From 6551362bc0745049a36afe493c984a43e66ea7e4 Mon Sep 17 00:00:00 2001 From: Henrique Nakashima Date: Wed, 16 Aug 2017 14:48:13 -0400 Subject: Fixing crash on mouse movement in XFA form. Bug: pdfium:868 Change-Id: Ifd39c5c7c5486560987c18e9afb6ae3d2a4b7454 Reviewed-on: https://pdfium-review.googlesource.com/11190 Reviewed-by: dsinclair Commit-Queue: Henrique Nakashima --- fpdfsdk/cpdfsdk_pageview.cpp | 24 ++++++++++++++---------- fpdfsdk/cpdfsdk_pageview.h | 2 -- 2 files changed, 14 insertions(+), 12 deletions(-) diff --git a/fpdfsdk/cpdfsdk_pageview.cpp b/fpdfsdk/cpdfsdk_pageview.cpp index 209e8de482..d2afe14de3 100644 --- a/fpdfsdk/cpdfsdk_pageview.cpp +++ b/fpdfsdk/cpdfsdk_pageview.cpp @@ -37,7 +37,6 @@ CPDFSDK_PageView::CPDFSDK_PageView(CPDFSDK_FormFillEnvironment* pFormFillEnv, m_bOwnsPage(false), #endif // PDF_ENABLE_XFA m_bEnterWidget(false), - m_bExitWidget(false), m_bOnWidget(false), m_bValid(false), m_bLocked(false), @@ -332,29 +331,37 @@ bool CPDFSDK_PageView::OnMouseMove(const CFX_PointF& point, int nFlag) { CPDFSDK_Annot::ObservedPtr pFXAnnot(GetFXAnnotAtPoint(point)); if (pFXAnnot) { if (m_pCaptureWidget && m_pCaptureWidget != pFXAnnot) { - m_bExitWidget = true; m_bEnterWidget = false; pAnnotHandlerMgr->Annot_OnMouseExit(this, &m_pCaptureWidget, nFlag); } - m_pCaptureWidget.Reset(pFXAnnot.Get()); m_bOnWidget = true; + m_pCaptureWidget.Reset(pFXAnnot.Get()); + if (!m_bEnterWidget) { m_bEnterWidget = true; - m_bExitWidget = false; pAnnotHandlerMgr->Annot_OnMouseEnter(this, &pFXAnnot, nFlag); + + // Annot_OnMouseEnter may have invalidated pFXAnnot. + if (!pFXAnnot) { + m_bOnWidget = false; + m_bEnterWidget = false; + m_pCaptureWidget.Reset(); + return true; + } } pAnnotHandlerMgr->Annot_OnMouseMove(this, &pFXAnnot, nFlag, point); return true; } + if (m_bOnWidget) { m_bOnWidget = false; - m_bExitWidget = true; m_bEnterWidget = false; if (m_pCaptureWidget) { pAnnotHandlerMgr->Annot_OnMouseExit(this, &m_pCaptureWidget, nFlag); m_pCaptureWidget.Reset(); } } + return false; } @@ -399,7 +406,8 @@ void CPDFSDK_PageView::LoadFXAnnots() { CPDFSDK_AnnotHandlerMgr* pAnnotHandlerMgr = m_pFormFillEnv->GetAnnotHandlerMgr(); - SetLock(true); + CFX_AutoRestorer lock(&m_bLocked); + m_bLocked = true; #ifdef PDF_ENABLE_XFA CFX_RetainPtr protector(m_page); @@ -410,7 +418,6 @@ void CPDFSDK_PageView::LoadFXAnnots() { XFA_TRAVERSEWAY_Form, XFA_WidgetStatus_Visible | XFA_WidgetStatus_Viewable)); if (!pWidgetHandler) { - SetLock(false); return; } @@ -422,7 +429,6 @@ void CPDFSDK_PageView::LoadFXAnnots() { pAnnotHandlerMgr->Annot_OnLoad(pAnnot); } - SetLock(false); return; } #endif // PDF_ENABLE_XFA @@ -445,8 +451,6 @@ void CPDFSDK_PageView::LoadFXAnnots() { m_SDKAnnotArray.push_back(pAnnot); pAnnotHandlerMgr->Annot_OnLoad(pAnnot); } - - SetLock(false); } void CPDFSDK_PageView::UpdateRects(const std::vector& rects) { diff --git a/fpdfsdk/cpdfsdk_pageview.h b/fpdfsdk/cpdfsdk_pageview.h index c525bfc457..face5072c7 100644 --- a/fpdfsdk/cpdfsdk_pageview.h +++ b/fpdfsdk/cpdfsdk_pageview.h @@ -88,7 +88,6 @@ class CPDFSDK_PageView final : public CPDF_Page::View { void SetValid(bool bValid) { m_bValid = bValid; } bool IsValid() { return m_bValid; } - void SetLock(bool bLocked) { m_bLocked = bLocked; } bool IsLocked() { return m_bLocked; } void SetBeingDestroyed() { m_bBeingDestroyed = true; } @@ -115,7 +114,6 @@ class CPDFSDK_PageView final : public CPDF_Page::View { bool m_bOwnsPage; #endif // PDF_ENABLE_XFA bool m_bEnterWidget; - bool m_bExitWidget; bool m_bOnWidget; bool m_bValid; bool m_bLocked; -- cgit v1.2.3