Invalidate GIF input buffer when moving file cursor backwards

The current implementation of the GIF codec does not handle the file
cursor moving backwards correctly. Specifically the input buffer that
the data is being read into is not invalidated, so if the entirity of
the buffer hasn't been consumed, a chunk of it will be moved to the
front before reading in more data, which is just
incorrect. Additionally, depending on the specific series of
operations, it is possible that the buffer was allocated for more
space then had been read into it and the uninitialized portion at the
end is being copied to the beginning.

The file cursor may move backwards when dealing with an animated gif
or other image with multiple frames, since all of the control data is
read in on load, and future calls specify what frame to fetch. The
code has been changed to treat the input buffer as invalid when moving
the cursor to a frame location, which will bypass any of the
problematic unused saving behaviour. A call to std::min has been added
to prevent allocation of an input buffer larger then the file size.

Additionally this CL refactors GifReadMoreData to be clearer about
what calculations are occuring, since the existing code reuses a
number of vaguely named variables, making it difficult to follow.

BUG=chromium:839348, chromium:839361

Change-Id: I2865658187bdf30bcad13ef4cac4f51a8966db11
Reviewed-on: https://pdfium-review.googlesource.com/32054
Reviewed-by: Henrique Nakashima <hnakashima@chromium.org>
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
2 files changed
tree: 8709b39b40f676e25da4c08cd940c5dbb53848cd
  1. build_overrides/
  2. constants/
  3. core/
  4. docs/
  5. fpdfsdk/
  6. fxbarcode/
  7. fxjs/
  8. infra/
  9. public/
  10. samples/
  11. skia/
  12. testing/
  13. third_party/
  14. tools/
  15. xfa/
  16. .clang-format
  17. .gitignore
  18. .gn
  19. AUTHORS
  20. BUILD.gn
  21. codereview.settings
  22. DEPS
  23. LICENSE
  24. navbar.md
  25. OWNERS
  26. pdfium.gni
  27. PRESUBMIT.py
  28. README.md
README.md

PDFium

Prerequisites

Get the chromium depot tools via the instructions at http://www.chromium.org/developers/how-tos/install-depot-tools (this provides the gclient utility needed below).

Also install Python, Subversion, and Git and make sure they're in your path.

Windows development

PDFium uses the same build tool as Chromium:

Open source contributors

Please refer to Chromium's Visual Studio set up for requirements and instructions on build environment configuration.

Run set DEPOT_TOOLS_WIN_TOOLCHAIN=0, or set that variable in your global environment.

Compilation is done through ninja, not Visual Studio.

CPU Architectures supported

The default architecture for Windows, Linux, and Mac is “x64”. On Windows, “x86” is also supported. GN parameter “target_cpu = "x86"” can be used to override the default value. If you specify Android build, the default CPU architecture will be “arm”.

It is expected that there are still some places lurking in the code which will not function properly on big-endian architectures. Bugs and/or patches are welcome, however providing this support is not a priority at this time.

Google employees

Run: download_from_google_storage --config and follow the authentication instructions. Note that you must authenticate with your @google.com credentials. Enter “0” if asked for a project-id.

Once you've done this, the toolchain will be installed automatically for you in the Generate the build files step below.

The toolchain will be in depot_tools\win_toolchain\vs_files\<hash>, and windbg can be found in depot_tools\win_toolchain\vs_files\<hash>\win_sdk\Debuggers.

If you want the IDE for debugging and editing, you will need to install it separately, but this is optional and not needed for building PDFium.

Get the code

The name of the top-level directory does not matter. In our examples, we use “repo”. This directory must not have been used before by gclient config as each directory can only house a single gclient configuration.

mkdir repo
cd repo
gclient config --unmanaged https://pdfium.googlesource.com/pdfium.git
gclient sync
cd pdfium

Additional build dependencies need to be installed by running:

./build/install-build-deps.sh

Generate the build files

We use GN to generate the build files and Ninja to execute the build files. Both of these are included with the depot_tools checkout.

Selecting build configuration

PDFium may be built either with or without JavaScript support, and with or without XFA forms support. Both of these features are enabled by default. Also note that the XFA feature requires JavaScript.

Configuration is done by executing gn args <directory> to configure the build. This will launch an editor in which you can set the following arguments. A typical <directory> name is out/Debug.

use_goma = true  # Googlers only. Make sure goma is installed and running first.
is_debug = true  # Enable debugging features.

pdf_use_skia = false  # Set true to enable experimental skia backend.
pdf_use_skia_paths = false  # Set true to enable experimental skia backend (paths only).

pdf_enable_xfa = true  # Set false to remove XFA support (implies JS support).
pdf_enable_v8 = true  # Set false to remove Javascript support.
pdf_is_standalone = true  # Set for a non-embedded build.
is_component_build = false # Disable component build (must be false)

clang_use_chrome_plugins = false  # Currently must be false.

Note, you must set pdf_is_standalone = true if you want the sample applications like pdfium_test to build.

When complete the arguments will be stored in <directory>/args.gn, and GN will automatically use the new arguments to generate build files. Should your files fail to generate, please double-check that you have set use_sysroot as indicated above.

Building the code

You can build the sample program by running: ninja -C <directory> pdfium_test You can build the entire product (which includes a few unit tests) by running: ninja -C <directory> pdfium_all.

Running the sample program

The pdfium_test program supports reading, parsing, and rasterizing the pages of a .pdf file to .ppm or .png output image files (windows supports two other formats). For example: <directory>/pdfium_test --ppm path/to/myfile.pdf. Note that this will write output images to path/to/myfile.pdf.<n>.ppm.

Testing

There are currently several test suites that can be run:

  • pdfium_unittests
  • pdfium_embeddertests
  • testing/tools/run_corpus_tests.py
  • testing/tools/run_javascript_tests.py
  • testing/tools/run_pixel_tests.py

It is possible the tests in the testing directory can fail due to font differences on the various platforms. These tests are reliable on the bots. If you see failures, it can be a good idea to run the tests on the tip-of-tree checkout to see if the same failures appear.

Code Coverage

Code coverage reports for PDFium can be generated in Linux development environments. Details can be found here.

Profiling

Valgrind and other profiling tools do not work correctly with the standard build setup that PDFium uses. You will need to add ro_segment_workaround_for_valgrind=true to args.gn to get symbols to correctly appear.

Waterfall

The current health of the source tree can be found at http://build.chromium.org/p/client.pdfium/console

Community

There are several mailing lists that are setup:

Note, the Reviews and Bugs lists are typically read-only.

Bugs

We use this bug tracker, but for security bugs, please use [Chromium's security bug template] (https://code.google.com/p/chromium/issues/entry?template=Security%20Bug) and add the “Cr-Internals-Plugins-PDF” label.

Contributing code

For contributing code, we will follow Chromium's process as much as possible. The main exceptions are:

  1. Code has to conform to the existing style and not Chromium/Google style.
  2. PDFium uses a different tool for code reviews, and credentials for the tool need to be generated before uploading a CL.
  3. PDFium is currently holding at C++11 compatibility, rejecting features that are only present in C++14 (onto which Chromium is now slowly moving).