Age | Commit message (Collapse) | Author |
|
The fm2js code takes a pointer to the input string and then walks along
that pointer. There are currently no checks to verify we haven't walked
off the end of the pointer into random memory.
If this happens, we can end up allocating large chunks of memory and
copying random bits.
BUG=chromium:721533
Change-Id: Ia61fe96c1ff9eb9ded63cf8326b7be44986bd9e1
Reviewed-on: https://pdfium-review.googlesource.com/5550
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: Nicolás Peña <npm@chromium.org>
Reviewed-by: Lei Zhang <thestig@chromium.org>
|
|
We only parse FM right before translating to JS. Our current implementation of
assignment will duplicate to first expression's ToJavascript. So having a long
chain of assignments will result in a huge ToJavascript.
Bug: chromium:665087
Change-Id: I542371b5787113be2f2d686153ed0a6c48191bab
Reviewed-on: https://pdfium-review.googlesource.com/4030
Commit-Queue: Nicolás Peña <npm@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
Change-Id: I96e0a20d66b9184d22f64d8e4ce0dadd5a78c1e8
Reviewed-on: https://pdfium-review.googlesource.com/2967
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|
|
BUG=pdfium:611
Review-Url: https://codereview.chromium.org/2382723003
|
|
Chrome has enabled the -Wvarargs warning that was added to clang, this fails
with PDFium XFA builds due to two warnings:
../../xfa/fxfa/fm2js/xfa_lexer.cpp:539:16: error: passing an object that
undergoes default argument promotion to 'va_start' has undefined behavior
[-Werror,-Wvarargs]
va_start(ap, msg);
^
../../xfa/fxfa/fm2js/xfa_lexer.cpp:535:40: note: parameter of type
'XFA_FM_ERRMSG' is declared here
void CXFA_FMLexer::Error(XFA_FM_ERRMSG msg, ...) {
The issue is that XFA_FM_ERRMSG is an enum and we violate the promotion rules
for passing the value to va_start.
I removed the enum and named the flags explicitly then pass in the string as
the argument.
BUG=chromium:606726
Review URL: https://codereview.chromium.org/1921323002
|
|
Some headers were missed in the previous CL.
Review URL: https://codereview.chromium.org/1835703002
|
|
This CL moves the fxcrt code into the core/fxcrt directory. The only exception
was fx_bidi.h which was moved into core/fxcrt as it is not used outside of
core/.
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1825953002 .
|
|
This CL moves the xfa/src files up to the xfa/ directory and fixes the includes,
include guards, and build files.
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1803723002 .
|