pdfium.git - Unnamed repository; edit this file 'description' to name the repository.

diff options

author	Lei Zhang <thestig@chromium.org>	2015-09-15 16:57:43 -0700
committer	Lei Zhang <thestig@chromium.org>	2015-09-15 16:57:43 -0700
commit	3c468f9d8077b00acae6dc4ed38e9638ae348924 (patch)
tree	94efdf1ad27e901e8083d15a5cad8f1eeeb4fe96 /.gitignore
parent	f44089285c40a6887666dfb2bdd00bf7c6dcb8d9 (diff)
download	pdfium-3c468f9d8077b00acae6dc4ed38e9638ae348924.tar.xz

Merge to M46: Fix heap use after free in CPDFSDK_Annot::GetPDFAnnot.

Use two seperate loops to kill current focus annot and to release annots in current page. Loop to kill current focus annot is run first, so it will not access deleted annots. BUG=507316 TBR=tsepez@chromium.org TEST=Reproduction steps mentioned in issue 507316 should not crash chrome. Unit test added to pdfium. Run pdfium_embeddertests.exe. Review URL: https://codereview.chromium.org/1312313006 . (cherry picked from commit 9241e5a43990859f6f9a94aaa2c488d0451039e3) Review URL: https://codereview.chromium.org/1348433003 .

Diffstat (limited to '.gitignore')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: