pdfium.git
4 years agoRevert "Move libopenjpeg to third_party/"
Tom Sepez [Thu, 18 Jun 2015 00:30:47 +0000]
Revert "Move libopenjpeg to third_party/"

This reverts commit c7a17bf9cdb0d646aa8b653e6ab2678a1837ed6a.

4 years agoMove libopenjpeg to third_party/
Tom Sepez [Thu, 18 Jun 2015 00:17:14 +0000]
Move libopenjpeg to third_party/

We get to delete a whole bunch of fx_foo.c files that did nothing
but #include "foo.c" after defining _CRT_SECURE_NO_WARNINGS. Do this
from the .gyp/.gn files instead.

Also sort some "config"s in .gn file.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1185373010.

4 years agoReplace some Release() calls with virtual destructors.
Tom Sepez [Wed, 17 Jun 2015 23:38:51 +0000]
Replace some Release() calls with virtual destructors.

A virtual method that does |delete this| is an anti-pattern.
Some classes can be de-virtualized instead.
Throw in some unique_ptrs and delete dead code for good measure.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1192013002.

4 years agoRun GYP after gclient sync.
Tom Sepez [Wed, 17 Jun 2015 22:46:38 +0000]
Run GYP after gclient sync.

Makes the behaviour consistent with chromium.
Also fix some indentation.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1193563002.

4 years agoMove libjpeg to third_party/
Tom Sepez [Wed, 17 Jun 2015 22:24:01 +0000]
Move libjpeg to third_party/

Removal of fpdfapi_ suffix can be part of a future CL.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1186113005.

4 years agoMove lcms2 into third_party
Tom Sepez [Wed, 17 Jun 2015 17:48:05 +0000]
Move lcms2 into third_party

Second CL to apply less restrictive flags to third party.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1181943008.

4 years agoSeparate agg-authored code from fx-authored code.
Tom Sepez [Tue, 16 Jun 2015 23:29:44 +0000]
Separate agg-authored code from fx-authored code.

Creates a separate library so we can apply less-strict warnings to
the code we can't change from upstream vs. the code we can change,
reducing noise in the standalone build.

Remove needless foo.{cpp,h} files that merely perform indirection
via #include "some_other_path/foo.{cpp,h}".

BUG=pdfium:166
R=brucedawson@chromium.org, thestig@chromium.org

Review URL: https://codereview.chromium.org/1152743007.

4 years agoAdd constructor for CPDF_ColorSpace.
Tom Sepez [Tue, 16 Jun 2015 23:18:47 +0000]
Add constructor for CPDF_ColorSpace.

Prevents sub-classes from tweaking parent class instance vars.

Also "fix" https://code.google.com/p/pdfium/issues/detail?id=170, assuming 0 is a good value.

BUG=pdfium:170
R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1185903002.

4 years agoMake CPDF_PageModuleDef and CPDF_RenderModuleDef pure virtual.
Lei Zhang [Tue, 16 Jun 2015 00:15:12 +0000]
Make CPDF_PageModuleDef and CPDF_RenderModuleDef pure virtual.

Get rid of the dummy implementations, which are never used when
the modules have been initialized.

R=tsepez@chromium.org

Review URL: https://codereview.chromium.org/1177383003.

4 years agoDo some IWYU cleanups.
Lei Zhang [Mon, 15 Jun 2015 23:44:14 +0000]
Do some IWYU cleanups.

R=tsepez@chromium.org

Review URL: https://codereview.chromium.org/1176333002.

4 years agoProvide a constructor for CPDF_CountedObject.
Tom Sepez [Mon, 15 Jun 2015 23:43:26 +0000]
Provide a constructor for CPDF_CountedObject.

Make members protected and remove external manipulations.
Move "*" into template since its always an indirection.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1182903002.

4 years agoRemove some dead code.
Lei Zhang [Mon, 15 Jun 2015 18:45:48 +0000]
Remove some dead code.

Review URL: https://codereview.chromium.org/1186673005.

4 years agoFix -Winconsistent-missing-override warnings.
Lei Zhang [Mon, 15 Jun 2015 18:41:44 +0000]
Fix -Winconsistent-missing-override warnings.

R=tsepez@chromium.org

Review URL: https://codereview.chromium.org/1187463003.

4 years agoRemove unneeded checks in CPDF_DocPageData::GetFontFileStreamAcc().
Lei Zhang [Sat, 13 Jun 2015 02:14:11 +0000]
Remove unneeded checks in CPDF_DocPageData::GetFontFileStreamAcc().

The input cannot be null. Same for CPDF_Document::LoadFontFile().

Also set the contract for CPDF_Document::LoadFont() and adjust callers
accordingly.

Also remove unused CPDF_Document::FindFont().

R=tsepez@chromium.org

Review URL: https://codereview.chromium.org/1184673002.

4 years agoCorpus tests check for unexpected successes.
Tom Sepez [Fri, 12 Jun 2015 16:11:00 +0000]
Corpus tests check for unexpected successes.

Update run_corpus_tests.py to always run all test cases, and just
ignore the results that are supposed to fail.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1178393002.

4 years agoRemove trailing whitespaces in core.
Lei Zhang [Thu, 11 Jun 2015 22:17:59 +0000]
Remove trailing whitespaces in core.

R=tsepez@chromium.org

Review URL: https://codereview.chromium.org/1177973008.

4 years agoRemove unused reflow code.
Lei Zhang [Thu, 11 Jun 2015 21:59:16 +0000]
Remove unused reflow code.

R=tsepez@chromium.org

Review URL: https://codereview.chromium.org/1181803002.

4 years agoRemove trailing whitespaces in fpdfsdk.
Lei Zhang [Thu, 11 Jun 2015 21:00:52 +0000]
Remove trailing whitespaces in fpdfsdk.

R=tsepez@chromium.org

Review URL: https://codereview.chromium.org/1173343004.

4 years agoCorrect unexpected hinting fonts
Tom Sepez [Thu, 11 Jun 2015 20:25:12 +0000]
Correct unexpected hinting fonts

If the font is 'tricky', it needs to be hinted by default according to the description in freetype.

BUG=490814
R=tsepez@chromium.org

Committed: https://pdfium.googlesource.com/pdfium/+/7a2fcd8d1256c267380b40f2d2d8e98c3b181cee

Review URL: https://codereview.chromium.org/1170313003.

4 years agoCleanup: Get this rid of "this->" in fpdfsdk/
Lei Zhang [Thu, 11 Jun 2015 20:03:09 +0000]
Cleanup: Get this rid of "this->" in fpdfsdk/

Also remove commented out code and trailing whitespaces.

R=tsepez@chromium.org

Review URL: https://codereview.chromium.org/1179653005.

4 years agoKill FXSYS_mem{cpy,cmp,set.move}{32,8}.
Tom Sepez [Thu, 11 Jun 2015 19:05:04 +0000]
Kill FXSYS_mem{cpy,cmp,set.move}{32,8}.

At one point in time, it may have made sense to indicate the
expected alignment of the memory you're about to copy, but that
was last century. The compiler will take care of it just fine.

I stopped short of removing the FXSYS_ wrapper macros entirely.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1179693003.

4 years agoCleanup: Remove uses of "this->" in core/
Lei Zhang [Thu, 11 Jun 2015 06:33:26 +0000]
Cleanup: Remove uses of "this->" in core/

R=tsepez@chromium.org

Review URL: https://codereview.chromium.org/1173223002.

4 years agoConvert CPDF_FontFileMap to std::map.
Lei Zhang [Thu, 11 Jun 2015 02:24:29 +0000]
Convert CPDF_FontFileMap to std::map.

R=tsepez@chromium.org

Review URL: https://codereview.chromium.org/1144333008.

4 years agoConvert CPDF_IccProfileMap to use std::map.
Lei Zhang [Thu, 11 Jun 2015 02:23:32 +0000]
Convert CPDF_IccProfileMap to use std::map.

R=tsepez@chromium.org

Review URL: https://codereview.chromium.org/1143133008.

4 years agoRemove FX_BSTR and FX_WSTR typedefs.
Tom Sepez [Wed, 10 Jun 2015 23:51:15 +0000]
Remove FX_BSTR and FX_WSTR typedefs.

These stand for const CFX_{Byte,Wide}StringC&, which is just
monumentally confusing, since there are so many string types
running around here.

The following had manual changes:
core/src/fpdfapi/fpdf_edit/fpdf_edit_content.cpp
core/src/fpdfapi/fpdf_render/fpdf_render_loadimage.cpp
core/src/fpdfdoc/doc_form.cpp
fpdfsdk/src/fpdf_ext.cpp

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1180593004.

4 years agoFix font rendering issues because of an incorrect transform.
John Abd-El-Malek [Wed, 10 Jun 2015 22:44:42 +0000]
Fix font rendering issues because of an incorrect transform.

This regressed in https://pdfium.googlesource.com/pdfium/+/71c24b839498fb89184002ed30fcff353e1e402c. The code would reach into FreeType internals and reset transform_flags. This would effectively set the font's transform matrix to the identity (since a transform is only used if the flag is set). I removed it because I assumed this is only a cache, and any other place that would call FT_Load_Glyph would have set a transform first. Apparently that's not the case (verified through adding some additional code). The fix is to reset the transform matrix after changing it. This is functionally equivalent to the previous behavior, since if the flag was 0 but there was a transform, it would be ignored until another transform is set.

BUG=479434
R=tsepez@chromium.org

Review URL: https://codereview.chromium.org/1163423005.

4 years agoConvert CPDF_ImageMap to std::map.
Lei Zhang [Wed, 10 Jun 2015 22:25:22 +0000]
Convert CPDF_ImageMap to std::map.

Also simplify CPDF_DocPageData::ReleaseIccProfile() since its first
argument is always null.

R=tsepez@chromium.org

Review URL: https://codereview.chromium.org/1149273004.

4 years agoCache the CPDF_Annot's subtype, since it should never changes.
Lei Zhang [Wed, 10 Jun 2015 20:29:24 +0000]
Cache the CPDF_Annot's subtype, since it should never changes.

BUG=495300
R=tsepez@chromium.org

Review URL: https://codereview.chromium.org/1178513002.

4 years agoConvert CPDF_PatternMap to std::map.
Lei Zhang [Wed, 10 Jun 2015 20:18:06 +0000]
Convert CPDF_PatternMap to std::map.

R=tsepez@chromium.org

Review URL: https://codereview.chromium.org/1162123004.

4 years agoCleanup: Remove CFFL_IFormFiller::GetCommitKey() that always returns 0.
Lei Zhang [Wed, 10 Jun 2015 18:47:08 +0000]
Cleanup: Remove CFFL_IFormFiller::GetCommitKey() that always returns 0.

Remove callers and related code that all just pass zeros around.

Also remove CFFL_IFormFiller::GetKeyDown().

R=tsepez@chromium.org

Review URL: https://codereview.chromium.org/1149623012.

4 years agoConvert CPDF_ColorSpaceMap to std::map.
Lei Zhang [Wed, 10 Jun 2015 18:32:54 +0000]
Convert CPDF_ColorSpaceMap to std::map.

R=tsepez@chromium.org

Review URL: https://codereview.chromium.org/1154963003.

4 years agoRemove typdefs for pointer types in fx_system.h.
Tom Sepez [Wed, 10 Jun 2015 18:09:44 +0000]
Remove typdefs for pointer types in fx_system.h.

This involves fixing some multiple variable per line
declarations, as the textually-substituted "*" applies
only to the first one.

This involves moving some consts around following the
substitution.

This involves replacing some typedefs used as constructors
with better code.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1171733003

4 years agoConvert CPDF_FontMap to std::map.
Lei Zhang [Wed, 10 Jun 2015 17:40:57 +0000]
Convert CPDF_FontMap to std::map.

R=tsepez@chromium.org

Review URL: https://codereview.chromium.org/1151133004.

4 years agoRevert 'Correct unexpected hinting fonts'
JUN FANG [Tue, 9 Jun 2015 23:49:44 +0000]
Revert 'Correct unexpected hinting fonts'

TBR=tsepez@chromium.org

BUG=N/A

Review URL: https://codereview.chromium.org/1174583003

4 years agoCorrect unexpected hinting fonts
JUN FANG [Tue, 9 Jun 2015 23:28:53 +0000]
Correct unexpected hinting fonts

If the font is 'tricky', it needs to be hinted by default according to the description in freetype.

BUG=490814
R=tsepez@chromium.org

Review URL: https://codereview.chromium.org/1170313003

4 years agoUse stdint.h types throughout PDFium.
Tom Sepez [Tue, 9 Jun 2015 18:30:25 +0000]
Use stdint.h types throughout PDFium.

It's redundant nowadays to provide our own equivalents, now
that this is done for us by the system header.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1177483002

4 years agoRemove more cruft from fx_system.h
Tom Sepez [Tue, 9 Jun 2015 00:25:42 +0000]
Remove more cruft from fx_system.h

- include system headers first and alphabetize.
- remove unsupported FX_WIN32_MOBILE symbol.
- actually define  a FX_WIN64 symbol and make consistent.
- use final/override, not FX_FINAL.
- let stdint.h resolve FX_WORDSIZE concerns.
- unused FX_ERR and FX_SUCCESS() macros.
- unused FX_LSB_FIRST macro.
- outline FX type deprecation plan.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1169963003

4 years agoFix potentially massive memory leak in CPDF_DIBSource::LoadJpxBitmap().
Lei Zhang [Mon, 8 Jun 2015 20:24:48 +0000]
Fix potentially massive memory leak in CPDF_DIBSource::LoadJpxBitmap().

Leaks can happen in several places. For this particular bug, it happens
when there is a colorspace component count mismatch.

BUG=497191
R=tsepez@chromium.org

Review URL: https://codereview.chromium.org/1153633009

4 years agoCleanup: Make CPDF_Annot::m_pAnnotDict private.
Lei Zhang [Fri, 5 Jun 2015 22:28:03 +0000]
Cleanup: Make CPDF_Annot::m_pAnnotDict private.

Remove dead code in CPDF_Annot as well.

R=tsepez@chromium.org

Review URL: https://codereview.chromium.org/1157773012

4 years agoAdd move constructor for FX string types.
Tom Sepez [Fri, 5 Jun 2015 22:23:50 +0000]
Add move constructor for FX string types.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1162203007

4 years agoStandalone checkout gets buildtools.
Tom Sepez [Fri, 5 Jun 2015 20:34:44 +0000]
Standalone checkout gets buildtools.

This will pull in the checkdeps utility for standalone builds.
Write some include rules, too.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1149623011

4 years agoFix bad include path in fpdfview.cpp
Tom Sepez [Fri, 5 Jun 2015 20:24:21 +0000]
Fix bad include path in fpdfview.cpp

Caught by checkdeps rules.  That this still compiled is probably due to
some stray -I flag somewhere.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1149213008

4 years agoMove fx_safe_types.h to include/ directory.
Tom Sepez [Fri, 5 Jun 2015 01:53:39 +0000]
Move fx_safe_types.h to include/ directory.

Small bit of OCD here, since this file is included cross-library
(i.e. from fpdfsk), it can't be in src/.  In other words, the
following should be empty:
    grep -R 'include.*core/src/' fpdfsdk

Fix some IWYU in it at the same time.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1147353006

4 years agoKill unused IPDF_ classes.
Tom Sepez [Wed, 3 Jun 2015 23:09:12 +0000]
Kill unused IPDF_ classes.

Some are simply never defined.  Some are never instantiated.  Some have
paths that are never reached.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1168503003

4 years agoFix fx_basic_memmgr_unittest.cpp under stricter GN rules
Tom Sepez [Wed, 3 Jun 2015 19:05:33 +0000]
Fix fx_basic_memmgr_unittest.cpp under stricter GN rules

This caused a revert of the PDFium roll.

TBR=thestig@chromium.org

Review URL: https://codereview.chromium.org/1165863003

4 years agoAutomated test case for 487928.
Tom Sepez [Tue, 2 Jun 2015 23:51:07 +0000]
Automated test case for 487928.

Reproducing this bug requires the embedder to fire timers, something the
single-pass pdfium-test binary doesn't do properly at the present. So
we modify the embedder test delegate to allow the immediate triggering
of the same.

Perform some cleanup along the way by removing EmbedderTestDefaultDelegate
-- it buys us nothing over the the no-op one.

And, of course, v8 initialization is busted again, and we need v8 here.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1153213004

4 years agoFix windows compile: fix size_t vs. int mismatch
Tom Sepez [Tue, 2 Jun 2015 22:34:19 +0000]
Fix windows compile: fix size_t vs. int mismatch

As indicated by:
http://build.chromium.org/p/tryserver.chromium.win/builders/win_chromium_x64_rel_ng/builds/63417/steps/compile%20%28with%20patch%29/logs/stdio

R=thestig@chromium.org
TBR=thestig@chromium.org

Review URL: https://codereview.chromium.org/1160293003

4 years agokill IPDF_DocParser().
Tom Sepez [Tue, 2 Jun 2015 21:19:00 +0000]
kill IPDF_DocParser().

Its fine to program to interfaces, but since the sole concrete implementation
is in the same header as the interface, the code is bypassing it anyways. We
can de-virtualize some things along the way, and remove two non-existent
function prototypes from one of the headers.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1158053003

4 years agoFix heap use after free in Document::DoFieldDelay and Document::delay
Tom Sepez [Tue, 2 Jun 2015 17:09:49 +0000]
Fix heap use after free in Document::DoFieldDelay and Document::delay

This fix removes CJS_DelayData object from m_DelayData array and copies them to
a new array, before processing them. So contents of m_DelayData array cannot be
used after they get freed.

BUG=487928

R=tsepez@chromium.org

TEST= Chrome pdf plugin should not crash when poc_stable,testuafdocument1.pdf
      and testuafdocument2.pdf are viewed.
      see crbug.com/487928 and crbug.com/487928#c18 for more details.

Review URL: https://codereview.chromium.org/1163823002

4 years agoAdd missing comma to third_party.gyp
Bruce Dawson [Mon, 1 Jun 2015 21:44:52 +0000]
Add missing comma to third_party.gyp

A reference to nonstd_unique_ptr.h was added with
https://codereview.chromium.org/1091283002 but a comma is missing
after it. This causes this string to be concatenated with the next,
leading to broken sources. This went unnoticed by the build due to
the fact that the affected sources are both headers, but they should
be properly separated.

R=brucedawson@chromium.org

Review URL: https://codereview.chromium.org/1156663006

4 years agoRun V8 in predictable mode for pdfium_test
Jochen Eisinger [Fri, 29 May 2015 08:22:32 +0000]
Run V8 in predictable mode for pdfium_test

This won't post tasks to the background threads

BUG=none
R=kcc@chromium.org, tsepez@chromium.org

Review URL: https://codereview.chromium.org/1157123003

4 years agoFix suppressions for 2015-05-28 drop
Tom Sepez [Thu, 28 May 2015 21:26:49 +0000]
Fix suppressions for 2015-05-28 drop

TBR=thestig@chromium.org

Review URL: https://codereview.chromium.org/1154993003

4 years agoRoll DEPS to pick up 2015-05-28 corpus drop.
Tom Sepez [Thu, 28 May 2015 21:00:30 +0000]
Roll DEPS to pick up 2015-05-28 corpus drop.

This will undoubtedly RED the tree due to differences in platforms
and environments.  A subsequent CL will add suppressions to get back
to GREEN.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1153393004

4 years agoFix ALL the include guards.
Tom Sepez [Thu, 28 May 2015 20:09:35 +0000]
Fix ALL the include guards.

Get rid of leading _CAPITAL identifiers.
A large number of these didn't actually match the filename.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1160443004

4 years agoRemove rendundant ../include from paths of files in include/ directory
Tom Sepez [Wed, 27 May 2015 23:07:42 +0000]
Remove rendundant ../include from paths of files in include/ directory

Tiny bit of tidying I noticed while trying to figure out include rules.

In other words,
   cd core/include
   git grep 'include.*include'
   git grep 'include.*src'

Should produce no output, and

   cd fpdfsdk/include
   git grep 'include.*include' | grep -v ../core/include
   git grep 'include.*src'

Should produce no output as well.

Fix some IWYU, header guards, include ordering, whitespace along the way.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1162453003

4 years agoUpgrade openjpeg to r3002
JUN FANG [Tue, 26 May 2015 19:14:39 +0000]
Upgrade openjpeg to r3002

BUG=459215
R=tsepez@chromium.org

Review URL: https://codereview.chromium.org/1160663002

4 years agoUpdate copy of safe_math_impl.h to take a fix from upstream:
Tom Sepez [Thu, 21 May 2015 22:08:17 +0000]
Update copy of safe_math_impl.h to take a fix from upstream:

Fix a division by zero when multiplying 0 * y with SafeNumerics.

BUG=488302
R=jschuh@chromium.org

Review URL: https://codereview.chromium.org/1126243007

4 years agoFix four annoying warnings:
Tom Sepez [Thu, 21 May 2015 21:54:17 +0000]
Fix four annoying warnings:
Two "set but unused", one of which is surely an artifact from
copying code around, and the other which ought to be used for
the sake of clarity.

Two are unknown "optimize" pragmas, remove them since the code
has been shipped for years on other platforms under full optimization.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1148353002

4 years agoFix an endless loop in CJBig2_HuffmanTable::parseFromCodedBuffer
JUN FANG [Thu, 21 May 2015 16:56:11 +0000]
Fix an endless loop in CJBig2_HuffmanTable::parseFromCodedBuffer

This issue is trigged by the conversion from unsigned int to signed int.
A large unsigned int is converted to int. It's represented as a negative
int which is used in the condition of while later.

BUG=482639
R=brucedawson@chromium.org

Review URL: https://codereview.chromium.org/1146913003

4 years agoGet test running scripts to detect and report common error.
Bruce Dawson [Wed, 20 May 2015 23:52:05 +0000]
Get test running scripts to detect and report common error.

testing/tools/run_corpus_tests.py assumes a debug build and will
fail cryptically if only a release build is available.

Arguably there shouldn't be a default because having one could lead
to accidentally running a stale version, but that is probably too
much of a change.

R=tsepez@chromium.org

Review URL: https://codereview.chromium.org/1150823003

4 years agoInteger overflow in CJBig2_Image::expand
JUN FANG [Wed, 20 May 2015 19:25:56 +0000]
Integer overflow in CJBig2_Image::expand

1. New size should be larger than old size in JBig2_Realloc.
2. Arguments are integers but parameters are size_t in JBIG2_memset.
   After integer overflows, it will be presented as a huge
   unsigned number on 64 bits system.

BUG=483981
R=brucedawson@chromium.org, tsepez@chromium.org

Review URL: https://codereview.chromium.org/1148643002

4 years agoTidy public fpdfview.h and fpdf_flatten.h.
Tom Sepez [Wed, 20 May 2015 17:00:19 +0000]
Tidy public fpdfview.h and fpdf_flatten.h.

Mostly cosmetic; fix a spelling error, make comment style
consistent, remove unnecessary #ifdefs, remove unused globals.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1139993003

4 years agoTurn on warnings for usage of disabled V8 APIs
Jochen Eisinger [Wed, 20 May 2015 08:07:00 +0000]
Turn on warnings for usage of disabled V8 APIs

R=vogelheim@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1146933002

4 years agoRe-land: Remove FX_Alloc() null checks now that it can't return NULL.
Tom Sepez [Tue, 19 May 2015 22:19:32 +0000]
Re-land: Remove FX_Alloc() null checks now that it can't return NULL.

Fixes the ordering of some assignments broken when converting to checked
numerics in CFX_PathData::AddPointCount().

Original Review URL: https://codereview.chromium.org/1142713005

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1135893008

4 years agoRevert "Remove FX_Alloc() null checks now that it can't return NULL."
Tom Sepez [Tue, 19 May 2015 21:56:52 +0000]
Revert "Remove FX_Alloc() null checks now that it can't return NULL."

This reverts commit eb6527763171cdb4b0fbfea5a20d691f4d67b660.

Reason for revert: broke javascript tests.
TBR=thestig@chromium.org

Review URL: https://codereview.chromium.org/1145843005

4 years agoRemove FX_Alloc() null checks now that it can't return NULL.
Tom Sepez [Tue, 19 May 2015 21:48:00 +0000]
Remove FX_Alloc() null checks now that it can't return NULL.

This permits some functions to become void's since
they, in turn, can't fail.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1142713005

4 years agoFix Heap Overflow in CJBig2_Image::expand
JUN FANG [Tue, 19 May 2015 21:44:13 +0000]
Fix Heap Overflow in CJBig2_Image::expand

Integer overflow in CJBig2_Image::expand.
It causes the size of reallocated is not
expected.

BUG=483981
R=tsepez@chromium.org

Review URL: https://codereview.chromium.org/1131023008

4 years agoCleanup if early return from opj_j2k_copy_default_tcp_and_create_tcd().
Tom Sepez [Mon, 18 May 2015 22:46:54 +0000]
Cleanup if early return from opj_j2k_copy_default_tcp_and_create_tcd().

The opj_j2k_copy_default_tcp_and_create_tcp() function memcpy's a top-level
struct, and then replaces pointers to memory owned by the original struct
with new blocks of memory. Unfortunately, an early return can leave the
copy with pointers to memory it doesn't own, which causes problems when
cleaning up the partially-initialized struct.

The referenced bug is triggered when we get a return at original
line 7969 or 7385 due to OOM.

Moral of the story: creating a "copy constructor" equivalent
based on memcpy() instead of copying field by field for structs
containing pointers is usually a bad idea.

BUG=486538
R=jun_fang@foxitsoftware.com

Review URL: https://codereview.chromium.org/1138033007

4 years agoReplace v8::Handle with v8::Local and v8::Persistent with v8::Global
Jochen Eisinger [Mon, 18 May 2015 22:33:06 +0000]
Replace v8::Handle with v8::Local and v8::Persistent with v8::Global

those types are just aliases, and we should consistently use the new version

R=tsepez@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1138823004

4 years agoChange FX_Alloc to FX_Try_Alloc in _JpegEncode
JUN FANG [Mon, 18 May 2015 21:36:00 +0000]
Change FX_Alloc to FX_Try_Alloc in _JpegEncode

This CL is used for:
1. keeping the same logic as before (the behaviour
   of FX_Alloc was changed for OOM).
2. fixing a potential integer overflow.

BUG=N/A
R=tsepez@chromium.org

Review URL: https://codereview.chromium.org/1126013006

4 years agoAdd safe FX_Alloc2D() macro
Tom Sepez [Mon, 18 May 2015 21:18:08 +0000]
Add safe FX_Alloc2D() macro

This avoids unchecked multiplications when computing a size argument
to malloc(). Such an overflow is very scary, and can result in
exploitable bugs.

Along the way, kill off some return checks, since we know this can't
return NULL.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1143663004

4 years agoAdd myself to OWNERS file
Jochen Eisinger [Sun, 17 May 2015 11:10:19 +0000]
Add myself to OWNERS file

R=tsepez@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1133333005

4 years agoReplace deprecated with non-deprecated V8 APIs
Jochen Eisinger [Sun, 17 May 2015 11:07:02 +0000]
Replace deprecated with non-deprecated V8 APIs

In most cases, we just CHECK() that no exception was thrown. Previously,
we'd just crash.

Ideally, this should all be fixed and the system should cope with those
exceptions, but that's beyond this CL.

R=tsepez@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1126203010

4 years agoFix leaks in embedder test's FlateEncode() usage and in FlateEncode().
Lei Zhang [Fri, 15 May 2015 23:09:12 +0000]
Fix leaks in embedder test's FlateEncode() usage and in FlateEncode().

For FlateEncode(), error handling code leaked memory.

R=tsepez@chromium.org

Review URL: https://codereview.chromium.org/1144603002

4 years agoDisable allocation tests that hose the bot.
Tom Sepez [Fri, 15 May 2015 22:33:25 +0000]
Disable allocation tests that hose the bot.

Triggering allocation failure can be ... slow. See

http://build.chromium.org/p/client.pdfium/builders/win/builds/126

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1142463005

4 years agoInitialize members of CPDF_TextPageFind class.
Lei Zhang [Fri, 15 May 2015 22:19:12 +0000]
Initialize members of CPDF_TextPageFind class.

R=tsepez@chromium.org

Review URL: https://codereview.chromium.org/1137933004

4 years agoFix leaks in the embedder tests themselves.
Lei Zhang [Fri, 15 May 2015 22:13:25 +0000]
Fix leaks in the embedder tests themselves.

Also change EmbedderTest::TearDown() to match the destruction order in
Chromium's PDF code.

R=tsepez@chromium.org

Review URL: https://codereview.chromium.org/1138143003

4 years agoAbort on OOM by default in FX_Alloc().
Tom Sepez [Fri, 15 May 2015 22:07:20 +0000]
Abort on OOM by default in FX_Alloc().

Add a FX_TryAlloc() for those few cases where we might need to continue
in face of OOM.

Remove FX_AllocNL() (the context of its use would suggest that NL
means "No Limit"). This is used for some big allocations, so replace
it with TryAlloc().  Large allocations may be worth trying to continue
from, since there are few and they have a large chance of failing.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1128043009

4 years agoRemove FX_NEW_VECTOR() macros.
Tom Sepez [Fri, 15 May 2015 20:50:07 +0000]
Remove FX_NEW_VECTOR() macros.

There isn't much point in having macros that obscure obvious
language features.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1135273004

4 years agoFix potential UAF in ConcatInPlace.
Tom Sepez [Fri, 15 May 2015 15:44:31 +0000]
Fix potential UAF in ConcatInPlace.

If ConcatCopy somehow gets a zero nNewlen, it returns early, without
allocating a new m_Data.  ConcatInPlace then frees the old one, leaving
m_Data dangling.

Also be concerned about the multiplication in the widestring version.
So use wmemcpy and let the library cope with it.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1130763007

4 years agoFix another batch of compiler warnings.
Lei Zhang [Fri, 15 May 2015 05:06:54 +0000]
Fix another batch of compiler warnings.

Also fix typos and remove trailing spaces/tabs.

R=tsepez@chromium.org

Review URL: https://codereview.chromium.org/1141123002

4 years agoMake CFX_StringData be scoped by CFX_Bytestring and add methods.
Tom Sepez [Thu, 14 May 2015 21:26:31 +0000]
Make CFX_StringData be scoped by CFX_Bytestring and add methods.

This is a precondition for someday combining Byte/Wide strings
via templates.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1142533002

4 years agoFix integer overflow in conversion from float to integer.
JUN FANG [Thu, 14 May 2015 00:25:40 +0000]
Fix integer overflow in conversion from float to integer.

BUG=471991
R=brucedawson@chromium.org

Review URL: https://codereview.chromium.org/1141613002

4 years agoUse phantom handles instead of weak handles
Jochen Eisinger [Thu, 14 May 2015 00:00:44 +0000]
Use phantom handles instead of weak handles

Phantom handles allow for freeing objects with one pass of GC. However,
this means that by the time the callback is invoked, the v8 object already
does no longer exist. To avoid accidential access to the dead object, there
are now two callbacks, where the first must only reset the handle, and the
second does the clean-up work.

R=tsepez@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1129253004

4 years agoTidy public/ directory.
Tom Sepez [Wed, 13 May 2015 23:39:41 +0000]
Tidy public/ directory.

- Make include guards consistent with standard and filenames.
- Remove stray semicolon folowing extern "C" section close-brace.
- Untabify.
- Delete trailing whitespace.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1128003005

4 years agoFix comparison of CFX_ByteString and CFX_WideString against empty literals.
Tom Sepez [Wed, 13 May 2015 21:16:51 +0000]
Fix comparison of CFX_ByteString and CFX_WideString against empty literals.

Also corrects some ASSERT_'s to EXPECT_'s in the test.

BUG=pdfium:160
R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1141763002

4 years agoSet pointers in internal fields directly instead of wrapping them
Jochen Eisinger [Wed, 13 May 2015 00:31:02 +0000]
Set pointers in internal fields directly instead of wrapping them

The internal fields are scanned by the garbage collector, so they can't contain arbitrary data. However, aligned pointers are supported by the V8 GC, so the V8
API allows for setting a pointer directly instead of wrapping it in an External
container.

Not only is this faster, but it's also required for the new v8::Global API which
I'm going to update to in a follow-up patch.

R=tsepez@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1139853003

4 years agoMake (and verify) public/ files compile under C.
Tom Sepez [Tue, 12 May 2015 23:17:04 +0000]
Make (and verify) public/ files compile under C.

This involves adding some missing extern "C" { } declarations,
using FPDF_ types instead of C++ types, and converting pass
by reference arguments into pointers.

Test this using fpdfview_embedertest for simplicity.

BUG=pdfium:158
R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1130843003

4 years agoDescribe required properties of public/ files with a README.
Tom Sepez [Tue, 12 May 2015 22:44:39 +0000]
Describe required properties of public/ files with a README.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1140833002

4 years agoRestore checked strlen conversions.
Tom Sepez [Tue, 12 May 2015 21:49:29 +0000]
Restore checked strlen conversions.

The checked conversion can be re-enabled now that there is a public
API free of private headers like this one.

This reverts commit 6661fd4c26106cd530d187b36f29be7e5c98b70f.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1133323003

4 years agoNEW public API for pdfwindow font manipulation.
Tom Sepez [Tue, 12 May 2015 19:24:22 +0000]
NEW public API for pdfwindow font manipulation.

PDFium side of fix to make chromium free of private header
includes.  This moves the one snippet of contaminating code
from chrome to PDFium itself.

BUG=486818
R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1126283004

4 years agoAdd owners file for PDFium.
Tom Sepez [Mon, 11 May 2015 23:32:41 +0000]
Add owners file for PDFium.

This is currently blocking a PDFium roll in chrome, see
http://build.chromium.org/p/tryserver.chromium.linux/builders/chromium_presubmit/builds/62816/steps/presubmit/logs/stdio

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1136533003

4 years agoCreate top-level public/ header directory.
Tom Sepez [Mon, 11 May 2015 21:27:24 +0000]
Create top-level public/ header directory.

These are the only files that embedders of PDFium should be including.
They are entirely self-contained, and compile cleanly against -Wall so
as to not offend the code that may include them.

Having done this, we can see that chromium is pulling in two additional
files from the fpdfsdk/include/pdfwindow directory, which is not guaranteed
to work.

A few files are renamed, adding an "_" to make the names consistent.
The exception is fpdfview, which is doc'd as such in the doc.

Naturally, paths will need updating in a handful of files in chrome
when this rolls in.

BUG=pdfium:154
R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1135913002

4 years agoMove function prototypes to new doc_utils.h file
Tom Sepez [Fri, 8 May 2015 20:36:50 +0000]
Move function prototypes to new doc_utils.h file

... rather than redundantly declaring them in several .cpp files, and
hoping that the linker lines things up for you.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1128193004

4 years agoFix compilation under chromium checkouts.
Tom Sepez [Fri, 8 May 2015 20:21:18 +0000]
Fix compilation under chromium checkouts.

This is a fix to hide pdfium's safe_conversions.h from the
higher-level callers.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1132163002

4 years agoBetter error from pdfium_test when page too big to render.
Tom Sepez [Fri, 8 May 2015 18:53:53 +0000]
Better error from pdfium_test when page too big to render.

BUG=pdfium:114
R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1124423006

4 years agoFix errors from commit f0a169e.
Lei Zhang [Fri, 8 May 2015 18:33:26 +0000]
Fix errors from commit f0a169e.

- fread() returns the number of items read.
- fix a memory leak in error handling.

R=tsepez@chromium.org

Review URL: https://codereview.chromium.org/1135713004

4 years agoFix a bunch of -Wunused-but-set-variable warnings.
Lei Zhang [Fri, 8 May 2015 18:03:55 +0000]
Fix a bunch of -Wunused-but-set-variable warnings.

Also fix a few nits and other errors along the way.

R=tsepez@chromium.org

Review URL: https://codereview.chromium.org/1098583002

4 years agoSupport arrays in nonstd::unique_ptr<>.
Tom Sepez [Thu, 7 May 2015 00:29:29 +0000]
Support arrays in nonstd::unique_ptr<>.

This mimics the std:: behaviour.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1130053003

4 years agoManual revert of ad2a822ce5c3
Tom Sepez [Wed, 6 May 2015 23:09:05 +0000]
Manual revert of ad2a822ce5c3

Reason for revert: No longer needed in face of 9ea57a43faea
TBR=thestig@chromium.org

Review URL: https://codereview.chromium.org/1122423006