Avoid crash above CFWL_ListItem::GetText()

The issue at hand is caused by a raw pointer rather than a
retained pointer in InheritedData::m_pFontFamily. But the
larger issue is that it's bad to Get() raw pointers from
these, especially when its so cheap to pass them by const
reference.

One reason to Get() a raw pointer is to aid in down-casts, so
add a helper to CFX_RetainPtr to give us downcasted retained
pointers.

BUG=pdfium:665

Change-Id: Ic8624af09664ff603de2e1fda8dbde0cf889f80d
Reviewed-on: https://pdfium-review.googlesource.com/2871
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>

1 files changed, 4 insertions, 2 deletions

diff --git a/xfa/fde/css/cfde_csscomputedstyle.cpp b/xfa/fde/css/cfde_csscomputedstyle.cpp
index 50247420be..01872d18fc 100644
--- a/xfa/fde/css/cfde_csscomputedstyle.cpp
+++ b/xfa/fde/css/cfde_csscomputedstyle.cpp
@@ -33,8 +33,8 @@ int32_t CFDE_CSSComputedStyle::CountFontFamilies() const {
 }
 
 const CFX_WideString CFDE_CSSComputedStyle::GetFontFamily(int32_t index) const {
-  return static_cast<CFDE_CSSStringValue*>(
-             m_InheritedData.m_pFontFamily->GetValue(index))
+  return m_InheritedData.m_pFontFamily->GetValue(index)
+      .As<CFDE_CSSStringValue>()
       ->Value();
 }
 
@@ -180,6 +180,8 @@ CFDE_CSSComputedStyle::InheritedData::InheritedData()
       m_eFontStyle(FDE_CSSFontStyle::Normal),
       m_eTextAlign(FDE_CSSTextAlign::Left) {}
 
+CFDE_CSSComputedStyle::InheritedData::~InheritedData() {}
+
 CFDE_CSSComputedStyle::NonInheritedData::NonInheritedData()
     : m_MarginWidth(FDE_CSSLengthUnit::Point, 0),
       m_BorderWidth(FDE_CSSLengthUnit::Point, 0),