Age | Commit message (Collapse) | Author |
|
Fix potential buffer write overrun in PixarLogDecode() on corrupted/unexpected
images. The issue has been fixed in upstream (libtiff revision 1.44,
author: erouault, commitid: 2SqWSFG5a8Ewffcz, date: 2016-06-28 23:12:19 +0800).
This CL applies the official patch to tif_pixarlog.c.
BUG=chromium:654172
R=dsinclair@chromium.org, thestig@chromium.org
Review-Url: https://codereview.chromium.org/2453253003
|
|
The majority of these are already upstream in base/, the
remainder will need upstreaming. Also pull some upstream
changes to reduce diffing.
Upstream CL is https://codereview.chromium.org/2440143003/
BUG=657436
Review-Url: https://chromiumcodereview.appspot.com/2441753003
|
|
Also fixed wrong patch file name.
This is fixup of 958e57cb and d2023170
TEST=apply this change in lcms' repo and make check
BUG=chromium:651849,chromium:654198
Review-Url: https://codereview.chromium.org/2424803002
|
|
LerpFloat functions expect input values are normal float. They first
clamp values to the range of [0.0, 1.0] and then calculate interpolation
with the input values.
If the input value is NaN, it will lead to heap buffer overflow because
the index to LutTable is calculated based on the said value and
fclamp(NaN) is not in expected [0.0, 1.0] range.
This patch rejects all NaN values earlier when reading float numbers. So
it also changed behavior for cases other than LerpFloat. I think it is
okay because NaN doesn't make sense for usual calculations.
BUG=654676
Review-Url: https://codereview.chromium.org/2422553002
|
|
BUG=pdfium:619
Review-Url: https://codereview.chromium.org/2411123003
|
|
This is fixup of 958e57cb.
BUG=chromium:651849,chromium:654198
Review-Url: https://codereview.chromium.org/2407113002
|
|
The patch (https://codereview.chromium.org/2284063002) for Issue 618267
was insufficient. The integer overflow still could be triggered and could
lead to heap buffer overflow.
This CL strengthens integer overflow check in function _TIFFCheckRealloc.
BUG=chromium:654169
R=ochang@chromium.org, tsepez@chromium.org, dsinclair@chromium.org
Review-Url: https://codereview.chromium.org/2405693002
|
|
For cmdStageAllocMatrix, InputChans is length of Matrix, OutputChans is
length of Offsets. The original code will allocate NewElem->Offset with
length Cols=InputChans (cmslut.c:417). This results in heap buffer
overflow later.
BUG=chromium:651849
Review-Url: https://codereview.chromium.org/2384063006
|
|
Review-Url: https://codereview.chromium.org/2386273004
|
|
Depending on what ReadOK does it's possible for |dircount16| to be used without
being initialized. The read code calls back into PDFium specific code which then
calls into the stream reading code.
Initialize the value to be sure it is set.
BUG=chromium:651632
Review-Url: https://codereview.chromium.org/2389993002
|
|
BUG=pdfium:611
Review-Url: https://codereview.chromium.org/2382723003
|
|
BUG=650277
Review-Url: https://codereview.chromium.org/2371723003
|
|
found by libfuzzer
Review-Url: https://codereview.chromium.org/2359243003
|
|
Found by libfuzzer
Review-Url: https://codereview.chromium.org/2362813002
|
|
Handle the case that GrowNamedColorList return fail when list is too
long. Otherwise the loop never ends.
Found by libfuzzer
Review-Url: https://codereview.chromium.org/2365663002
|
|
It is possible for the calculations in outline_aa::render_line to overflow
as the |p| variable is calculated. This Cl updates the routine to use
checked math when calculating the value of |p|.
BUG=chromium:647026
Review-Url: https://codereview.chromium.org/2347603002
|
|
This may be a better design because it avoids having a level
of indirection that the Observer required.
Review-Url: https://codereview.chromium.org/2326763002
|
|
Previous attempt: https://codereview.chromium.org/2289263005
It failed for the PDFium inside Chromium use case.
This time the paths are relative.
Review-Url: https://codereview.chromium.org/2308873002
|
|
The call to png_set_pCAL can call into png_error for several reasons. This CL
verifies that the params are valid before calling into png_set_pCAL.
BUG=chromium:636214
Review-Url: https://codereview.chromium.org/2292313003
|
|
https://codereview.chromium.org/2289263005/ )
Reason for revert:
Breaking non-standalone builds.
Original issue's description:
> Fix gn gn --check complaints about fxcrt.
>
> Committed: https://pdfium.googlesource.com/pdfium/+/6f9ae19b9b125af868077f4eee80a13e0c29c61e
TBR=dpranke@chromium.org,dsinclair@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
Review-Url: https://codereview.chromium.org/2301783002
|
|
Review-Url: https://codereview.chromium.org/2289263005
|
|
overflow.
BUG=618267
Review-Url: https://codereview.chromium.org/2284063002
|
|
This patch also prevent a null pointer access problem.
BUG=chromium:638829
R=ochang@chromium.org
Review-Url: https://codereview.chromium.org/2270343002
|
|
BUG=pdfium:559
Review-Url: https://codereview.chromium.org/2286653002
|
|
Review-Url: https://codereview.chromium.org/2262473002
|
|
There were several overflows detected by the PDF from the linked bug. This
Cl fixes up the base causes of each of them.
BUG=chromium:635473
Review-Url: https://codereview.chromium.org/2226023002
|
|
BUG=632622
Review-Url: https://codereview.chromium.org/2223303002
|
|
BUG=628304
R=thestig@chromium.org, ochang@chromium.org
Review-Url: https://codereview.chromium.org/2218783002
|
|
|l_nb_code_blocks_size|
BUG=628890
R=ochang@chromium.org
Review-Url: https://codereview.chromium.org/2212973002
|
|
TBR=msarett@google.com
Review-Url: https://codereview.chromium.org/2214543003
|
|
Sync up with Chromium's copy of libpng.
Review-Url: https://codereview.chromium.org/2132263002
|
|
BUG=633387
Review-Url: https://codereview.chromium.org/2204793002
|
|
Based on suggested patch by reporter.
BUG=629919
Review-Url: https://codereview.chromium.org/2182683002
|
|
This improves build performance somewhat. This does not change the standalone
targets since these don't affect the build time of Chrome and are small enough
for it not to matter anyway.
BUG=http://crbug.com/627637
Review-Url: https://codereview.chromium.org/2164633005
|
|
BUG=625541
Review-Url: https://codereview.chromium.org/2124073003
|
|
BUG=chromium:619405
R=ochang@chromium.org
Review-Url: https://codereview.chromium.org/2071773002
|
|
The Skia Windows build for PDFium differs from the
Skia Chromium build in that it uses FreeType within
PDFium and Direct Write within Chromium. This allows
Chrome to match the UI of Windows, and allows
PDFium to use FreeType to measure and draw.
When PDFium was updated to use gn, the settings
from Chrome were used as the basis for the PDFium
settings. Subsequently, PDFium built with Skia on
Windows drew text incorrectly as it used FreeType to
look up the font glyphs and Direct Write to draw them.
This fixes the gn files, and also fixes an error that
crept into the now less-used gyp files.
R=dsinclair@chromium.org
BUG=
Review-Url: https://codereview.chromium.org/2055353002
|
|
BUG=618164
Review-Url: https://codereview.chromium.org/2054993002
|
|
Have different settings for core source code vs third_party code so
it is a bit easier to fine tune settings.
Review-Url: https://codereview.chromium.org/2041053003
|
|
Cherry-picked from upstream commit 6da55e0b51124b795b707d318c0e03252222ba06
BUG=chromium:616253
Review-Url: https://codereview.chromium.org/2034123003
|
|
BUG=chromium:613160
Review-Url: https://codereview.chromium.org/2001663002
|
|
BUG=603895
Review-Url: https://codereview.chromium.org/1992893003
|
|
This removes the last vestiges of antigrain from
a Skia-specific build.
R=dsinclair@chromium.org,tsepez@chromium.org,thestig@chromium.org,reed@google.com
Review-Url: https://codereview.chromium.org/1998623002
|
|
Define and use chromium_code to be used in standalone PDFium GYP
build so that PDFium code can have more stringent warning level.
This is also enabled on GN build by default so that GYP and GN
builds can have consistent compilation results.
Also enable chromium_code for PDFium compilation in Chromium
since most of the warnings are cleared. The left ones are clearly
marked and will be addressed soon.
A few more clean-ups for the build:
-- Remove the suppression of sign-compare warnings for Clang since
the code is clean and the warning can be re-enabled.
-- Re-enable "treat warning as errors" on Mac
-- Add a flag to make GCC build works as well.
BUG=pdfium:29, pdfium:475
Review-Url: https://codereview.chromium.org/1985843002
|
|
ChromeOS still compile pdfium with GCC. Fix the code to be ready
to have workable GCC standalone build. The build file change will
be in a follow-up CL.
One warning is about maybe using uninitialized variable, the other is
about enum and non-enum in a conditional statement.
Review-Url: https://codereview.chromium.org/1981593002
|
|
Remove several obsolete warnings from GYP build;
Move disabled warning flags closer to the target instead of the
whole package for GYP build;
Use macro undefine instead of disabled warning for libtiff for GN
build.
Review-Url: https://codereview.chromium.org/1962863002
|
|
Chromium defines WIN32_LEAN_AND_MEAN on Windows. Third party library
libtiff also defines it. So we undefine it before compiling libtiff
code for GYP build.
Also, remove _CRT_SECURE_NO_WARNINGS macro since it is redefined in
zlib library as well. Our code no longer needs it.
After fixing the above, re-enable warning flag 4005 which alerts about
"macro redefinition".
For GN build, we disable warning 4005 for compiling libtiff
code before we can figure out another way to do this.
Review-Url: https://codereview.chromium.org/1954773002
|
|
https://codereview.chromium.org/1923333002/ )
Reason for revert:
Blocking the roll
Original issue's description:
> Allow overriding GN build flags
>
> In order to enable XFA from GN builds we need to be able to override
> pdf_enable_xfa. To do this a build_overrides/pdfium.gni file needs to be created
> in Chrome. To use that, we have to create a build_overrides/pdfium.gni file
> in PDFium that just uses the default values.
>
> BUG=chromium:62400
>
> Committed: https://pdfium.googlesource.com/pdfium/+/1ae572e7e35b52ce4897d1715c005a1b0f79526a
TBR=thakis@chromium.org
# Not skipping CQ checks because original CL landed more than 1 days ago.
BUG=chromium:62400
Review-Url: https://codereview.chromium.org/1941563002
|
|
In order to enable XFA from GN builds we need to be able to override
pdf_enable_xfa. To do this a build_overrides/pdfium.gni file needs to be created
in Chrome. To use that, we have to create a build_overrides/pdfium.gni file
in PDFium that just uses the default values.
BUG=chromium:62400
Review-Url: https://codereview.chromium.org/1923333002
|
|
This CL setups up a standalone GN build. You'll need to set gn args similar to:
use_goma = true
clang_use_chrome_plugins = false
pdf_enable_xfa = true
pdf_enable_v8 = true
pdf_is_standalone = true
The third_party/pymock files are needed to make git cl upload work correctly.
BUG=pdfium:106
Review URL: https://codereview.chromium.org/1904563002
|