diff options
| author | Ryan Harrison <rharrison@chromium.org> | 2017-10-05 14:14:03 -0400 |
|---|---|---|
| committer | Chromium commit bot <commit-bot@chromium.org> | 2017-10-05 18:41:55 +0000 |
| commit | 569817cfffe7410765c97c6deebef3a795bac0f6 (patch) | |
| tree | 1883255ec29b390a35d91b5ee4dc3b087fa06bc2 /fpdfsdk/javascript | |
| parent | 1a45ce380ec6776ac100017c68a4b8643983d2db (diff) | |
| download | pdfium-569817cfffe7410765c97c6deebef3a795bac0f6.tar.xz | |
Add ObservedPtr to catch Widget being killed by JS
Another case of a call causing JS to run, which can remove a widget
that is called later.
BUG=chromium:771979
Change-Id: I5f25a38097662b70cfb777f76f0e3d50e7c11b1b
Reviewed-on: https://pdfium-review.googlesource.com/15610
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
Reviewed-by: Henrique Nakashima <hnakashima@chromium.org>
Diffstat (limited to 'fpdfsdk/javascript')
| -rw-r--r-- | fpdfsdk/javascript/Field.cpp | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/fpdfsdk/javascript/Field.cpp b/fpdfsdk/javascript/Field.cpp index a89df16158..da0e60cc18 100644 --- a/fpdfsdk/javascript/Field.cpp +++ b/fpdfsdk/javascript/Field.cpp @@ -324,16 +324,21 @@ void Field::UpdateFormControl(CPDFSDK_FormFillEnvironment* pFormFillEnv, CPDFSDK_Widget* pWidget = pForm->GetWidget(pFormControl); if (pWidget) { + CPDFSDK_Widget::ObservedPtr observed_widget(pWidget); if (bResetAP) { int nFieldType = pWidget->GetFieldType(); if (nFieldType == FIELDTYPE_COMBOBOX || nFieldType == FIELDTYPE_TEXTFIELD) { bool bFormatted = false; WideString sValue = pWidget->OnFormat(bFormatted); + if (!observed_widget) + return; pWidget->ResetAppearance(bFormatted ? &sValue : nullptr, false); } else { pWidget->ResetAppearance(nullptr, false); } + if (!observed_widget) + return; } if (bRefresh) { |