summaryrefslogtreecommitdiff
path: root/xfa/fxfa/fm2js/cxfa_fmparser.cpp
AgeCommit message (Collapse)Author
2018-04-06Fix typos in CXFA_FMParser.chromium/3391Lei Zhang
Change-Id: I0059e2ec25e90162a241a49e5d7b327c80330a33 Reviewed-on: https://pdfium-review.googlesource.com/29890 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2018-03-28Smaller post expression setDan Sinclair
This CL decreases the kMaxPostExpressions to 256. This is the number of accessors you can attach to a single statement (e.g. foo.#A.#A.#A). Having a very large number can cause stack overflows. The accessor does not seem like it would expect hundreds of entries on a single element. Bug: chromium:820688 Change-Id: I19966b43c96f5d1d02a79af127a0c96609420811 Reviewed-on: https://pdfium-review.googlesource.com/29330 Reviewed-by: Henrique Nakashima <hnakashima@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2018-03-07[formcalc] Consider width along with depth of treeDan Sinclair
When building the formcalc parser trees we need to limit on width along with depth. It's possible to generate a tree of a single depth but is more then 20k nodes wide. This will eventuall cause stack overflow issues. This CL re-uses the depth check for the grammar expressions in which we're extending the width of the tree we count that against our depth check. Bug: chromium:813346 Change-Id: I01f6567a75776a75374465eacc1ff546db46cac1 Reviewed-on: https://pdfium-review.googlesource.com/28170 Reviewed-by: Ryan Harrison <rharrison@chromium.org> Reviewed-by: Henrique Nakashima <hnakashima@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2018-03-07[formcalc] Handle bad elseif conditionalschromium/3365Dan Sinclair
This Cl adds checking for the conditionals of if and elseif expressions. If the conditional fails to parse we should return nullptr. This already happens by accident in the if() case, but with elseif() conditions we'll fail the ASSERT in the CXFA_FMIfExpression constructor and crash. This CL explicitly checks for the expressions and early exists if they failed to parse. Bug: chromium:819509 Change-Id: I9a90182c7709c8c4c0d3ae17d6be67cb668c0c6a Reviewed-on: https://pdfium-review.googlesource.com/28131 Commit-Queue: dsinclair <dsinclair@chromium.org> Commit-Queue: Ryan Harrison <rharrison@chromium.org> Reviewed-by: Henrique Nakashima <hnakashima@chromium.org> Reviewed-by: Ryan Harrison <rharrison@chromium.org>
2018-03-06[formcalc] Allow empty declaration bodiesDan Sinclair
This CL removes the checks for empty declaration bodies. Change-Id: I06a8f602f49d7709bce86442cae2d38991fa5d82 Reviewed-on: https://pdfium-review.googlesource.com/27950 Reviewed-by: Ryan Harrison <rharrison@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2018-03-05[formcalc] Simplify function signature parsingchromium/3363Dan Sinclair
This CL refactors the signature parsing for formcalc functions. Change-Id: I69634968ab1cbd9698a3ce3ae321e14bafe918c6 Reviewed-on: https://pdfium-review.googlesource.com/27930 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Ryan Harrison <rharrison@chromium.org>
2018-03-05[formcalc] Cleanup m_error handlingDan Sinclair
This CL cleans up the setting of m_error. In most cases we don't need to set m_error it will be set when we bubble up the nullptr return from the various parse methods. The m_error was set inconsitently previously and was confusing on if it needed to be set or not. Change-Id: I8648b6296ef15239bd2663e6543a960b88177721 Reviewed-on: https://pdfium-review.googlesource.com/27910 Reviewed-by: Ryan Harrison <rharrison@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2018-02-22[formcalc] Cleanup function handlingDan Sinclair
This CL creates a CXFA_FMAST root for the AST tree instead of overloading the CXFA_FMFunctionDefinition. This Removes the m_global from FunctionDefinition and simpifies the code. Change-Id: I9347769a291ef1753539701f334cc8dd69b7187e Reviewed-on: https://pdfium-review.googlesource.com/27590 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Ryan Harrison <rharrison@chromium.org>
2018-02-21[formcalc] Cleanup if expression parsing.Dan Sinclair
This CL simplifies the if expression parsing. The elseif construct has been split into its own list of IfExpressions and no longer gets stuffed into the elseExpression. A loop was added into the output methods for the elseif expressions, which also means we can go from having: if () { } else { if () { } else { } } to if () { } else if () { } else { } Which is a bit nicer. Change-Id: I6edf75215500d6a32a8d7218d477b6960f03de51 Reviewed-on: https://pdfium-review.googlesource.com/27571 Reviewed-by: Ryan Harrison <rharrison@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2018-02-21[formcalc] Minor parser cleanupschromium/3352Dan Sinclair
This CL makes minor clarity cleanups to the formcalc parser and attempts to record the productions each method is processing. Change-Id: Ie12bb55647abf06251d1734fd05d08a964a32ebc Reviewed-on: https://pdfium-review.googlesource.com/27550 Reviewed-by: Ryan Harrison <rharrison@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2018-02-21[formcalc] Remove the ParseBlockExpression methodDan Sinclair
In all the places we call ParseBlockExpression we really mean to parse an ExpressionList. Using ParseBlockExpression is confusing because the formcalc grammar has a BlockExpression defined which corresponds to our ParseDoExpression. This CL converts the use of ParseBlockExpression into calls to ParseExpressionList and then builds the BlockExpression class as needed. Change-Id: Iab9b6e783f01d35df905539d4dbc20ba18a7b0f9 Reviewed-on: https://pdfium-review.googlesource.com/27470 Reviewed-by: Ryan Harrison <rharrison@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2018-02-20[formcalc] Do not convert if to an identifierDan Sinclair
The if token in formcalc is an internal keyword and can not be used as an identifier. The current if parsing code will turn if into an identifier if it fails to find the 'then' statement after the argument list. This should be a failed parse instead of coverting if to an identifier and resetting the lexer. Change-Id: Ieebf6a1aabc27482fcaeaf7a9bd4be40fc01e9ad Reviewed-on: https://pdfium-review.googlesource.com/27430 Commit-Queue: Ryan Harrison <rharrison@chromium.org> Reviewed-by: Ryan Harrison <rharrison@chromium.org>
2018-02-20[formcalc] Remove unused line parameterDan Sinclair
The recorded line number from the formcalc parse is never used. This Cl removes the parameter and removes the need to pass it through all of the constructors. Change-Id: Ice716cc4880dd17dc05bffcdce1dc1e4745108ea Reviewed-on: https://pdfium-review.googlesource.com/27412 Reviewed-by: Lei Zhang <thestig@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2018-02-20[formcalc] Split literal parsing to its own methodDan Sinclair
This Cl moves the code to create literals in the AST from ParsePrimaryExpression to ParseLiteral. Change-Id: I41ba20f28f1cb1d76d753c5baec790872acdf1da Reviewed-on: https://pdfium-review.googlesource.com/27411 Reviewed-by: Ryan Harrison <rharrison@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2018-02-20[formcalc] The if token is a keyword and should not be made an identifierDan Sinclair
This CL removes the code from PrimaryExpression which converts the if token into an indentifier. if() is a reserved keyword and can't be used as an indentifier according to the spec. Change-Id: I5644cdbe57ef62f4089b4704e1b8d196927e68a4 Reviewed-on: https://pdfium-review.googlesource.com/27370 Commit-Queue: Ryan Harrison <rharrison@chromium.org> Reviewed-by: Ryan Harrison <rharrison@chromium.org>
2018-02-20Tighten up assignment instructions in formcalc.Dan Sinclair
The assignment operator can not be chained. This Cl removes the while loop for assignments and changes it to an if(). We also can not have an assignment inside ()'s so remove that option. Bug: chromium:779349 Change-Id: I6934e18815f843ae8241023df6c03d8bbcd8168d Reviewed-on: https://pdfium-review.googlesource.com/27350 Commit-Queue: Ryan Harrison <rharrison@chromium.org> Reviewed-by: Ryan Harrison <rharrison@chromium.org>
2018-02-19Remove extraneous HasError checksdan sinclair
Duplicate checks, remove. Change-Id: Ic2f49651c50ed66328233817bc8cd24f7c9636c2 Reviewed-on: https://pdfium-review.googlesource.com/27330 Reviewed-by: Ryan Harrison <rharrison@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2018-02-19FormCalc Assignment is not a SimpleExpressiondan sinclair
Currently the parser builds assignment statements as part of the SimpleExpression declaration. This isn't correct according to the grammar where AssignmentExpression and SimpleExpression are siblings. This CL moves the assignment calculation into the ExpExpression declaration to make it a sibling of the SimpleExpression. Change-Id: I6afac2379ab6783b84ee619863c8308ca0db454d Reviewed-on: https://pdfium-review.googlesource.com/27310 Reviewed-by: Ryan Harrison <rharrison@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2018-02-19Cleanup FormCalc inheritancedan sinclair
This CL cleans up the FormCalc inheritance. The binary and unary items all share ToJavaScript methods now. Change-Id: I7bf0978449395fa2eb90b954cf2118d7aa3f71c6 Reviewed-on: https://pdfium-review.googlesource.com/27290 Reviewed-by: Ryan Harrison <rharrison@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2018-02-19Simplify CXFA_FMToken creationdan sinclair
This CL converts the CXFA_FMToken usages into an object instead of a pointer. A copy constructor has been added. The line number was removed from the token and is retrieved from the lexer where needed. Change-Id: I94c632653e9bf1439d2ddf374a816ae0d10b5b67 Reviewed-on: https://pdfium-review.googlesource.com/27192 Commit-Queue: Ryan Harrison <rharrison@chromium.org> Reviewed-by: Ryan Harrison <rharrison@chromium.org>
2018-02-15Add limit to number of formcalc expressionsDan Sinclair
Currently it's possible to create a formcalc script which creates a large number of expressions. This will eventually cause stack exhaustion as we try to allocate the needed expression objects. This CL limits the number of parsed expressions in the PostExpression section in order to keep from failing due to stack overflow. Bug: chromium:799721 Change-Id: I69fca35db7f75ef97aec21c22fc06d926dfe2df6 Reviewed-on: https://pdfium-review.googlesource.com/26870 Commit-Queue: Ryan Harrison <rharrison@chromium.org> Reviewed-by: Ryan Harrison <rharrison@chromium.org>
2017-09-21Move CFX_AutoRestorer to fxcrt::AutoRestorerDan Sinclair
This CL renames CFX_AutoRestorer to just AutoRestorer and places in the fxcrt namespace. Bug: pdfium:898 Change-Id: Id9f36df94e95f3b2a55054bc198ca1bfd249ee3d Reviewed-on: https://pdfium-review.googlesource.com/14450 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-09-20Add in missed parse recursion depth checksRyan Harrison
Some of the calls in CXFA_FMParser on the prase recursion had been missed when adding in the parse depth limiting logic. The fuzzers found them. BUG=chromium:759295 Change-Id: Iad54beb356c4c555908797d4b58a42549c006e9e Reviewed-on: https://pdfium-review.googlesource.com/14510 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: Ryan Harrison <rharrison@chromium.org>
2017-09-18Convert string class namesRyan Harrison
Automated using git grep & sed. Replace StringC classes with StringView classes. Remove the CFX_ prefix and put string classes in fxcrt namespace. Change AsStringC() to AsStringView(). Rename tests from TEST(fxcrt, *String*Foo) to TEST(*String*, Foo). Couple of tests needed to have their names regularlized. BUG=pdfium:894 Change-Id: I7ca038685c8d803795f3ed02545124f7a224c83d Reviewed-on: https://pdfium-review.googlesource.com/14151 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: Ryan Harrison <rharrison@chromium.org>
2017-08-30Split auto restorer from fx_basicDan Sinclair
This CL moves CFX_AutoRestorer into its own file, separate from fx_basic.h. Change-Id: I415cb9207416bd4744b8ac8e2d7466852db53f0a Reviewed-on: https://pdfium-review.googlesource.com/12390 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-08-29Fix incorrectly guarded lexer advancement in FormCalc parserRyan Harrison
BUG=chromium:752501 Change-Id: Ie9943cd80a4afa73ad9393c8bcd2aa2656a9d932 Reviewed-on: https://pdfium-review.googlesource.com/12290 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-08-23Reduce FM2JS parser depth limit to avoid memory exhaustionRyan Harrison
The current limit of 2000 is still causing occassional ASAN issues, reducing to 1250. BUG=chromium:757711 Change-Id: Idb07f97b01230afabcceaa23b29495432193ec64 Reviewed-on: https://pdfium-review.googlesource.com/11750 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-08-16Add parse depth limit to FormCalc parserRyan Harrison
Due to the recursive nature of the FormCalc parser, deeply nested expressions can lead to memory being exhausted. This check is being added to have the parser exit early instead of running out of memory. This should reduce the number of false positives about addressing issues being found by fuzzers. BUG=chromium:752433 Change-Id: I511ecfb07e32073555e1fd1658f3b8b47f1a5a91 Reviewed-on: https://pdfium-review.googlesource.com/11170 Commit-Queue: Ryan Harrison <rharrison@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-07-31Remove null derefence case caught by fuzzersRyan Harrison
This change also removes some variable shadowing that was going on here. BUG=chromium:750013 Change-Id: I7314166af3ecd55ea5e1105afbe171443b1b22ae Reviewed-on: https://pdfium-review.googlesource.com/9630 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: Ryan Harrison <rharrison@chromium.org>
2017-07-27Move CXFA_FMParse to CFXA_FMParserRyan Harrison
Minor nit I had with this code and want to fix. Bug: Change-Id: I2494667d580bf982a4359153123d9e8afb75e349 Reviewed-on: https://pdfium-review.googlesource.com/9370 Reviewed-by: Tom Sepez <tsepez@chromium.org> Reviewed-by: (OOO Jul 28 - Aug 8) dsinclair <dsinclair@chromium.org> Commit-Queue: Ryan Harrison <rharrison@chromium.org>