Age | Commit message (Collapse) | Author |
|
Native object callbacks have to distinguish whether the object
they have been given is actually a native object and not some
ordinary JS object. For method/property calls, this happens
via v8's signature mechanism, but signature checks aren't applied
to method arguments themselves.
Currently, we do this by treating any object with an internal field
count of 2 as being such, but this is fragile, and it has been pointed
out that other objects with two internal fields are present.
Additionally, that the first field points to a structure with a
small zero-based object definition ID doesn't really have enough
entropy to trust that it isn't some other entity. So add a pointer
to an internal address in the second slot to make this safer.
Note that we'll also get the same release_assert in the majority
of cases as described in the bug. This is great from a security
standpoint, but not great from a functional standpoint, except this
likely only occurs in the wild if they are trying to mess with us.
This just guards the theoretical cases that might pass the
existing release_assert.
BUG=695830
Change-Id: I42db27d6ed1143269a852805e4e4d862a8ab8773
Reviewed-on: https://pdfium-review.googlesource.com/2847
Commit-Queue: Tom Sepez <tsepez@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
The expected way to create native PDFium objects for JS is via
the NewFxDynamicObject() call in C++, but that doesn't mean that the
corresponding constructors won't be called from JS. In that case,
the internal fields will be uninitialized, and subsequent method
calls may try to use them.
Add a constructor callback for all PDFium objects that nulls out
these fields (shame that v8 doesn't do this by default, but probably
saves some cycles). Then ensure that we check for this possibility
in all the places it might turn up.
Conversely, if we've just gotten a successful return from
NewFxDynamicObject(), we know the CJS_Object/EmbedObj are good,
so avoid checking there.
BUG=695826
Change-Id: Iadad644c4af937def967ddc83daac1dad7544d69
Reviewed-on: https://pdfium-review.googlesource.com/2839
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: Tom Sepez <tsepez@chromium.org>
|
|
Save some space since none contain non-ascii characters.
Avoid allocating C++ WideStrings just to convert back to
UTF8 when defining properties.
Change-Id: Id94db21b32ee7a96856c35a09f7550b54599ae13
Reviewed-on: https://pdfium-review.googlesource.com/2826
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
none are non-ascii characters, so save space.
Change-Id: I5e81e8847a2ce4a5ffa3422d2103ffe453036e7c
Reviewed-on: https://pdfium-review.googlesource.com/2819
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
Change-Id: I4daec9e05a63c55caa01402a594c3553073c439e
Reviewed-on: https://pdfium-review.googlesource.com/2818
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
There are no non-ascii characters, so save space.
Change-Id: Ib9efb9386b6fc83bf3bb1810c791aadeeeebc259
Reviewed-on: https://pdfium-review.googlesource.com/2817
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
None of the names have non-ascii characters.
Change-Id: I83a52d6276edf2f442fca33221f38f6a53c3ffe3
Reviewed-on: https://pdfium-review.googlesource.com/2816
Commit-Queue: Tom Sepez <tsepez@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
Doing so reveals places where there are needless copies
and conversions.
Change-Id: I24a868d40aa63836f4167eaf4541964049df7916
Reviewed-on: https://pdfium-review.googlesource.com/2555
Commit-Queue: Tom Sepez <tsepez@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
Move checks performed as part of JS_Value's object and array
handling back into FXJS, to ease removal of JS_Value in the future.
Remove some convenience routines in FXJS for objects, to shrink
API to be covered during testing.
Change some naming (number => double, string => widestring) to
make it clearer when there is a C++ type involved.
BUG=
Review-Url: https://codereview.chromium.org/2637503002
|
|
This reverts commit a282c7380f3964de41ea93c9980b12c4513d3473.
This CL changes CPDFXFA_App from a global object to a child of the
CPDFXFA_Document objects.
BUG=pdfium:623
Review-Url: https://codereview.chromium.org/2421603002
|
|
https://codereview.chromium.org/2418653003/ )
Reason for revert:
https://build.chromium.org/p/client.pdfium/builders/linux_xfa_asan_lsan/builds/117/steps/corpus%20tests/logs/stdio
Original issue's description:
> Reland: Make the CPDFXFA_App non-global
>
> This reverts commit b685e6471075bebd26711bc183de3128f54932e3.
>
> This CL changes CPDFXFA_App from a global object to a child of the CPDFXFA_Document objects.
>
> BUG=pdfium:623
>
> Committed: https://pdfium.googlesource.com/pdfium/+/f3736bca5f874b0889c5906ffbd74a405089f671
TBR=tsepez@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=pdfium:623
Review-Url: https://codereview.chromium.org/2414883006
|
|
This reverts commit b685e6471075bebd26711bc183de3128f54932e3.
This CL changes CPDFXFA_App from a global object to a child of the CPDFXFA_Document objects.
BUG=pdfium:623
Review-Url: https://codereview.chromium.org/2418653003
|
|
https://codereview.chromium.org/2416753002/ )
Reason for revert:
https://build.chromium.org/p/client.pdfium/builders/linux_xfa_asan_lsan/builds/112/steps/embeddertests/logs/stdio
msan is sad.
Original issue's description:
> Make the CPDFXFA_App non-global
>
> This CL changes CPDFXFA_App from a global object to a child of the
> CPDFXFA_Document objects.
>
> BUG=pdfium:623
>
> Committed: https://pdfium.googlesource.com/pdfium/+/abefb79577b32d291d14d7e01a70f6f8cf213bd3
TBR=tsepez@chromium.org,thestig@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=pdfium:623
Review-Url: https://codereview.chromium.org/2412903004
|
|
This CL changes CPDFXFA_App from a global object to a child of the
CPDFXFA_Document objects.
BUG=pdfium:623
Review-Url: https://codereview.chromium.org/2416753002
|
|
BUG=pdfium:611
Review-Url: https://codereview.chromium.org/2380713005
|
|
BUG=pdfium:611
Review-Url: https://codereview.chromium.org/2382723003
|
|
Use smart pointers for FXJS_PerIsolateData owned member variables. Also
move creation and deletion of dynamic object map into
FXJS_PerIsolateData's constructor and destructor. Overall, the
interfaces and memory management should be simpler.
BUG=pdfium:518
Review-Url: https://codereview.chromium.org/2358343002
|
|
CFXJS_Engine class should always be constructed with an isolate, except
for its subclasses which may need to create an isolate by themselves.
Move SetIsolate() function to be protected so that only subclasses can
access it.
Review-Url: https://codereview.chromium.org/2354353002
|
|
Per isolate runtime data should be deleted when the associated
isolate's destructed.
Also, the internal of per isolate runtime data is obscure to the JS
engine. So XFA or this class itself has to be in charge of the memory
management. Use smart pointer for it so that the resource
could be released properly.
BUG=pdfium:242
Review-Url: https://codereview.chromium.org/2354923003
|
|
Nearly all the "loose" functions in FXJS become methods on
the CFJXS_Engine.
This is the "missing link" wrt some layering violatons that
have been around forever. We can stop passing &m_ variables
from CJS_ down into FXJS Initialization as a result.
Review-Url: https://codereview.chromium.org/2245863002
|
|
Create a new class to hold these, CFXJS_Engine (could have been
called Runtime, but there are too many "Runtimes" already). In a
subsequent patch, all the FXJS_*() functions that take an isolate
as the first argument can become methods on the engine.
CJS_ must still manage the isolates; this happens outside
the engine.
The IJS_Runtime abstraction moves up to fpdfsdk/javascript; it
remains to allow for either a real JS library or a stubb one to
be linked (for non-js builds).
Review-Url: https://codereview.chromium.org/2241483004
|
|
Analogous to getting the length of JS array, this result
should be a C++-side object only.
Also rename to FXJS_GetObjectProperty to match JS nomenclature.
Review-Url: https://codereview.chromium.org/2242593002
|
|
Also get rid of FXJS_ValueCopy() while we're at it.
BUG=pdfium:556
Review-Url: https://codereview.chromium.org/2215093002
|
|
Review-Url: https://codereview.chromium.org/2154503002
|
|
v8::Object::Clone() is deprecated, and gets us into trouble with
some corner cases. Create a new handle to the same object instead.
Remove FXJS_NewObject() and FXJS_NewObject2(), and replace with
direct assignments. Pass isolate to FXJS_NewNull() while were
at it, even though not needed, for consistency with all remaining
FXJS_New*() calls.
BUG=628106
R=jochen@chromium.org
Review-Url: https://codereview.chromium.org/2151023002
|
|
This CL moves the fpdfsdk/sjapi code info fxjs/. The "fxjs" library is moved
from being XFA specific to being compiled if V8 is enabled.
The fxjs_v8 files are required when building for XFA (they have XFA defines
in them) and are used in CFXJS_RuntimeData. The cfxjse_* files are only added
if XFA is also enabled.
Review-Url: https://codereview.chromium.org/2144603003
|