summaryrefslogtreecommitdiff
path: root/core/fxcrt/cfx_unowned_ptr.h
AgeCommit message (Collapse)Author
2017-05-26Rename Probe() to ProbeForLowSeverityLifetimeIssue().Tom Sepez
Use name that clues in bug triage folks as I'm writing Probe -> severity low in each new bug report. Also add comment from the unlanded chromium-side CL. No functional change. Change-Id: I49399e8450eaecd1369a85ea0212bdd69b1d0824 Reviewed-on: https://pdfium-review.googlesource.com/6070 Reviewed-by: Lei Zhang <thestig@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org>
2017-05-19Back-fill some functionality for CFX_UnownedPtrTom Sepez
Add Release() method, type-convertible compares and assigns, and right hand vs. left hand comparisons. Change-Id: I96b1112e328802143d314aa6c92948f26583fa90 Reviewed-on: https://pdfium-review.googlesource.com/5731 Reviewed-by: Lei Zhang <thestig@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org>
2017-05-18Use UnownedPtr to check CFX_*StringC lifetimeschromium/3104Tom Sepez
Change interform to avoid temp StringC with dangling ptr. Change-Id: I8d8659973bcdf2cdbcaa6efa6012e4acce5f1604 Reviewed-on: https://pdfium-review.googlesource.com/5571 Commit-Queue: Tom Sepez <tsepez@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org>
2017-05-17CFX_UnownedPtr: check during assignment time as well.Tom Sepez
In particular, doing m_pPtr = nullptr; in your dtor to evade this check will not longer work. Fix slight mis-ordering observeds in CFX_Font and CPDFXFA_Context. Change-Id: I3e6137159430333b091364021283a54a13d916b5 Reviewed-on: https://pdfium-review.googlesource.com/5570 Reviewed-by: Lei Zhang <thestig@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org>
2017-05-16Introduce CFX_UnownedPtr to detect lifetime inversion issues.Tom Sepez
There are places where an object "child" has a raw pointer back to object "owner" with the understanding that owner will always outlive child. Violating this constraint can lead to use after free, but this requires finding two paths: one that frees the objects in the wrong order, and one that uses the object after the free. The purpose of this patch is to detect the constraint violation even when the second path is not hit. We create a template that is used in place of TYPE*. It's dtor, when a memory tool is present, goes out and probes the first byte of the object to which it points. Used in "child", this allows the memory tool to prove that the "owner" is still alive at the time the child is destroyed, and hence the constraint is never violated. Change-Id: I2a6d696d51dda4a79ee2f00a6752965e058a6417 Reviewed-on: https://pdfium-review.googlesource.com/5475 Commit-Queue: Tom Sepez <tsepez@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org>
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-18 04:01:08 +0000