Age | Commit message (Collapse) | Author |
|
Due to the partition alloc change we need to initialize the PDFium
library in the fuzzers now. This will initialize the needed partitions.
Without this, we fail in various places when attempting to create items
into the partitions
Bug: pdfium:687
Change-Id: I1c40ae3f442cb781cfdb7545b022ee1f4e64e264
Reviewed-on: https://pdfium-review.googlesource.com/3246
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
This reverts commit 31b08d4cdaa17d7a03f35e087096a77036af98ec.
Re-landing the patch after fixing skia build issue.
Change-Id: Ie7039890088b803a6ec5ce365d70f57277459b48
Reviewed-on: https://pdfium-review.googlesource.com/3245
Commit-Queue: Tom Sepez <tsepez@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
This reverts commit 0004f29bf6ee3c6060a272c79f14993e92e053c7.
Reason for revert: Breaks build with skia_paths enabled (which will break the chrome roll).
../../third_party/pdfium/core/fxge/skia/fx_skia_device.cpp:1858:38: error: no member named 'get' in 'CFX_RetainPtr<CFX_DIBitmap>'
../../third_party/pdfium/core/fxge/skia/fx_skia_device.cpp:1861:42: error: no member named 'get' in 'CFX_RetainPtr<CFX_DIBitmap>'
../../third_party/pdfium/core/fxge/skia/fx_skia_device.cpp:2987:15: error: no viable overloaded '='
../../third_party/pdfium/core/fxge/skia/fx_skia_device.cpp:2991:18: error: no viable overloaded '='
../../third_party/pdfium/core/fxge/skia/fx_skia_device.cpp:2999:17: error: no viable overloaded '='
../../third_party/pdfium/core/fxge/skia/fx_skia_device.cpp:3001:43: error: no member named 'GetObject' in 'CFX_RetainPtr<CFX_DIBitmap>'
Original change's description:
> Refcount all CFX_DIBSources (and subclasses) all the time.
>
> There are currently several ownership models for these objects,
> including ad-hoc logic for sharing and deletion, and the
> now-redundant CFX_DIBitmapRef externally-counted handle to the DIBs.
>
> Replace them all with the internal refcount scheme.
>
> Change-Id: I2db399dfc19219eda384f94cc989353b78ce2872
> Reviewed-on: https://pdfium-review.googlesource.com/3166
> Reviewed-by: dsinclair <dsinclair@chromium.org>
> Commit-Queue: dsinclair <dsinclair@chromium.org>
>
TBR=thestig@chromium.org,tsepez@chromium.org,dsinclair@chromium.org,pdfium-reviews@googlegroups.com
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
Change-Id: I678b1fbc5e666cf7a19372ebaff3270fb115ba5e
Reviewed-on: https://pdfium-review.googlesource.com/3243
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
There are currently several ownership models for these objects,
including ad-hoc logic for sharing and deletion, and the
now-redundant CFX_DIBitmapRef externally-counted handle to the DIBs.
Replace them all with the internal refcount scheme.
Change-Id: I2db399dfc19219eda384f94cc989353b78ce2872
Reviewed-on: https://pdfium-review.googlesource.com/3166
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
Change-Id: I85ea9529f4188bf818ee96c37944e4546411f79c
Reviewed-on: https://pdfium-review.googlesource.com/3211
Reviewed-by: Lei Zhang <thestig@chromium.org>
Commit-Queue: Tom Sepez <tsepez@chromium.org>
|
|
Change-Id: I158b7d80b0ec28b742a9f2d5a96f3dde7fb3ab56
Reviewed-on: https://pdfium-review.googlesource.com/3031
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Reviewed-by: Nicolás Peña <npm@chromium.org>
|
|
The one step to make an actual concrete class is conditionalized
in fpdfview and is unconditional in the fuzzer.
Also replace the clumsy C-style callbacks with a delegate
interface as long as we are making new interfaces.
Change-Id: I733a437483ce5e0c34211cfbbda05105336f55b5
Reviewed-on: https://pdfium-review.googlesource.com/2887
Commit-Queue: Tom Sepez <tsepez@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
We currently only limit the array recursion levels. This recursion
level may also be reset when parsing. This is insufficient to protect
against stack overflows.
BUG=681920
Change-Id: I69bd0c912fb45c0e68b9b9fa961d43f0adc9bdd3
Reviewed-on: https://pdfium-review.googlesource.com/2434
Commit-Queue: Nicolás Peña <npm@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|
|
Currently we use the size provided by clusterfuzz when initializing the
css syntax parser. This maybe incorrect as the CFX_WideString may have a
different count after converting to UTF. Use the wide string length instead
of the provided size.
We need to guard against strings that convert to blank when doing the wide
conversion so add an early exit.
BUG=682551
Change-Id: I3e014647fcf869681098a1b4446306b8b3eb9323
Reviewed-on: https://pdfium-review.googlesource.com/2391
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
This CL splits the files in xfa/fde/css into class per file and renames any
needed files to match the class names.
Update some of the classes to use std::stack.
Change-Id: I4eca0fb3556d949a15a873bb0f0fd732f47e4fb1
Reviewed-on: https://pdfium-review.googlesource.com/2253
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Reviewed-by: Nicolás Peña <npm@chromium.org>
|
|
This Cl removes the stream initializer from the FDE CSS parser. The only
consumer was the css fuzzer. The fuzzer has been moved to use the string
initializer to match the rest of the code.
Change-Id: I65445af1159058b7c71d5e1d7c12e60383da6dbd
Reviewed-on: https://pdfium-review.googlesource.com/2217
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Reviewed-by: Nicolás Peña <npm@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
This patch adds the additional functions required to make postscript
printing functional. The most significant additions are are two added
compression functions and a new API for setting the postscript level.
Not currently called from Chromium, Chromium patch to come.
BUG=
Review-Url: https://codereview.chromium.org/2612243005
|
|
This CL updates the possible FDE CSS enums to enum classes and fixes up any
instances of incorrect values being used. A few other cleanups and changes
were needed to complete the conversion.
Change-Id: Ibcca5229a9ca8de1f4beb6462535f61705fd4f8c
Reviewed-on: https://pdfium-review.googlesource.com/2170
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
Also rename CFDE_XMLParser to IFDE_XMLParser since its an interface.
Review-Url: https://codereview.chromium.org/2555373002
|
|
IFGAS_Streams are not part of the IFX_Stream hierarchy, but
can be made from such.
Review-Url: https://codereview.chromium.org/2559763002
|
|
We can remove a lot of "bOwnsStream" logic in the process.
Always pass these by const reference, in case the called method
wants to hang on to the stream (one exception is where we stick
a raw pointer into a void* slot in a context from another layer).
Review-Url: https://codereview.chromium.org/2451493002
|
|
It's a separate hierarchy unrelated to the IFX_*Stream classes.
Also rename CFX_Stream to CFGAS_Stream, and so forth.
Review-Url: https://codereview.chromium.org/2535723010
|
|
Change-Id: I6b2d1a5b06211b32f3053aad4d7ae7501ec8d8f6
Reviewed-on: https://pdfium-review.googlesource.com/2093
Commit-Queue: Nicolás Peña <npm@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|
|
Also remove a bool that is always false.
Review-Url: https://codereview.chromium.org/2539203002
|
|
Add cpdf_streamparser.h and cpdf_contentparser.h since there are
already corresponding .cpp files with the same name.
Review-Url: https://codereview.chromium.org/2521123003
|
|
Return these from underlying methods as appropriate.
Review-Url: https://codereview.chromium.org/2520133002
|
|
Review-Url: https://codereview.chromium.org/2514173002
|
|
Some changes were required to match underlying ctors
as invoked by the templated methods.
Many release() calls go away, a few WrapUniques() are
introduced to avoid going deeper into other code.
Review-Url: https://codereview.chromium.org/2510223002
|
|
BUG=
Review-Url: https://codereview.chromium.org/2498223005
|
|
- Add a template for fuzzers to remove redundancy.
- Sort fuzzers in alphabetical order.
Previous attempt: https://codereview.chromium.org/2480043002/
Review-Url: https://codereview.chromium.org/2481933003
|
|
TBR=tsepez@chromium.org
Review-Url: https://codereview.chromium.org/2477323004
|
|
My OCD insists that classes be named after nouns, and "linearized"
feels like an adjective.
Remove a redundant "if" while at it.
Review-Url: https://codereview.chromium.org/2482973002
|
|
Unify some code
Move parsing of linearized header into separate CPDF_Linearized class.
Original review:
https://codereview.chromium.org/2466023002/
Revert review:
https://codereview.chromium.org/2474283005/
Revert reason was:
Breaking the chrome roll.
See https://build.chromium.org/p/tryserver.chromium.linux/builders/linux_chromium_rel_ng/builds/331856
___
Added Fix for fuzzers.
Review-Url: https://codereview.chromium.org/2477213003
|
|
of https://codereview.chromium.org/2480043002/ )
Reason for revert:
Breaking the tree:
https://build.chromium.org/p/client.pdfium/builders/windows_xfa_32/builds/619/steps/compile%20with%20ninja/logs/stdio
Original issue's description:
> Compile fuzzer sources in standalone builds.
>
> - Add a template for fuzzers to remove redundancy.
> - Sort fuzzers in alphabetical order.
>
> Committed: https://pdfium.googlesource.com/pdfium/+/470b5fa8f8dbfd2aa702d9d8cfdc03a7b486b374
TBR=dsinclair@chromium.org,thestig@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
Review-Url: https://codereview.chromium.org/2480323002
|
|
- Add a template for fuzzers to remove redundancy.
- Sort fuzzers in alphabetical order.
Review-Url: https://codereview.chromium.org/2480043002
|
|
This reverts commit f0d5b6c35fa343108a3ab7a25bc2cc2b3cf105b3.
Review-Url: https://codereview.chromium.org/2478303002
|
|
TBR=tsepez@chromium.org
Review-Url: https://codereview.chromium.org/2471253004
|
|
FX_BOOL was a type just like a regular C++ bool, except that it
took 4x the space and frequently was used to hold values besides
true or false.
Review-Url: https://codereview.chromium.org/2471353002
|
|
BUG=661291
TBR=dsinclair@chromium.org
Review-Url: https://codereview.chromium.org/2469923002
|
|
BUG=660015
TBR=npm@chromium.org
Review-Url: https://codereview.chromium.org/2452523005
|
|
It's been troubling for some time that an IFX_FileStream might
actually be an in-memory buffer with no backing file.
Review-Url: https://codereview.chromium.org/2443723002
|
|
Missed these again. Scripting fail.
BUG=pdfium:603
Review-Url: https://codereview.chromium.org/2393433003
|
|
When fuzzing the image formats, its possible to get a read request which
would go negative. Handle the request and return FALSE for the read.
BUG=chromium:621836
Review-Url: https://codereview.chromium.org/2386343002
|
|
Note: pdfium bots don't seem to touch these files.
Review-Url: https://codereview.chromium.org/2379973005
|
|
BUG=pdfium:611
Review-Url: https://codereview.chromium.org/2382723003
|
|
Review-Url: https://codereview.chromium.org/2370943004
|
|
Review-Url: https://codereview.chromium.org/2357173005
|
|
Review-Url: https://codereview.chromium.org/2365143002
|
|
BUG=648935,649436
Review-Url: https://codereview.chromium.org/2360283004
|
|
Review-Url: https://codereview.chromium.org/2362623002
|
|
Review-Url: https://codereview.chromium.org/2342203006
|
|
BUG=pdfium:559
Review-Url: https://codereview.chromium.org/2286653002
|
|
Review-Url: https://codereview.chromium.org/2262703003
|
|
BUG=636559
Review-Url: https://codereview.chromium.org/2255083004
|
|
Put class definition into its own header file so fuzzer can find it.
Fix a pair of div by 0s immediately hit by the fuzzer.
Review-Url: https://codereview.chromium.org/2253193003
|