pdfium.git
4 years agoRemove typdefs for pointer types in fx_system.h.
Tom Sepez [Wed, 10 Jun 2015 18:09:44 +0000]
Remove typdefs for pointer types in fx_system.h.

This involves fixing some multiple variable per line
declarations, as the textually-substituted "*" applies
only to the first one.

This involves moving some consts around following the
substitution.

This involves replacing some typedefs used as constructors
with better code.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1171733003

4 years agoConvert CPDF_FontMap to std::map.
Lei Zhang [Wed, 10 Jun 2015 17:40:57 +0000]
Convert CPDF_FontMap to std::map.

R=tsepez@chromium.org

Review URL: https://codereview.chromium.org/1151133004.

4 years agoRevert 'Correct unexpected hinting fonts'
JUN FANG [Tue, 9 Jun 2015 23:49:44 +0000]
Revert 'Correct unexpected hinting fonts'

TBR=tsepez@chromium.org

BUG=N/A

Review URL: https://codereview.chromium.org/1174583003

4 years agoCorrect unexpected hinting fonts
JUN FANG [Tue, 9 Jun 2015 23:28:53 +0000]
Correct unexpected hinting fonts

If the font is 'tricky', it needs to be hinted by default according to the description in freetype.

BUG=490814
R=tsepez@chromium.org

Review URL: https://codereview.chromium.org/1170313003

4 years agoUse stdint.h types throughout PDFium.
Tom Sepez [Tue, 9 Jun 2015 18:30:25 +0000]
Use stdint.h types throughout PDFium.

It's redundant nowadays to provide our own equivalents, now
that this is done for us by the system header.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1177483002

4 years agoRemove more cruft from fx_system.h
Tom Sepez [Tue, 9 Jun 2015 00:25:42 +0000]
Remove more cruft from fx_system.h

- include system headers first and alphabetize.
- remove unsupported FX_WIN32_MOBILE symbol.
- actually define  a FX_WIN64 symbol and make consistent.
- use final/override, not FX_FINAL.
- let stdint.h resolve FX_WORDSIZE concerns.
- unused FX_ERR and FX_SUCCESS() macros.
- unused FX_LSB_FIRST macro.
- outline FX type deprecation plan.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1169963003

4 years agoFix potentially massive memory leak in CPDF_DIBSource::LoadJpxBitmap().
Lei Zhang [Mon, 8 Jun 2015 20:24:48 +0000]
Fix potentially massive memory leak in CPDF_DIBSource::LoadJpxBitmap().

Leaks can happen in several places. For this particular bug, it happens
when there is a colorspace component count mismatch.

BUG=497191
R=tsepez@chromium.org

Review URL: https://codereview.chromium.org/1153633009

4 years agoCleanup: Make CPDF_Annot::m_pAnnotDict private.
Lei Zhang [Fri, 5 Jun 2015 22:28:03 +0000]
Cleanup: Make CPDF_Annot::m_pAnnotDict private.

Remove dead code in CPDF_Annot as well.

R=tsepez@chromium.org

Review URL: https://codereview.chromium.org/1157773012

4 years agoAdd move constructor for FX string types.
Tom Sepez [Fri, 5 Jun 2015 22:23:50 +0000]
Add move constructor for FX string types.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1162203007

4 years agoStandalone checkout gets buildtools.
Tom Sepez [Fri, 5 Jun 2015 20:34:44 +0000]
Standalone checkout gets buildtools.

This will pull in the checkdeps utility for standalone builds.
Write some include rules, too.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1149623011

4 years agoFix bad include path in fpdfview.cpp
Tom Sepez [Fri, 5 Jun 2015 20:24:21 +0000]
Fix bad include path in fpdfview.cpp

Caught by checkdeps rules.  That this still compiled is probably due to
some stray -I flag somewhere.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1149213008

4 years agoMove fx_safe_types.h to include/ directory.
Tom Sepez [Fri, 5 Jun 2015 01:53:39 +0000]
Move fx_safe_types.h to include/ directory.

Small bit of OCD here, since this file is included cross-library
(i.e. from fpdfsk), it can't be in src/.  In other words, the
following should be empty:
    grep -R 'include.*core/src/' fpdfsdk

Fix some IWYU in it at the same time.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1147353006

4 years agoKill unused IPDF_ classes.
Tom Sepez [Wed, 3 Jun 2015 23:09:12 +0000]
Kill unused IPDF_ classes.

Some are simply never defined.  Some are never instantiated.  Some have
paths that are never reached.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1168503003

4 years agoFix fx_basic_memmgr_unittest.cpp under stricter GN rules
Tom Sepez [Wed, 3 Jun 2015 19:05:33 +0000]
Fix fx_basic_memmgr_unittest.cpp under stricter GN rules

This caused a revert of the PDFium roll.

TBR=thestig@chromium.org

Review URL: https://codereview.chromium.org/1165863003

4 years agoAutomated test case for 487928.
Tom Sepez [Tue, 2 Jun 2015 23:51:07 +0000]
Automated test case for 487928.

Reproducing this bug requires the embedder to fire timers, something the
single-pass pdfium-test binary doesn't do properly at the present. So
we modify the embedder test delegate to allow the immediate triggering
of the same.

Perform some cleanup along the way by removing EmbedderTestDefaultDelegate
-- it buys us nothing over the the no-op one.

And, of course, v8 initialization is busted again, and we need v8 here.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1153213004

4 years agoFix windows compile: fix size_t vs. int mismatch
Tom Sepez [Tue, 2 Jun 2015 22:34:19 +0000]
Fix windows compile: fix size_t vs. int mismatch

As indicated by:
http://build.chromium.org/p/tryserver.chromium.win/builders/win_chromium_x64_rel_ng/builds/63417/steps/compile%20%28with%20patch%29/logs/stdio

R=thestig@chromium.org
TBR=thestig@chromium.org

Review URL: https://codereview.chromium.org/1160293003

4 years agokill IPDF_DocParser().
Tom Sepez [Tue, 2 Jun 2015 21:19:00 +0000]
kill IPDF_DocParser().

Its fine to program to interfaces, but since the sole concrete implementation
is in the same header as the interface, the code is bypassing it anyways. We
can de-virtualize some things along the way, and remove two non-existent
function prototypes from one of the headers.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1158053003

4 years agoFix heap use after free in Document::DoFieldDelay and Document::delay
Tom Sepez [Tue, 2 Jun 2015 17:09:49 +0000]
Fix heap use after free in Document::DoFieldDelay and Document::delay

This fix removes CJS_DelayData object from m_DelayData array and copies them to
a new array, before processing them. So contents of m_DelayData array cannot be
used after they get freed.

BUG=487928

R=tsepez@chromium.org

TEST= Chrome pdf plugin should not crash when poc_stable,testuafdocument1.pdf
      and testuafdocument2.pdf are viewed.
      see crbug.com/487928 and crbug.com/487928#c18 for more details.

Review URL: https://codereview.chromium.org/1163823002

4 years agoAdd missing comma to third_party.gyp
Bruce Dawson [Mon, 1 Jun 2015 21:44:52 +0000]
Add missing comma to third_party.gyp

A reference to nonstd_unique_ptr.h was added with
https://codereview.chromium.org/1091283002 but a comma is missing
after it. This causes this string to be concatenated with the next,
leading to broken sources. This went unnoticed by the build due to
the fact that the affected sources are both headers, but they should
be properly separated.

R=brucedawson@chromium.org

Review URL: https://codereview.chromium.org/1156663006

4 years agoRun V8 in predictable mode for pdfium_test
Jochen Eisinger [Fri, 29 May 2015 08:22:32 +0000]
Run V8 in predictable mode for pdfium_test

This won't post tasks to the background threads

BUG=none
R=kcc@chromium.org, tsepez@chromium.org

Review URL: https://codereview.chromium.org/1157123003

4 years agoFix suppressions for 2015-05-28 drop
Tom Sepez [Thu, 28 May 2015 21:26:49 +0000]
Fix suppressions for 2015-05-28 drop

TBR=thestig@chromium.org

Review URL: https://codereview.chromium.org/1154993003

4 years agoRoll DEPS to pick up 2015-05-28 corpus drop.
Tom Sepez [Thu, 28 May 2015 21:00:30 +0000]
Roll DEPS to pick up 2015-05-28 corpus drop.

This will undoubtedly RED the tree due to differences in platforms
and environments.  A subsequent CL will add suppressions to get back
to GREEN.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1153393004

4 years agoFix ALL the include guards.
Tom Sepez [Thu, 28 May 2015 20:09:35 +0000]
Fix ALL the include guards.

Get rid of leading _CAPITAL identifiers.
A large number of these didn't actually match the filename.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1160443004

4 years agoRemove rendundant ../include from paths of files in include/ directory
Tom Sepez [Wed, 27 May 2015 23:07:42 +0000]
Remove rendundant ../include from paths of files in include/ directory

Tiny bit of tidying I noticed while trying to figure out include rules.

In other words,
   cd core/include
   git grep 'include.*include'
   git grep 'include.*src'

Should produce no output, and

   cd fpdfsdk/include
   git grep 'include.*include' | grep -v ../core/include
   git grep 'include.*src'

Should produce no output as well.

Fix some IWYU, header guards, include ordering, whitespace along the way.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1162453003

4 years agoUpgrade openjpeg to r3002
JUN FANG [Tue, 26 May 2015 19:14:39 +0000]
Upgrade openjpeg to r3002

BUG=459215
R=tsepez@chromium.org

Review URL: https://codereview.chromium.org/1160663002

4 years agoUpdate copy of safe_math_impl.h to take a fix from upstream:
Tom Sepez [Thu, 21 May 2015 22:08:17 +0000]
Update copy of safe_math_impl.h to take a fix from upstream:

Fix a division by zero when multiplying 0 * y with SafeNumerics.

BUG=488302
R=jschuh@chromium.org

Review URL: https://codereview.chromium.org/1126243007

4 years agoFix four annoying warnings:
Tom Sepez [Thu, 21 May 2015 21:54:17 +0000]
Fix four annoying warnings:
Two "set but unused", one of which is surely an artifact from
copying code around, and the other which ought to be used for
the sake of clarity.

Two are unknown "optimize" pragmas, remove them since the code
has been shipped for years on other platforms under full optimization.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1148353002

4 years agoFix an endless loop in CJBig2_HuffmanTable::parseFromCodedBuffer
JUN FANG [Thu, 21 May 2015 16:56:11 +0000]
Fix an endless loop in CJBig2_HuffmanTable::parseFromCodedBuffer

This issue is trigged by the conversion from unsigned int to signed int.
A large unsigned int is converted to int. It's represented as a negative
int which is used in the condition of while later.

BUG=482639
R=brucedawson@chromium.org

Review URL: https://codereview.chromium.org/1146913003

4 years agoGet test running scripts to detect and report common error.
Bruce Dawson [Wed, 20 May 2015 23:52:05 +0000]
Get test running scripts to detect and report common error.

testing/tools/run_corpus_tests.py assumes a debug build and will
fail cryptically if only a release build is available.

Arguably there shouldn't be a default because having one could lead
to accidentally running a stale version, but that is probably too
much of a change.

R=tsepez@chromium.org

Review URL: https://codereview.chromium.org/1150823003

4 years agoInteger overflow in CJBig2_Image::expand
JUN FANG [Wed, 20 May 2015 19:25:56 +0000]
Integer overflow in CJBig2_Image::expand

1. New size should be larger than old size in JBig2_Realloc.
2. Arguments are integers but parameters are size_t in JBIG2_memset.
   After integer overflows, it will be presented as a huge
   unsigned number on 64 bits system.

BUG=483981
R=brucedawson@chromium.org, tsepez@chromium.org

Review URL: https://codereview.chromium.org/1148643002

4 years agoTidy public fpdfview.h and fpdf_flatten.h.
Tom Sepez [Wed, 20 May 2015 17:00:19 +0000]
Tidy public fpdfview.h and fpdf_flatten.h.

Mostly cosmetic; fix a spelling error, make comment style
consistent, remove unnecessary #ifdefs, remove unused globals.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1139993003

4 years agoTurn on warnings for usage of disabled V8 APIs
Jochen Eisinger [Wed, 20 May 2015 08:07:00 +0000]
Turn on warnings for usage of disabled V8 APIs

R=vogelheim@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1146933002

4 years agoRe-land: Remove FX_Alloc() null checks now that it can't return NULL.
Tom Sepez [Tue, 19 May 2015 22:19:32 +0000]
Re-land: Remove FX_Alloc() null checks now that it can't return NULL.

Fixes the ordering of some assignments broken when converting to checked
numerics in CFX_PathData::AddPointCount().

Original Review URL: https://codereview.chromium.org/1142713005

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1135893008

4 years agoRevert "Remove FX_Alloc() null checks now that it can't return NULL."
Tom Sepez [Tue, 19 May 2015 21:56:52 +0000]
Revert "Remove FX_Alloc() null checks now that it can't return NULL."

This reverts commit eb6527763171cdb4b0fbfea5a20d691f4d67b660.

Reason for revert: broke javascript tests.
TBR=thestig@chromium.org

Review URL: https://codereview.chromium.org/1145843005

4 years agoRemove FX_Alloc() null checks now that it can't return NULL.
Tom Sepez [Tue, 19 May 2015 21:48:00 +0000]
Remove FX_Alloc() null checks now that it can't return NULL.

This permits some functions to become void's since
they, in turn, can't fail.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1142713005

4 years agoFix Heap Overflow in CJBig2_Image::expand
JUN FANG [Tue, 19 May 2015 21:44:13 +0000]
Fix Heap Overflow in CJBig2_Image::expand

Integer overflow in CJBig2_Image::expand.
It causes the size of reallocated is not
expected.

BUG=483981
R=tsepez@chromium.org

Review URL: https://codereview.chromium.org/1131023008

4 years agoCleanup if early return from opj_j2k_copy_default_tcp_and_create_tcd().
Tom Sepez [Mon, 18 May 2015 22:46:54 +0000]
Cleanup if early return from opj_j2k_copy_default_tcp_and_create_tcd().

The opj_j2k_copy_default_tcp_and_create_tcp() function memcpy's a top-level
struct, and then replaces pointers to memory owned by the original struct
with new blocks of memory. Unfortunately, an early return can leave the
copy with pointers to memory it doesn't own, which causes problems when
cleaning up the partially-initialized struct.

The referenced bug is triggered when we get a return at original
line 7969 or 7385 due to OOM.

Moral of the story: creating a "copy constructor" equivalent
based on memcpy() instead of copying field by field for structs
containing pointers is usually a bad idea.

BUG=486538
R=jun_fang@foxitsoftware.com

Review URL: https://codereview.chromium.org/1138033007

4 years agoReplace v8::Handle with v8::Local and v8::Persistent with v8::Global
Jochen Eisinger [Mon, 18 May 2015 22:33:06 +0000]
Replace v8::Handle with v8::Local and v8::Persistent with v8::Global

those types are just aliases, and we should consistently use the new version

R=tsepez@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1138823004

4 years agoChange FX_Alloc to FX_Try_Alloc in _JpegEncode
JUN FANG [Mon, 18 May 2015 21:36:00 +0000]
Change FX_Alloc to FX_Try_Alloc in _JpegEncode

This CL is used for:
1. keeping the same logic as before (the behaviour
   of FX_Alloc was changed for OOM).
2. fixing a potential integer overflow.

BUG=N/A
R=tsepez@chromium.org

Review URL: https://codereview.chromium.org/1126013006

4 years agoAdd safe FX_Alloc2D() macro
Tom Sepez [Mon, 18 May 2015 21:18:08 +0000]
Add safe FX_Alloc2D() macro

This avoids unchecked multiplications when computing a size argument
to malloc(). Such an overflow is very scary, and can result in
exploitable bugs.

Along the way, kill off some return checks, since we know this can't
return NULL.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1143663004

4 years agoAdd myself to OWNERS file
Jochen Eisinger [Sun, 17 May 2015 11:10:19 +0000]
Add myself to OWNERS file

R=tsepez@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1133333005

4 years agoReplace deprecated with non-deprecated V8 APIs
Jochen Eisinger [Sun, 17 May 2015 11:07:02 +0000]
Replace deprecated with non-deprecated V8 APIs

In most cases, we just CHECK() that no exception was thrown. Previously,
we'd just crash.

Ideally, this should all be fixed and the system should cope with those
exceptions, but that's beyond this CL.

R=tsepez@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1126203010

4 years agoFix leaks in embedder test's FlateEncode() usage and in FlateEncode().
Lei Zhang [Fri, 15 May 2015 23:09:12 +0000]
Fix leaks in embedder test's FlateEncode() usage and in FlateEncode().

For FlateEncode(), error handling code leaked memory.

R=tsepez@chromium.org

Review URL: https://codereview.chromium.org/1144603002

4 years agoDisable allocation tests that hose the bot.
Tom Sepez [Fri, 15 May 2015 22:33:25 +0000]
Disable allocation tests that hose the bot.

Triggering allocation failure can be ... slow. See

http://build.chromium.org/p/client.pdfium/builders/win/builds/126

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1142463005

4 years agoInitialize members of CPDF_TextPageFind class.
Lei Zhang [Fri, 15 May 2015 22:19:12 +0000]
Initialize members of CPDF_TextPageFind class.

R=tsepez@chromium.org

Review URL: https://codereview.chromium.org/1137933004

4 years agoFix leaks in the embedder tests themselves.
Lei Zhang [Fri, 15 May 2015 22:13:25 +0000]
Fix leaks in the embedder tests themselves.

Also change EmbedderTest::TearDown() to match the destruction order in
Chromium's PDF code.

R=tsepez@chromium.org

Review URL: https://codereview.chromium.org/1138143003

4 years agoAbort on OOM by default in FX_Alloc().
Tom Sepez [Fri, 15 May 2015 22:07:20 +0000]
Abort on OOM by default in FX_Alloc().

Add a FX_TryAlloc() for those few cases where we might need to continue
in face of OOM.

Remove FX_AllocNL() (the context of its use would suggest that NL
means "No Limit"). This is used for some big allocations, so replace
it with TryAlloc().  Large allocations may be worth trying to continue
from, since there are few and they have a large chance of failing.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1128043009

4 years agoRemove FX_NEW_VECTOR() macros.
Tom Sepez [Fri, 15 May 2015 20:50:07 +0000]
Remove FX_NEW_VECTOR() macros.

There isn't much point in having macros that obscure obvious
language features.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1135273004

4 years agoFix potential UAF in ConcatInPlace.
Tom Sepez [Fri, 15 May 2015 15:44:31 +0000]
Fix potential UAF in ConcatInPlace.

If ConcatCopy somehow gets a zero nNewlen, it returns early, without
allocating a new m_Data.  ConcatInPlace then frees the old one, leaving
m_Data dangling.

Also be concerned about the multiplication in the widestring version.
So use wmemcpy and let the library cope with it.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1130763007

4 years agoFix another batch of compiler warnings.
Lei Zhang [Fri, 15 May 2015 05:06:54 +0000]
Fix another batch of compiler warnings.

Also fix typos and remove trailing spaces/tabs.

R=tsepez@chromium.org

Review URL: https://codereview.chromium.org/1141123002

4 years agoMake CFX_StringData be scoped by CFX_Bytestring and add methods.
Tom Sepez [Thu, 14 May 2015 21:26:31 +0000]
Make CFX_StringData be scoped by CFX_Bytestring and add methods.

This is a precondition for someday combining Byte/Wide strings
via templates.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1142533002

4 years agoFix integer overflow in conversion from float to integer.
JUN FANG [Thu, 14 May 2015 00:25:40 +0000]
Fix integer overflow in conversion from float to integer.

BUG=471991
R=brucedawson@chromium.org

Review URL: https://codereview.chromium.org/1141613002

4 years agoUse phantom handles instead of weak handles
Jochen Eisinger [Thu, 14 May 2015 00:00:44 +0000]
Use phantom handles instead of weak handles

Phantom handles allow for freeing objects with one pass of GC. However,
this means that by the time the callback is invoked, the v8 object already
does no longer exist. To avoid accidential access to the dead object, there
are now two callbacks, where the first must only reset the handle, and the
second does the clean-up work.

R=tsepez@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1129253004

4 years agoTidy public/ directory.
Tom Sepez [Wed, 13 May 2015 23:39:41 +0000]
Tidy public/ directory.

- Make include guards consistent with standard and filenames.
- Remove stray semicolon folowing extern "C" section close-brace.
- Untabify.
- Delete trailing whitespace.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1128003005

4 years agoFix comparison of CFX_ByteString and CFX_WideString against empty literals.
Tom Sepez [Wed, 13 May 2015 21:16:51 +0000]
Fix comparison of CFX_ByteString and CFX_WideString against empty literals.

Also corrects some ASSERT_'s to EXPECT_'s in the test.

BUG=pdfium:160
R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1141763002

4 years agoSet pointers in internal fields directly instead of wrapping them
Jochen Eisinger [Wed, 13 May 2015 00:31:02 +0000]
Set pointers in internal fields directly instead of wrapping them

The internal fields are scanned by the garbage collector, so they can't contain arbitrary data. However, aligned pointers are supported by the V8 GC, so the V8
API allows for setting a pointer directly instead of wrapping it in an External
container.

Not only is this faster, but it's also required for the new v8::Global API which
I'm going to update to in a follow-up patch.

R=tsepez@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1139853003

4 years agoMake (and verify) public/ files compile under C.
Tom Sepez [Tue, 12 May 2015 23:17:04 +0000]
Make (and verify) public/ files compile under C.

This involves adding some missing extern "C" { } declarations,
using FPDF_ types instead of C++ types, and converting pass
by reference arguments into pointers.

Test this using fpdfview_embedertest for simplicity.

BUG=pdfium:158
R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1130843003

4 years agoDescribe required properties of public/ files with a README.
Tom Sepez [Tue, 12 May 2015 22:44:39 +0000]
Describe required properties of public/ files with a README.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1140833002

4 years agoRestore checked strlen conversions.
Tom Sepez [Tue, 12 May 2015 21:49:29 +0000]
Restore checked strlen conversions.

The checked conversion can be re-enabled now that there is a public
API free of private headers like this one.

This reverts commit 6661fd4c26106cd530d187b36f29be7e5c98b70f.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1133323003

4 years agoNEW public API for pdfwindow font manipulation.
Tom Sepez [Tue, 12 May 2015 19:24:22 +0000]
NEW public API for pdfwindow font manipulation.

PDFium side of fix to make chromium free of private header
includes.  This moves the one snippet of contaminating code
from chrome to PDFium itself.

BUG=486818
R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1126283004

4 years agoAdd owners file for PDFium.
Tom Sepez [Mon, 11 May 2015 23:32:41 +0000]
Add owners file for PDFium.

This is currently blocking a PDFium roll in chrome, see
http://build.chromium.org/p/tryserver.chromium.linux/builders/chromium_presubmit/builds/62816/steps/presubmit/logs/stdio

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1136533003

4 years agoCreate top-level public/ header directory.
Tom Sepez [Mon, 11 May 2015 21:27:24 +0000]
Create top-level public/ header directory.

These are the only files that embedders of PDFium should be including.
They are entirely self-contained, and compile cleanly against -Wall so
as to not offend the code that may include them.

Having done this, we can see that chromium is pulling in two additional
files from the fpdfsdk/include/pdfwindow directory, which is not guaranteed
to work.

A few files are renamed, adding an "_" to make the names consistent.
The exception is fpdfview, which is doc'd as such in the doc.

Naturally, paths will need updating in a handful of files in chrome
when this rolls in.

BUG=pdfium:154
R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1135913002

4 years agoMove function prototypes to new doc_utils.h file
Tom Sepez [Fri, 8 May 2015 20:36:50 +0000]
Move function prototypes to new doc_utils.h file

... rather than redundantly declaring them in several .cpp files, and
hoping that the linker lines things up for you.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1128193004

4 years agoFix compilation under chromium checkouts.
Tom Sepez [Fri, 8 May 2015 20:21:18 +0000]
Fix compilation under chromium checkouts.

This is a fix to hide pdfium's safe_conversions.h from the
higher-level callers.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1132163002

4 years agoBetter error from pdfium_test when page too big to render.
Tom Sepez [Fri, 8 May 2015 18:53:53 +0000]
Better error from pdfium_test when page too big to render.

BUG=pdfium:114
R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1124423006

4 years agoFix errors from commit f0a169e.
Lei Zhang [Fri, 8 May 2015 18:33:26 +0000]
Fix errors from commit f0a169e.

- fread() returns the number of items read.
- fix a memory leak in error handling.

R=tsepez@chromium.org

Review URL: https://codereview.chromium.org/1135713004

4 years agoFix a bunch of -Wunused-but-set-variable warnings.
Lei Zhang [Fri, 8 May 2015 18:03:55 +0000]
Fix a bunch of -Wunused-but-set-variable warnings.

Also fix a few nits and other errors along the way.

R=tsepez@chromium.org

Review URL: https://codereview.chromium.org/1098583002

4 years agoSupport arrays in nonstd::unique_ptr<>.
Tom Sepez [Thu, 7 May 2015 00:29:29 +0000]
Support arrays in nonstd::unique_ptr<>.

This mimics the std:: behaviour.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1130053003

4 years agoManual revert of ad2a822ce5c3
Tom Sepez [Wed, 6 May 2015 23:09:05 +0000]
Manual revert of ad2a822ce5c3

Reason for revert: No longer needed in face of 9ea57a43faea
TBR=thestig@chromium.org

Review URL: https://codereview.chromium.org/1122423006

4 years agoRemove FX_STRSIZE casts, use safe conversions
Tom Sepez [Wed, 6 May 2015 22:58:32 +0000]
Remove FX_STRSIZE casts, use safe conversions

BUG=pdfium:153
R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1124043003

4 years agoFix fx_string.h compile error under chromium checkouts.
Tom Sepez [Wed, 6 May 2015 19:40:23 +0000]
Fix fx_string.h compile error under chromium checkouts.

This gets included in chromium's pdfium_engine.cc, and thus must pass a
higher error level.  There's probably a follow-up to check why the FPDF_ api
doesn't insulate chromium from this file.

TBR=thestig@chromium.org

Review URL: https://codereview.chromium.org/1127043004

4 years agoFix a couple of divide by zero crashes in PNG/TIFF predictors.
Lei Zhang [Wed, 6 May 2015 19:34:26 +0000]
Fix a couple of divide by zero crashes in PNG/TIFF predictors.

BUG=484002
R=tsepez@chromium.org

Review URL: https://codereview.chromium.org/1124563002

4 years agoExpose additional flags for rasterization.
Scott Byer [Wed, 6 May 2015 00:02:40 +0000]
Expose additional flags for rasterization.

These flags are unused in Chromium, but are needed for the Cloud Print
conversion process, which takes PDF and produces a raster for low-end
printers. Certain low-end printers (e.g., B&W laser printers) will
turn anti-aliased text into a mess. The existing printing flag isn't
sufficient, as other kinds of printers will still want some kinds of
anti-aliasing to occur for best results.

BUG=482253
TEST=none
R=vitalybuka@chromium.org

Review URL: https://codereview.chromium.org/1115513002

Patch from Scott Byer <scottbyer@chromium.org>.

4 years agoMake sure string constructors are efficient on literals
Tom Sepez [Tue, 5 May 2015 22:15:38 +0000]
Make sure string constructors are efficient on literals

Separate out the overload when the length is not known, and be sure that
strlen() call is in the header so that strlen("foo") => 3 (since many
compilers support this optimization).

Also delete some unused types.

BUG=pdfium:151
R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1117263004

4 years agoFix issues with != and == in fx_basic_wstring
Tom Sepez [Mon, 4 May 2015 22:20:29 +0000]
Fix issues with != and == in fx_basic_wstring

Part two.  Fix same issue in wide strings as in their bytestring
counterparts.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1127753002

4 years agoKill FX_DEFINEHANDLE
Tom Sepez [Mon, 4 May 2015 21:53:09 +0000]
Kill FX_DEFINEHANDLE

I spent at least 2 minutes grep'ing for a class or struct (on the other
branch) that was delcared using this.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1129433002

4 years agoFix issuse with != and == shown by fx_basic_bstring unit tests.
Tom Sepez [Mon, 4 May 2015 21:03:25 +0000]
Fix issuse with != and == shown by fx_basic_bstring unit tests.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1125703004

4 years agoBackfill some FX StringC unit tests for == and !=.
Tom Sepez [Fri, 1 May 2015 23:55:45 +0000]
Backfill some FX StringC unit tests for == and !=.

Continuation of https://codereview.chromium.org/1122573002
Applies similar test to immutable versions of strings.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1118973005

4 years agoBackfill some FX String unit tests for == and !=.
Tom Sepez [Fri, 1 May 2015 23:24:04 +0000]
Backfill some FX String unit tests for == and !=.

... and there are a few inconsistencies which we can now fix. Also add a
comment about why these strings aren't headed for the dust-bin long term.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1122573002

4 years agoSave 4 bytes per CFX_ByteString where intptr_t smaller than long.
Tom Sepez [Fri, 1 May 2015 23:04:32 +0000]
Save 4 bytes per CFX_ByteString where intptr_t smaller than long.

Also prevent theoretical roll-over where long smaller than intptr_t.
See bug for discussion.

BUG=pdfium:149
R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1117413002

4 years agoSave 8 bytes in each CFX_ByteString/WideString (on "LP64" platforms).
Tom Sepez [Fri, 1 May 2015 21:48:58 +0000]
Save 8 bytes in each CFX_ByteString/WideString (on "LP64" platforms).

(Also makes the calculation robust in face of changes to the header).
BUG=pdfium:149
R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1118983003

4 years agoAdjust the visibility of the standalone targets in the GN build.
Dirk Pranke [Fri, 1 May 2015 21:26:13 +0000]
Adjust the visibility of the standalone targets in the GN build.

As part of the migration from GYP->GN, we want to make sure that we
can track when new targets are added to either the GYP or GN builds
and that we are building everything we expect to build.

In GN, unlike GYP, if a build file gets referenced from other files,
building 'all' will cause every target to be built in it. This means in
particular, that we can end up trying to build targets that are not
necessarily intended to be visible to the rest of the build. To get
around this, any target that is defined but hidden (like 'pdfium_unittests',
) should still be visible to a top-level target called
"//:gn_visibility".

R=tsepez@chromium.org, brettw@chromium.org
BUG=461019

Review URL: https://codereview.chromium.org/1120183002

4 years agoTake adavange of unused bytes at end of widestring
Tom Sepez [Thu, 30 Apr 2015 22:28:51 +0000]
Take adavange of unused bytes at end of widestring

Follow-on to https://codereview.chromium.org/1120703003/

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1112423003

4 years agoTry to take advantage of unused bytes at end of CFX_ByteString.
Tom Sepez [Thu, 30 Apr 2015 22:21:18 +0000]
Try to take advantage of unused bytes at end of CFX_ByteString.

Given the representation of StringData, it seems sub-optimal not to be doing this.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1120703003

4 years agoProvide an array buffer allocator to V8.
Tom Sepez [Thu, 30 Apr 2015 21:30:29 +0000]
Provide an array buffer allocator to V8.

This allows PDFium to work with current V8, so unpin v8 in the
pdfium DEPS file.

(I also re-ordered one field in CJS_Runtime, just to put two bools
together (may pack tighter), and to put all the v8 stuff together).

BUG=pdfium:146
R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1118043002

4 years agoAdd suppressions for all new failing corpus tests.
Tom Sepez [Thu, 30 Apr 2015 00:07:40 +0000]
Add suppressions for all new failing corpus tests.

TBR=thestig@chromium.org

Review URL: https://codereview.chromium.org/1111393004

4 years agoCorpus roll to pick up the 2015-04-28 Foxit drop.
Tom Sepez [Wed, 29 Apr 2015 23:50:07 +0000]
Corpus roll to pick up the 2015-04-28 Foxit drop.

This will undoubtedly red up the tree, as we don't have trybots. A follow-up
CL will add the suppressions required for each platform at the moment.

The new suppressions in this CL are for cases where we didn't generate an
expected result file (due to the issue in fx/FRC_3.5_part1/Introduction.txt).

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1111213005

4 years agoMake CFX_WideString::LockBuffer() completely unused.
Tom Sepez [Tue, 28 Apr 2015 21:10:30 +0000]
Make CFX_WideString::LockBuffer() completely unused.

Then remove CFX_{Wide,Byte}String::LockBuffer().  Prelude to a vast
simplification. There's an additional copy now in one place, so
shoot me.

BUG=pdfium:144
R=thestig@chromium.org

Committed: https://pdfium.googlesource.com/pdfium/+/ee7412f5aef353e5c6f1a64d0e1708ed926869d9

Committed: https://pdfium.googlesource.com/pdfium/+/5a256ad29483eb2b13e6e2c89fe0f77a9103f68f

Review URL: https://codereview.chromium.org/1053613004

4 years agoPin V8 version until initialization issue in b584bab resolved.
Tom Sepez [Tue, 28 Apr 2015 20:29:01 +0000]
Pin V8 version until initialization issue in b584bab resolved.

TBR=thestig@chromium.org

Review URL: https://codereview.chromium.org/1108913004

4 years agoRevert "Make CFX_WideString::LockBuffer() completely unused."
Tom Sepez [Tue, 28 Apr 2015 19:33:56 +0000]
Revert "Make CFX_WideString::LockBuffer() completely unused."

This reverts commit 5a256ad29483eb2b13e6e2c89fe0f77a9103f68f.
Reason for revert: broke JS tests.

TBR=thestig@chromium.org

Review URL: https://codereview.chromium.org/1112673002

4 years agoMake CFX_WideString::LockBuffer() completely unused.
Tom Sepez [Tue, 28 Apr 2015 19:25:39 +0000]
Make CFX_WideString::LockBuffer() completely unused.

Then remove CFX_{Wide,Byte}String::LockBuffer().  Prelude to a vast
simplification. There's an additional copy now in one place, so
shoot me.

BUG=pdfium:144
R=thestig@chromium.org

Committed: https://pdfium.googlesource.com/pdfium/+/ee7412f5aef353e5c6f1a64d0e1708ed926869d9

Review URL: https://codereview.chromium.org/1053613004

4 years agoRevert "Make CFX_WideString::LockBuffer() completely unused."
Tom Sepez [Mon, 27 Apr 2015 22:10:00 +0000]
Revert "Make CFX_WideString::LockBuffer() completely unused."

This reverts commit ee7412f5aef353e5c6f1a64d0e1708ed926869d9.
Reason for revert: VS compile broke.

TBR=thestig@chromium.org

Review URL: https://codereview.chromium.org/1106333003

4 years agoMake CFX_WideString::LockBuffer() completely unused.
Tom Sepez [Mon, 27 Apr 2015 22:00:04 +0000]
Make CFX_WideString::LockBuffer() completely unused.

Then remove CFX_{Wide,Byte}String::LockBuffer().  Prelude to a vast
simplification. There's an additional copy now in one place, so
shoot me.

BUG=pdfium:144
R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1053613004

4 years agoSEGV in CFX_BaseSegmentedArray::Iterate() when CS has malformed dictionary.
Tom Sepez [Mon, 27 Apr 2015 20:24:03 +0000]
SEGV in CFX_BaseSegmentedArray::Iterate() when CS has malformed dictionary.

Failure to check document-controlled value before using it.

BUG=481363
R=palmer@chromium.org, thestig@chromium.org

Review URL: https://codereview.chromium.org/1110653002

4 years agoFix windows-specific usage of CFX_WideStr::operator LPCWSTR().
Tom Sepez [Mon, 27 Apr 2015 20:12:53 +0000]
Fix windows-specific usage of CFX_WideStr::operator LPCWSTR().

Carry-on from https://codereview.chromium.org/1108903002/

R=brucedawson@chromium.org

Review URL: https://codereview.chromium.org/1103343002

4 years agoReduce usage of operator LPCWSTR from CFX_WideString().
Tom Sepez [Mon, 27 Apr 2015 18:47:29 +0000]
Reduce usage of operator LPCWSTR from CFX_WideString().

This involves adding some explicit c_str() calls. Doing so flagged
PDF_EncodeText() and FindOptionValue() as having suboptimal signatures, in
that we are often throwing away a perfectly fine length and recomputing it.

There are still some platform-specific code that needs the operator.

R=brucedawson@chromium.org

Review URL: https://codereview.chromium.org/1101933003

4 years agoRevert "Kill operator LPCWSTR from CFX_WideString()."
Tom Sepez [Mon, 27 Apr 2015 18:31:26 +0000]
Revert "Kill operator LPCWSTR from CFX_WideString()."

This reverts commit 15a62973b9b89c3e229cc0ab501c45967f91b325.
Reason for revert: broke build on windows, mac.  I must have missed
some platform-specific conversions.

TBR=brucedawson@chromium.org

Review URL: https://codereview.chromium.org/1108883002

4 years agoKill operator LPCWSTR from CFX_WideString().
Tom Sepez [Mon, 27 Apr 2015 18:22:20 +0000]
Kill operator LPCWSTR from CFX_WideString().

This involves adding some explicit c_str() calls. Doing so flagged
PDF_EncodeText() and FindOptionValue() as having suboptimal signatures, in
that we are often throwing away a perfectly fine length and recomputing it.

R=brucedawson@chromium.org

Review URL: https://codereview.chromium.org/1101933003

4 years agoRemove unused nParamNum values from JS method tables.
Tom Sepez [Fri, 24 Apr 2015 00:50:57 +0000]
Remove unused nParamNum values from JS method tables.

The code to validate the number of parameters happens inside each particular
method, rather than prior to method dispatch. As such, there's no point in
having this number take up space in the table.

Add some test to cover at least some of the per-method validations, and
update error messages to be more useful.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1084183008

4 years agoKill overloaded cast operators in CJS_Value.
Tom Sepez [Thu, 23 Apr 2015 18:23:10 +0000]
Kill overloaded cast operators in CJS_Value.

The red-flag here is the explicit invocation of things like
    params[1].operator CFX_WideString()

rather than
    static_cast<CFX_WideString>(params[1])

to invoke the conversion.  Turns out the above won't compile due to
ambiguity given the number of implicit constructors for widestrings.
CJS_Value has both constructors and assignment operators for the
primitive types, which means that conversions can take place
unexpectedly in both directions, a second red flag.

We don't want the compiler invoking these at will since it may hide
bugs. In fact, when they are removed, three such places were
discovered.

Also rename ToJSValue to ToV8Value to match the other ToV8xxxxx
functions added.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1096813008