| <<<Back 1 day (to 2020/01/12) | Fwd 1 day (to 2020/01/14)>>> | 20200113 |
Robin_Watts | ator, paulgardiner: More fun and excitement with validation stuff: https://git.ghostscript.com/?p=user/robin/mupdf.git;a=shortlog;h=refs/heads/validate-form-changes | 15:14.41 |
| The first 4 commits I think have been looked at before. | 15:15.00 |
| But I'd like to get them in now (so if someone could nod at them again, that'd be great). | 15:15.56 |
| The next one is a useful utility function that you may have opinions on. | 15:16.15 |
| The next one is the updated validation one that seems to work on the examples I've tried. | 15:16.42 |
| and I'm going to keep tweaking the GL one for a bit. | 15:16.56 |
ator | might want to have sebras look through the size_t one, he's a lot better at spotting issues with that sort of thing than I am | 15:18.25 |
| we're always going to be at odds with typedef enum. I like it being blindingly obvious that it's an enum and not a struct. | 15:19.53 |
Robin_Watts | It compiles without warnings on VS and Linux. | 15:20.03 |
| We use typedef enum *EVERYWHERE* in mupdf. | 15:20.19 |
ator | I know, so I'm going to let it pass (but as you noticed, I'll still grumble) | 15:20.54 |
Robin_Watts | ok :) | 15:21.09 |
| grumble accepted. | 15:21.14 |
ator | pdf_walk_tree_kid calls the callback for non-leaf nodes too | 15:22.26 |
Robin_Watts | ator: It does. | 15:22.39 |
| (deliberately, I think) | 15:25.20 |
ator | name trees forbid Names on nodes that have Kids | 15:26.08 |
| so all content must be in leaf nodes (or the root node if it's also a leaf node) | 15:26.23 |
Robin_Watts | ator: This is to be used for trees of annots. | 15:26.36 |
ator | same with number trees | 15:26.38 |
Robin_Watts | which can have /V at any point. | 15:26.46 |
ator | The AcroForm /Fields array? | 15:26.58 |
Robin_Watts | could be. | 15:27.06 |
ator | okay, so basically any tree-like structure that has a "Kids" entry that may or may not be an array? | 15:27.34 |
Robin_Watts | so if you're wanting to walk a tree and process /V's as you go, getting called for non-leaf is important. | 15:27.35 |
| Yes. | 15:27.39 |
ator | right. do we care about the order (do we call fn before or after walking the children?) | 15:27.54 |
Robin_Watts | We *could* have 2 callbacks, one for leaf, one for non-leaf ? | 15:28.05 |
ator | I'd assume we want to call it before walking the kids if processing fields | 15:28.06 |
| nah, should be fine I think for PDF | 15:28.19 |
| if it matters, you can distinguish leaf and non-leaf by the presence or absence of what you're looking at in the callback | 15:28.39 |
Robin_Watts | We call the callback after the kids currently. I can change that. | 15:28.55 |
ator | I think if say pritning or flattening the field hierarchy, having parents before kids makes sense | 15:29.21 |
Robin_Watts | ok. | 15:29.26 |
ator | but I don't have a strong opinion, if you have a use case that works the way it is now I'm fine with that too | 15:29.49 |
sebras | Robin_Watts: for "Squash warning in x64 build of mu-office-test." are we asserting on cookie to make sure that we don't get a warning about cookie being unused? using intptr_t all over seem reasonable though. also why are load_progress() and load_error() both 1234 whilc render_progress() is 5678, wouldn't having separate value for each call be even better? | 15:29.55 |
Robin_Watts | ator: updated. | 15:30.27 |
| sebras: looking | 15:30.30 |
| sebras: It's intended more as a demonstration to people reading the code that the value passes through (cos it's kinda example code) | 15:31.24 |
sebras | Robin_Watts: Re: "Fix 64bit MSVS builds of OpenSSL variants." I can't have too much useful input on. I simply trust you did it right. :) | 15:31.27 |
Robin_Watts | I can't comment on why I picked those values. Cut and Paste I suspect. | 15:31.52 |
sebras | Robin_Watts: right, then they could all have been the same value or unique, it doesn't really matter. the commit itself LGTM. | 15:32.24 |
| Robin_Watts: the msvs build also LGTM. | 15:32.37 |
Robin_Watts | Ta. | 15:32.42 |
sebras | ator: git checkout robin/master; make tags; vim -t pdf_supports_signatures; E431: Format error in tags file "tags" Before byte 54 E426: tag not found: pdf_supports_signatures | 15:45.15 |
| and then head -15 tags lists !_TAG_FILE_FORMAT only on the 13th line. | 15:45.46 |
| ator: is this something you've experienced? | 15:45.52 |
| it happens repeatedly here, but I don't know why. | 15:46.17 |
| and rm tags; ctags -R causes the same issue. | 15:46.47 |
| and no LC_COLLATE LANG and LANGUAGE are not involved (unsetting them results in the same issue). | 15:49.06 |
ator | I cannot find pdf_supports_signatures with grep | 15:50.31 |
| I think you mean checkout robin/validate-form-changes | 15:51.12 |
| in which case, no, I can run vim -t pdf_supports_signatures with the expected results | 15:51.33 |
sebras | ator: yes, that's what I meant, and that's what I did, just not what I wrote. | 15:51.34 |
Robin_Watts | pdf_supports_signatures is in libpkcs7 thing. | 15:52.25 |
| source/helpers/pkcs7/pkcs7-check.c | 15:52.48 |
ator | sebras: Exuberant Ctags 5.9~svn20110310 | 15:53.03 |
sebras | ator: I found the offender. I have a stringprep directory in ~/src/mupdf and its contents causes ctags to misbehave. | 15:53.39 |
| I have the same ctags btw. | 15:53.51 |
| ator: found out why. I have been looking at possibly implementing stringprep before, when doing so I was looking at heimdal that implements stringprep. when closning that I also got this file: https://github.com/heimdal/heimdal/blob/master/lib/hcrypto/libtommath/tommath.tex | 16:07.15 |
| ator: and ctags tries to process that file. :( | 16:07.29 |
ator | Robin_Watts: several warnings with "e52497273 Add functions to validate changes within a PDF file." on linux with clang | 16:10.43 |
| source/pdf/pdf-object.c:384:13: warning: comparison of unsigned expression < 0 is always false | 16:11.02 |
Robin_Watts | Ta, will look. | 16:11.03 |
ator | source/helpers/pkcs7/pkcs7-openssl.c:257:33: error: incomplete result type 'enum pdf_signature_error' in function definition | 16:11.09 |
| source/helpers/pkcs7/pkcs7-openssl.c:318:9: error: returning 'int' from a function with incompatible result type 'enum pdf_signature_error' | 16:11.15 |
| source/helpers/pkcs7/pkcs7-openssl.c:418:19: warning: comparison of integers of different signs: 'int' and 'size_t' (aka 'unsigned long') | 16:11.22 |
| source/helpers/pkcs7/pkcs7-openssl.c:450:19: warning: comparison of integers of different signs: 'int' and 'size_t' (aka 'unsigned long') | 16:11.29 |
| source/helpers/pkcs7/pkcs7-openssl.c:818:19: warning: comparison of integers of different signs: 'int' and 'size_t' (aka 'unsigned long') | 16:11.34 |
| actually, that last one is on origin/master too now | 16:12.19 |
| seems like the #ifndef HAVE_LIBCRYPTO else- | 16:12.54 |
| branch has not been updated | 16:12.59 |
| we should back out 713f1d693 from origin/master IMO. I'm surprised it even clustered. | 16:13.55 |
| do we not have openssl installed on the cluster machines? | 16:14.09 |
Robin_Watts | on phone, sorry | 16:17.25 |
sebras | ator: I agree, how did 713f1d693 end up on master? wasn't that the one I was supposed to look at? | 16:21.29 |
| (I was still looking, getting side tracked by ctags misbehaving) | 16:21.49 |
| ator: gcc 9.2.1-21 complains the same way. | 16:22.22 |
| Robin_Watts: can't we use SIZE_MAX for the length check in pkcs7_openssl_check_digest()? we already use SIZE_MAX in source/fitz/store.c::fz_store_scavenge(). | 16:25.26 |
Robin_Watts | f7401522b was the one for sebras to look at (still on phone) | 16:26.56 |
sebras | Robin_Watts: hm. or even better INT_MAX since that's what we cast it to. | 16:27.02 |
| ator: will you back 713f1d693 out in the mean time? | 16:27.55 |
| ator: or do we wait for Robin? | 16:28.00 |
ator | I'm going to be lazy and let Robin do it, so I don't have to look up how to fix the cluster afterwards :) | 16:28.40 |
sebras | ator: ok. | 16:29.50 |
| ator: btw, I wanted signed bignums everywhere. | 16:30.59 |
ator | sebras: I want to give up C altogether, and its insane integer promotion madness | 16:31.31 |
sebras | ator: maybe we should be looking into reimplementing all of this is lisp? | 16:31.49 |
| ator: I'm happy we have tools helping us, but it's annoying that we can't get rid of this whole class of bugs and then prevent committing the same bugs again in the future. | 16:32.45 |
ator | Go or Rust seems to be two ways of doing it, with plenty of drawbacks of their own. | 16:33.46 |
| like rewriting the whole code base. | 16:34.03 |
sebras | ator: I know, I'm not really being serious. | 16:34.56 |
Robin_Watts | ok, back. | 16:36.37 |
| so let me see what I did wrong in that commit. | 16:36.44 |
| Oh, i see, I screwed it up cos I rebased the order of commits. | 16:37.17 |
sebras | git grep -B2 'too large' source/ reveals that we usually use _MAX for comparisons in these cases. using INT_MAX here seems sane to me. | 16:37.19 |
Robin_Watts | will fix. | 16:37.27 |
sebras | Robin_Watts: ok. let me know when it's done. | 16:37.35 |
| Robin_Watts: will you use INT_MAX too? | 16:37.43 |
Robin_Watts | I have yet to understand that part. | 16:37.59 |
| ok, force pushed. | 16:40.59 |
| cluster reset | 16:41.05 |
sebras | Robin_Watts: we cast sig_len to int before passing to BIO_new_mem_buf(), so we ought to check sig_len against INT_MAX. | 16:41.25 |
Robin_Watts | And if it's not OK, what do we do? | 16:50.39 |
sebras | Robin_Watts: why wouldn't that be ok? | 16:51.24 |
| Robin_Watts: or what do you mean? you add a fz_throw() now, and that's ok by me. | 16:51.37 |
Robin_Watts | right. fz_throw. | 16:51.45 |
sebras | Robin_Watts: hm.. wait. can we do that? | 16:52.20 |
| perhaps this ties in with pedros changes which also use these things. | 16:52.52 |
Robin_Watts | OK, updated tree: https://git.ghostscript.com/?p=user/robin/mupdf.git;a=shortlog;h=refs/heads/validate-form-changes | 16:54.09 |
| https://git.ghostscript.com/?p=user/robin/mupdf.git;a=commitdiff;h=4aba68cf41f5430a8b98c94f71e70c38615ae263 that is now much simpler. | 16:54.26 |
| The size_t changes are deferred to the next commit with all the others. | 16:54.44 |
sebras | looks. | 16:56.05 |
| Robin_Watts: I worry that we typedef here only because I know pedro is already looking at my halfdone API changes. | 16:57.00 |
| Robin_Watts: it would be trivial to fix though. | 16:57.24 |
Robin_Watts | yeah. That'll be the least of his problems :) | 16:57.53 |
| It's the right thing to do longterm, so he'd have to take it on at some point (IMAO) | 16:58.22 |
sebras | Robin_Watts: "Move pdf_signature_error to be a typedef enum." is now indeed much simpler and I think we can push that. | 16:58.31 |
Robin_Watts | Ta. | 16:58.37 |
| Just waiting for a confirmatory cluster test and I'll push. | 16:58.53 |
| Now to look at your INT_MAX issue. | 16:59.03 |
sebras | Robin_Watts: re typedef vs enum: I can probably be convinced either way. I don't really know what the pros/cons are here. | 16:59.30 |
Robin_Watts | sebras: Less to type :) | 16:59.53 |
sebras | thanks for merging all the size_t changes into a single commit. that makes more sense. :) | 17:00.02 |
Robin_Watts | yeah, I should have done it like that to start with, but I reordered them to get the "less contentious" ones in first. | 17:00.39 |
sebras | Robin_Watts: ator's point about clarity is not wrong either. though I personally use ctags (as seen before) so I mostly have to look up non standard types anyway. | 17:01.22 |
| and when it is a return value without a pointer it is quite unlikely to be struct. | 17:01.35 |
Robin_Watts | sebras: There is an argument that says it shouldn't matter if it's a struct or an enum. It's conceptually a "thing". It only matters when you compare it to something, at which point it's obvious. | 17:02.40 |
| In the same way that I hate saying "struct foo" everywhere, I hate saying "enum foo". | 17:03.16 |
| But yes, this may be a matter of personal taste. | 17:03.25 |
sebras | Robin_Watts: I think it might be, yes. | 17:03.35 |
| personally I don't mind typing out struct/enum so for me that is non-issue. | 17:04.04 |
Robin_Watts | All those stray "enum"s read like warts in the source code :) | 17:04.12 |
sebras | anyway, your argument about us using typedef for enums elsewhere makes sense to me. | 17:04.35 |
| Robin_Watts: Re: warts :) | 17:05.02 |
| Robin_Watts: did you sort out the INT_MAX issue? | 17:05.20 |
| wait.. | 17:05.55 |
| you have pdf_check_digest() returning enum pdf_signaure_error in 4aba68cf4 | 17:06.55 |
| this causes a compilation error now. | 17:07.03 |
Robin_Watts | yeah, cluster test just failed for that. will fix. | 17:16.08 |
| OK, new version up, reclustering... | 17:21.22 |
sebras | Robin_Watts: 4e2132762 has issues to. you forgot to update include/mupdf/helpers/pkcs7-check.h with size_t | 17:37.11 |
| and include/mupdf/helpers/pkcs7-openssl.h | 17:37.32 |
Robin_Watts | yeah, I'm working on that now. git merges swallowed some changes :( | 17:38.09 |
sebras | it seems like you forgot int->size_t in pkcs7_openssl_check_digest() | 17:38.13 |
| rebase or merge? | 17:38.36 |
sebras | never merges, hence the surprise. | 17:38.45 |
Robin_Watts | rebase | 17:39.18 |
sebras | fixing those things leaves thre compilation warnings in pkcs7_openssl_check_certificate(), pkcs7_openssl_check_digest() and pkcs7_openssl_designated_name(). | 17:39.28 |
| Robin_Watts: ok. | 17:39.31 |
Robin_Watts | when it resolves conflicts, it swallowed stuff. | 17:39.36 |
sebras | I'll pop out for second. | 17:39.38 |
| I'll be back in a bit. | 17:39.52 |
| back. | 18:05.59 |
| Robin_Watts: how about if (sig_len > (size_t) INT_MAX) instead of if ((int)sig_len != sig_len) ? | 18:07.25 |
Robin_Watts | You prefer that? | 18:07.35 |
sebras | Robin_Watts: doesn't it better express what we want to do? | 18:07.49 |
Robin_Watts | Any function reason, or just stylistic? | 18:07.54 |
| does it? | 18:07.57 |
sebras | I get warnings | 18:08.02 |
Robin_Watts | If ((int)sig_len != sig_len) expresses exactly what I want to check. | 18:08.18 |
sebras | source/helpers/pkcs7/pkcs7-openssl.c:450:19: warning: comparison of integer expressions of different signedness: ‘int’ and ‘size_t’ {aka ‘long unsigned int’} [-Wsign-compare] | 18:08.20 |
Robin_Watts | If "sig_len as an int" is different to "sig_len as a size_t"... | 18:08.48 |
| well, that's a good reason :) | 18:08.55 |
| I'll update to your preferred formulation. | 18:09.08 |
| Just fighting stuff on peeved so I can do test builds there. | 18:09.22 |
sebras | I'm not sure mine is better, but something needs to change for the warning to go away. | 18:09.25 |
| Robin_Watts: sure, no problems. | 18:09.36 |
| Robin_Watts: tyt | 18:09.42 |
Robin_Watts | pkg-config on peeved appears to find none of the packages we use. | 18:18.50 |
| not freetype, certainly not libcrypto | 18:19.15 |
sebras | Robin_Watts: isn't freetype cloned recursively? | 18:19.37 |
Robin_Watts | Yes, but libcrypto isn't. | 18:20.12 |
| but sudo apt-get install libcrypto tells me it's already installed. | 18:20.39 |
sebras | Robin_Watts: Robin_Watts: aren't we testing for that with pkg-config --exists 'libcrypto >= 1.1.0' and then not setting HAVE_LIBCRYPTO if it is the wrong version? | 18:20.51 |
Robin_Watts | but pkg-config --exists libcrypto doesn't fins it. | 18:20.57 |
| so I tried to pkg-config --exists freetype, and even that isn't found. | 18:21.15 |
sebras | that's freetype2, isnt it? | 18:21.41 |
| Robin_Watts: you installed libssl-dev right? | 18:22.14 |
| to get libcrypto.pc in /usr/lib/x86_64-linux-gnu/pkgconfig/libcrypto.pc ? | 18:22.30 |
Robin_Watts | I have now, and pkg-config --exists libcrypto still gives me nothing. | 18:23.12 |
| oh, it's a return code thing. gah. | 18:23.34 |
| I was hoping for a path to be printed. | 18:23.39 |
sebras | it is. | 18:23.42 |
| pkg-config --cflags libcrypto migth help? | 18:23.50 |
| or --debug for the adventurous. | 18:24.14 |
Robin_Watts | S'OK, found it now, thanks. | 18:24.44 |
| OK, now it fails to find any of the openssl header files. | 18:27.31 |
| or at least, is failing to find BIO_meth_.... | 18:27.51 |
| sebras: I've pushed a new version with the fixes in, I hope. | 18:29.21 |
sebras | takes a look. | 18:32.53 |
| Robin_Watts: with that new version it compiles without warnings. | 18:34.05 |
Robin_Watts | sebras: Fab. | 18:34.14 |
| So, I just need a lgtm and I can push it. | 18:34.27 |
| It must be very late where you are. Don't feel obliged to stay up for this! | 18:34.41 |
sebras | Robin_Watts: a bit, but not too bad. | 18:34.56 |
| Robin_Watts: in pdf_set_str_len() becuase newlen is now size_t we no longer needs to check for < 0 and I think the cast of newlen to (unsigned int) can now be removed, right? | 18:36.59 |
Robin_Watts | yup (to both). will fix. | 18:38.09 |
sebras | Robin_Watts: in pdf_format_key() we call pdf_sprint_obj() with int n as size_t cap and size_t *t as len. | 18:41.11 |
| Robin_Watts: shouldn't int n in the declaration really be size_t n? | 18:41.23 |
| but that would change the function pointers in fz_store_type. | 18:41.40 |
Robin_Watts | that would indeed change the function pointers in fz_store_type. | 18:42.09 |
sebras | I think that would be more correct, but that makes the patch larger, and you might think it is worth it? | 18:42.10 |
Robin_Watts | Which may be OK, but... what you just said :) | 18:42.19 |
| Let me try it and see how far that balloons. | 18:42.40 |
sebras | it would definitely touch all format_key() callbacks. | 18:42.58 |
Robin_Watts | yeah, but there are only 2 of them. | 18:43.42 |
| 4 of them. | 18:44.13 |
| loads of the buggers :) | 18:44.44 |
| but all tiny changes. will add to the commit. | 18:45.26 |
sebras | good to hear. | 18:47.58 |
| hm.. perhaps we should change | 18:48.08 |
| the type of len in PDFObject_asByteString() to size_t. | 18:48.37 |
| all other places where we call pdf_to_str_len() we actually size_t already. (except for pdf_to_str_len() but that would then balloon into mujs). | 18:49.26 |
Robin_Watts | ok, pushed with the tiny changes. | 18:50.23 |
| Let me look at your new thing... | 18:50.30 |
| yes. | 18:51.42 |
| I can't parse that last sentence. | 18:52.10 |
| Well, I can parse it, I can't grok it. | 18:52.23 |
sebras | the only problem is that NewByteArray() then takes a jsize, which surprisingly is typedef jint jsize; which is typedef int jint;.... | 18:52.32 |
| Robin_Watts: I pasted the wrong thing! | 18:52.54 |
| ffi_PDFObject_valueOf() also calls pdf_to_str_len() but changing ffi_PDFObject_valueOf() would mean changing mujs. | 18:53.28 |
| so probably not worth it. | 18:53.36 |
Robin_Watts | I'm lost now. | 18:53.56 |
| what were you suggesting changing that isn't worth changing? | 18:54.07 |
| oh, just that last thing, right. | 18:54.38 |
sebras | ffi_PDFObject_valueOf() calls pdf_to_str_len() and casts its return value to int. | 18:54.45 |
| but I think fixing that might not be worth it because it would mean extra checks in murun or changing the functions in mujs as well. | 18:55.11 |
Robin_Watts | sebras: jsize probably varies in size depending on 32 or 64 bit builds? | 18:55.16 |
| no, jsize is jint which is "long". | 18:56.51 |
sebras | http://cr.openjdk.java.net/~ngmr/vmi.00/html/jni__md_8h.html#ad6e59d976b9b5bae7a19d746bd2879c1 | 18:57.12 |
Robin_Watts | We'd need jlong which is 64bit. | 18:57.13 |
sebras | seems to depend on who you ask. | 18:57.18 |
Robin_Watts | yeah, the docs I was looking at was oracle. | 18:57.38 |
sebras | in IBMs java jsize is jlong which they clearly stated was 64 bits. | 18:57.45 |
Robin_Watts | in any event it's a mess, and let's not touch it. | 18:57.49 |
sebras | nope. | 18:57.52 |
Robin_Watts | So, let me cluster that one last time... | 18:58.21 |
sebras | Robin_Watts: pdf_set_text_field_value() sets selStart/selEnd to -1. | 18:58.33 |
| and pdf_js_event_result_keystroke() sets selStart as an int. | 18:59.32 |
| same for selEnd of course. | 18:59.40 |
Robin_Watts | Well, the mujs stuff is "safe". | 19:00.31 |
| I propose we change -1 to be (size_t)-1 | 19:00.46 |
| So people can still check against the "special value", but they need to do so explicitly. | 19:01.17 |
sebras | if we do that won't we change how selStart/selEnd are interpreted in source/pdf/js/util.js.h ? | 19:01.24 |
| there is a checl if event.selStart >= 0 there. | 19:01.43 |
Robin_Watts | Gah. Cos of the stupid one.c thing, vs doesn't pick that up on searches :( | 19:02.30 |
sebras | oh, vs doesn't index any generated files? | 19:03.13 |
Robin_Watts | Not when I search "Entire Solution" it seems. | 19:03.42 |
sebras | Robin_Watts: I think the .h file in this case comes from source/pdf/js/util.js but since that is in javascript perhaps vs doesn't know that selStart in that language is the same as in C. | 19:04.24 |
| or at least related. | 19:04.29 |
Robin_Watts | mujs is going to fall in a heap for any size > INTMAX though. | 19:05.29 |
| so let's just cast it to an int for that test. | 19:05.48 |
sebras | Robin_Watts: it probably would, yes. | 19:06.11 |
| Robin_Watts: how are int64_t and size_t related? | 19:10.56 |
Robin_Watts | int64_t is always at least 64bits. | 19:11.07 |
| signed. | 19:11.11 |
sebras | Robin_Watts: and size_t is able to represent the larges possible object, right? | 19:11.25 |
| i.e. whatever is the maximum value sizeof() can return. | 19:11.35 |
Robin_Watts | size_t is an unsigned int at least as big as ptrdiff_t | 19:11.39 |
| size_t is to do with the largest block of memory you can have. | 19:12.07 |
| hence 32bit on 32bit systems, 64 on 64bit systems. | 19:12.27 |
sebras | in complete_signatures() we now call pdf_array_push_int() which takes int64_t, but we give it size_t. | 19:12.44 |
| not that I think we'll ever have values > 2**63-1. :) | 19:13.27 |
| I'm surprised vs doesn't complain about that signedness thing though. | 19:13.45 |
Robin_Watts | so size_t will be cast to int64_t, which is fine until someone figures out how to make a PDF file that allocates more than 2^63 bytes. | 19:13.57 |
| oh, wait.... | 19:14.26 |
sebras | for what? | 19:14.51 |
Robin_Watts | in util.js, where we have "if (event.selStart >= 0)", that's js code. | 19:15.35 |
| not C. | 19:15.40 |
sebras | it is. | 19:15.40 |
| nope. | 19:15.42 |
Robin_Watts | It's javascript code, put into a block for compilation into C. It is not C code. | 19:16.23 |
sebras | correct. | 19:16.34 |
| that is an apt observation. | 19:16.44 |
Robin_Watts | So, event.selStart is checking the thing that is set up by pdf_js_event_result_keystroke | 19:17.25 |
sebras | yes. | 19:18.20 |
Robin_Watts | No, sorry, it's pdf_js_event_init_keystroke | 19:18.30 |
| That takes the event->selStart (size_t), casts it to a double, and puts that into the js value. | 19:19.05 |
sebras | Robin_Watts: well. pdf_js_event_init_keystroke() sets it up for the javascript to use, and after the event handle has returned I'd assume that pdf_js_event_result_keystroke() runs and if rc is != 0 then selStart/selEnd are updated in C-world depending on what changes happened in js | 19:20.06 |
Robin_Watts | so (size_t)-1 will give it conniptions. | 19:20.10 |
| js_pushnumber(js->imp, (int64_t)event->selStart); will be safer. | 19:20.38 |
| That will make it signed, then it'll convert to double without loss (in all the cases we care about). | 19:20.55 |
| js_tryinteger will bugger it up on the way out of course... | 19:21.55 |
sebras | Robin_Watts: what caused you to change selStart/selEnd to size_t? | 19:22.17 |
Robin_Watts | you did :) | 19:22.26 |
sebras | Robin_Watts: perhaps that is easier fix in another way? | 19:22.31 |
| Robin_Watts: I did? | 19:22.59 |
Robin_Watts | It's a knockon effect of pdf_to_str_len | 19:23.31 |
sebras | Robin_Watts: is it? I can't find that pdf_to_str_len() called anywhere related to selStart/selEnd..? | 19:24.39 |
Robin_Watts | sebras: And now, nor can I. | 19:24.50 |
sebras | Robin_Watts: I think selStart/selEnd originated in a 64-bit warning in vs. | 19:26.13 |
| Robin_Watts: but I don't know where it was. perhaps there is another solution to that that doesn't involve mujs? | 19:26.35 |
Robin_Watts | rebuilding now, we'll see... | 19:26.43 |
| OK, this builds OK, and has the selStart/selEnd stuff removed. | 19:29.33 |
| Let me clustertest. | 19:29.43 |
sebras | Robin_Watts: ok. | 19:29.51 |
Robin_Watts | Oh, I hit the 500 of everything mark, and I'm about 4 days away from having every upgrade. Curse you. | 19:30.48 |
sebras | Robin_Watts: :) | 19:31.02 |
| Robin_Watts: I wonder what happens then. | 19:31.08 |
| copystream | 19:31.37 |
Robin_Watts | Well, it'll take another year to get level 10 of everything which is required to get every achievement. | 19:31.51 |
sebras | in copystream() we have a size_t len which we cast to int before passing it to pdf_encrypted_len() which now takes a size_t. | 19:32.39 |
| pdf_encrypted_len() also returns size_t which we supply into a pdf_dict_put_int() that takes int64_t. presumably this is not a problem. | 19:33.05 |
| but the initial cast to int ought to be possible to remove..? | 19:33.17 |
Robin_Watts | (int) -> (int64_t) I think. | 19:33.46 |
sebras | why? | 19:33.57 |
| len is already size_t, just pass it as is? | 19:34.06 |
Robin_Watts | no, sorry, was misreading. | 19:34.08 |
| pdf_dict_put_int takes an int64_t. | 19:34.23 |
sebras | and if pdf_encrypted_len() returns > 2**63-1 we're in trouble for other reasons. | 19:34.44 |
Robin_Watts | so we're getting away with implicitly casting a sign change. | 19:34.45 |
sebras | Robin_Watts: I don't understand what you mean. we're casting the argument to pdf_encrypted_len(), not its return value. | 19:35.55 |
Robin_Watts | pdf_encrypted_len returns a size_t. | 19:36.11 |
sebras | how does adding a cast help us? | 19:36.12 |
Robin_Watts | which is passed as an int64_t. | 19:36.18 |
| no one has spotted a compiler whining about this, so hence "we've been getting away with it". | 19:36.47 |
| If compilers aren't going to care, I don't either. | 19:37.58 |
| New version pushed. | 19:39.40 |
sebras | Robin_Watts: it is fun that we change pdf_add_codespace() to take size_t because the size of the lexing buffer is size_t. I wonder if we won't croak way earlier if we encounter a cmap string > 2**32 chars. | 19:45.16 |
Robin_Watts | oh, I'm sure we will :) | 19:47.51 |
| latest version cleared the cluster. | 19:48.34 |
sebras | if you change fz_write_base64() you ought to update docs/api/io.html | 19:57.52 |
Robin_Watts | done. | 20:00.03 |
| sebras: Any second now, I'm going to be called away by Helen. | 20:01.00 |
sebras | Robin_Watts: do we need to expclitly cast the -1 in pdf_process_stream() when assigning cookie->progress_max? | 20:01.03 |
| yeah, but this is likely my last question! :) | 20:01.18 |
Robin_Watts | I don't think we need to cast at assignment time. | 20:01.25 |
| no compiler has complained. | 20:01.29 |
sebras | let me try clang for good measure. | 20:02.11 |
Robin_Watts | just 1 sec... | 20:02.26 |
| ok, new version. | 20:02.51 |
sebras | Robin_Watts: clang doesnt' complain either. | 20:03.26 |
Robin_Watts | Fab. | 20:03.31 |
| so, if you're happy, I'll push that in a mo. | 20:03.39 |
sebras | fetches. | 20:03.39 |
| Robin_Watts: LGTM "Fix various APIs to use size_t's for lengths." | 20:04.51 |
Robin_Watts | Thanks. | 20:04.57 |
sebras | I haven't looked at the pdf_walk_tree onwards. that will be tomorrow. | 20:05.03 |
Robin_Watts | tor looked at that, and paul at the next one. | 20:05.13 |
| I have lgtm's for them already. | 20:05.20 |
sebras | ok. | 20:05.27 |
Robin_Watts | so no need to trouble yourself. Thanks again for this. | 20:05.45 |
sebras | Robin_Watts: sorry to be a PITA, but I hope that the commit is even better now. :) | 20:05.50 |
Robin_Watts | No problem - much appreciated. This is why I like code reviews! | 20:06.11 |
| (and git) | 20:06.14 |
sebras | I specifically like rebase. | 20:06.22 |
Robin_Watts | yeah. | 20:06.26 |
sebras | now I'll go to bed. see ya! | 20:06.44 |
Robin_Watts | I like the ability to like to world, and rewrite my mistakes out of existence. | 20:06.47 |
| night. | 20:06.49 |
| s/like to/lie to the/ | 20:07.04 |
malc_ | sebras: https://stackoverflow.com/questions/10168079/why-is-size-t-unsigned | 20:09.23 |
| <<<Back 1 day (to 2020/01/12) | Forward 1 day (to 2020/01/14)>>> | |