summaryrefslogtreecommitdiff
path: root/xfa/fxfa
AgeCommit message (Collapse)Author
2017-07-18Correct lexer handling of FormCalc identifiersRyan Harrison
This makes the lexer stricter on valid characters for identifiers, and conform to the grammar in the FormCalc spec. This should remove a class of inputs that ClusterFuzz is attempting that are breaking later stages of the transpile. BUG: chromium:736234, pdfium:783, pdfium:784 Change-Id: I3987d6778a82b71d768fa751035993c0af2577ee Reviewed-on: https://pdfium-review.googlesource.com/8010 Commit-Queue: Ryan Harrison <rharrison@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-07-14Fixup naming of XFA graphics classesDan Sinclair
These files were originally renamed thinking they'd move with the colour class up to core/. It was decided that CPWL_Color was a better core colour class the the xfa colour so these are being renamed back to XFA based names to make it clear where they live. Change-Id: Ie89f2306be0609add29bd445e719567e7b439211 Reviewed-on: https://pdfium-review.googlesource.com/7754 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-07-13Rename cfx_color to cxfa_colorDan Sinclair
This CL renames CFX_Color to CXFA_Color. The class has some XFA specific things like shadings and patterns in it and doesn't make sense as the colour base class. Change-Id: I1d2230b9f03a1017777ce673419926429b769e7c Reviewed-on: https://pdfium-review.googlesource.com/7752 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-07-07Remove a static initializer introduced in commit 573b10a.Lei Zhang
Change-Id: Ic81df89078241c75ae2da6309b22022ba225100f Reviewed-on: https://pdfium-review.googlesource.com/7370 Reviewed-by: Ryan Harrison <rharrison@chromium.org> Commit-Queue: Lei Zhang <thestig@chromium.org>
2017-07-05Extract comparison functions from std::lower_bound argsRyan Harrison
Cleanup of code I changed earlier last week, to match the style recommended in later reviews and make it more readable. BUG=pdfium:786 Change-Id: I2ff8b980a229718e389ad1a8063bd5059aedb66c Reviewed-on: https://pdfium-review.googlesource.com/7212 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: Ryan Harrison <rharrison@chromium.org>
2017-07-04Removed hand rolled bsearch from IsKeyword methodRyan Harrison
BUG=pdfium:786 Change-Id: I7a852566cdde301ee896c12d9d29043047c31ad4 Reviewed-on: https://pdfium-review.googlesource.com/7211 Commit-Queue: Ryan Harrison <rharrison@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-06-30Remove hand rolled bsearch from HTMLSTR2CodeRyan Harrison
BUG=pdfium:786 Change-Id: I0779dccb6db0e6ea3933279914153ef7961d9a5b Reviewed-on: https://pdfium-review.googlesource.com/7152 Commit-Queue: Ryan Harrison <rharrison@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-06-30Remove hand rolled bsearch from HTMLCode2STRRyan Harrison
BUG=pdfium:786 Change-Id: I84f4012b5225f81df604fcc6e0836ac5d19f1414 Reviewed-on: https://pdfium-review.googlesource.com/7153 Reviewed-by: Nicolás Peña <npm@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org> Commit-Queue: Ryan Harrison <rharrison@chromium.org>
2017-06-30Fix nits in a bunch of random XFA files.Lei Zhang
- Simplify if (cond) return true; return false; pattern. - Use size_t in CXFA_FFDocView::RunCalculateRecursive(). Change-Id: I1c426556bc927a118cb062999812ab06bbfcfec7 Reviewed-on: https://pdfium-review.googlesource.com/7130 Commit-Queue: Lei Zhang <thestig@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-06-29Move Start to constructor in CFX_Image(Renderer|Transformer)chromium/3145Nicolas Pena
The bool returned by Start was not being used and the method was always called right after the constructor, so it should be in the constructor. Change-Id: I98abf9f7c11fbe42b3aa15ec5e46731198aa23d5 Reviewed-on: https://pdfium-review.googlesource.com/7151 Commit-Queue: Nicolás Peña <npm@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org>
2017-06-29Cleaning up SomMethod handling in fm2jsRyan Harrison
Removing hand rolled hash table and binrary search. BUG=pdfium:786 Change-Id: Iac18f02c9f560f484b974762474dbb51597d2353 Reviewed-on: https://pdfium-review.googlesource.com/7092 Reviewed-by: Tom Sepez <tsepez@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org> Reviewed-by: Nicolás Peña <npm@chromium.org> Commit-Queue: Ryan Harrison <rharrison@chromium.org>
2017-06-29Change SetReverse to GetInverse in CFX_MatrixNicolas Pena
CFX_Matrix::GetInverse is much clearer. Change-Id: Id10ab1723735332e1a78de853f28415ec3a4d834 Reviewed-on: https://pdfium-review.googlesource.com/7090 Reviewed-by: Lei Zhang <thestig@chromium.org> Commit-Queue: Nicolás Peña <npm@chromium.org>
2017-06-29Cleanup call expression handling in fm2jsRyan Harrison
Remove handling of arbitrary function calls, and only allow supported function calls. Issues with the lexer being overly permissive led to large blobs of javascript being dropped into the output. Specifically driver code was assuming that anything marked as a function would just be an identifier that could be inserted into the javascript, but the lexer marks things like ()()() as a function, which would lead to the following JS being inserted as an identifier. This change is intended to be a patch for the specific issue that was being seen from the fuzzer test, and further work will be needed to make the lexer more strict. BUG=724913 TEST=Ran fuzzer test case. Ran unittests,embeddertests,corpustests. Change-Id: Ib7d9239bf6fece853bea0f4915ee4ad72d3cd290 Reviewed-on: https://pdfium-review.googlesource.com/7032 Commit-Queue: Ryan Harrison <rharrison@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-06-28XFA: Add test to show Oneof() works correctly.Lei Zhang
The new embedder test shows Oneof() works, whereas the corpus test does not. It turns out the corpus test was bad, and trying to fix it exposed a different bug. So roll DEPS for the testing corpus anyway to get improved tests, but keep the suppression for now. BUG=pdfium:781 Change-Id: I3cc6b9a414384c917f205eff064c5dd2175d09fe Reviewed-on: https://pdfium-review.googlesource.com/6973 Commit-Queue: Lei Zhang <thestig@chromium.org> Reviewed-by: Nicolás Peña <npm@chromium.org>
2017-06-20Cleanup fpdf_parser_decodeNicolas Pena
This CL fixes some nits in fpdf_parser_decode, especially avoiding non-const reference parameters. Change-Id: Ibb914850afd924bb398f886ac862f7589519ef7e Reviewed-on: https://pdfium-review.googlesource.com/6750 Commit-Queue: Nicolás Peña <npm@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-06-14Fix bad format string in CXFA_FM2JSContext.Lei Zhang
PDFium's vswprintf() is based on the win32 version to be consistent across platforms. On Windows, %s has different meanings depending on whether the printf() variant is wide or not. BUG=chromium:732533 Change-Id: I7437ecd253da1234728c1e0897f02b7f907aada8 Reviewed-on: https://pdfium-review.googlesource.com/6550 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-06-06Convert CFGAS_FormatString to pointer out parameterschromium/3123Dan Sinclair
This CL changes all CFGAS_FormatString methods to use pointer out paramters instead of reference out parameters. Change-Id: Ic5b57f30e4be09233898b8f4e06f908a96afedc8 Reviewed-on: https://pdfium-review.googlesource.com/6272 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Nicolás Peña <npm@chromium.org>
2017-06-05More CFGAS_FormatString testsDan Sinclair
This CL adds more tests for various CFGAS_FormatString methods. A few bugs are fixed up along the way. Change-Id: Ida1f2792d1bd72f4f52b3c7cc1ff0022b6f45fda Reviewed-on: https://pdfium-review.googlesource.com/6179 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-06-05Cleaning up some XFA locale related codeDan Sinclair
This CL removes some unused locale related code and formats other bits. Change-Id: I172fc16a634a8982c00bfaf84fdcd4cd277eb36d Reviewed-on: https://pdfium-review.googlesource.com/6077 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-06-02Prevent OOB access in CXFA_FM2JSContext::IsIsoTimeFormat().Lei Zhang
Change-Id: I3fe0460f3a4cfd7d48ccfc79d0256fc83d7fbac8 Reviewed-on: https://pdfium-review.googlesource.com/6235 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: Lei Zhang <thestig@chromium.org>
2017-06-01Tag CFXJSE_HostObject sub-classes.Tom Sepez
CXFA_FM2JSContext and CXFA_Object both subclass CFXJSE_HostObject. When a CFXJSE_HostObject is obtained from an opaque pointer inside a V8 object internal slot, there is no way to distinguish one from the other. Bug: 728158 Change-Id: Iabc648e8b7226e2819d8795227442c3f6c61a793 Reviewed-on: https://pdfium-review.googlesource.com/6211 Reviewed-by: Lei Zhang <thestig@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org>
2017-06-01Remove unused Locale codeDan Sinclair
This CL removes unused code from CFGAS_FormatString and CXFA_LocaleValue. Change-Id: I87a996231b3ad3770508be362456c435034b229c Reviewed-on: https://pdfium-review.googlesource.com/6177 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-05-25Split apart remaining xfa/fxfa/app filesDan Sinclair
This CL splits the remaining files in xfa/fxfa/app into individual files named after the classes. Change-Id: I84bd8938937641bb6897614ed15558a2682f456c Reviewed-on: https://pdfium-review.googlesource.com/6010 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-05-25Mass conversion of all const-lifetime class membersTom Sepez
Sed + minimal conversions to compile, including moving some constructors into the .cpp file. Any that caused ASAN issues during the tests were omitted rather than trying to resolve the underlying issue. Change-Id: I00a421f33b253eb4071ffd9af3f2922c7443b335 Reviewed-on: https://pdfium-review.googlesource.com/5891 Commit-Queue: Tom Sepez <tsepez@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org>
2017-05-25Fix FM2JSContext Round return typeDan Sinclair
This Cl fixes the return type of the Round method to return a double instead of a string. Change-Id: I740e375bdedfe22cb9f81d4beeaa079eac64b1bd Reviewed-on: https://pdfium-review.googlesource.com/5896 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Nicolás Peña <npm@chromium.org>
2017-05-25Enable remaining boolean FM2JSContext testsdan sinclair
This CL updates the return type of the remaining boolean tests to be Integer and enables the tests. Change-Id: Ie2856ad31d17ffb496f33e6969912d0aae9678c5 Reviewed-on: https://pdfium-review.googlesource.com/5895 Reviewed-by: Nicolás Peña <npm@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-05-25Enable the FM2JSContext Exists testdan sinclair
This Cl fixes the Exists test of FM2JSContext to handle the return type of Integer instead of Boolean. Change-Id: I51c43e22eff5330de5ab5e63a925006af483f0ab Reviewed-on: https://pdfium-review.googlesource.com/5894 Reviewed-by: Nicolás Peña <npm@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-05-25Enable FM2JSContext Choose testsdan sinclair
This Cl enables the Choose tests for FM2JSContext. The Choose tests always return a String. Change-Id: I29b3ce4ed38f94886c6036f3766182fecb6e787b Reviewed-on: https://pdfium-review.googlesource.com/5893 Reviewed-by: Nicolás Peña <npm@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-05-25Enable most FM2JSContext boolean testsdan sinclair
This CL enables most of the FM2JSContext boolean tests. The return type is updated to Integer from Boolean. Change-Id: Ie3f665bd23a86e843cadb2ae8963767466bd1714 Reviewed-on: https://pdfium-review.googlesource.com/5892 Reviewed-by: Nicolás Peña <npm@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-05-24Convert to CFX_UnownedPtr, part 10Tom Sepez
Change-Id: I4eab5e843580845753c5f80c05cf9490a85114b6 Reviewed-on: https://pdfium-review.googlesource.com/5890 Reviewed-by: Lei Zhang <thestig@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org>
2017-05-24More FM2JSContext testsDan Sinclair
This CL adds tests for the FormCalc methods that don't require passing in a formcalc object reference. Change-Id: Ica6f15704cce525d38d25a27d1628089d2fc5a5a Reviewed-on: https://pdfium-review.googlesource.com/5691 Reviewed-by: Nicolás Peña <npm@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-05-23Cleanup default values and methods in CXFA_WidgetdataDan Sinclair
Change-Id: Ie591de17aba54d6d0f96b1133be7d899bab577cf Reviewed-on: https://pdfium-review.googlesource.com/5660 Reviewed-by: Nicolás Peña <npm@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-05-23Use NOTREACHED() in more places.Lei Zhang
Change-Id: I88466943171f19259f84add69679741d44c8e123 Reviewed-on: https://pdfium-review.googlesource.com/5551 Commit-Queue: Lei Zhang <thestig@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-05-20Use observed ptrs from CFGAS_GEFont back to its font mgrs.chromium/3106Tom Sepez
CFGAS_GEFonts are ref counted, and its a good thing since they are managed by at least three different font managers: CFGAS_FontMgr, CXFA_PDFFontMgr, and CXFA_FontMgr. None of these have a clear claim to ownership of the CFGAS_GEFont. CFGAS_GEFont has back-pointers to two of these, CFGAS_FontMgr, and CXFA_PDFFontMgr, and they could each outlive the other. Thus the font needs to watch for destruction of either of its managers, so as to stop using it after its gone. Bug: 724640 Change-Id: I907ec35e300e11e532e13545d51fb200ac86b4f9 Reviewed-on: https://pdfium-review.googlesource.com/5735 Commit-Queue: Tom Sepez <tsepez@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org>
2017-05-20Use unowned ptr from CXFA_FFDocView to CXFA_FFDocTom Sepez
There's an unique_ptr going in the other direction, so it must outlive this. Change-Id: I28a77fbff67e6682360414e26c807d707602e140 Reviewed-on: https://pdfium-review.googlesource.com/5736 Reviewed-by: Lei Zhang <thestig@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org>
2017-05-19ASAN flags zero-length StringC in GetMapModuleString()chromium/3105Tom Sepez
Corner case for StringCs: A non-referenceable ptr plus a zero length. The situation should be rare, so fix it at the spot of the foul rather than adding logic to the StringC constructors to zero the pointer when encountering zero length. Bug: 724500 Change-Id: I54b263f7db5ddef7bade6bfaa185a542ea20229c Reviewed-on: https://pdfium-review.googlesource.com/5730 Reviewed-by: Lei Zhang <thestig@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org>
2017-05-19Move CCodec_ModuleMgr ownership to CPDF_ModuleMgr.Lei Zhang
More straight forward than CFX_GEModule owning in and CPDF_ModuleMgr holding a pointer to it. Remove assumptions that the codec modules may return nullptr, and do IWYU. Change-Id: Iba7fc3c7ec223fd6d29a1ab74ed13d35689bc5d5 Reviewed-on: https://pdfium-review.googlesource.com/5654 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-05-18Use UnownedPtr to check CFX_*StringC lifetimeschromium/3104Tom Sepez
Change interform to avoid temp StringC with dangling ptr. Change-Id: I8d8659973bcdf2cdbcaa6efa6012e4acce5f1604 Reviewed-on: https://pdfium-review.googlesource.com/5571 Commit-Queue: Tom Sepez <tsepez@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org>
2017-05-18Adding fm2js embedder testsDan Sinclair
This Cl adds the basis of the test framework to execute the javascript produced by CXFA_FM2JSContext and verify the results are correct. Change-Id: Ie46625b7e27ca0808e9cc41fdc00b7c0a212837d Reviewed-on: https://pdfium-review.googlesource.com/5651 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-05-18Remove CXFA_FMErrorInfodan sinclair
This Cl removes the CXFA_FMErrorInfo class. The message was never output, just used as a flag to determine if there was an error. The class has been replaced with a boolean. Change-Id: I1cde99ce6957f5f8c6be0755a198d80ec8378b3a Reviewed-on: https://pdfium-review.googlesource.com/5653 Reviewed-by: Nicolás Peña <npm@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-05-17Shorten internal JS prefixes.Dan Sinclair
This Cl shortens the prefix applied in JavaScript to reduce the size of the generated JavaScript string. Change-Id: Ica5d02cc89b17140ba42deae72484cd159f8e3e5 Reviewed-on: https://pdfium-review.googlesource.com/5590 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-05-17Adding CXFA_Parse unittestsDan Sinclair
This CL adds the beginning of unittests for the CXFA_Parse code. Change-Id: I06e556f1a35405bc683c536d390071917ee330a6 Reviewed-on: https://pdfium-review.googlesource.com/5556 Reviewed-by: Nicolás Peña <npm@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
2017-05-17Rename formcalc files to better match contentsDan Sinclair
Most files match the contents. The expression files are named to match their base type even though they contain all the expression subclasses. Change-Id: I3b7705c7b206a9fa1afae8b677f765e8b788e84d Reviewed-on: https://pdfium-review.googlesource.com/5492 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Nicolás Peña <npm@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-05-16Be skeptical of bare |new|s.Tom Sepez
In particular, prefer an explicit .release() call when handing ownership of an object to a caller across a C-API. Change-Id: Ic3784e9d0b2d378a08d388989eaea7c9166bacd1 Reviewed-on: https://pdfium-review.googlesource.com/5470 Commit-Queue: Tom Sepez <tsepez@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org>
2017-05-16CFDE_RenderDevice::m_bOwnerDevice is always falseTom Sepez
So remove it. But they probably wanted it to be true in one place, because it looks like a leak. So find a better way to own the object. Change-Id: I15937e29da5ce8b380f82cb20ee3ecc3f49b8ca3 Reviewed-on: https://pdfium-review.googlesource.com/5473 Commit-Queue: Tom Sepez <tsepez@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-05-16Introduce CFX_UnownedPtr to detect lifetime inversion issues.Tom Sepez
There are places where an object "child" has a raw pointer back to object "owner" with the understanding that owner will always outlive child. Violating this constraint can lead to use after free, but this requires finding two paths: one that frees the objects in the wrong order, and one that uses the object after the free. The purpose of this patch is to detect the constraint violation even when the second path is not hit. We create a template that is used in place of TYPE*. It's dtor, when a memory tool is present, goes out and probes the first byte of the object to which it points. Used in "child", this allows the memory tool to prove that the "owner" is still alive at the time the child is destroyed, and hence the constraint is never violated. Change-Id: I2a6d696d51dda4a79ee2f00a6752965e058a6417 Reviewed-on: https://pdfium-review.googlesource.com/5475 Commit-Queue: Tom Sepez <tsepez@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org>
2017-05-16Handle when XFA parser error handlers cannot format error messages.Lei Zhang
Limit the length of error messages to avoid string formatting failure. Simplify some CXFA_FMParse error handling code too. BUG=chromium:708428 Change-Id: I2f5fdb61349a90b3ba681dcc04a26ce0d7f2bdda Reviewed-on: https://pdfium-review.googlesource.com/5331 Commit-Queue: Lei Zhang <thestig@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-05-16Add formcalc lexer tests.Dan Sinclair
This CL adds tests for CXFA_FMLexer. Change-Id: I4cb7000212dda6d2b32211005a1c22deabb813ae Reviewed-on: https://pdfium-review.googlesource.com/5554 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Nicolás Peña <npm@chromium.org>
2017-05-16Update formcalc return typesDan Sinclair
Update return types to be bools instead of ints. Make some methods private. Change-Id: I5d55c48a861f90e9bd116ef835c11cdb515002a6 Reviewed-on: https://pdfium-review.googlesource.com/5553 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Nicolás Peña <npm@chromium.org>
2017-05-16Do not walk off end of formcalc stringDan Sinclair
The fm2js code takes a pointer to the input string and then walks along that pointer. There are currently no checks to verify we haven't walked off the end of the pointer into random memory. If this happens, we can end up allocating large chunks of memory and copying random bits. BUG=chromium:721533 Change-Id: Ia61fe96c1ff9eb9ded63cf8326b7be44986bd9e1 Reviewed-on: https://pdfium-review.googlesource.com/5550 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Nicolás Peña <npm@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org>