Fix UAF in SaveData on all of CFFL_* types.

Bug: 756427 Change-Id: I8e31d96c6f3b83a6464ed69c95225362c50386d1 Reviewed-on: https://pdfium-review.googlesource.com/15870 Commit-Queue: Tom Sepez <tsepez@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
author: Luật Nguyễn <manhluat93.php@gmail.com> 2017-10-10 12:39:22 +0800
committer: Chromium commit bot <commit-bot@chromium.org> 2017-10-10 20:12:46 +0000
commit: 1886471c3432dee4d9a9be5678a757dde8717652 (patch)
tree: 437dd29735be2351e475819798e40edddf41b50b /fpdfsdk/formfiller/cffl_combobox.cpp
parent: dd002931a16a99b0c6e6ae7b6cba9d4dafb27e18 (diff)
download: pdfium-1886471c3432dee4d9a9be5678a757dde8717652.tar.xz
1 files changed, 6 insertions, 1 deletions
diff --git a/fpdfsdk/formfiller/cffl_combobox.cpp b/fpdfsdk/formfiller/cffl_combobox.cpp
index ab34a650c5..d9b12f5d3c 100644
--- a/fpdfsdk/formfiller/cffl_combobox.cpp
+++ b/fpdfsdk/formfiller/cffl_combobox.cpp
@@ -108,11 +108,16 @@ void CFFL_ComboBox::SaveData(CPDFSDK_PageView* pPageView) {
     m_pWidget->GetSelectedIndex(0);
     m_pWidget->SetOptionSelection(nCurSel, true, false);
   }
+  CPDFSDK_Widget::ObservedPtr observed_widget(m_pWidget.Get());
+  CFFL_ComboBox::ObservedPtr observed_this(this);
 
   m_pWidget->ResetFieldAppearance(true);
+  if (!observed_widget)
+    return;
   m_pWidget->UpdateField();
+  if (!observed_widget || !observed_this)
+    return;
   SetChangeMark();
-
   m_pWidget->GetPDFPage();
 }
author	Luật Nguyễn <manhluat93.php@gmail.com>	2017-10-10 12:39:22 +0800
committer	Chromium commit bot <commit-bot@chromium.org>	2017-10-10 20:12:46 +0000
commit	1886471c3432dee4d9a9be5678a757dde8717652 (patch)
tree	437dd29735be2351e475819798e40edddf41b50b /fpdfsdk/formfiller/cffl_combobox.cpp
parent	dd002931a16a99b0c6e6ae7b6cba9d4dafb27e18 (diff)
download	pdfium-1886471c3432dee4d9a9be5678a757dde8717652.tar.xz