summaryrefslogtreecommitdiff
path: root/xfa/fxfa/parser
AgeCommit message (Collapse)Author
2018-08-01Add a ScopedLocale for use within CXFA_LocaleValue.Lei Zhang
Add more checks for |m_pLocaleMgr| before dereferencing it. Change-Id: I39ab44d652364f5530266d2b724fa6703d1b51f1 Reviewed-on: https://pdfium-review.googlesource.com/39114 Commit-Queue: Lei Zhang <thestig@chromium.org> Reviewed-by: Ryan Harrison <rharrison@chromium.org>
2018-08-01Fix a nullptr crash in CXFA_LocaleValue::ValidateValue().Lei Zhang
Fix some nits as well. BUG=chromium:868271 Change-Id: Ia3231fde98c3e16e41b092a9833402cedc8e828d Reviewed-on: https://pdfium-review.googlesource.com/39112 Reviewed-by: Ryan Harrison <rharrison@chromium.org> Commit-Queue: Lei Zhang <thestig@chromium.org>
2018-07-31Remove CXFA_Corner downcasts from cxfa_rectangle.cppTom Sepez
We don't need anything that the parent class can't provide, so avoid dubious casting. Change-Id: I9f3d9735f3bfbcf005865772af31817c2b8addef Reviewed-on: https://pdfium-review.googlesource.com/39270 Reviewed-by: Lei Zhang <thestig@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org>
2018-07-30Replace m_bIsContentLayoutItem with proper enum for type.Tom Sepez
Because bools are bogus. Change-Id: I54a2627443784cec40912288230e657c63a35408 Reviewed-on: https://pdfium-review.googlesource.com/39190 Commit-Queue: Tom Sepez <tsepez@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org>
2018-07-30Don't static_cast<>(this) to subclass in CXFA_LayoutItem methods.chromium/3508Tom Sepez
Instead, move the methods to the subclass where they belong. Fix IWYU in CJX_Object.h to fix compilation. Change-Id: I4c71f28235b9cf5000e9ddaf33d6602baf22205f Reviewed-on: https://pdfium-review.googlesource.com/39170 Commit-Queue: Tom Sepez <tsepez@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org>
2018-07-30Return unique_ptr from CXFA_FFNotify::OnCreate{Container,Content}LayoutItem()Tom Sepez
... and then immediately release it, but it is a step in the right direction. Change-Id: Ib52972c6789d8f98a576d1c69f8019541c96ac51 Reviewed-on: https://pdfium-review.googlesource.com/39152 Commit-Queue: Tom Sepez <tsepez@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org>
2018-07-30Type-safe iteration over CXFA_ContentLayoutItems.Tom Sepez
There's no reason that every CXFA_LayoutItem must be a CXFA_ContentLayout item, so use checked conversions. The code may already be arranging things so the constraint is already satisfied, but this adds an additional layer of safety. Tidy some long expressions with pre-existing typedef for node iterator while we're at it. Change-Id: If1448131ca73bfedb2266b070f1a913688598e64 Reviewed-on: https://pdfium-review.googlesource.com/39051 Reviewed-by: Lei Zhang <thestig@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org>
2018-07-30Fix a misspelling of "locale".Lei Zhang
Change-Id: I3fdc6d473f08835b6caeacbbd583bb651a9c5678 Reviewed-on: https://pdfium-review.googlesource.com/39111 Commit-Queue: Ryan Harrison <rharrison@chromium.org> Reviewed-by: Ryan Harrison <rharrison@chromium.org>
2018-07-30Remove a NOTREACHED() in FormValueNode_SetChildContent().Lei Zhang
It is reachable, and the action is currently a no-op, so let it be. Also change FormValueNode_SetChildContent() to return void since no caller checks the return value. Remove its default argument, since all the callers set it. Change-Id: I742ca2d936872a3b3d609c178321199abc06546c Reviewed-on: https://pdfium-review.googlesource.com/39115 Commit-Queue: Ryan Harrison <rharrison@chromium.org> Reviewed-by: Ryan Harrison <rharrison@chromium.org>
2018-07-28Remove CXFA_TraverseStrategy_ContentLayoutItem.chromium/3507chromium/3506Tom Sepez
It makes illegal casts and requires its callers to double-check the type validity of results before use. Instead, use the parent class iterator and perform checked casts. No functional difference, since it looks like the requisite checks were being made in all places. Make one "using" visible to other files to save some verbosity. Change-Id: I894ca15b4bdddd4723b787663950a58bc58b7f06 Reviewed-on: https://pdfium-review.googlesource.com/39030 Reviewed-by: Lei Zhang <thestig@chromium.org> Commit-Queue: Lei Zhang <thestig@chromium.org>
2018-07-28Add ToXML{Instruction,Text,CharData}() checked conversion functionsTom Sepez
All usages were previously checked correctly, but this consolidates some code as well. Change-Id: I63711748b31b698a3f21f98fdb536db1e9e0b1cf Reviewed-on: https://pdfium-review.googlesource.com/39010 Commit-Queue: Lei Zhang <thestig@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org>
2018-07-26Use moar ToXMLElement() in place of static_cast<>.Tom Sepez
Introduces checks in a few new places, but mainly just consolidates checking/casting logic. Change-Id: I634a03060d254db099972c6978249992367e146c Reviewed-on: https://pdfium-review.googlesource.com/38900 Commit-Queue: Tom Sepez <tsepez@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org>
2018-07-25Remove CFX_MemoryStream uses in tests.Lei Zhang
Replace with CFX_BufferSeekableReadStream, which allows for spans and const inputs. Change CXFA_DocumentParser to take IFX_SeekableReadStream instead of IFX_SeekableStream in the process. Change-Id: I0168451350c9fc250231f0414c38738a4d86ca42 Reviewed-on: https://pdfium-review.googlesource.com/38852 Commit-Queue: Lei Zhang <thestig@chromium.org> Reviewed-by: Ryan Harrison <rharrison@chromium.org>
2018-07-25Disable submit in XFA forms.Henrique Nakashima
Bug: chromium:842503 Change-Id: If411815d8324929f482e3cad0fda54f24d370c2a Reviewed-on: https://pdfium-review.googlesource.com/37830 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: Henrique Nakashima <hnakashima@chromium.org>
2018-07-25Introduce ToXMLElement() checked downcast helper functionTom Sepez
And use it in place of ASSERT() that the type was correct. Since we can check it, doing so at runtime may help avoid type confusion, and we'll get a nice safe SEGV if the asserted condition ever fails. Change-Id: I46b65a4b70e819a670d7cad7966e0d100f0d9a63 Reviewed-on: https://pdfium-review.googlesource.com/38810 Commit-Queue: Tom Sepez <tsepez@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org>
2018-07-25Move CXFA_ThisProxy helper to CXFA_Object.Tom Sepez
Because the other helpers are declared here. Rename VariablesThis to ThisProxy in a few places; VariablesThis is a slightly different concept (see GetVariablesThis()). Then introduce helper for CXFA_List subclass as well. Remove unused const version of some helpers. Change-Id: Ia328d8cd170a8b97015e98c1c770fa8a44810455 Reviewed-on: https://pdfium-review.googlesource.com/38670 Commit-Queue: Tom Sepez <tsepez@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org>
2018-07-24Fix UAF in CPDFSDK_Widget::GetMixXFAWidget().chromium/3502Henrique Nakashima
Do not allow instanceManager methods to run in Foreground XFA forms. They are static, and their widgets should not be inserted or removed. See "XML Forms Architecture (XFA) Specification Version 3.3", page 272. Bug: chromium:860697 Change-Id: Ia96834e085ee508618ca4dcb2bd5271466369ede Reviewed-on: https://pdfium-review.googlesource.com/38751 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: Henrique Nakashima <hnakashima@chromium.org>
2018-07-23Tighten up ThisProxy casts.Tom Sepez
Previous CLs have shown that the "lpClass" checks aren't sufficient here, so ensure we are always checking C++ enum value before downcasting this type. Change-Id: I418127c5e7131e0a3363363a60d1976719d6837c Reviewed-on: https://pdfium-review.googlesource.com/38550 Reviewed-by: Lei Zhang <thestig@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org>
2018-07-23Remove unused CScript_DataWindow::JSDataWindow().Tom Sepez
Do the same thing for N other similar files. Change-Id: If9bb7f6335287441206083c3512fc8a788e9d39b Reviewed-on: https://pdfium-review.googlesource.com/38532 Reviewed-by: Lei Zhang <thestig@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org>
2018-07-23Replace CFXJSE_HostObject::type_ with polymorphic conversion methodsTom Sepez
More foolproof technique, and saves one word in every instance at a cost of two pointers in every subclass vtable. Change-Id: Ied4f91d4d203b5e6d83abe751159eb7e55489bb5 Reviewed-on: https://pdfium-review.googlesource.com/38530 Commit-Queue: Tom Sepez <tsepez@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org>
2018-07-20Replace downcasts in cxfa_node to checked conversion methods.Tom Sepez
Part of the effort to not trust downcasts in the CFXA_Node hierarchy. The number of subclasses is small enough here that the O(n^2) space overhead for the vtables is not significant. Put all sub-classes in same top-level namespace as the parent, just because we avoid jumping in and out of anonymous namespace. Change-Id: I32b80a93c75f8a09eb17c01fe1e29d04b4053fa1 Reviewed-on: https://pdfium-review.googlesource.com/38510 Commit-Queue: Tom Sepez <tsepez@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org>
2018-07-19Use pdfium::as_writable_bytes() in cxfa_xmllocale_unittest.cppTom Sepez
This is a cleaner way of getting the required argument. Add helper function and anonymous namespace as misc. cleanups along the way. Change-Id: I600074b7f6597ffd9b451a21ee374f937a8e9940 Reviewed-on: https://pdfium-review.googlesource.com/38310 Commit-Queue: Tom Sepez <tsepez@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org>
2018-07-17Limit recursion depth for CXFA_DocumentParser::NormalLoader().Henrique Nakashima
Bug: chromium:849143 Change-Id: I973bb3be6151ac3afad850533cb735c03e9f3d2c Reviewed-on: https://pdfium-review.googlesource.com/38210 Reviewed-by: Ryan Harrison <rharrison@chromium.org> Commit-Queue: Henrique Nakashima <hnakashima@chromium.org>
2018-07-16Use UnownedPtr/Optional in cfxa_layoutcontext.cppTom Sepez
Introduce cfxa_layoutcontext.cpp to satisfy chromium style ctor check. Fix typo in class forward declaration in cfxa_layoutcontext.h Change-Id: I2b29bf61a21be0f895faf8984897c5655a4f0e89 Reviewed-on: https://pdfium-review.googlesource.com/37950 Commit-Queue: Tom Sepez <tsepez@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org>
2018-07-16Use UnownedPtr in CXFA_LocaleMgrTom Sepez
Change-Id: I74b1828570e54a3868a77231a8ac13bc412c6c43 Reviewed-on: https://pdfium-review.googlesource.com/37051 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org>
2018-07-05Clean up ProcessFormatTestValidateRyan Harrison
The existing implementation was overly complex and hard to understand, so this simplifies the logic. As part of this a number of issues, such as the lack of a failure path, have been resolved. The spec implies that a picture clause of "" should only accept the empty string, but existing implementation returns that validation does exist. This is due to the GetPicture() method returning a string, instead of a pointer or an Optional, so there is no mechanism to differentiate between a clause with an empty string and the clause not being present. This CL maintains the existing behaviour, because there may be code elsewhere that depends on it. The existing implementation returns validation not existing if the node under test is non-interactive. Though this seems intuitively correct, it is problematic, because this logic isn't just called via an interaction with the node. The validity check could be initiated by a call from JS attached to an event or a different node. Thus it is possible for a node under test to be non-interactive, but the result of the test is still important. The caller may make the node interactive if it isn't valid, for example. The spec doesn't state anything about interactivity controlling if validity checks run. This CL removes the related logic, since it was causing issues with an example PDF from the wild. BUG=pdfium:1065 Change-Id: Icb5b97e0d90f6fbc7ad6b87d81e256803c757eb0 Reviewed-on: https://pdfium-review.googlesource.com/37131 Commit-Queue: Ryan Harrison <rharrison@chromium.org> Reviewed-by: Henrique Nakashima <hnakashima@chromium.org>
2018-07-03Use unowned ptr to Node from outside XFA node tree.chromium/3481Tom Sepez
Change-Id: Idcd992224fc5411c97f3001293af83a6c581e695 Reviewed-on: https://pdfium-review.googlesource.com/36991 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org>
2018-07-03Use UnownedPtr<> in cxfa_nodeiteratortemplate.hTom Sepez
Change-Id: I48c20a56ca25a6821bc9b51aa59c037fe2341194 Reviewed-on: https://pdfium-review.googlesource.com/36972 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org>
2018-07-03Use more UnowendPtr<> in cfgas_formatstring.h and cfx_break.hTom Sepez
Move initializers to .h file (proves none missing). Change-Id: Iff8fe76e46634aa32a32ecd592476594a9d1bafa Reviewed-on: https://pdfium-review.googlesource.com/36950 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2018-07-03Remove XFA_LAYOUT_INVALIDNODETom Sepez
XFA_LAYOUT_INVALIDNODE is used in place of nullptr, but does not appear to represent a sentinel value distinct from it. Using a non-nullptr value prevents using any kind of smart pointer type in the future. Change-Id: Iab6418b3dc9c3d45780730795496ac07b67de696 Reviewed-on: https://pdfium-review.googlesource.com/36651 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2018-06-29Use UnownedPtr<CXFA_Node> or comment raw pointers as tree nodes.chromium/3479chromium/3478Tom Sepez
Part 2. Change-Id: I26fe434dac3c3f5186414440acc2a495a5f14091 Reviewed-on: https://pdfium-review.googlesource.com/36670 Commit-Queue: Tom Sepez <tsepez@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org>
2018-06-29Use UnownedPtr to CXFA_Node from outside the treechromium/3477Tom Sepez
Comment raw pointers subject to nondeterministic tree destruction order as such to avoid re-attempting to convert to the unowned mechanism. Change-Id: Ia9fe3c8a2729dc1e2b1de4a8c62ae3d2c3d7ec0a Reviewed-on: https://pdfium-review.googlesource.com/36635 Commit-Queue: Tom Sepez <tsepez@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org>
2018-06-21Clean up constant values for JS alert and beepRyan Harrison
Define constant values in the public API for the valid values of alert button type, alert icon type, and beep type. Replace various magic numbers through out the code base using these values. Also replace the XFA specific versions with an enum class that is guaranteed to have the same values, instead of #defines that just happen to. This CL does not attempt to add error checking on these values, since it currently doesn't exist so adding it may cause regressions. Change-Id: Ief3aee2a4ad419691c18fc1dba8b984ad222141b Reviewed-on: https://pdfium-review.googlesource.com/35730 Commit-Queue: Ryan Harrison <rharrison@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2018-06-21Remove WideString::c_str() calls where possible.Tom Sepez
Many of these cause a string duplication as we go from Widestring => c_str => Widestring Change-Id: I0dfa952e66f89138e719ff9200db3d9397839e28 Reviewed-on: https://pdfium-review.googlesource.com/35790 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2018-06-19Move fxcrt::{Byte,Wide}Strings with std::move().chromium/3466Tom Sepez
Remove some string copies in barcode that were noticed whilst looking for moves. Change-Id: Ieda34d00f633576ba1f0dca283dcdabfb36f236c Reviewed-on: https://pdfium-review.googlesource.com/35410 Reviewed-by: dsinclair <dsinclair@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org>
2018-06-05[xfa] Make the event context available when calling back in XFADan Sinclair
When calling into the XFA JS engine with a request for a non-XFA JS call which accesses the EventContext we would get a crash in XFA as we never set the context. This CL changes the XFA code to accept the CJS_Runtime instead of the CFXJS_Engine and then calls NewEventContext before executing JS scripts. This will correctly setup the event context as needed for any JS callbacks. Bug: pdfium:1003 Change-Id: Icf202252b2e6e56afdf0d1766a32a893935a2fd3 Reviewed-on: https://pdfium-review.googlesource.com/33930 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2018-06-04[xfa] Get properties from the non-xfa global if possibleDan Sinclair
When script variables are used the methods are set on the non-xfa global object. This CL updates the NormalPropertyGetter to check the non-xfa global object for methods which allows the variables methods to be found. Bug: pdfium:1097 Change-Id: I13d9d49ad654cad776883aef74de6250de5e756b Reviewed-on: https://pdfium-review.googlesource.com/33433 Reviewed-by: Henrique Nakashima <hnakashima@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2018-06-01Remove ununused startAngle and sweepAngle variablesRyan Harrison
Neither of these local values ever get read after calculating them. Issue found with Clang Static Analyzer. Change-Id: Iffa578f1d5e303c65a881bcd372a9144a11edd3b Reviewed-on: https://pdfium-review.googlesource.com/33532 Reviewed-by: Henrique Nakashima <hnakashima@chromium.org> Commit-Queue: Ryan Harrison <rharrison@chromium.org>
2018-05-29[xfa] Propagate the xfa change data for text to JS and back.Dan Sinclair
This CL adds the necessary plumbing to propagate the change information for a text widget from FWL out to JS and handle the returned value as necessary. Bug: pdfium:1066 Change-Id: I78fd81761b90294f1836e9f09dba12ed238963cc Reviewed-on: https://pdfium-review.googlesource.com/33070 Reviewed-by: Ryan Harrison <rharrison@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2018-05-25[xfa] Add missing xfa.event.cancelAction propertyDan Sinclair
This CL adds the missing cancleAction property from the xfa.event object. Bug: 1066 Change-Id: I7d38956e2985c1f6ac0eba6de090874f1f72003c Reviewed-on: https://pdfium-review.googlesource.com/32950 Commit-Queue: Ryan Harrison <rharrison@chromium.org> Reviewed-by: Ryan Harrison <rharrison@chromium.org>
2018-05-17Add comment about cleaning binding nodesDan Sinclair
The reason for calling ReleaseBindingNodes() has changed but the code comment hadn't. This CL updates the code comment to make it clearer why this release has to happen. Change-Id: I0c08c7580ef7c8508cd4db7b8930d5f2cd595b1b Reviewed-on: https://pdfium-review.googlesource.com/32690 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Henrique Nakashima <hnakashima@chromium.org>
2018-05-17Update third_party/base/compiler_specific.h.Lei Zhang
Import Chromium's base/compiler_specific.h from r537069. Now that FALLTHROUGH is available via compiler_specific.h, remove FX_FALLTHROUGH. Change-Id: I8b9631a4f007673e10e0c26951dfd61e9dcada30 Reviewed-on: https://pdfium-review.googlesource.com/32639 Reviewed-by: Nico Weber <thakis@chromium.org> Commit-Queue: Lei Zhang <thestig@chromium.org>
2018-05-10Clean up post review commentsRyan Harrison
Cleaning up some nits that came in after my previous codec CL had gone into the CQ. BUG=pdfium:1080 Change-Id: I3845136d370f73c9c96ef732e95b8cf0c9c79d91 Reviewed-on: https://pdfium-review.googlesource.com/32351 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: Ryan Harrison <rharrison@chromium.org>
2018-05-10Do not build BMP when codec is disabledRyan Harrison
Currently all of the BMP related code is being built when support for the codec is disabled, it just isn't being utilized. Depending on the settings being used, this unneeded code may or may not get stripped during linking. This CL explicitly turns off building the BMP codec code if support for BMP is turned off. BUG=pdfium:1080 Change-Id: I56d40639a5a3631f9c601a1eef3f98873feac94f Reviewed-on: https://pdfium-review.googlesource.com/32370 Commit-Queue: Ryan Harrison <rharrison@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2018-05-09Do not build GIF when codec is disabledRyan Harrison
Currently all of the GIF related code is being built when support for the codec is disabled, it just isn't being utilized. Depending on the settings being used, this unneeded code may or may not get stripped during linking. This CL explicitly turns off building the GIF codec code if support for GIF is turned off. This also catches a few missed cases from previous CLs. BUG=pdfium:1080 Change-Id: Ie7fe2d894d2ae2f8f36ae05e0ff256f2ce6ef8d4 Reviewed-on: https://pdfium-review.googlesource.com/32330 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: Ryan Harrison <rharrison@chromium.org>
2018-05-09Do not build PNG when codec is disabledRyan Harrison
Currently all of the PNG related code is being built when support for the codec is disabled, it just isn't being utilized. Depending on the settings being used, this unneeded code may or may not get stripped during linking. This CL explicitly turns off building the PNG codec code if support for PNG is turned off. BUG=pdfium:1080 Change-Id: I9c5247145fcadbcb1bd2243aa83350304ba421ff Reviewed-on: https://pdfium-review.googlesource.com/32270 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: Ryan Harrison <rharrison@chromium.org>
2018-05-09Do not build TIFF when codec is disabledRyan Harrison
Currently all of the TIFF related code is being built when support for the codec is disabled, it just isn't being utilized. Depending on the settings being used, this unneeded code may or may not get stripped during linking. This CL explicitly turns off building the TIFF codec code if support for TIFF is turned off. It also fixes cases in the code base where tif was being used instead of tiff. BUG=pdfium:1080 Change-Id: If6aaa8af5160fdd5b261e63bab7d5984196efcc9 Reviewed-on: https://pdfium-review.googlesource.com/32193 Commit-Queue: Ryan Harrison <rharrison@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2018-05-07Restore logic of CreateChildUIAndValueNodesIfNeeded().Henrique Nakashima
CreateUIChild() was changed and renamed to CreateChildUIAndValueNodesIfNeeded() in: https://pdfium-review.googlesource.com/c/pdfium/+/24390 This caused some bugs but it's too far back for a rollback. This cl restores the logic of CreateUIChild() keeping the new signature. Bug: chromium:838994 Change-Id: I44ce741fdb90f8b0fd11379b5e881e376c307f0c Reviewed-on: https://pdfium-review.googlesource.com/32090 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: Henrique Nakashima <hnakashima@chromium.org>
2018-05-03[xfa] Verify field count before accessingDan Sinclair
When processing items for layout it's possible for the iBlockIndex*3 value could be larger then the field split count. If this is the case we'll walk off the end of the split array. This CL verifys that we have enough data before attempting to walk the splits and returns early if we don't have enough data. Bug: chromium:837585 Change-Id: I534298b4ee354ce079442d893202f811431155a0 Reviewed-on: https://pdfium-review.googlesource.com/32051 Commit-Queue: Ryan Harrison <rharrison@chromium.org> Reviewed-by: Ryan Harrison <rharrison@chromium.org>
2018-05-02Use pointer instead of ref for CXFA_Box::GetPathArcOrRounded param.Henrique Nakashima
Change-Id: I1bfada610b8bf2e1f8e0f79a9421db9ebedc7311 Reviewed-on: https://pdfium-review.googlesource.com/32010 Commit-Queue: Ryan Harrison <rharrison@chromium.org> Reviewed-by: Ryan Harrison <rharrison@chromium.org>