From 6551362bc0745049a36afe493c984a43e66ea7e4 Mon Sep 17 00:00:00 2001 From: Henrique Nakashima Date: Wed, 16 Aug 2017 14:48:13 -0400 Subject: Fixing crash on mouse movement in XFA form. Bug: pdfium:868 Change-Id: Ifd39c5c7c5486560987c18e9afb6ae3d2a4b7454 Reviewed-on: https://pdfium-review.googlesource.com/11190 Reviewed-by: dsinclair Commit-Queue: Henrique Nakashima --- fpdfsdk/cpdfsdk_pageview.cpp | 24 ++++++++++++++---------- 1 file changed, 14 insertions(+), 10 deletions(-) (limited to 'fpdfsdk/cpdfsdk_pageview.cpp') diff --git a/fpdfsdk/cpdfsdk_pageview.cpp b/fpdfsdk/cpdfsdk_pageview.cpp index 209e8de482..d2afe14de3 100644 --- a/fpdfsdk/cpdfsdk_pageview.cpp +++ b/fpdfsdk/cpdfsdk_pageview.cpp @@ -37,7 +37,6 @@ CPDFSDK_PageView::CPDFSDK_PageView(CPDFSDK_FormFillEnvironment* pFormFillEnv, m_bOwnsPage(false), #endif // PDF_ENABLE_XFA m_bEnterWidget(false), - m_bExitWidget(false), m_bOnWidget(false), m_bValid(false), m_bLocked(false), @@ -332,29 +331,37 @@ bool CPDFSDK_PageView::OnMouseMove(const CFX_PointF& point, int nFlag) { CPDFSDK_Annot::ObservedPtr pFXAnnot(GetFXAnnotAtPoint(point)); if (pFXAnnot) { if (m_pCaptureWidget && m_pCaptureWidget != pFXAnnot) { - m_bExitWidget = true; m_bEnterWidget = false; pAnnotHandlerMgr->Annot_OnMouseExit(this, &m_pCaptureWidget, nFlag); } - m_pCaptureWidget.Reset(pFXAnnot.Get()); m_bOnWidget = true; + m_pCaptureWidget.Reset(pFXAnnot.Get()); + if (!m_bEnterWidget) { m_bEnterWidget = true; - m_bExitWidget = false; pAnnotHandlerMgr->Annot_OnMouseEnter(this, &pFXAnnot, nFlag); + + // Annot_OnMouseEnter may have invalidated pFXAnnot. + if (!pFXAnnot) { + m_bOnWidget = false; + m_bEnterWidget = false; + m_pCaptureWidget.Reset(); + return true; + } } pAnnotHandlerMgr->Annot_OnMouseMove(this, &pFXAnnot, nFlag, point); return true; } + if (m_bOnWidget) { m_bOnWidget = false; - m_bExitWidget = true; m_bEnterWidget = false; if (m_pCaptureWidget) { pAnnotHandlerMgr->Annot_OnMouseExit(this, &m_pCaptureWidget, nFlag); m_pCaptureWidget.Reset(); } } + return false; } @@ -399,7 +406,8 @@ void CPDFSDK_PageView::LoadFXAnnots() { CPDFSDK_AnnotHandlerMgr* pAnnotHandlerMgr = m_pFormFillEnv->GetAnnotHandlerMgr(); - SetLock(true); + CFX_AutoRestorer lock(&m_bLocked); + m_bLocked = true; #ifdef PDF_ENABLE_XFA CFX_RetainPtr protector(m_page); @@ -410,7 +418,6 @@ void CPDFSDK_PageView::LoadFXAnnots() { XFA_TRAVERSEWAY_Form, XFA_WidgetStatus_Visible | XFA_WidgetStatus_Viewable)); if (!pWidgetHandler) { - SetLock(false); return; } @@ -422,7 +429,6 @@ void CPDFSDK_PageView::LoadFXAnnots() { pAnnotHandlerMgr->Annot_OnLoad(pAnnot); } - SetLock(false); return; } #endif // PDF_ENABLE_XFA @@ -445,8 +451,6 @@ void CPDFSDK_PageView::LoadFXAnnots() { m_SDKAnnotArray.push_back(pAnnot); pAnnotHandlerMgr->Annot_OnLoad(pAnnot); } - - SetLock(false); } void CPDFSDK_PageView::UpdateRects(const std::vector& rects) { -- cgit v1.2.3