From f15807369f2fc3c346cfe06b1d9d847de0feee1d Mon Sep 17 00:00:00 2001
From: JUN FANG <jun_fang@foxitsoftware.com>
Date: Mon, 6 Apr 2015 12:39:51 -0700
Subject: Fix a fatal error due to cloning a global document object

BUG=454595
R=tsepez@chromium.org

Review URL: https://codereview.chromium.org/1053373002
---
 fpdfsdk/src/javascript/JS_Value.cpp | 32 ++++++++++++++++++++++++++------
 1 file changed, 26 insertions(+), 6 deletions(-)

(limited to 'fpdfsdk/src/javascript/JS_Value.cpp')

diff --git a/fpdfsdk/src/javascript/JS_Value.cpp b/fpdfsdk/src/javascript/JS_Value.cpp
index 9279ff5db4..6292b8d042 100644
--- a/fpdfsdk/src/javascript/JS_Value.cpp
+++ b/fpdfsdk/src/javascript/JS_Value.cpp
@@ -202,6 +202,14 @@ void CJS_Value::operator =(CJS_Object * pObj)
 		operator = ((JSFXObject)*pObj);
 }
 
+void CJS_Value::operator = (CJS_Document* pJsDoc)
+{
+	m_eType = VT_object;
+	if (pJsDoc) {
+		m_pValue = static_cast<JSFXObject>(*pJsDoc);
+	}
+}
+
 void CJS_Value::operator =(FX_LPCWSTR pWstr)
 {
 	m_pValue = JS_NewString(m_isolate,(wchar_t *)pWstr);
@@ -344,7 +352,7 @@ void CJS_PropValue::operator <<(bool bValue)
 	CJS_Value::operator =(bValue);
 }
 
-void CJS_PropValue::operator >>(bool &bValue) const
+void CJS_PropValue::operator >>(bool& bValue) const
 {
 	ASSERT(m_bIsSetting);
 	bValue = CJS_Value::operator bool();
@@ -357,24 +365,36 @@ void CJS_PropValue::operator <<(double dValue)
 	CJS_Value::operator =(dValue);
 }
 
-void CJS_PropValue::operator >>(double &dValue) const
+void CJS_PropValue::operator >>(double& dValue) const
 {
 	ASSERT(m_bIsSetting);
 	dValue = CJS_Value::operator double();
 }
 
-void CJS_PropValue::operator <<(CJS_Object *pObj)
+void CJS_PropValue::operator <<(CJS_Object* pObj)
 {
-	ASSERT(!m_bIsSetting);
+	ASSERT(!m_bIsSetting)
 	CJS_Value::operator = (pObj);
 }
 
-void CJS_PropValue::operator >>(CJS_Object *&ppObj) const
+void CJS_PropValue::operator >>(CJS_Object*& ppObj) const
 {
-	ASSERT(m_bIsSetting);
+	ASSERT(m_bIsSetting)
 	ppObj = CJS_Value::operator CJS_Object *();
 }
 
+void CJS_PropValue::operator <<(CJS_Document* pJsDoc)
+{
+	ASSERT(!m_bIsSetting);
+	CJS_Value::operator = (pJsDoc);
+}
+
+void CJS_PropValue::operator >>(CJS_Document*& ppJsDoc) const
+{
+	ASSERT(m_bIsSetting);
+	ppJsDoc = static_cast<CJS_Document*>(CJS_Value::operator CJS_Object *());
+}
+
 void CJS_PropValue::operator<<(JSFXObject pObj)
 {
 	ASSERT(!m_bIsSetting);
-- 
cgit v1.2.3