From 77417ec9e1312a75407f8ab46dd46f777a1742f1 Mon Sep 17 00:00:00 2001 From: Tom Sepez Date: Wed, 19 Jul 2017 16:46:22 -0700 Subject: Make CPWL_Wnd classes be observable. This is another case where JS may lead to destruction of an object far away from where we are holding it. Bug: 737023 Change-Id: I994d5425184b8c00b5cfaeb95dbb5032a6e09edb Reviewed-on: https://pdfium-review.googlesource.com/8350 Reviewed-by: dsinclair Commit-Queue: Tom Sepez --- fpdfsdk/formfiller/cffl_combobox.cpp | 15 ++++----------- fpdfsdk/formfiller/cffl_listbox.cpp | 15 ++++----------- fpdfsdk/formfiller/cffl_textfield.cpp | 10 ++++------ fpdfsdk/pdfwindow/cpwl_wnd.h | 2 +- 4 files changed, 13 insertions(+), 29 deletions(-) diff --git a/fpdfsdk/formfiller/cffl_combobox.cpp b/fpdfsdk/formfiller/cffl_combobox.cpp index 6af65de643..175ccb7409 100644 --- a/fpdfsdk/formfiller/cffl_combobox.cpp +++ b/fpdfsdk/formfiller/cffl_combobox.cpp @@ -231,19 +231,12 @@ CPWL_Wnd* CFFL_ComboBox::ResetPDFWindow(CPDFSDK_PageView* pPageView, SaveState(pPageView); DestroyPDFWindow(pPageView); - - CPWL_Wnd* pRet = nullptr; - - if (bRestoreValue) { + if (bRestoreValue) RestoreState(pPageView); - pRet = GetPDFWindow(pPageView, false); - } else { - pRet = GetPDFWindow(pPageView, true); - } - - m_pWidget->UpdateField(); - return pRet; + CPWL_Wnd::ObservedPtr pRet(GetPDFWindow(pPageView, !bRestoreValue)); + m_pWidget->UpdateField(); // May invoke JS, invalidating pRet. + return pRet.Get(); } #ifdef PDF_ENABLE_XFA diff --git a/fpdfsdk/formfiller/cffl_listbox.cpp b/fpdfsdk/formfiller/cffl_listbox.cpp index 11206e2b87..4a6264d6dc 100644 --- a/fpdfsdk/formfiller/cffl_listbox.cpp +++ b/fpdfsdk/formfiller/cffl_listbox.cpp @@ -189,17 +189,10 @@ CPWL_Wnd* CFFL_ListBox::ResetPDFWindow(CPDFSDK_PageView* pPageView, SaveState(pPageView); DestroyPDFWindow(pPageView); - - CPWL_Wnd* pRet = nullptr; - - if (bRestoreValue) { + if (bRestoreValue) RestoreState(pPageView); - pRet = GetPDFWindow(pPageView, false); - } else { - pRet = GetPDFWindow(pPageView, true); - } - - m_pWidget->UpdateField(); - return pRet; + CPWL_Wnd::ObservedPtr pRet(GetPDFWindow(pPageView, !bRestoreValue)); + m_pWidget->UpdateField(); // May invoke JS, invalidating pRet. + return pRet.Get(); } diff --git a/fpdfsdk/formfiller/cffl_textfield.cpp b/fpdfsdk/formfiller/cffl_textfield.cpp index 70bc202fbf..d598419c1b 100644 --- a/fpdfsdk/formfiller/cffl_textfield.cpp +++ b/fpdfsdk/formfiller/cffl_textfield.cpp @@ -238,14 +238,12 @@ CPWL_Wnd* CFFL_TextField::ResetPDFWindow(CPDFSDK_PageView* pPageView, SaveState(pPageView); DestroyPDFWindow(pPageView); - - CPWL_Wnd* pRet = nullptr; - if (bRestoreValue) RestoreState(pPageView); - pRet = GetPDFWindow(pPageView, !bRestoreValue); - m_pWidget->UpdateField(); - return pRet; + + CPWL_Wnd::ObservedPtr pRet(GetPDFWindow(pPageView, !bRestoreValue)); + m_pWidget->UpdateField(); // May invoke JS, invalidating pRet. + return pRet.Get(); } #ifdef PDF_ENABLE_XFA diff --git a/fpdfsdk/pdfwindow/cpwl_wnd.h b/fpdfsdk/pdfwindow/cpwl_wnd.h index dfe5dc0ab0..56fbb21baa 100644 --- a/fpdfsdk/pdfwindow/cpwl_wnd.h +++ b/fpdfsdk/pdfwindow/cpwl_wnd.h @@ -168,7 +168,7 @@ struct PWL_CREATEPARAM { CFX_Matrix mtChild; // ignore }; -class CPWL_Wnd : public CPWL_TimerHandler { +class CPWL_Wnd : public CPWL_TimerHandler, public CFX_Observable { public: CPWL_Wnd(); ~CPWL_Wnd() override; -- cgit v1.2.3