Stop holding CXFA_FFDocView::m_pFocusWidget in local variables.
It may get updated across any number of reentrant calls.
Bug: chromium:1037981
Change-Id: If35eeea75cc39f9d0ae03fe02ee7d3603a49ec65
Reviewed-on: https://pdfium-review.googlesource.com/c/pdfium/+/64530
Reviewed-by: Lei Zhang <thestig@chromium.org>
Commit-Queue: Tom Sepez <tsepez@chromium.org>
diff --git a/xfa/fxfa/cxfa_ffdocview.cpp b/xfa/fxfa/cxfa_ffdocview.cpp
index 7c21efb..ccf17bf 100644
--- a/xfa/fxfa/cxfa_ffdocview.cpp
+++ b/xfa/fxfa/cxfa_ffdocview.cpp
@@ -282,23 +282,21 @@
}
bool CXFA_FFDocView::SetFocus(CXFA_FFWidget* pNewFocus) {
- CXFA_FFWidget* pOldFocus = m_pFocusWidget.Get();
-
- if (pOldFocus == pNewFocus)
+ if (pNewFocus == m_pFocusWidget)
return false;
- if (pOldFocus) {
- CXFA_ContentLayoutItem* pItem = pOldFocus->GetLayoutItem();
+ if (m_pFocusWidget) {
+ CXFA_ContentLayoutItem* pItem = m_pFocusWidget->GetLayoutItem();
if (pItem->TestStatusBits(XFA_WidgetStatus_Visible) &&
!pItem->TestStatusBits(XFA_WidgetStatus_Focused)) {
- if (!pOldFocus->IsLoaded())
- pOldFocus->LoadWidget();
- if (!pOldFocus->OnSetFocus(pOldFocus))
- pOldFocus = nullptr;
+ if (!m_pFocusWidget->IsLoaded())
+ m_pFocusWidget->LoadWidget();
+ if (!m_pFocusWidget->OnSetFocus(m_pFocusWidget.Get()))
+ m_pFocusWidget.Reset();
}
}
- if (pOldFocus) {
- if (!pOldFocus->OnKillFocus(pNewFocus))
+ if (m_pFocusWidget) {
+ if (!m_pFocusWidget->OnKillFocus(pNewFocus))
return false;
}
@@ -306,7 +304,7 @@
if (pNewFocus->GetLayoutItem()->TestStatusBits(XFA_WidgetStatus_Visible)) {
if (!pNewFocus->IsLoaded())
pNewFocus->LoadWidget();
- if (!pNewFocus->OnSetFocus(pOldFocus))
+ if (!pNewFocus->OnSetFocus(m_pFocusWidget.Get()))
pNewFocus = nullptr;
}
}
