From 7c5d090719a25f0c1b81fb6b46544b9394a7fdd2 Mon Sep 17 00:00:00 2001 From: weili Date: Thu, 1 Sep 2016 14:39:41 -0700 Subject: Fix leaks due to created popup annotations When we create popup annotations, we also create the dictionary associated with it. For regular annotations, the dictionary associated with an annotation is not owned by annotation, and will be released separately. But our created dictionary is not associated with any other data structure, it would be leaked if not released by the associated annotation. Add a boolean to indicate the ownership to the dictionary, and release the owned dictionary during the destruction of an annotation. BUG=pdfium:242 Review-Url: https://codereview.chromium.org/2301613002 --- core/fpdfdoc/cpdf_annot.cpp | 9 +++++++-- core/fpdfdoc/cpdf_annotlist.cpp | 4 ++-- core/fpdfdoc/include/cpdf_annot.h | 8 ++++++-- 3 files changed, 15 insertions(+), 6 deletions(-) diff --git a/core/fpdfdoc/cpdf_annot.cpp b/core/fpdfdoc/cpdf_annot.cpp index 6525ff620c..942d334a2d 100644 --- a/core/fpdfdoc/cpdf_annot.cpp +++ b/core/fpdfdoc/cpdf_annot.cpp @@ -18,8 +18,11 @@ #include "core/fxge/include/cfx_pathdata.h" #include "core/fxge/include/cfx_renderdevice.h" -CPDF_Annot::CPDF_Annot(CPDF_Dictionary* pDict, CPDF_Document* pDocument) - : m_pAnnotDict(pDict), +CPDF_Annot::CPDF_Annot(CPDF_Dictionary* pDict, + CPDF_Document* pDocument, + bool bToOwnDict) + : m_bOwnedAnnotDict(bToOwnDict), + m_pAnnotDict(pDict), m_pDocument(pDocument), m_bOpenState(false), m_pPopupAnnot(nullptr) { @@ -28,6 +31,8 @@ CPDF_Annot::CPDF_Annot(CPDF_Dictionary* pDict, CPDF_Document* pDocument) } CPDF_Annot::~CPDF_Annot() { + if (m_bOwnedAnnotDict) + m_pAnnotDict->Release(); ClearCachedAP(); } diff --git a/core/fpdfdoc/cpdf_annotlist.cpp b/core/fpdfdoc/cpdf_annotlist.cpp index 61122ed59b..631978175c 100644 --- a/core/fpdfdoc/cpdf_annotlist.cpp +++ b/core/fpdfdoc/cpdf_annotlist.cpp @@ -43,7 +43,7 @@ std::unique_ptr CreatePopupAnnot(CPDF_Annot* pAnnot, pAnnotDict->SetAtInteger("F", 0); std::unique_ptr pPopupAnnot( - new CPDF_Annot(pAnnotDict, pDocument)); + new CPDF_Annot(pAnnotDict, pDocument, true)); pAnnot->SetPopupAnnot(pPopupAnnot.get()); return pPopupAnnot; } @@ -83,7 +83,7 @@ CPDF_AnnotList::CPDF_AnnotList(CPDF_Page* pPage) continue; m_AnnotList.push_back( - std::unique_ptr(new CPDF_Annot(pDict, m_pDocument))); + std::unique_ptr(new CPDF_Annot(pDict, m_pDocument, false))); if (bRegenerateAP && pDict->GetStringBy("Subtype") == "Widget" && CPDF_InterForm::IsUpdateAPEnabled()) { FPDF_GenerateAP(m_pDocument, pDict); diff --git a/core/fpdfdoc/include/cpdf_annot.h b/core/fpdfdoc/include/cpdf_annot.h index 82b3d3ca31..eb9f02a717 100644 --- a/core/fpdfdoc/include/cpdf_annot.h +++ b/core/fpdfdoc/include/cpdf_annot.h @@ -72,7 +72,7 @@ class CPDF_Annot { const CFX_ByteString& sSubtype); static CFX_ByteString AnnotSubtypeToString(CPDF_Annot::Subtype nSubtype); - CPDF_Annot(CPDF_Dictionary* pDict, CPDF_Document* pDocument); + CPDF_Annot(CPDF_Dictionary* pDict, CPDF_Document* pDocument, bool bToOwnDict); ~CPDF_Annot(); CPDF_Annot::Subtype GetSubtype() const; @@ -101,7 +101,11 @@ class CPDF_Annot { private: void GenerateAPIfNeeded(); - CPDF_Dictionary* const m_pAnnotDict; + // For regular annotations, |m_pAnnotDict| is not owned. For + // our artificially created popup annotations, |m_pAnnotDict| + // is owned by this class. + bool m_bOwnedAnnotDict; + CPDF_Dictionary* m_pAnnotDict; CPDF_Document* const m_pDocument; CPDF_Annot::Subtype m_nSubtype; std::map> m_APMap; -- cgit v1.2.3