accept negative lengths anywhere and thus make the underlying size type unsigned. BUG=pdfium:828 Change-Id: I5f15e7b7b00b264231817f143e2da88ee6f69e7b Reviewed-on: https://pdfium-review.googlesource.com/9430 Reviewed-by: (OOO Jul 28 - Aug 8) dsinclair <dsinclair@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: Ryan Harrison <rharrison@chromium.org>
2017-07-25Move fpdfsdk/pdfwindow to fpdfsdk/pwlDan Sinclair
This makes it clearer what the directory contains. Change-Id: I34fc38dd30b8e0f6e057052ea33c8b5a10f1b9c3 Reviewed-on: https://pdfium-review.googlesource.com/8791 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Henrique Nakashima <hnakashima@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-07-19Rename StringCs c_str() to unterminated_c_str().Tom Sepez
Since there is no guarantee of termination if the StringC was extracted from a snippet of another string. Make it more obvious that things like strlen(str.unterminated_c_str()) might be a bad idea. Change-Id: I7832248ed89ebbddf5c0bcd402aac7d40ec2adc2 Reviewed-on: https://pdfium-review.googlesource.com/8170 Commit-Queue: Tom Sepez <tsepez@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org> Reviewed-by: Henrique Nakashima <hnakashima@chromium.org>
2017-07-19Use CFX_WideString in CPDF_NameTree functions to strip BOMchromium/3162Jane Liu
PDFium doesn't strip BOMs during parsing, but we should strip BOMs when retrieving parsed strings in CPDF_NameTree to ensure consistency and appropriate function behavior. See the bug for more info. As outlined in Bug=pdfium:593, the solution is to call GetUnicodeText() instead of GetString(). I added a GetUnicodeTextAt() function in CPDF_Array, which is symmetrical to GetUnicodeTextFor() in CPDF_Dictionary. I then changed the input variable types to CPDF_NameTree functions to be CFX_WideString instead of CFX_ByteString, and modified all the calls to them. I also added a unit test for nametree, which would fail prior to this change. Nametrees with non-unicode names are already tested by embedder tests. Bug=pdfium:820 Change-Id: Id69d7343632f83d1f5180348c0eea290f478183f Reviewed-on: https://pdfium-review.googlesource.com/8091 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: Jane Liu <janeliulwq@google.com>
2017-07-18Small tidy of defines in util.hchromium/3161Tom Sepez
Avoid duplicate definitions. Change-Id: I33761277cceea538b8d58c10175cfc9e9951fcd4 Reviewed-on: https://pdfium-review.googlesource.com/8011 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org>
2017-07-17More tightly validate format strings in util.cpp.chromium/3160Tom Sepez
Re-work the previous fix to be even more particular about the input. Bug: chromium:740166 Change-Id: I6bea3b6a6dd320a83f830b07afd52951be7d1b63 Reviewed-on: https://pdfium-review.googlesource.com/7691 Commit-Queue: Tom Sepez <tsepez@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-07-14Create ParseDataType unit tests based on specs.chromium/3159chromium/3158Henrique Nakashima
Test cases that are commented out are failing with our current implementation. Change-Id: I9f80003af5a5d182f53cc655454aec44397d278b Reviewed-on: https://pdfium-review.googlesource.com/7890 Commit-Queue: Henrique Nakashima <hnakashima@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-07-13Fix invalid write for util.printfDan Sinclair
This CL fixes and invalid WRITE triggered by calling util.printf. We need to verify that the integer format will be less then 260 characters. Bug: chromium:740166 Change-Id: I1c9047101780582da5f39088568727e2c8b4c2d2 Reviewed-on: https://pdfium-review.googlesource.com/7630 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-07-13Rename CPWL_Color to CFX_ColorDan Sinclair
This CL moves fpdfsdk/pdfwindow/cpwl_color to core/fxge/cfx_color. Change-Id: Ia95b7fba2c76a1b9a438014d3598c7aa55bbb2ab Reviewed-on: https://pdfium-review.googlesource.com/7753 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-06-20Use early returns in more CPDFSDK_FormFillEnvironment code.Lei Zhang
Same for CFFL_InteractiveFormFiller. Fix other nits in both classes and in related code. Change-Id: I9901c48794358889cc20638455ffd7fcb3344574 Reviewed-on: https://pdfium-review.googlesource.com/6652 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: Lei Zhang <thestig@chromium.org>
2017-06-19Fix code in fpdf_flatten.cpp that does no make sense.Lei Zhang
Fix some nits and simplify code as well. Change-Id: I77c88f211b9ce32f38221d04c067f73818e0e970 Reviewed-on: https://pdfium-review.googlesource.com/6674 Reviewed-by: Nicolás Peña <npm@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: Lei Zhang <thestig@chromium.org>
2017-06-19Move JS time conversion code into an anonymous namespace.Lei Zhang
Change-Id: Idcbff7db2f9cf0d6698702ca007be5a8b44c7760 Reviewed-on: https://pdfium-review.googlesource.com/6673 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-06-16Avoid a crash inside wcsftime() on Windows.chromium/3135chromium/3134chromium/3133Lei Zhang
BUG=chromium:733245 Change-Id: Ic9347e2cc245831c0b71fac1d531c33c5646ab3f Reviewed-on: https://pdfium-review.googlesource.com/6671 Commit-Queue: Lei Zhang <thestig@chromium.org> Reviewed-by: Nicolás Peña <npm@chromium.org>
2017-06-16Simplify code in the JS printf/printd implementations.Lei Zhang
Change-Id: Iec6749044796945e77cee57e74ab6611f82fa813 Reviewed-on: https://pdfium-review.googlesource.com/6672 Reviewed-by: Nicolás Peña <npm@chromium.org> Commit-Queue: Lei Zhang <thestig@chromium.org>
2017-06-02Rename PWL_FooBar files to cpwl_foo_bar.Lei Zhang
Change-Id: I7ed0ba0acbbee291e285555974ebf50c0073668f Reviewed-on: https://pdfium-review.googlesource.com/6250 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: Lei Zhang <thestig@chromium.org>
2017-06-01Replace some repeated code with existing CFXJS_Engine::NewString() helper.Tom Sepez
In turn, fix type information for New*() return values. In turn, resolve some ambiguity in a ? operator expression. Change-Id: I45c31d81f815b11590b46dacc8060d8e489dde5c Reviewed-on: https://pdfium-review.googlesource.com/6131 Commit-Queue: Tom Sepez <tsepez@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-05-31CFXJS_Engine::GetObjDefnID is a static methodTom Sepez
So call it as such. Fix two places where we're invoking it off of an intance. Change-Id: I08712fa27dbdf85c9195cedcc62d7d741b0ad091 Reviewed-on: https://pdfium-review.googlesource.com/6110 Reviewed-by: Lei Zhang <thestig@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org>
2017-05-25Mass conversion of remaining class members (non-xfa)Tom Sepez
Change-Id: I8365ba80e3395d59a3cf35dbd9d9162e86e712e3 Reviewed-on: https://pdfium-review.googlesource.com/5970 Commit-Queue: Tom Sepez <tsepez@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org>
2017-05-25Mass conversion of all const-lifetime class membersTom Sepez
Sed + minimal conversions to compile, including moving some constructors into the .cpp file. Any that caused ASAN issues during the tests were omitted rather than trying to resolve the underlying issue. Change-Id: I00a421f33b253eb4071ffd9af3f2922c7443b335 Reviewed-on: https://pdfium-review.googlesource.com/5891 Commit-Queue: Tom Sepez <tsepez@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org>
2017-05-18Use Unowned/Observed pointers between doc and FF onwership hierarchies.Tom Sepez
See the explanation in CPDFSDK_FormFillEnvironment.h Change-Id: I52feb25fb358831233a636e3ead5aa70e98c5baa Reviewed-on: https://pdfium-review.googlesource.com/5658 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org>
2017-05-16Introduce CFX_UnownedPtr to detect lifetime inversion issues.Tom Sepez
There are places where an object "child" has a raw pointer back to object "owner" with the understanding that owner will always outlive child. Violating this constraint can lead to use after free, but this requires finding two paths: one that frees the objects in the wrong order, and one that uses the object after the free. The purpose of this patch is to detect the constraint violation even when the second path is not hit. We create a template that is used in place of TYPE*. It's dtor, when a memory tool is present, goes out and probes the first byte of the object to which it points. Used in "child", this allows the memory tool to prove that the "owner" is still alive at the time the child is destroyed, and hence the constraint is never violated. Change-Id: I2a6d696d51dda4a79ee2f00a6752965e058a6417 Reviewed-on: https://pdfium-review.googlesource.com/5475 Commit-Queue: Tom Sepez <tsepez@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org>
2017-05-04Give a couple of char to int functions better names.chromium/3090Lei Zhang
- FXSYS_toDecimalDigit() becomes FXSYS_DecimalCharToInt(). - FXSYS_toHexDigit() becomes FXSYS_HexCharToInt(). Change-Id: If4683e8f85f05124b92ff075056cbc295442087d Reviewed-on: https://pdfium-review.googlesource.com/4930 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: Lei Zhang <thestig@chromium.org>
2017-05-02Remove some more |new|s, part 11chromium/3088Tom Sepez
Using vector<uint8_t> as a buffer. Change-Id: I38a8a05e7ec1355980d17533a2c8336e733aa6f6 Reviewed-on: https://pdfium-review.googlesource.com/4791 Reviewed-by: Lei Zhang <thestig@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org>