2
1
mirror of https://github.com/qpdf/qpdf.git synced 2025-01-09 17:53:57 +00:00
Commit Graph

67 Commits

Author SHA1 Message Date
Jay Berkenbilt
6c39aa8763 In shippable code, favor smart pointers (fixes #235)
Use PointerHolder in several places where manually memory allocation
and deallocation were being used. This helps to protect against memory
leaks when exceptions are thrown in surprising places.
2019-06-22 16:57:52 -04:00
Jay Berkenbilt
1bde5c68a3 Add QUtil::read_file_into_memory
This code was essentially duplicated between test_driver and
standalone_fuzz_target_runner.
2019-06-22 10:14:25 -04:00
Jay Berkenbilt
c6cfd64503 Rename QUtil::strcasecmp to QUtil::str_compare_nocase (fixes #242) 2019-06-21 22:29:31 -04:00
Jay Berkenbilt
a35d4ce9cc Fix bounds error in utf16_to_utf8 conversion 2019-06-21 17:40:24 -04:00
Jay Berkenbilt
d71f05ca07 Fix sign and conversion warnings (major)
This makes all integer type conversions that have potential data loss
explicit with calls that do range checks and raise an exception. After
this commit, qpdf builds with no warnings when -Wsign-conversion
-Wconversion is used with gcc or clang or when -W3 -Wd4800 is used
with MSVC. This significantly reduces the likelihood of potential
crashes from bogus integer values.

There are some parts of the code that take int when they should take
size_t or an offset. Such places would make qpdf not support files
with more than 2^31 of something that usually wouldn't be so large. In
the event that such a file shows up and is valid, at least qpdf would
raise an error in the right spot so the issue could be legitimately
addressed rather than failing in some weird way because of a silent
overflow condition.
2019-06-21 13:17:21 -04:00
Jay Berkenbilt
42306e2ff8 QUtil: add unsigned int/string functions 2019-06-21 13:17:21 -04:00
Jay Berkenbilt
b3f0dbff62 Fix Windows memory error (fixes #330) 2019-05-16 14:26:51 -04:00
Jay Berkenbilt
011695dfdf Support Unicode in filenames (fixes #298) 2019-04-20 21:00:43 -04:00
Thorsten Schöning
71b7ed9f4f "_setmode" and "_stricmp" are not available on Borland C++Builder, neither the classic one nor newer ones based on CLANG. 2019-03-11 16:58:55 -04:00
Jay Berkenbilt
e87d149918 Add QUtil::possible_repaired_encodings 2019-01-17 11:43:56 -05:00
Jay Berkenbilt
4630377731 Add status-reporting transcoders to QUtil 2019-01-17 11:43:56 -05:00
Jay Berkenbilt
8f389f14c0 QUtil::analyze_encoding 2019-01-17 11:43:56 -05:00
Jay Berkenbilt
6817ca585a Bidirectional transcoding for win, mac, pdf, utf8, utf16 2019-01-17 11:43:56 -05:00
Jay Berkenbilt
698485468a Move remaining existing transcoding to QUtil 2019-01-17 11:43:56 -05:00
Jay Berkenbilt
4ecd1df6f2 Add configure option AVOID_WINDOWS_HANDLE
If set, we avoid using Windows I/O HANDLE, which is disallowed in some
versions of the Windows SDK, such as for Windows phones.
QUtil::same_file will always return false in this case. Only applies
to Windows builds.
2019-01-10 22:35:08 -05:00
Jay Berkenbilt
b341d742db Add WinAnsi and MacRoman encoding 2019-01-05 23:01:44 -05:00
Jay Berkenbilt
3ef1b77304 Refactor QUtil::utf8_to_ascii 2019-01-05 22:59:29 -05:00
Jay Berkenbilt
089ce5902e Move utf8_to_utf16 into QUtil 2019-01-05 22:59:27 -05:00
Jay Berkenbilt
02281632cc Add QUtil::utf8_to_ascii 2019-01-03 23:18:13 -05:00
Jay Berkenbilt
fa3664357b Move numrange code from qpdf.cc to QUtil.cc
Also move tests to libtests.
2018-12-21 19:11:57 -05:00
Jay Berkenbilt
b4bdc42b4f New exception class QPDFSystemError (fixes #221) 2018-08-13 20:01:51 -04:00
Jay Berkenbilt
e44c395c51 QUtil::toUTF16 2018-06-21 15:57:13 -04:00
Jay Berkenbilt
3b2a3cdd77 Fix setLineBuf for bsd (fixes #177)
Use 0 instead of NULL in a cast.
2018-02-04 14:19:00 -05:00
Jay Berkenbilt
04e47deaf9 Fixes for clang 2018-01-14 19:18:04 -05:00
Jay Berkenbilt
3e306ae64c Add QUtil::hex_decode 2018-01-14 09:04:13 -05:00
Jay Berkenbilt
791e0db762 Allow trailing . in numeric token (fixes #165) 2018-01-13 20:05:40 -05:00
Jay Berkenbilt
6d46346eb9 Detect integer overflow/underflow 2017-08-29 12:28:32 -04:00
Jay Berkenbilt
3082e4e606 Find xref without PCRE 2017-08-10 21:30:32 -04:00
Jay Berkenbilt
8fe261d8b4 QUtil::strcasecmp 2017-08-05 10:22:33 -04:00
Jay Berkenbilt
2d5b854468 Allow reading command-line args from files (fixes #16) 2017-07-29 22:23:21 -04:00
Jay Berkenbilt
5993c3e83c Detect input file = output file (fixes #29) 2017-07-29 20:58:01 -04:00
Jay Berkenbilt
dd8dad74f4 Move lexer helper functions to QUtil 2017-07-27 13:59:56 -04:00
slurdge
8740b380fe Make windows includes lowercase (fixes #123)
For cross compiling.
2017-07-26 06:39:09 -04:00
Thorsten Schöning
b3c08f4f8d C++-Builder supports 64 Bit file functions
The 64 Bit file functions are supported by C++-Builder as well and
need to be used, else fseek will error out on larger files than 4 GB
like used in the large file test.
2016-01-24 12:07:20 -05:00
Jay Berkenbilt
6067608d93 Remove needless #ifdef _WIN32 from getWhoami 2013-12-16 16:21:28 -05:00
Jay Berkenbilt
235d8f28f8 Increase random data provider support
Add a method to get the current random data provider, and document and
test the method for resetting it.
2013-12-16 16:21:28 -05:00
Jay Berkenbilt
5e3bad2f86 Refactor random data generation
Add new RandomDataProvider object and implement existing random number
generation in terms of that.  This enables end users to supply their
own random data providers.
2013-12-14 15:17:35 -05:00
Jay Berkenbilt
478c05fcab Allow -DNO_GET_ENVIRONMENT to avoid GetEnvironmentVariable
If NO_GET_ENVIRONMENT is #defined at compile time on Windows, do not
call GetEnvironmentVariable.  QUtil::get_env will always return
false.  This option is not available through configure.  This was
added to support a specific user's requirements to avoid calling
GetEnvironmentVariable from the Windows API.  Nothing in qpdf outside
the test coverage system in qtest relies on QUtil::get_env.
2013-11-30 15:58:32 -05:00
Jay Berkenbilt
ac9c1f0d56 Security: replace operator[] with at
For std::string and std::vector, replace operator[] with at.  This was
done using an automated process.  See README.hardening for details.
2013-10-18 10:45:14 -04:00
Jay Berkenbilt
4229457068 Security: use a secure random number generator
If not available, give an error.  The user may also configure qpdf to
use an insecure random number generator.
2013-10-18 10:45:12 -04:00
Jay Berkenbilt
c2e91d8ec3 Security: keep cur_byte pointing into bytes array 2013-10-09 19:50:07 -04:00
Jay Berkenbilt
403bb68d33 Run spelling checker 2013-04-14 14:36:25 -04:00
Jay Berkenbilt
fd64959398 Favor strerror_s and fopen_s on MSVC
Make remaining calls to fopen and strerror use strerror_s and fopen_s
on MSVC.
2013-03-05 13:35:46 -05:00
Jay Berkenbilt
ac4deac187 Call QUtil::safe_fopen in place of fopen
fopen was previuosly called wrapped by QUtil::fopen_wrapper, but
QUtil::safe_fopen does this itself, which is less cumbersome.
2013-03-05 13:35:46 -05:00
Jay Berkenbilt
a51ae10b8d Remove all calls to sprintf 2013-03-05 13:35:46 -05:00
Jay Berkenbilt
6b9297882e Mark secure CRT warnings with comment
Put a specific comment marker next to every piece of code that MSVC
gives warning 4996 for.  This warning is generated for calls to
functions that Microsoft considers insecure or deprecated.  This
change is in preparation for fixing all these cases even though none
of them are actually incorrect or insecure as used in qpdf.  The
comment marker makes them easier to find so they can be fixed in
subsequent commits.
2013-03-05 13:33:32 -05:00
Jay Berkenbilt
8be8277613 Rewrite QUtil::int_to_string and QUtil::double_to_string
Make them safer by avoiding any internal limits and replacing sprintf
with std::ostringstream.
2013-03-04 16:45:16 -05:00
Jay Berkenbilt
30027481f7 Remove all old-style casts from C++ code 2013-03-04 16:45:16 -05:00
Jay Berkenbilt
32b62035ce Replace many calls to sprintf with QUtil::hex_encode
Add QUtil::hex_encode to encode binary data has a hexadecimal string,
and use it in place of sprintf where possible.
2013-03-04 16:45:15 -05:00
Jay Berkenbilt
4eccb9d87b Add random number functions to QUtil 2012-12-31 10:32:32 -05:00